ok, I have configured a ntp client pointing to the same ntp server and both
systems are sync, if I’m not wrong.
Puppetmaster.
root@puppetmaster:~# ntpq -p
remote refid st t when poll reach delay offset
jitter
==============================================================================
+ntp01.srv.cat 158.227.98.15 2 u 45 64 377 39.792 4.200
57.956
+ns2.telecom.lt 212.59.3.3 2 u 33 64 377 98.790 -5.831
58.675
*95.130.12.88 193.67.79.202 2 u 48 64 377 51.101 0.739
32.604
root@puppetmaster:~# date
mar feb 19 10:48:30 CET 2013
root@puppetmaster:~# hwclock
mar 19 feb 2013 10:48:32 CET -0.235392 segundos
On the client.
puppetclient01:~ # ntpq -p
remote refid st t when poll reach delay offset
jitter
==============================================================================
LOCAL(0) .LOCL. 10 l 49 64 377 0.000 0.000
0.001
*dnscache-madrid 140.203.204.77 2 u 53 64 377 28.582 1010.30
702.384
+ntp2.tdc.fi .PPS. 1 u 53 64 377 84.603 1009.71
698.465
+iris.wf-hosting 128.138.140.44 2 u 52 64 377 66.561 1003.46
682.697
puppetclient01:~ # date
Tue Feb 19 10:49:23 CET 2013
puppetclient01:~ # hwclock
Tue 19 Feb 2013 10:49:25 AM CET -0.911659 seconds
Well, I’m getting the same result as before in both hosts:
puppet agent --test
err: Could not retrieve catalog from remote server: SSL_connect returned=1
errno=0 state=SSLv3 read server certificate B: certificate verify failed
warning: Not using cache on failed catalog
err: Could not retrieve catalog; skipping run
root@puppetmaster:~# puppet agent --test
Warning: Unable to fetch my node definition, but the agent run will
continue:
Warning: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate
B: certificate verify failed: [certificate signature failure for
/CN=puppetmaster.domain.name]
Info: Retrieving plugin
Error: /File[/var/lib/puppet/lib]: Failed to generate additional resources
using 'eval_generate: SSL_connect returned=1 errno=0 state=SSLv3 read
server certificate B: certificate verify failed: [certificate signature
failure for /CN=puppetmaster.domain.name]
Error: /File[/var/lib/puppet/lib]: Could not evaluate: SSL_connect
returned=1 errno=0 state=SSLv3 read server certificate B: certificate
verify failed: [certificate signature failure for
/CN=puppetmaster.domain.name] Could not retrieve file metadata for
puppet://puppet/plugins: SSL_connect returned=1 errno=0 state=SSLv3 read
server certificate B: certificate verify failed: [certificate signature
failure for /CN=puppetmaster.domain.name]
Error: Could not retrieve catalog from remote server: SSL_connect
returned=1 errno=0 state=SSLv3 read server certificate B: certificate
verify failed: [certificate signature failure for
/CN=puppetmaster.domain.name]
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Error: Could not send report: SSL_connect returned=1 errno=0 state=SSLv3
read server certificate B: certificate verify failed: [certificate
signature failure for /CN=puppetmaster.domain.name]
El viernes, 15 de febrero de 2013 19:22:35 UTC+1, Matt escribió:
>
> Is both servers clock in sync?
>
> On Fri, Feb 15, 2013 at 4:20 AM, Calero <francisc...@ngahr.com<javascript:>>
> wrote:
> > Hi all,
> >
> >
> >
> > I'm trying to understand how puppet works, and my idea is to learn
> > installing a new environment from the scratch.
> >
> >
> >
> > I have the following:
> >
> >
> >
> > Master:
> >
> >
> >
> > cat /etc/debian_version
> >
> > 6.0.6
> >
> > puppet --version
> >
> > 3.1.0
> >
> > cat /etc/hosts
> >
> > 127.0.1.1 puppetmaster.domain.name puppetmaster puppet
> >
> >
> >
> > Client:
> >
> >
> >
> > cat /etc/SuSE-release
> >
> > SUSE Linux Enterprise Server 11 (x86_64)
> >
> > VERSION = 11
> >
> > PATCHLEVEL = 2
> >
> >
> >
> > puppet --version
> >
> > 2.6.12
> >
> > cat /etc/hosts
> >
> > 127.0.0.1 puppetclient01.domain.name puppetclient01
> >
> > 192.168.203.128 puppet puppetmaster.domain.name
> >
> >
> >
> > puppet agent --test
> >
> > info: Creating a new SSL key for puppetclient01.domain.name
> >
> > warning: peer certificate won't be verified in this SSL session
> >
> > warning: peer certificate won't be verified in this SSL session
> >
> > info: Creating a new SSL certificate request for
> puppetclient01.domain.name
> >
> > info: Certificate Request fingerprint (md5):
> > 88:B5:17:BF:DD:39:90:ED:0D:1A:9D:3C:A7:51:8C:D3
> >
> > warning: peer certificate won't be verified in this SSL session
> >
> > warning: peer certificate won't be verified in this SSL session
> >
> > warning: peer certificate won't be verified in this SSL session
> >
> > Exiting; no certificate found and waitforcert is disabled
> >
> >
> >
> > Once I sign it in the server….
