我无法让傀儡代理运行。
我尝试/etc/puppet/ssl
在客户端和./puppetca --clean
服务器上删除。但无济于事。
notice: Starting Puppet client version 2.6.8
debug: Using cached certificate for ca
debug: Using cached certificate for nysv0194
debug: Using cached certificate for ca
/usr/lib/ruby/1.8/net/http.rb:586:in `connect': certificate verify failed (OpenSSL::SSL::SSLError)
from /usr/lib/ruby/1.8/net/http.rb:586:in `connect'
from /usr/lib/ruby/1.8/net/http.rb:553:in `do_start'
from /usr/lib/ruby/1.8/net/http.rb:542:in `start'
from /usr/lib/ruby/1.8/net/http.rb:1035:in `request'
from /usr/lib/ruby/1.8/net/http.rb:772:in `get'
from /usr/lib/ruby/site_ruby/1.8/puppet/indirector/rest.rb:75:in `find'
from /usr/lib/ruby/site_ruby/1.8/puppet/indirector/indirection.rb:188:in `find'
from /usr/lib/ruby/site_ruby/1.8/puppet/indirector.rb:50:in `find'
... 10 levels...
from /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:305:in `run'
from /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:411:in `exit_on_fail'
from /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:305:in `run'
from /usr/sbin/puppetd:4
答案1
这是
puppetca --clean full.host.domain.com
您是否还以 root 身份运行客户端?
答案2
这里的证书保留在 上/var/lib/puppet/ssl
,但我假设你的证书保留在 上/etc/puppet/ssl
。问题是,Puppet 客户端停止删除该目录时?如果没有删除,您确实会遇到此类问题。
答案3
主机不同步 NTP :P
答案4
我遇到了类似的问题,最终是因为安装了多个版本的 puppet:一个来自 Ubuntu 存储库,一个来自 ruby gem。从 Ubuntu 存储库卸载该版本解决了该问题。