Sam Andre
2009-Feb-12 23:41 UTC
[Puppet Users] "Could not find server puppet" - installation/configuration error
Started the discussion in puppet users mailing list based on recommendation from luke. This discussion is to a follow up regarding bug#1955 "Could not find server puppet" - installation/configuration error". jamtur01''s last recommendation: Rather than renaming things try the certname option (see http://reductivelabs.com/trac/puppet/wiki/ConfigurationReference). But let''s start from scratch - it''s too hard to work out what you''ve changed. 1. Create a new puppet.conf on the client - Don''t change any of the settings. 2. Delete any old client certificates on the client and master. 3. Restart puppetmasterd 4. Start puppetd - puppetd --verbose --debug --trace --no-daemonize -- server hostname.domain --certname hostname.domain Post the results back. Are you on IM or IRC? ++++++++++++++++ Below is the results after running (meteor) root:/opt/csw/bin # ./puppetd --verbose --debug --trace --no- daemonize --server core4.adcom.uci.edu --certname core4.adcom.uci.edu debug: Creating default schedules debug: Failed to load library ''ldap'' for feature ''ldap'' debug: Failed to load library ''shadow'' for feature ''libshadow'' debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[main]/File [/var/opt/csw/puppet/state]: Autorequiring File[/var/opt/csw/puppet] debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[main]/File [/etc/opt/csw/puppet/ssl]: Autorequiring File[/etc/opt/csw/puppet] debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[ssl]/File[/ etc/opt/csw/puppet/ssl/certs]: Autorequiring File[/etc/opt/csw/puppet/ ssl] debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[main]/File [/var/opt/csw/puppet/lib]: Autorequiring File[/var/opt/csw/puppet] debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[ssl]/File[/ etc/opt/csw/puppet/ssl/private]: Autorequiring File[/etc/opt/csw/ puppet/ssl] debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[puppetd]/ File[/etc/opt/csw/puppet/puppet.conf]: Autorequiring File[/etc/opt/csw/ puppet] debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[main]/File [/var/opt/csw/puppet/log]: Autorequiring File[/var/opt/csw/puppet] debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[ssl]/File[/ etc/opt/csw/puppet/ssl/public_keys]: Autorequiring File[/etc/opt/csw/ puppet/ssl] debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[main]/File [/var/opt/csw/puppet/run]: Autorequiring File[/var/opt/csw/puppet] debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[ssl]/File[/ etc/opt/csw/puppet/ssl/private_keys]: Autorequiring File[/etc/opt/csw/ puppet/ssl] debug: Finishing transaction 3282048 with 0 changes info: Creating a new certificate request for core4.adcom.uci.edu info: Creating a new SSL key at /etc//opt/csw/puppet/ssl/private_keys/ core4.adcom.uci.edu.pem debug: Calling puppetca.getcert warning: peer certificate won''t be verified in this SSL session notice: Did not receive certificate debug: Calling puppetca.getcert warning: Other end went away; restarting connection and retrying warning: peer certificate won''t be verified in this SSL session notice: Did not receive certificate ++++++++++++++++ The following are the steps that I took in core4 (puppetmaster server). (Because I am new to puppet and because I may have left off some important installation steps, I''ve included the steps below.) To install puppet in the client server, I performed the same steps below except for initiating the puppetmasterd and creating site.pp. (core4) root:/adm/users/andresl # ps -ef|grep puppet root 17266 17264 0 12:37:53 pts/1 0:00 grep puppet (core4) root:/adm/users/andresl # svcs -a|grep puppet disabled Feb_10 svc:/network/puppetd:default (core4) root:/adm/users/andresl # /usr/bin/rm -r /etc/opt/csw/puppet (core4) root:/adm/users/andresl # /usr/bin/rm -r /var/opt/csw/puppet removed puppet entries in /etc/passwd, /etc/group, and /etc/shadow (core4) root:/adm/users/andresl # yes | /opt/csw/bin/pkgutil CSWpuppet -r (core4) root:/adm/users/andresl # pkginfo -l|grep CSW|grep