Displaying 20 results from an estimated 2000 matches similar to: "How to execute an arbitrary script when a puppetclient ask for a manifest?"
2010 Jun 03
8
authenticating new nodes that are created by provisioning
Hey Folks,
I''m looking at doing automated provisioning of new servers and am trying to integrate puppet into this process. What I''m wondering though is what the best process for securely registering a new node is.
At the moment the first time puppet is run I have to then accept the certificate on the puppetmaster and then run puppet again.
What I would like to do is accept the
2006 Oct 18
19
Creating client certificates
I testing Puppet 0.19.3. If we decide to use it, we''d deploy it
across several thousand hosts. The method described for creating
client certificates described in the documentation - running
"puppetd --server <server> --waitforcert 60 --test" and "puppetca
--sign <client>" - is not practical for our installation. I''ve
tried creating
2008 Jul 28
2
security of auto-sign?
I am looking into alternatives for the initial cert sign for new
puppet clients. We will have non-sysadmins kickstarting new hosts,
and I am trying to minimize the time they have to wait for a cert sign
while maintaining at least a marginally sane level of security.
My question is this: does the puppetmaster check that a new cert
request for host A (csr with subject "cn=A.mydomain") is
2011 Mar 11
6
failed to retrieve certificate on Amazon EC2
Hi,
I''m using puppet on EC2 to setup my VMs with the following configuration:
# puppetd --version
0.25.5
# uname -a
Linux hostname.domain 2.6.16-xenU #1 SMP Mon May 28 03:41:49 SAST 2007 i686
i686 i386 GNU/Linux
But I keep facing some timeout from puppetd:
warning: peer certificate won''t be verified in this SSL session
Exiting; failed to retrieve certificate and waitforcert
2009 Jun 30
43
Workstations and Certs
I am trying to come up with a workable solution in managing numerous
Mac workstations allowing a high degree of flexibility with regards to
certs.
My puppet environment is setup to application installation on machines
that have been ''imaged'' with a base OS and the puppet and facter apps.
So, when a Mac is ''imaged'' and subsequently re-booted, puppet is run
at
2011 Feb 15
11
Puppetmasterd not receiving certificate request
Hi: I''m trying to configure Puppet on Ubuntu, and strangely I am never
able to generate a certificate because my server never shows any
pending certificate requests.
Put differently, on the server I am running puppetmasterd and on the
client I am able to connect to the server, but the client continues
printing
notice: Did not receive certificate
warning: peer certificate
2011 Mar 31
5
puppetca and /etc/puppet/ssl
All,
I have --confdir=/etc/puppet/common in my /etc/init.d/puppetmaster and
/etc/init.d/puppet files, vardir set to /var/lib/puppet in
/etc/puppet/common/puppet.conf, and yet, every time I run puppetca it
creates /etc/puppet/ssl. Anyone know why?
Doug.
--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To post to this group, send email
2007 Oct 09
9
puppetca is unable to sign certificate
Hi - I a ran puppetd -vt against a brand newly build host (which is
what I normally do for a new host) and got the usual message:
err: No certificate; running with reduced functionality.
info: Creating a new certificate request for sega-dev-1.
info: Requesting certificate
On the puppetmaster, I then list the waiting host with: puppetca
--list then sign the key. In this case, I decided that the
2010 Feb 18
14
Rebuilding machines from foreman
Hello,
I ran into this problem today, I am trying to implement "One click
installation", I followed foreman howtos and set up the pre-requisites
accordingly.
However, when I click on "Build" button, I get the following errors in the
foreman''s console and another error in the web interface indicating that the
installation failed. Any ideas?
*"PuppetCA: SSL/CA or
2011 Jul 29
2
Odd SSL issue - host not showing with puppet cert --list --all
Hi,
Just wondering if anyone had any similar issues OR idea''s on
troubleshooting the following problem.
I have a client/node registered to the puppet master and it is working
without any issues. On the server I can see it compile the catalog in
the logs. However when I run ''puppet cert --list --all'' it is not in
the list. Note we use auto signing
2010 Sep 29
5
err: Could not request certificate: sslv3 alert handshake failure error
Hi,
I''ve setup the puppetmaster to start 5 processes each listening on a
different port, with an Apache server in front. This works fine for
existing clients, however when I try to add a new client (ie. a newly
installed machine with no previous puppet configuration) I get this
error:
err: Could not request certificate: sslv3 alert handshake failure
error
Any ideas what''s
2009 Oct 20
11
Stuck with puppet
Hello a newbie here.
