Puppet Master Not Running

Support
1

Hi,

Trying to work out why my foreman reports are not getting updated on the
dash board have followed the reports section in the manual. changed the URL
in foreman.rb as it was poiinting to the wrong system name. I noticed that
the puppetmaster daemon is not running I had always assumed this was
deliberate as foreman replaces the webrick web server with apache/passenger
can someone just confirm. As my built systems do get the configurations
and classes they just don't report back at the moment.

Thanks,

Richie.

2

A few more bits of info would be useful:

Which version of Puppet, and which distro?

Can you pastebin your master's puppet.conf?

At what path have you installed the foreman.rb file? Can you pastebin
the settings?

Can you check /var/log/foreman/production.log and see if any
/reports/create entries are logged when the agent runs? Do they end
with a "OK 200" response?

··· On 14/06/13 10:10, Richie Rees wrote: > Hi, > > Trying to work out why my foreman reports are not getting updated on the > dash board have followed the reports section in the manual. changed the > URL in foreman.rb as it was poiinting to the wrong system name. I > noticed that the puppetmaster daemon is not running I had always assumed > this was deliberate as foreman replaces the webrick web server with > apache/passenger can someone just confirm. As my built systems do get > the configurations and classes they just don't report back at the moment.


Dominic Cleal
Red Hat Engineering

3

Hi Again Dominic I feel I have you on speed dial here. The distro is Centos
6.4 puppet 3.2.1 ,I can see no posts for reports in the production.log

Puppet.conf ::-

[main]
# The Puppet log directory.
# The default value is '$vardir/log'.
logdir = /var/log/puppet

# Where Puppet PID files are kept.
# The default value is '$vardir/run'.
rundir = /var/run/puppet
vardir = /var/lib/puppet
# Where SSL certificates are kept.
# The default value is '$confdir/ssl'.
ssldir = $vardir/ssl

# Allow services in the 'puppet' group to access key (Foreman + proxy)
privatekeydir = $ssldir/private_keys { group = service }
hostprivkey = $privatekeydir/$certname.pem { mode = 640 }

# Puppet 3.0.x requires this in both [main] and [master] - harmless on

agents
autosign = $confdir/autosign.conf { mode = 664 }
autosign = $confdir/autosign.conf { mode = 664 }
reports = log, foreman
external_nodes = /etc/puppet/node.rb
node_terminus = exec

[agent]
# The file in which puppetd stores a list of the classes
# associated with the retrieved configuratiion. Can be loaded in
# the separate puppet executable using the --loadclasses
# option.
# The default value is '$confdir/classes.txt'.
classfile = $vardir/classes.txt

# Where puppetd caches the local configuration.  An
# extension indicating the cache format is added automatically.
# The default value is '$confdir/localconfig'.
localconfig = $vardir/localconfig
report      = true
pluginsync  = true
masterport  = 8140
environment = production
certname    = foreman.fqdn
server      = foreman.fqdn
listen      = false

Next part of the file is managed by a different template

Module: 'puppet'

Template source: 'MODULES/puppet/templates/server/puppet.conf.erb'

[development]
modulepath =
/etc/puppet/modules/development:/etc/puppet/modules/common:/usr/share/puppet/modules
[production]
modulepath =
/etc/puppet/modules/production:/etc/puppet/modules/common:/usr/share/puppet/modules

foreman.rb :-

File managed with puppet

Served by: ''

Module: 'foreman'

Template source: 'MODULES/foreman/templates/foreman-report.rb.erb'

copy this file to your report dir - e.g. /usr/lib/ruby/1.8/puppet/reports/

add this report in your puppetmaster reports - e.g, in your puppet.conf

add:

reports=log, foreman # (or any other reports you want)

