Hello,
I am working on moving to a new puppetmaster. Along with this move I
am updating to Puppet 0.24.8.
As it stands, my test client can''t connect:
notice: Starting Puppet client version 0.24.8
debug: Loaded state in 0.00 seconds
debug: Retrieved facts in 1.12 seconds
debug: Retrieving catalog
debug: Calling puppetmaster.getconfig
err: Could not retrieve catalog: Could not find node
''vz200b.liquidweb.com''; cannot compile
On my puppetmaster we are using an external_nodes.py script:
### Imports
import sys
import re
import time
import yaml
### Constants
# puppet user must have read acces to this
NODEFILE = ''/etc/puppet/nodes.yaml''
# puppet user must have write access to this
LOGFILE = ''/var/log/puppet/nodes.log''
### Arguments
hostname = sys.argv[1]
### Functions
# Open NODESFILE and load the two documents into structures, return as
tuple
def parse_nodefile():
f = file(NODEFILE, ''r'')
docs = yaml.load_all(f.read())
f.close()
return (docs.next(), docs.next())
# Write a msg to LOGFILE
def log(msg):
f = file(LOGFILE, ''a'')
timestamp = time.strftime(''%Y%m%d-%H:%M'')
f.write(timestamp + '' - '' + msg + ''\n'')
f.close()
### Action!
(regexes, modules) = parse_nodefile()
for nodetype, regexlist in regexes.iteritems():
for regex in regexlist:
p = re.compile(regex)
m = p.match(hostname)
if m:
found_nodetype = nodetype
modulelist = modules[''default'']
try:
if found_nodetype and modules[found_nodetype] is not None:
modulelist.extend(modules[found_nodetype])
except NameError:
log(hostname + '' doesn\''t match a defined node
type'')
sys.exit(1)
yamldoc = {''classes'': modulelist}
print yaml.dump(yamldoc, explicit_start=True,
default_flow_style=False)
# Puppet expects a return code of 0 to signal to indicate success
# and non-zero for error or a non-regcognized hostname
sys.exit(0)
Which does work how I would expect:
[root@vpsadmins ~]# python /etc/puppet/tools/external_nodes.py
vz200b.liquidweb.com
---
classes:
- custom
- monitoring::base
- ntpd
- puppetd
- rpms
- sshd
- yum
- crontab
- iptables
- ldap::client
- monitoring::vps
- sudo
- virtuozzo
- vpsscripts
I am using a Passenger configuration on the Puppetmaster, here''s the
debug output when I attempt to connect from the client:
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: Handling request,
details:
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_CLIENT_A_KEY -> rsaEncryption
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_CLIENT_M_SERIAL -> 05
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_COMPRESS_METHOD -> NULL
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: SERVER_NAME ->
vpsadmins.liquidweb.com
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: rack.url_scheme
-> https
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: rack.run_once
-> false
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: rack.input ->
#<Rack::RewindableInput:0x2aaaac39e5f0>
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: CONTENT_LENGTH
-> 3122
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_CLIENT_S_DN_CN -> vz200b.liquidweb.com
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: SSL_CIPHER ->
RC4-SHA
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_VERSION_LIBRARY -> OpenSSL/0.9.8e-fips-rhel5
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: HTTP_USER_AGENT
-> XMLRPC::Client (Ruby
1.8.6)
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
HTTP_CONTENT_TYPE -> text/xml;
charset=utf-8
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: PATH_INFO -> /
RPC2
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: rack.request ->
#<Rack::Request:
0x2aaaac39e3e8>
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: rack.errors ->
#<IO:
0x2b3a0f5b0030>
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_SERVER_A_KEY -> rsaEncryption
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: SSL_SERVER_I_DN
-> /CN=vpsadmins.liquidweb.com
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: SSL_SERVER_S_DN
-> /CN=vpsadmins.liquidweb.com
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_SERVER_V_END -> Jun 23 04:50:02 2014 GMT
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_CLIENT_I_DN_CN -> vpsadmins.liquidweb.com
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_CLIENT_V_START -> Jun 24 07:10:24 2009 GMT
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_VERSION_INTERFACE -> mod_ssl/2.2.3
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: HTTP_HOST ->
vpsadmins.liquidweb.com:8140
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: SCRIPT_NAME ->
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: SERVER_ADDR ->
67.227.140.92
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: SERVER_PROTOCOL
-> HTTP/1.1
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_CIPHER_EXPORT -> false
