Hi, We are able to successfully invoke puppetrun from the puppetmaster. The two main differences between our configuration and what is posted below are:
a) the line 'server=puppet.mydomain.com' is in the [puppetd] section on the client, not in the [main] section b) we don't have a namespaceauth.conf on the puppetmaster at all, since when we had this in place, all clients would receive a '500 Internal Server Error' when they checked in. I haven't revisited this recently. We're running puppet 0.24.8 on CentOS/RHEL on client and server. Hope this helps, Iain On 11 February 2010 13:49, grg350 <grg...@gmail.com> wrote: > Don, looks like you are able to run puppetrun to configure clients. > Its not working for me. > My config files goes: > > On Client: > cat puppet.conf > [main] > server=puppetmaster.mydomain.com > logdir=/var/log/puppet > vardir=/var/lib/puppet > ssldir=/var/lib/puppet/ssl > rundir=/var/run/puppet > factpath=$vardir/lib/facter > pluginsync=true > > [puppetd] > listen=true > > cat namespaceauth.conf > [puppetrunner] > allow puppetmaster.mydomain.com > > On puppetmaster: > cat namespaceauth.com > [fileserver] > allow *.mydomain.com > [puppetmaster] > allow *.mydomain.com > [puppetrunner] > allow *.mydomain.com > > I ran puppetrun with > #puppetrun --host client.mydomain.com > > But it doesn't looks like the client get updated and exits with > "Failed to load ruby LDAP library. LDAP functionality will not be > available > Finished" > > Also, I dont see any traffic on port 8139 and 8140 while running > tcpdump.Those two machines are on same LAN and no firewall between > them. Not sure what I have been missing. any help would be > appreciated. > > Thanks, > grg350 > > On Jan 31, 4:28 pm, Dan Bode <d...@reductivelabs.com> wrote: > > On Sun, Jan 31, 2010 at 12:11 PM, Don Jackson < > > > > > > > > > > > > puppet-us...@clark-communications.com> wrote: > > > > > Hello, > > > > > I am attempting to get my machines configured properly so I can use > > > puppetrun on my puppetmaster to get clients to update themselves during > my > > > development/testing of new recipes. > > > > > I understand about listen = true in the puppetd.conf file, and I also > have > > > learned about the namespaceauth.conf file, > > > where I put stuff like: > > > > > [puppetrunner] > > > allow puppet.mydomain.com > > > > > This was all I needed to get machines on the same LAN as my > puppetmaster to > > > work, but it didn't work across firewalls to machines in a colo. > > > > > From router/firewall logs, it appears that the puppetmaster needs to > > > connect to port 8139 of the machine running puppetd. > > > > that is correct, when using puppetrun, the authorized host needs to > initiate > > a connection with the client on port 8139, then that host will initiate a > > request with its puppetmaster on 8140. > > > > You can change the puppetd listen port with the puppetport option. > > > > -Dan > > > > > > > > > I wasn't able to find this clearly documented, hence this email. > > > > > Regards, > > > > > Don > > > > > -- > > > You received this message because you are subscribed to the Google > Groups > > > "Puppet Users" group. > > > To post to this group, send email to puppet-us...@googlegroups.com. > > > To unsubscribe from this group, send email to > > > puppet-users+unsubscr...@googlegroups.com<puppet-users%2bunsubscr...@googlegroups.com> > <puppet-users%2bunsubscr...@google groups.com> > > > . > > > For more options, visit this group at > > >http://groups.google.com/group/puppet-users?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com<puppet-users%2bunsubscr...@googlegroups.com> > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
