Displaying 20 results from an estimated 10000 matches similar to: "Moving puppetmaster"
2008 Dec 04
4
puppetmaster built via puppetd
hi,
i''m trying to set up my puppetmaster infrastructure with multiple
puppetservers behind load balancers in each of our datacenters. i''m
using 0.24.6. i''ve read the howto on puppet scalability, and i think
i''ve got the ssl config working correct, but i''m noticing that when
puppetd is used to build a puppetmaster, some of the files in $vardir/
ssl
2011 Feb 08
12
multiple puppetmasters (w/ Passenger) behind load balancer
Hello Gang,
I''m working on scaling my puppet solution, and I''m deploying multiple
masters w/ passenger that are going sit behind a load balancer. If anyone
is using these type of setup, would you share how you deal with the SSL
certs? I''ve been following Bode''s Blog (http://bodepd.com/wordpress/?p=7),
and it''s not working to good for me.
2011 Jul 08
2
Puppetmaster setup with separate CA server configuration help
Hi All,
I am setting up puppetmaster with nginx and passenger and separating
the Puppetmaster primary CA server. I have 3 host
loadbalancer01 - Nginx doing LB on IP address and also running
puppetmaster with passenger under 127.0.0.1 (port 8140).
primaryca - Puppetmaster Primary CA
pclient - Puppet Client
The did the following steps:
On Primary CA server:
----------------------------
cd
2011 Jun 14
5
RHEL 6 Optional channel
It looks like all of our RHEL 6 systems now need to connect to the RHN
Optional Channel. (puppet, ruby vs. selinux deps)
Is there a way to do that with a script without having to enter RHN userid
and password? Is there a way to add a channel during kickstart?
Thanks
--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To post to this
2012 Nov 29
7
Puppet CA corruption
Hello everyone,
Just getting my first puppet master set up and I am having a problem that I
just do not know how to get past. For some reason, my certificate store
keeps getting corrupted. Basically what happens is that the server will
issue itself a valid certificate (after removing the ''bad'' cert) and will
run just fine. When I start puppetDB (I am pretty sure it happens
2012 Apr 22
2
centos 6.2 - puppet 2.7.13 - SSL_connect returned=1 errno=0 state=SSLv3 read server session ticket A: tlsv1 alert protocol version
Hi!
I''ve installed puppetmaster 2.7.13 on a server with CentOS 6.2 with a rpm
supplied by yum.puppetlabs.com.
I''ve setup a apache2 vhost with mod_ssl and passenger. The server is
configured to autosign the cert requests.
The agent installed on the puppetmaster''s server works fine. I''ve a second
agent on a server which can sync with the server too. This
2008 May 27
12
Puppetting the puppetmaster problems
Hi,
installing puppet at my first site was quite easy (not w/o problems,
but still). At the second site, I''ve run into something more serious.
First things first - I install puppetmaster on existing server, used
to keep LDAP db (my puppetmaster DOES NOT use LDAP, it just tries to
coexist on the same machine). The thing is, I need to puppet this
baby, so I''m running into a
2011 Jan 24
2
Puppet master cannot connect to self
Hi, I have a the annoying problem that the puppet master cannot connect
to itself. It fails with:
puppet# puppetd --test
err: Could not retrieve catalog from remote server: SSL_connect returned=1
errno=0 state=SSLv3 read finished A: tlsv1 alert decrypt error
History:
I have had this problem on our old puppet server: puppet.domain.com. It was
annoying but not critical.
Recently I built a new
2007 Jul 03
7
CA migration
Anyone ever migrated the puppetca to a different host? What are the steps
that are involved?
2013 Nov 06
1
PuppetMaster and Puppet Client in the same machine
Hi Dears,
I am installing the puppetmaster server and puppet client is running in the
same machine.
When i running : puppet agent --test --waitforcert 30
I received the error :
Error: /File[/var/lib/puppet/lib]: Failed to generate additional resources
using ''eval_generate'': SSL_connect returned=1 errno=0 state=SSLv3 read
server certificate B: certificate verify failed:
2013 Feb 06
12
Certificate nightmares
I think I really hosed my certificates somehow this morning trying to get
PuppetDB and Puppet talking again -- here''s where I stand.
