ruby - How do I get Puppet Master to run a manifest against a Puppet Agent node when there are different errors? -

-

i have set puppet master , puppet agent server in 1 network. have signed puppet agent's cert request puppet master server. trying run manifest puppet master against puppet agent server, failing. newmanifest.pp on both puppet master servers calls puppet agent through fqdn. /etc/hosts file on both servers has entries of fqdn of both servers , ip addresses. can ping each server other. can ssh each server other.

all 4 of these servers in both networks have centos 7 os open source puppet version 3.8.4. firewalls turned off on 4 machines. these ports not blocked on intermediate path: 22, 443, 8140, , 61610 on either network between puppet master , puppet agent servers.

in network one, expect manifests compile. never have.

i tried sshd_config` use ports 22, 443, 8140, , 61610 on both puppet master , puppet agent. when use puppet master:

puppet agent -t newmanifest.pp --server='foobar.acme.com'

i error:

unable fetch node definition, agent continue: warning: connection refused - connect(2).

i tried again sshdconfig not use ports specifically. recycled sshdconfig services. run same command:

puppet agent -t newmanifest.pp --server='foobar.acme.com'

i different error:

unable fetch node definition, agent run continue: connection refused - connect(2).

i tried command (with no explicit server designation):

puppet agent -t newmanifest.pp

this time, error:

unable fetch node definition, agent continue: network unreachable.

in network two, expect manifests work. never have.

i tried sshd_config use ports 22, 443, 8140, , 61610 on both puppet master , puppet agent. when use puppet master:

puppet agent -t newmanifest.pp --server='foobar.acme.com'

i different error:

   unable fetch node definition, agent run continue: ssl_connect returned=1 errno=0 state=sslv2/v3 read server hello a: unknown protocol.

i tried again sshdconfig not use ports specifically. recycled sshdconfig services. run same command:

puppet agent -t newmanifest.pp --server='foobar.acme.com'

i different error:

 unable fetch node definition, agent run continue: connection refused - connect(2).

i tried command (with no explicit server designation):

 puppet agent -t newmanifest.pp

this time, error:

 unable fetch node definition, agent continue: no route host - connect(2).

the errors between network 1 , 2 different except when sshd_config not using specific ports , command compile manifest explicitly sets fqdn. why this? wrong? have tried set puppet twice fix first instance. cannot reproduce specific problems in first network.

how puppet master server compile manifest? puppet agents have signed certificates. don't understand why compilation of manifests fails.

you have @ least 2 entirely separate groups of problems.

first, @daxelrod commented, puppet agent doesn't work that. point of master / agent mode master decides node's configuration supposed be. furthermore, master not serve manifest files agents; rather, evaluates whatever manifests , data necessary build "catalog" of resources agent apply. these catalogs master serves.

if want agent apply part of configuration in given run can use --tags option direct select specific subset of resources catalog. tags available selecting can specified manually in manifests, , puppet automatically tags resources class name segments based on declared, not break down cleanly along lines of manifest files.

if want apply specific manifest files machines manifest files , data or resources rely upon must present on target machine. in case, can use puppet apply instead of using agent, @daxelrod observed.

second, network problems, if indeed

the firewalls turned off on 4 machines. these ports not blocked on intermediate path: 22, 443, 8140, , 61610 on either network between puppet master , puppet agent servers.

as say, other plausible explanation can see "connection refused" failures such agent reports puppetmaster not running on machine agent attempts connect to, @ least not on port agent tries connect on. might because of kind of name resolution problem (i.e. "foobar.acme.com" resolves differently expect do), because master configured listen on different port think, or because did not start it.

the "network unreachable" appears simpler diagnose: if not specify server agent via command line, , not configure 1 in agent's configuration file, puppet tries connect machine named "puppet". resolving address on unreachable network. (the message different if agent not resolve name @ all.)

the interesting error message the ssl handshaking error:

ssl_connect returned=1 errno=0 state=sslv2/v3 read server hello a: unknown protocol.

in case, client has connected , attempted start ssl handshake sequence, not understand response server. means server not speaking ssl client @ all, i'm in no position guess is speaking.

additionally, mention sshd_config several times in question, if had problem. unless you're doing unusual, however, neither sshd nor of configuration files has involvement whatever in puppet runs.

overall, i'm inclined think dealing combination of incorrect expectations, poor understanding of main system , support components, , perhaps overambitious start. puppet has documentation, including for system installation. if you're installing rpms (maybe puppetlabs's) give head start, still need configure both master , agent(s) appropriately. suspect falling down somewhere here.

by means, try in smaller bites. 1 master , 1 agent, on same network, simple can go master / agent configuration. working first.


Comments

Post a Comment

Popular posts from this blog

Delphi XE2 Indy10 udp client-server interchange using SendBuffer-ReceiveBuffer -

-
i use delphi xe2 , indy10 udp protocol. can't receive server echo on client side if use receivebuffer method. got "socket error # 10040" although send small echo message server client. console application illustrate problem below. in advance. program project1; {$apptype console} {$r *.res} uses system.sysutils, idglobal, idbasecomponent, idcomponent, idsockethandle, idudpclient, idudpserver, idudpbase, idstack; type tudp_serv = class(tidudpserver) procedure udpsvudpread(athread: tidudplistenerthread; adata: tidbytes; abinding: tidsockethandle); end; var udpserver: tudp_serv; udpcl: tidudpclient; bsnd, brcv: tbytes; s: string; k: integer; //============================================================================== procedure tudp_serv.udpsvudpread(athread: tidudplistenerthread; adata: tidbytes; abinding: tidsockethandle); begin writeln(' server read: ' + tohex(adata, length(adata))); abinding sendto(peerip, peerport, adat...
Read more

Qt ActiveX WMI QAxBase::dynamicCallHelper: ItemIndex(int): No such property in -

-
i new windows programming. here goes code objiwbemlocator = new qaxobject("wbemscripting.swbemlocator"); objwmiservice = objiwbemlocator->querysubobject("connectserver(qstring&,qstring&)",qstring("."),qstring("root\\cimv2")); qaxobject* returnlist = objwmiservice->querysubobject("execquery(qstring&)", qstring("select * %1").arg(domain)); qaxobject* result = returnlist->querysubobject("itemindex(int)", 0); i getting error on runtime qt activex wmi qaxbase::dynamiccallhelper: itemindex(int): no such property in but itemindex method exists msdn says the itemindex method not work collections not contain swbemobjects, such swbemmethodset, swbemnamedvalueset, swbemprivilegeset, swbempropertyset, , swbemqualifierset. what selecting ? have tried iterating on collection ? plus need minimum windows vista itemindex method. hope helps
Read more

Enable autocomplete or intellisense in Atom editor for PHP -

-
i'm first time user of atom editor php code. atom can autocomplete built-in functions of php. possible make editor autocomplete custom function written in separate file? function.php <?php function printsomething() { echo "hello world"; } index.php <?php require_once "function.php"; printsomething(); // autocompleted atom editor while typing thanks in advance. there text file in %userprofile%.atom called snippets.cson. in there can add snippet. more this: http://flight-manual.atom.io/using-atom/sections/snippets/ but need think can use later on other files well. otherwise need copy , paste.
Read more