Hi Bhathiya, It is already mentioned in [1] under 10th point.
[1] - https://github.com/wso2/puppet-modules/wiki/Use-WSO2-Puppet-Modules-in-puppet-master-agent-Environment#221-puppet-master Thank you! On Tue, Feb 23, 2016 at 6:46 PM, Bhathiya Jayasekara <[email protected]> wrote: > Hi Pubudu, > > Thanks for the prompt reply. The problem was in step 10 in [2] it doesn't > ask to copy pack and jdk to /etc/puppet/.. location. After copying them to > correct place, issue went away. I think doc needs to be updated there. > > [2] > https://github.com/wso2/puppet-modules/wiki/Use-WSO2-Puppet-Modules-in-puppet-master-agent-Environment#222-puppet-agent > > Thanks, > Bhathiya > > On Tue, Feb 23, 2016 at 6:35 PM, Pubudu Gunatilaka <[email protected]> > wrote: > >> Change the java source file name in [1]. >> >> [1] - >> https://github.com/wso2/puppet-modules/blob/master/hieradata/dev/common.yaml#L17 >> >> Thank you! >> >> On Tue, Feb 23, 2016 at 6:32 PM, Bhathiya Jayasekara <[email protected]> >> wrote: >> >>> Thanks a lot Pubudu. That fixed my issue and I'm 1 more step closer to >>> a working setup. >>> >>> Now this is what I get. Any idea? >>> >>> Notice: /Stage[main]/Wso2am/Wso2base::Server[/mnt/ >>> 192.168.57.93/wso2am-1.10.1-SNAPSHOT]/Wso2base::Clean[/mnt/192.168.57.93/wso2am-1.10.1-SNAPSHOT]/Exec[Stop_process_remove_CARBON_HOME_and_pack_/mnt/192.168.57.93/wso2am-1.10.1-SNAPSHOT]/returns >>> <http://192.168.57.93/wso2am-1.10.1-SNAPSHOT%5D/Wso2base::Clean%5B/mnt/192.168.57.93/wso2am-1.10.1-SNAPSHOT%5D/Exec%5BStop_process_remove_CARBON_HOME_and_pack_/mnt/192.168.57.93/wso2am-1.10.1-SNAPSHOT%5D/returns>: >>> executed successfully >>> Error: >>> /Stage[main]/Wso2base::Java/Java::Setup[jdk-7u79-linux-x64.tar.gz]/File[/home/wso2user/java-setup-wso2base::java/jdk-7u79-linux-x64.tar.gz]: >>> Could not evaluate: Could not retrieve information from environment >>> production source(s) puppet:///modules/wso2base/jdk-7u79-linux-x64.tar.gz >>> Notice: >>> /Stage[main]/Wso2base::Java/Java::Setup[jdk-7u79-linux-x64.tar.gz]/Exec[extract_java-jdk-7u79-linux-x64.tar.gz]: >>> Dependency >>> File[/home/wso2user/java-setup-wso2base::java/jdk-7u79-linux-x64.tar.gz] >>> has failures: true >>> Warning: >>> /Stage[main]/Wso2base::Java/Java::Setup[jdk-7u79-linux-x64.tar.gz]/Exec[extract_java-jdk-7u79-linux-x64.tar.gz]: >>> Skipping because of failed dependencies >>> Notice: >>> /Stage[main]/Wso2base::Java/Java::Setup[jdk-7u79-linux-x64.tar.gz]/Exec[create_target-jdk-7u79-linux-x64.tar.gz]: >>> Dependency >>> File[/home/wso2user/java-setup-wso2base::java/jdk-7u79-linux-x64.tar.gz] >>> has failures: true >>> Warning: >>> /Stage[main]/Wso2base::Java/Java::Setup[jdk-7u79-linux-x64.tar.gz]/Exec[create_target-jdk-7u79-linux-x64.tar.gz]: >>> Skipping because of failed dependencies >>> Notice: >>> /Stage[main]/Wso2base::Java/Java::Setup[jdk-7u79-linux-x64.tar.gz]/Exec[move_java-jdk-7u79-linux-x64.tar.gz]: >>> Dependency >>> File[/home/wso2user/java-setup-wso2base::java/jdk-7u79-linux-x64.tar.gz] >>> has failures: true >>> Warning: >>> /Stage[main]/Wso2base::Java/Java::Setup[jdk-7u79-linux-x64.tar.gz]/Exec[move_java-jdk-7u79-linux-x64.tar.gz]: >>> Skipping because of failed dependencies >>> Notice: >>> /Stage[main]/Wso2base::Java/Java::Setup[jdk-7u79-linux-x64.tar.gz]/Exec[set_java_home-jdk-7u79-linux-x64.tar.gz]: >>> Dependency >>> File[/home/wso2user/java-setup-wso2base::java/jdk-7u79-linux-x64.tar.gz] >>> has failures: true >>> Warning: >>> /Stage[main]/Wso2base::Java/Java::Setup[jdk-7u79-linux-x64.tar.gz]/Exec[set_java_home-jdk-7u79-linux-x64.tar.gz]: >>> Skipping because of failed dependencies >>> Notice: >>> /Stage[main]/Wso2base::Java/Java::Setup[jdk-7u79-linux-x64.tar.gz]/Exec[update_classpath-jdk-7u79-linux-x64.tar.gz]: >>> Dependency >>> File[/home/wso2user/java-setup-wso2base::java/jdk-7u79-linux-x64.tar.gz] >>> has failures: true >>> Warning: >>> /Stage[main]/Wso2base::Java/Java::Setup[jdk-7u79-linux-x64.tar.gz]/Exec[update_classpath-jdk-7u79-linux-x64.tar.gz]: >>> Skipping because of failed dependencies >>> Notice: >>> /Stage[main]/Wso2base::Java/Java::Setup[jdk-7u79-linux-x64.tar.gz]/Exec[update_path-jdk-7u79-linux-x64.tar.gz]: >>> Dependency >>> File[/home/wso2user/java-setup-wso2base::java/jdk-7u79-linux-x64.tar.gz] >>> has failures: true >>> Warning: >>> /Stage[main]/Wso2base::Java/Java::Setup[jdk-7u79-linux-x64.tar.gz]/Exec[update_path-jdk-7u79-linux-x64.tar.gz]: >>> Skipping because of failed dependencies >>> Notice: /Stage[main]/Wso2base::Java/File[/opt/java]: Dependency >>> File[/home/wso2user/java-setup-wso2base::java/jdk-7u79-linux-x64.tar.gz] >>> has failures: true >>> Warning: /Stage[main]/Wso2base::Java/File[/opt/java]: Skipping because >>> of failed dependencies >>> Notice: >>> /Stage[main]/Wso2base::Java/File[/etc/profile.d/set_java_home.sh]: >>> Dependency >>> File[/home/wso2user/java-setup-wso2base::java/jdk-7u79-linux-x64.tar.gz] >>> has failures: true >>> Warning: >>> /Stage[main]/Wso2base::Java/File[/etc/profile.d/set_java_home.sh]: Skipping >>> because of failed dependencies >>> Notice: /Stage[main]/Wso2base::Java/Exec[remove_java_cache]: Dependency >>> File[/home/wso2user/java-setup-wso2base::java/jdk-7u79-linux-x64.tar.gz] >>> has failures: true >>> Warning: /Stage[main]/Wso2base::Java/Exec[remove_java_cache]: Skipping >>> because of failed dependencies >>> Error: /Stage[main]/Wso2am/Wso2base::Server[/mnt/ >>> 192.168.57.93/wso2am-1.10.1-SNAPSHOT]/Wso2base::Install[/mnt/192.168.57.93/wso2am-1.10.1-SNAPSHOT]/File[/mnt/packs/wso2am-1.10.1-SNAPSHOT.zip >>> <http://192.168.57.93/wso2am-1.10.1-SNAPSHOT%5D/Wso2base::Install%5B/mnt/192.168.57.93/wso2am-1.10.1-SNAPSHOT%5D/File%5B/mnt/packs/wso2am-1.10.1-SNAPSHOT.zip>]: >>> Could not evaluate: Error 400 on SERVER: Not authorized to call find on >>> /file_metadata/files/packs/wso2am-1.10.1-SNAPSHOT.zip with >>> {:links=>"manage"} Could not retrieve file metadata for >>> puppet:///files/packs/wso2am-1.10.1-SNAPSHOT.zip: Error 400 on SERVER: Not >>> authorized to call find on >>> /file_metadata/files/packs/wso2am-1.10.1-SNAPSHOT.zip with >>> {:links=>"manage"} >>> >>> Thanks, >>> Bhathiya >>> >>> On Tue, Feb 23, 2016 at 5:58 PM, Pubudu Gunatilaka <[email protected]> >>> wrote: >>> >>>> Hi Bhathiya, >>>> >>>> By default hosts file will get updated. You can add a new entry for >>>> puppet master in [2] or in the product profile hiera file. Entry would look >>>> like as below. >>>> >>>> wso2::hosts_mapping : >>>> localhost : >>>> ip_address : 127.0.0.1 >>>> hostname : localhost >>>> puppetmaster : >>>> ip_address : pm_ip >>>> hostname : pm_hostname >>>> >>>> [1] - >>>> https://github.com/wso2/puppet-modules/blob/master/hieradata/dev/wso2/common.yaml#L37 >>>> [2] - >>>> https://github.com/wso2/puppet-modules/blob/master/hieradata/dev/wso2/common.yaml#L25 >>>> >>>> Thank you! >>>> >>>> On Tue, Feb 23, 2016 at 5:50 PM, Jithendra Sirimanne < >>>> [email protected]> wrote: >>>> >>>>> try adding that entry to the end of the file and reboot the machine >>>>> >>>>> Best Regards >>>>> Jithendra >>>>> >>>>> -- >>>>> Jithendra Sirimanne >>>>> *Systems Engineer* >>>>> Mobile: +94 (0) 716 374696 <+94+(0)+716+374696> >>>>> Tel : +94 112 145 345 >>>>> Email : [email protected] >>>>> >>>>> On Tue, Feb 23, 2016 at 5:24 PM, Bhathiya Jayasekara < >>>>> [email protected]> wrote: >>>>> >>>>>> Hi Jithendra, >>>>>> >>>>>> There is the file, but there's is no such an entry in it. Here I'm >>>>>> posting the entire file. >>>>>> >>>>>> # The top level settings are used as module >>>>>> # and system configuration. >>>>>> >>>>>> # A set of users which may be applied and/or used by various modules >>>>>> # when a 'default' entry is found it will reference the 'default_user' >>>>>> # from the distro configuration specified below >>>>>> users: >>>>>> - default >>>>>> >>>>>> # If this is set, 'root' will not be able to ssh in and they >>>>>> # will get