Displaying 20 results from an estimated 3000 matches similar to: "Failed SSL with CNAME'd puppetserver"
2011 Jan 24
2
Puppet master cannot connect to self
Hi, I have a the annoying problem that the puppet master cannot connect
to itself. It fails with:
puppet# puppetd --test
err: Could not retrieve catalog from remote server: SSL_connect returned=1
errno=0 state=SSLv3 read finished A: tlsv1 alert decrypt error
History:
I have had this problem on our old puppet server: puppet.domain.com. It was
annoying but not critical.
Recently I built a new
2010 Jun 09
12
Foreman -- Reporting
Hello All,
I don''t seem to be able to get reports to display on the foreman
interface. I copied extras/puppet/foreman/files/foreman-report.rb to /
usr/lib/ruby/site_ruby/1.8/puppet/reportsforeman.rb, instead of /usr/
lib/ruby/1.8/puppet/reports/foreman.rb. Config: Centos5.4, Apache/
Passenger, Puppet 0.25.4.
The reports are coming from the clients, because I can see them
in
2009 Apr 20
2
CA different than hostname?
I''m trying to setup a puppetmaster, and I''ve got a couple of questions.
The first, is a design question. Since I expect to eventually have
multiple puppetmaster servers, I''d like to name this one to be named
puppet1.example.com. But I''d like my clients to connect via a cname as
puppet.example.com. Is this pretty standard? Is there some more common
way?
2009 Apr 28
2
Puppet Mongrel Load Balancing + CNAME
Hi I am reading and configuring puppet in relation to
http://reductivelabs.com/trac/puppet/wiki/UsingMongrelOnEnterpriseLinux
The question I have is in relation to the ssl certificates generated
the first time the puppetmaster service is run and the ability to use
a CNAME.
If the host that i am running the puppetmaster on is
server.example.com and i want to use puppet.example.com as a CNAME
that
2012 Feb 06
1
Puppet / Passenger SSL Problems with DRBD
I am working on setting up a Puppet configuration where some of the
data is stored on a DRBD volume. The modules and vardir are stored on
the drbd volume. The puppet.conf files point to the drbd volume for
vardir. I created a cert for a VIP puppet-master using the puppetca --
create command
I had everything working on the primary drbd node, but when I fail
over, everything starts up fine, but I
2013 Jan 20
3
(New To Puppet)Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not find class sudo for pupclient on node pupclient
Hello Folks!
I am trying to learn puppet. Installed the puppet 3.0.2 and configured one
node as the master and the other as the client. Generated the certs and all
that. But, I seem to be doing something wrong wrt to the init.pp file.
Attached is exact error and my current server configuration. Any help in
helping me fix this issue is appreciated:
*[root@pupclient ~]# puppet agent --test*
2012 Jun 14
15
Problem with Load Balancing Puppet masters with Apache mod_proxy
I have a single LB running Apache with mod_proxy in front of a Puppet
master. These are the LB and Puppet master configs:
<Proxy balancer://puppetmaster>
BalancerMember http://192.168.1.10:8140
</Proxy>
Listen 8140
<VirtualHost *:8140>
SSLEngine on
SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA
SSLProtocol -ALL +SSLv3 +TLSv1
SSLCipherSuite
2011 Feb 08
12
multiple puppetmasters (w/ Passenger) behind load balancer
Hello Gang,
I''m working on scaling my puppet solution, and I''m deploying multiple
masters w/ passenger that are going sit behind a load balancer. If anyone
is using these type of setup, would you share how you deal with the SSL
certs? I''ve been following Bode''s Blog (http://bodepd.com/wordpress/?p=7),
and it''s not working to good for me.
2012 Feb 27
1
Using puppet cert generate on a client -- why doesn't this work?
I''m running a two headed puppetmaster and have disabled crl''s. Let''s
call them the primary and the secondary. The primary and secondary
both use the primary as their master. The secondary only is used when
the primary isn''t responding (I wrap the puppetd call in cron with a
short shell script)
I''m managing these ca files on the masters, pushing
2010 Jun 20
8
bringing puppet into production
Hi everyone,
I’ve been working on getting puppet set up for our systems for the
past week, and all has gone well in learning about writing manifests,
but now that I’m ready to set it into production, I realize that it’s
still unclear to me exactly how that’s supposed to go.
