I'm going to re-ask this question because the issue is driving me crazy
even though I'm already close enough to walk.
Here's the setup:
[Foreman Server with Puppet/PuppetDB]
^
>
V
[ Subordinate (remote) Puppet Server ] (Proxy installed)
^
>
V
[End client[
The Puppet master running on the Foreman host's job is to manage just the
remote masters. The subordinate Puppet Masters are planned to be installed
in various data centers around the country.
The end client's puppet.conf looks like this (with the template variables
being replaced by their actual values):
File managed with puppet
Module: 'puppet'
[main]
# The Puppet log directory.
# The default value is '$vardir/log'.
logdir = /var/log/puppet
# Where Puppet PID files are kept.
# The default value is '$vardir/run'.
rundir = /var/run/puppet
# Where SSL certificates are kept.
# The default value is '$confdir/ssl'.
ssldir = $vardir/ssl
# Allow services in the 'puppet' group to access key (Foreman + proxy)
privatekeydir = $ssldir/private_keys { group = service }
hostprivkey = $privatekeydir/$certname.pem { mode = 640 }
# Puppet 3.0.x requires this in both [main] and [master] - harmless on
agents
autosign = $confdir/autosign.conf { mode = 664 }
show_diff = false
hiera_config = $confdir/hiera.yaml
ca_server =<%= foreman_host_fqdn%>
Next part of the file is managed by a different template
Module: 'puppet'
[agent]
# The file in which puppetd stores a list of the classes
# associated with the retrieved configuration. Can be loaded in
# the separate puppet
executable using the --loadclasses
# option.
# The default value is '$statedir/classes.txt'.
classfile = $vardir/classes.txt
# Where puppetd caches the local configuration. An
# extension indicating the cache format is added automatically.
# The default value is '$confdir/localconfig'.
localconfig = $vardir/localconfig
# Disable the default schedules as they cause continual skipped
# resources to be displayed in Foreman - only for Puppet >= 3.4
default_schedules = false
report = true
pluginsync = true
masterport = 8140
environment = POC
certname = <%= fqdn %>
server = <%= puppethost_fqdn %>
listen = false
splay = false
splaylimit = 1800
runinterval = 1800
noop = false
configtimeout = 600
Report is turned on and the remote Puppet Master is successfully managing
the client.
The [master] section of the remote Puppet Master's puppet.conf looks like
this:
[master]
storeconfigs = true
storeconfigs_backend = puppetdb
autosign = $confdir/autosign.conf { mode = 664 }
reports = foreman
external_nodes = /etc/puppet/node.rb
node_terminus = exec
ca = false
certname = <%= fqdn %>
strict_variables = false
environmentpath = /etc/puppet/environments
basemodulepath =
/etc/puppet/environments/common:/etc/puppet/modules:/usr/share/puppet/modules
and I have a foreman.yaml file that looks like this:
···
--- # Update for your Foreman and Puppet master hostname(s) :url: "https://mtinjacn01.cip.att.com" :ssl_ca: "/var/lib/puppet/ssl/certs/ca.pem" :ssl_cert: "/var/lib/puppet/ssl/certs<%= fqdn %>.pem" :ssl_key: "/var/lib/puppet/ssl/private_keys/<%= fqdn %>.pem"Advanced settings
:user: “”
:password: “”
:puppetdir: “/var/lib/puppet”
:puppetuser: “puppet”
:facts: true
:timeout: 10
:threads: null
Now the facts are showing up on the Foreman server for the remote client
but just not the reports.
First obvious question: should they or am I chasing a ghost?
If they should be showing up what am I missing here?