Displaying 20 results from an estimated 50000 matches similar to: "using puppetmaster with SSL/TLS LDAP server?"
2009 Sep 04
4
the same puppetmaster in different subnets/vlan
Hello,
i have a couple of VLAN where each has its own subnet, now I would like to
use one puppetserver for all these machines.
the puppetserver has a DNS entry for each subnet and its own IP-Address
VLAN 1: puppet-vm1.domain1 172.1.0.1/255.255.255.0
VLAN 2: puppet-vm1.domain2 172.1.1.1/255.255.255.0
.....
the hostname of the puppetserver is puppet-vm1.domain0, puppet created a
2010 Jun 18
1
problems with puppetmaster using intermediate CA cert
Hi,
I''m trying to develop a manifest to setup a new puppet master. To solve
the SSL certificates I''ve created a root CA outside of puppet, and have
generated an intermediate CA for the new puppet master to use. I''ve also
configured my puppetmaster daemon to use it''s own ssl directory. So the
new puppetmaster is at the same time a client of the old puppet
2009 Jan 30
4
Can't connect to LDAP server
Hi appreciate your help.
I am new to puppet. I have taken over a system.
Running Debian v4.0
Puppetmaster & puppet v0.20.1-1
I keep getting the following error from puppetmaster
Could not connect to LDAP: Can''t contact LDAP server.
Please advise me how to analyse and work through this problem.
Thanks
John
--~--~---------~--~----~------------~-------~--~----~
You received this
2011 Jun 29
0
Setting up puppetmaster-passenger on Debian
I am at the end of my rope here so I pray to the gods that
puppet-users can help.
Using Debian apt-get install puppetmaster-passenger you get a fairly
complete puppetmaster setup. I have the Pro Puppet book next to me and
following Chapter 4 on setting up Puppet with Passenger I can see that
apt has already done most of the ground work.
For example the config.ru script is owned by puppet,
2009 Sep 08
7
Puppetmaster be client of another puppetmaster?
Is is possible to have a puppetmaster that is a client of a different
puppetmaster? We manage our customers'' server via puppet, but one customer
has a puppetmaster server which looks after their internal systems. We''ve
tried the following in /etc/puppet/puppet.conf ("customer" and "us"
replacing the domain names) on their puppetmaster:
[puppetmasterd]
2011 Jul 08
2
Puppetmaster setup with separate CA server configuration help
Hi All,
I am setting up puppetmaster with nginx and passenger and separating
the Puppetmaster primary CA server. I have 3 host
loadbalancer01 - Nginx doing LB on IP address and also running
puppetmaster with passenger under 127.0.0.1 (port 8140).
primaryca - Puppetmaster Primary CA
pclient - Puppet Client
The did the following steps:
On Primary CA server:
----------------------------
cd
2009 Jun 10
2
Moving to new puppetmaster - certificates
Unfortunately I haven''t been able to find anything in the docs...
I just built a new puppetmaster to replace my testing install on an old
box. The hostname is different, and obviously the master certificates
are different. What needs to be done to the clients to get them to play
nice with the new box?
Thanks,
Jason Antman
--~--~---------~--~----~------------~-------~--~----~
You
2010 Jun 04
2
LDAP node search stopped working after Puppetmaster upgrade
Hi-
I recently upgrade from 0.24 to 0.25. In my 0.24 config, I had LDAP
working such that Puppet was matching nodes in my directory to
determine what classes to apply. I upgraded to 0.25 and this stopped
working. I do not even see attempts from the Puppetmaster to search
the directory (i.e., no connections to the ldap server). I *did*
update the puppetmasterd conf, adding the variable
2008 Apr 12
8
Question: Do all puppetd run at the same time?
(I know more questions... :-))
I know the default for puppetd is to check puppetmasterd every half
hour, but my question does each puppetd check at the same time? Or
does it depend when puppetd is started or like a cronjob does it run
at the 1/2 hour and hour mark? Is there some randomness to the times
they run?