PKGINST PKGINST: CSWpkgutil (core4) root:/var/opt/csw # yes | /opt/csw/bin/pkgutil -i CSWpuppet (core4) root:/var/opt/csw # pkginfo -l|grep CSW|grep PKGINST PKGINST: CSWaspell PKGINST: CSWbdb3 PKGINST: CSWbzip2 PKGINST: CSWcommon PKGINST: CSWexpat PKGINST: CSWfacter PKGINST: CSWgcc4corert PKGINST: CSWgcc4g++rt PKGINST: CSWgdbm PKGINST: CSWgfile PKGINST: CSWggettext PKGINST: CSWiconv PKGINST: CSWisaexec PKGINST: CSWncurses PKGINST: CSWosslrt PKGINST: CSWpkgutil PKGINST: CSWpuppet PKGINST: CSWreadline PKGINST: CSWruby PKGINST: CSWsunmath PKGINST: CSWzlib (core4) root:/etc/puppet # mkdir manifests (core4) root:/etc/puppet # vi manifests/site.pp file { "/etc/sudoers": owner => root, group => root, mode => 440 } (core4) root:/opt/csw/bin # ./puppetmasterd --mkusers -v (meteor) root:/opt/csw/bin # ./puppetd --verbose --debug --trace --no- daemonize --server core4.adcom.uci.edu --certname core4.adcom.uci.edu debug: Creating default schedules debug: Failed to load library ''ldap'' for feature ''ldap'' debug: Failed to load library ''shadow'' for feature ''libshadow'' debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[main]/File [/var/opt/csw/puppet/state]: Autorequiring File[/var/opt/csw/puppet] debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[main]/File [/etc/opt/csw/puppet/ssl]: Autorequiring File[/etc/opt/csw/puppet] debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[ssl]/File[/ etc/opt/csw/puppet/ssl/certs]: Autorequiring File[/etc/opt/csw/puppet/ ssl] debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[main]/File [/var/opt/csw/puppet/lib]: Autorequiring File[/var/opt/csw/puppet] debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[ssl]/File[/ etc/opt/csw/puppet/ssl/private]: Autorequiring File[/etc/opt/csw/ puppet/ssl] debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[puppetd]/ File[/etc/opt/csw/puppet/puppet.conf]: Autorequiring File[/etc/opt/csw/ puppet] debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[main]/File [/var/opt/csw/puppet/log]: Autorequiring File[/var/opt/csw/puppet] debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[ssl]/File[/ etc/opt/csw/puppet/ssl/public_keys]: Autorequiring File[/etc/opt/csw/ puppet/ssl] debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[main]/File [/var/opt/csw/puppet/run]: Autorequiring File[/var/opt/csw/puppet] debug: /Settings[/etc//opt/csw/puppet/puppet.conf]/Settings[ssl]/File[/ etc/opt/csw/puppet/ssl/private_keys]: Autorequiring File[/etc/opt/csw/ puppet/ssl] debug: Finishing transaction 3282048 with 0 changes info: Creating a new certificate request for core4.adcom.uci.edu info: Creating a new SSL key at /etc//opt/csw/puppet/ssl/private_keys/ core4.adcom.uci.edu.pem debug: Calling puppetca.getcert warning: peer certificate won''t be verified in this SSL session notice: Did not receive certificate (core4) root:/opt/csw/bin # facter domain => YP.adcom.uci.edu facterversion => 1.5.2 fqdn => core4.YP.adcom.uci.edu hardwareisa => sparc hardwaremodel => sun4v hostname => core4 interfaces => lo0,e1000g0 ipaddress => 128.200.235.71 ipaddress_e1000g0 => 128.200.235.71 kernel => SunOS kernelrelease => 5.10 kernelversion => 5.10 macaddress => 0:14:4f:2:5c:7e macaddress_e1000g0 => 0:14:4f:2:5c:7e netmask_e1000g0 => 255.255.255.224 operatingsystem => Solaris operatingsystemrelease => 10_u5 ps => ps -ef puppetversion => 0.24.7 rubysitedir => /opt/csw/lib/ruby/site_ruby/1.8 rubyversion => 1.8.7 sshdsakey => AAAAB3NzaC1kc3MAAACBANmXV6SFPirKW1AbldTqwTJKlCpuV/ MiQA7uIBh7dchIU2v5cEMNSaixc7iGucCzlJvRElFZNlu +j8VcZc62tfLy5cWGiZIM1IVJRZTx +cl7yvCC3MYcDd9EMQV60akonSMbFgCacBMRIntYl2VonuuHMzjIoKIMYfYHB8vbaSKjAAAAFQC24hy7Sx5Ze7SVT3p4CBVKVtS0ZQAAAIEAyik4x5B4Kzd5xV5rNhBBm98MlQZu +Lj6xllNj9rbAMpm7iSUzQTLyCRF4bmWwRrvmOemNiAx8cvNLoa9gx2ZvMTN3L42ly1tuoeU6CeZR/ Y0J+OrydW6bt+TpSSjVkX7S8Vl7xY4a5Ueb860ng75P6cJ7ae3G5+c0EsfOV1RN/ gAAACBAJcwMB/Wk7W3O49LIbT7dawJFTYxzHcwtzf20Yz/cu +8Nvgu8K1ypGX0E9+OKBSO2Ma0mKO0psydnX9esQ4leYlfStoFugMo9BAiRihdCW +da5jnTalwUec3ZZmxFuysM2E6zSeYsL8szwneKkP+qTgotYb6AdbcBoNo+y1ytyEb sshrsakey => AAAAB3NzaC1yc2EAAAABIwAAAIEA6hDmXmctZ5ObFr7ciHKZ+jlC4wWG +YhOl5fZVbu0XAZang7pcxPH+5zT0fIVXPWPw3DeHW5O +Z8CpcI8zNpbXSVygE3xpW9uHgn/ Nj03nL7TvQfms945fl4Va8Lk8x76YTfBIwW1HscQ6cbXMiIcmX +uMh9aaXSOW32Wr5aP3rEuniqueid => 84025c7e --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
