Hi I have some questions about puppetrun.
First my use case is that I want the server to push configuration to
the clients, just wanted to make sure that puppetrun is the correct
tools, I am not so sure b/c there is almost no documentation.
CLIENT:
On the client (the server in this case), I created /etc/puppet/
namespaceauth.conf
[puppetrunner]
allow *
(the puppet.conf is the default)
now I run,
puppetd --listen --no-daemonize --verbose
info: Starting handler for Runner
info: Starting server for Puppet version 0.24.4
info: Listening on port 8139
notice: Starting Puppet client version 0.24.4
err: Could not find server puppet: getaddrinfo: Name or service not
known
err: Could not retrieve catalog: Could not find server puppet
I dont understand why, it is trying to connect to the server, I would
expect it to await incoming connections before it does anything.
SERVER
I can verify (with telnet) that the connection exists and is
accessible to by server machine
I have created a namespaceauth.conf file on the server machine
[fileserver]
allow *
[puppetmaster]
allow *
[puppetrunner]
allow *
now, I am running the command
# puppetrun --host 172.20.66.255 --debug -f
Failed to load ruby LDAP library. LDAP functionality will not be
available
debug: Parsing /etc/puppet/puppet.conf
Finished
even when I run with --test, it does not print out my host, I have a
feeling that this only works if you are using the LDAP config?
Well, I will start reading the source code, the answer must be in
there somewhere.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---
I think that I have resolved the issue. ( now I get the following,
which I can fix!!)
warning: Certificate validation failed; considering using the certname
configuration option
Host 172.20.66.255 failed: Certificates were not trusted: hostname not
match with the server certificate
The issue has been fixed on Revision 31c17e47
if Puppet[:node_terminus] = "ldap"
if options[:all]
hosts = Puppet::Node.search("whatever").collect { |node|
node.name }
puts "all: %s" % hosts.join(", ")
else
puts "WTF!!"
# hosts = [] ##you cant just get rid of my --host entries, I
need them ;)
# classes.each do |klass|
# list = Puppet::Node.search("whatever", :class =>
klass).collect { |node| node.name }
# puts "%s: %s" % [klass, list.join(", ")]
#
# hosts += list
# end
end
I am running the last latest version, this revision was made 2 years
ago, why does version 0.24.5 not have the fix?
On Sep 3, 9:04 am, "bod...@gmail.com" <bod...@gmail.com>
wrote:> Hi I have some questions about puppetrun.
>
> First my use case is that I want the server to push configuration to
> the clients, just wanted to make sure that puppetrun is the correct
> tools, I am not so sure b/c there is almost no documentation.
>
> CLIENT:
>
> On the client (the server in this case), I created /etc/puppet/
> namespaceauth.conf
>
> [puppetrunner]
> allow *
>
> (the puppet.conf is the default)
>
> now I run,
>
> puppetd --listen --no-daemonize --verbose
>
> info: Starting handler for Runner
> info: Starting server for Puppet version 0.24.4
> info: Listening on port 8139
> notice: Starting Puppet client version 0.24.4
> err: Could not find server puppet: getaddrinfo: Name or service not
> known
> err: Could not retrieve catalog: Could not find server puppet
>
> I dont understand why, it is trying to connect to the server, I would
> expect it to await incoming connections before it does anything.
>
> SERVER
>
> I can verify (with telnet) that the connection exists and is
> accessible to by server machine
>
> I have created a namespaceauth.conf file on the server machine
>
> [fileserver]
> allow *
> [puppetmaster]
> allow *
> [puppetrunner]
> allow *
>
> now, I am running the command
>
> # puppetrun --host 172.20.66.255 --debug -f
> Failed to load ruby LDAP library. LDAP functionality will not be
> available
> debug: Parsing /etc/puppet/puppet.conf
> Finished
>
> even when I run with --test, it does not print out my host, I have a
> feeling that this only works if you are using the LDAP config?
>
> Well, I will start reading the source code, the answer must be in
> there somewhere.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---
test --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
Matthew Macdonald-Wallace
2008-Sep-03 10:16 UTC
[Puppet Users] Re: puppetrun is not doing anything
On Wed, 3 Sep 2008 01:04:38 -0700 (PDT) "bodepd@gmail.com" <bodepd@gmail.com> wrote:> err: Could not find server puppet: getaddrinfo: Name or service not > knownIf you try to ping the server by hostname from this node, does it work? I''ve had issues with puppet where if it can''t resolve the host name it dies. M. -- Matthew Macdonald-Wallace matthew@truthisfreedom.org.uk http://www.truthisfreedom.org.uk --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
I posted the solution before, dont know why its not here.
I am using version 0.24.5, there is an error in the source code (see
below), I got everything running by commenting out the following
lines:
It looked like it might be fixed in this change (even though its not
in the diffs), but the line that removes the --host entries if LDAP is
not enabled is not present in this source version.
http://www.reductiveconsulting.net/redmine/repositories/revision/puppet/31c17e47607bdebf8e2591a98e9fd6f862d3852a
#CODE CHANGES
if Puppet[:node_terminus] = "ldap"
if options[:all]
hosts = Puppet::Node.search("whatever").collect { |node|
node.name }
puts "all: %s" % hosts.join(", ")
else
puts "WTF!!"
# hosts = []
# classes.each do |klass|
# list = Puppet::Node.search("whatever", :class =>
klass).collect { |node| node.name }
# puts "%s: %s" % [klass, list.join(", ")]
#
# hosts += list
# end
end
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---
Hi> warning: Certificate validation failed; considering using the certname > configuration option > Host 172.20.66.255 failed: Certificates were not trusted: hostname not > match with the server certificatewhat is the hostname you''re connecting to and with which certname was the certificate of the master built? greets pete --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
HI I am seeing the same problem - on HP-UX talking to linux puppetmaster. The "openssl s_client -connect puppet:8140" command even returns the same CN for the host - fully qualified and the ssl folder in etc matches. Where else to look? I have this running with 20 other Linux boxes - this is my first HP system to add into the mix.. Any ideas??? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
DOH!! Never mind - I am stupid - all I had to do was put the FQDN in the puppetd test/config and t worked fine. For some reason on my linux boxes I don''t need this - but now I realize I installed the latest ruby from source on HP and on linux it is redhat 4 and has an older version. Anyway, putting the fully qualified hostname in the config did the trick. So obvious and I feel so silly.. Sorry for wasting bandwidth.. ~J~ --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
> if Puppet[:node_terminus] = "ldap" >should be if Puppet[:node_terminus] == "ldap" Note the ''extra'' The code that is there is doing an assignment and is always ''true'' --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---