这次我先从两台干净的机器开始。
我的主服务器运行的是 12.04
版本:2.7.11-1ubuntu2
依赖:ruby1.8,puppetmaster-common(= 2.7.11-1ubuntu2)
我的客户端是 10.04
版本:2.6.3-0ubuntu1~lucid1
依赖:puppet-common(=> 2.6.3-0ubuntu1~lucid1),ruby1.8
设置 Puppet 教程: http://shapeshed.com/setting-up-puppet-on-ubuntu-10-04/
连接主服务器和客户端: http://shapeshed.com/connecting-clients-to-a-puppet-master/
我第一次尝试将主服务器连接到客户端时失败了SSL_connect error。所以我rm -rf /etc/puppet/ssl/ 删除了 ssl 文件夹中的所有密钥。
看起来它有效...但是
client# puppet agent --server puppet --waitforce 60 --test
/usr/lib/ruby/1.8/facter/util/resolution.rb:46: warning: Insecure world writable dir /etc/condor in PATH, mode 040777
/usr/lib/ruby/1.8/puppet/defaults.rb:67: warning: Insecure world writable dir /etc/condor in PATH, mode 040777
info: Creating a new SSL key for giab10
warning: peer certificate won't be verified in this SSL session
info: Caching certificate for ca
warning: peer certificate won't be verified in this SSL session
warning: peer certificate won't be verified in this SSL session
info: Creating a new SSL certificate request for mybox123
info: Certificate Request fingerprint (md5): XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
warning: peer certificate won't be verified in this SSL session
warning: peer certificate won't be verified in this SSL session
warning: peer certificate won't be verified in this SSL session
warning: peer certificate won't be verified in this SSL session
info: Caching certificate for mybox123
err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
warning: Not using cache on failed catalog
It cached but then it couldn't retrieve it.
让我在这里停下来……担心我会搞砸一些事情。但是让我们检查一下主人的状态。
* master is not running
哇.... ???
master# service puppetmaster start
* Starting puppet master [OK]
master# service puppetmaster status
* master is not running
我认为时间是同步的。好吧,我们位于防火墙后面,因此同步时间的端口被禁用。我检查了一下,
date他们似乎没问题。master 没有运行怎么办?这是原因吗?
任何帮助都非常感谢。谢谢!
/var/lib/puppet/log/masterhttp.log
[2012-06-30 00:13:25] INFO WEBrick 1.3.1
[2012-06-30 00:13:25] INFO ruby 1.8.7 (2011-06-30) [x86_64-linux]
[2012-06-30 00:13:25] WARN TCPServer Error: Address already in use - bind(2)
[2012-06-30 00:19:40] INFO WEBrick 1.3.1
[2012-06-30 00:19:40] INFO ruby 1.8.7 (2011-06-30) [x86_64-linux]
[2012-06-30 00:19:40] WARN TCPServer Error: Address already in use - bind(2)
[2012-06-30 00:28:58] INFO WEBrick 1.3.1
[2012-06-30 00:28:58] INFO ruby 1.8.7 (2011-06-30) [x86_64-linux]
[2012-06-30 00:28:58] WARN TCPServer Error: Address already in use - bind(2)
[2012-06-30 15:31:25] INFO WEBrick 1.3.1
[2012-06-30 15:31:25] INFO ruby 1.8.7 (2011-06-30) [x86_64-linux]
[2012-06-30 15:31:25] WARN TCPServer Error: Address already in use - bind(2)
1 S puppet 5186 1 0 80 0 - 29410 poll_s 15:44 ? 00:00:00 /usr/bin/ruby1.8 /usr/bin/puppet master --masterport=8140
4 S root 5235 5005 0 80 0 - 2344 pipe_w 15:45 pts/0 00:00:00 grep --color=auto puppet
kill -9 5186
puppet master
service puppetmaster status
* master is not running
我总是遇到这个错误,但我总是忽略它。http://pastebin.com/exbpArjv 这是什么意思?时间同步?软件包未安装?那么我们首先该如何使用 puppetca?
答案1
跑puppet master --debug --no-daemonize,如果你来看
Error: Could not run: Address already in use - bind(2)
这可能意味着 Puppet Master 已在运行。尝试检查
netstat -anpl | grep 8140
如果您看到一行引用了 LISTEN 端口 8140,那么这可能是您的问题。(默认情况下,puppet master 进程在端口 8140 上侦听来自客户端的传入连接。)
如果您遵循 Ubuntu 的默认设置,apache 将启动并监听端口 8140。
sudo service apache2 stop
然后继续配置。