similar to: Puppet Management with Dual Boot Workstation

I have a very basic puppet install right now, running puppet master, with the dashboard and foreman on the same host, I have some legacy static nodes (nodes.pp) and now I am using puppet to provision nodes in EC2. I am running cloud provisioner .60rc1 and my question is what happens after a puppet node bootstrap? I''m running into some issues and maybe its just idiot user driving this

Is there a way to force the puppetmaster to resign certificates for existing certificates when a new CSR for the same hostname arrives? When we reinstall freshly formatted clients with puppet (with the same hostname) the puppet client complains: err: Could not request certificate: Retrieved certificate does not match private key; please remove certificate from server and regenerate it

Hello, Let''s consider the scenario when a client node in a puppet environment gets compromised. In case some of the puppet modules make decisions based on agent facts, these modules are potentially exposed to abuse from the malicious puppet agent. For example, if a class has: if $some_fact == ''some value'' { # deploy some configuration } then the compromised node

Hi, I have just started to use Foreman 1.1. I have been using Puppet for a while and have some custom modules and ones that have been dragged down from git etc. I am using nodes.pp in Puppet to assign classes and template entries to hosts. So is Foreman meant to eliminate my need for a nodes.pp? How do I manage my erb templates in Puppet without a nodes.pp? Thanks, -- You received

Hi everyone, I’ve been working on getting puppet set up for our systems for the past week, and all has gone well in learning about writing manifests, but now that I’m ready to set it into production, I realize that it’s still unclear to me exactly how that’s supposed to go. For instance, during testing it has always been that I manually started and stopped puppetd and puppetmasterd on their

Greetings: Sorry for cross-posting this question, but I haven''t gotten any love over on the Google Forum for Foreman users<https://groups.google.com/forum/#!forum/foreman-users> (their forum isn''t as active as this one). I only recently learned about The Foreman and I''d like to deploy it on a 64-bit Ubuntu 12.04 LTS workstation to provision/manage a bunch of

Hi all, i planned for a startup to install one of this gui tools. But if i look in the documentation, or google it, i find no results which helps. If i would like to install the rpm package i get the following dependencies problems rpm -i puppet-dashboard-1.2.3-1.el6.noarch.rpm warning: puppet-dashboard-1.2.3-1.el6.noarch.rpm: Header V4 RSA/SHA1 signature: NOKEY, key ID 4bd6ec30 error: Failed

Hi, I''m having a problem with extlookup not respecting the ''certname'' parameter[1].  When executing a puppet run with either the --certname or --fqdn parameters, it ends up using the specified SSL certificate and gets the correct node definition applied from the puppetmaster.  However, it still retrieves extlookup data using the node''s actual FQDN, not the one

Hi, I am using the cloud provisioner to bootstrap some ec2 nodes, and these clients are signed using a randomly generated certname, which is put in /etc/puppet.conf at the bootstrap time (eg certname = d7bcd693-73fd-495f-0876-ff91ea11111e). But my puppet code repo also manages the puppet.conf file, so the file will be overwritten on the client at the first puppet run. Nevertheless, i should not

All- Poking around in the bug database it looks like storeconfigs is being actively worked on. I am using 2.7.6 on my master as well as all the clients. I have clients boot , start puppet and get a signed cert via auto signing. The nagios module (and currently the only thing puppet does) complains a lot during compile time about not having storeconfigs enabled, which is not the case in my

I''ve been using PuppetDB as an ENC for a while, but I haven''t really utilized it for stored configs or anything. I was mostly interested in replacing Dashboard''s reporting capabilities, but PuppetDB doesn''t yet do anything (that I can see) with reports. So I''m currently looking into setting up a separate Foreman server. I saw the script mentioned

1. I get the following error when I run “puppet device’ err: Could not request certificate: Could not write /var/opt/lib/pe-puppet/devices/certname/ssl/private_keys/certname.pem to privatekeydir: Permission denied - /var/opt/lib/pe-puppet/devices/certname/ssl/private_keys/certname.pem Any thought? Thanks, -- You received this message because you are subscribed to the Google Groups

Morning all Am in the process of testing a migration of Puppet 3 from webrick to Puppet. Have found the foreman modules (https://github.com/theforeman) which seems to take care of a lot of the leg-work... However having got Puppet running with Passenger in Apache, whenever trying to access the Puppet master from a client, I was getting a ''403 Forbidden error''. Have dug

Hi All, I have a working installation of a Puppet Master (CA) with Puppet agents, this using The Foreman. I really see the usage of Puppet this way but because The Foreman supports pushing your classes/templates to you nodes (agents) and uses the depricated Run/Kick for it I''m looking into Mcollective. Mcollective is supported by The Foreman since 1.2, the version I''m

Hi, I created a centOS6 EC2 instance last night and ran the foreman puppet module but it came back with a few years. Was hoping somebody could help me understand these errors. [root@ip-10-170-77-129 config]# echo include foreman | puppet --modulepath /root/puppet-foreman/ err: /Stage[main]/Foreman::Config::Enc/File[/var/lib/puppet/yaml/foreman]/ensure: change from absent to directory failed:

I am finding that the puppetlabs-apache module is somehow adding 30-60 seconds onto a host''s catalog compile time when the puppetmaster has no other hosts contacting or generating catalogs. The Puppetmaster is setup to use Puppet-2.7.18 - Apache & Passenger. RIght now only 2 hosts are even configured to use this new PM, the PM itself and a Foreman host. With neither hosts

Hello, I try config puppet with foreman frontend. Into puppetmasterd I create modules "test" and create init.pp: # Create "/tmp/testfile" if it doesn''t exist. class test_class { file { "/tmp/testfile": ensure => present, mode => 644, owner => root, group => root } } Configure nodes in site.pp and import

I updated some of my gems, and I think it may be the reason I am getting the following error when the agents try to retrieve a catalog. err: Could not retrieve catalog from remote server: Error 400 on SERVER: The single-table inheritance mechanism failed to locate the subclass: ''Host::Managed''. This error is raised because the column ''type'' is reserved for

Hi, I have a puppetmaster - agent architecture. I have a module for the vsftpd configuracion in the agents. The configuration of the value ''max_per_ip'' in the agents may vary. This is a line of the manifest: $max_per_ip = hiera(''max_per_ip'',10) I want to specify different values for each agent using hiera. The problem is I am only able to specify the

I''ve been trying to find information, suggestions, etc. for how to combine scaling Puppet with the use of management tools like Dashboard/Foreman and MCollective. Our current thinking for an initial deployment is two VMs as Puppet Master worker nodes fronted by a pair of NetScalers. However, I''m not sure how to go about implementing Dashboard or Foreman and MCollective servers in