My point is if they all run at the same time then if you have a large
amount of
2013 Aug 22
1
ssl ofloading on amazon ELB for puppetmasters
Hi,
I''m trying to do ssl offload on amazon ELB for my puppetmaster servers, it
seems amazon ELB is not sending ssl_client_header & client_verify_header
puppetmaster
Listen 8141
<VirtualHost *:8141>
SSLEngine off
DocumentRoot /etc/puppet/rack/puppetmaster_8141/public/
RackBaseURI /
<Directory /etc/puppet/rack/puppetmaster_8141/>
PassengerEnabled on
2012 Mar 22
1
Backup/restore certificates after new puppetmaster installation
Hi,
We have a couple of puppet clients we can''t reach after installation,
is there a way to accept the client certificates when the certificates
are lost on the master site? If that''s not possible what part of the
certificates on the master need to be in the backup to restore
connectivity? Or is there a better way for a fail safe mechanism?
Thanks,
Paul.
--
You received this
2009 Nov 13
2
Multihomed puppet-server Multidomain SSL Problem
Hello List,
I have a problem with the CA on my Puppetmaster. This Puppetmaster is
connected to different Networks with different sub domainnames. The Puppet
clients connecting via different Interfaces. There is no routing between
subnets. Only one subnet can connect successfully. This is because the
subject in the Certificate is the name of this subnet. All other clients get:
Could not
2012 Feb 06
1
Puppet / Passenger SSL Problems with DRBD
I am working on setting up a Puppet configuration where some of the
data is stored on a DRBD volume. The modules and vardir are stored on
the drbd volume. The puppet.conf files point to the drbd volume for
vardir. I created a cert for a VIP puppet-master using the puppetca --
create command
I had everything working on the primary drbd node, but when I fail
over, everything starts up fine, but I
2011 Feb 08
3
puppetmaster fails to start using dist puppet.conf file
I''m having an issue with the default puppet.conf distributed with puppet 2.6.4 (FreeBSD port). I''ve reproduced the problem with a completely fresh install on a completely fresh OS in a VM. Under these conditions, running puppetmaster with no config is fine, but simply moving the puppet.conf-dist file to puppet.conf causes the following errors on console:
Performing sanity
2009 Dec 23
1
puppetmaster 0.25.x factdir error
Hello...
I started testing puppet 0.25.x on my puppetmaster (RH 5.4 x64_64). I
first tried 0.25.1 from EPEL testing, then 0.25.2rc1. I am using
apache/mongrel with 10 ports. My puppetmaster configs are
in /srv/puppet not /var/puppet. When starting puppetmaster I get the
following errors:
Port: 18140Could not prepare for execution: Got 1 failure(s) while
initializing: change from directory
2007 Jul 03
3
pupped on the puppetmaster: cert problems
I''m getting certificate errors when I attempt to run puppetd on the
puppetmaster.
As near as I can tell, this is because I''m using the same puppet.conf
for both puppetd and puppetmasterd; but puppetmaster runs as user
"puppet" and puppetd runs as user "root", yet both expect the
certificates to be readable and chmod 600. I tried telling puppetd to
use
2011 Sep 13
0
load balance multiple puppetmaster, backend workers not authenticating
I''m trying to load balance multiple puppetmasters using apache and
passenger as described in James''s book.
Was able to get a single passenger server installation to work
correctly. When I configure the frontend load balancer and backend
workers, the backend workers does not authenticate even though I am
passing the headers to it.
curl -v -H "Accept: pson, yaml" \
2012 Sep 27
1
Puppetmaster with mongrel
Hey Guys,
So i have puppetmaster running and well. I have a few questions
1) Even though i followed instructions on
http://projects.puppetlabs.com/projects/1/wiki/Using_Mongrel on using
Mongrel, puppetmaster is probably still using webrick since the client
connection timeout still occurs. How do i make it use mongrel?
2) Now after messing a little with /etc/sysconfig/puppetmaster i increased
2013 Jul 23
3
Debugging Puppetmaster with Apache/Rack/Passenger
Hi,
I''m currently trying to debug a performance issue I''m having. Therefore I
would need "DEBUG" output. When using one puppetmaster process, this is
fairly easy by starting it like this:
> puppet master --no-daemonize --debug
Now I need to see this debug output when running puppetmaster the way I
ususally do - using Apache/Rack/Passenger. After looking
2008 Jun 04
1
SSL delegation difficulties
hey all, trying to get SSL cert deligation working based on
http://reductivelabs.com/trac/puppet/wiki/PuppetScalability. All of
the commands run without any problems, however I''m still not getting
it to work. One perplexing thing is openssl reports the cert is okay.
# openssl verify -CAfile /var/lib/puppet/ssl/certs/ca.pem
/var/lib/puppet/ssl/certs/test1.localdomain.pem