On Aug 21, 5:30 pm, Khoury Brazil <khoury.bra...@gmail.com> wrote: > Hi Everyone, > > I have a weird issue where the puppet client running under launchd > generates a new certificate request for 'localhost' which I thought > was pretty odd (with the side effect of it failing to run and report). > Running puppetd manually never generates this behavior. > > Details: > > Client: > puppetd version: 2.6.7 > OS X version: 10.6.8 > Contents of the hosts file: > ## > # Host Database > # > # localhost is used to configure the loopback interface > # when the system is booting. Do not change this entry. > ## > 127.0.0.1 localhost > 255.255.255.255 broadcasthost > ::1 localhost > fe80::1%lo0 localhost > > Puppet appears to be running correctly (at least it jives with the > launchd instructions): > root 52 0.3 1.0 2480284 43212 ?? Ss 1:37PM 0:46.66 > /usr/bin/ruby /usr/sbin/puppetd --verbose --no-daemonize --logdest > console > Notes: > Added to launchd using the details > here:http://projects.puppetlabs.com/projects/puppet/wiki/Puppet_With_Launchd > The output of the hostname using the 'hostname' command is correct. > Possibly relevant: Client does not have a DNS entry that matches its > hostname (our desktop environment is not allowed to use dynamic DNS so > it uses a mangled system where DNS updates are taken care of by the > DHCP process after it gets the hostname from the client when it > requests a DHCP lease (and it can take several hours to update). I > don't know why, I hate it, it's not going to change and sometimes it > results in a mismatched DNS entry and hostname) > > Console output (redundant logs removed): > 8/21/11 1:38:03 PM com.reductivelabs.puppet[52] [0;32minfo: Creating > a new SSL key for localhost [0m > > 8/21/11 1:38:04 PM com.reductivelabs.puppet[52] warning: peer > certificate won't be verified in this SSL session > > 8/21/11 1:38:04 PM com.reductivelabs.puppet[52] [0;32minfo: Creating > a new SSL certificate request for localhost [0m > > 8/21/11 1:38:04 PM com.reductivelabs.puppet[52] [0;32minfo: > Certificate Request fingerprint (md5): <redacted> [0m > > 8/21/11 1:38:04 PM com.reductivelabs.puppet[52] warning: peer > certificate won't be verified in this SSL session > > 8/21/11 1:40:05 PM com.reductivelabs.puppet[52] [0;36mnotice: Did not > receive certificate [0m > > Puppet Master: > puppetmasterd version: 2.7.1 > > puppetca output: > user@puppetmasterserver:~$ sudo puppetca --list > localhost > > Thanks for any insight you may have. This one has me kind of stumped. > > Thanks, > Khoury
Adding the entry "127.0.0.1 <non-fqdn-hostname>" solved the problem. I suppose that means dns/reverse dns is one of the ways that puppet determines what the node name is (although in my case it appears to be inconsistently applied). I'm just going to make sure the entry is in each host file using puppet. A bit annoying but manageable. It would be nice if there were an option under [agent] to set how it determined the node name though. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
