We would like to avoid pre-scheduled updates in our production environment by puppet. The solution I''ve come across is to instruct the puppet agent not to update on a schedule and instead use "puppet kick" from the puppet master to force updates when we''re ready to deploy them. I can''t seem to get this to work. I have asked around the IRC channel and received a few pointers, but it''s still not working correctly. I''ve added the "listen true" line to the puppet.conf file on each node, as well as creating a namespaceauth.conf file on each node, with wide open permissions at the moment. When I attempt to run puppet kick from the master, I receive the following error: [root@admin puppet]# puppet kick -d test.foo.com Triggering test.foo.com Host test.foo.com failed: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed test.foo.com finished with exit code 2 Failed: test.foo.com I am running both the puppet master and agent services with full debugging and I do not see anything in the logs relating to this "puppet kick". Can anyone offer any insight? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
M C schreef:> We would like to avoid pre-scheduled updates in our production environment > by puppet. The solution I''ve come across is to instruct the puppet agent > not to update on a schedule and instead use "puppet kick" from the puppet > master to force updates when we''re ready to deploy them. I can''t seem to > get this to work. I have asked around the IRC channel and received a few > pointers, but it''s still not working correctly. I''ve added the "listen > true" line to the puppet.conf file on each node, as well as creating a > namespaceauth.conf file on each node, with wide open permissions at the > moment. When I attempt to run puppet kick from the master, I receive the > following error: > > [root@admin puppet]# puppet kick -d test.foo.com > Triggering test.foo.com > Host test.foo.com failed: SSL_connect returned=1 errno=0 state=SSLv3 read > server certificate B: certificate verify failed > test.foo.com finished with exit code 2 > Failed: test.foo.com > > I am running both the puppet master and agent services with full debugging > and I do not see anything in the logs relating to this "puppet kick". Can > anyone offer any insight?We use triggered runs without problems. The only thing that we have, that you did not mention, is a file named /etc/puppet/auth.conf with the following contents on all clients: path /run method save allow * I think this is a new requirement with Puppet 2.6. I think I got it from the release notes at http://projects.reductivelabs.com/projects/puppet/wiki/Release_Notes#Puppet+Runner Best regards, Martijn.