Adam Ryczkowski
2014-Feb-09 19:18 UTC
[Puppet Users] How to deploy puppetserver? I do some stupid mistake, and I don't know which.
I am trying to redeploy my puppetmaster infrastructure on new hardware.
I am unable to get a simple ("hello world") connection between puppet
master and puppet client.
I tried Ubuntu Saucy, and Ubuntu Precise as well as Puppet 3.4.2 and Puppet
3.2.4 (4 combinations in total).
The steps I do are basic:
1. Install 2x vanilla Ubuntu from either ISO or by lxc-template (I used
both VirtualBox and LXC container for testing). One will be Puppet server,
and one will be Puppet client (will run puppet agent).
2. Set up networking so that both hosts can netcat each other on port 8140
and that both know each other by fqdn. For the last part I edited the
/etc/hosts file.
3. Install a single package on "puppetmaster" on server, and
"puppet" on
client (either the 3.2.4 or 3.4.2 version).
4. On server kill the puppetmaster service and start one manually by "sudo
puppet master --no-daemonize --debug --logdest console". The servers runs
fine and waits for incoming connections.
5. On client run "sudo puppet agent --test --debug --server
<puppetmaster.mydomain.com>.I've got only this error:
Warning: Unable to fetch my node definition, but the agent run will
continue:
Warning: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate
B: certificate verify failed: [self signed certificate in certificate chain
for /CN=Puppet CA: puppetmaster.mydomain.com]
Info: Retrieving plugin
Error: /File[/var/lib/puppet/lib]: Failed to generate additional resources
using 'eval_generate: SSL_connect returned=1 errno=0 state=SSLv3 read
server certificate B: certificate verify failed: [self signed certificate
in certificate chain for /CN=Puppet CA: puppetmaster.mydomain.com]
Error: /File[/var/lib/puppet/lib]: Could not evaluate: SSL_connect
returned=1 errno=0 state=SSLv3 read server certificate B: certificate
verify failed: [self signed certificate in certificate chain for /CN=Puppet
CA: puppetmaster.mydomain.com] Could not retrieve file metadata for
puppet://puppetmaster.mydomain.com/plugins: SSL_connect returned=1 errno=0
state=SSLv3 read server certificate B: certificate verify failed: [self
signed certificate in certificate chain for /CN=Puppet CA:
puppetmaster.mydomain.com]
Error: Could not retrieve catalog from remote server: SSL_connect
returned=1 errno=0 state=SSLv3 read server certificate B: certificate
verify failed: [self signed certificate in certificate chain for /CN=Puppet
CA: puppetmaster.mydomain.com]
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Error: Could not send report: SSL_connect returned=1 errno=0 state=SSLv3
read server certificate B: certificate verify failed: [self signed
certificate in certificate chain for /CN=Puppet CA:
puppetmaster.mydomain.com]
What can I do to get the connection?
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/beb0170e-54f2-4f0d-a04e-305d2840e2e5%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.