DNS Round Robin doesn't work in my environment
56 views
Skip to first unread message
sinux shen
May 17, 2016, 1:27:50 AM5/17/16
to Puppet Users
Hi, I have two puppet master with one puppet CA, I was trying to do SRV stuff for automatically fine the CA server and master server, but it has some problem, please see https://groups.google.com/forum/#!topic/puppet-users/fVqxRM-UPRQ for details,
so I turns to setting DNS round robin instead, but it has some other problem, I added alt_dns_names = puppetmaster, puppetmaster.anim.odw.com.cn in one of my master's puppet.conf, and I redo the certificated request process, and sign the certificated with --allow-dns-alt-names options, I can read the certificate subjuect alternative name:
X509v3 Subject Alternative Name:
DNS:puppetmaster, DNS:puppetmater.anim.odw.com.cn, DNS:smartpxyfm1.anim.odw.com.cn (smartpxyfm1 is the actual server name)
and then I restart puppet master, and ran puppet agent on a client host, it gave me this error that made me very confuse, I added "server = puppetmaster" into my client's puppet.conf, and I got:
Warning: Unable to fetch my node definition, but the agent run will continue:
Warning: Server hostname 'puppetmaster.anim.odw.com.cn' did not match server certificate; expected one of smartpxyfm1.anim.odw.com.cn, DNS:puppetmaster, DNS:puppetmater.anim.odw.com.cn, DNS:smartpxyfm1.anim.odw.com.cn
Info: Retrieving pluginfacts
Error: /File[/var/lib/puppet/facts.d]: Failed to generate additional resources using 'eval_generate': Server hostname 'puppetmaster.anim.odw.com.cn' did not match server certificate; expected one of smartpxyfm1.anim.odw.com.cn, DNS:puppetmaster, DNS:puppetmater.anim.odw.com.cn, DNS:smartpxyfm1.anim.odw.com.cn
Error: /File[/var/lib/puppet/facts.d]: Could not evaluate: Could not retrieve file metadata for puppet://puppetmaster.anim.odw.com.cn/pluginfacts: Server hostname 'puppetmaster.anim.odw.com.cn' did not match server certificate; expected one of smartpxyfm1.anim.odw.com.cn, DNS:puppetmaster, DNS:puppetmater.anim.odw.com.cn, DNS:smartpxyfm1.anim.odw.com.cn
Info: Retrieving plugin
Error: /File[/var/lib/puppet/lib]: Failed to generate additional resources using 'eval_generate': Server hostname 'puppetmaster.anim.odw.com.cn' did not match server certificate; expected one of smartpxyfm1.anim.odw.com.cn, DNS:puppetmaster, DNS:puppetmater.anim.odw.com.cn, DNS:smartpxyfm1.anim.odw.com.cn
Error: /File[/var/lib/puppet/lib]: Could not evaluate: Could not retrieve file metadata for puppet://puppetmaster.anim.odw.com.cn/plugins: Server hostname 'puppetmaster.anim.odw.com.cn' did not match server certificate; expected one of smartpxyfm1.anim.odw.com.cn, DNS:puppetmaster, DNS:puppetmater.anim.odw.com.cn, DNS:smartpxyfm1.anim.odw.com.cn
Info: Loading facts
Could not retrieve fact='printers', resolution='<anonymous>': undefined method `captures' for nil:NilClass
Error: Could not retrieve catalog from remote server: Server hostname 'puppetmaster.anim.odw.com.cn' did not match server certificate; expected one of smartpxyfm1.anim.odw.com.cn, DNS:puppetmaster, DNS:puppetmater.anim.odw.com.cn, DNS:smartpxyfm1.anim.odw.com.cn
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Error: Could not send report: Server hostname 'puppetmaster.anim.odw.com.cn' did not match server certificate; expected one of smartpxyfm1.anim.odw.com.cn, DNS:puppetmaster, DNS:puppetmater.anim.odw.com.cn, DNS:smartpxyfm1.anim.odw.com.cn
Can someone please help to take a look, much appreciated.
