I have a series of hosts that sit on multiple networks. The puppetmaster does so as well. The private internal network is for AD and backups, the external is for public services. I was able to setup a test host that only accesses the external network. All's great there. But when I added a real host, that sits on both networks, puppetmaster isn't so happy. Because the private internal network is secured with port and vlan security, I'm trying to keep all puppet traffic over the external network. It's much easier to manage it that way via iptables.
err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not find default node or by name with 'XXX.XXX.XXX, XXX.XXX, XXX' on node XXX.XXX.XXX The XXX each represent a portion of the FQDN. This node was able to successfully contact puppetmaster and get the cert going. The puppetca was able to sign it for the node and the relevant node information was created. I can see that /var/lib/puppet/ ssl/ca/signed/XXX.XXX.XXX.pem, /var/lib/puppet/yaml/node/ XXX.XXX.XXX.yaml and /var/lib/puppet/yaml/facts/XXX.XXX.XXX.yaml are all there and look good. The puppetmaster uses AD for DNS and does retrieve both IP Addresses when querying for this new node. Does it know how to handle this? Should the first DNS response be the external IP Address, I'm not sure this is configurable in AD - we did try, but got no result when querying again. I even tried skipping DNS and use /etc/hosts directly, this changed nothing. I deleted the old configs and started the 'registration' process again, hoping that /etc/hosts entry would do the trick and everything would be setup correctly. No change; I still get the same error message. Any ideas? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