URL of your Foreman installation

$foreman_url='https://foreman.fqdn

if CA is specified, remote Foreman host will be verified

$foreman_ssl_ca = "/var/lib/puppet/ssl/certs/ca.pem"

ssl_cert and key are required if require_ssl_puppetmasters is enabled in

Foreman
$foreman_ssl_cert = "/var/lib/puppet/ssl/certs/puppet.tsg.ts.pem"
$foreman_ssl_key = "/var/lib/puppet/ssl/private_keys/foreman.tsg.ts.pem"

require 'puppet'
require 'net/http'
require 'net/https'
require 'uri'

Puppet::Reports.register_report(:foreman) do
Puppet.settings.use(:reporting)
desc "Sends reports directly to Foreman"

def process
  begin
    uri = URI.parse($foreman_url)
    http = Net::HTTP.new(uri.host, uri.port)
    http.use_ssl     = uri.scheme == 'https'
    if http.use_ssl?
      if $foreman_ssl_ca
        http.ca_file = $foreman_ssl_ca
        http.verify_mode = OpenSSL::SSL::VERIFY_PEER
      else
        http.verify_mode = OpenSSL::SSL::VERIFY_NONE
      end
      if $foreman_ssl_cert
        http.cert =

OpenSSL::X509::Certificate.new(File.read($foreman_ssl_cert))
http.key = OpenSSL::PKey::RSA.new(File.read($foreman_ssl_key),
nil)
end
end
req = Net::HTTP::Post.new("#{uri.path}/reports/create?format=yml")
req.set_form_data({'report' => to_yaml})
response = http.request(req)
rescue Exception => e
raise Puppet::Error, "Could not send report to Foreman at
#{$foreman_url}/reports/create?format=yml: #{e}"
end
end
end

··· On Friday, 14 June 2013 11:57:03 UTC+1, Dominic Cleal wrote: > > On 14/06/13 10:10, Richie Rees wrote: > > Hi, > > > > Trying to work out why my foreman reports are not getting updated on the > > dash board have followed the reports section in the manual. changed the > > URL in foreman.rb as it was poiinting to the wrong system name. I > > noticed that the puppetmaster daemon is not running I had always assumed > > this was deliberate as foreman replaces the webrick web server with > > apache/passenger can someone just confirm. As my built systems do get > > the configurations and classes they just don't report back at the > moment. > > A few more bits of info would be useful: > > Which version of Puppet, and which distro? > > Can you pastebin your master's puppet.conf? > > At what path have you installed the foreman.rb file? Can you pastebin > the settings? > > Can you check /var/log/foreman/production.log and see if any > /reports/create entries are logged when the agent runs? Do they end > with a "OK 200" response? > > -- > Dominic Cleal > Red Hat Engineering >
4

Pastebined the config files for easier viewing.

