Installation and Configuration History:

sudo yum install ruby
sudo yum install rdoc
sudo nano /etc/yum.repos.d/epel.repo
###
[epel-puppet]
name=epel puppet
baseurl=http://tmz.fedorapeople.org/repo/puppet/epel/6/i386/
enabled=0
gpgcheck=0
###

[master]
sudo yum --enablerepo=epel-puppet install puppet-server
[client]
sudo yum --enablerepo=epel-puppet install puppet

ruby -v
facter -v
puppet --version
id puppet

[master]
sudo puppet master --verbose --no-daemonize
sudo puppet master
ps aux | grep "puppet"
sudo nano /etc/sysconfig/iptables
###
#-A INPUT -j REJECT --reject-with icmp-host-prohibited
###
sudo service iptables restart
[client]
sudo nano /etc/sysconfig/iptables
###
#-A INPUT -j REJECT --reject-with icmp-host-prohibited
###
sudo service iptables restart
sudo puppet agent --test --server=itgt-puppetm-ex.cern.ch --waitforcert 6
[master]
sudo puppetca --list
sudo puppetca --sign itgt-puppetb-ex.cern.ch
[master]
cd /etc/puppet/manifests
sudo nano site.pp
###
class motd {
file { "/etc/motd":
path => "/etc/motd",
ensure => present,
mode => "0641",
content => "Haha\n",
}
}

node 'default' {
include motd
}

###
sudo puppet apply site.pp
sudo cat /etc/motd
[client]
sudo nano /etc/puppet/puppet.conf
###
server = itgt-puppetm-ex.cern.ch
report = true
listen = true
###
sudo nano /etc/puppet/auth.conf
###
path /run
method save
allow itgt-puppetm-ex.cern.ch
###
sudo nano /etc/puppet/namespaceauth.conf
###
[puppetrunner]
allow itgt-puppetm-ex.cern.ch
###
sudo /etc/init.d/puppet start
sudo chkconfig puppet on
[master]
sudo puppetrun --ignoreschedules itgt-puppetb-ex.cern.ch

Errors:

err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not find default node or by name with 'itgt-puppeta-ex.cern.ch, itgt-puppeta-ex.cern, itgt-puppeta-ex' on node itgt-puppeta-ex.cern.ch warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run

Solution: The manifest does not contain definition for node 'itgt-puppeta-ex'.

Triggering itgt-puppeta-ex.cern.ch Host itgt-puppeta-ex.cern.ch failed: Connection refused - connect(2) itgt-puppeta-ex.cern.ch finished with exit code 2 Failed: itgt-puppeta-ex.cern.ch

Solution: Configure auth.conf, namespaceauth.conf and puppet.conf

err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run

Solution 1: Check the sys time(ntpdate)
Solution 2: Check the 'fqdn' of the master machine and user '--server' to set it(in the test environment it is 'itgt-puppetm-ex.cern.ch instead of only 'itgt-puppetm-ex')

err: /File[/etc/puppet/files/test.sh]: Could not evaluate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed Could not retrieve file metadata for puppet://puppet/files/test.sh: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed at /etc/puppet/manifests/site.pp:18

Solution: Add to /etc/hosts - 128.142.164.79 itgt-puppetm-ex.cern.ch itgt-puppetm-ex puppet puppetmaster

err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run err: Could not send report: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed

Solution: Restart the puppet master deamon

Triggering itgt-puppeta-ex.cern.ch Host itgt-puppeta-ex.cern.ch failed: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed itgt-puppeta-ex.cern.ch finished with exit code 2 Failed: itgt-puppeta-ex.cern.ch

Solution: Restart the puppet deamon

-- GeorgiZlatkov - 21-Jun-2011

Edit | Attach | Watch | Print version | History: r9 < r8 < r7 < r6 < r5 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r9 - 2011-07-01 - unknown
 
    • Cern Search Icon Cern Search
    • TWiki Search Icon TWiki Search
    • Google Search Icon Google Search

    ITGT All webs login

This site is powered by the TWiki collaboration platform Powered by PerlCopyright & 2008-2020 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback