Have you try adding server parameter as i said in earlier post.
On Thu, Sep 26, 2013 at 2:44 PM, Dilip Varma <dilippand...@gmail.com> wrote:
> Hi
>
> *puppetmaster#vim /etc/puppet/puppet.conf*
>
> [main]
> logdir=/var/log/puppet
> vardir=/var/lib/puppet
> ssldir=/var/lib/puppet/ssl
> rundir=/var/run/puppet
> factpath=$vardir/lib/facter
> templatedir=$confdir/templates
> prerun_command=/etc/puppet/etckeeper-commit-pre
> postrun_command=/etc/puppet/etckeeper-commit-post
> listen = true
> [master]
> # These are needed when the puppetmaster is run by passenger
> # and can safely be removed if webrick is used.
> ssl_client_header = SSL_CLIENT_S_DN
> ssl_client_verify_header = SSL_CLIENT_VERIFY
>
> puppetmaster#vim /etc/puppet/auth.conf
> [main]
> logdir=/var/log/puppet
> vardir=/var/lib/puppet
> ssldir=/var/lib/puppet/ssl
> rundir=/var/run/puppet
> factpath=$vardir/lib/facter
> templatedir=$confdir/templates
> prerun_command=/etc/puppet/etckeeper-commit-pre
> postrun_command=/etc/puppet/etckeeper-commit-post
> listen = true
> [master]
> # These are needed when the puppetmaster is run by passenger
> # and can safely be removed if webrick is used.
> ssl_client_header = SSL_CLIENT_S_DN
> ssl_client_verify_header = SSL_CLIENT_VERIFY
>
> *puppetmaster#vim /etc/puppet/auth.conf*
>
>
> # This is an example auth.conf file, it mimics the puppetmasterd defaults
> #
> # The ACL are checked in order of appearance in this file.
> #
> # Supported syntax:
> # This file supports two different syntax depending on how
> # you want to express the ACL.
> #
> # Path syntax (the one used below):
> # ---------------------------------
> # path /path/to/resource
> # [environment envlist]
> # [method methodlist]
> # [auth[enthicated] {yes|no|on|off|any}]
> # allow [host|ip|*]
> # deny [host|ip]
> #
> # The path is matched as a prefix. That is /file match at
> # the same time /file_metadat and /file_content.
> #
> # Regex syntax:
> # -------------
> # This one is differenciated from the path one by a '~'
> #
> # path ~ regex
> # [environment envlist]
> # [method methodlist]
> # [auth[enthicated] {yes|no|on|off|any}]
> # allow [host|ip|*]
> # deny [host|ip]
> #
> # The regex syntax is the same as ruby ones.
> #
> # Ex:
> # path ~ .pp$
> # will match every resource ending in .pp (manifests files for instance)
> #
> # path ~ ^/path/to/resource
> # is essentially equivalent to path /path/to/resource
> #
> # environment:: restrict an ACL to a specific set of environments
> # method:: restrict an ACL to a specific set of methods
> # auth:: restrict an ACL to an authenticated or unauthenticated request
> # the default when unspecified is to restrict the ACL to authenticated
> requests
> # (ie exactly as if auth yes was present).
> #
>
> ### Authenticated ACL - those applies only when the client
> ### has a valid certificate and is thus authenticated
>
> # allow nodes to retrieve their own catalog (ie their configuration)
> path ~ ^/catalog/([^/]+)$
> method find
> allow $1
>
> # allow nodes to retrieve their own node definition
> path ~ ^/node/([^/]+)$
> method find
> allow $1
>
> # allow all nodes to access the certificates services
> path /certificate_revocation_list/ca
> method find
> allow *
>
> # allow all nodes to store their own reports
> path ~ ^/report/([^/]+)$
> method save
> allow $1
>
> # inconditionnally allow access to all files services
> # which means in practice that fileserver.conf will
> # still be used
> path /file
>
>
>
>
> Thanks,
> Dilip
> allow *
>
> ### Unauthenticated ACL, for clients for which the current master doesn't
> ### have a valid certificate; we allow authenticated users, too, because
> ### there isn't a great harm in letting that request through.
>
> # allow access to the master CA
> path /certificate/ca
> auth any
> method find
> allow *
>
> path /certificate/
> auth any
> method find
> allow *
>
> path /certificate_request
> auth any
> method find, save
> allow *
>
> # this one is not stricly necessary, but it has the merit
> # to show the default policy which is deny everything else
> #path /
> path /run
> auth any
>
> These are my puppet.conf and auth.conf of puppet master...
>
> Please find the solution..
>
> On Thu, Sep 26, 2013 at 12:54 PM, Dilip Varma <dilippand...@gmail.com>wrote:
>
>>
>> Hi,
>>
>> I've done some cofiguration in /etc/puppet/manifests/site.pp file i.e
>>
>> class toolbox {
>>
>> file { '/usr/local/sbin/puppetsimple.sh':
>> owner => root,group => root,mode => 0755,content => "#!/bin/bash
>> apt-get install zip\n"
>> }
>> }
>> node 'admin.local' {
>> include toolbox
>>
>> }
>>
>> Here admin.local is my PUPPET AGENT..
>>
>> my job is to kick this job to puppet agent from puppet master.for this i
>> have ran
>>
>> *r...@puppetmaster.example.org#puppet kick admin.local*
>> *Triggering admin.local
>> Host admin.local failed: Connection refused - connect(2)
>> admin.local finished with exit code 2
>> Failed: admin.local*
>>
>> i got this error.
>> *Additional Info*:puppet master and agent are in the same
>> network,pinging each other and configured password less logins also..
>>
>> Please find the attachment regarding the puppet error mentioned above.
>>
>> Thanks in advance
>> Dilip
>>
>>
>> --
>> You received this message because you are subscribed to a topic in the
>> Google Groups "Puppet Users" group.
>> To unsubscribe from this topic, visit
>> https://groups.google.com/d/topic/puppet-users/OMJFUxP4XgM/unsubscribe.
>> To unsubscribe from this group and all its topics, send an email to
>> puppet-users+unsubscr...@googlegroups.com.
>> To post to this group, send email to puppet-users@googlegroups.com.
>> Visit this group at http://groups.google.com/group/puppet-users.
>> For more options, visit https://groups.google.com/groups/opt_out.
>>
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Puppet Users" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/puppet-users/OMJFUxP4XgM/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> puppet-users+unsubscr...@googlegroups.com.
> To post to this group, send email to puppet-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/puppet-users.
> For more options, visit https://groups.google.com/groups/opt_out.
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
