[Puppet Users] GCE based puppet agent connection to master fails

Tue, 04 Mar 2014 03:56:29 -0800 

I know this is someone fairly obvious that I'm missing but I'm having 
trouble getting a puppet agent running on a google compute instance to talk 
to my puppet master

*Networking*
I have added a firewall rule to GCE to allow 8140 tcp from my puppet master 
to instances connected to the network where my agent resides.
I have disabled firewalls on master and agent for testing.
I can ping the master from agent by IP, FQDN and "puppet"
I can ping the agent from master by IP & FQDN

*On master *
puppet cert list shows no certs outstanding
running wireshark on master shows only icmp traffic from agent at the time 
of cert request

*On agent:*
[root@server]# puppet agent --server MYFQDNMASTER --waitforcert 60 --test
Error: Could not request certificate: Connection timed out - connect(2)


I installed puppet (agent) from puppetlabs RHEL repo and puppet --version 
reports 3.4.3
Puppet master is from foreman 1.4.1 and reports version as 2.7.23 for both 
master and agent
service puppet status reports its running on the agent

I edited /etc/puppet/puppet.conf on the agent to be

[main]
    # The Puppet log directory.
    # The default value is '$vardir/log'.
    logdir = /var/log/puppet

    # Where Puppet PID files are kept.
    # The default value is '$vardir/run'.
    rundir = /var/run/puppet

    # Where SSL certificates are kept.
    # The default value is '$confdir/ssl'.
    ssldir = $vardir/ssl

[agent]
    # The file in which puppetd stores a list of the classes
    # associated with the retrieved configuratiion.  Can be loaded in
    # the separate ``puppet`` executable using the ``--loadclasses``
    # option.
    # The default value is '$confdir/classes.txt'.
    classfile = $vardir/classes.txt

    # Where puppetd caches the local configuration.  An
    # extension indicating the cache format is added automatically.
    # The default value is '$confdir/localconfig'.
    localconfig = $vardir/localconfig
server = FQDN of my puppet master
report = true
pluginsync = true
certname = FQDN of agent



-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/85f85794-eb0e-407f-99ed-c17080ef2d69%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Reply via email to