a message to login instead as the above $user (ubuntu) >>>>>> disable_root: true >>>>>> >>>>>> # This will cause the set+update hostname module to not operate (if >>>>>> true) >>>>>> preserve_hostname: false >>>>>> >>>>>> # Example datasource config >>>>>> # datasource: >>>>>> # Ec2: >>>>>> # metadata_urls: [ 'blah.com' ] >>>>>> # timeout: 5 # (defaults to 50 seconds) >>>>>> # max_wait: 10 # (defaults to 120 seconds) >>>>>> >>>>>> # The modules that run in the 'init' stage >>>>>> cloud_init_modules: >>>>>> - migrator >>>>>> - seed_random >>>>>> - bootcmd >>>>>> - write-files >>>>>> - growpart >>>>>> - resizefs >>>>>> - set_hostname >>>>>> - update_hostname >>>>>> - update_etc_hosts >>>>>> - ca-certs >>>>>> - rsyslog >>>>>> - users-groups >>>>>> - ssh >>>>>> >>>>>> # The modules that run in the 'config' stage >>>>>> cloud_config_modules: >>>>>> # Emit the cloud config ready event >>>>>> # this can be used by upstart jobs for 'start on cloud-config'. >>>>>> - emit_upstart >>>>>> - disk_setup >>>>>> - mounts >>>>>> - ssh-import-id >>>>>> - locale >>>>>> - set-passwords >>>>>> - grub-dpkg >>>>>> - apt-pipelining >>>>>> - apt-configure >>>>>> - package-update-upgrade-install >>>>>> - landscape >>>>>> - timezone >>>>>> - puppet >>>>>> - chef >>>>>> - salt-minion >>>>>> - mcollective >>>>>> - disable-ec2-metadata >>>>>> - runcmd >>>>>> - byobu >>>>>> >>>>>> # The modules that run in the 'final' stage >>>>>> cloud_final_modules: >>>>>> - rightscale_userdata >>>>>> - scripts-vendor >>>>>> - scripts-per-once >>>>>> - scripts-per-boot >>>>>> - scripts-per-instance >>>>>> - scripts-user >>>>>> - ssh-authkey-fingerprints >>>>>> - keys-to-console >>>>>> - phone-home >>>>>> - final-message >>>>>> - power-state-change >>>>>> >>>>>> # System and/or distro specific settings >>>>>> # (not accessible to handlers/transforms) >>>>>> system_info: >>>>>> # This will affect which distro class gets used >>>>>> distro: ubuntu >>>>>> # Default user name + that default users groups (if added/used) >>>>>> default_user: >>>>>> name: ubuntu >>>>>> lock_passwd: True >>>>>> gecos: Ubuntu >>>>>> groups: [adm, audio, cdrom, dialout, dip, floppy, netdev, >>>>>> plugdev, sudo, video] >>>>>> sudo: ["ALL=(ALL) NOPASSWD:ALL"] >>>>>> shell: /bin/bash >>>>>> # Other config here will be given to the distro class and/or path >>>>>> classes >>>>>> paths: >>>>>> cloud_dir: /var/lib/cloud/ >>>>>> templates_dir: /etc/cloud/templates/ >>>>>> upstart_dir: /etc/init/ >>>>>> package_mirrors: >>>>>> - arches: [i386, amd64] >>>>>> failsafe: >>>>>> primary: http://archive.ubuntu.com/ubuntu >>>>>> security: http://security.ubuntu.com/ubuntu >>>>>> search: >>>>>> primary: >>>>>> - http://%(ec2_region)s.ec2.archive.ubuntu.com/ubuntu/ >>>>>> - http://%(availability_zone) >>>>>> s.clouds.archive.ubuntu.com/ubuntu/ >>>>>> security: [] >>>>>> - arches: [armhf, armel, default] >>>>>> failsafe: >>>>>> primary: http://ports.ubuntu.com/ubuntu-ports >>>>>> security: http://ports.ubuntu.com/ubuntu-ports >>>>>> ssh_svcname: ssh >>>>>> >>>>>> >>>>>> >>>>>> 110,11 >>>>>> Bot >>>>>> >>>>>> Thanks, >>>>>> Bhathiya >>>>>> >>>>>> >>>>>> >>>>>> On Tue, Feb 23, 2016 at 5:04 PM, Jithendra Sirimanne < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> Hi Bhathiya, >>>>>>> >>>>>>> check whether you have a file in /etc/cloud/cloud.cfg >>>>>>> >>>>>>> if so open that file and in it you fill find a line >>>>>>> "manage_etc_hosts: true". >>>>>>> >>>>>>> Make this to "manage_etc_hosts: false" >>>>>>> >>>>>>> Best Regards >>>>>>> Jithendra >>>>>>> >>>>>>> -- >>>>>>> Jithendra Sirimanne >>>>>>> *Systems Engineer* >>>>>>> Mobile: +94 (0) 716 374696 <+94+(0)+716+374696> >>>>>>> Tel : +94 112 145 345 >>>>>>> Email : [email protected] >>>>>>> >>>>>>> On Tue, Feb 23, 2016 at 3:01 PM, Bhathiya Jayasekara < >>>>>>> [email protected]> wrote: >>>>>>> >>>>>>>> Hi Akila, >>>>>>>> >>>>>>>> I just noticed that everytime I run ./setup.sh in agent, /etc/hosts >>>>>>>> file