My Puppet master and PuppetDB are again talking, or at least, aren''t
complaining about communication.
From my puppet master, I can run "puppet agent -t", and it runs just fine.
From any other node on which puppet had been running, I
2012 Jun 14
15
Problem with Load Balancing Puppet masters with Apache mod_proxy
I have a single LB running Apache with mod_proxy in front of a Puppet
master. These are the LB and Puppet master configs:
<Proxy balancer://puppetmaster>
BalancerMember http://192.168.1.10:8140
</Proxy>
Listen 8140
<VirtualHost *:8140>
SSLEngine on
SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA
SSLProtocol -ALL +SSLv3 +TLSv1
SSLCipherSuite
2010 Aug 19
7
External CA: Could not run: Could not retrieve certificate for puppetsrv and not running on a valid certificate authority
Hi Experts,
I''m trying to generate my own certificates (all of them, including certs for
CA, server and client) for puppet to use.
and I''m getting "Could not run: Could not retrieve certificate for puppetsrv
and not running on a valid certificate authority"
Just wondering what the problem could be?
What I did is:
1. generate a self signed CA cert, and save the
2007 Oct 09
9
puppetca is unable to sign certificate
Hi - I a ran puppetd -vt against a brand newly build host (which is
what I normally do for a new host) and got the usual message:
err: No certificate; running with reduced functionality.
info: Creating a new certificate request for sega-dev-1.
info: Requesting certificate
On the puppetmaster, I then list the waiting host with: puppetca
--list then sign the key. In this case, I decided that the
2009 Dec 09
3
facter 1.5.7 all lsb* items missing
I have 2 RHEL 5.4 systems where all facter lsb* items are missing. Any
ideas?
Sanitized facter output:
architecture => i386
domain => missyou.edu
facterversion => 1.5.7
fqdn => broken.missyou.edu
hardwareisa => i686
hardwaremodel => i686
hostname => broken
id => root
interfaces => eth0,sit0
ipaddress => 1.2.1.5
ipaddress_eth0 => 1.2.1.5
is_virtual => true
2011 Jun 27
12
Ruby script to download files without 'puppet agent'
We have often the Problem that some files need to be checked for updates
faster than the cycle of the puppet agent. I try to solve this with a
script which tries to download the files directly from the fileserver of
the puppetmaster. So far i couldn''t get it to work.
I don''t know if i got the URL right, i did not find any examples on the
REST API documentation for the
2007 May 18
3
Puppetmaster wierdness
Anybody else experience the need to restart puppetmasterd before a node can
register itself.
I''ve been cleaning up my installation here on client nodes and every once
and a while I find myself needing to restart the puppetmaster daemon. A
client node attempts to connect and never does. A restart fixes things.
There doesn''t seem to be anything useful in the error messages
2011 Dec 16
12
Seperate CA's/Master behind load balancer
Hello,
Attempting to setup a CA primary/standby as well as seperate
puppetmaster servers (all running Apache/Passenger) behind another
Apache/Passenger type load balancer.
Clients are not getting certs:-
err: Could not request certificate: Could not intern from s: nested
asn1 error
Clearly an SSL issue but not something I know a great deal about.
loadbalancer.conf
# Puppet Load Balancing
2011 Nov 02
5
Puppet certificate
I''m running in circles with this issue... I accidentally did a ''puppetca --clean --all'' and lost all certificates. I was able to get the puppetmaster running and re-created certificates for the client system, but I get the following error:
warning: peer certificate won''t be verified in this SSL session
info: Caching certificate for w0f.lagged.com
info:
2012 Feb 27
1
Using puppet cert generate on a client -- why doesn't this work?
I''m running a two headed puppetmaster and have disabled crl''s. Let''s
call them the primary and the secondary. The primary and secondary
both use the primary as their master. The secondary only is used when
the primary isn''t responding (I wrap the puppetd call in cron with a
short shell script)
I''m managing these ca files on the masters, pushing