James Turnbull
2009-Feb-12 23:51 UTC
[Puppet Users] Re: "Could not find server puppet" - installation/configuration error
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sam Andre wrote:> Started the discussion in puppet users mailing list based on > recommendation from luke. This discussion is to a follow up regarding > bug#1955 "Could not find server puppet" - installation/configuration > error". > > jamtur01''s last recommendation: > Rather than renaming things try the certname option (see > http://reductivelabs.com/trac/puppet/wiki/ConfigurationReference). > > But let''s start from scratch - it''s too hard to work out what you''ve > changed. > > 1. Create a new puppet.conf on the client - Don''t change any of the > settings. > 2. Delete any old client certificates on the client and master. > 3. Restart puppetmasterd > 4. Start puppetd - puppetd --verbose --debug --trace --no-daemonize -- > server hostname.domain --certname hostname.domain >As I said in the ticket - can you see the certificate signing request? # puppetca --list Thanks James Turnbull - -- Author of: * Pulling Strings with Puppet (http://www.amazon.com/gp/product/1590599780/) * Pro Nagios 2.0 (http://www.amazon.com/gp/product/1590596099/) * Hardening Linux (http://www.amazon.com/gp/product/1590594444/) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkmUthgACgkQ9hTGvAxC30DeWQCgl9fuICeieC0t/cKxqZZ+voDH eZQAoMzo9nVFUoaUO7HLlRygBDB2h6Ov =uGV1 -----END PGP SIGNATURE----- --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
James Turnbull
2009-Feb-13 00:00 UTC
[Puppet Users] Re: "Could not find server puppet" - installation/configuration error
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 James Turnbull wrote:> Sam Andre wrote: > > Started the discussion in puppet users mailing list based on > > recommendation from luke. This discussion is to a follow up regarding > > bug#1955 "Could not find server puppet" - installation/configuration > > error". > > > jamtur01''s last recommendation: > > Rather than renaming things try the certname option (see > > http://reductivelabs.com/trac/puppet/wiki/ConfigurationReference). > > > But let''s start from scratch - it''s too hard to work out what you''ve > > changed. > > > 1. Create a new puppet.conf on the client - Don''t change any of the > > settings. > > 2. Delete any old client certificates on the client and master. > > 3. Restart puppetmasterd > > 4. Start puppetd - puppetd --verbose --debug --trace --no-daemonize -- > > server hostname.domain --certname hostname.domain > > > As I said in the ticket - can you see the certificate signing request? > > # puppetca --listFor the benefit of the list the CSR is there ... now we can: # puppetca --sign core4.adcom.uci.edu Then try to connect and I think you''ll find your problem resolved. I recommend re-reading the documentation the steps for new client are: 1. Start puppetd client 2. Certificate request generated and sent to master 3. Sign certificate on master with puppetca 4. Either restart puppetd or use --waitforcert to wait to get signed cert 5. Client is now authorised. Cheers James Turnbull - -- Author of: * Pulling Strings with Puppet (http://www.amazon.com/gp/product/1590599780/) * Pro Nagios 2.0 (http://www.amazon.com/gp/product/1590596099/) * Hardening Linux (http://www.amazon.com/gp/product/1590594444/) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkmUuCgACgkQ9hTGvAxC30AXFwCfcY0D1A7JxEL0qFBIfPWO2WR0 qYQAnj6NEnGM60kCr6eL3OaQTc6TPvjl =ZRS3 -----END PGP SIGNATURE----- --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
Seemingly Similar Threads
- Packages build for Solaris ? As CSW packages ?
- problems with puppetd on some of my solaris machines
- puppetrun fails: "Certificates were not trusted"
- error SSL_connect SYSCALL returned=5 errno=0 state=SSLv2/v3 read server hello A
- Setting up puppetmaster-passenger on Debian