is replaced/updated. That causes losing the puppetmaster entry in >>>>>>>> the >>>>>>>> file. Any idea why? >>>>>>>> >>>>>>>> Thanks, >>>>>>>> Bhathiya >>>>>>>> >>>>>>>> On Tue, Feb 23, 2016 at 2:51 PM, Akila Ravihansa Perera < >>>>>>>> [email protected]> wrote: >>>>>>>> >>>>>>>>> Hi, >>>>>>>>> >>>>>>>>> Looks like Puppet agent cannot resolve the hostname set in >>>>>>>>> puppet.conf. Please check whether correct hostname is set in >>>>>>>>> puppet.conf >>>>>>>>> and that it is resolvable via DNS or /etc/hosts file. >>>>>>>>> >>>>>>>>> Also make sure hostname is correctly set in Puppet master. Output >>>>>>>>> of `hostname` command should match the value in puppet.conf. >>>>>>>>> >>>>>>>>> Thanks. >>>>>>>>> >>>>>>>>> On Tue, Feb 23, 2016 at 2:10 PM, Bhathiya Jayasekara < >>>>>>>>> [email protected]> wrote: >>>>>>>>> >>>>>>>>>> The problem was I didn't have a directory for my APIM version in >>>>>>>>>> *hieradata/production/wso2/wso2am.* Thanks a lot Akila for >>>>>>>>>> helping me a lot offline. >>>>>>>>>> >>>>>>>>>> But unfortunately I'm still away from success. Now I'm getting >>>>>>>>>> below error. Any idea about the cause? >>>>>>>>>> >>>>>>>>>> root@apim-node-1:/opt# ./setup.sh >>>>>>>>>> ##################################################### >>>>>>>>>> Starting cleanup >>>>>>>>>> ##################################################### >>>>>>>>>> ##################################################### >>>>>>>>>> Setting up environment >>>>>>>>>> ##################################################### >>>>>>>>>> ##################################################### >>>>>>>>>> Installing >>>>>>>>>> ##################################################### >>>>>>>>>> Warning: Unable to fetch my node definition, but the agent run >>>>>>>>>> will continue: >>>>>>>>>> Warning: getaddrinfo: Name or service not known >>>>>>>>>> Info: Retrieving plugin >>>>>>>>>> Error: /File[/var/lib/puppet/lib]: Failed to generate additional >>>>>>>>>> resources using 'eval_generate': getaddrinfo: Name or service not >>>>>>>>>> known >>>>>>>>>> Error: /File[/var/lib/puppet/lib]: Could not evaluate: >>>>>>>>>> getaddrinfo: Name or service not known Could not retrieve file >>>>>>>>>> metadata for >>>>>>>>>> puppet://puppet/plugins: getaddrinfo: Name or service not known >>>>>>>>>> Info: Loading facts in /var/lib/puppet/lib/facter/puppet_vardir.rb >>>>>>>>>> Info: Loading facts in >>>>>>>>>> /var/lib/puppet/lib/facter/service_provider.rb >>>>>>>>>> Info: Loading facts in >>>>>>>>>> /var/lib/puppet/lib/facter/package_provider.rb >>>>>>>>>> Info: Loading facts in /var/lib/puppet/lib/facter/root_home.rb >>>>>>>>>> Info: Loading facts in /var/lib/puppet/lib/facter/facter_dot_d.rb >>>>>>>>>> Info: Loading facts in /var/lib/puppet/lib/facter/pe_version.rb >>>>>>>>>> Error: Could not retrieve catalog from remote server: >>>>>>>>>> getaddrinfo: Name or service not known >>>>>>>>>> Warning: Not using cache on failed catalog >>>>>>>>>> Error: Could not retrieve catalog; skipping run >>>>>>>>>> Error: Could not send report: getaddrinfo: Name or service not >>>>>>>>>> known >>>>>>>>>> >>>>>>>>>> Thanks, >>>>>>>>>> Bhathiya >>>>>>>>>> >>>>>>>>>> On Tue, Feb 23, 2016 at 10:44 AM, Bhathiya Jayasekara < >>>>>>>>>> [email protected]> wrote: >>>>>>>>>> >>>>>>>>>>> Hi all, >>>>>>>>>>> >>>>>>>>>>> Thanks for the replies. The problem was the hostname as Lahiru >>>>>>>>>>> mentioned. I didn't restart the VM after changing /etc/hostname >>>>>>>>>>> before. >>>>>>>>>>> Just restarted the VM now and issue is solved. I think it's better >>>>>>>>>>> to >>>>>>>>>>> update the doc if a restart is required after changing hostname. >>>>>>>>>>> >>>>>>>>>>> However I endedup in another error.. >>>>>>>>>>> >>>>>>>>>>> Error: Could not retrieve catalog from remote server: Error 400 >>>>>>>>>>> on SERVER: Could not find data item classes in any Hiera data file >>>>>>>>>>> and no >>>>>>>>>>> default supplied at >>>>>>>>>>> /etc/puppet/environments/production/manifests/site.pp:21 