certname doesn't seem to work on the agent
395 views
Skip to first unread message
Kmbu
Jul 11, 2012, 9:14:47 AM7/11/12
to puppet...@googlegroups.com
Hi guys,
I have a box that needs to identify itself to the puppetmaster as something different from the FQDN. I added certname to the agent configuration before the first run, but it doesn't seem to be sufficient. The certificate was generated for the FQDN, and the host appears in the dashboard as the FQDN, and the node name used to evaluate the manifest is also the FQDN. I would like to set it up so that, for all intents and purposes, the node/agent has a different name.
I'm running Puppet 2.7.6 via Apache/Passenger.
Here is my agent config:
[agent]
# Whether log files should always flush to disk.
autoflush = true
# Reporting setup for Puppet Dashboard
report = true
# Randomize agent runs to avoid clusters
splay = true
# The main Puppet configuration directory. The default for this parameter is calculated based on the user. If the process
# is running as root or the user that Puppet is supposed to run as, it defaults to a system directory, but if it's running as any other user,
# it defaults to being in the user's home directory.
# The default value is '/etc/puppet'.
confdir = <confdir>
# Where Puppet stores dynamic and growing data. The default for this parameter is calculated specially, like `confdir`_.
# The default value is '/var/lib/puppet'.
vardir = <vardir>
# Whether to print stack traces on some errors
trace = true
# How often puppet agent applies the client configuration; in seconds. Note that a runinterval of 0 means run continuously rather than never run.
# If you want puppet agent to never run, you should start it with the --no-client option.
runinterval = 300
# Whether to use colors when logging to the console.
# Valid values are `ansi` (equivalent to `true`), `html` (mostly
# used during testing with TextMate), and `false`, which produces
# no color.
# The default value is 'ansi'.
color = ansi
# The environment Puppet is running in. For clients
# (e.g., `puppet agent`) this determines the environment itself, which
# is used to find modules and much more. For servers (i.e., `puppet master`) this provides the default environment for nodes
# we know nothing about.
# The default value is 'production'.
environment = pre
# Where to find information about nodes.
# The default value is 'plain'.
# node_terminus = plain
# Where the puppet agent web server logs.
# The default value is '$logdir/http.log'.
httplog = <logpath>/http.log
# Send the process into the background. This is the default.
# The default value is 'true'.
daemonize = true
# The name to use when handling certificates. Defaults
# to the fully qualified domain name.
certname = <dns-name-here>
# Where Puppet should look for facts. Multiple directories should
# be colon-separated, like normal PATH variables.
# The default value is '$vardir/lib/facter:$vardir/facts'.
factpath = $vardir/lib/facter:$vardir/facts
# From where to retrieve facts. The standard Puppet `file` type
# is used for retrieval, so anything that is a valid file source can
# be used here.
# The default value is 'puppet://$server/facts/'.
factsource = puppet://<puppetmaster>/facts/
# The pid file
# The default value is '$rundir/$name.pid'.
pidfile = <vardir>/agent.pid
# The user puppet master should run as.
# The default value is 'puppet'.
user = apache
# The group puppet master should run as.
# The default value is 'puppet'.
group = apache
# Wether the master should function as a certificate authority.
# The default value is 'true'.
ca = true
# The search path for modules as a list of directories separated by the ':' character.
# The default value is '$confdir/modules:/usr/share/puppet/modules'.
modulepath = <datadir>/modules
# The explicit value used for the node name for all requests the agent
# makes to the master. WARNING: This setting is mutually exclusive with
# node_name_fact. Changing this setting also requires changes to the default
# auth.conf configuration on the Puppet Master. Please see
# http://links.puppetlabs.com/node_name_value for more information.
# The default value is '$certname'.
# node_name_value =
# The server to which server puppet agent should connect
# The default value is 'puppet'.
server = <puppetmaster>
# Which port puppet agent listens on.
# The default value is '8139'.
puppetport = 8139
# Document all resources
# document_all = false
What am I missing?
