similar to: file and user permissions on the puppet master, best practice

Hello, I am having problems with Puppet since upgrading to 3.0.0. When I call an inventory search I get a Error 400. I have used dashboard + Perl Oct 4 08:58:43 puppet01 puppet-master[7008]: Handling request: GET /production/facts_search/search?facts.lsbdistcodename.eq=lenny Oct 4 08:58:43 puppet01 puppet-master[7008]: header too long ii facter

Hi, I have a running puppetmaster with nginx and passenger and ruby 1.9.2. When i do puppet cert --trace --list . i get the following error. /usr/lib64/ruby/gems/1.9.1/gems/puppet-2.7.9/lib/puppet/application/ cert.rb:43:in `block (2 levels) in <class:Cert>'' /usr/lib64/ruby/gems/1.9.1/gems/puppet-2.7.9/lib/puppet/application.rb: 357:in `block (2 levels) in parse_options''

Hi, Ubuntu Lucid has a very outdated puppet, 0.25.4 according to: http://docs.puppetlabs.com/guides/puppetlabs_package_repositories.html#for-debian-and-ubuntu I did this to "enable the repository": wget http://apt.puppetlabs.com/puppetlabs-release_1.0-3_all.deb sudo dpkg -i puppetlabs-release_1.0-3_all.deb but this still does not result in installing an up to date puppet apt-get

Hi, When I run puppet agent --test --environment 42A, I have the following warning : Warning: Local environment: "42A" doesn''t match server specified node environment "production", switching agent to "production". ... The puppet manifest for the environment "42A" isn''t applied. The puppet version is 3.3.1-1puppetlabs1 on agent and

Hi all, I''ve been looking at a potential problem, as documented here: http://projects.puppetlabs.com/issues/19241 To do with a leak within the KahaDB persistence layer of ActiveMQ. Specifically, there are reports of the db.data file growing unbounded: https://issues.apache.org/jira/browse/AMQ-3956 I''m hoping to find out information from other PuppetDB users to see if this is

Greetings, I''m trying to add ppa:nginx/stable repo for Ubuntu 12.04.1 LTS. Server: puppetmaster-common 3.0.1-1puppetlabs1 Agent: puppet 2.7.11 And when I try to apply manifest - getting: puppet agent -t info: Caching catalog for wproxy71.tpnt.net err: Failed to apply catalog: Could not find dependency File[/etc/apt/sources.list.d] for

I have very strange problem. I set up puppet client on serveral servers but have problem with one of them. When I invoke: root@www ~ # puppet agent --server puppetmaster.domain.ltd --test notice: Ignoring --listen on onetime run info: Caching catalog for puppetclient.domain.ltd info: Applying configuration version ''1326444431'' notice: Finished catalog run in

Hello, Attempting to setup a CA primary/standby as well as seperate puppetmaster servers (all running Apache/Passenger) behind another Apache/Passenger type load balancer. Clients are not getting certs:- err: Could not request certificate: Could not intern from s: nested asn1 error Clearly an SSL issue but not something I know a great deal about. loadbalancer.conf # Puppet Load Balancing

Is is possible to have a puppetmaster that is a client of a different puppetmaster? We manage our customers'' server via puppet, but one customer has a puppetmaster server which looks after their internal systems. We''ve tried the following in /etc/puppet/puppet.conf ("customer" and "us" replacing the domain names) on their puppetmaster: [puppetmasterd]

We are working on moving our puppet code from old-school method of importing standalone classes in site.pp to modules. I was hoping i could move one class at a time and at the same time review syntax, coding, subclasses and so forth for each class. So, i defined a modulepath in puppet.conf and put a couple of classes there while still keeping the old structure (minus the classes i put in modules

I was looking into the reporting features in puppet today and realized that though I want the reports I don''t want to bog my puppetmasters down with the task of generating the rrd and png files. Also I already have a server set up to do reporting on various other things that already has the space/CPU cycles and that''s where everyone already goes to look for information. Plus we

PuppetDB is operating fine, but I can''t figure out how to disable it from listening globally on TCP 1099 or 58722 How do I disable them from listening globally without having to resort to iptables? $ lsof -i -n -P | grep java | grep LISTEN java 30115 puppetdb 22u IPv6 119118 0t0 TCP *:1099 (LISTEN) java 30115 puppetdb 23u IPv6 117236 0t0 TCP *:58772

I''m having difficulty getting my head around some CA issues My client has: [puppetd] ca_server=puppetca.mydomain.com and puppet resolves to a different machine. when puppet connects, it requests a signature from puppetca.mydomain.combut then on the next pass fails with the following: err: Could not retrieve catalog: Certificates were not trusted: SSL_connect returned=1 errno=0

Hello, I have 680 hosts reporting into a central puppet server. Yesterday I made a change to site.pp and the nodes/foo.pp and nodes/ bar.pp files to push out some new files (a script to enable LDAP) and it seems that only a handful of stores have downloaded the file and run the script. (I don''t have reporting setup yet other than on a few clients which I did manually) If I ssh into a

Hi, I''m currently trying to debug a performance issue I''m having. Therefore I would need "DEBUG" output. When using one puppetmaster process, this is fairly easy by starting it like this: > puppet master --no-daemonize --debug Now I need to see this debug output when running puppetmaster the way I ususally do - using Apache/Rack/Passenger. After looking

Dears all, I was testing my localusers facter by puppetmaster fileserver but i''d got in error Could not retrieve localusers: No such file or directory - /etc/ puppet/whitelist I was pretending the file was served by fileserver of puppetmaster doing in init.pp : file { "/etc/puppet/whitelist": ensure => present, Just before to call a facter. I

----- Original Message ----- From: "James Hogarth" <james.hogarth at gmail.com> To: "centos" <centos at centos.org> Sent: Tuesday, August 29, 2017 2:03:44 PM Subject: Re: [CentOS] Syncronize systemctl status with reality? On 29 Aug 2017 17:58, "Leroy Tennison" <leroy at datavoiceint.com> wrote: The particular issue is with puppetmaster (which

The particular issue is with puppetmaster (which admittedly takes 4 minutes to actually start, setting TimeoutStartSec=300 in it's unit file stopped the false timeout report) but I have seen it one other time (don't remember the details). systemctl status puppetmaster ? puppetmaster.service - Puppet master Loaded: loaded (/lib/systemd/system/puppetmaster.service; enabled; vendor

I create this class pmaster in order to restart puppetmaster daemon after /etc/puppet/puppet.conf file change. class pmaster { file { "/etc/puppet/puppet.conf": ensure => "file"; } service { "puppetmaster": ensure => "running", enable => "true", hasrestart => "true", subscribe => File [

OK... I started seeing some issues with the certificates between my clients and the puppetmaster. So I went ahead and removed puppet from the clients and cleaned up /var/lib/puppet and /etc/puppet. Then I reinstalled puppet, signed the new cert and things seemed to go OK after that. Then the shocker the second run started to fail and i have this message: [root@atlcnag0 ~]# puppetd --test