on node >>>>>>>>>>> apim-node-1.openstacklocal >>>>>>>>>>> Warning: Not using cache on failed catalog >>>>>>>>>>> Error: Could not retrieve catalog; skipping run >>>>>>>>>>> >>>>>>>>>>> As mentioned in the doc, I have that site.pp in puppet master >>>>>>>>>>> only. Do I need to have it in agent too? >>>>>>>>>>> >>>>>>>>>>> Thanks, >>>>>>>>>>> Bhathiya >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> On Tue, Feb 23, 2016 at 9:34 AM, Akila Ravihansa Perera < >>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>> >>>>>>>>>>>> Hi Bhathiya, >>>>>>>>>>>> >>>>>>>>>>>> Please try the following steps; >>>>>>>>>>>> >>>>>>>>>>>> 1. Delete all certificates in Puppet master (rm -rf >>>>>>>>>>>> /var/lib/puppet/ssl/*) >>>>>>>>>>>> 2. Delete all certificates in Puppet agent (rm -rf >>>>>>>>>>>> /var/lib/puppet/ssl/*) >>>>>>>>>>>> You may use `puppet cert clean --all` command as well >>>>>>>>>>>> >>>>>>>>>>>> 3. Check puppet.conf in both Puppet agent and master >>>>>>>>>>>> Agent should point to master hostname >>>>>>>>>>>> server = puppet.example.com >>>>>>>>>>>> >>>>>>>>>>>> This hostname must resolve to corresponding IP address via DNS >>>>>>>>>>>> or hosts file mappings >>>>>>>>>>>> >>>>>>>>>>>> This hostname must be the Puppet master's system hostname. Or >>>>>>>>>>>> else it should be added as a property to puppet.conf in Puppet >>>>>>>>>>>> master >>>>>>>>>>>> instance >>>>>>>>>>>> >>>>>>>>>>>> dns_alt_names=puppet.example.com >>>>>>>>>>>> >>>>>>>>>>>> 4. Auto-signing should be enabled in puppet.conf in Puppet >>>>>>>>>>>> master. Or all the white-listed hostnames should be added to >>>>>>>>>>>> autosign.conf >>>>>>>>>>>> in Puppet master. >>>>>>>>>>>> autosign = true >>>>>>>>>>>> >>>>>>>>>>>> 5. Restart Puppet master service after modifying above config >>>>>>>>>>>> files. >>>>>>>>>>>> >>>>>>>>>>>> Thanks. >>>>>>>>>>>> >>>>>>>>>>>> On Tue, Feb 23, 2016 at 7:43 AM, Lahiru Sandaruwan < >>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>> >>>>>>>>>>>>> Hi Bhathiya, >>>>>>>>>>>>> >>>>>>>>>>>>> Please check if the hostname(hostname command) is correctly >>>>>>>>>>>>> set in puppet master. Also, after the certificate clearance, >>>>>>>>>>>>> remember to >>>>>>>>>>>>> restart puppet master. >>>>>>>>>>>>> >>>>>>>>>>>>> Thanks. >>>>>>>>>>>>> >>>>>>>>>>>>> On Tue, Feb 23, 2016 at 12:34 AM, Sajith Kariyawasam < >>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>> >>>>>>>>>>>>>> Hi Bhathiya, >>>>>>>>>>>>>> >>>>>>>>>>>>>> Did you delete old certs in puppet master as explained in [1] >>>>>>>>>>>>>> ? From the commands you have listed, it seems you have deleted >>>>>>>>>>>>>> the certs in >>>>>>>>>>>>>> agent side only. >>>>>>>>>>>>>> [2] too provides some tips related to a similar issue. >>>>>>>>>>>>>> Also, if you are testing in an IaaS, please make sure all the >>>>>>>>>>>>>> necessary ports in puppet master instance are accessible from >>>>>>>>>>>>>> puppet agent >>>>>>>>>>>>>> instance. >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> [1] >>>>>>>>>>>>>> http://serverfault.com/questions/515296/puppet-agent-certificate-verify-failure >>>>>>>>>>>>>> [2] >>>>>>>>>>>>>> http://stackoverflow.com/questions/4528101/ssl-connect-returned-1-errno-0-state-sslv3-read-server-certificate-b-certificat >>>>>>>>>>>>>> >>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>> Sajith >>>>>>>>>>>>>> >>>>>>>>>>>>>> On Tue, Feb 23, 2016 at 12:02 AM, Bhathiya Jayasekara < >>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>> >>>>>>>>>>>>>>> Thanks for the prompt response Pubudu. I already tried that >>>>>>>>>>>>>>> and got below. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> root@apim-2:/opt# find /var/lib/puppet/ssl -name '*.pem' >>>>>>>>>>>>>>> -exec rm {} \; >>>>>>>>>>>>>>> root@apim-2:/opt# puppet agent -t >>>>>>>>>>>>>>> Info: Creating a new SSL key for apim-2.openstacklocal >>>>>>>>>>>>>>> Info: Caching certificate for ca >>>>>>>>>>>>>>> Info: csr_attributes file loading from >>>>>>>>>>>>>>> /etc/puppet/csr_attributes.yaml >>>>>>>>>>>>>>> Info: Creating a new SSL certificate request for >>>>>>>>>>>>>>> apim-2.openstacklocal >>>>>>>>>>>>>>> Info: Certificate Request fingerprint (SHA256): >>>>>>>>>>>>>>> 74:F4:B5:D3:39:02:0F:D7:6D:88:0C:06:4B:55:1C:08:7C:B8:C9:3E:91:0F:B1:C9:1B:07:DE:27:BB:D1:D5:55 >>>>>>>>>>>>>>> Info: Caching certificate for apim-2.openstacklocal >>>>>>>>>>>>>>> Info: Caching certificate_revocation_list for ca >>>>>>>>>>>>>>> Error: Could not request certificate: SSL_connect returned=1 >>>>>>>>>>>>>>> errno=0 state=SSLv3 read server certificate B: certificate >>>>>>>>>>>>>>> verify failed: >>>>>>>>>>>>>>> [certificate revoked for /CN=apim-2.openstacklocal] >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>> Bhathiya >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> On Mon, Feb 22, 2016 at 11:52 PM, Pubudu Gunatilaka < >>>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Hi Bhathiya, >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Could you please check with this [1] ? I think you are >>>>>>>>>>>>>>>> having Error 4. >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> [1] - >>>>>>>>>>>>>>>> http://suhan-opensource.blogspot.com/2014/10/puppet-master-agent-communication-errors.html >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Thank you! >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> On Mon, Feb 22, 2016 at 11:47 PM, Bhathiya Jayasekara < >>>>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> Hi all, >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> I followed all the steps in [1]. But at the end I'm >>>>>>>>>>>>>>>>> getting below cert error. Can someone please help me to >>>>>>>>>>>>>>>>> understand what's >>>>>>>>>>>>>>>>> wrong? >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> root@apim-2:/opt# ./setup.sh >>>>>>>>>>>>>>>>> ##################################################### >>>>>>>>>>>>>>>>> Starting cleanup >>>>>>>>>>>>>>>>> ##################################################### >>>>>>>>>>>>>>>>> ##################################################### >>>>>>>>>>>>>>>>> Setting up environment >>>>>>>>>>>>>>>>> ##################################################### >>>>>>>>>>>>>>>>> ##################################################### >>>>>>>>>>>>>>>>> Installing >>>>>>>>>>>>>>>>> ##################################################### >>>>>>>>>>>>>>>>> Warning: Unable to fetch my node definition, but the agent >>>>>>>>>>>>>>>>> run will continue: >>>>>>>>>>>>>>>>> Warning: SSL_connect returned=1 errno=0 state=SSLv3 read >>>>>>>>>>>>>>>>> server certificate B: certificate verify failed: [certificate >>>>>>>>>>>>>>>>> revoked for >>>>>>>>>>>>>>>>> /CN=apim-2.openstacklocal] >>>>>>>>>>>>>>>>> Info: Retrieving plugin >>>>>>>>>>>>>>>>> Error: /File[/var/lib/puppet/lib]: Failed to generate >>>>>>>>>>>>>>>>> additional resources using 'eval_generate': SSL_connect >>>>>>>>>>>>>>>>> returned=1 errno=0 >>>>>>>>>>>>>>>>> state=SSLv3 read server certificate B: certificate verify >>>>>>>>>>>>>>>>> failed: >>>>>>>>>>>>>>>>> [certificate revoked for /CN=apim-2.openstacklocal] >>>>>>>>>>>>>>>>> Error: /File[/var/lib/puppet/lib]: Could not evaluate: >>>>>>>>>>>>>>>>> SSL_connect returned=1 errno=0 state=SSLv3 read server >>>>>>>>>>>>>>>>> certificate B: >>>>>>>>>>>>>>>>> certificate verify failed: [certificate revoked for >>>>>>>>>>>>>>>>> /CN=apim-2.openstacklocal] Could not retrieve file metadata >>>>>>>>>>>>>>>>> for >>>>>>>>>>>>>>>>> puppet://puppet/plugins: SSL_connect returned=1 errno=0 >>>>>>>>>>>>>>>>> state=SSLv3 read >>>>>>>>>>>>>>>>> server certificate B: certificate verify failed: [certificate >>>>>>>>>>>>>>>>> revoked for >>>>>>>>>>>>>>>>> /CN=apim-2.openstacklocal] >>>>>>>>>>>>>>>>> Error: Could not retrieve catalog from remote server: >>>>>>>>>>>>>>>>> SSL_connect returned=1 errno=0 state=SSLv3 read server >>>>>>>>>>>>>>>>> certificate B: >>>>>>>>>>>>>>>>> certificate verify failed: [certificate revoked for >>>>>>>>>>>>>>>>> /CN=apim-2.openstacklocal] >>>>>>>>>>>>>>>>> Warning: Not using cache on failed catalog >>>>>>>>>>>>>>>>> Error: Could not retrieve catalog; skipping run >>>>>>>>>>>>>>>>> Error: Could not send report: SSL_connect returned=1 >>>>>>>>>>>>>>>>> errno=0 state=SSLv3 read server certificate B: certificate >>>>>>>>>>>>>>>>> verify failed: >>>>>>>>>>>>>>>>> [certificate revoked for /CN=apim-2.openstacklocal] >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> [1] >>>>>>>>>>>>>>>>> https://github.com/wso2/puppet-modules/wiki/Use-WSO2-Puppet-Modules-in-puppet-master-agent-Environment >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>> *Bhathiya Jayasekara* >>>>>>>>>>>>>>>>> *Senior Software Engineer,* >>>>>>>>>>>>>>>>> *WSO2 inc., http://wso2.com <http://wso2.com>* >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> *Phone: +94715478185 <%2B94715478185>* >>>>>>>>>>>>>>>>> *LinkedIn: http://www.linkedin.com/in/bhathiyaj >>>>>>>>>>>>>>>>> <http://www.linkedin.com/in/bhathiyaj>* >>>>>>>>>>>>>>>>> *Twitter: https://twitter.com/bhathiyax >>>>>>>>>>>>>>>>> <https://twitter.com/bhathiyax>* >>>>>>>>>>>>>>>>> *Blog: http://movingaheadblog.blogspot.com >>>>>>>>>>>>>>>>> <http://movingaheadblog.blogspot.com/>* >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>>>>>>> Dev mailing list >>>>>>>>>>>>>>>>> [email protected] >>>>>>>>>>>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>> *Pubudu Gunatilaka* >>>>>>>>>>>>>>>> Committer and PMC Member - Apache Stratos >>>>>>>>>>>>>>>> Software Engineer >>>>>>>>>>>>>>>> WSO2, Inc.: http://wso2.com >>>>>>>>>>>>>>>> mobile : +94774079049 <%2B94772207163> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>> *Bhathiya Jayasekara* >>>>>>>>>>>>>>> *Senior Software Engineer,* >>>>>>>>>>>>>>> *WSO2 inc., http://wso2.com <http://wso2.com>* >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> *Phone: +94715478185 <%2B94715478185>* >>>>>>>>>>>>>>> *LinkedIn: http://www.linkedin.com/in/bhathiyaj >>>>>>>>>>>>>>> <http://www.linkedin.com/in/bhathiyaj>* >>>>>>>>>>>>>>> *Twitter: https://twitter.com/bhathiyax >>>>>>>>>>>>>>> <https://twitter.com/bhathiyax>* >>>>>>>>>>>>>>> *Blog: http://movingaheadblog.blogspot.com >>>>>>>>>>>>>>> <http://movingaheadblog.blogspot.com/>* >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>>>>> Dev mailing list >>>>>>>>>>>>>>> [email protected] >>>>>>>>>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> -- >>>>>>>>>>>>>> Sajith Kariyawasam >>>>>>>>>>>>>> *Committer and PMC member, Apache Stratos, * >>>>>>>>>>>>>> *WSO2 Inc.; http://wso2.com <http://wso2.com>* >>>>>>>>>>>>>> *Mobile: 0772269575 <0772269575>* >>>>>>>>>>>>>> >>>>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>>>> Dev mailing list >>>>>>>>>>>>>> [email protected] >>>>>>>>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> -- >>>>>>>>>>>>> -- >>>>>>>>>>>>> Lahiru Sandaruwan >>>>>>>>>>>>> Committer and PMC member, Apache Stratos, >>>>>>>>>>>>> Senior Software Engineer, >>>>>>>>>>>>> WSO2 Inc., http://wso2.com >>>>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>>>> >>>>>>>>>>>>> phone: +94773325954 >>>>>>>>>>>>> email: [email protected] blog: >>>>>>>>>>>>> http://lahiruwrites.blogspot.com/ >>>>>>>>>>>>> linked-in: >>>>>>>>>>>>> http://lk.linkedin.com/pub/lahiru-sandaruwan/16/153/146 >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>>> Dev mailing list >>>>>>>>>>>>> [email protected] >>>>>>>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> -- >>>>>>>>>>>> Akila Ravihansa Perera >>>>>>>>>>>> WSO2 Inc.; http://wso2.com/ >>>>>>>>>>>> >>>>>>>>>>>> Blog: http://ravihansa3000.blogspot.com >>>>>>>>>>>> >>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>> Dev mailing list >>>>>>>>>>>> [email protected] >>>>>>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> *Bhathiya Jayasekara* >>>>>>>>>>> *Senior Software Engineer,* >>>>>>>>>>> *WSO2 