similar to: Forbidden request: puppetagent1.example.com(192.168.1.101) access to /certificate_revocation_list/ca [find] at line 99

Hi All, I am setting up puppetmaster with nginx and passenger and separating the Puppetmaster primary CA server. I have 3 host loadbalancer01 - Nginx doing LB on IP address and also running puppetmaster with passenger under 127.0.0.1 (port 8140). primaryca - Puppetmaster Primary CA pclient - Puppet Client The did the following steps: On Primary CA server: ---------------------------- cd

How do I initiate a certificate request without going into non-daemon mode ? According to "Pro Puppet" book, so far the only way I know that can trigger a certficate request with puppet master is like this puppet agent --server=puppetmaster.test.com --no-daemonize --verbose but doing so will break my intention of automation I need to create a puppet client package. A control-C is

I have a single LB running Apache with mod_proxy in front of a Puppet master. These are the LB and Puppet master configs: <Proxy balancer://puppetmaster> BalancerMember http://192.168.1.10:8140 </Proxy> Listen 8140 <VirtualHost *:8140> SSLEngine on SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA SSLProtocol -ALL +SSLv3 +TLSv1 SSLCipherSuite

Hi, I''m currently trying to debug a performance issue I''m having. Therefore I would need "DEBUG" output. When using one puppetmaster process, this is fairly easy by starting it like this: > puppet master --no-daemonize --debug Now I need to see this debug output when running puppetmaster the way I ususally do - using Apache/Rack/Passenger. After looking

Hi! Everyone, puppet agent is not able to fetch any files, plugins or post catalog, reports to the master. both puppet agent and master are on version 3.0.l, passenger version 3.0.18 , nginx version: nginx/1.3.9 built by gcc 4.4.6 20120305 (Red Hat 4.4.6-4) (GCC) TLS SNI support enabled configure arguments: --prefix=/apps/nginx --conf-path=/apps/nginx/nginx.conf

It works well when I use webrick. The config of nginx is from puppet wiki, some logs is below, what''s wrong? puppet version:0.25.4 client: ... ... debug: /File[/var/lib/puppet/ssl/certs/ca.pem]: Autorequiring File[/ var/lib/puppet/ssl/certs] debug: /File[/var/lib/puppet/state/state.yaml]: Changing mode debug: /File[/var/lib/puppet/state/state.yaml]: 1 change(s) debug:

Hello All, I don''t seem to be able to get reports to display on the foreman interface. I copied extras/puppet/foreman/files/foreman-report.rb to / usr/lib/ruby/site_ruby/1.8/puppet/reportsforeman.rb, instead of /usr/ lib/ruby/1.8/puppet/reports/foreman.rb. Config: Centos5.4, Apache/ Passenger, Puppet 0.25.4. The reports are coming from the clients, because I can see them in

How can I configure F5 load balancer to be infront of multiple puppet masters? The SSL will break as the server name if different, hostname of the VIP on the LB vs hostnames of each masters, right? Can you shed some light? Thanks. -- Hai Tao -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to

Hi! I''ve installed puppetmaster 2.7.13 on a server with CentOS 6.2 with a rpm supplied by yum.puppetlabs.com. I''ve setup a apache2 vhost with mod_ssl and passenger. The server is configured to autosign the cert requests. The agent installed on the puppetmaster''s server works fine. I''ve a second agent on a server which can sync with the server too. This

I am working on setting up a Puppet configuration where some of the data is stored on a DRBD volume. The modules and vardir are stored on the drbd volume. The puppet.conf files point to the drbd volume for vardir. I created a cert for a VIP puppet-master using the puppetca -- create command I had everything working on the primary drbd node, but when I fail over, everything starts up fine, but I

Hi, When I run puppet agent --test --environment 42A, I have the following warning : Warning: Local environment: "42A" doesn''t match server specified node environment "production", switching agent to "production". ... The puppet manifest for the environment "42A" isn''t applied. The puppet version is 3.3.1-1puppetlabs1 on agent and

Hi, Does this still apply in puppet 3.0.2 in the puppet.conf file on the puppet master? [puppetmasterd] ssl_client_header = SSL_CLIENT_S_DN ssl_client_verify_header = SSL_CLIENT_VERIFY If yes, is puppetmasterd correct or should it be something else, like [main] or [master]? Cheers, Oli -- You received this message because you are subscribed to the Google Groups "Puppet

Hi, ppl I dont know what to do. I configure a new client do sync with my server. the server accept de client_cert without errors and then when i run the "puppet agent -t" agaion i got this error output info: Retrieving plugin err: /File[/var/lib/puppet/lib]: Failed to generate additional resources using ''eval_generate: SSL_connect returned=1 errno=0 state=SSLv3 read server

Hey guys, Relatively new to Puppet and I''m trying to setup tagmail to send all emails to me: at one point I''ll filter that down to errors and whatnot (based on tags) but for now I just want to get it working. Master Puppet server is setup with Passengers, all works well: /etc/puppet/puppet.conf [main] # The Puppet log directory. # The default value is

Hi, I''m trying to do ssl offload on amazon ELB for my puppetmaster servers, it seems amazon ELB is not sending ssl_client_header & client_verify_header puppetmaster Listen 8141 <VirtualHost *:8141> SSLEngine off DocumentRoot /etc/puppet/rack/puppetmaster_8141/public/ RackBaseURI / <Directory /etc/puppet/rack/puppetmaster_8141/> PassengerEnabled on

Hello All, So I finally got around to start to cut over node definitions from standard flat files to external nodes (foreman), and getting error message: "Error 400 on SERVER: Could not find node ''nodename''; cannot compile" - So basically it can''t pick up the node from the external node config. When I test the fetching of the yaml file it seems to work

I am getting all these messages when run `passenger-status''. Do I need to worry about this? I am using passenger 2.2.2 with puppet 0.24.8 and apache2 on ubuntu 9.04. I installed it using the wiki http://reductivelabs.com/trac/puppet/wiki/UsingPassenger Thread ''Main thread'': in ''int Server::start()'' (ApplicationPoolServerExecutable.cpp:553)

Hi, I would like to set up an additional puppet master but have the CA server handled by only 1 puppet master. I have set this up as per the documentation here: http://docs.puppetlabs.com/guides/scaling_multiple_masters.html I have configured my second puppet master as follows: [main] ... ca = false ca_server = puppet-master1.test.net I am using passenger so I am a bit confused how the

I''m not sure at all what''s going on here, but I''ve spent a lot of time reading over the puppet hiera docs and setting everything up, but when I run puppet agent it just seems to ignore the hiera setup completely. Both the puppet master and agent nodes have exactly the same versions of puppet and hiera (installed via the official puppet APT repository). I''ve

Hello all, I fairly new to puppet and google groups so I''ll apologize in advance for not conforming to "normal" posting methods. I''ve recently installed puppetmaster on a fresh copy of Ubuntu 10.04LTS and after running: sudo puppet --configprint all, I get a long list of parameters and values echoed back to my shell. My question is where do these parameters and