For instance, during testing it has always been that I manually
started and stopped puppetd and puppetmasterd on their
2013 Jan 25
1
About How puppetserver handle reuest from client
Hi,
I am using puppet from last 2-3 months, I want to know about how puppet
internally handles request from puppet client, sequentially or parallel
execution as in Puppet Enterprise - Orchestration. Is There ant way of
providing facility like orchestration-mcollective in puppet? Can we apply
manifest on multiple machine at same instatnce in Open source puppet?
--
You received this message
2010 Sep 08
25
Setup 2.6 + apache, passenger
Hi!
I''m testing Puppet 2.6 and got all the basic stuff working with the
default webricks. I read that it doesn''t scale very well and is not
suited for production environments and the recommended setup is Apache/
Passenger.
Is there a step-by-step-guide on how to set it up?
Any help is very appreciated.
Regards,
Freddie
--
You received this message because you are subscribed
2011 Dec 29
21
Puppetserver error
Hello everyone,
I am new to puppet. I have installed on redhat Enterprise 5and seems
to be working fine. Couple days ago I was testing some permissions on /
etc folder and applied 600 /etc and sub folders. Although I have
reverted the permission but I am having issues on puppetmaster.
Currently I have these permission on etc 755 and puppet folder:
my /etc folder is 755 and puppet folder with tese
2012 Oct 08
11
Puppet 3.0 upgrade issue
Hi @all,
after upgrading my puppet server to Puppet 3.0 I got the following error
every time a client connect to the server:
[ pid=1532 thr=70147393710520 file=utils.rb:176 time=2012-10-08
11:17:56.504 ]: *** Exception NoMethodError in
PhusionPassenger::Rack::ApplicationSpawner (undefined method `settings'' for
Puppet:Module) (process 1532, thread #<Thread:0x7f98ecf7d370>):
2008 Apr 09
4
ssl and NameVirtualHost
I recently aquired a Verisign SSL certificate for my web server on
Centos 4, with apache 2.0.59 from centosplus.
It however doesn't seem to be working the way I've set it up,
browsers connect but are told the certiticate is not recognized.
Showing more info, the information looks correct.
I think it has probably to do with the fact that I'm using the
certificate on a virtual
2011 Oct 24
3
Important Security Announcement: AltNames Vulnerability [new version of puppet]
We have discovered a security vulnerability (“AltNames Vulnerability”)
whereby a malicious attacker can impersonate the Puppet master using
credentials from a Puppet agent node. This vulnerability cannot cross
Puppet deployments, but it can allow an attacker with elevated
privileges on one Puppet-managed node to gain control of any other
Puppet-managed node within the same infrastructure.
All
2008 Dec 04
4
puppetmaster built via puppetd
hi,
i''m trying to set up my puppetmaster infrastructure with multiple
puppetservers behind load balancers in each of our datacenters. i''m
using 0.24.6. i''ve read the howto on puppet scalability, and i think
i''ve got the ssl config working correct, but i''m noticing that when
puppetd is used to build a puppetmaster, some of the files in $vardir/
ssl
2013 Jul 25
9
Not collecting exported resources without storeconfigs
# cat /etc/redhat-release
CentOS release 6.4 (Final)
# puppet --version
3.2.3
# rpm -q puppetdb
puppetdb-1.3.2-1.el6.noarch
I am now receiving "Not collecting exported resources without storeconfigs"
for my opsview module. It was working fine on puppet 2.7 with
Activerecord/MySQL. I am still new to puppetdb so maybe I am missing
something. This is from puppet.conf:
storeconfigs
2012 Aug 21
3
mcollective getaddrinfo: Name or service not known
I''m getting these errors when running ''puppet agent --test'' after doing a
new installation of an agent:
err:
/Stage[main]/Pe_mcollective::Plugins/File[/opt/puppet/libexec/mcollective/mcollective/security/sshkey.rb]/content:
change from {md5}512f42272699eaa085c83d2cc67c27ea to
{md5}8fa3e9125fd917948445e3d2621d40e5 failed: Could not back up
2012 Feb 22
1
Handling unique cases
Hello, Everybody!
I need to allow my developers to run a special script on QA servers and
nowhere else. I put this sort of thing in place:
class app-server {
packages: foo:; bar:; baz:;
if $environment == ''qa'' {
file {
''a'':
content => ...
}
}
which feels kinda kludgey to me. Is there a better way to handle unique
cases like this