At the time of the last run I did not have a nodes.pp included in my
configuration. I had added one with a node definition, but it has
made no difference, I get the same error reported originally
err: Could not retrieve configuration: Could not find
jenkins.example.com with names jenkins.example.com, jenkins
warning: Not using cache on failed configuration
This is the node definition I added, though it prompted no change.
node 'jenkins.example.com' inherits basenode {
info('jenkins.example.com')
}
When I run puppetd or puppetmasterd with --genconfig my FQDN comes up
as the default value for 'certname'. When I look at the certificate
my 'CN= my FQDN' comes up as the Issuer and the Subject, so that seems
to match just fine.
I do not have a [client] section to my configuration, and I do not see
one in my --genconfig output either.
-Saurval
On Apr 7, 5:38 pm, Denmat <tu2bg...@gmail.com> wrote:
> Hi,
> First is what name is defined in the node definition.
> Then I would check the puppet.conf for the client settings (l think in .24 it
> is the [client] section).
> After that ... I'd have to keep fiddling at the console.
>
> Cheers,
>
> On 08/04/2011, at 1:56, Saurval <saur...@gmail.com> wrote:
>
>
>
> > I am on CentOS 5.4 running
> > puppet-0.22.4-1.el5.rf
> > puppet-server-0.22.4-1.el5.rf
>
> > I am a little stumped on this one. I imagine it is something simple
> > I am missing. but basically the puppetmasterd cannot talk to a
> > puppetd instance running as a client on the same host.
>
> > The error I am getting is essentially:
>
> > [root@jenkins ~]# /usr/bin/ruby /usr/sbin/puppetd -o --
> > server=jenkins.example.com --test
> > err: Could not retrieve configuration: Could not find
> > jenkins.example.com with names jenkins.example.com, jenkins
> > warning: Not using cache on failed configuration
>
> > After testing SSL with OpenSSL by hand, the handshake works, and it
> > looks like everyone is using the same name in the subject name of the
> > certificates. In fact, it looks like the puppet master is seeing the
> > request, accepting SSL, but then still reporting the same error. Here
> > is the debug output showing the response to the client's attempt to
> > run seen above.
>
> > root@jenkins ~]# /usr/bin/ruby /usr/sbin/puppetmasterd --manifest=/etc/
> > puppet/manifests/site.pp --logdest=/var/log/puppet/puppetmaster.log --
> > bindaddress=10.131.125.85 --debug
> > debug: puppet: Setting vardir to '/var/lib/puppet'
> > debug: puppet: Setting logdir to '/var/log/puppet'
> > debug: puppet: Setting rundir to '/var/run/puppet'
> > debug: puppet: Setting ssldir to '$vardir/ssl'
> > debug: puppetd: Setting classfile to '$vardir/classes.txt'
> > debug: puppetd: Setting localconfig to '$vardir/localconfig'
> > info: Starting server for Puppet version 0.22.4
> > debug: /puppetconfig/ca/File[/var/lib/puppet/ssl/ca/private/ca.pass]:
> > Autorequiring File[/var/lib/puppet/ssl/ca/private]
> > debug: /puppetconfig/puppet/File[/var/lib/puppet/templates]:
> > Autorequiring File[/var/lib/puppet]
> > debug: /puppetconfig/certificates/File[/var/lib/puppet/ssl/
> > private_keys]: Autorequiring File[/var/lib/puppet/ssl]
> > debug: /puppetconfig/ca/File[/etc/puppet/autosign.conf]: Autorequiring
> > File[/etc/puppet]
> > debug: /puppetconfig/ca/File[/var/lib/puppet/ssl/ca/ca_pub.pem]:
> > Autorequiring File[/var/lib/puppet/ssl/ca]
> > debug: /puppetconfig/puppet/File[/var/lib/puppet/state/state.yaml]:
> > Autorequiring File[/var/lib/puppet/state]
> > debug: /puppetconfig/puppet/File[/var/lib/puppet/state/graphs]:
> > Autorequiring File[/var/lib/puppet/state]
> > debug: /puppetconfig/certificates/File[/var/lib/puppet/ssl/
> > csr_jenkins.example.com.pem]: Autorequiring File[/var/lib/puppet/ssl]
> > debug: /puppetconfig/certificates/File[/var/lib/puppet/ssl/
> > public_keys]: Autorequiring File[/var/lib/puppet/ssl]
> > debug: /puppetconfig/certificates/File[/var/lib/puppet/ssl/
> > private_keys/repo.shermanstravel.com.pem]: Autorequiring File[/var/lib/
> > puppet/ssl/private_keys]
> > debug: /puppetconfig/certificates/File[/var/lib/puppet/ssl/private]:
> > Autorequiring File[/var/lib/puppet/ssl]
> > debug: /puppetconfig/ca/File[/var/lib/puppet/ssl/ca/inventory.txt]:
> > Autorequiring File[/var/lib/puppet/ssl/ca]
> > debug: /puppetconfig/ca/File[/var/lib/puppet/ssl/ca/serial]:
> > Autorequiring File[/var/lib/puppet/ssl/ca]
> > debug: /puppetconfig/ca/File[/var/lib/puppet/ssl/ca/ca_crl.pem]:
> > Autorequiring File[/var/lib/puppet/ssl/ca]
> > debug: /puppetconfig/puppet/File[/var/lib/puppet/facts]: Autorequiring
> > File[/var/lib/puppet]
> > debug: /puppetconfig/certificates/File[/var/lib/puppet/ssl/public_keys/
> > repo.shermanstravel.com.pem]: Autorequiring File[/var/lib/puppet/ssl/
> > public_keys]
> > debug: /puppetconfig/ca/File[/var/lib/puppet/ssl/ca/requests]:
> > Autorequiring File[/var/lib/puppet/ssl/ca]
> > debug: /puppetconfig/certificates/File[/var/lib/puppet/ssl/certs]:
> > Autorequiring File[/var/lib/puppet/ssl]
