It seems like there must be a better way of dealing with these errors
in a puppermaster-agent setup.

I currently have one master and one agent that work, running on ubuntu
10.10 (maverick meerkat server).

On another machine, same os and hardware, I try installing with the
same steps and when I run
sudo puppet agent --test --verbose --debug --server <serverhostname>,
it is constantly hitting:

read server certificate B: certificate verify failed

I tried all sorts of solutions to this. Cleaning every trace of puppet
on the non-working agent, then reinstalling it and trying again.
Checked that times agreed and that certificates appeared valid at the
given times.

The only thing which finally worked was completely wiping both the
master and the agent nodes, then reinstalling and starting them up

I think the problem with this error message is that it is somewhat
obtuse, and occurs in far too many cases.

It also appears the system with certificates is fragile. Some of the
items which may be messing up the certificate chain and ability to
straighten it out are:

1. If an agent is running, then running a one-shot puppet agent --test
to try and figure out what is happening. Perhaps there needs to be a
lock check here even if a user is running puppet agent off the command
line if only one agent can run at a time.

2. If the server name is something like rm16 and there is a CNAME from
puppet to rm16, is the system still generating proper certificate
names for all checks that will be executed? To make the system run and
install I've had to first set servname=rm16 in the puppet.conf before
starting up the agent.

You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.

Search Discussions

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
grouppuppet-users @
postedApr 24, '12 at 5:13a
activeApr 24, '12 at 5:13a

1 user in discussion

PeterNSteinmetz: 1 post



site design / logo © 2022 Grokbase