CA Master Woes
27 views
Skip to first unread message
rjl
May 14, 2015, 6:09:38 PM5/14/15
to puppet...@googlegroups.com
Hi All,
I have spent days trying to get a CA Master configuration setup. I have followed the exactly followed the documentation provided by Puppet cannot seem to determine what I am doing wrong.
I have DNS configured to Round Robin between 2 Non-CA Puppet Masters. I have one CA Puppet Master. I am just using one client for testing right now. The pertinent portions of puppet.conf for all of these are shown at the bottom.
I have done the following:
- Ran the following CA Master.
- puppet master --verbose --no-daemonize
- Ran the following on both the Non-CA Masters. This creates certificates ready to sign on the CA Master.
- puppet agent --test
- Sign both certificates on the the CA Master. Both get signed fine.
- puppet cert --allow-dns-alt-names sign --all
Now when I run 'puppet agent --test' on my client I get the following:
Info: Creating a new SSL key for gpfs-puppetclient-v01.osp.lab.level3.net
Info: Caching certificate for ca
Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for gpfs-puppetclient-v01.osp.lab.level3.net
Info: Certificate Request fingerprint (SHA256): CD:45:B3:6C:6F:0B:EE:43:CF:1A:55:C1:01:DF:D2:C5:AB:DB:BC:EF:DD:54:1F:01:14:98:A4:D5:1D:DB:16:41
Info: Caching certificate for gpfs-puppetclient-v01.osp.lab.level3.net
Info: Caching certificate_revocation_list for ca
Info: Caching certificate for ca
Warning: Unable to fetch my node definition, but the agent run will continue:
Warning: Connection refused - connect(2)
Info: Retrieving pluginfacts
Error: /File[/var/lib/puppet/facts.d]: Failed to generate additional resources using 'eval_generate': Connection refused - connect(2)
Error: /File[/var/lib/puppet/facts.d]: Could not evaluate: Could not retrieve file metadata for puppet://dev-puppetmaster.osp.lab.level3.net/pluginfacts: Connection refused - connect(2)
Info: Retrieving plugin
Error: /File[/var/lib/puppet/lib]: Failed to generate additional resources using 'eval_generate': Connection refused - connect(2)
Error: /File[/var/lib/puppet/lib]: Could not evaluate: Could not retrieve file metadata for puppet://dev-puppetmaster.osp.lab.level3.net/plugins: Connection refused - connect(2)
I am using Passenger.
Thanks in advance. This has been driving me insane.
==================================================
====== Non-CA puppet.conf =========================
==================================================
[main]
ca = false
ca_server = dev-puppetca.osp.lab.level3.net
dns_alt_names = dev-puppetmaster.osp.lab.level3.net,dev-puppetmaster01.osp.lab.level3.net,dev-puppetmaster02.osp.lab.level3.net,dev-puppetca-pri.osp.lab.level3.net,dev-puppetca-sec.osp.lab.level3.net,dev-puppetca.osp.lab.level3.net
==================================================
====== CA puppet.conf ============================
==================================================
[main]
ca = true
certname = dev-puppetca.osp.lab.level3.net
dns_alt_names = dev-puppetmaster01.osp.lab.level3.net,dev-puppetmaster02.osp.lab.level3.net,dev-puppetmaster.osp.lab.level3.net,dev-puppetca-pri.osp.lab.level3.net,dev-puppetca-sec.osp.lab.level3.net,dev-puppetca.osp.lab.level3.net
==================================================
====== Puppet Client puppet.conf =================
==================================================
server = dev-puppetmaster.osp.lab.level3.net
ca_server = dev-puppetca.osp.lab.level3.net
Reply all
Reply to author
Forward
0 new messages