Thank you for your reply; let me share Sentry is the server, lockbox is the client and scribe is activemq iptables shut off on all, all sit in same vlan Port up and listening with connection from server [root@scribe activemq]# netstat -na | grep 61614 tcp 0 0 :::61614 :::* LISTEN tcp 0 0 ::ffff:139.140.228.18:61614 ::ffff:139.140.228.15:58976 ESTABLISHED /etc/mcollective/server.cfg below # /etc/mcollective/server.cfg # Connector settings (required): # ----------------------------- connector = activemq direct_addressing = 1 # ActiveMQ connector settings: plugin.activemq.pool.size = 1 plugin.activemq.pool.1.host = scribe.bowdoin.edu plugin.activemq.pool.1.port = 61614 plugin.activemq.pool.1.user = mcollective plugin.activemq.pool.1.password = secret plugin.activemq.pool.1.ssl = 1 plugin.activemq.pool.1.ssl.ca = /var/lib/puppet/ssl/certs/ca.pem plugin.activemq.pool.1.ssl.cert = /var/lib/puppet/ssl/certs/sentry.bowdoin.edu.pem plugin.activemq.pool.1.ssl.key = /var/lib/puppet/ssl/private_keys/sentry.bowdoin.edu.pem plugin.activemq.pool.1.ssl.fallback = 0 # RabbitMQ connector settings: plugin.rabbitmq.vhost = /mcollective plugin.rabbitmq.pool.size = 1 plugin.rabbitmq.pool.1.host = scribe.bowdoin.edu # ... etc., similar to activemq settings # Security plugin settings (required): # ----------------------------------- securityprovider = ssl # SSL plugin settings: plugin.ssl_client_cert_dir = /etc/mcollective/clients plugin.ssl_server_private = /etc/mcollective/sentry.bowdoin.edu-priv.pem plugin.ssl_server_public = /etc/mcollective/sentry.bowdoin.edu-pub.pem # PSK plugin settings: plugin.psk = j9q8kx7fnuied9e # Facts, identity, and classes (recommended): # ------------------------------------------ factsource = yaml plugin.yaml = /etc/mcollective/facts.yaml fact_cache_time = 300 identity = sentry.bowdoin.edu classesfile = /var/lib/puppet/state/classes.txt # Registration (recommended): # ----------------------- registerinterval = 600 registration = agentlist registration_collective = mcollective # Subcollectives (optional): # ------------------------- #collectives = mcollective,uk_collective #main_collective = mcollective # Auditing (optional): # ------------------- rpcaudit = 1 rpcauditprovider = logfile plugin.rpcaudit.logfile = /var/log/mcollective-audit.log # Authorization (optional): # ------------------------ rpcauthorization = 1 rpcauthprovider = action_policy # Logging: # ------- logger_type = file loglevel = debug logfile = /var/log/mcollective.log keeplogs = 5 max_log_size = 2097152 logfacility = user # Platform defaults: # ----------------- daemonize = 1 libdir = /usr/libexec/mcollective ssl_cipher = aes-256-cbc Client Config located ~/.mcollective
# ~/.mcollective # or # /etc/mcollective/client.cfg # Connector settings (required): # ----------------------------- connector = activemq direct_addressing = 1 # ActiveMQ connector settings: plugin.activemq.pool.size = 1 plugin.activemq.pool.1.host = scribe.bowdoin.edu plugin.activemq.pool.1.port = 61614 plugin.activemq.pool.1.user = mcollective plugin.activemq.pool.1.password = secret plugin.activemq.pool.1.ssl = 1 plugin.activemq.pool.1.ssl.ca = /home/testuser/.mcollective.d/credentials/certs/ca.pem plugin.activemq.pool.1.ssl.cert = /home/testuser/.mcollective.d/credentials/certs/lockbox.bowdoin.edu.pem plugin.activemq.pool.1.ssl.key = /home/testuser/.mcollective.d/credentials/private_keys/lockbox.bowdoin.edu.pem plugin.activemq.pool.1.ssl.fallback = 0 # RabbitMQ connector settings: plugin.rabbitmq.vhost = /mcollective plugin.rabbitmq.pool.size = 1 plugin.rabbitmq.pool.1.host = scribe.bowdoin.edu