Regards,
I have a box that needs to identify itself to the puppetmaster as something different from the FQDN. I added certname to the agent configuration before the first run, but it doesn't seem to be sufficient. The certificate was generated for the FQDN, and the host appears in the dashboard as the FQDN, and the node name used to evaluate the manifest is also the FQDN. I would like to set it up so that, for all intents and purposes, the node/agent has a different name.
I'm running Puppet 2.7.6 via Apache/Passenger.
Here is my agent config:
[agent]
# Whether log files should always flush to disk.
autoflush = true
# Reporting setup for Puppet Dashboard
report = true
# Randomize agent runs to avoid clusters
splay = true
# The main Puppet configuration directory. The default for this parameter is calculated based on the user. If the process
# is running as root or the user that Puppet is supposed to run as, it defaults to a system directory, but if it's running as any other user,
# it defaults to being in the user's home directory.
# The default value is '/etc/puppet'.
confdir = <confdir>
# Where Puppet stores dynamic and growing data. The default for this parameter is calculated specially, like `confdir`_.
# The default value is '/var/lib/puppet'.
vardir = <vardir>
# Whether to print stack traces on some errors
trace = true
# How often puppet agent applies the client configuration; in seconds. Note that a runinterval of 0 means run continuously rather than never run.
# If you want puppet agent to never run, you should start it with the --no-client option.
runinterval = 300
# Whether to use colors when logging to the console.
# Valid values are `ansi` (equivalent to `true`), `html` (mostly
# used during testing with TextMate), and `false`, which produces
# no color.
# The default value is 'ansi'.
color = ansi
# The environment Puppet is running in. For clients
# (e.g., `puppet agent`) this determines the environment itself, which
# is used to find modules and much more. For servers (i.e., `puppet master`) this provides the default environment for nodes
# we know nothing about.
# The default value is 'production'.
environment = pre
# Where to find information about nodes.
# The default value is 'plain'.
# node_terminus = plain
# Where the puppet agent web server logs.
# The default value is '$logdir/http.log'.
httplog = <logpath>/http.log
# Send the process into the background. This is the default.
# The default value is 'true'.
daemonize = true
# The name to use when handling certificates. Defaults
# to the fully qualified domain name.
certname = <dns-name-here>
# Where Puppet should look for facts. Multiple directories should
# be colon-separated, like normal PATH variables.
# The default value is '$vardir/lib/facter:$vardir/facts'.
factpath = $vardir/lib/facter:$vardir/facts
# From where to retrieve facts. The standard Puppet `file` type
# is used for retrieval, so anything that is a valid file source can
# be used here.
# The default value is 'puppet://$server/facts/'.
factsource = puppet://<puppetmaster>/facts/
# The pid file
# The default value is '$rundir/$name.pid'.
pidfile = <vardir>/agent.pid
# The user puppet master should run as.
# The default value is 'puppet'.
user = apache
# The group puppet master should run as.
# The default value is 'puppet'.
group = apache
# Wether the master should function as a certificate authority.
# The default value is 'true'.
ca = true
# The search path for modules as a list of directories separated by the ':' character.
# The default value is '$confdir/modules:/usr/share/puppet/modules'.
modulepath = <datadir>/modules
# The explicit value used for the node name for all requests the agent
# makes to the master. WARNING: This setting is mutually exclusive with
# node_name_fact. Changing this setting also requires changes to the default
# auth.conf configuration on the Puppet Master. Please see
# http://links.puppetlabs.com/node_name_value for more information.
# The default value is '$certname'.
# node_name_value =
# The server to which server puppet agent should connect
# The default value is 'puppet'.
server = <puppetmaster>
# Which port puppet agent listens on.
# The default value is '8139'.
puppetport = 8139
# Document all resources
# document_all = false
What am I missing?
Regards,
Peter Brown
Jul 12, 2012, 2:42:51 AM7/12/12
to puppet...@googlegroups.com
Hi,
Your config looks about right.
