On Wednesday, June 18, 2014 8:10:38 AM UTC-5, [email protected] wrote: > > > Hi, > > I still can make the ENC work on my puppet server. > > General: > Puppet server: 3.3.1 Puppet agent: 2.7.25 >
That's a potential problem, but not likely the one you're currently fighting. The master provides as much compatibility with older agents as it can, but that's so much older an agent (in version number terms) that you're pushing the envelope. Moreover, even the master is a little old -- current is 3.6.2. > The server run Passenger on Apache, so the puppetmaster run from apache > and not by himself. > > I have in /etc/puppet/puppet.conf : > [master] > mode_terminus = exec > external_nodes = /usr/bin/env > PUPPET_DASHBOARD_URL=http://user:pass@localhost:3000 > /usr/share/puppet-dashboard/bin/external_node > Per the docs, the 'external_nodes' property should be the full path to the ENC executable. Note well: "path to the executable" not "command line". Puppet will run that executable -- probably directly, not via a shell -- passing it the node's certname as the only argument. > script details: > The file external_node contain perl, all the directories and > the external_node itself have the permission 755. > > I did: > * When I run the perl script locally (as a regular script from the > command line – not with puppet) on the puppet server it run okay and give > the YAML output I sent in my previous emails. > * looking for errors in messages log and apache log – nothing > look suspicious. But the warning: > - [warn] RSA server certificate is a CA certificate > (BasicConstraints: CA == TRUE !?) > - YAML in network requests is deprecated and will be removed in a > future version. > * Also tried to make syntax error in my perl script external_node – got > no error in the logs. > > What make me think maybe: > * puppet it not running external_node script at all. > That seems a reasonable conclusion. > * ENC have problems when it Passenger & Apache? > > No. But perhaps either 1. Puppet is not using the config file you think it's using, or 2. you have not properly restarted the master to get it to read its updated configuration. Under Passenger, the config file Puppet uses is affected by your config.ru. In particular, therein you need to be sure to set the appropriate --confdir and --vardir. The default config.ru shipped with Puppet should be correct for a default Puppet installation, but if you installed in a different location or rolled your own config.ru then perhaps the problem is there. It's worth having a look in any case. John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/4179a29e-5478-4196-a561-c9096ac90b1d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