The situation is that:
2 machine one master one client
Puppet 0.24.5
This my configuration:
Client:
/etc/puppet/puppetd.conf
[puppetd]
server = Asus-Vista-Box
logdir = /var/log/puppet
vardir = /var/lib/puppet
rundir = /var/run
master
/etc/puppet/manifests/classes/sudo.pp
class sudo {
file { "/etc/sudoers":
owner => "root",
2012 Apr 22
2
centos 6.2 - puppet 2.7.13 - SSL_connect returned=1 errno=0 state=SSLv3 read server session ticket A: tlsv1 alert protocol version
Hi!
I''ve installed puppetmaster 2.7.13 on a server with CentOS 6.2 with a rpm
supplied by yum.puppetlabs.com.
I''ve setup a apache2 vhost with mod_ssl and passenger. The server is
configured to autosign the cert requests.
The agent installed on the puppetmaster''s server works fine. I''ve a second
agent on a server which can sync with the server too. This
2012 Sep 07
7
passenger-install-apache2-module fails
Hi I have installed passenger on many machine and this is my 3rd puppet
master on CentOS 6. This one is giving me problems and I have been trying
with different gem versions and still no go.
When I run passenger-install-apache2-module I get this error:
Sorry its really long so I copied to a text doc attached to this post.
Any Idea on whats going wrong. I have not had a problem with this before
2011 Mar 22
13
Foreman 0.2 Release Candidate
Hello All,
I''m happy to announce a new release candidate of Foreman, top highlights
for this release includes:
* New look and feel
* Extended restful API
* Support for New Puppet Reports format
* Full VM/physical host Provisioning
* Powerful template generator ( pxelinux, gpxe, kickstart, preseed, grub
etc..)
* introduce a new service called smart proxy (which can run on remote
2010 Nov 13
12
certificate verify failed
I am banging my head against the wall for recently built hosts that
are unable to verify the server''s certs. The usual is not working.
on the puppet agent machine:
find /var/lib/puppet/ssl -type f -delete
on puppet master:
puppetca --clean <new_host_cert>
on agent:
puppetd --server puppet --waitforcert 2 --no-daemonize -d -o
on puppet master:
puppetca --sign
2011 Jul 08
2
Puppetmaster setup with separate CA server configuration help
Hi All,
I am setting up puppetmaster with nginx and passenger and separating
the Puppetmaster primary CA server. I have 3 host
loadbalancer01 - Nginx doing LB on IP address and also running
puppetmaster with passenger under 127.0.0.1 (port 8140).
primaryca - Puppetmaster Primary CA
pclient - Puppet Client
The did the following steps:
On Primary CA server:
----------------------------
cd
2013 Sep 18
3
pxechn.c32 halting
I upgraded from syslinux 4.x to syslinux 6.01 and am now having issues with
pxe chaining. I've tried moving up as far as 6.02-pre16, but I'm still experiencing the same problem. The original config called the next server as follows:
LABEL Cobbler
KERNEL pxechain.com
APPEND 10.x.x.x::pxelinux.0
Which worked for the previous version, but I started getting an error after
2009 Feb 24
4
Cannot pass id field to ActiveRecord
Dear all
I have a dummy question. The model code as follow:
class User < ActiveRecord::Base
set_primary_key "username"
end
In script/console
user = {:username => "123", :display_name => "345"}
=> {:username=>"123", :display_name=>"345"}
a = User.new(user)
=> #<User username: nil, display_name: "345">
2008 May 27
12
Puppetting the puppetmaster problems
Hi,
installing puppet at my first site was quite easy (not w/o problems,
but still). At the second site, I''ve run into something more serious.
First things first - I install puppetmaster on existing server, used
to keep LDAP db (my puppetmaster DOES NOT use LDAP, it just tries to
coexist on the same machine). The thing is, I need to puppet this
baby, so I''m running into a