Did you drop the current cert and request and sign a new one?
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/puppet-users/-/Zb5d1ZmpTssJ.
> To post to this group, send email to puppet...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
Your config looks about right.
Did you drop the current cert and request and sign a new one?
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/puppet-users/-/Zb5d1ZmpTssJ.
> To post to this group, send email to puppet...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
Kmbu
Jul 12, 2012, 11:04:20 AM7/12/12
to puppet...@googlegroups.com
There was no current cert. It was a new host. The cert was generated using the FQDN..
On Thursday, 12 July 2012 04:42:51 UTC+2, Pete wrote:
On Thursday, 12 July 2012 04:42:51 UTC+2, Pete wrote:
Hi,
Your config looks about right.
Did you drop the current cert and request and sign a new one?
> puppet-users+unsubscribe@googlegroups.com.
Kmbu
Jul 12, 2012, 12:08:34 PM7/12/12
to puppet...@googlegroups.com
I just did another test on another new agent. Same behaviour. The value of certname does not feature in the log at all. Here is the debug level agent log. I've replaced the actual FQDN with <FQDN>. There's no reference to the value set in certname. Seems that it's completely ignored.
debug: Failed to load library 'selinux' for feature 'selinux'
debug: Puppet::Type::File::ProviderWindows: feature microsoft_windows is missing
debug: Failed to load library 'ldap' for feature 'ldap'
debug: Failed to load library 'shadow' for feature 'libshadow'
debug: /File[<DATA-DIR>/run]: Autorequiring File[<DATA-DIR>]
debug: /File[<DATA-DIR>/state]: Autorequiring File[<DATA-DIR>]
debug: /File[<CONF-DIR>/ssl/private_keys/<FQDN>.pem]: Autorequiring File[<CONF-DIR>/ssl/private_keys]
debug: /File[<DATA-DIR>/client_yaml]: Autorequiring File[<DATA-DIR>]
debug: /File[<CONF-DIR>/ssl/certificate_requests]: Autorequiring File[<CONF-DIR>/ssl]
debug: /File[<CONF-DIR>/ssl/public_keys/<FQDN>.pem]: Autorequiring File[<CONF-DIR>/ssl/public_keys]
debug: /File[<CONF-DIR>/ssl]: Autorequiring File[<CONF-DIR>]
debug: /File[<DATA-DIR>/client_data]: Autorequiring File[<DATA-DIR>]
debug: /File[<CONF-DIR>/ssl/private]: Autorequiring File[<CONF-DIR>/ssl]
debug: /File[<CONF-DIR>/ssl/certs/<FQDN>.pem]: Autorequiring File[<CONF-DIR>/ssl/certs]
debug: /File[<DATA-DIR>/lib]: Autorequiring File[<DATA-DIR>]
debug: /File[<CONF-DIR>/ssl/public_keys]: Autorequiring File[<CONF-DIR>/ssl]
debug: /File[<DATA-DIR>/state/graphs]: Autorequiring File[<DATA-DIR>/state]
debug: /File[<DATA-DIR>/log]: Autorequiring File[<DATA-DIR>]
debug: /File[<CONF-DIR>/ssl/certs/ca.pem]: Autorequiring File[<CONF-DIR>/ssl/certs]
debug: /File[<CONF-DIR>/puppet.conf]: Autorequiring File[<CONF-DIR>]
debug: /File[<CONF-DIR>/ssl/private_keys]: Autorequiring File[<CONF-DIR>/ssl]
debug: /File[<DATA-DIR>/facts]: Autorequiring File[<DATA-DIR>]
debug: /File[<CONF-DIR>/ssl/certs]: Autorequiring File[<CONF-DIR>/ssl]
debug: /File[<DATA-DIR>/clientbucket]: Autorequiring File[<DATA-DIR>]
debug: /File[<CONF-DIR>/ssl/private_keys/<FQDN>.pem]/mode: mode changed '640' to '600'
debug: /File[<CONF-DIR>/ssl/private_keys/<FQDN>.pem]: The container <CONF-DIR>/ssl/private_keys/<FQDN>.pem will propagate my refresh event
debug: /File[<CONF-DIR>/ssl/public_keys/<FQDN>.pem]/mode: mode changed '640' to '644'
debug: /File[<CONF-DIR>/ssl/public_keys/<FQDN>.pem]: The container <CONF-DIR>/ssl/public_keys/<FQDN>.pem will propagate my refresh event
debug: /File[<CONF-DIR>/ssl/certs/<FQDN>.pem]/mode: mode changed '640' to '644'
debug: /File[<CONF-DIR>/ssl/certs/<FQDN>.pem]: The container <CONF-DIR>/ssl/certs/<FQDN>.pem will propagate my refresh event
debug: Finishing transaction 2161652120
debug: /File[<CONF-DIR>/ssl/private_keys/<FQDN>.pem]: Autorequiring File[<CONF-DIR>/ssl/private_keys]
debug: /File[<DATA-DIR>/log]: Autorequiring File[<DATA-DIR>]
debug: /File[<DATA-DIR>/state]: Autorequiring File[<DATA-DIR>]
debug: /File[<DATA-DIR>/lib]: Autorequiring File[<DATA-DIR>]
debug: /File[<CONF-DIR>/ssl]: Autorequiring File[<CONF-DIR>]
debug: /File[<DATA-DIR>/run]: Autorequiring File[<DATA-DIR>]
debug: /File[<CONF-DIR>/ssl/public_keys/<FQDN>.pem]: Autorequiring File[<CONF-DIR>/ssl/public_keys]
debug: /File[<CONF-DIR>/ssl/private]: Autorequiring File[<CONF-DIR>/ssl]
debug: /File[<CONF-DIR>/ssl/public_keys]: Autorequiring File[<CONF-DIR>/ssl]
debug: /File[<CONF-DIR>/ssl/certificate_requests]: Autorequiring File[<CONF-DIR>/ssl]
debug: /File[<CONF-DIR>/ssl/certs]: Autorequiring File[<CONF-DIR>/ssl]
debug: /File[<CONF-DIR>/ssl/certs/ca.pem]: Autorequiring File[<CONF-DIR>/ssl/certs]
debug: /File[<CONF-DIR>/ssl/private_keys]: Autorequiring File[<CONF-DIR>/ssl]
debug: /File[<DATA-DIR>/facts]: Autorequiring File[<DATA-DIR>]
debug: /File[<CONF-DIR>/ssl/certs/<FQDN>.pem]: Autorequiring File[<CONF-DIR>/ssl/certs]
debug: Finishing transaction 2160330700
debug: Using cached certificate for ca
debug: Using cached certificate for <FQDN>
info: Sleeping for 102 seconds (splay is enabled)
debug: Finishing transaction 2162067520
info: Retrieving plugin
debug: file_metadata supports formats: b64_zlib_yaml marshal pson raw yaml; using pson
debug: Using cached certificate for ca
debug: Using cached certificate for <FQDN>
info: Caching certificate_revocation_list for ca
notice: /File[<DATA-DIR>/lib]/mode: mode changed '755' to '775'
debug: /File[<DATA-DIR>/lib]: The container <DATA-DIR>/lib will propagate my refresh event
notice: /File[<DATA-DIR>/lib/facter]/ensure: created
debug: /File[<DATA-DIR>/lib/facter]: The container <DATA-DIR>/lib/facter will propagate my refresh event
debug: <DATA-DIR>/lib/facter: The container <DATA-DIR>/lib will propagate my refresh event
notice: /File[<DATA-DIR>/lib/facter/opco.rb]/ensure: defined content as '{md5}b8c8355306bac503c7a40a41667354bf'
debug: /File[<DATA-DIR>/lib/facter/opco.rb]: The container <DATA-DIR>/lib/facter/opco.rb will propagate my refresh event
notice: /File[<DATA-DIR>/lib/facter/env.rb]/ensure: defined content as '{md5}e2e9a41cc4f52a8fa807ec3a1f99fdfd'
debug: /File[<DATA-DIR>/lib/facter/env.rb]: The container <DATA-DIR>/lib/facter/env.rb will propagate my refresh event
debug: <DATA-DIR>/lib/facter/env.rb: The container <DATA-DIR>/lib will propagate my refresh event
debug: <DATA-DIR>/lib/facter/opco.rb: The container <DATA-DIR>/lib will propagate my refresh event
debug: Finishing transaction 2161732220
info: Loading downloaded plugin <DATA-DIR>/lib/facter/opco.rb
info: Loading downloaded plugin <DATA-DIR>/lib/facter/env.rb
info: Loading facts in env
info: Loading facts in opco
info: Loading facts in env
info: Loading facts in opco
debug: catalog supports formats: b64_zlib_yaml dot marshal pson raw yaml; using pson
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/indirector/rest.rb:56:in `deserialize'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/indirector/rest.rb:120:in `find'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/indirector/indirection.rb:189:in `find'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/configurer.rb:237:in `retrieve_new_catalog'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/util.rb:464:in `thinmark'
