err: Signing certificate error: Could not render to pson: getaddrinfo: Name or service not known
203 views
Skip to first unread message
lalit jangra
Dec 28, 2012, 12:18:51 AM12/28/12
to puppet...@googlegroups.com
Hi,
I am trying to bootstrap a new agent from my master node as below.
puppet node_aws bootstrap \
--region us-east-1 \
--image ami-cc5af9a5 \
--login root \
--keyfile /root/.ssh/private.pem \
--install-script=puppet-enterprise \
--installer-payload=/usr/local/puppet/puppet-2.7.0.tar.gz \
--installer-answers=/usr/local/puppet/agent.txt \
--keyname icos-client \
--type t1.micro
Node is created & puppet is also installed but i am getting errors as below.
[root@ip-10-224-122-211 tmp]# puppet node_aws bootstrap \
> --region us-east-1 \
> --image ami-cc5af9a5 \
> --login root \
> --keyfile /root/.ssh/private.pem \
> --install-script=puppet-enterprise \
> --installer-payload=/usr/local/puppet/puppet-2.7.0.tar.gz \
> --installer-answers=/usr/local/puppet/agent.txt \
> --keyname icos-client \
> --type t1.micro
notice: Creating new instance ...
notice: Creating new instance ... Done
notice: Creating tags for instance ...
notice: Creating tags for instance ... Done
notice: Launching server i-d47263aa ...
######################
notice: Server i-d47263aa is now launched
notice: Server i-d47263aa public dns name: ec2-174-129-49-32.compute-1.amazonaws.com
notice: Waiting for SSH response ...
Text will be echoed in the clear. Please install the HighLine or Termios libraries to suppress echoed text.
Enter passphrase for /root/.ssh/private.pem:icosroot
notice: Waiting for SSH response ... Done
Enter passphrase for /root/.ssh/private.pem:icosroot
notice: Uploading Puppet Enterprise tarball ...
Enter passphrase for :icosroot
notice: Uploading Puppet Enterprise tarball ... Done
Enter passphrase for :icosroot
notice: Installing Puppet ...
Enter passphrase for :icosroot
Enter passphrase for /root/.ssh/private.pem:icosroot
Enter passphrase for /root/.ssh/private.pem:icosroot
notice: Puppet is now installed on: ec2-174-129-49-32.compute-1.amazonaws.com
notice: No classification method selected
notice: Signing certificate ...
err: Signing certificate ... Failed
err: Signing certificate error: Could not render to pson: getaddrinfo: Name or service not known
I tried to manually sign certificate from master as below
[root@ip-10-224-122-211 tmp]# puppet cert sign ip-10-196-90-236
notice: Signed certificate request for ip-10-196-90-236
notice: Removing file Puppet::SSL::CertificateRequest ip-10-196-90-236 at '/etc/puppetlabs/puppet/ssl/ca/requests/ip-10-196-90-236.pem'
But when i am trying to test from agent, i am getting errors again.
[root@ip-10-196-90-236 ~]# puppet agent -t
info: Retrieving plugin
err: /File[/var/opt/lib/pe-puppet/lib]: Failed to generate additional resources using 'eval_generate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate revoked for /CN=ip-10-224-122-211.ec2.internal]
err: /File[/var/opt/lib/pe-puppet/lib]: Could not evaluate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate revoked for /CN=ip-10-224-122-211.ec2.internal] Could not retrieve file metadata for puppet://ip-10-224-122-211.ec2.internal/plugins: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate revoked for /CN=ip-10-224-122-211.ec2.internal]
err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate revoked for /CN=ip-10-224-122-211.ec2.internal]
warning: Not using cache on failed catalog
err: Could not retrieve catalog; skipping run
err: Could not send report: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate revoked for /CN=ip-10-224-122-211.ec2.internal]
Not sure where i am going wrong. Can anybody help?
Regards.
