I expect I need to allow incoming TCP on 8140 for connections from any puppet agent/clients, but do I need anything else opened up in the firewall in either direction ? “Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.” Bill Waterson (Calvin & Hobbes) -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On 27.06.2012, at 16:17, Dan White wrote:> I expect I need to allow incoming TCP on 8140 for connections from any puppet agent/clients, but do I need anything else opened up in the firewall in either direction ?when you use puppet kick from the master you need to open port 8141 on any agent to allow access from master. when you use dashboard you need to open port 3000 on the master from any agent. when you use separate dashboard mysql database you need top open connection from aster to db server. hth, Martin -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On Wed, Jun 27, 2012 at 3:17 PM, Dan White <ygor@comcast.net> wrote:> I expect I need to allow incoming TCP on 8140 for connections from any puppet agent/clients, but do I need anything else opened up in the firewall in either direction ?Hi Dan, The agent can be configured to listen (on port 8139) so that they can be ''kicked'' from the master outside of their normal run schedule, although they''re not configured to do that by default. If you''re using Foreman or Dashboard for reporting purposes you''ll want to open up that port (8141 normally) so the agents can send their reports there too. Regards, Matt. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
----- Martin Alfke <tuxmea@gmail.com> wrote:> > On 27.06.2012, at 16:17, Dan White wrote: > > > I expect I need to allow incoming TCP on 8140 for connections from any puppet agent/clients, but do I need anything else opened up in the firewall in either direction ? > > when you use puppet kick from the master you need to open port 8141 on any agent to allow access from master. > when you use dashboard you need to open port 3000 on the master from any agent. > when you use separate dashboard mysql database you need top open connection from master to db server. > > hth, > > Martin >Nice details, thanks. I think I am covered. I am not using any of those on this master, so incoming 8140 sounds like it should be sufficient. “Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.” Bill Waterson (Calvin & Hobbes) -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.