<RUBY-DIR>/lib/ruby/1.8/benchmark.rb:308:in `realtime'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/util.rb:463:in `thinmark'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/configurer.rb:236:in `retrieve_new_catalog'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/configurer.rb:86:in `retrieve_catalog'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/configurer.rb:112:in `retrieve_and_apply_catalog'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/configurer.rb:151:in `run'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/agent.rb:39:in `run'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/agent/locker.rb:21:in `lock'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/agent.rb:39:in `run'
<RUBY-DIR>/lib/ruby/1.8/sync.rb:230:in `synchronize'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/agent.rb:39:in `run'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/agent.rb:103:in `with_client'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/agent.rb:37:in `run'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/application.rb:172:in `call'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/application.rb:172:in `controlled_run'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/agent.rb:35:in `run'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/application/agent.rb:336:in `onetime'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/application/agent.rb:310:in `run_command'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/application.rb:306:in `run'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/application.rb:410:in `hook'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/application.rb:306:in `run'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/application.rb:401:in `exit_on_fail'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/application.rb:306:in `run'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/bin/puppetd:4
<BIN-DIR>/puppetd:19:in `load'
<BIN-DIR>/puppetd:19
err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not find data item puppet_user in any Hiera data file and no default supplied at <DATA-DIR>/modules/puppet/manifests/init.pp:3 on node <FQDN>
notice: Using cached catalog
err: Could not retrieve catalog; skipping run
debug: Value of 'preferred_serialization_format' (pson) is invalid for report, using default (b64_zlib_yaml)
debug: report supports formats: b64_zlib_yaml marshal raw yaml; using b64_zlib_yaml
Regards,
debug: Failed to load library 'selinux' for feature 'selinux'
debug: Puppet::Type::File::ProviderWindows: feature microsoft_windows is missing
debug: Failed to load library 'ldap' for feature 'ldap'
debug: Failed to load library 'shadow' for feature 'libshadow'
debug: /File[<DATA-DIR>/run]: Autorequiring File[<DATA-DIR>]
debug: /File[<DATA-DIR>/state]: Autorequiring File[<DATA-DIR>]
debug: /File[<CONF-DIR>/ssl/private_keys/<FQDN>.pem]: Autorequiring File[<CONF-DIR>/ssl/private_keys]
debug: /File[<DATA-DIR>/client_yaml]: Autorequiring File[<DATA-DIR>]
debug: /File[<CONF-DIR>/ssl/certificate_requests]: Autorequiring File[<CONF-DIR>/ssl]
debug: /File[<CONF-DIR>/ssl/public_keys/<FQDN>.pem]: Autorequiring File[<CONF-DIR>/ssl/public_keys]
debug: /File[<CONF-DIR>/ssl]: Autorequiring File[<CONF-DIR>]
debug: /File[<DATA-DIR>/client_data]: Autorequiring File[<DATA-DIR>]
debug: /File[<CONF-DIR>/ssl/private]: Autorequiring File[<CONF-DIR>/ssl]
debug: /File[<CONF-DIR>/ssl/certs/<FQDN>.pem]: Autorequiring File[<CONF-DIR>/ssl/certs]
debug: /File[<DATA-DIR>/lib]: Autorequiring File[<DATA-DIR>]
debug: /File[<CONF-DIR>/ssl/public_keys]: Autorequiring File[<CONF-DIR>/ssl]
debug: /File[<DATA-DIR>/state/graphs]: Autorequiring File[<DATA-DIR>/state]
