On Thursday, November 15, 2012 7:55:33 PM UTC-6, JGonza1 wrote: > > I do see the that the client server pdlnx-pntp02.kareoprod.ent does have a > certificate on the master under the directory /etc/puppet/ssl/ca/signed. > Also the the puppet master I do not have auto-signing turned on. I have to > run the puppet cert --sign <server name> command to create the certificate. > > The question then remains why the master is not associating the new nodes with the node block(s) you created for them. That was the thrust of the other question and suggestion in my previous response (about what file the node block appears in, and about running the master with the --debug switch enabled). So?
Perhaps it will save some time if I point out that there is only one manifest that Puppet reads automatically. Its name and location are configurable, but by default it is manifests/site.pp under your Puppet installation directory (often /etc/puppet). Your node blocks should be either in that manifest or in a manifest 'import'ed directly or indirectly by it (and that is the only good use I know for the 'import' function). Furthermore, the puppet master process must be able to read the file containing the node block. That process normally runs without privilege, so you must ensure that ownership and permissions (and any other access controls) on that file and every directory in the path to it allow access to the master process. If the master cannot or does not load the node block, then the declarations in it will not be applied. If the master does load the node block but does not match it to your node, then either the node's certname is not what you think it is, or some other node block is matching at higher priority (see http://docs.puppetlabs.com/puppet/3/reference/lang_node_definitions.html#matching). John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/cMaKnuNaBXAJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
