Puppet over stunnel fileserver issues
28 views
Skip to first unread message
jlittle
Aug 18, 2014, 2:33:02 PM8/18/14
to puppet...@googlegroups.com
I have two remote locations and my puppetmaster is behind a firewall and I want to allow access to it through stunnel so I tunneled the port to a client machine and aliased the puppetmasters name to localhost. I can connect to the puppetmaster and my external node classifier can identify the server and assign it a class but I can't seen to get transfers from the fileserver. My guess is that its trying to use random ports like an ftp server would so I though I would throw this question to the group to see if anyone else has had any luck or what people are doing with remote locations and 1 puppetmaster.
Jason
IMPORTANT NOTICE: This message, including any attachments (hereinafter collectively referred to as "Communication"), is intended only for the addressee(s) named above. This Communication may include information that is privileged, confidential and exempt from disclosure under applicable law. If the recipient of this Communication is not the intended recipient, or the employee or agent responsible for delivering this Communication to the intended recipient, you are notified that any dissemination, distribution or copying of this Communication is strictly prohibited. If you have received this Communication in error, please notify the sender immediately by phone or email and permanently delete this Communication from your computer without making a copy. Thank you.
Felix Frank
Aug 25, 2014, 5:50:43 PM8/25/14
to puppet...@googlegroups.com
On 08/18/2014 08:33 PM, jlittle wrote:
>
> I have two remote locations and my puppetmaster is behind a firewall
> and I want to allow access to it through stunnel so I tunneled the
> port to a client machine and aliased the puppetmasters name to
> localhost. I can connect to the puppetmaster and my external node
> classifier can identify the server and assign it a class but I can't
> seen to get transfers from the fileserver. My guess is that its
> trying to use random ports like an ftp server would so I though I
> would throw this question to the group to see if anyone else has had
> any luck or what people are doing with remote locations and 1
> puppetmaster.
>
> Jason
Hi,
>
> I have two remote locations and my puppetmaster is behind a firewall
> and I want to allow access to it through stunnel so I tunneled the
> port to a client machine and aliased the puppetmasters name to
> localhost. I can connect to the puppetmaster and my external node
> classifier can identify the server and assign it a class but I can't
> seen to get transfers from the fileserver. My guess is that its
> trying to use random ports like an ftp server would so I though I
> would throw this question to the group to see if anyone else has had
> any luck or what people are doing with remote locations and 1
> puppetmaster.
>
> Jason
no, all Puppet calls use the same port ($masterport).
I marvel at your setup. Would you mind sharing the stunnel configuration
for posterity?
Is your master's private key shared with the stunnel process? That
sounds exceedingly dangerous.
Cheers,
Felix
Reply all
Reply to author
Forward
0 new messages