debug: /File[<DATA-DIR>/log]: Autorequiring File[<DATA-DIR>]
debug: /File[<CONF-DIR>/ssl/certs/ca.pem]: Autorequiring File[<CONF-DIR>/ssl/certs]
debug: /File[<CONF-DIR>/puppet.conf]: Autorequiring File[<CONF-DIR>]
debug: /File[<CONF-DIR>/ssl/private_keys]: Autorequiring File[<CONF-DIR>/ssl]
debug: /File[<DATA-DIR>/facts]: Autorequiring File[<DATA-DIR>]
debug: /File[<CONF-DIR>/ssl/certs]: Autorequiring File[<CONF-DIR>/ssl]
debug: /File[<DATA-DIR>/clientbucket]: Autorequiring File[<DATA-DIR>]
debug: /File[<CONF-DIR>/ssl/private_keys/<FQDN>.pem]/mode: mode changed '640' to '600'
debug: /File[<CONF-DIR>/ssl/private_keys/<FQDN>.pem]: The container <CONF-DIR>/ssl/private_keys/<FQDN>.pem will propagate my refresh event
debug: /File[<CONF-DIR>/ssl/public_keys/<FQDN>.pem]/mode: mode changed '640' to '644'
debug: /File[<CONF-DIR>/ssl/public_keys/<FQDN>.pem]: The container <CONF-DIR>/ssl/public_keys/<FQDN>.pem will propagate my refresh event
debug: /File[<CONF-DIR>/ssl/certs/<FQDN>.pem]/mode: mode changed '640' to '644'
debug: /File[<CONF-DIR>/ssl/certs/<FQDN>.pem]: The container <CONF-DIR>/ssl/certs/<FQDN>.pem will propagate my refresh event
debug: Finishing transaction 2161652120
debug: /File[<CONF-DIR>/ssl/private_keys/<FQDN>.pem]: Autorequiring File[<CONF-DIR>/ssl/private_keys]
debug: /File[<DATA-DIR>/log]: Autorequiring File[<DATA-DIR>]
debug: /File[<DATA-DIR>/state]: Autorequiring File[<DATA-DIR>]
debug: /File[<DATA-DIR>/lib]: Autorequiring File[<DATA-DIR>]
debug: /File[<CONF-DIR>/ssl]: Autorequiring File[<CONF-DIR>]
debug: /File[<DATA-DIR>/run]: Autorequiring File[<DATA-DIR>]
debug: /File[<CONF-DIR>/ssl/public_keys/<FQDN>.pem]: Autorequiring File[<CONF-DIR>/ssl/public_keys]
debug: /File[<CONF-DIR>/ssl/private]: Autorequiring File[<CONF-DIR>/ssl]
debug: /File[<CONF-DIR>/ssl/public_keys]: Autorequiring File[<CONF-DIR>/ssl]
debug: /File[<CONF-DIR>/ssl/certificate_requests]: Autorequiring File[<CONF-DIR>/ssl]
debug: /File[<CONF-DIR>/ssl/certs]: Autorequiring File[<CONF-DIR>/ssl]
debug: /File[<CONF-DIR>/ssl/certs/ca.pem]: Autorequiring File[<CONF-DIR>/ssl/certs]
debug: /File[<CONF-DIR>/ssl/private_keys]: Autorequiring File[<CONF-DIR>/ssl]
debug: /File[<DATA-DIR>/facts]: Autorequiring File[<DATA-DIR>]
debug: /File[<CONF-DIR>/ssl/certs/<FQDN>.pem]: Autorequiring File[<CONF-DIR>/ssl/certs]
debug: Finishing transaction 2160330700
debug: Using cached certificate for ca
debug: Using cached certificate for <FQDN>
info: Sleeping for 102 seconds (splay is enabled)
debug: Finishing transaction 2162067520
info: Retrieving plugin
debug: file_metadata supports formats: b64_zlib_yaml marshal pson raw yaml; using pson
debug: Using cached certificate for ca
debug: Using cached certificate for <FQDN>
info: Caching certificate_revocation_list for ca
notice: /File[<DATA-DIR>/lib]/mode: mode changed '755' to '775'
debug: /File[<DATA-DIR>/lib]: The container <DATA-DIR>/lib will propagate my refresh event
notice: /File[<DATA-DIR>/lib/facter]/ensure: created
debug: /File[<DATA-DIR>/lib/facter]: The container <DATA-DIR>/lib/facter will propagate my refresh event
debug: <DATA-DIR>/lib/facter: The container <DATA-DIR>/lib will propagate my refresh event
notice: /File[<DATA-DIR>/lib/facter/opco.rb]/ensure: defined content as '{md5}b8c8355306bac503c7a40a41667354bf'
debug: /File[<DATA-DIR>/lib/facter/opco.rb]: The container <DATA-DIR>/lib/facter/opco.rb will propagate my refresh event
notice: /File[<DATA-DIR>/lib/facter/env.rb]/ensure: defined content as '{md5}e2e9a41cc4f52a8fa807ec3a1f99fdfd'
debug: /File[<DATA-DIR>/lib/facter/env.rb]: The container <DATA-DIR>/lib/facter/env.rb will propagate my refresh event
debug: <DATA-DIR>/lib/facter/env.rb: The container <DATA-DIR>/lib will propagate my refresh event
debug: <DATA-DIR>/lib/facter/opco.rb: The container <DATA-DIR>/lib will propagate my refresh event
debug: Finishing transaction 2161732220
info: Loading downloaded plugin <DATA-DIR>/lib/facter/opco.rb
info: Loading downloaded plugin <DATA-DIR>/lib/facter/env.rb
info: Loading facts in env
info: Loading facts in opco
info: Loading facts in env
info: Loading facts in opco
debug: catalog supports formats: b64_zlib_yaml dot marshal pson raw yaml; using pson
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/indirector/rest.rb:56:in `deserialize'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/indirector/rest.rb:120:in `find'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/indirector/indirection.rb:189:in `find'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/configurer.rb:237:in `retrieve_new_catalog'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/util.rb:464:in `thinmark'
<RUBY-DIR>/lib/ruby/1.8/benchmark.rb:308:in `realtime'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/util.rb:463:in `thinmark'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/configurer.rb:236:in `retrieve_new_catalog'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/configurer.rb:86:in `retrieve_catalog'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/configurer.rb:112:in `retrieve_and_apply_catalog'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/configurer.rb:151:in `run'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/agent.rb:39:in `run'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/agent/locker.rb:21:in `lock'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/agent.rb:39:in `run'
<RUBY-DIR>/lib/ruby/1.8/sync.rb:230:in `synchronize'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/agent.rb:39:in `run'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/agent.rb:103:in `with_client'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/agent.rb:37:in `run'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/application.rb:172:in `call'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/application.rb:172:in `controlled_run'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/agent.rb:35:in `run'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/application/agent.rb:336:in `onetime'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/application/agent.rb:310:in `run_command'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/application.rb:306:in `run'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/application.rb:410:in `hook'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/application.rb:306:in `run'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/application.rb:401:in `exit_on_fail'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/lib/puppet/application.rb:306:in `run'
<RUBY-DIR>/lib/ruby/gems/1.8/gems/puppet-2.7.6/bin/puppetd:4
<BIN-DIR>/puppetd:19:in `load'
<BIN-DIR>/puppetd:19
err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not find data item puppet_user in any Hiera data file and no default supplied at <DATA-DIR>/modules/puppet/manifests/init.pp:3 on node <FQDN>
notice: Using cached catalog
err: Could not retrieve catalog; skipping run
debug: Value of 'preferred_serialization_format' (pson) is invalid for report, using default (b64_zlib_yaml)
debug: report supports formats: b64_zlib_yaml marshal raw yaml; using b64_zlib_yaml
Regards,
Peter Brown
Jul 13, 2012, 12:59:29 AM7/13/12
to puppet...@googlegroups.com
You will need to generate the certificate with the name you want to
use other wise it will use the fqdn.
