Hello,
I am working on moving to a new puppetmaster. Along with this move I
am updating to Puppet 0.24.8.
As it stands, my test client can't connect:
notice: Starting Puppet client version 0.24.8
debug: Loaded state in 0.00 seconds
debug: Retrieved facts in 1.12 seconds
debug: Retrieving catalog
debug: Calling puppetmaster.getconfig
err: Could not retrieve catalog: Could not find node
'vz200b.liquidweb.com'; cannot compile
On my puppetmaster we are using an external_nodes.py script:
### Imports
import sys
import re
import time
import yaml
### Constants
# puppet user must have read acces to this
NODEFILE = '/etc/puppet/nodes.yaml'
# puppet user must have write access to this
LOGFILE = '/var/log/puppet/nodes.log'
### Arguments
hostname = sys.argv[1]
### Functions
# Open NODESFILE and load the two documents into structures, return as
tuple
def parse_nodefile():
f = file(NODEFILE, 'r')
docs = yaml.load_all(f.read())
f.close()
return (docs.next(), docs.next())
# Write a msg to LOGFILE
def log(msg):
f = file(LOGFILE, 'a')
timestamp = time.strftime('%Y%m%d-%H:%M')
f.write(timestamp + ' - ' + msg + '\n')
f.close()
### Action!
(regexes, modules) = parse_nodefile()
for nodetype, regexlist in regexes.iteritems():
for regex in regexlist:
p = re.compile(regex)
m = p.match(hostname)
if m:
found_nodetype = nodetype
modulelist = modules['default']
try:
if found_nodetype and modules[found_nodetype] is not None:
modulelist.extend(modules[found_nodetype])
except NameError:
log(hostname + ' doesn\'t match a defined node type')
sys.exit(1)
yamldoc = {'classes': modulelist}
print yaml.dump(yamldoc, explicit_start=True,
default_flow_style=False)
# Puppet expects a return code of 0 to signal to indicate success
# and non-zero for error or a non-regcognized hostname
sys.exit(0)
Which does work how I would expect:
[r...@vpsadmins ~]# python /etc/puppet/tools/external_nodes.py
vz200b.liquidweb.com
---
classes:
- custom
- monitoring::base
- ntpd
- puppetd
- rpms
- sshd
- yum
- crontab
- iptables
- ldap::client
- monitoring::vps
- sudo
- virtuozzo
- vpsscripts
I am using a Passenger configuration on the Puppetmaster, here's the
debug output when I attempt to connect from the client:
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: Handling request,
details:
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_CLIENT_A_KEY -> rsaEncryption
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_CLIENT_M_SERIAL -> 05
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_COMPRESS_METHOD -> NULL
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: SERVER_NAME ->
vpsadmins.liquidweb.com
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: rack.url_scheme
-> https
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: rack.run_once -
> false
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: rack.input ->
#<Rack::RewindableInput:0x2aaaac39e5f0>
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: CONTENT_LENGTH -
> 3122
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_CLIENT_S_DN_CN -> vz200b.liquidweb.com
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: SSL_CIPHER ->
RC4-SHA
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_VERSION_LIBRARY -> OpenSSL/0.9.8e-fips-rhel5
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: HTTP_USER_AGENT
-> XMLRPC::Client (Ruby
1.8.6)
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
HTTP_CONTENT_TYPE -> text/xml;
charset=utf-8
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: PATH_INFO -> /
RPC2
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: rack.request ->
#<Rack::Request:
0x2aaaac39e3e8>
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: rack.errors ->
#<IO:
0x2b3a0f5b0030>
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_SERVER_A_KEY -> rsaEncryption
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: SSL_SERVER_I_DN
-> /CN=vpsadmins.liquidweb.com
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: SSL_SERVER_S_DN
-> /CN=vpsadmins.liquidweb.com
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_SERVER_V_END -> Jun 23 04:50:02 2014 GMT
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_CLIENT_I_DN_CN -> vpsadmins.liquidweb.com
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_CLIENT_V_START -> Jun 24 07:10:24 2009 GMT
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_VERSION_INTERFACE -> mod_ssl/2.2.3
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: HTTP_HOST ->
vpsadmins.liquidweb.com:8140
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: SCRIPT_NAME ->
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: SERVER_ADDR ->
67.227.140.92
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: SERVER_PROTOCOL
-> HTTP/1.1
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_CIPHER_EXPORT -> false
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
HTTP_CONTENT_LENGTH -> 3122
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: REMOTE_ADDR ->
72.52.171.252
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: SERVER_SOFTWARE
-> Apache/2.2.3 (CentOS)
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_SERVER_S_DN_CN -> vpsadmins.liquidweb.com
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_CLIENT_V_REMAIN -> 1824
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_CIPHER_USEKEYSIZE -> 128
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: SSL_PROTOCOL ->
TLSv1
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
HTTP_X_CLIENT_DN -> /CN=vz200b.liquidweb.com
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: CONTENT_TYPE ->
text/xml; charset=utf-8
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: HTTPS -> on
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
rack.multithread -> false
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: rack.version ->
1
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: SSL_SESSION_ID -
