On Fri, Sep 25, 2009 at 1:23 PM, Luke Schierer <luke.schie...@gmail.com>wrote:

>   On Thu, Sep 24, 2009 at 11:43 AM, Luke Schierer <luke.schie...@gmail.com
> > wrote:
>
>> I have the following snippet I am using to test with the puppet command
>>
>> node host1 {
>>
>>  file { "/var/www/target":
>>   path  => "/var/www/target",
>>   mode  => 570,
>>   owner  => apache,
>>   group  => wheel,
>>   ensure  => directory,
>>   recurse  => inf,
>>   sourceselect => all,
>>   source  => [
>>    "puppet://host2.fully.qualified.tld/target_results/recent"
>>   ],
>>  }
>> }
>>
>> I run this on host1 with the command
>> puppet --verbose --server host1.fully.qualified.tld test.pp | more
>> and the error I get is
>> err: //Node[host1]/File[/var/www/target]: Failed to generate additional
>> resources during transaction: Certificates were not trusted: tlsv1 alert
>> unknown ca
>> err: //Node[host1]/File[/var/www/target]: Failed to retrieve current state
>> of resource: Certificates were not trusted: tlsv1 alert unkown ca Could not
>> descript /target_results/recent: /etc/puppet/test.pp:16
>>
>> if I change host1 to host1 in the source array, it works.  If I list both,
>> it will produce more or less the same results if host2 is listed first, but
>> it will pull the host1 results before printing the error if host1 is listed
>> first.
>>
>>  in the above output and snippet, I have changed the hostnames, but yes, I
>> have verfied that I am using the fqdn, and that it is spelled correctly.  My
>> hosts are on a closed network, so I've had to transfer the output by hand.
>>
>> Thanks!
>> Luke
>>
>>   On Thu, Sep 24, 2009 at 2:52 AM, Ohad Levy <ohadl...@gmail.com> wrote:
>>
>>> Yes it should, are you sure you contact the second puppetmaster with its
>>> FQDN? e.g.
>>>
>>> source => 
>>> puppet://second.foor.com/module/file/..<http://second.foor.com/module/>
>>> ..
>>>
>>> Ohad
>>>
>>
> I am still unable to get this to work.  I have tried adding
> ca = false
> cacrl = false
> ca_server = host1.fully.qualified.tld
>
>

I have a partial solution,  I set ca = false and ca_server =
host1.fully.qualified.tld  in the puppet.conf file.  I then remove the
puppet-server rpm.  I then ensure that /var/lib/puppet/ca/ca_crt.pem and
/var/lib/puppet/ca/ca_crl.pem are the same as those from host1.  I then make
sure that they are owned by the puppet user.  I then re-install the
puppet-server rpm.

This works for my redhat 5 machines, I'm able to pull from the array of
sources.  However, it does n work for redhat 4 machines.  If a redhat 4
machine is listed in the array, I get

err: Could not call fileserver.list: #<NoMethodError: prive method 'split'
called for nil.NilClass>
err: //Node[host1]/File[/path/to/target]: Failed to generate additional
resources durring transaction

Both the redhat 4 and the redhat 5 machines are 64bit installs.  the rhel4
machines have puppet and puppet-server 0.24.8-4.el4 and the rhel5 machines
have 0.24.8-4.el5, both from the EPEL repository.

Any advice would be appreciated.

Thanks!
Luke

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to