> >
> >
> >
> > puppetclient01:~ # puppet agent --test
> >
> > warning: peer certificate won't be verified in this SSL session
> >
> > info: Caching certificate for puppetclient01.domain.name
> >
> > err: Could not retrieve catalog from remote server: SSL_connect
> returned=1
> > errno=0 state=SSLv3 read server certificate B: certificate verify failed
> >
> > warning: Not using cache on failed catalog
> >
> > err: Could not retrieve catalog; skipping run
> >
> >
> >
> > puppet agent --test
> >
> > err: Could not retrieve catalog from remote server: SSL_connect
> returned=1
> > errno=0 state=SSLv3 read server certificate B: certificate verify failed
> >
> > warning: Not using cache on failed catalog
> >
> > err: Could not retrieve catalog; skipping run
> >
> > ----------------------
> >
> >
> >
> > In this point is where i'm struck right now, i have deleted several
> times
> > all certificates both hosts and i'm getting the same kind of error.
> >
> >
> >
> > And this is the ouput if i try to do it in the same server.
> >
> >
> >
> > ------------------
> >
> > puppet agent --test
> >
> > Warning: Unable to fetch my node definition, but the agent run will
> > continue:
> >
> > Warning: SSL_connect returned=1 errno=0 state=SSLv3 read server
> certificate
> > B: certificate verify failed: [certificate signature failure for
> > /CN=puppetmaster.domain.name]
> >
> > Info: Retrieving plugin
> >
> > Error: /File[/var/lib/puppet/lib]: Failed to generate additional
> resources
> > using 'eval_generate: SSL_connect returned=1 errno=0 state=SSLv3 read
> server
> > certificate B: certificate verify failed: [certificate signature failure
> for
> > /CN=puppetmaster.domain.name]
> >
> > Error: /File[/var/lib/puppet/lib]: Could not evaluate: SSL_connect
> > returned=1 errno=0 state=SSLv3 read server certificate B: certificate
> verify
> > failed: [certificate signature failure for /CN=puppetmaster.domain.name]
>
> > Could not retrieve file metadata for
> > puppet://puppetmaster.domain.name/plugins: SSL_connect returned=1
> errno=0
> > state=SSLv3 read server certificate B: certificate verify failed:
> > [certificate signature failure for /CN=puppetmaster.domain.name]
> >
> > Error: Could not retrieve catalog from remote server: SSL_connect
> returned=1
> > errno=0 state=SSLv3 read server certificate B: certificate verify
> failed:
> > [certificate signature failure for /CN=puppetmaster.domain.name]
> >
> > Warning: Not using cache on failed catalog
> >
> > Error: Could not retrieve catalog; skipping run
> >
> > Error: Could not send report: SSL_connect returned=1 errno=0 state=SSLv3
> > read server certificate B: certificate verify failed: [certificate
> signature
> > failure for /CN=puppetmaster.domain.name]
> >
> >
> >
> >
> >
> > Thanks
> >
> >
> > ________________________________
> >
> > This email is sent on behalf of Northgate Information Solutions Limited
> and
> > its associated companies ("Northgate") and is strictly confidential and
> > intended solely for the addressee(s).
> >
> > If you are not the intended recipient of this email you must: (i) not
> > disclose, copy or distribute its contents to any other person nor use
> its
> > contents in any way or you may be acting unlawfully; (ii) contact
> Northgate
> > immediately on +44 (0)1442 232424 quoting the name of the sender and the
> > addressee then delete it from your system.
> >
> > Northgate has taken reasonable precautions to ensure that no viruses are
> > contained in this email, but does not accept any responsibility once
> this
> > email has been transmitted. You should scan attachments (if any) for
> > viruses.
> >
> > ________________________________
> >
> > --
> > You received this message because you are subscribed to the Google
> Groups
> > "Puppet Users" group.
> > To unsubscribe from this group and stop receiving emails from it, send
> an
> > email to puppet-users...@googlegroups.com <javascript:>.
> > To post to this group, send email to
> > puppet...@googlegroups.com<javascript:>.
>
> > Visit this group at http://groups.google.com/group/puppet-users?hl=en.
> > For more options, visit https://groups.google.com/groups/opt_out.
> >
> >
>
--
------------------------------
This email is sent on behalf of Northgate Information Solutions Limited and
its associated companies ("Northgate") and is strictly confidential and
intended solely for the addressee(s).
If you are not the intended recipient of this email you must: (i) not
disclose, copy or distribute its contents to any other person nor use its
contents in any way or you may be acting unlawfully; (ii) contact
Northgate immediately on +44 (0)1442 232424 quoting the name of the sender
and the addressee then delete it from your system.
Northgate has taken reasonable precautions to ensure that no viruses are
contained in this email, but does not accept any responsibility once this
email has been transmitted. You should scan attachments (if any) for
viruses.
------------------------------
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
