similar to: About autosigning and the FAQ entry

Hello All. I read in an earlier post at http://markmail.org/search/?q=autosign+issues#query:autosign%20issues+page:1+mid:we6jrbn7hdjnhrie+state:results that as of puppet v24.4, autosigning did not support IP addresses. I am running v25.5. Is this still the case? Cheers, David -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To

Hi folks Back again with another head-scratcher... I''m trying to get autosigning to work, and am partially succeeding, but not really... Running puppet v24.4, and not yet ready to upgrade unless I have to On puppetmaster, I have autosign.conf (and puppet.conf indicates autosign = /etc/puppet/autosign.conf, which should be redundant, but, covering that base as I can) In autosign.conf,

I am trying to come up with a workable solution in managing numerous Mac workstations allowing a high degree of flexibility with regards to certs. My puppet environment is setup to application installation on machines that have been ''imaged'' with a base OS and the puppet and facter apps. So, when a Mac is ''imaged'' and subsequently re-booted, puppet is run at

I testing Puppet 0.19.3. If we decide to use it, we''d deploy it across several thousand hosts. The method described for creating client certificates described in the documentation - running "puppetd --server <server> --waitforcert 60 --test" and "puppetca --sign <client>" - is not practical for our installation. I''ve tried creating

I saw this feature became available in 2.7.0rc1 and wanted to try it out. I entered ''allow_duplicate_certs = true'' on both my master and agent systems in the puppet.conf (not sure if its need in both, saw it in genconf for puppetd and puppetmasterd though ...). I also have autosign.conf configured to allow autosigning for our domain (*.domain.com). I had my agent register with

# cat /etc/redhat-release CentOS release 6.4 (Final) # puppet --version 3.2.3 # rpm -q puppetdb puppetdb-1.3.2-1.el6.noarch I am now receiving "Not collecting exported resources without storeconfigs" for my opsview module. It was working fine on puppet 2.7 with Activerecord/MySQL. I am still new to puppetdb so maybe I am missing something. This is from puppet.conf: storeconfigs

I am finding that the puppetlabs-apache module is somehow adding 30-60 seconds onto a host''s catalog compile time when the puppetmaster has no other hosts contacting or generating catalogs. The Puppetmaster is setup to use Puppet-2.7.18 - Apache & Passenger. RIght now only 2 hosts are even configured to use this new PM, the PM itself and a Foreman host. With neither hosts

I''m not sure at all what''s going on here, but I''ve spent a lot of time reading over the puppet hiera docs and setting everything up, but when I run puppet agent it just seems to ignore the hiera setup completely. Both the puppet master and agent nodes have exactly the same versions of puppet and hiera (installed via the official puppet APT repository). I''ve

All- Poking around in the bug database it looks like storeconfigs is being actively worked on. I am using 2.7.6 on my master as well as all the clients. I have clients boot , start puppet and get a signed cert via auto signing. The nagios module (and currently the only thing puppet does) complains a lot during compile time about not having storeconfigs enabled, which is not the case in my

Hello... I wanted to be able to startup an EC2 instance with one command and have a fully functioning server without having to shell into each new instance and configure the bits to allow puppet to finish the configuration. Here are some notes I came up with for bootstrapping an ec2 instance with puppet using Ubuntu 10.04. I left out a lot of things about creating and running custom AIM

I am trying to get a custom fact to sync. The fact is in a module. It will sync if I run puppet with "--pluginsync" but not otherwise. I have "pluginsync=true" in my puppet.conf. Shouldn''t the command line option and puppet.conf option have the same results? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group.

Hi all, I''m doing a new install of my puppet server and I''m doing it like: 1.-) adding epel repo: http://fedoraproject.org/wiki/EPEL/FAQ#howtouse 2.-) yum -y install puppet-server 3.-) rm -rf /etc/puppet 4.-) copy my old puppet conf (from puppet-0.24.5 to 0.24.6) mv /etc/puppet.old /etc/puppet 5.-) start puppetmaster: [gridinstall etc]# /etc/init.d/puppetmaster start

I''m simply trying to run puppet inside a bash script but I''m not seeing any output. #!/bin/bash puppet master --mkusers --autosign --verbose --no-daemonize Is there an I/O redirection incantation I''m missing? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit

Hello, Running into a problem when wanting to daemon-ize the agent. It doesnt seems to do anything: - cannot find any daemon process with (ps aux | grep puppet) - the config is not updated after editing some params on the master - /var/log/puppet stay empty... while, when logged as root, it is working without issue with $puppet agent --test. ##Conf Ubuntu 12.04 Puppet 2.7.11 ## Daemon is

Hi, Can puppet autosign work by giving vlan IP instead of domain? For example, in the autosign.conf file, instead of using *.mydomain.org, I want to give 172.18.133.* But it does not seem to work if I give the IP address. But I don''t want to limit the client from *.mydomain.org by only allow certain vlan client not all the are in the same domain. Thanks, -Haiyan -- You received this

Hey Folks, I''m looking at doing automated provisioning of new servers and am trying to integrate puppet into this process. What I''m wondering though is what the best process for securely registering a new node is. At the moment the first time puppet is run I have to then accept the certificate on the puppetmaster and then run puppet again. What I would like to do is accept the

1. I get the following error when I run “puppet device’ err: Could not request certificate: Could not write /var/opt/lib/pe-puppet/devices/certname/ssl/private_keys/certname.pem to privatekeydir: Permission denied - /var/opt/lib/pe-puppet/devices/certname/ssl/private_keys/certname.pem Any thought? Thanks, -- You received this message because you are subscribed to the Google Groups

Hello, We''ve been running puppet for 5 years until the last week when the certificate on the puppet server is expired. We were looking for a procedure describing how to create a new server certificate without a need to reconfigure certificates on puppet clients (about 100 servers) but we couldn''t find anything regarding this issue within puppet''s documentation. Is

Hi, I am using the cloud provisioner to bootstrap some ec2 nodes, and these clients are signed using a randomly generated certname, which is put in /etc/puppet.conf at the bootstrap time (eg certname = d7bcd693-73fd-495f-0876-ff91ea11111e). But my puppet code repo also manages the puppet.conf file, so the file will be overwritten on the client at the first puppet run. Nevertheless, i should not

Hi, I would like to use Puppet in the cloud (think gogrid) to configure stem images. Virtual machines are created/destroyed on the fly under control of a load monitor. For this reason we cannot sign manually new Puppet clients, instead, we must use Puppet''s autosign feature. At the moment, Puppet just permits to filter client manifest requests with some regex over the hostname of the