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
HTTP_CONTENT_LENGTH -> 3122
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: REMOTE_ADDR ->
72.52.171.252
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: SERVER_SOFTWARE
-> Apache/2.2.3 (CentOS)
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_SERVER_S_DN_CN -> vpsadmins.liquidweb.com
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_CLIENT_V_REMAIN -> 1824
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_CIPHER_USEKEYSIZE -> 128
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: SSL_PROTOCOL ->
TLSv1
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
HTTP_X_CLIENT_DN -> /CN=vz200b.liquidweb.com
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: CONTENT_TYPE ->
text/xml; charset=utf-8
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: HTTPS -> on
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
rack.multithread -> false
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: rack.version ->
1
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: SSL_SESSION_ID
-> 2786D42F13262281101B52DCA7770A14F494BBD7633653CB7A639A42743A9947
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_SERVER_I_DN_CN -> vpsadmins.liquidweb.com
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_SERVER_V_START -> Jun 24 04:50:02 2009 GMT
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: SSL_CLIENT_I_DN
-> /CN=vpsadmins.liquidweb.com
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: SSL_CLIENT_S_DN
-> /CN=vz200b.liquidweb.com
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_CLIENT_M_VERSION -> 3
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_CIPHER_ALGKEYSIZE -> 128
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
rack.multiprocess -> true
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: DOCUMENT_ROOT
-> /home/puppet/rack/puppetmasterd/public
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: REQUEST_URI -> /
RPC2
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_SERVER_M_VERSION -> 3
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_CLIENT_A_SIG -> sha1WithRSAEncryption
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: SERVER_PORT ->
8140
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_SERVER_M_SERIAL -> 01
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_CLIENT_VERIFY -> SUCCESS
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
HTTP_X_CLIENT_VERIFY -> SUCCESS
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: QUERY_STRING ->
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: REMOTE_PORT ->
47256
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: SERVER_ADMIN ->
vpsadmins@liquidweb.com
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: _ -> _
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
HTTP_X_SSL_SUBJECT -> /CN=vz200b.liquidweb.com
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: HTTP_ACCEPT ->
*/*
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_SERVER_A_SIG -> sha1WithRSAEncryption
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_CLIENT_V_END -> Jun 23 07:10:24 2014 GMT
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: HTTP_CONNECTION
-> keep-alive
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: REQUEST_METHOD
-> POST
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: Request Body: <?xml
version="1.0"
?><methodCall><methodName>puppetmaster.getconfig</
methodName><params><param><value><string>---+%0Avirtual%3A+openvzhn
%0Aprocessor2%3A+Dual+Core+AMD+Opteron%28tm%29+Processor
+265%0Aserialnumber%3A+0123456789%0Akernel%3A+Linux%0Ais_virtual%3A+
%22false%22%0Aprocessorcount%3A+%224%22%0Arubysitedir%3A+%2Fusr%2Flib
%2Fruby%2Fsite_ruby%2F1.8%0Aprocessor3%3A+Dual+Core+AMD+Opteron%28tm
%29+Processor+265%0Alsbrelease%3A+%22%3Acore-3.0-ia32%3Acore-3.0-noarch
%3Agraphics-3.0-ia32%3Agraphics-3.0-noarch%22%0Ahardwaremodel%3A
+i686%0Auniqueid%3A+3448fcab%0Anetwork_eth0%3A
+72.52.168.0%0Aoperatingsystemrelease%3A+%224.7%22%0Auptime_seconds%3A+
%2248397832%22%0Aclientversion%3A+0.24.8%0Aswapfree%3A+5.92+GB
%0Aipaddress%3A+72.52.171.252%0Anetmask%3A
+255.255.252.0%0Aphysicalprocessorcount%3A+%222%22%0Anetwork_eth1%3A
+10.4.0.0%0Amemorysize%3A+7.91+GB%0Anetmask_eth0%3A
+255.255.252.0%0Anetmask_eth1%3A+255.255.0.0%0Atimezone%3A+EDT%0Afqdn
%3A+vz200b.liquidweb.co
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: Could not call: Could
not find node ''vz200b.liquidweb.com''; cannot compile
Here''s my config.ru:
# This file is mostly based on puppetmasterd, which is part of
# the standard puppet distribution.
require ''rack''
require ''puppet''
require ''puppet/network/http_server/rack''
# startup code stolen from bin/puppetmasterd
Puppet.parse_config
Puppet::Util::Log.level = :debug
Puppet::Util::Log.newdestination(:syslog)