I am trying to bootstrap a new agent from my master node as below.
puppet node_aws bootstrap \
--region us-east-1 \
--image ami-cc5af9a5 \
--login root \
--keyfile /root/.ssh/private.pem \
--install-script=puppet-enterprise \
--installer-payload=/usr/local/puppet/puppet-2.7.0.tar.gz \
--installer-answers=/usr/local/puppet/agent.txt \
--keyname icos-client \
--type t1.micro
Node is created & puppet is also installed but i am getting errors as below.
[root@ip-10-224-122-211 tmp]# puppet node_aws bootstrap \
> --region us-east-1 \
> --image ami-cc5af9a5 \
> --login root \
> --keyfile /root/.ssh/private.pem \
> --install-script=puppet-enterprise \
> --installer-payload=/usr/local/puppet/puppet-2.7.0.tar.gz \
> --installer-answers=/usr/local/puppet/agent.txt \
> --keyname icos-client \
> --type t1.micro
notice: Creating new instance ...
notice: Creating new instance ... Done
notice: Creating tags for instance ...
notice: Creating tags for instance ... Done
notice: Launching server i-d47263aa ...
######################
notice: Server i-d47263aa is now launched
notice: Server i-d47263aa public dns name: ec2-174-129-49-32.compute-1.amazonaws.com
notice: Waiting for SSH response ...
Text will be echoed in the clear. Please install the HighLine or Termios libraries to suppress echoed text.
Enter passphrase for /root/.ssh/private.pem:icosroot
notice: Waiting for SSH response ... Done
Enter passphrase for /root/.ssh/private.pem:icosroot
notice: Uploading Puppet Enterprise tarball ...
Enter passphrase for :icosroot
notice: Uploading Puppet Enterprise tarball ... Done
Enter passphrase for :icosroot
notice: Installing Puppet ...
Enter passphrase for :icosroot
Enter passphrase for /root/.ssh/private.pem:icosroot
Enter passphrase for /root/.ssh/private.pem:icosroot
notice: Puppet is now installed on: ec2-174-129-49-32.compute-1.amazonaws.com
notice: No classification method selected
notice: Signing certificate ...
err: Signing certificate ... Failed
err: Signing certificate error: Could not render to pson: getaddrinfo: Name or service not known
I tried to manually sign certificate from master as below
[root@ip-10-224-122-211 tmp]# puppet cert sign ip-10-196-90-236
notice: Signed certificate request for ip-10-196-90-236
notice: Removing file Puppet::SSL::CertificateRequest ip-10-196-90-236 at '/etc/puppetlabs/puppet/ssl/ca/requests/ip-10-196-90-236.pem'
But when i am trying to test from agent, i am getting errors again.
[root@ip-10-196-90-236 ~]# puppet agent -t
info: Retrieving plugin
err: /File[/var/opt/lib/pe-puppet/lib]: Failed to generate additional resources using 'eval_generate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate revoked for /CN=ip-10-224-122-211.ec2.internal]
err: /File[/var/opt/lib/pe-puppet/lib]: Could not evaluate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate revoked for /CN=ip-10-224-122-211.ec2.internal] Could not retrieve file metadata for puppet://ip-10-224-122-211.ec2.internal/plugins: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate revoked for /CN=ip-10-224-122-211.ec2.internal]
err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate revoked for /CN=ip-10-224-122-211.ec2.internal]
warning: Not using cache on failed catalog
err: Could not retrieve catalog; skipping run
err: Could not send report: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate revoked for /CN=ip-10-224-122-211.ec2.internal]
Not sure where i am going wrong. Can anybody help?
Regards.
lalit jangra
Dec 28, 2012, 12:48:31 AM12/28/12
to puppet...@googlegroups.com
Hi,
Even when i am trying to connect to master using below command, even then its same error.
puppet agent --server ip-10-224-122-211.ec2.internal --waitforcert 60 --test
Even when i am trying to connect to master using below command, even then its same error.
puppet agent --server ip-10-224-122-211.ec2.internal --waitforcert 60 --test
Reply all
Reply to author
Forward
0 new messages