Ask Your Question
0

How do I get Puppet Master to run a manifest against a Puppet Agent node when there are different errors?

asked 2016-01-27 19:05:50 -0500

Conventional gravatar image

I have set up a puppet master and puppet agent server in one network. I have signed the puppet agent's cert request from the puppet master server. I am trying to run a manifest from Puppet Master against the Puppet agent server, but it is failing. The newManifest.pp on both Puppet Master servers calls the Puppet Agent through its FQDN. The /etc/hosts file on both servers has the entries of the FQDN of both servers and their IP addresses. I can ping each server from the other. I can SSH from each server to the other.

I have set up a puppet master and puppet agent server in a second network. I have signed the puppet agent's cert request from the puppet master server. I am trying to run a manifest from Puppet Master against the Puppet agent server, but it is failing. The newManifest.pp on both Puppet Master servers calls the Puppet Agent through its FQDN. The /etc/hosts file on both servers has the entries of the FQDN of both servers and their IP addresses. I can ping each server from the other. I can SSH from each server to the other.

All four of these servers in both networks have CentOS 7 as the OS with open source Puppet version 3.8.4. The firewalls are turned off on all four machines. These ports are not blocked on any intermediate path: 22, 443, 8140, and 61610 on either network between the Puppet Master and Puppet Agent servers.

In network one, I expect manifests to compile. They never have.

I tried this with sshd_config to use ports 22, 443, 8140, and 61610 on both the Puppet Master and Puppet agent. When I use this from the puppet master:

puppet agent -t newManifest.pp --server='foobar.acme.com'

I get an error: "Unable to fetch my node definition, but the agent will continue: Warning: Connection refused - connect(2)."

I tried again with sshdconfig to not use any ports specifically. I recycled the sshdconfig services. I run the same command:

puppet agent -t newManifest.pp --server='foobar.acme.com'

I get a different error: "Unable to fetch my node definition, but the agent run will continue: connection refused - connect(2)."

I then tried this command (with no explicit server designation):

puppet agent -t newManifest.pp

This time, I get this error:

"Unable to fetch my node definition, but the agent will continue: Network is unreachable."

In network two, I expect manifests to work. They never have.

I tried this with sshd_config to use ports 22, 443, 8140, and 61610 on both the Puppet Master and Puppet agent. When I use this from the puppet master:

puppet agent -t newManifest.pp --server='foobar.acme.com'

I get a different error: "Unable to fetch my node definition, but the agent run will continue: SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: unknown protocol."

I tried again with sshdconfig to not ... (more)

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2016-06-17 00:49:07 -0500

cm01 gravatar image

This is an old qn, but just in case anyone else drops by, see https://ask.puppet.com/question/23483....

Basically normal Puppet is a pull mechanism, not a push one ie the client node contacts the master, not the other way around.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2016-01-27 19:05:50 -0500

Seen: 533 times

Last updated: Jun 17 '16