plugin.rabbitmq.pool.1.port = 61613 # ... etc., similar to activemq settings # Security plugin settings (required): # ----------------------------------- securityprovider = ssl # SSL plugin settings: plugin.ssl_server_public = /home/testuser/.mcollective.d/credentials/certs/mcollective-servers.pem #plugin.ssl_server_public = /home/testuser/.mcollective.d/credentials/certs/lockbox.bowdoin.edu.pem plugin.ssl_client_private = /home/testuser/.mcollective.d/credentials/private_keys/testuser.pem plugin.ssl_client_public = /home/testuser/.mcollective.d/credentials/certs/testuser.pem # PSK plugin settings: plugin.psk = j9q8kx7fnuied9e # Interface settings (optional): # ------------------------------ # Discovery settings: default_discovery_method = mc # default_discovery_options = /etc/mcollective/nodes.txt # Performance settings: direct_addressing_threshold = 10 ttl = 60 # Miscellaneous settings: color = 1 rpclimitmethod = first # Subcollectives (optional): # ----------------------------------- collectives = mcollective,uk_collective main_collective = mcollective # Advanced settings and platform defaults: # ----------------------------------- logger_type = console loglevel = debug logfile = /var/log/mcollective.log keeplogs = 5 max_log_size = 2097152 logfacility = user libdir = /usr/libexec/mcollective rpchelptemplate = /etc/mcollective/rpc-help.erb helptemplatedir = /etc/mcollective ssl_cipher = aes-256-cbc On Wednesday, May 29, 2013 5:18:20 PM UTC-4, Brendan O'Bra wrote: > Does /etc/mcollective/server.cfg look correct (port, servername, etc.)? > Is activemq running (and on correct port)? > iptables blocking anything? > > The MCollective module can make things a little easier, btw: > https://forge.puppetlabs.com/puppetlabs/mcollective > > > On Wed, May 29, 2013 at 2:12 PM, Mike Bowden > <michael....@gmail.com<javascript:> > > wrote: > >> I am currently trying to get mcollective 2.2.4 up and running on RHEL >> 6 activeqm appears to be running and bound to the correct port, I see >> the server and client connections to the activemq box. However when I >> run mco ping all "seems to go well" except I get "No responses >> recieved" and above that I get the following log messages, >> >> debug 2013/05/29 17:02:12: activemq.rb:233:in `receive' Waiting for a >> message from ActiveMQ >> debug 2013/05/29 17:02:13: pluginmanager.rb:83:in `[]' Returning >> cached plugin security_plugin with class MCollective::Security::Ssl >> debug 2013/05/29 17:02:13: ssl.rb:222:in `deserialize' De-Serializing >> using marshal >> debug 2013/05/29 17:02:13: ssl.rb:175:in `validrequest?' Validating >> request from >> debug 2013/05/29 17:02:13: runnerstats.rb:43:in `unvalidated' >> Incrementing unvalidated stat >> warn 2013/05/29 17:02:13: client.rb:99:in `receive' Ignoring a message >> that did not pass security validations >> debug 2013/05/29 17:02:13: activemq.rb:233:in `receive' Waiting for a >> message from ActiveMQ >> debug 2013/05/29 17:02:17: client.rb:73:in `unsubscribe' Unsubscribing >> reply target for discovery >> >> >> Does anyone have any suggestions as to where to look next? >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to puppet-users...@googlegroups.com <javascript:>. >> To post to this group, send email to puppet...@googlegroups.com<javascript:> >> . >> Visit this group at http://groups.google.com/group/puppet-users?hl=en. >> For more options, visit https://groups.google.com/groups/opt_out. >> >> >> > > > -- > GVoice: 707.410.0371 <#> > LinkedIn: http://www.linkedin.com/in/brendanobra > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