inc., http://wso2.com <http://wso2.com>* >>>>>>>>>>> >>>>>>>>>>> *Phone: +94715478185 <%2B94715478185>* >>>>>>>>>>> *LinkedIn: http://www.linkedin.com/in/bhathiyaj >>>>>>>>>>> <http://www.linkedin.com/in/bhathiyaj>* >>>>>>>>>>> *Twitter: https://twitter.com/bhathiyax >>>>>>>>>>> <https://twitter.com/bhathiyax>* >>>>>>>>>>> *Blog: http://movingaheadblog.blogspot.com >>>>>>>>>>> <http://movingaheadblog.blogspot.com/>* >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> *Bhathiya Jayasekara* >>>>>>>>>> *Senior Software Engineer,* >>>>>>>>>> *WSO2 inc., http://wso2.com <http://wso2.com>* >>>>>>>>>> >>>>>>>>>> *Phone: +94715478185 <%2B94715478185>* >>>>>>>>>> *LinkedIn: http://www.linkedin.com/in/bhathiyaj >>>>>>>>>> <http://www.linkedin.com/in/bhathiyaj>* >>>>>>>>>> *Twitter: https://twitter.com/bhathiyax >>>>>>>>>> <https://twitter.com/bhathiyax>* >>>>>>>>>> *Blog: http://movingaheadblog.blogspot.com >>>>>>>>>> <http://movingaheadblog.blogspot.com/>* >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> Akila Ravihansa Perera >>>>>>>>> WSO2 Inc.; http://wso2.com/ >>>>>>>>> >>>>>>>>> Blog: http://ravihansa3000.blogspot.com >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> *Bhathiya Jayasekara* >>>>>>>> *Senior Software Engineer,* >>>>>>>> *WSO2 inc., http://wso2.com <http://wso2.com>* >>>>>>>> >>>>>>>> *Phone: +94715478185 <%2B94715478185>* >>>>>>>> *LinkedIn: http://www.linkedin.com/in/bhathiyaj >>>>>>>> <http://www.linkedin.com/in/bhathiyaj>* >>>>>>>> *Twitter: https://twitter.com/bhathiyax >>>>>>>> <https://twitter.com/bhathiyax>* >>>>>>>> *Blog: http://movingaheadblog.blogspot.com >>>>>>>> <http://movingaheadblog.blogspot.com/>* >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> Dev mailing list >>>>>>>> [email protected] >>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>>> >>>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> *Bhathiya Jayasekara* >>>>>> *Senior Software Engineer,* >>>>>> *WSO2 inc., http://wso2.com <http://wso2.com>* >>>>>> >>>>>> *Phone: +94715478185 <%2B94715478185>* >>>>>> *LinkedIn: http://www.linkedin.com/in/bhathiyaj >>>>>> <http://www.linkedin.com/in/bhathiyaj>* >>>>>> *Twitter: https://twitter.com/bhathiyax >>>>>> <https://twitter.com/bhathiyax>* >>>>>> *Blog: http://movingaheadblog.blogspot.com >>>>>> <http://movingaheadblog.blogspot.com/>* >>>>>> >>>>> >>>>> >>>>> _______________________________________________ >>>>> Dev mailing list >>>>> [email protected] >>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>> >>>>> >>>> >>>> >>>> -- >>>> *Pubudu Gunatilaka* >>>> Committer and PMC Member - Apache Stratos >>>> Software Engineer >>>> WSO2, Inc.: http://wso2.com >>>> mobile : +94774079049 <%2B94772207163> >>>> >>>> >>> >>> >>> -- >>> *Bhathiya Jayasekara* >>> *Senior Software Engineer,* >>> *WSO2 inc., http://wso2.com <http://wso2.com>* >>> >>> *Phone: +94715478185 <%2B94715478185>* >>> *LinkedIn: http://www.linkedin.com/in/bhathiyaj >>> <http://www.linkedin.com/in/bhathiyaj>* >>> *Twitter: https://twitter.com/bhathiyax <https://twitter.com/bhathiyax>* >>> *Blog: http://movingaheadblog.blogspot.com >>> <http://movingaheadblog.blogspot.com/>* >>> >> >> >> >> -- >> *Pubudu Gunatilaka* >> Committer and PMC Member - Apache Stratos >> Software Engineer >> WSO2, Inc.: http://wso2.com >> mobile : +94774079049 <%2B94772207163> >> >> > > > -- > *Bhathiya Jayasekara* > *Senior Software Engineer,* > *WSO2 inc., http://wso2.com <http://wso2.com>* > > *Phone: +94715478185 <%2B94715478185>* > *LinkedIn: http://www.linkedin.com/in/bhathiyaj > <http://www.linkedin.com/in/bhathiyaj>* > *Twitter: https://twitter.com/bhathiyax <https://twitter.com/bhathiyax>* > *Blog: http://movingaheadblog.blogspot.com > <http://movingaheadblog.blogspot.com/>* > -- *Pubudu Gunatilaka* Committer and PMC Member - Apache Stratos Software Engineer WSO2, Inc.: http://wso2.com mobile : +94774079049 <%2B94772207163>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
