HI all, Im playing around with PE 4.2, trying to learn MCO architecture I have 1 PE master on Ubuntu with AMQ broker 1 test node running Centos7 with PE agent 1 test node running Centos 5.7 with Open source puppet agent
first question, is it possible to enable the open source puppet agent to talk to PE AMQ broker? Or can PE Master talk and manage PE agents only? 2nd question: my Centos7 (with PE agent) is setup correctly, I can run "mco ping" from PE Master and Centos7 replies back on Centos5, I installed mcollective rpm on this Centos5 node and configured my certs and priv/pub keys [root@centos57 ssl]# pwd /etc/mcollective/ssl [root@centos57 ssl]# tree . |-- ca.cert.pem |-- centos57.cert.pem |-- centos57.private_key.pem |-- clients | |-- peadmin-public.pem | `-- puppet-dashboard-public.pem |-- mcollective-private.pem `-- mcollective-public.pem 1 directory, 7 files I copied the* centos57.cert.pem, centos57.private_key.pem *files from the /var/lib/puppet/ssl dir. This node however isnt talking to Puppetmaster, cat /var/log/mcollective.log I, [2016-04-01T21:58:14.535657 #5270] INFO -- : activemq.rb:129:in `on_connectfail' TCP Connection to stomp+ssl://mcollective@puppetmaster2:61613 failed on attempt 42 E, [2016-04-01T21:58:44.537839 #5270] ERROR -- : activemq.rb:149:in `on_ssl_connectfail' SSL session creation with stomp+ssl://mcollective@puppetmaster2:61613 failed: nested asn1 error I, [2016-04-01T21:58:44.538121 #5270] INFO -- : activemq.rb:129:in `on_connectfail' TCP Connection to stomp+ssl://mcollective@puppetmaster2:61613 failed on attempt 43 E, [2016-04-01T21:59:14.539604 #5270] ERROR -- : activemq.rb:149:in `on_ssl_connectfail' SSL session creation with stomp+ssl://mcollective@puppetmaster2:61613 failed: nested asn1 error I, [2016-04-01T21:59:14.539953 #5270] INFO -- : activemq.rb:129:in `on_connectfail' TCP Connection to stomp+ssl://mcollective@puppetmaster2:61613 failed on attempt 44 E, [2016-04-01T21:59:44.541296 #5270] ERROR -- : activemq.rb:149:in `on_ssl_connectfail' SSL session creation with stomp+ssl://mcollective@puppetmaster2:61613 failed: nested asn1 error I, [2016-04-01T21:59:44.541629 #5270] INFO -- : activemq.rb:129:in `on_connectfail' TCP Connection to stomp+ssl://mcollective@puppetmaster2:61613 failed on attempt 45 E, [2016-04-01T22:00:14.543349 #5270] ERROR -- : activemq.rb:149:in `on_ssl_connectfail' SSL session creation with stomp+ssl://mcollective@puppetmaster2:61613 failed: nested asn1 error I, [2016-04-01T22:00:14.543682 #5270] INFO -- : activemq.rb:129:in `on_connectfail' TCP Connection to stomp+ssl://mcollective@puppetmaster2:61613 failed on attempt 46 my Centos57 mcollective server.cfg is setup like this main_collective = mcollective collectives = mcollective libdir = /usr/libexec/mcollective logfile = /var/log/mcollective.log loglevel = info daemonize = 1 # Plugins securityprovider = psk plugin.psk = unset connector = activemq plugin.activemq.pool.size = 1 plugin.activemq.pool.1.host = puppetmaster2 plugin.activemq.pool.1.port = 61613 plugin.activemq.pool.1.user = mcollective plugin.activemq.pool.1.password = gKtrMuPIK5k3Fh621FYX plugin.activemq.pool.1.ssl = true plugin.activemq.pool.1.ssl.ca = /etc/mcollective/ssl/ca.cert.pem plugin.activemq.pool.1.ssl.cert = /etc/mcollective/ssl/centos57.cert.pem plugin.activemq.pool.1.ssl.key = /etc/mcollective/ssl/centos57.private_key.pem plugin.activemq.heartbeat_interval = 120 plugin.activemq.max_hbrlck_fails = 0 # Security plugin settings (required): # ----------------------------------- securityprovider = ssl # SSL plugin settings: plugin.ssl_server_private = /etc/mcollective/ssl/mcollective-private.pem plugin.ssl_server_public = /etc/mcollective/ssl/mcollective-public.pem plugin.ssl_client_cert_dir = /etc/mcollective/ssl/clients plugin.ssl_serializer = yaml # Facts factsource = yaml plugin.yaml = /etc/mcollective/facts.yaml identity = centos57 Trying to understand what other config Im missing on my Centos57 box to make it listen to PE Master AMQ broker. Thanks! -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/9a7becdb-2e65-4ca1-bd33-badbaf2c8d06%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