# A temporary solution, to at least make the master work for now.
Puppet::Node::Facts.terminus_class = :yaml
# Cache our nodes in yaml. Currently not configurable.
Puppet::Node.cache_class = :yaml
# The list of handlers running inside this puppetmaster
handlers = {
:Status => {},
:FileServer =>
{},
:Master
=>
{},
:CA
=>
{},
:FileBucket
=>
{},
:Report
=>
{}
}
# Fire up the Rack-Server instance
server = Puppet::Network::HTTPServer::Rack.new(handlers)
# prepare the rack app
app = proc do |env|
server.process(env)
end
# Go.
run app
and my vhosts entry:
Listen 8140
<VirtualHost *:8140>
ServerAdmin vpsadmins@liquidweb.com
CustomLog logs/puppetmasterd-access_log combined
ErrorLog logs/puppetmasterd-error_log
LoadModule passenger_module /usr/lib64/ruby/gems/1.8/gems/
passenger-2.2.2/ext/apache2/mod_passenger.so
PassengerRoot /usr/lib64/ruby/gems/1.8/gems/passenger-2.2.2
PassengerRuby /usr/bin/ruby
SSLEngine on
SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA
SSLCertificateFile /var/lib/puppet/ssl/certs/
vpsadmins.liquidweb.com.pem
SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/
vpsadmins.liquidweb.com.pem
SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
# CRL checking should be enabled;
# If you have problems with Apache complaining about the CRL,
disable the next
line
SSLCARevocationFile /var/lib/puppet/ssl/ca/
ca_crl.pem
SSLVerifyClient
optional
SSLVerifyDepth
1
SSLOptions
+StdEnvVars
# The following client headers allow the same configuration to work
with Pound.
RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e
# Do not enable these at this point.
#PassengerHighPerformance on
#PassengerPoolIdleTime 1500
#PassengerStatThrottleRate 120
PassengerMaxPoolSize 12
PassengerMaxRequests 1000
RackAutoDetect On
DocumentRoot /home/puppet/rack/puppetmasterd/public
<Directory /home/puppet/rack/puppetmasterd/>
Options None
AllowOverride None
Order allow,deny
allow from all
</Directory>
</VirtualHost>
The rest of my puppet configuration is in /etc/puppet, if you need
more from there, let me know.
Anyone have any idea why I am getting this error? Any help would be
appreciated.
Thanks,
Curt Micol
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---
Christian Hofstaedtler
2009-Jun-25 13:03 UTC
[Puppet Users] Re: Issues with clients connecting
On Jun 25, 10:54 am, Curt Micol <asen...@gmail.com> wrote:> I am working on moving to a new puppetmaster. Along with this move I > am updating to Puppet 0.24.8. > > As it stands, my test client can''t connect: > notice: Starting Puppet client version 0.24.8 > debug: Loaded state in 0.00 seconds > debug: Retrieved facts in 1.12 seconds > debug: Retrieving catalog > debug: Calling puppetmaster.getconfig > err: Could not retrieve catalog: Could not find node > ''vz200b.liquidweb.com''; cannot compileIt says it can''t compile the catalog - this is _not_ a connection problem. Can you test without external nodes first? Christian --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
On Jun 25, 9:03 am, Christian Hofstaedtler <ch+...@zeha.at> wrote:> It says it can''t compile the catalog - this is _not_ a connection > problem. Can you test without external nodes first?Sorry, I mis-stated, I was aware it was connecting. However, I did test without external nodes and it appears to work. Hmm, I guess I''ll have to see what changed from the previous version of puppet we were using to 0.24.8. I should''ve tried that before, sorry for the noise. Thanks, Curt Micol --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---