On Fri, Jul 6, 2012 at 9:35 AM, catshirt <n...@thefuture.fm> wrote: > hi all, > > just started using puppet and i think it's great. but i'm having a number of > problems surrounding the authentication of the servers. > > on a fresh master, when i create a new client using the node_aws cloud > provisioner (using --certname), the agent doesn't respect the generated > configuration. `certname` is certainly listed under [main] in puppet.conf, > so why wouldn't the agent recognize it?
You are seeing the difference running puppet under root account vs. the ubuntu account. > $ sudo puppet master --configprint certname > analytics0 > $ puppet master --configprint certname > analytics0 > $ sudo puppet agent --configprint certname > analytics0 > $ puppet agent --configprint certname > domu-x-x-x-x-x-x.compute-1.internal When running as root, puppet use the configuration specified in /etc/puppet/puppet.conf. When running as a normal user such as ubuntu, puppet use the configuration under ~/.puppet/puppet.conf, so in this case this file is likely missing and puppet will use the default certname which is the ec2 instance name as seen above. > $ ls -la /etc/puppet/puppet.conf > -rw-r--r-- 1 root root puppet.conf > > this pattern also occurs with the `server` option. i've also other, > unrelated but similar sudo discrepancies that i think are leading to other > problems (for another post...). for instance: > > $ sudo puppet agent --configprint ssldir > /var/lib/puppet/ssl > $ puppet agent --configprint ssldir > /home/ubuntu/.puppet/ssl So the settings above are correct between root vs. ubuntu user. In general you need to run sudo puppet to make changes to the system which should use the correct setting in /etc/puppet/puppet.conf. Thanks, Nan -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
