On Wed, Oct 31, 2018 at 11:23 AM Matt Zagrabelny <[email protected]> wrote:
> Greetings, > > I'm running puppet 5.5.6 (Debian testing). > > I'm having issues getting the master to see the cert signing request from > an agent. > > The firewall isn't an issue. I see the packets hit an "allow" rule on the > master, but I've also turned the firewall off. > > tcpdump shows the packets reaching the server: > > 2018-10-31 11:03:19.705234 IP6 2607::2a.46390 > 2607::20.8140: tcp 0 > 2018-10-31 11:03:35.833194 IP6 2607::2a.46390 > 2607::20.8140: tcp 0 > 2018-10-31 11:04:08.345204 IP6 2607::2a.46390 > 2607::20.8140: tcp 0 > > 2607::2a = agent > 2607::20 = master > > I'm not seeing anything from the server: > > # puppet master --no-daemonize > Warning: Accessing 'ca' as a setting is deprecated. > (location: /usr/lib/ruby/vendor_ruby/puppet/settings.rb:1165:in > `issue_deprecation_warning') > Warning: The WEBrick Puppet master server is deprecated and will be > removed in a future release. Please use Puppet Server instead. See > http://links.puppet.com/deprecate-rack-webrick-servers for more > information. > (location: > /usr/lib/ruby/vendor_ruby/puppet/application/master.rb:207:in `main') > Notice: Starting Puppet master version 5.5.6 > > Adding --debug or --verbose didn't seem to yield any extra log messages > after the "Starting Puppet master..." for when I expected a cert signing > request message. > > and the agent just shows an expiration: > > # puppet agent -t --server puppet-5-5 > Warning: Setting cadir is deprecated. > (location: /usr/lib/ruby/vendor_ruby/puppet/settings.rb:1169:in > `issue_deprecation_warning') > Error: Could not request certificate: execution expired > Exiting; failed to retrieve certificate and waitforcert is disabled > > Any ideas where to look next? > > > No new updates, but I wanted to add that lsof reports puppet listening: puppet 25053 puppet 8u IPv4 125393 0t0 TCP *:8140 (LISTEN) puppet 25053 puppet 9u IPv6 125394 0t0 TCP *:8140 (LISTEN) and I'm not seeing anything in the master log file: [2018-10-31 16:05:35] DEBUG Puppet::Network::HTTP::WEBrickREST is mounted on /. [2018-10-31 16:05:35] INFO WEBrick::HTTPServer#start: pid=25053 port=8140 Confused... -m -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAOLfK3XYkCM7c3CfB2_CuSGAZ9RFy_4Lk--Xqqc7WEM69z4oTA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