··· On Friday, 14 June 2013 12:31:40 UTC+1, Richie Rees wrote: > > Hi Again Dominic I feel I have you on speed dial here. The distro is > Centos 6.4 puppet 3.2.1 ,I can see no posts for reports in the > production.log > > > Puppet.conf ::- > > [main] > # The Puppet log directory. > # The default value is '$vardir/log'. > logdir = /var/log/puppet > > # Where Puppet PID files are kept. > # The default value is '$vardir/run'. > rundir = /var/run/puppet > vardir = /var/lib/puppet > # Where SSL certificates are kept. > # The default value is '$confdir/ssl'. > ssldir = $vardir/ssl > > # Allow services in the 'puppet' group to access key (Foreman + proxy) > privatekeydir = $ssldir/private_keys { group = service } > hostprivkey = $privatekeydir/$certname.pem { mode = 640 } > > # Puppet 3.0.x requires this in both [main] and [master] - harmless on > agents > autosign = $confdir/autosign.conf { mode = 664 } > autosign = $confdir/autosign.conf { mode = 664 } > reports = log, foreman > external_nodes = /etc/puppet/node.rb > node_terminus = exec > > > [agent] > # The file in which puppetd stores a list of the classes > # associated with the retrieved configuratiion. Can be loaded in > # the separate ``puppet`` executable using the ``--loadclasses`` > # option. > # The default value is '$confdir/classes.txt'. > classfile = $vardir/classes.txt > > # Where puppetd caches the local configuration. An > # extension indicating the cache format is added automatically. > # The default value is '$confdir/localconfig'. > localconfig = $vardir/localconfig > report = true > pluginsync = true > masterport = 8140 > environment = production > certname = foreman.fqdn > server = foreman.fqdn > listen = false > ### Next part of the file is managed by a different template ### > ## Module: 'puppet' > ## Template source: 'MODULES/puppet/templates/server/puppet.conf.erb' > > > [development] > modulepath = > /etc/puppet/modules/development:/etc/puppet/modules/common:/usr/share/puppet/modules > [production] > modulepath = > /etc/puppet/modules/production:/etc/puppet/modules/common:/usr/share/puppet/modules > > foreman.rb :- > > ### File managed with puppet ### > ## Served by: '' > ## Module: 'foreman' > ## Template source: 'MODULES/foreman/templates/foreman-report.rb.erb' > # copy this file to your report dir - e.g. > /usr/lib/ruby/1.8/puppet/reports/ > # add this report in your puppetmaster reports - e.g, in your puppet.conf > add: > # reports=log, foreman # (or any other reports you want) > > # URL of your Foreman installation > $foreman_url='https://foreman.fqdn > # if CA is specified, remote Foreman host will be verified > $foreman_ssl_ca = "/var/lib/puppet/ssl/certs/ca.pem" > # ssl_cert and key are required if require_ssl_puppetmasters is enabled in > Foreman > $foreman_ssl_cert = "/var/lib/puppet/ssl/certs/puppet.tsg.ts.pem" > $foreman_ssl_key = "/var/lib/puppet/ssl/private_keys/foreman.tsg.ts.pem" > > require 'puppet' > require 'net/http' > require 'net/https' > require 'uri' > > Puppet::Reports.register_report(:foreman) do > Puppet.settings.use(:reporting) > desc "Sends reports directly to Foreman" > > def process > begin > uri = URI.parse($foreman_url) > http = Net::HTTP.new(uri.host, uri.port) > http.use_ssl = uri.scheme == 'https' > if http.use_ssl? > if $foreman_ssl_ca > http.ca_file = $foreman_ssl_ca > http.verify_mode = OpenSSL::SSL::VERIFY_PEER > else > http.verify_mode = OpenSSL::SSL::VERIFY_NONE > end > if $foreman_ssl_cert > http.cert = > OpenSSL::X509::Certificate.new(File.read($foreman_ssl_cert)) > http.key = > OpenSSL::PKey::RSA.new(File.read($foreman_ssl_key), nil) > end > end > req = Net::HTTP::Post.new("#{uri.path}/reports/create?format=yml") > req.set_form_data({'report' => to_yaml}) > response = http.request(req) > rescue Exception => e > raise Puppet::Error, "Could not send report to Foreman at > #{$foreman_url}/reports/create?format=yml: #{e}" > end > end > end > > > > On Friday, 14 June 2013 11:57:03 UTC+1, Dominic Cleal wrote: >> >> On 14/06/13 10:10, Richie Rees wrote: >> > Hi, >> > >> > Trying to work out why my foreman reports are not getting updated on >> the >> > dash board have followed the reports section in the manual. changed the >> > URL in foreman.rb as it was poiinting to the wrong system name. I >> > noticed that the puppetmaster daemon is not running I had always >> assumed >> > this was deliberate as foreman replaces the webrick web server with >> > apache/passenger can someone just confirm. As my built systems do get >> > the configurations and classes they just don't report back at the >> moment. >> >> A few more bits of info would be useful: >> >> Which version of Puppet, and which distro? >> >> Can you pastebin your master's puppet.conf? >> >> At what path have you installed the foreman.rb file? Can you pastebin >> the settings? >> >> Can you check /var/log/foreman/production.log and see if any >> /reports/create entries are logged when the agent runs? Do they end >> with a "OK 200" response? >> >> -- >> Dominic Cleal >> Red Hat Engineering >> >