On 11/04/2010 12:46 PM, theirpuppet wrote: > I have a series of hosts that sit on multiple networks. The > puppetmaster does so as well. The private internal network is for AD > and backups, the external is for public services. I was able to setup > a test host that only accesses the external network. All's great > there. But when I added a real host, that sits on both networks, > puppetmaster isn't so happy. Because the private internal network is > secured with port and vlan security, I'm trying to keep all puppet > traffic over the external network. It's much easier to manage it that > way via iptables. > > > err: Could not retrieve catalog from remote server: Error 400 on > SERVER: Could not find default node or by name with 'XXX.XXX.XXX, > XXX.XXX, XXX' on node XXX.XXX.XXX > > The XXX each represent a portion of the FQDN. > > This node was able to successfully contact puppetmaster and get the > cert going. The puppetca was able to sign it for the node and the > relevant node information was created. I can see that /var/lib/puppet/ > ssl/ca/signed/XXX.XXX.XXX.pem, /var/lib/puppet/yaml/node/ > XXX.XXX.XXX.yaml and /var/lib/puppet/yaml/facts/XXX.XXX.XXX.yaml are > all there and look good. > > The puppetmaster uses AD for DNS and does retrieve both IP Addresses > when querying for this new node. Does it know how to handle this? > Should the first DNS response be the external IP Address, I'm not sure > this is configurable in AD - we did try, but got no result when > querying again. > > I even tried skipping DNS and use /etc/hosts directly, this changed > nothing. I deleted the old configs and started the 'registration' > process again, hoping that /etc/hosts entry would do the trick and > everything would be setup correctly. No change; I still get the same > error message.
This is not a network or name resolution issue; your manifest contains no node definition that fits your client machine. Regards, Felix -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
