On Tuesday, November 4, 2014 2:45:07 PM UTC-6, ghtp wrote: > > Hello friends. I'm having a hard time recovering a catalog for the first time > in a local agent with a master on amazon. Only the master is on Amazon. When > I use "puppet agent --test" he says "err: Could not retrieve catalog from > remote server: Server hostname 'puppetmaster' did not match server > certificate; expected one of xxxx". The machine does not have the local > field agent, but has certificate issued by the master. Created a site.pp > at master, but when I apply it it complains "Error: Could not find default > node or by name with xxx". How can I fix this? Thank you. >
You're reporting at least two separate problems. I'm not confident whether I am correctly parsing where one stops and the other starts. Nevertheless, this error message... err: Could not retrieve catalog from remote server: Server hostname ' > puppetmaster' did not match server certificate; expected one of xxxx > ... indicates that the master's digital certificate does not list 'puppetmaster' as one of the owner's names. To prove its identity, the master must present a certificate signed by an authority recognized by the agent and listing the name by which the agent contacts. This kind of problem can arise if you change the master's hostname after issuing its certificate, or if agents contact the master by a different name than the one it calls itself. The latter includes differences between qualified and unqualified names, so it is possible that all you need to do is reconfigure the agent to connect via a name of the form "puppetmaster.mydomain.com". With respect to this message ... Error: Could not find default node or by name with xxx > ... puppet is complaining that in the chosen environment there no node block that can be matched to the node on which 'puppet apply' is running. If I understand correctly that you are running that 'puppet apply' on the master then it may be another symptom of the same disagreement about names that is causing the other error. I have to say, though, that I don't very well like the idea of running "puppet apply" on a puppetmaster. If you are using a master at all, then you should manage it by running the agent locally on it. John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/8215b034-aef5-4ba2-8ea8-3ed7b75fa6db%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
