我不得不放弃使用PE设置我的木偶大师:(而且我已经投入了冷酷的Opensource Puppet世界。 我一直在尝试在RHEL7系统上设置一个开源木偶大师。我计划这样做几次,所以写了一个非常简单的shell脚本。这是脚本:
#!/bin/sh
pc_rpm_name='puppetlabs-release-pc1'
pc_yum_repo_url="https://yum.puppetlabs.com/${pc_rpm_name}-el-7.noarch.rpm"
# set up puppet collection yum repo
rpm -Uvh $pc_yum_repo_url
yum -y install puppetserver
systemctl start puppetserver
/opt/puppetlabs/bin/puppet module install puppetlabs-puppetdb --version 5.1.2
我有一个木偶大师级的木偶课,我写的很简单:
class my_puppetmaster {
class { 'puppetdb': listen_address => %{::fqdn} }"
include puppetdb::master::config
}
我想使用hiera进行节点分类,所以我已经这样做了:
# pwd
/etc/puppetlabs/code/environments/production/manifests
# cat site.pp
hiera_include('classes')
我也创建了这个文件:
# pwd
/etc/puppetlabs/code/environments/production/hieradata/nodes
# cat puppet_master.yaml
classes:
- my_puppetmaster
这是我的hiera.yaml文件:
# pwd
/etc/puppetlabs/puppet
# head hiera.yaml
---
:backends:
- yaml
:hierarchy:
- "nodes/%{::trusted.certname}"
- "nodes/%{::role}"
...
我还没有找到一个自定义的事实。我想我可以通过重新启动系统来测试一下,让一切都好好动摇,然后运行puppet agent -t,看看会发生什么。当我在木偶大师上运行puppet agent -t时,我得到了这个输出:
Warning: Unable to fetch my node definition, but the agent run will continue:
Warning: SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN=puppet]
Info: Retrieving pluginfacts
Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Failed to generate additional resources using 'eval_generate': SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN=puppet]
Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Could not evaluate: Could not retrieve file metadata for puppet:///pluginfacts: SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN=puppet]
Info: Retrieving plugin
Error: /File[/opt/puppetlabs/puppet/cache/lib]: Failed to generate additional resources using 'eval_generate': SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN=puppet]
Error: /File[/opt/puppetlabs/puppet/cache/lib]: Could not evaluate: Could not retrieve file metadata for puppet:///plugins: SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN=puppet]
Error: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN=puppet]
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Error: Could not send report: SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN=puppet]
我想我从设置脚本中遗漏了一些东西。那么......我错过了什么?
由于 红色
答案 0 :(得分:1)
我忘记更新我的puppet.conf。我有“服务器=木偶”,我需要将其更改为“我的木偶主人的服务器= fqdn”