I am on CentOS 5.4 running puppet-0.22.4-1.el5.rf puppet-server-0.22.4-1.el5.rf
I am a little stumped on this one. I imagine it is something simple I am missing. but basically the puppetmasterd cannot talk to a puppetd instance running as a client on the same host. The error I am getting is essentially: [root@jenkins ~]# /usr/bin/ruby /usr/sbin/puppetd -o -- server=jenkins.example.com --test err: Could not retrieve configuration: Could not find jenkins.example.com with names jenkins.example.com, jenkins warning: Not using cache on failed configuration After testing SSL with OpenSSL by hand, the handshake works, and it looks like everyone is using the same name in the subject name of the certificates. In fact, it looks like the puppet master is seeing the request, accepting SSL, but then still reporting the same error. Here is the debug output showing the response to the client's attempt to run seen above. root@jenkins ~]# /usr/bin/ruby /usr/sbin/puppetmasterd --manifest=/etc/ puppet/manifests/site.pp --logdest=/var/log/puppet/puppetmaster.log -- bindaddress=10.131.125.85 --debug debug: puppet: Setting vardir to '/var/lib/puppet' debug: puppet: Setting logdir to '/var/log/puppet' debug: puppet: Setting rundir to '/var/run/puppet' debug: puppet: Setting ssldir to '$vardir/ssl' debug: puppetd: Setting classfile to '$vardir/classes.txt' debug: puppetd: Setting localconfig to '$vardir/localconfig' info: Starting server for Puppet version 0.22.4 debug: /puppetconfig/ca/File[/var/lib/puppet/ssl/ca/private/ca.pass]: Autorequiring File[/var/lib/puppet/ssl/ca/private] debug: /puppetconfig/puppet/File[/var/lib/puppet/templates]: Autorequiring File[/var/lib/puppet] debug: /puppetconfig/certificates/File[/var/lib/puppet/ssl/ private_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: /puppetconfig/ca/File[/etc/puppet/autosign.conf]: Autorequiring File[/etc/puppet] debug: /puppetconfig/ca/File[/var/lib/puppet/ssl/ca/ca_pub.pem]: Autorequiring File[/var/lib/puppet/ssl/ca] debug: /puppetconfig/puppet/File[/var/lib/puppet/state/state.yaml]: Autorequiring File[/var/lib/puppet/state] debug: /puppetconfig/puppet/File[/var/lib/puppet/state/graphs]: Autorequiring File[/var/lib/puppet/state] debug: /puppetconfig/certificates/File[/var/lib/puppet/ssl/ csr_jenkins.example.com.pem]: Autorequiring File[/var/lib/puppet/ssl] debug: /puppetconfig/certificates/File[/var/lib/puppet/ssl/ public_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: /puppetconfig/certificates/File[/var/lib/puppet/ssl/ private_keys/repo.shermanstravel.com.pem]: Autorequiring File[/var/lib/ puppet/ssl/private_keys] debug: /puppetconfig/certificates/File[/var/lib/puppet/ssl/private]: Autorequiring File[/var/lib/puppet/ssl] debug: /puppetconfig/ca/File[/var/lib/puppet/ssl/ca/inventory.txt]: Autorequiring File[/var/lib/puppet/ssl/ca] debug: /puppetconfig/ca/File[/var/lib/puppet/ssl/ca/serial]: Autorequiring File[/var/lib/puppet/ssl/ca] debug: /puppetconfig/ca/File[/var/lib/puppet/ssl/ca/ca_crl.pem]: Autorequiring File[/var/lib/puppet/ssl/ca] debug: /puppetconfig/puppet/File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/puppet] debug: /puppetconfig/certificates/File[/var/lib/puppet/ssl/public_keys/ repo.shermanstravel.com.pem]: Autorequiring File[/var/lib/puppet/ssl/ public_keys] debug: /puppetconfig/ca/File[/var/lib/puppet/ssl/ca/requests]: Autorequiring File[/var/lib/puppet/ssl/ca] debug: /puppetconfig/certificates/File[/var/lib/puppet/ssl/certs]: Autorequiring File[/var/lib/puppet/ssl] debug: /puppetconfig/certificates/File[/var/lib/puppet/ssl/private/ password]: Autorequiring File[/var/lib/puppet/ssl/private] debug: /puppetconfig/ca/File[/var/lib/puppet/ssl/ca]: Autorequiring File[/var/lib/puppet/ssl] debug: /puppetconfig/ca/File[/var/lib/puppet/ssl/ca/ca_key.pem]: Autorequiring File[/var/lib/puppet/ssl/ca] debug: /puppetconfig/certificates/File[/var/lib/puppet/ssl/certs/ ca.pem]: Autorequiring