重新注册的客户端会报错:
executing post install my2950.momo.org
hostname for puppet is node2
info: Caching certificate for ca
info: Creating a new SSL certificate request for node2.momo.org
info: Certificate Request fingerprint (md5): 74:67:24:77:99:DF:75:AE:EF:24:27:29:DC:A9:13:47
info: Caching certificate for node2.momo.org
warning: Fact syncing is deprecated as of 0.25 -- use 'pluginsync' instead
info: Retrieving fact
err: /File[/var/lib/puppet/facts/]: Failed to generate additional resources using 'eval_generate': hostname was not match with the server certificate
err: /File[/var/lib/puppet/facts/]: Could not evaluate: hostname was not match with the server certificate C ould not retrieve file metadata for puppet://my2950.momo.org/facts: hostname was not match with the server c ertificate
err: Could not retrieve catalog from remote server: hostname was not match with the server certificate
warning: Not using cache on failed catalog
err: Could not retrieve catalog; skipping run
解决办法
1.
To see the puppet master’s certified hostnames, run
puppet master --configprint certname,certdnsnames
[root@my2950 puppet]# puppet master --configprint certname,certdnsnames
certdnsnames =
certname = my2950.*****.com
[root@my2950 puppet]#
2.
Re-generate the puppet master’s certificate:
[root@my2950 puppet]# /etc/init.d/puppetmaster stop
Stopping puppetmaster: [ OK ]
[root@my2950 puppet]#
[root@my2950 puppet]# puppet master --configprint ssldir
/var/lib/puppet/ssl
[root@my2950 puppet]# puppet master --configprint certname
my2950.****.com
[root@my2950 puppet]#
[root@my2950 puppet]#
[root@my2950 puppet]# find $(puppet master --configprint ssldir) -name "$(puppet master --configprint certname).p em" -delete
[root@my2950 puppet]#
Start a non-daemonized WEBrick puppet master instance, and wait for it to generate and sign a new certificate:
$ sudo puppet master --no-daemonize --verbose
You should stop the temporary puppet master with ctrl-C after you see the “notice: Starting Puppet master version 2.6.9” message.
[root@my2950 puppet]# puppet master --no-daemonize --verbose
info: Creating a new SSL key for my2950.momo.org
info: Creating a new SSL certificate request for my2950.momo.org
info: Certificate Request fingerprint (md5): DA:EB:7B:3C:3C:28:D4:4E:AF:EE:95:FA:69:6A:3D:CE
notice: my2950.momo.org has a waiting certificate request
notice: Signed certificate request for my2950.momo.org
notice: Removing file Puppet::SSL::CertificateRequest my2950.momo.org at '/var/lib/puppet/ssl/ca/requests/my2950.momo.org.pem'
notice: Removing file Puppet::SSL::CertificateRequest my2950.momo.org at '/var/lib/puppet/ssl/certificate_requests/my2950.momo.org.pem'
notice: Starting Puppet master version 2.7.9
err: Removing mount sharestorage: /etc/puppet/sharestorage does not exist
info: mount[sharestorage]: allowing * access
^Cnotice: Caught INT; calling stop
[root@my2950 puppet]#
Restart the puppet master.
阅读(1862) | 评论(0) | 转发(0) |