Hi Martin,
This is the Vagrantfile below.. I didn’t DNS and NTP..It’s just a very simple
testing environment. And puppet master and agent are able to ping each other.
Zhangs-MBP:VBox alex$ cat Vagrantfile
# -*- mode: ruby -*-
# vi: set ft=ruby :
# All Vagrant configuration is done below. The "2" in Vagrant.configure
# configures the configuration version (we support older styles for
# backwards compatibility). Please don't change it unless you know what
# you're doing.
Vagrant.configure("2") do |config|
config.vm.provider "virtualbox" do |v|
v.memory = 2048
v.cpus = 2
end
config.vm.define "puppetmaster" do |pm|
pm.vm.box = "centos/7"
pm.vm.network "private_network", ip: "192.168.2.10"
pm.vm.hostname = "puppetmaster"
end
config.vm.define "agent-centos" do |c|
c.vm.box = "centos/7"
c.vm.network "private_network", ip: "192.168.2.11"
c.vm.hostname = "centos"
end
end
Zhang
> On Aug 23, 2019, at 12:43 AM, Martin Alfke <[email protected]> wrote:
>
> Hi Zhang,
>
>> On 23. Aug 2019, at 09:36, Zhang Zhao <[email protected]
>> <mailto:[email protected]>> wrote:
>>
>> Hi Martin,
>> Thank you for your reply.. The firewall was disabled before I started
>> puppet… I was using VirtualBox to create the environment. One server acts as
>> puppet master and the other acts as agent. Still getting same error…. Any
>> idea what else steps I was missing for configuration?
>
> How did you do the Virtualbox network setup?
> Do you use bridge interfaces?
> Have the two systems a shared internal network?
>
> Can the agent resolve the master hostname (puppet)?
> Is puppet really the hostname of the master VM?
>
> Can the agent ping the master (ping -c1 puppet)?
>
> DNS (via Server like bind or via /etc/hosts entries) and NTP are two
> requirements for a working Puppet environment.
>
> Best,
> Martin
>
>>
>>
>> [root@puppetmaster ~]# systemctl status firewalld
>> ● firewalld.service - firewalld - dynamic firewall daemon
>> Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled;
>> vendor preset: enabled)
>> Active: inactive (dead)
>> Docs: man:firewalld(1)
>>
>>
>>
>>
>> [root@centos ~]# puppet agent --test
>> Error: Could not request certificate: Connection refused - request
>> https://puppet:8140//puppet-ca/v1/certificate/ca failed: Failed to open TCP
>> connection to puppet:8140 (Connection refused - connect(2) for "puppet" port
>> 8140)
>> Exiting; failed to retrieve certificate and waitforcert is disabled
>>
>>
>>
>>
>>> On Aug 22, 2019, at 4:58 AM, Martin Alfke <[email protected]> wrote:
>>>
>>> Hi,
>>>
>>>
>>>> On 22. Aug 2019, at 08:02, Zhang Zhao <[email protected]> wrote:
>>>>
>>>> Hi,
>>>> I am new to Puppet. Trying to set up a test environment. But the agent
>>>> could not request a certificate as connection refused. I made sure that
>>>> puppet server was running and service was enabled. Anyone can let me know
>>>> where was wrong? Thanks.
>>>
>>> Is there a local firewall (iptables) running on the master?
>>> You can temporarily flush the rules:
>>> sudo iptables -F
>>>
>>> If a local firewall is running, you want to open port 8140/tcp for incoming
>>> connections.
>>>
>>> Best,
>>> Martin
>>>
>>>
>>>>
>>>> Zhang
>>>>
>>>> On PuppetMaster,
>>>> [root@puppetmaster ~]# puppet resource service puppetserver ensure=running
>>>> enable=true
>>>> service { 'puppetserver':
>>>> ensure => 'running',
>>>> enable => 'true',
>>>> }
>>>>
>>>> [root@puppetmaster ~]# netstat -ntlp
>>>> Active Internet connections (only servers)
>>>> Proto Recv-Q Send-Q Local Address Foreign Address State
>>>> PID/Program name
>>>> tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
>>>> 1/systemd
>>>> tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
>>>> 2469/sshd
>>>> tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
>>>> 2694/master
>>>> tcp6 0 0 :::8140 :::* LISTEN
>>>> 27805/java
>>>> tcp6 0 0 :::111 :::* LISTEN
>>>> 1/systemd
>>>> tcp6 0 0 :::22 :::* LISTEN
>>>> 2469/sshd
>>>> tcp6 0 0 ::1:25 :::* LISTEN
>>>> 2694/master
>>>>
>>>>
>>>> [root@puppetmaster ~]# puppet cert list --all
>>>> Warning: `puppet cert` is deprecated and will be removed in a future
>>>> release.
>>>> (location:
>>>> /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application.rb:370:in
>>>> `run')
>>>> + "puppetmaster.attlocal.net" (SHA256)
>>>> 10:A5:A4:7D:9E:10:D1:14:C3:92:D2:CE:B4:7E:78:C5:C4:26:56:DA:0D:7B:4E:0B:D5:58:B4:1E:43:03:F4:9E
>>>> (alt names: "DNS:puppet", "DNS:puppetmaster.attlocal.net")
>>>>
>>>> --
>>>> You received this message because you are subscribed to the Google Groups
>>>> "Puppet Users" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send an
>>>> email to [email protected].
>>>> To view this discussion on the web visit
>>>> https://groups.google.com/d/msgid/puppet-users/688ccd6f-00a8-4f28-9683-d7a4424bacf3%40googlegroups.com.
>>>
>>>
>>> --
>>> You received this message because you are subscribed to the Google Groups
>>> "Puppet Users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send an
>>> email to [email protected].
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/puppet-users/5A7FEB43-1979-4A35-BF22-595752604F6D%40gmail.com.
>>
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected]
>> <mailto:[email protected]>.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/puppet-users/4DF87865-B16D-4F63-AEFF-359F1D53557E%40gmail.com
>>
>> <https://groups.google.com/d/msgid/puppet-users/4DF87865-B16D-4F63-AEFF-359F1D53557E%40gmail.com>.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected]
> <mailto:[email protected]>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/01AABC8A-874A-4606-AE70-199C6BAB5550%40gmail.com
>
> <https://groups.google.com/d/msgid/puppet-users/01AABC8A-874A-4606-AE70-199C6BAB5550%40gmail.com>.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/DD22CE32-FBDF-404C-8820-17E01F3E5D89%40gmail.com.