> > debug: /puppetconfig/certificates/File[/var/lib/puppet/ssl/private/
> > password]: Autorequiring File[/var/lib/puppet/ssl/private]
> > debug: /puppetconfig/ca/File[/var/lib/puppet/ssl/ca]: Autorequiring
> > File[/var/lib/puppet/ssl]
> > debug: /puppetconfig/ca/File[/var/lib/puppet/ssl/ca/ca_key.pem]:
> > Autorequiring File[/var/lib/puppet/ssl/ca]
> > debug: /puppetconfig/certificates/File[/var/lib/puppet/ssl/certs/
> > ca.pem]: Autorequiring File[/var/lib/puppet/ssl/certs]
> > debug: /puppetconfig/ca/File[/var/lib/puppet/ssl/ca/signed]:
> > Autorequiring File[/var/lib/puppet/ssl/ca]
> > debug: /puppetconfig/ca/File[/var/lib/puppet/ssl/ca/ca_crt.pem]:
> > Autorequiring File[/var/lib/puppet/ssl/ca]
> > debug: /puppetconfig/puppet/File[/var/lib/puppet/state]: Autorequiring
> > File[/var/lib/puppet]
> > debug: /puppetconfig/puppet/File[/var/lib/puppet/plugins]:
> > Autorequiring File[/var/lib/puppet]
> > debug: /puppetconfig/certificates/File[/var/lib/puppet/ssl/certs/
> > repo.shermanstravel.com.pem]: Autorequiring File[/var/lib/puppet/ssl/
> > certs]
> > debug: /puppetconfig/puppet/File[/var/lib/puppet/lib]: Autorequiring
> > File[/var/lib/puppet]
> > debug: /puppetconfig/ca/File[/var/lib/puppet/ssl/ca/private]:
> > Autorequiring File[/var/lib/puppet/ssl/ca]
> > debug: /puppetconfig/puppet/File[/etc/puppet/namespaceauth.conf]:
> > Autorequiring File[/etc/puppet]
> > debug: /puppetconfig/puppet/File[/var/lib/puppet/ssl]: Autorequiring
> > File[/var/lib/puppet]
> > debug: /puppetconfig/puppet/File[/var/lib/puppet/plugins]: File does
> > not exist
> > debug: /puppetconfig/puppet/File[/etc/puppet/namespaceauth.conf]: File
> > does not exist
> > debug: /puppetconfig/puppet/File[/var/lib/puppet/facts]: File does not
> > exist
> > debug: /puppetconfig/puppet/File[/var/lib/puppet/state/state.yaml]:
> > File does not exist
> > debug: /puppetconfig/certificates/File[/var/lib/puppet/ssl/private/
> > password]: File does not exist
> > debug: /puppetconfig/ca/File[/etc/puppet/autosign.conf]: File does not
> > exist
> > debug: Finishing transaction 23834716843800 with 0 changes
> > debug: Finishing transaction 23834716222400 with 0 changes
> > debug: Creating interpreter
> > debug: importing '/etc/puppet/manifests/modules.pp'
> > debug: importing '/etc/puppet/modules/ldap/manifests/init.pp'
> > debug: importing '/etc/puppet/modules/snmp/manifests/init.pp'
> > debug: Adding code to main on line 23 in file /etc/puppet/manifests/
> > site.pp
> > info: Parsed manifest in 0.03 seconds
> > debug: /puppetconfig/reporting/File[/etc/puppet/tagmail.conf]: File
> > does not exist
> > debug: Finishing transaction 23834715833640 with 0 changes
> > debug: Finishing transaction 23834715762400 with 0 changes
> > debug: Finishing transaction 23834715704720 with 0 changes
> > info: Listening on port 8140
> > notice: Starting Puppet server version 0.22.4
> > debug: Overriding jenkins with cert name jenkins.example.com
> > debug: Allowing authenticated client
> > jenkins.example.com(10.131.125.85) access to puppetmaster.getconfig
> > debug: Our client is remote
> > err: Could not find jenkins.example.com with names
> > jenkins.example.com, jenkins
>
> > Domain name service for the hostname is set up, and resolves via the
> > 'host' and 'dig'
> > requests. The FQHN is what is used as the host name, and is returned
> > by the 'hostname' command. Looking at it closely I note that reverse
> > resolution of the local IP 10.131.125.85 does not return, but I do not
> > know if that matters given the errors above.
>
> > The puppetmaster host has three different three different IPs (Four
> > counting loopback.) so I am making a point to binding to one interface
> > that matches what a DNS (as well as /etc/hosts) lookup would return.
>
> > Looking at the --genconfig output for both puppetd and puppetmaster it
> > looks like all the host names are in the correct places. It looks
> > like I have the correct host name in all teh right places. I realize
> > I am not calling to puppet master server puppet, but the server was
> > named and runs other functions well before I installed puppet. If I
> > absolutely have to create an alias for the server as 'puppet', I am
> > willing to do that, but it looks like more then just a simple /etc/
> > hosts alias would be needed, as I tried that and it did not seem to
> > help at all.
>
> > This same behavior is seen on other puppetd invocations on other
> > hosts, using their host names. But I figure it simplifies things to
> > start with the same physical host, so as to avoid questions like 'are
> > your clocks in sync?' and the like.
>
> > Can anyone point out what I am missing?
>
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Puppet Users" group.
> > To post to this group, send email to puppet-users@googlegroups.com.
> > To unsubscribe from this group, send email to
> > puppet-users+unsubscr...@googlegroups.com.
> > For more options, visit this group
> > athttp://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
