Hi,
On Katello 2.1 with Foreman 1.7.2, I currently cannot get puppet to work
after deployment.
Everytime I deploy some hosts, they are out of sync and I get "Exiting;
no certificate found and waitforcert is disabled" when running "puppet
agent -t"
When I check "var/lib/puppet/ssl/certs/" there is only a "ca.pem" and no
host certificate. I see the same error in the "install.post.log".
In the proxy.log I see the following:
E, [2015-02-24T12:06:23.838445 #30042] ERROR -- : Attempt to remove
nonexistant client certificate for test1.netbulae.test
10.100.100.24 - - [24/Feb/2015 12:06:23] "DELETE
/test1.netbulae.test HTTP/1.1" 404 77 1.3976
10.100.100.24 - - [24/Feb/2015 12:06:23] "POST
/autosign/test1.netbulae.testHTTP/1.1" 200 - 0.0009
10.100.100.24 - - [24/Feb/2015 12:15:22] "GET /serverName HTTP/1.1"
200 30 0.0008
10.100.100.24 - - [24/Feb/2015 12:15:24] "DELETE
/autosign/test1.netbulae.test HTTP/1.1" 200 - 0.0007
When I check the puppetmaster it is dead:
service puppetmaster restart
puppet dead but pid file exists
netstat -anp | grep 8140
tcp 0 0 :::8140
:::* LISTEN 1893/httpd
It appears httpd is listening to this port
./conf.d/25-puppet.conf:<VirtualHost *:8140>
./conf/ports.conf:Listen 8140
./conf/ports.conf:NameVirtualHost *:8140
Is this normal? In the firewall ports I see 8140 is reserved for
puppetmaster:
Port Protocol Required For
53 TCP & UDP DNS Server
67, 68 UDP DHCP Server
69 UDP * TFTP Server
*80, 443 TCP * HTTP & HTTPS access to Foreman web UI - using
Apache + Passenger*
*3000 TCP HTTP access to Foreman web UI - using standalone
WEBrick service*
3306 TCP Separate MySQL database
5910 - 5930 TCP Server VNC Consoles
5432 TCP Separate PostgreSQL database
*8140 TCP * Puppet Master*
8443 TCP Smart Proxy, open only to Foreman
Met vriendelijke groet, With kind regards,
Jorick Astrego
Netbulae Virtualization Experts
···
----------------Tel: 053 20 30 270 info@netbulae.eu Staalsteden 4-3A KvK 08198180
Fax: 053 20 30 271 www.netbulae.eu 7547 TA Enschede BTW NL821234584B01