Hi guys, I just upgraded my puppet 2.7.x to Puppet 3. Upgrade is smooth except for one thing. I'm getting the error below:
Warning: Unable to fetch my node definition, but the agent run will continue: Warning: Error 403 on SERVER: Forbidden request: [hostname] access to /node/[hostname] [find] at :0 Info: Retrieving plugin Error: /File[/var/lib/puppet/lib]: Failed to generate additional resources using 'eval_generate: Error 403 on SERVER: Forbidden request: [hostname] access to /file_metadata/plugins [search] at :0 Error: /File[/var/lib/puppet/lib]: Could not evaluate: Error 403 on SERVER: Forbidden request: [hostname] access to /file_metadata/plugins [find] at :0 Could not retrieve file metadata for puppet://[hostname]/plugins: Error 403 on SERVER: Forbidden request: [hostname] access to /file_metadata/plugins [find] at :0 Info: Loading facts in /etc/puppet/modules/augeas/lib/facter/augeasversion.rb Info: Loading facts in /etc/puppet/modules/concat/lib/facter/concat_basedir.rb Info: Loading facts in /etc/puppet/modules/firewall/lib/facter/ip6tables_version.rb Info: Loading facts in /etc/puppet/modules/firewall/lib/facter/iptables_version.rb Info: Loading facts in /etc/puppet/modules/mmm/lib/facter/ipaddresses.rb Info: Loading facts in /etc/puppet/modules/stdlib/lib/facter/pe_version.rb Info: Loading facts in /etc/puppet/modules/stdlib/lib/facter/puppet_vardir.rb Info: Loading facts in /etc/puppet/modules/stdlib/lib/facter/root_home.rb Info: Loading facts in /etc/puppet/modules/sudo/lib/facter/sudo.rb Info: Loading facts in /etc/puppet/modules/xen/lib/facter/lvm_freespace.rb Info: Loading facts in /var/lib/puppet/lib/facter/ip6tables_version.rb Info: Loading facts in /var/lib/puppet/lib/facter/ipaddresses.rb Info: Loading facts in /var/lib/puppet/lib/facter/lvm_freespace.rb Info: Loading facts in /var/lib/puppet/lib/facter/sudo.rb Info: Loading facts in /var/lib/puppet/lib/facter/puppet_vardir.rb Info: Loading facts in /var/lib/puppet/lib/facter/root_home.rb Info: Loading facts in /var/lib/puppet/lib/facter/iptables_version.rb Info: Loading facts in /var/lib/puppet/lib/facter/pe_version.rb Info: Loading facts in /var/lib/puppet/lib/facter/concat_basedir.rb Info: Loading facts in /var/lib/puppet/lib/facter/augeasversion.rb Error: Could not retrieve catalog from remote server: Error 403 on SERVER: Forbidden request: [hostname] access to /catalog/[hostname] [find] at :0 Warning: Not using cache on failed catalog Error: Could not retrieve catalog; skipping run I looked at the changelog and telly workarounds but still the same thing. Made sure all the source => 'puppet:///modules/x/x/' #### auth.conf # allow nodes to retrieve their own node definition path ~ ^/node/([^/]+)$ method find allow $1 # allow nodes to retrieve their own catalog path ~ ^/catalog/([^/]+)$ method find allow $1 # allow all nodes to access the certificates services path /certificate_revocation_list/ca method find allow * # allow all nodes to store their reports path /report method save allow * # Allow all nodes to access all file services; this is necessary for # pluginsync, file serving from modules, and file serving from custom # mount points (see fileserver.conf). Note that the `/file` prefix matches # requests to both the file_metadata and file_content paths. See "Examples" # above if you need more granular access control for custom mount points. path /file allow * path /plugins allow * ### Unauthenticated ACLs, for clients without valid certificates; authenticated ### clients can also access these paths, though they rarely need to. # allow access to the CA certificate; unauthenticated nodes need this # in order to validate the puppet master's certificate path /certificate/ca auth any method find allow * # allow nodes to retrieve the certificate they requested earlier path /certificate/ auth any method find allow * # allow nodes to request a new certificate path /certificate_request auth any method find, save allow * # deny everything else; this ACL is not strictly necessary, but # illustrates the default policy. path / auth any path ~ ^/file_(metadata|content)/files/ auth yes allow puppet.domain.com allow 10.0.0.10 ### fileserver.conf # This file consists of arbitrarily named sections/modules # defining where files are served from and to whom # Define a section 'files' # Adapt the allow/deny settings to your needs. Order # for allow/deny does not matter, allow always takes precedence # over deny [files] path /etc/puppet/files # allow *.example.com allow * [plugins] # allow *.example.com # deny *.evil.example.com # allow 192.168.0.0/24 allow * What am I doing wrong here? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
