Puppet 傀儡客户不';t更新
我们正在客户机和主机上运行puppet 2.7.11-1ubuntu2.4(Ubuntu 12.04)。客户端似乎不会自动更新,但当我运行时:Puppet 傀儡客户不';t更新,puppet,Puppet,我们正在客户机和主机上运行puppet 2.7.11-1ubuntu2.4(Ubuntu 12.04)。客户端似乎不会自动更新,但当我运行时: sudo puppet agent --test 一切正常 客户端上当前正在运行的进程: root 1764 1 0 Sep10 ? 00:00:05 /usr/bin/ruby1.8 /usr/bin/puppet agent /etc/puppet/puppet.conf [main] logdir=/var
sudo puppet agent --test
一切正常
客户端上当前正在运行的进程:
root 1764 1 0 Sep10 ? 00:00:05 /usr/bin/ruby1.8 /usr/bin/puppet agent
/etc/puppet/puppet.conf
[main]
logdir=/var/log/puppet
vardir=/var/lib/puppet
ssldir=/var/lib/puppet/ssl
rundir=/var/run/puppet
factpath=$vardir/lib/facter
templatedir=$confdir/templates
prerun_command=/etc/puppet/etckeeper-commit-pre
postrun_command=/etc/puppet/etckeeper-commit-post
pluginsync=true
[master]
# These are needed when the puppetmaster is run by passenger
# and can safely be removed if webrick is used.
ssl_client_header = SSL_CLIENT_S_DN
ssl_client_verify_header = SSL_CLIENT_VERIFY
[agent]
server=<URL_REMOVED>
configtimeout=300
有人知道什么地方可能出错吗?看看这个。不确定您的问题到底是什么,但我在日志中看到了类似的错误:“未收到证书”。就我而言,这些步骤帮助了我:
精通
puppet cert clean <NODE NAME>
事实上,我们最近发现了这个问题的原因 某些节点的puppet.conf中的主机名与服务器证书中的主机名不匹配 此外,一些节点在联系服务器时未使用其FQDN,这导致与客户端证书不匹配。我们通过将FQDN添加到/etc/hosts来修复此问题:
127.0.1.1 hostename.domain.edu hostename
puppet cert clean <NODE NAME>
rm -rf $(puppet agent --configprint ssldir)
puppet agent --test
127.0.1.1 hostename.domain.edu hostename