• puppet配置问题统计


    一、

    [root@client puppet]# puppetd --test --server master.test.com
    info: Creating a new SSL key for client
    info: Caching certificate for ca
    info: Creating a new SSL certificate request for client
    info: Certificate Request fingerprint (SHA256): 8C:D6:72:E7:CB:69:AA:2B:E5:37:12:EA:E2:14:55:4C:EA:22:43:FE:9A:B1:0F:78:E9:BB:AA:33:83:CA:13:8A
    info: Caching certificate for client
    err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate is not yet valid for /CN=Puppet CA: master.test.com]
    warning: Not using cache on failed catalog
    err: Could not retrieve catalog; skipping run
    err: Could not send report: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate is not yet valid for /CN=Puppet CA: master.test.com]

    这个问题研究了半天 是因为时间同步的问题,很纠结。。。

    二、

    [root@client puppet]# puppetd --test --server master.test.com
    err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not parse for environment production: Syntax error at '=>'; expected '}' at /etc/puppet/manifests/site.pp:10 on node client.uxin.youxinpai.com
    warning: Not using cache on failed catalog
    err: Could not retrieve catalog; skipping run

    这个很明显 语法错误,每行最后要以,结尾,每次最后的一行不加标点(vim /etc/puppet/manifests/site.pp)。

    node default {
    file {
    "/tmp/test1111": #这是文件路径名;
    content =>"This is test of PUPPET" #这是文件的内容;
    }

    file {
    "/tmp/logclean.sh": #这是文件路径名;
    owner => "root",
    group => "puppet",
    content => "find /log/ -type f -size +10KB | xgrep rm -rf ", #这是文件的内容;
    mode => "0777"
    }

    }

    三、

    添加ensure => present 这种参数的时候不用“”,

    四、

    当要删除证书的时候

    首先在master端删除 你要删除的客户端

    [root@master manifests]# ll /var/lib/puppet/ssl/ca/signed/
    client.pem client.uxin.youxinpai.com.pem master.test.com.pem

    然后客户端需要删除ssl这个文件

    [root@client puppet]# ll /var/lib/puppet/ssl/

    之后重新申请即可

  • 相关阅读:
    安装mysql
    date, Calendar
    心态
    jdbc ---- DBUTilDao 类
    jdbc--------JdbcUtilDao 类
    Python与C/C++相互调用
    用链表和数组实现HASH表,几种碰撞冲突解决方法
    用链表实现消息队列
    文件系统的发展
    [深度学习]开源的深度学习框架
  • 原文地址:https://www.cnblogs.com/tengfei520/p/5486831.html
Copyright © 2020-2023  润新知