Hi,
I am trying to bootstrap a new agent from my master node as below. puppet node_aws bootstrap \ --region us-east-1 \ --image ami-cc5af9a5 \ --login root \ --keyfile /root/.ssh/private.pem \ --install-script=puppet-enterprise \ --installer-payload=/usr/local/puppet/puppet-2.7.0.tar.gz \ --installer-answers=/usr/local/puppet/agent.txt \ --keyname icos-client \ --type t1.micro Node is created & puppet is also installed but i am getting errors as below. [root@ip-10-224-122-211 tmp]# puppet node_aws bootstrap \ > --region us-east-1 \ > --image ami-cc5af9a5 \ > --login root \ > --keyfile /root/.ssh/private.pem \ > --install-script=puppet-enterprise \ > --installer-payload=/usr/local/puppet/puppet-2.7.0.tar.gz \ > --installer-answers=/usr/local/puppet/agent.txt \ > --keyname icos-client \ > --type t1.micro notice: Creating new instance ... notice: Creating new instance ... Done notice: Creating tags for instance ... notice: Creating tags for instance ... Done notice: Launching server i-d47263aa ... ###################### notice: Server i-d47263aa is now launched notice: Server i-d47263aa public dns name: ec2-174-129-49-32.compute-1.amazonaws.com notice: Waiting for SSH response ... Text will be echoed in the clear. Please install the HighLine or Termios libraries to suppress echoed text. Enter passphrase for /root/.ssh/private.pem:icosroot notice: Waiting for SSH response ... Done Enter passphrase for /root/.ssh/private.pem:icosroot notice: Uploading Puppet Enterprise tarball ... Enter passphrase for :icosroot notice: Uploading Puppet Enterprise tarball ... Done Enter passphrase for :icosroot notice: Installing Puppet ... Enter passphrase for :icosroot Enter passphrase for /root/.ssh/private.pem:icosroot Enter passphrase for /root/.ssh/private.pem:icosroot notice: Puppet is now installed on: ec2-174-129-49-32.compute-1.amazonaws.com notice: No classification method selected notice: Signing certificate ... err: Signing certificate ... Failed err: Signing certificate error: Could not render to pson: getaddrinfo: Name or service not known I tried to manually sign certificate from master as below [root@ip-10-224-122-211 tmp]# puppet cert sign ip-10-196-90-236 notice: Signed certificate request for ip-10-196-90-236 notice: Removing file Puppet::SSL::CertificateRequest ip-10-196-90-236 at '/etc/puppetlabs/puppet/ssl/ca/requests/ip-10-196-90-236.pem' But when i am trying to test from agent, i am getting errors again. [root@ip-10-196-90-236 ~]# puppet agent -t info: Retrieving plugin err: /File[/var/opt/lib/pe-puppet/lib]: Failed to generate additional resources using 'eval_generate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate revoked for /CN=ip-10-224-122-211.ec2.internal] err: /File[/var/opt/lib/pe-puppet/lib]: Could not evaluate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate revoked for /CN=ip-10-224-122-211.ec2.internal] Could not retrieve file metadata for puppet://ip-10-224-122-211.ec2.internal/plugins: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate revoked for /CN=ip-10-224-122-211.ec2.internal] err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate revoked for /CN=ip-10-224-122-211.ec2.internal] warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run err: Could not send report: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate revoked for /CN=ip-10-224-122-211.ec2.internal] Not sure where i am going wrong. Can anybody help? Regards. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/7-3tQ-sUaQEJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
