similar to: Puppetmaster behind ssh with remote port forward

Hi, I have setup puppet (2.7.5) on 2 different machines on ec2. Puppet master config 1. Ruby - 1.9.3 2. OS - Amazon linux image 3. runs from root user Puppet agent config 1. Ruby - 1.9.3 2. OS - centos 3. runs from root user When i run the agent, it throws an error "unknown ca" (can been seen in tcpdump/server logs) and closes the SSL connection immediately. I tried following things

Hi Dears, I am installing the puppetmaster server and puppet client is running in the same machine. When i running : puppet agent --test --waitforcert 30 I received the error : Error: /File[/var/lib/puppet/lib]: Failed to generate additional resources using ''eval_generate'': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed:

When I run openssl s_client -host puppet -port 8081 -CAfile /etc/puppet/ssl/certs/puppet.fqdn I get Verify return code: 21 (unable to verify the first certificate). If I run the same command, but use port 8140 to connect to puppet, I get a return code of 19 (which is correct). I believe that, if I fix this SSL problem then it would fix my main problem which is : Report processor failed:

Hello readers, I have this little issue that my puppet client refuses to do anything because of SSL validation errors. Maybe I''ll just post dump of what happens, that makes it clear I hope. Does anyone have a suggestion why that might happen? what I already checked: On the master: - Puppet and puppetmaster is running - Something is listening on Port 8140 (although I cannot

Hello, I randomly errors like this: Fri Jul 22 09:01:41 +0000 2011 //SERVER.fqdn/Puppet (err): Could not retrieve catalog from remote server: end of file reached Fri Jul 22 09:01:41 +0000 2011 //SERVER.fqdn/Puppet (notice): Using cached catalog Fri Jul 22 09:01:41 +0000 2011 //SERVER.fqdn/Puppet (err): Could not retrieve catalog; skipping run Here are the versions: puppetmaster

Hi! I''ve installed puppetmaster 2.7.13 on a server with CentOS 6.2 with a rpm supplied by yum.puppetlabs.com. I''ve setup a apache2 vhost with mod_ssl and passenger. The server is configured to autosign the cert requests. The agent installed on the puppetmaster''s server works fine. I''ve a second agent on a server which can sync with the server too. This

Is is possible to have a puppetmaster that is a client of a different puppetmaster? We manage our customers'' server via puppet, but one customer has a puppetmaster server which looks after their internal systems. We''ve tried the following in /etc/puppet/puppet.conf ("customer" and "us" replacing the domain names) on their puppetmaster: [puppetmasterd]

I have a problem with puppet on a machine which has public and private IP address. My nodes are on private lan, and hostname of master is FQDN of the public IP. Client''s just cannot connect. Problem which I get is: err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed I''ve added

Hi, I am trying to bootstrap a new agent from my master node as below. puppet node_aws bootstrap \ --region us-east-1 \ --image ami-cc5af9a5 \ --login root \ --keyfile /root/.ssh/private.pem \ --install-script=puppet-enterprise \ --installer-payload=/usr/local/puppet/puppet-2.7.0.tar.gz \ --installer-answers=/usr/local/puppet/agent.txt \ --keyname icos-client \ --type t1.micro Node is created

Dear all, thank you for your hints. I would prefer to do not use Rserve as Dirk mentioned. @Simon I have full control over the Java implementation - I can adapt the code that I use for the communication R <-> Java. > You can natively access structures on each side. The fastest way is to > use R representation (column-oriented) in Java - that is much faster > than any kind of

I am banging my head against the wall for recently built hosts that are unable to verify the server''s certs. The usual is not working. on the puppet agent machine: find /var/lib/puppet/ssl -type f -delete on puppet master: puppetca --clean <new_host_cert> on agent: puppetd --server puppet --waitforcert 2 --no-daemonize -d -o on puppet master: puppetca --sign

Dear all, in our ongoing project we use Java implementations of several algorithms. We also provide a ?wrapper? implemented as an R package using rJava (https://github.com/jaroslav-kuchar/rCBA). Based on our recent experiments, the significant portion of time is spent on copying a dataframe from R to Java. The Java implementation needs access to the source dataframe. I have tested several

Dear experts, Since I''ve moved my *puppetmaster* form SL5 (Scientific Linux) to SL6 with SELinux on, I''m facing loads of trouble. I also move away from WEBrick to apache/passenger, following the instruction here: http://projects.puppetlabs.com/projects/1/wiki/Using_Passenger > and I can''t start httpd any more. It fails with this: Starting httpd: (98)Address

My setup is as follows: I am running Vmware Server on Ubuntu Feisty. This is the puppetmaster. I am running a guest of Ubuntu Gutsy. This is the puppet. When I try to run puppetd on the guest I get the expected message "notice: Did not recieve certificate" Going back to the server and running "puppetca --list" does not list any requests. As a hunch I telneted the hosts

Hi All, I am setting up puppetmaster with nginx and passenger and separating the Puppetmaster primary CA server. I have 3 host loadbalancer01 - Nginx doing LB on IP address and also running puppetmaster with passenger under 127.0.0.1 (port 8140). primaryca - Puppetmaster Primary CA pclient - Puppet Client The did the following steps: On Primary CA server: ---------------------------- cd

When I try to connect to my new puppet master, I get an error because of a self-signed certificate: ---snip--- # puppet agent --test --noop Warning: Unable to fetch my node definition, but the agent run will continue: Warning: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [self signed certificate in certificate chain for /CN=Puppet CA:

I know this is something which should have a simple fix but I'm failing to see it somehow. I'm moving samba service between a couple of FreeBSD systems (9.3 to 10.2), and I'm stuck on getting samba on the new machine to connect to our openldap server over ssl - frustrating since I've been running samba+ldap for 15 years or so; feel sure I'm missing something basic!

Hello Listers, I am trying to sample a vector to create a new one of sample length, witha sum equal to the sum of the initial vector: initial = 10, 30, 10 (sum=50) sample example = 5, 35, 10 (sum=50) or 25, 15, 10 (sum=50), etc ... My problem is to control the sum, so it stays constant. Any suggestions would be very helpful ! Thank you in advance, Eric

** I installed PE Master on one VM and Agents on two VMs pointing to master . Agent1 VM 64 bit works fine , but agent2 VM 32 bit fails with below error. Only difference is architecture. One more note both the agent nodes were accepted from Dashboard,so master has both the certificates. Any help will be greatly appreciated. puppet-enterprise-3.1.0-el-6-i386]# puppet agent --test Info:

Hello, I am trying to configure a new puppet server on Debian Squeeze, so the server version will be 2.6.2-4. I am trying to configure a client running Lenny, the puppet version is 0.25.4-2 I declare the new client with the command : #puppetd --server puppet.domain.tld --waitforcert 60 --test on the server : #puppetca --sign client.domain.tld When the client finish to execute the first