File[/var/lib/puppet/ssl/certs] debug: /puppetconfig/ca/File[/var/lib/puppet/ssl/ca/signed]: Autorequiring File[/var/lib/puppet/ssl/ca] debug: /puppetconfig/ca/File[/var/lib/puppet/ssl/ca/ca_crt.pem]: Autorequiring File[/var/lib/puppet/ssl/ca] debug: /puppetconfig/puppet/File[/var/lib/puppet/state]: Autorequiring File[/var/lib/puppet] debug: /puppetconfig/puppet/File[/var/lib/puppet/plugins]: Autorequiring File[/var/lib/puppet] debug: /puppetconfig/certificates/File[/var/lib/puppet/ssl/certs/ repo.shermanstravel.com.pem]: Autorequiring File[/var/lib/puppet/ssl/ certs] debug: /puppetconfig/puppet/File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet] debug: /puppetconfig/ca/File[/var/lib/puppet/ssl/ca/private]: Autorequiring File[/var/lib/puppet/ssl/ca] debug: /puppetconfig/puppet/File[/etc/puppet/namespaceauth.conf]: Autorequiring File[/etc/puppet] debug: /puppetconfig/puppet/File[/var/lib/puppet/ssl]: Autorequiring File[/var/lib/puppet] debug: /puppetconfig/puppet/File[/var/lib/puppet/plugins]: File does not exist debug: /puppetconfig/puppet/File[/etc/puppet/namespaceauth.conf]: File does not exist debug: /puppetconfig/puppet/File[/var/lib/puppet/facts]: File does not exist debug: /puppetconfig/puppet/File[/var/lib/puppet/state/state.yaml]: File does not exist debug: /puppetconfig/certificates/File[/var/lib/puppet/ssl/private/ password]: File does not exist debug: /puppetconfig/ca/File[/etc/puppet/autosign.conf]: File does not exist debug: Finishing transaction 23834716843800 with 0 changes debug: Finishing transaction 23834716222400 with 0 changes debug: Creating interpreter debug: importing '/etc/puppet/manifests/modules.pp' debug: importing '/etc/puppet/modules/ldap/manifests/init.pp' debug: importing '/etc/puppet/modules/snmp/manifests/init.pp' debug: Adding code to main on line 23 in file /etc/puppet/manifests/ site.pp info: Parsed manifest in 0.03 seconds debug: /puppetconfig/reporting/File[/etc/puppet/tagmail.conf]: File does not exist debug: Finishing transaction 23834715833640 with 0 changes debug: Finishing transaction 23834715762400 with 0 changes debug: Finishing transaction 23834715704720 with 0 changes info: Listening on port 8140 notice: Starting Puppet server version 0.22.4 debug: Overriding jenkins with cert name jenkins.example.com debug: Allowing authenticated client jenkins.example.com(10.131.125.85) access to puppetmaster.getconfig debug: Our client is remote err: Could not find jenkins.example.com with names jenkins.example.com, jenkins Domain name service for the hostname is set up, and resolves via the 'host' and 'dig' requests. The FQHN is what is used as the host name, and is returned by the 'hostname' command. Looking at it closely I note that reverse resolution of the local IP 10.131.125.85 does not return, but I do not know if that matters given the errors above. The puppetmaster host has three different three different IPs (Four counting loopback.) so I am making a point to binding to one interface that matches what a DNS (as well as /etc/hosts) lookup would return. Looking at the --genconfig output for both puppetd and puppetmaster it looks like all the host names are in the correct places. It looks like I have the correct host name in all teh right places. I realize I am not calling to puppet master server puppet, but the server was named and runs other functions well before I installed puppet. If I absolutely have to create an alias for the server as 'puppet', I am willing to do that, but it looks like more then just a simple /etc/ hosts alias would be needed, as I tried that and it did not seem to help at all. This same behavior is seen on other puppetd invocations on other hosts, using their host names. But I figure it simplifies things to start with the same physical host, so as to avoid questions like 'are your clocks in sync?' and the like. Can anyone point out what I am missing? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