Try using --certname=name_you_want on the command line when you
request the certificate.
>> > puppet-users...@googlegroups.com.
use other wise it will use the fqdn.
Try using --certname=name_you_want on the command line when you
request the certificate.
>> > For more options, visit this group at
>> > http://groups.google.com/group/puppet-users?hl=en.
>
>> > http://groups.google.com/group/puppet-users?hl=en.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/puppet-users/-/ygOrKuNpPIgJ.
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To view this discussion on the web visit
>
> To post to this group, send email to puppet...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users...@googlegroups.com.
> To post to this group, send email to puppet...@googlegroups.com.
> To unsubscribe from this group, send email to
Kmbu
Jul 13, 2012, 12:32:43 PM7/13/12
to puppet...@googlegroups.com
Ah! It works. Thanks a lot for your help.
On Friday, 13 July 2012 02:59:29 UTC+2, Pete wrote:
On Friday, 13 July 2012 02:59:29 UTC+2, Pete wrote:
You will need to generate the certificate with the name you want to
use other wise it will use the fqdn.
Try using --certname=name_you_want on the command line when you
request the certificate.
>> > puppet-users+unsubscribe@googlegroups.com.
>> > For more options, visit this group at
>> > http://groups.google.com/group/puppet-users?hl=en.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/puppet-users/-/ygOrKuNpPIgJ.
>
> To post to this group, send email to puppet...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscribe@googlegroups.com.
Peter Brown
Jul 16, 2012, 2:30:36 AM7/16/12
to puppet...@googlegroups.com
You are welcome.
Happy to help.
>> >> > puppet-users...@googlegroups.com.
Happy to help.
>> >> > For more options, visit this group at
>> >> > http://groups.google.com/group/puppet-users?hl=en.
>> >
>> > --
>> > You received this message because you are subscribed to the Google
>> > Groups
>> > "Puppet Users" group.
>> > To view this discussion on the web visit
>> > https://groups.google.com/d/msg/puppet-users/-/ygOrKuNpPIgJ.
>> >
>> > To post to this group, send email to puppet...@googlegroups.com.
>> > To unsubscribe from this group, send email to
>> > puppet-users...@googlegroups.com.
>> >> > http://groups.google.com/group/puppet-users?hl=en.
>> >
>> > --
>> > You received this message because you are subscribed to the Google
>> > Groups
>> > "Puppet Users" group.
>> > To view this discussion on the web visit
>> > https://groups.google.com/d/msg/puppet-users/-/ygOrKuNpPIgJ.
>> >
>> > To post to this group, send email to puppet...@googlegroups.com.
>> > To unsubscribe from this group, send email to
>> > For more options, visit this group at
>> > http://groups.google.com/group/puppet-users?hl=en.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/puppet-users/-/7NhzvYIFpOIJ.
>> > http://groups.google.com/group/puppet-users?hl=en.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To view this discussion on the web visit
>
> To post to this group, send email to puppet...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users...@googlegroups.com.
> To post to this group, send email to puppet...@googlegroups.com.
> To unsubscribe from this group, send email to
Reply all
Reply to author
Forward
0 new messages