Thanks
-Sinux
so I turns to setting DNS round robin instead, but it has some other problem, I added alt_dns_names = puppetmaster, puppetmaster.anim.odw.com.cn in one of my master's puppet.conf, and I redo the certificated request process, and sign the certificated with --allow-dns-alt-names options, I can read the certificate subjuect alternative name:
X509v3 Subject Alternative Name:
DNS:puppetmaster, DNS:puppetmater.anim.odw.com.cn, DNS:smartpxyfm1.anim.odw.com.cn (smartpxyfm1 is the actual server name)
and then I restart puppet master, and ran puppet agent on a client host, it gave me this error that made me very confuse, I added "server = puppetmaster" into my client's puppet.conf, and I got:
Warning: Unable to fetch my node definition, but the agent run will continue:
Warning: Server hostname 'puppetmaster.anim.odw.com.cn' did not match server certificate; expected one of smartpxyfm1.anim.odw.com.cn, DNS:puppetmaster, DNS:puppetmater.anim.odw.com.cn, DNS:smartpxyfm1.anim.odw.com.cn
Info: Retrieving pluginfacts
Error: /File[/var/lib/puppet/facts.d]: Failed to generate additional resources using 'eval_generate': Server hostname 'puppetmaster.anim.odw.com.cn' did not match server certificate; expected one of smartpxyfm1.anim.odw.com.cn, DNS:puppetmaster, DNS:puppetmater.anim.odw.com.cn, DNS:smartpxyfm1.anim.odw.com.cn
Error: /File[/var/lib/puppet/facts.d]: Could not evaluate: Could not retrieve file metadata for puppet://puppetmaster.anim.odw.com.cn/pluginfacts: Server hostname 'puppetmaster.anim.odw.com.cn' did not match server certificate; expected one of smartpxyfm1.anim.odw.com.cn, DNS:puppetmaster, DNS:puppetmater.anim.odw.com.cn, DNS:smartpxyfm1.anim.odw.com.cn
Info: Retrieving plugin
Error: /File[/var/lib/puppet/lib]: Failed to generate additional resources using 'eval_generate': Server hostname 'puppetmaster.anim.odw.com.cn' did not match server certificate; expected one of smartpxyfm1.anim.odw.com.cn, DNS:puppetmaster, DNS:puppetmater.anim.odw.com.cn, DNS:smartpxyfm1.anim.odw.com.cn
Error: /File[/var/lib/puppet/lib]: Could not evaluate: Could not retrieve file metadata for puppet://puppetmaster.anim.odw.com.cn/plugins: Server hostname 'puppetmaster.anim.odw.com.cn' did not match server certificate; expected one of smartpxyfm1.anim.odw.com.cn, DNS:puppetmaster, DNS:puppetmater.anim.odw.com.cn, DNS:smartpxyfm1.anim.odw.com.cn
Info: Loading facts
Could not retrieve fact='printers', resolution='<anonymous>': undefined method `captures' for nil:NilClass
Error: Could not retrieve catalog from remote server: Server hostname 'puppetmaster.anim.odw.com.cn' did not match server certificate; expected one of smartpxyfm1.anim.odw.com.cn, DNS:puppetmaster, DNS:puppetmater.anim.odw.com.cn, DNS:smartpxyfm1.anim.odw.com.cn
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Error: Could not send report: Server hostname 'puppetmaster.anim.odw.com.cn' did not match server certificate; expected one of smartpxyfm1.anim.odw.com.cn, DNS:puppetmaster, DNS:puppetmater.anim.odw.com.cn, DNS:smartpxyfm1.anim.odw.com.cn
Can someone please help to take a look, much appreciated.
Thanks
-Sinux
sinux shen
May 17, 2016, 1:46:39 AM5/17/16
to Puppet Users
sorry, please ignore this, DNS round robin totally works, it was a typo that I had in the puppet.conf, I have fixed it. and now everything works well. Thanks
Reply all
Reply to author
Forward
0 new messages