> 2786D42F13262281101B52DCA7770A14F494BBD7633653CB7A639A42743A9947
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_SERVER_I_DN_CN -> vpsadmins.liquidweb.com
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_SERVER_V_START -> Jun 24 04:50:02 2009 GMT
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: SSL_CLIENT_I_DN
-> /CN=vpsadmins.liquidweb.com
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: SSL_CLIENT_S_DN
-> /CN=vz200b.liquidweb.com
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_CLIENT_M_VERSION -> 3
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_CIPHER_ALGKEYSIZE -> 128
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
rack.multiprocess -> true
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: DOCUMENT_ROOT -
> /home/puppet/rack/puppetmasterd/public
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: REQUEST_URI -> /
RPC2
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_SERVER_M_VERSION -> 3
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_CLIENT_A_SIG -> sha1WithRSAEncryption
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: SERVER_PORT ->
8140
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_SERVER_M_SERIAL -> 01
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_CLIENT_VERIFY -> SUCCESS
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
HTTP_X_CLIENT_VERIFY -> SUCCESS
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: QUERY_STRING ->
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: REMOTE_PORT ->
47256
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: SERVER_ADMIN ->
[email protected]
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: _ -> _
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
HTTP_X_SSL_SUBJECT -> /CN=vz200b.liquidweb.com
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: HTTP_ACCEPT ->
*/*
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_SERVER_A_SIG -> sha1WithRSAEncryption
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env:
SSL_CLIENT_V_END -> Jun 23 07:10:24 2014 GMT
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: HTTP_CONNECTION
-> keep-alive
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: env: REQUEST_METHOD -
> POST
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: Request Body: <?xml
version="1.0" ?><methodCall><methodName>puppetmaster.getconfig</
methodName><params><param><value><string>---+%0Avirtual%3A+openvzhn
%0Aprocessor2%3A+Dual+Core+AMD+Opteron%28tm%29+Processor
+265%0Aserialnumber%3A+0123456789%0Akernel%3A+Linux%0Ais_virtual%3A+
%22false%22%0Aprocessorcount%3A+%224%22%0Arubysitedir%3A+%2Fusr%2Flib
%2Fruby%2Fsite_ruby%2F1.8%0Aprocessor3%3A+Dual+Core+AMD+Opteron%28tm
%29+Processor+265%0Alsbrelease%3A+%22%3Acore-3.0-ia32%3Acore-3.0-noarch
%3Agraphics-3.0-ia32%3Agraphics-3.0-noarch%22%0Ahardwaremodel%3A
+i686%0Auniqueid%3A+3448fcab%0Anetwork_eth0%3A
+72.52.168.0%0Aoperatingsystemrelease%3A+%224.7%22%0Auptime_seconds%3A+
%2248397832%22%0Aclientversion%3A+0.24.8%0Aswapfree%3A+5.92+GB
%0Aipaddress%3A+72.52.171.252%0Anetmask%3A
+255.255.252.0%0Aphysicalprocessorcount%3A+%222%22%0Anetwork_eth1%3A
+10.4.0.0%0Amemorysize%3A+7.91+GB%0Anetmask_eth0%3A
+255.255.252.0%0Anetmask_eth1%3A+255.255.0.0%0Atimezone%3A+EDT%0Afqdn
%3A+vz200b.liquidweb.co
Jun 25 04:39:05 vpsadmins puppetmasterd[32481]: Could not call: Could
not find node 'vz200b.liquidweb.com'; cannot compile
Here's my config.ru:
# This file is mostly based on puppetmasterd, which is part of
# the standard puppet distribution.
require 'rack'
require 'puppet'
require 'puppet/network/http_server/rack'
# startup code stolen from bin/puppetmasterd
Puppet.parse_config
Puppet::Util::Log.level = :debug
Puppet::Util::Log.newdestination(:syslog)
# A temporary solution, to at least make the master work for now.
Puppet::Node::Facts.terminus_class = :yaml
# Cache our nodes in yaml. Currently not configurable.
Puppet::Node.cache_class = :yaml
# The list of handlers running inside this puppetmaster
handlers = {
:Status => {},
:FileServer =>
{},
:Master
=>
{},
:CA
=>
{},
:FileBucket
=>
{},
:Report
=>
{}
}
# Fire up the Rack-Server instance
server = Puppet::Network::HTTPServer::Rack.new(handlers)
# prepare the rack app
app = proc do |env|
server.process(env)
end
# Go.
run app
and my vhosts entry:
Listen 8140
<VirtualHost *:8140>
ServerAdmin [email protected]
CustomLog logs/puppetmasterd-access_log combined
ErrorLog logs/puppetmasterd-error_log
LoadModule passenger_module /usr/lib64/ruby/gems/1.8/gems/
passenger-2.2.2/ext/apache2/mod_passenger.so
PassengerRoot /usr/lib64/ruby/gems/1.8/gems/passenger-2.2.2
PassengerRuby /usr/bin/ruby
SSLEngine on
SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA
SSLCertificateFile /var/lib/puppet/ssl/certs/
vpsadmins.liquidweb.com.pem
SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/
vpsadmins.liquidweb.com.pem
SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
# CRL checking should be enabled;
# If you have problems with Apache complaining about the CRL,
disable the next
line
SSLCARevocationFile /var/lib/puppet/ssl/ca/
ca_crl.pem
SSLVerifyClient
optional
SSLVerifyDepth
1
SSLOptions
+StdEnvVars
# The following client headers allow the same configuration to work
with Pound.
RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e
# Do not enable these at this point.
#PassengerHighPerformance on
#PassengerPoolIdleTime 1500
#PassengerStatThrottleRate 120
PassengerMaxPoolSize 12
PassengerMaxRequests 1000
RackAutoDetect On
DocumentRoot /home/puppet/rack/puppetmasterd/public
<Directory /home/puppet/rack/puppetmasterd/>
Options None
AllowOverride None
Order allow,deny
allow from all
</Directory>
</VirtualHost>
The rest of my puppet configuration is in /etc/puppet, if you need
more from there, let me know.
Anyone have any idea why I am getting this error? Any help would be
appreciated.
Thanks,
Curt Micol
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---
