Hi guys I recently started playing with EC2 and tried installing puppet. I ran in to this problem that puppetmaster doesnt get any certificate request. This is my /etc/hosts file on the client: 127.0.0.1 ip-10-243-34-4.ec2.internal localhost 10.220.198.146 domU-12-31-39-09-C1-64.compute-1.internal puppetmaster puppet 10.243.34.4 ip-10-243-34-4.ec2.internal client Client hostname : ip-10-243-34-4.ec2.internal Puppetmaster: /etc/hosts: 127.0.0.1 domU-12-31-39-09-C1-64.compute-1.internal localhost puppet Both are Ubuntu 10.04 When I do a puppetd --test --waitforcert 10 on client, it shows the following: info: Creating a new SSL key for ip-10-243-34-4.ec2.internal err: Could not request certificate: Connection timed out - connect(2) Puppetmaster shows nothing when I do puppetca --list and there are no requests in the certificate requests folder too. Please help guys am new to EC2. Thanks -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Mark Stanislav
2011-Jul-23 00:42 UTC
Re: [Puppet Users] puppetmaster on EC2 certificate issues
Does your EC2 security group allow connectivity to the Puppet master inbound? Seems like it can''t connect. -Mark On Jul 22, 2011, at 7:20 PM, newguy wrote:> Hi guys > I recently started playing with EC2 and tried installing puppet. > I ran in to this problem that puppetmaster doesnt get any certificate > request. > > This is my /etc/hosts file on the client: > > 127.0.0.1 ip-10-243-34-4.ec2.internal localhost > 10.220.198.146 domU-12-31-39-09-C1-64.compute-1.internal puppetmaster > puppet > 10.243.34.4 ip-10-243-34-4.ec2.internal client > > Client hostname : ip-10-243-34-4.ec2.internal > > > Puppetmaster: /etc/hosts: > 127.0.0.1 domU-12-31-39-09-C1-64.compute-1.internal localhost puppet > > Both are Ubuntu 10.04 > > When I do a puppetd --test --waitforcert 10 on client, it shows the > following: > info: Creating a new SSL key for ip-10-243-34-4.ec2.internal > err: Could not request certificate: Connection timed out - connect(2) > > > Puppetmaster shows nothing when I do puppetca --list and there are no > requests in the certificate requests folder too. > > Please help guys am new to EC2. > > Thanks > > -- > You received this message because you are subscribed to the Google Groups "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Well as am new to EC2 I will check this but what I know is that these instances are in the same security group and port 8140 is open, does that answer you question.?? Thanks On Jul 22, 5:42 pm, Mark Stanislav <mark.stanis...@gmail.com> wrote:> Does your EC2 security group allow connectivity to the Puppet master inbound? Seems like it can''t connect. > > -Mark > > On Jul 22, 2011, at 7:20 PM, newguy wrote: > > > > > > > > > Hi guys > > I recently started playing with EC2 and tried installing puppet. > > I ran in to this problem that puppetmaster doesnt get any certificate > > request. > > > This is my /etc/hosts file on the client: > > > 127.0.0.1 ip-10-243-34-4.ec2.internal localhost > > 10.220.198.146 domU-12-31-39-09-C1-64.compute-1.internal puppetmaster > > puppet > > 10.243.34.4 ip-10-243-34-4.ec2.internal client > > > Client hostname : ip-10-243-34-4.ec2.internal > > > Puppetmaster: /etc/hosts: > > 127.0.0.1 domU-12-31-39-09-C1-64.compute-1.internal localhost puppet > > > Both are Ubuntu 10.04 > > > When I do a puppetd --test --waitforcert 10 on client, it shows the > > following: > > info: Creating a new SSL key for ip-10-243-34-4.ec2.internal > > err: Could not request certificate: Connection timed out - connect(2) > > > Puppetmaster shows nothing when I do puppetca --list and there are no > > requests in the certificate requests folder too. > > > Please help guys am new to EC2. > > > Thanks > > > -- > > You received this message because you are subscribed to the Google Groups "Puppet Users" group. > > To post to this group, send email to puppet-users@googlegroups.com. > > To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. > > For more options, visit this group athttp://groups.google.com/group/puppet-users?hl=en.-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Yes I checked they are in the same group with port 8140 open,so I think this is all what is required for machines in the same group to talk. Thanks On Jul 22, 6:14 pm, newguy <aimanparv...