On Fri, Sep 25, 2009 at 1:23 PM, Luke Schierer <luke.schie...@gmail.com>wrote:
> On Thu, Sep 24, 2009 at 11:43 AM, Luke Schierer <luke.schie...@gmail.com > > wrote: > >> I have the following snippet I am using to test with the puppet command >> >> node host1 { >> >> file { "/var/www/target": >> path => "/var/www/target", >> mode => 570, >> owner => apache, >> group => wheel, >> ensure => directory, >> recurse => inf, >> sourceselect => all, >> source => [ >> "puppet://host2.fully.qualified.tld/target_results/recent" >> ], >> } >> } >> >> I run this on host1 with the command >> puppet --verbose --server host1.fully.qualified.tld test.pp | more >> and the error I get is >> err: //Node[host1]/File[/var/www/target]: Failed to generate additional >> resources during transaction: Certificates were not trusted: tlsv1 alert >> unknown ca >> err: //Node[host1]/File[/var/www/target]: Failed to retrieve current state >> of resource: Certificates were not trusted: tlsv1 alert unkown ca Could not >> descript /target_results/recent: /etc/puppet/test.pp:16 >> >> if I change host1 to host1 in the source array, it works. If I list both, >> it will produce more or less the same results if host2 is listed first, but >> it will pull the host1 results before printing the error if host1 is listed >> first. >> >> in the above output and snippet, I have changed the hostnames, but yes, I >> have verfied that I am using the fqdn, and that it is spelled correctly. My >> hosts are on a closed network, so I've had to transfer the output by hand. >> >> Thanks! >> Luke >> >> On Thu, Sep 24, 2009 at 2:52 AM, Ohad Levy <ohadl...@gmail.com> wrote: >> >>> Yes it should, are you sure you contact the second puppetmaster with its >>> FQDN? e.g. >>> >>> source => >>> puppet://second.foor.com/module/file/..<http://second.foor.com/module/> >>> .. >>> >>> Ohad >>> >> > I am still unable to get this to work. I have tried adding > ca = false > cacrl = false > ca_server = host1.fully.qualified.tld > > I have a partial solution, I set ca = false and ca_server = host1.fully.qualified.tld in the puppet.conf file. I then remove the puppet-server rpm. I then ensure that /var/lib/puppet/ca/ca_crt.pem and /var/lib/puppet/ca/ca_crl.pem are the same as those from host1. I then make sure that they are owned by the puppet user. I then re-install the puppet-server rpm. This works for my redhat 5 machines, I'm able to pull from the array of sources. However, it does n work for redhat 4 machines. If a redhat 4 machine is listed in the array, I get err: Could not call fileserver.list: #<NoMethodError: prive method 'split' called for nil.NilClass> err: //Node[host1]/File[/path/to/target]: Failed to generate additional resources durring transaction Both the redhat 4 and the redhat 5 machines are 64bit installs. the rhel4 machines have puppet and puppet-server 0.24.8-4.el4 and the rhel5 machines have 0.24.8-4.el5, both from the EPEL repository. Any advice would be appreciated. Thanks! Luke --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---