On Fri, Sep 25, 2009 at 1:23 PM, Luke Schierer <luke.schie...@gmail.com>wrote:
> On Thu, Sep 24, 2009 at 11:43 AM, Luke Schierer <luke.schie...@gmail.com
> > wrote:
>
>> I have the following snippet I am using to test with the puppet command
>>
>> node host1 {
>>
>> file { "/var/www/target":
>> path => "/var/www/target",
>> mode => 570,
>> owner => apache,
>> group => wheel,
>> ensure => directory,
>> recurse => inf,
>> sourceselect => all,
>> source => [
>> "puppet://host2.fully.qualified.tld/target_results/recent"
>> ],
>> }
>> }
>>
>> I run this on host1 with the command
>> puppet --verbose --server host1.fully.qualified.tld test.pp | more
>> and the error I get is
>> err: //Node[host1]/File[/var/www/target]: Failed to generate additional
>> resources during transaction: Certificates were not trusted: tlsv1 alert
>> unknown ca
>> err: //Node[host1]/File[/var/www/target]: Failed to retrieve current state
>> of resource: Certificates were not trusted: tlsv1 alert unkown ca Could not
>> descript /target_results/recent: /etc/puppet/test.pp:16
>>
>> if I change host1 to host1 in the source array, it works. If I list both,
>> it will produce more or less the same results if host2 is listed first, but
>> it will pull the host1 results before printing the error if host1 is listed
>> first.
>>
>> in the above output and snippet, I have changed the hostnames, but yes, I
>> have verfied that I am using the fqdn, and that it is spelled correctly. My
>> hosts are on a closed network, so I've had to transfer the output by hand.
>>
>> Thanks!
>> Luke
>>
>> On Thu, Sep 24, 2009 at 2:52 AM, Ohad Levy <ohadl...@gmail.com> wrote:
>>
>>> Yes it should, are you sure you contact the second puppetmaster with its
>>> FQDN? e.g.
>>>
>>> source =>
>>> puppet://second.foor.com/module/file/..<http://second.foor.com/module/>
>>> ..
>>>
>>> Ohad
>>>
>>
> I am still unable to get this to work. I have tried adding
> ca = false
> cacrl = false
> ca_server = host1.fully.qualified.tld
>
>
I have a partial solution, I set ca = false and ca_server =
host1.fully.qualified.tld in the puppet.conf file. I then remove the
puppet-server rpm. I then ensure that /var/lib/puppet/ca/ca_crt.pem and
/var/lib/puppet/ca/ca_crl.pem are the same as those from host1. I then make
sure that they are owned by the puppet user. I then re-install the
puppet-server rpm.
This works for my redhat 5 machines, I'm able to pull from the array of
sources. However, it does n work for redhat 4 machines. If a redhat 4
machine is listed in the array, I get
err: Could not call fileserver.list: #<NoMethodError: prive method 'split'
called for nil.NilClass>
err: //Node[host1]/File[/path/to/target]: Failed to generate additional
resources durring transaction
Both the redhat 4 and the redhat 5 machines are 64bit installs. the rhel4
machines have puppet and puppet-server 0.24.8-4.el4 and the rhel5 machines
have 0.24.8-4.el5, both from the EPEL repository.
Any advice would be appreciated.
Thanks!
Luke
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---
