How to deploy puppetserver? I do some stupid mistake, and I don't know which.

[Adam Ryczkowski]

I am trying to redeploy my puppetmaster infrastructure on new hardware.

I am unable to get a simple ("hello world") connection between puppet master and puppet client.

I tried Ubuntu Saucy, and Ubuntu Precise as well as Puppet 3.4.2 and Puppet 3.2.4 (4 combinations in total).

The steps I do are basic:

1. Install 2x vanilla Ubuntu from either ISO or by lxc-template (I used both VirtualBox and LXC container for testing). One will be Puppet server, and one will be Puppet client (will run puppet agent).

2. Set up networking so that both hosts can netcat each other on port 8140 and that both know each other by fqdn. For the last part I edited the /etc/hosts file.

3. Install a single package on "puppetmaster" on server, and "puppet" on client (either the 3.2.4 or 3.4.2 version).

4. On server kill the puppetmaster service and start one manually by "sudo puppet master --no-daemonize --debug --logdest console". The servers runs fine and waits for incoming connections.

5. On client run "sudo puppet agent --test --debug --server <puppetmaster.mydomain.com>.I've got only this error:

Warning: Unable to fetch my node definition, but the agent run will continue:
Warning: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [self signed certificate in certificate chain for /CN=Puppet CA: puppetmaster.mydomain.com]
Info: Retrieving plugin
Error: /File[/var/lib/puppet/lib]: Failed to generate additional resources using 'eval_generate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [self signed certificate in certificate chain for /CN=Puppet CA: puppetmaster.mydomain.com]
Error: /File[/var/lib/puppet/lib]: Could not evaluate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [self signed certificate in certificate chain for /CN=Puppet CA: puppetmaster.mydomain.com] Could not retrieve file metadata for puppet://puppetmaster.mydomain.com/plugins: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [self signed certificate in certificate chain for /CN=Puppet CA: puppetmaster.mydomain.com]
Error: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [self signed certificate in certificate chain for /CN=Puppet CA: puppetmaster.mydomain.com]
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Error: Could not send report: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [self signed certificate in certificate chain for /CN=Puppet CA: puppetmaster.mydomain.com]

What can I do to get the connection?

[Adam Ryczkowski]

Never mind. I've got the answer. I don't know, why I get the idea, that this is a problem with connectivity. The problem was with certificates, just as the output said so.

After regerenerating certificates on puppet master and puppet client (as shown in http://webcache.googleusercontent.com/search?q=cache:d34kqxwodrYJ:projects.puppetlabs.com/projects/1/wiki/certificates_and_security+&cd=1&hl=en&ct=clnk ) everything got fixed.