I'm going to re-ask this question because the issue is driving me crazy even though I'm already close enough to walk.
Here's the setup: [Foreman Server with Puppet/PuppetDB] ^ | V [ Subordinate (remote) Puppet Server ] (Proxy installed) ^ | V [End client[ The Puppet master running on the Foreman host's job is to manage just the remote masters. The subordinate Puppet Masters are planned to be installed in various data centers around the country. The end client's puppet.conf looks like this (with the template variables being replaced by their actual values): ### File managed with puppet ### ## Module: 'puppet' [main] # The Puppet log directory. # The default value is '$vardir/log'. logdir = /var/log/puppet # Where Puppet PID files are kept. # The default value is '$vardir/run'. rundir = /var/run/puppet # Where SSL certificates are kept. # The default value is '$confdir/ssl'. ssldir = $vardir/ssl # Allow services in the 'puppet' group to access key (Foreman + proxy) privatekeydir = $ssldir/private_keys { group = service } hostprivkey = $privatekeydir/$certname.pem { mode = 640 } # Puppet 3.0.x requires this in both [main] and [master] - harmless on agents autosign = $confdir/autosign.conf { mode = 664 } show_diff = false hiera_config = $confdir/hiera.yaml ca_server =<%= foreman_host_fqdn%> ### Next part of the file is managed by a different template ### ## Module: 'puppet' [agent] # The file in which puppetd stores a list of the classes # associated with the retrieved configuration. Can be loaded in # the separate ``puppet`` executable using the ``--loadclasses`` # option. # The default value is '$statedir/classes.txt'. classfile = $vardir/classes.txt # Where puppetd caches the local configuration. An # extension indicating the cache format is added automatically. # The default value is '$confdir/localconfig'. localconfig = $vardir/localconfig # Disable the default schedules as they cause continual skipped # resources to be displayed in Foreman - only for Puppet >= 3.4 default_schedules = false report = true pluginsync = true masterport = 8140 environment = POC certname = <%= fqdn %> server = <%= puppethost_fqdn %> listen = false splay = false splaylimit = 1800 runinterval = 1800 noop = false configtimeout = 600 Report is turned on and the remote Puppet Master is successfully managing the client. The [master] section of the remote Puppet Master's puppet.conf looks like this: [master] storeconfigs = true storeconfigs_backend = puppetdb autosign = $confdir/autosign.conf { mode = 664 } reports = foreman external_nodes = /etc/puppet/node.rb node_terminus = exec ca = false certname = <%= fqdn %> strict_variables = false environmentpath = /etc/puppet/environments basemodulepath = /etc/puppet/environments/common:/etc/puppet/modules:/usr/share/puppet/modules and I have a foreman.yaml file that looks like this: --- # Update for your Foreman and Puppet master hostname(s) :url: "https://mtinjacn01.cip.att.com" :ssl_ca: "/var/lib/puppet/ssl/certs/ca.pem" :ssl_cert: "/var/lib/puppet/ssl/certs<%= fqdn %>.pem" :ssl_key: "/var/lib/puppet/ssl/private_keys/<%= fqdn %>.pem" # Advanced settings :user: "" :password: "" :puppetdir: "/var/lib/puppet" :puppetuser: "puppet" :facts: true :timeout: 10 :threads: null Now the *facts* are showing up on the Foreman server for the remote client but just not the reports. First obvious question: should they or am I chasing a ghost? If they should be showing up what am I missing here? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAArvnv06Pb_cHRK1fjh7bOtfjyfrXBguvkEir69CuC6V3agzpw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.