Hi, I think that 8140 should be bidirectional.
Regards, El 04/03/2014 12:55, <[email protected]> escribió: > I know this is someone fairly obvious that I'm missing but I'm having > trouble getting a puppet agent running on a google compute instance to talk > to my puppet master > > *Networking* > I have added a firewall rule to GCE to allow 8140 tcp from my puppet > master to instances connected to the network where my agent resides. > I have disabled firewalls on master and agent for testing. > I can ping the master from agent by IP, FQDN and "puppet" > I can ping the agent from master by IP & FQDN > > *On master * > puppet cert list shows no certs outstanding > running wireshark on master shows only icmp traffic from agent at the time > of cert request > > *On agent:* > [root@server]# puppet agent --server MYFQDNMASTER --waitforcert 60 --test > Error: Could not request certificate: Connection timed out - connect(2) > > > I installed puppet (agent) from puppetlabs RHEL repo and puppet --version > reports 3.4.3 > Puppet master is from foreman 1.4.1 and reports version as 2.7.23 for both > master and agent > service puppet status reports its running on the agent > > I edited /etc/puppet/puppet.conf on the agent to be > > [main] > # The Puppet log directory. > # The default value is '$vardir/log'. > logdir = /var/log/puppet > > # Where Puppet PID files are kept. > # The default value is '$vardir/run'. > rundir = /var/run/puppet > > # Where SSL certificates are kept. > # The default value is '$confdir/ssl'. > ssldir = $vardir/ssl > > [agent] > # The file in which puppetd stores a list of the classes > # associated with the retrieved configuratiion. Can be loaded in > # the separate ``puppet`` executable using the ``--loadclasses`` > # option. > # The default value is '$confdir/classes.txt'. > classfile = $vardir/classes.txt > > # Where puppetd caches the local configuration. An > # extension indicating the cache format is added automatically. > # The default value is '$confdir/localconfig'. > localconfig = $vardir/localconfig > server = FQDN of my puppet master > report = true > pluginsync = true > certname = FQDN of agent > > > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/85f85794-eb0e-407f-99ed-c17080ef2d69%40googlegroups.com > . > For more options, visit https://groups.google.com/groups/opt_out. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAF_B3dfFw3YBzoQtqSinPQJcy1MoSufeGkqtPCPrz%3De5xEeM1A%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