@gmail.com> wrote:> Well as am new to EC2 I will check this but what I know is that these > instances are in the same security group and port 8140 is open, does > that answer you question.?? > > Thanks > > On Jul 22, 5:42 pm, Mark Stanislav <mark.stanis...@gmail.com> wrote: > > > > > > > > > Does your EC2 security group allow connectivity to the Puppet master inbound? Seems like it can''t connect. > > > -Mark > > > On Jul 22, 2011, at 7:20 PM, newguy wrote: > > > > Hi guys > > > I recently started playing with EC2 and tried installing puppet. > > > I ran in to this problem that puppetmaster doesnt get any certificate > > > request. > > > > This is my /etc/hosts file on the client: > > > > 127.0.0.1 ip-10-243-34-4.ec2.internal localhost > > > 10.220.198.146 domU-12-31-39-09-C1-64.compute-1.internal puppetmaster > > > puppet > > > 10.243.34.4 ip-10-243-34-4.ec2.internal client > > > > Client hostname : ip-10-243-34-4.ec2.internal > > > > Puppetmaster: /etc/hosts: > > > 127.0.0.1 domU-12-31-39-09-C1-64.compute-1.internal localhost puppet > > > > Both are Ubuntu 10.04 > > > > When I do a puppetd --test --waitforcert 10 on client, it shows the > > > following: > > > info: Creating a new SSL key for ip-10-243-34-4.ec2.internal > > > err: Could not request certificate: Connection timed out - connect(2) > > > > Puppetmaster shows nothing when I do puppetca --list and there are no > > > requests in the certificate requests folder too. > > > > Please help guys am new to EC2. > > > > Thanks > > > > -- > > > You received this message because you are subscribed to the Google Groups "Puppet Users" group. > > > To post to this group, send email to puppet-users@googlegroups.com. > > > To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. > > > For more options, visit this group athttp://groups.google.com/group/puppet-users?hl=en.-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Got it working. Run puppetd through sudo and it would work :P On Jul 22, 6:31 pm, newguy <aimanparv...@gmail.com> wrote:> Yes I checked they are in the same group with port 8140 open,so I > think this is all what is required for machines in the same group to > talk. > Thanks > > On Jul 22, 6:14 pm, newguy <aimanparv...@gmail.com> wrote: > > > > > > > > > Well as am new to EC2 I will check this but what I know is that these > > instances are in the same security group and port 8140 is open, does > > that answer you question.?? > > > Thanks > > > On Jul 22, 5:42 pm, Mark Stanislav <mark.stanis...@gmail.com> wrote: > > > > Does your EC2 security group allow connectivity to the Puppet master inbound? Seems like it can''t connect. > > > > -Mark > > > > On Jul 22, 2011, at 7:20 PM, newguy wrote: > > > > > Hi guys > > > > I recently started playing with EC2 and tried installing puppet. > > > > I ran in to this problem that puppetmaster doesnt get any certificate > > > > request. > > > > > This is my /etc/hosts file on the client: > > > > > 127.0.0.1 ip-10-243-34-4.ec2.internal localhost > > > > 10.220.198.146 domU-12-31-39-09-C1-64.compute-1.internal puppetmaster > > > > puppet > > > > 10.243.34.4 ip-10-243-34-4.ec2.internal client > > > > > Client hostname : ip-10-243-34-4.ec2.internal > > > > > Puppetmaster: /etc/hosts: > > > > 127.0.0.1 domU-12-31-39-09-C1-64.compute-1.internal localhost puppet > > > > > Both are Ubuntu 10.04 > > > > > When I do a puppetd --test --waitforcert 10 on client, it shows the > > > > following: > > > > info: Creating a new SSL key for ip-10-243-34-4.ec2.internal > > > > err: Could not request certificate: Connection timed out - connect(2) > > > > > Puppetmaster shows nothing when I do puppetca --list and there are no > > > > requests in the certificate requests folder too. > > > > > Please help guys am new to EC2. > > > > > Thanks > > > > > -- > > > > You received this message because you are subscribed to the Google Groups "Puppet Users" group. > > > > To post to this group, send email to puppet-users@googlegroups.com. > > > > To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. > > > > For more options, visit this group athttp://groups.google.com/group/puppet-users?hl=en.-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.