[Pkg-puppet-devel] RFP: puppetdb-termini -- Enable a Puppet master to connect to PuppetDB
Apollon Oikonomopoulos
apoikos at debian.org
Fri Feb 3 17:04:59 UTC 2017
On 11:55 Fri 03 Feb , micah wrote:
>
> Hi,
>
> Apollon Oikonomopoulos <apoikos at debian.org> writes:
> > - puppet 4.8.2-1 will (hopefully) migrate to testing tomorrow, 3 days
> > before the Freeze. This will be the first version in Stretch
> > supporting Puppet 3 clients.
>
> This has migrated. I've upgraded my Stretch puppet4 server to 4.8.2-1
> and am testing it.
>
> Unfortunately, I've already found a problem. If I have a new puppet3
> node and I do:
>
> root at puppetdb:~# puppet agent -t
> Exiting; no certificate found and waitforcert is disabled
> root at puppetdb:~#
>
> It doesn't generate a CSR, there is no /var/lib/puppet/ssl
> directory. Yes, this is puppet3 that is failing here, but I suspect it
> is because it is not getting the right response from the master.
>
> On the master, I see nothing in the puppet logs, but I do see in the
> apache logs:
>
> newpuppetmaster:8140 0.0.0.0 - - [03/Feb/2017:08:41:30 -0800] "GET /production/certificate/puppetdb? HTTP/1.1" 404 5361 "-" "Ruby"
>
> but nothing else. The puppetmaster has no certs pending to be signed and
> only has one cert signed (the puppetmaster itself). There is nothing in
> /var/lib/puppet/ssl on the master besides the puppetmaster cert bits.
>
> I'm wondering if this works for others, or if maybe this part of the
> puppet3 compatibility was missed?
>From the looks of it, you're using a Webrick puppetmaster. You should
switch to puppet-master-passenger instead :)
Apollon
More information about the Pkg-puppet-devel
mailing list