similar to: Moving puppetmaster

Displaying 20 results from an estimated 10000 matches similar to: "Moving puppetmaster"

2008 Dec 04
4
puppetmaster built via puppetd
hi, i''m trying to set up my puppetmaster infrastructure with multiple puppetservers behind load balancers in each of our datacenters. i''m using 0.24.6. i''ve read the howto on puppet scalability, and i think i''ve got the ssl config working correct, but i''m noticing that when puppetd is used to build a puppetmaster, some of the files in $vardir/ ssl
2011 Feb 08
12
multiple puppetmasters (w/ Passenger) behind load balancer
Hello Gang, I''m working on scaling my puppet solution, and I''m deploying multiple masters w/ passenger that are going sit behind a load balancer. If anyone is using these type of setup, would you share how you deal with the SSL certs? I''ve been following Bode''s Blog (http://bodepd.com/wordpress/?p=7), and it''s not working to good for me.
2011 Jul 08
2
Puppetmaster setup with separate CA server configuration help
Hi All, I am setting up puppetmaster with nginx and passenger and separating the Puppetmaster primary CA server. I have 3 host loadbalancer01 - Nginx doing LB on IP address and also running puppetmaster with passenger under 127.0.0.1 (port 8140). primaryca - Puppetmaster Primary CA pclient - Puppet Client The did the following steps: On Primary CA server: ---------------------------- cd
2011 Jun 14
5
RHEL 6 Optional channel
It looks like all of our RHEL 6 systems now need to connect to the RHN Optional Channel. (puppet, ruby vs. selinux deps) Is there a way to do that with a script without having to enter RHN userid and password? Is there a way to add a channel during kickstart? Thanks -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this
2012 Nov 29
7
Puppet CA corruption
Hello everyone, Just getting my first puppet master set up and I am having a problem that I just do not know how to get past. For some reason, my certificate store keeps getting corrupted. Basically what happens is that the server will issue itself a valid certificate (after removing the ''bad'' cert) and will run just fine. When I start puppetDB (I am pretty sure it happens
2012 Apr 22
2
centos 6.2 - puppet 2.7.13 - SSL_connect returned=1 errno=0 state=SSLv3 read server session ticket A: tlsv1 alert protocol version
Hi! I''ve installed puppetmaster 2.7.13 on a server with CentOS 6.2 with a rpm supplied by yum.puppetlabs.com. I''ve setup a apache2 vhost with mod_ssl and passenger. The server is configured to autosign the cert requests. The agent installed on the puppetmaster''s server works fine. I''ve a second agent on a server which can sync with the server too. This
2008 May 27
12
Puppetting the puppetmaster problems
Hi, installing puppet at my first site was quite easy (not w/o problems, but still). At the second site, I''ve run into something more serious. First things first - I install puppetmaster on existing server, used to keep LDAP db (my puppetmaster DOES NOT use LDAP, it just tries to coexist on the same machine). The thing is, I need to puppet this baby, so I''m running into a
2011 Jan 24
2
Puppet master cannot connect to self
Hi, I have a the annoying problem that the puppet master cannot connect to itself. It fails with: puppet# puppetd --test err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read finished A: tlsv1 alert decrypt error History: I have had this problem on our old puppet server: puppet.domain.com. It was annoying but not critical. Recently I built a new
2007 Jul 03
7
CA migration
Anyone ever migrated the puppetca to a different host? What are the steps that are involved?
2013 Nov 06
1
PuppetMaster and Puppet Client in the same machine
Hi Dears, I am installing the puppetmaster server and puppet client is running in the same machine. When i running : puppet agent --test --waitforcert 30 I received the error : Error: /File[/var/lib/puppet/lib]: Failed to generate additional resources using ''eval_generate'': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed:
2013 Feb 06
12
Certificate nightmares
I think I really hosed my certificates somehow this morning trying to get PuppetDB and Puppet talking again -- here''s where I stand. My Puppet master and PuppetDB are again talking, or at least, aren''t complaining about communication. From my puppet master, I can run "puppet agent -t", and it runs just fine. From any other node on which puppet had been running, I
2012 Jun 14
15
Problem with Load Balancing Puppet masters with Apache mod_proxy
I have a single LB running Apache with mod_proxy in front of a Puppet master. These are the LB and Puppet master configs: <Proxy balancer://puppetmaster> BalancerMember http://192.168.1.10:8140 </Proxy> Listen 8140 <VirtualHost *:8140> SSLEngine on SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA SSLProtocol -ALL +SSLv3 +TLSv1 SSLCipherSuite
2010 Aug 19
7
External CA: Could not run: Could not retrieve certificate for puppetsrv and not running on a valid certificate authority
Hi Experts, I''m trying to generate my own certificates (all of them, including certs for CA, server and client) for puppet to use. and I''m getting "Could not run: Could not retrieve certificate for puppetsrv and not running on a valid certificate authority" Just wondering what the problem could be? What I did is: 1. generate a self signed CA cert, and save the
2007 Oct 09
9
puppetca is unable to sign certificate
Hi - I a ran puppetd -vt against a brand newly build host (which is what I normally do for a new host) and got the usual message: err: No certificate; running with reduced functionality. info: Creating a new certificate request for sega-dev-1. info: Requesting certificate On the puppetmaster, I then list the waiting host with: puppetca --list then sign the key. In this case, I decided that the
2009 Dec 09
3
facter 1.5.7 all lsb* items missing
I have 2 RHEL 5.4 systems where all facter lsb* items are missing. Any ideas? Sanitized facter output: architecture => i386 domain => missyou.edu facterversion => 1.5.7 fqdn => broken.missyou.edu hardwareisa => i686 hardwaremodel => i686 hostname => broken id => root interfaces => eth0,sit0 ipaddress => 1.2.1.5 ipaddress_eth0 => 1.2.1.5 is_virtual => true
2011 Jun 27
12
Ruby script to download files without 'puppet agent'
We have often the Problem that some files need to be checked for updates faster than the cycle of the puppet agent. I try to solve this with a script which tries to download the files directly from the fileserver of the puppetmaster. So far i couldn''t get it to work. I don''t know if i got the URL right, i did not find any examples on the REST API documentation for the
2007 May 18
3
Puppetmaster wierdness
Anybody else experience the need to restart puppetmasterd before a node can register itself. I''ve been cleaning up my installation here on client nodes and every once and a while I find myself needing to restart the puppetmaster daemon. A client node attempts to connect and never does. A restart fixes things. There doesn''t seem to be anything useful in the error messages
2011 Dec 16
12
Seperate CA's/Master behind load balancer
Hello, Attempting to setup a CA primary/standby as well as seperate puppetmaster servers (all running Apache/Passenger) behind another Apache/Passenger type load balancer. Clients are not getting certs:- err: Could not request certificate: Could not intern from s: nested asn1 error Clearly an SSL issue but not something I know a great deal about. loadbalancer.conf # Puppet Load Balancing
2011 Nov 02
5
Puppet certificate
I''m running in circles with this issue... I accidentally did a ''puppetca --clean --all'' and lost all certificates. I was able to get the puppetmaster running and re-created certificates for the client system, but I get the following error: warning: peer certificate won''t be verified in this SSL session info: Caching certificate for w0f.lagged.com info:
2012 Feb 27
1
Using puppet cert generate on a client -- why doesn't this work?
I''m running a two headed puppetmaster and have disabled crl''s. Let''s call them the primary and the secondary. The primary and secondary both use the primary as their master. The secondary only is used when the primary isn''t responding (I wrap the puppetd call in cron with a short shell script) I''m managing these ca files on the masters, pushing