puppetdb with multiple masters

asked 2016-11-02 15:43:36 -0600

jzimm gravatar image

I dont know if i am doing something wrong, but i am trying to get puppetdb working with puppet opensource. the way i have it set up is i have a master and puppetdb in my datacenter, then each one of my customers has there own master in their datacenter's (I am a service provider). My master, and each master at each customer sends reports to puppetdb. But when an agent reporting to the master at their custoemr errors out.

Puppet Master Error: [puppetserver] Puppet Error connecting to dev-puppetdb02 on 8081 at route /pdb/cmd/v1?checksum=9d4d14b78c66d7576792c4830cc12c1d4e622335&version=8&certname=dev-dc02.dev.local&command=storereport, error message received was 'Error executing http request'. Failing over to the next PuppetDB serverurl in the 'server_urls' list

in the puppetserver.log Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

My CA Set up: The puppet master in my DC is a ca, then each master at each customer is a CA as well, just for their nodes.

My PuppetDB setup:

node dev-puppetdb02 {
  class { 'puppetdb':
    manage_firewall       => true,
    open_listen_port      => '0.0.0.0',
    open_ssl_listen_port  => '0.0.0.0',
    listen_address        => '0.0.0.0',
    certificate_whitelist_file => "/etc/puppetlabs/puppetdb/certificate-whitelist",
    certificate_whitelist => [ 'dev-puppet01.dev.local', 'dev-ops-slave02.dev.local'],
  }
}

Things i have Tested I can telnet from the slave master to the puppetdb and back from puppetdb to the slave master

edit retag flag offensive close merge delete