Hi Dirk- Yes, the regular eyaml commands work,edit mode output is in the pastebin.
puppetserver.log entry below, which i see as consistent with what i see with the puppet run.. that it sees a string. The sting would be an array if only it got decrypted. :) 2015-11-18 11:49:40,481 ERROR [puppet-server] Puppet Evaluation Error: Error while evaluating a Function Call, "ENC[PKCS7,MIIB+wYJKoZIhvcNAQcDoIIB7DCCAegCAQAxggEhMIIBHQIBADAFMAACAQEw DQYJKoZIhvcNAQEBBQAEggEAJv7HPBFLLOEaM/6EYQbRUkKqdfv0Q+2esiF5 hy3WrEWOPJEk75Ltgrhvz/ru7m1CuTL05XgjZ5kIGwSsaUSVIGzazEshp4kU q6D0Brpbo3g4LLKNTgBL9JtBtIuyObJ5F2uhmig6RL7571VeL1VwNaA8QyVv DYDXIxV2Xk4oE5LpbDFIVzc5FgSeM+0loUe4REwj9vS/ZGzmxBBGbsxn7CCF mYQmDHcu3fmcMNTAEce3sRawl0k/wINegMVmVDgQASns6NrB0hhyw+JTnZSz 4A3HYJEtdzUvEgOxnYWhOmI6Jf3lYDeHBrNqj/wEv2nxwOGy2fTmJxy6quRQ RpcQ/zCBvQYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQoe2gBdpNQ05oF+XG U1DnQoCBkDg8cGtvXjroe1kWcNBcnasfMmy5tlpi+PIbu/c8kGjCuS7sNCXS S2wwz5jsBqO/bWIDJO2s4p2nEEqd2FcrScN20nkCE7gi3/5FfUkRFbp+FIg5 dS+2KpyE+8y9N3+3HfyTRiJCWAklRJqBZ1ztt0KVyF1VW+0CHHqL6Ix74Tge N4X0P8UVrsWI9fRYxrjPJA==]\n" is not an Array. It looks to be a String at /etc/puppetlabs/code/environments/production/modules/ntp/manifests/init.pp:61:3 on node learning.puppetlabs.vm Yes- the /etc/eyaml/config.eyaml file has the lines with the paths to the keys, same way as in hiera.yaml. -Thanks On Thursday, November 19, 2015 at 1:41:44 AM UTC-5, Dirk Heinrichs wrote: > > Am 18.11.2015 um 20:45 schrieb raycharlesistheman: > > Hoping that someone can provide a direction to get this working, I've > exhausted my own attempts. > I am simply following the hiera complete example from puppetlabs and > shimming in eyaml as a backend. > > While I am able to get my encrypted hiera datastore to decrypt from the > command line using hiera or puppet apply, things don't work when doing a > real puppet agent run. > I put everything about my setup into a paste at > http://pastebin.com/8CnppUTS > > > What about pure eyaml commands (eyaml encrypt, eyaml edit)? Do they work? > Do you find any hint in the puppetserver logs? > Did you try putting the key configuration entries > (pkcs7_(private|public)_key) you have in hiera.yaml into the eyaml config > file (/etc/eyaml/config.yaml)? > > HTH... > > Dirk > -- > > *Dirk Heinrichs*, Senior Systems Engineer, Engineering Solutions > *Recommind GmbH*, Von-Liebig-Straße 1, 53359 Rheinbach > *Tel*: +49 2226 1596666 (Ansage) 1149 > *Email*: [email protected] <javascript:> > *Skype*: dirk.heinrichs.recommind > www.recommind.com > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/42f83205-1ec3-4feb-a5bb-4d3a6784dfc5%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
