[Puppet Users] Nagios
I've got a Nagios setup with puppet to add nodes/contacts/command running at one datacenter, I'm trying to setup a second Nagios server using the same manifests, but I'm getting this error: info: Retrieving plugin info: Loading facts in snmpd info: Loading facts in snmpd err: Could not retrieve catalog from remote server: Error 400 on SERVER: Exported resource Nagios_timeperiod[24x7] cannot override local resource on node nagios2.theflux.net warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run Time: Last run: 1349977873 Can someone give me some direction on why this is happening? Thanks! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Puppet certificate
I'm running in circles with this issue... I accidentally did a 'puppetca --clean --all' and lost all certificates. I was able to get the puppetmaster running and re-created certificates for the client system, but I get the following error: warning: peer certificate won't be verified in this SSL session info: Caching certificate for w0f.lagged.com info: Retrieving plugin err: /File[/var/lib/puppet/lib]: Failed to generate additional resources using 'eval_generate': certificate verify failed err: /File[/var/lib/puppet/lib]: Failed to retrieve current state of resource: certificate verify failed Could not retrieve file metadata for puppet://puppet.lagged.com/plugins: certificate verify failed info: Loading facts in snmpd info: Loading facts in diskdrives info: Loading facts in snmpd info: Loading facts in diskdrives err: Could not retrieve catalog from remote server: certificate verify failed warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet certificate
I've done that... I've checked the ntpd services and they're sync in time... Here is what I've done, On master: rm -rf ssl /etc/rc.d/init.d/puppetmaster start Starting puppetmaster: [ OK ] ls ssl ca certificate_requests certs crl.pem private private_keys public_keys On client: rm -rf ssl puppetd --server=puppet.lagged.com --test info: Creating a new SSL key for w0f.lagged.com warning: peer certificate won't be verified in this SSL session info: Caching certificate for ca warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session info: Creating a new SSL certificate request for w0f.lagged.com warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session Exiting; no certificate found and waitforcert is disabled On Master: puppetca --list w0f.lagged.com puppetca --sign w0f.lagged.com notice: Signed certificate request for w0f.lagged.com notice: Removing file Puppet::SSL::CertificateRequest w0f.lagged.com at '/var/lib/puppet/ssl/ca/requests/w0f.lagged.com.pem' On client: puppetd -t warning: peer certificate won't be verified in this SSL session info: Caching certificate for w0f.lagged.com info: Retrieving plugin err: /File[/var/lib/puppet/lib]: Failed to generate additional resources using 'eval_generate': certificate verify failed err: /File[/var/lib/puppet/lib]: Failed to retrieve current state of resource: certificate verify failed Could not retrieve file metadata for puppet://w0f.lagged.com/plugins: certificate verify failed err: Could not retrieve catalog from remote server: certificate verify failed warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run Any suggestions? On Nov 2, 2011, at 2:01 PM, Aaron Grewell wrote: When I did this in my test environment I removed the entire contents of the ssldir from the client to make sure that both the client server cert were pulled down anew. On Wed, Nov 2, 2011 at 10:25 AM, TFML mailingl...@theflux.net wrote: I'm running in circles with this issue... I accidentally did a 'puppetca --clean --all' and lost all certificates. I was able to get the puppetmaster running and re-created certificates for the client system, but I get the following error: warning: peer certificate won't be verified in this SSL session info: Caching certificate for w0f.lagged.com info: Retrieving plugin err: /File[/var/lib/puppet/lib]: Failed to generate additional resources using 'eval_generate': certificate verify failed err: /File[/var/lib/puppet/lib]: Failed to retrieve current state of resource: certificate verify failed Could not retrieve file metadata for puppet://puppet.lagged.com/plugins: certificate verify failed info: Loading facts in snmpd info: Loading facts in diskdrives info: Loading facts in snmpd info: Loading facts in diskdrives err: Could not retrieve catalog from remote server: certificate verify failed warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet certificate
I'm curious... the server FQDN is puppetmaster.lagged.com but I have the server as puppet.lagged.com, can that be the cause of the problem? If so how would I create the certificate to be valid for puppet.lagged.com and not be puppetmaster.lagged.com On Nov 2, 2011, at 2:01 PM, Aaron Grewell wrote: When I did this in my test environment I removed the entire contents of the ssldir from the client to make sure that both the client server cert were pulled down anew. On Wed, Nov 2, 2011 at 10:25 AM, TFML mailingl...@theflux.net wrote: I'm running in circles with this issue... I accidentally did a 'puppetca --clean --all' and lost all certificates. I was able to get the puppetmaster running and re-created certificates for the client system, but I get the following error: warning: peer certificate won't be verified in this SSL session info: Caching certificate for w0f.lagged.com info: Retrieving plugin err: /File[/var/lib/puppet/lib]: Failed to generate additional resources using 'eval_generate': certificate verify failed err: /File[/var/lib/puppet/lib]: Failed to retrieve current state of resource: certificate verify failed Could not retrieve file metadata for puppet://puppet.lagged.com/plugins: certificate verify failed info: Loading facts in snmpd info: Loading facts in diskdrives info: Loading facts in snmpd info: Loading facts in diskdrives err: Could not retrieve catalog from remote server: certificate verify failed warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet certificate
I was able to resolve my own issue. It ended up being the SSL certificate, I had to recreate one manually on the master server. Thanks! On Nov 2, 2011, at 2:50 PM, Aaron Grewell wrote: What version of Puppet are you using? The old method of doing this had a serious security problem, so the newer releases have a different config method for assigning the acceptable aliases for a cert. On Wed, Nov 2, 2011 at 11:26 AM, TFML mailingl...@theflux.net wrote: I'm curious... the server FQDN is puppetmaster.lagged.com but I have the server as puppet.lagged.com, can that be the cause of the problem? If so how would I create the certificate to be valid for puppet.lagged.com and not be puppetmaster.lagged.com On Nov 2, 2011, at 2:01 PM, Aaron Grewell wrote: When I did this in my test environment I removed the entire contents of the ssldir from the client to make sure that both the client server cert were pulled down anew. On Wed, Nov 2, 2011 at 10:25 AM, TFML mailingl...@theflux.net wrote: I'm running in circles with this issue... I accidentally did a 'puppetca --clean --all' and lost all certificates. I was able to get the puppetmaster running and re-created certificates for the client system, but I get the following error: warning: peer certificate won't be verified in this SSL session info: Caching certificate for w0f.lagged.com info: Retrieving plugin err: /File[/var/lib/puppet/lib]: Failed to generate additional resources using 'eval_generate': certificate verify failed err: /File[/var/lib/puppet/lib]: Failed to retrieve current state of resource: certificate verify failed Could not retrieve file metadata for puppet://puppet.lagged.com/plugins: certificate verify failed info: Loading facts in snmpd info: Loading facts in diskdrives info: Loading facts in snmpd info: Loading facts in diskdrives err: Could not retrieve catalog from remote server: certificate verify failed warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.