Raj Gurung wrote:
Modified the puppet.conf but no joy still.
# puppetrun -d --host client.mydomain.com <http://client.mydomain.com>
debug: Parsing /etc/puppet/puppet.conf
Finished
I dont see the changes pushed to client.mydomain.com
<http://client.mydomain.com> box. I wonder if LDAP is required
component for puppetrun?
Thanks,
grg350
On Thu, Feb 11, 2010 at 12:44 PM, Iain Sutton <iainsut...@gmail.com
<mailto:iainsut...@gmail.com>> wrote:
Hi,
We are able to successfully invoke puppetrun from the
puppetmaster. The two main differences between our configuration
and what is posted below are:
a) the line 'server=puppet.mydomain.com
<http://puppet.mydomain.com>' is in the [puppetd] section on the
client, not in the [main] section
b) we don't have a namespaceauth.conf on the puppetmaster at all,
since when we had this in place, all clients would receive a '500
Internal Server Error' when they checked in. I haven't revisited
this recently.
We're running puppet 0.24.8 on CentOS/RHEL on client and server.
Hope this helps,
Iain
On 11 February 2010 13:49, grg350 <grg...@gmail.com
<mailto:grg...@gmail.com>> wrote:
Don, looks like you are able to run puppetrun to configure
clients.
Its not working for me.
My config files goes:
On Client:
cat puppet.conf
[main]
server=puppetmaster.mydomain.com
<http://puppetmaster.mydomain.com>
logdir=/var/log/puppet
vardir=/var/lib/puppet
ssldir=/var/lib/puppet/ssl
rundir=/var/run/puppet
factpath=$vardir/lib/facter
pluginsync=true
[puppetd]
listen=true
cat namespaceauth.conf
[puppetrunner]
allow puppetmaster.mydomain.com
<http://puppetmaster.mydomain.com>
On puppetmaster:
cat namespaceauth.com <http://namespaceauth.com>
[fileserver]
allow *.mydomain.com <http://mydomain.com>
[puppetmaster]
allow *.mydomain.com <http://mydomain.com>
[puppetrunner]
allow *.mydomain.com <http://mydomain.com>
I ran puppetrun with
#puppetrun --host client.mydomain.com <http://client.mydomain.com>
But it doesn't looks like the client get updated and exits with
"Failed to load ruby LDAP library. LDAP functionality will not be
available
Finished"
Also, I dont see any traffic on port 8139 and 8140 while running
tcpdump.Those two machines are on same LAN and no firewall between
them. Not sure what I have been missing. any help would be
appreciated.
Thanks,
grg350
On Jan 31, 4:28 pm, Dan Bode <d...@reductivelabs.com
<mailto:d...@reductivelabs.com>> wrote:
> On Sun, Jan 31, 2010 at 12:11 PM, Don Jackson <
>
>
>
>
>
> puppet-us...@clark-communications.com
<mailto:puppet-us...@clark-communications.com>> wrote:
>
> > Hello,
>
> > I am attempting to get my machines configured properly so
I can use
> > puppetrun on my puppetmaster to get clients to update
themselves during my
> > development/testing of new recipes.
>
> > I understand about listen = true in the puppetd.conf file,
and I also have
> > learned about the namespaceauth.conf file,
> > where I put stuff like:
>
> > [puppetrunner]
> > allow puppet.mydomain.com
<http://puppet.mydomain.com>
>
> > This was all I needed to get machines on the same LAN as
my puppetmaster to
> > work, but it didn't work across firewalls to machines in a
colo.
>
> > From router/firewall logs, it appears that the
puppetmaster needs to
> > connect to port 8139 of the machine running puppetd.
>
> that is correct, when using puppetrun, the authorized host
needs to initiate
> a connection with the client on port 8139, then that host
will initiate a
> request with its puppetmaster on 8140.
>
> You can change the puppetd listen port with the puppetport
option.
>
> -Dan
>
>
>
> > I wasn't able to find this clearly documented, hence this
email.
>
> > Regards,
>
> > Don
>
> > --
> > You received this message because you are subscribed to
the Google Groups
> > "Puppet Users" group.
> > To post to this group, send email to
puppet-users@googlegroups.com
<mailto:puppet-users@googlegroups.com>.
> > To unsubscribe from this group, send email to
> > puppet-users+unsubscr...@googlegroups.com
<mailto:puppet-users%2bunsubscr...@googlegroups.com><puppet-users%2bunsubscr...@google
groups.com <http://groups.com>>
> > .
> > For more options, visit this group at
> >http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the
Google Groups "Puppet Users" group.
To post to this group, send email to
puppet-users@googlegroups.com
<mailto:puppet-users@googlegroups.com>.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
<mailto:puppet-users%2bunsubscr...@googlegroups.com>.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google
Groups "Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
<mailto:puppet-users@googlegroups.com>.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
<mailto:puppet-users%2bunsubscr...@googlegroups.com>.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
"Nothing comes easy that is done well." -Harry F. Banks
--
You received this message because you are subscribed to the Google
Groups "Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Does netstat -tnlp show puppetd listening on port 8139?
--
Joe McDonagh
AIM: YoosingYoonickz
IRC: joe-mac on freenode
L'ennui est contre-révolutionnaire
--
You received this message because you are subscribed to the Google Groups "Puppet
Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
