Chinaunix首页 | 论坛 | 博客

摸_摸的ChinaUnix博客

首页 |  博文目录 |  关于我

摸_摸

  • 博客访问: 329843
  • 博文数量: 62
  • 博客积分: 0
  • 博客等级: 民兵
  • 技术积分: 710
  • 用 户 组: 普通用户
  • 注册时间: 2013-05-14 14:12
个人简介

太懒

文章分类

全部博文(62)

文章存档

2015年(8)

2014年(20)

2013年(34)

我的朋友
最近访客
推荐博文
相关博文
puppet客户端重装错误一例:master修改puppetserver参数

分类: LINUX

2013-05-17 15:31:15

重新注册的客户端会报错:


executing post install  my2950.momo.org
hostname for puppet is node2
info: Caching certificate for ca
info: Creating a new SSL certificate request for node2.momo.org
info: Certificate Request fingerprint (md5): 74:67:24:77:99:DF:75:AE:EF:24:27:29:DC:A9:13:47
info: Caching certificate for node2.momo.org
warning: Fact syncing is deprecated as of 0.25 -- use 'pluginsync' instead
info: Retrieving fact
err: /File[/var/lib/puppet/facts/]: Failed to generate additional resources using 'eval_generate': hostname                                                                      was not match with the server certificate
err: /File[/var/lib/puppet/facts/]: Could not evaluate: hostname was not match with the server certificate C                                                                     ould not retrieve file metadata for puppet://my2950.momo.org/facts: hostname was not match with the server c                                                                     ertificate
err: Could not retrieve catalog from remote server: hostname was not match with the server certificate
warning: Not using cache on failed catalog
err: Could not retrieve catalog; skipping run



解决办法 

1.  To see the puppet master’s certified hostnames, run

puppet master --configprint certname,certdnsnames

[root@my2950 puppet]# puppet master --configprint certname,certdnsnames
certdnsnames =
certname = my2950.*****.com
[root@my2950 puppet]#

2.Re-generate the puppet master’s certificate:
  • Stop puppet master.

  • Delete the puppet master’s certificate, private key, and public key:

    find $(puppet master --configprint ssldir) -name "$(puppet master --configprint certname).pem" -delete

[root@my2950 puppet]# /etc/init.d/puppetmaster stop
Stopping puppetmaster:                                     [  OK  ]
[root@my2950 puppet]#
[root@my2950 puppet]# puppet master --configprint ssldir
/var/lib/puppet/ssl
[root@my2950 puppet]# puppet master --configprint certname
my2950.****.com
[root@my2950 puppet]#
[root@my2950 puppet]#
[root@my2950 puppet]# find $(puppet master --configprint ssldir) -name "$(puppet master --configprint certname).p                    em" -delete
[root@my2950 puppet]#

Start a non-daemonized WEBrick puppet master instance, and wait for it to generate and sign a new certificate: 

 $ sudo puppet master --no-daemonize --verbose

You should stop the temporary puppet master with ctrl-C after you see the “notice: Starting Puppet master version 2.6.9” message.


[root@my2950 puppet]#  puppet master --no-daemonize --verbose
info: Creating a new SSL key for my2950.momo.org
info: Creating a new SSL certificate request for my2950.momo.org
info: Certificate Request fingerprint (md5): DA:EB:7B:3C:3C:28:D4:4E:AF:EE:95:FA:69:6A:3D:CE
notice: my2950.momo.org has a waiting certificate request
notice: Signed certificate request for my2950.momo.org
notice: Removing file Puppet::SSL::CertificateRequest my2950.momo.org at '/var/lib/puppet/ssl/ca/requests/my2950.momo.org.pem'
notice: Removing file Puppet::SSL::CertificateRequest my2950.momo.org at '/var/lib/puppet/ssl/certificate_requests/my2950.momo.org.pem'
notice: Starting Puppet master version 2.7.9
err: Removing mount sharestorage: /etc/puppet/sharestorage does not exist
info: mount[sharestorage]: allowing * access


^Cnotice: Caught INT; calling stop
[root@my2950 puppet]#



Restart the puppet master.



阅读(1826) | 评论(0) | 转发(0) |
0

上一篇:puppet客户端重装错误一例

下一篇:ISCSI VOLUME 扩容

给主人留下些什么吧!~~
关于我们 | 关于IT168 | 联系方式 | 广告合作 | 法律声明 | 免费注册

Copyright 2001-2010 ChinaUnix.net All Rights Reserved 北京皓辰网域网络信息技术有限公司. 版权所有

感谢所有关心和支持过ChinaUnix的朋友们

16024965号-6