Hi Dirk- Yes, the regular eyaml commands work,edit mode output is in the pastebin.
puppetserver.log entry below, which i see as consistent with what i see with the puppet run.. that it sees a string. The sting would be an array if only it got decrypted. :) 2015-11-18 11:49:40,481 ERROR [puppet-server] Puppet Evaluation Error: Error while evaluating a Function Call, "ENC[PKCS7,MIIB+wYJKoZIhvcNAQcDoIIB7DCCAegCAQAxggEhMIIBHQIBADAFMAACAQEw DQYJKoZIhvcNAQEBBQAEggEAJv7HPBFLLOEaM/6EYQbRUkKqdfv0Q+2esiF5 hy3WrEWOPJEk75Ltgrhvz/ru7m1CuTL05XgjZ5kIGwSsaUSVIGzazEshp4kU q6D0Brpbo3g4LLKNTgBL9JtBtIuyObJ5F2uhmig6RL7571VeL1VwNaA8QyVv DYDXIxV2Xk4oE5LpbDFIVzc5FgSeM+0loUe4REwj9vS/ZGzmxBBGbsxn7CCF mYQmDHcu3fmcMNTAEce3sRawl0k/wINegMVmVDgQASns6NrB0hhyw+JTnZSz 4A3HYJEtdzUvEgOxnYWhOmI6Jf3lYDeHBrNqj/wEv2nxwOGy2fTmJxy6quRQ RpcQ/zCBvQYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQoe2gBdpNQ05oF+XG U1DnQoCBkDg8cGtvXjroe1kWcNBcnasfMmy5tlpi+PIbu/c8kGjCuS7sNCXS S2wwz5jsBqO/bWIDJO2s4p2nEEqd2FcrScN20nkCE7gi3/5FfUkRFbp+FIg5 dS+2KpyE+8y9N3+3HfyTRiJCWAklRJqBZ1ztt0KVyF1VW+0CHHqL6Ix74Tge N4X0P8UVrsWI9fRYxrjPJA==]\n" is not an Array. It looks to be a String at /etc/puppetlabs/code/environments/production/modules/ntp/manifests/init.pp:61:3 on node learning.puppetlabs.vm Yes- the /etc/eyaml/config.eyaml file has the lines with the paths to the keys, same way as in hiera.yaml. -Thanks On Thursday, November 19, 2015 at 1:41:44 AM UTC-5, Dirk Heinrichs wrote: > > Am 18.11.2015 um 20:45 schrieb raycharlesistheman: > > Hoping that someone can provide a direction to get this working, I've > exhausted my own attempts. > I am simply following the hiera complete example from puppetlabs and > shimming in eyaml as a backend. > > While I am able to get my encrypted hiera datastore to decrypt from the > command line using hiera or puppet apply, things don't work when doing a > real puppet agent run. > I put everything about my setup into a paste at > http://pastebin.com/8CnppUTS > > > What about pure eyaml commands (eyaml encrypt, eyaml edit)? Do they work? > Do you find any hint in the puppetserver logs? > Did you try putting the key configuration entries > (pkcs7_(private|public)_key) you have in hiera.yaml into the eyaml config > file (/etc/eyaml/config.yaml)? > > HTH... > > Dirk > -- > > *Dirk Heinrichs*, Senior Systems Engineer, Engineering Solutions > *Recommind GmbH*, Von-Liebig-Straße 1, 53359 Rheinbach > *Tel*: +49 2226 1596666 (Ansage) 1149 > *Email*: d...@recommind.com <javascript:> > *Skype*: dirk.heinrichs.recommind > www.recommind.com > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/42f83205-1ec3-4feb-a5bb-4d3a6784dfc5%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
