So it means there is a firewall dropping the connection somewhere El 04/03/2014 14:45, <[email protected]> escribió:
> From agent to master I get "connection timed out" for port 8140 but for > port 443 and 80 I get Escape character is '^]' > > From master to agent I get "connection refused" > > On Tuesday, March 4, 2014 1:24:37 PM UTC, Jose Luis Ledesma wrote: >> >> Good question >> >> Try a >> Telnet puppet-master 8140 >> >> From the "agent" >> El 04/03/2014 14:20, "Michael.OBrien" <[email protected]> escribió: >> >>> Wouldn't it be bidirectional if the agent's firewall was off because >>> GCE doesn't block outgoing traffic with its firewall? >>> >>> >>> >>> *From:* [email protected] [mailto:[email protected]] *On >>> Behalf Of *José Luis Ledesma >>> *Sent:* 04 March 2014 13:11 >>> *To:* [email protected] >>> *Subject:* Re: [Puppet Users] GCE based puppet agent connection to >>> master fails >>> >>> >>> >>> Hi, >>> >>> I think that 8140 should be bidirectional. >>> >>> Regards, >>> >>> El 04/03/2014 12:55, <[email protected]> escribió: >>> >>> I know this is someone fairly obvious that I'm missing but I'm having >>> trouble getting a puppet agent running on a google compute instance to talk >>> to my puppet master >>> >>> *Networking* >>> I have added a firewall rule to GCE to allow 8140 tcp from my puppet >>> master to instances connected to the network where my agent resides. >>> I have disabled firewalls on master and agent for testing. >>> I can ping the master from agent by IP, FQDN and "puppet" >>> I can ping the agent from master by IP & FQDN >>> >>> *On master * >>> puppet cert list shows no certs outstanding >>> running wireshark on master shows only icmp traffic from agent at the >>> time of cert request >>> >>> *On agent:* >>> [root@server]# puppet agent --server MYFQDNMASTER --waitforcert 60 >>> --test >>> Error: Could not request certificate: Connection timed out - connect(2) >>> >>> >>> I installed puppet (agent) from puppetlabs RHEL repo and puppet >>> --version reports 3.4.3 >>> Puppet master is from foreman 1.4.1 and reports version as 2.7.23 for >>> both master and agent >>> service puppet status reports its running on the agent >>> >>> I edited /etc/puppet/puppet.conf on the agent to be >>> >>> [main] >>> # The Puppet log directory. >>> # The default value is '$vardir/log'. >>> logdir = /var/log/puppet >>> >>> # Where Puppet PID files are kept. >>> # The default value is '$vardir/run'. >>> rundir = /var/run/puppet >>> >>> # Where SSL certificates are kept. >>> # The default value is '$confdir/ssl'. >>> ssldir = $vardir/ssl >>> >>> [agent] >>> # The file in which puppetd stores a list of the classes >>> # associated with the retrieved configuratiion. Can be loaded in >>> # the separate ``puppet`` executable using the ``--loadclasses`` >>> # option. >>> # The default value is '$confdir/classes.txt'. >>> classfile = $vardir/classes.txt >>> >>> # Where puppetd caches the local configuration. An >>> # extension indicating the cache format is added automatically. >>> # The default value is '$confdir/localconfig'. >>> localconfig = $vardir/localconfig >>> server = FQDN of my puppet master >>> report = true >>> pluginsync = true >>> certname = FQDN of agent >>> >>> >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Puppet Users" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit https://groups.google.com/d/ >>> msgid/puppet-users/85f85794-eb0e-407f-99ed-c17080ef2d69% >>> 40googlegroups.com. >>> For more options, visit https://groups.google.com/groups/opt_out. >>> >>> -- >>> You received this message because you are subscribed to a topic in the >>> Google Groups "Puppet Users" group. >>> To unsubscribe from this topic, visit https://groups.google.com/d/ >>> topic/puppet-users/GaX5OZD8XTE/unsubscribe. >>> To unsubscribe from this group and all its topics, send an email to >>> [email protected]. >>> To view this discussion on the web visit https://groups.google.com/d/ >>> msgid/puppet-users/CAF_B3dfFw3YBzoQtqSinPQJcy1MoSufeG >>> kqtPCPrz%3De5xEeM1A%40mail.gmail.com<https://groups.google.com/d/msgid/puppet-users/CAF_B3dfFw3YBzoQtqSinPQJcy1MoSufeGkqtPCPrz%3De5xEeM1A%40mail.gmail.com?utm_medium=email&utm_source=footer> >>> . >>> For more options, visit https://groups.google.com/groups/opt_out. >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Puppet Users" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit https://groups.google.com/d/ >>> msgid/puppet-users/36667CDCAAF70140AE7738BB93CA8C >>> 9605915F%40ExMbx1.ul.campus<https://groups.google.com/d/msgid/puppet-users/36667CDCAAF70140AE7738BB93CA8C9605915F%40ExMbx1.ul.campus?utm_medium=email&utm_source=footer> >>> . >>> For more options, visit https://groups.google.com/groups/opt_out. >>> >> -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/bcd0251f-2962-4d07-9a1e-e3f9f23dcf70%40googlegroups.com > . > For more options, visit https://groups.google.com/groups/opt_out. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAF_B3ddHwPsqAYv-d17dqCJAdSWPHPFzUzpBq%3Ds58ixic80ZDg%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
