[root@localhost Desktop]# rpm -ivh
http://yum.puppetlabs.com/puppetlabs-release-el-6.noarch.rpm
Retrieving
http://yum.puppetlabs.com/puppetlabs-release-el-6.noarch.rpm
curl: (6) Couldn't resolve host 'yum.puppetlabs.com'
error: skipping http://yum.puppetlabs.com/puppetlabs-release-el-6.noarch.rpm
- transfer failed
[root@localhost Desktop]# rpm -ivh
http://yum.puppetlabs.com/puppetlabs-release-el-6.noarch.rpm
Retrieving
http://yum.puppetlabs.com/puppetlabs-release-el-6.noarch.rpm
warning: /var/tmp/rpm-tmp.N1qNJk: Header V4 RSA/SHA1
Signature, key ID ef8d349f: NOKEY
Preparing...
########################################### [100%]
1:puppetlabs-release
########################################### [100%]
[root@localhost Desktop]# yum install puppet-server
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Install Process
Determining fastest mirrors
* base:
centos.excellmedia.net
* extras:
centos.excellmedia.net
* updates:
centos.excellmedia.net
puppetlabs-deps | 2.5
kB 00:00
puppetlabs-deps/primary_db | 12 kB
00:00
puppetlabs-products | 2.5
kB 00:00
puppetlabs-products/primary_db | 85 kB
00:00
Resolving Dependencies
--> Running transaction check
---> Package puppet-server.noarch 0:3.8.7-1.el6 will be
installed
--> Processing Dependency: puppet = 3.8.7-1.el6 for
package: puppet-server-3.8.7-1.el6.noarch
--> Running transaction check
---> Package puppet.noarch 0:3.8.7-1.el6 will be
installed
--> Processing Dependency: ruby >= 1.8.7 for package:
puppet-3.8.7-1.el6.noarch
--> Processing Dependency: ruby >= 1.8 for package:
puppet-3.8.7-1.el6.noarch
--> Processing Dependency: facter >= 1:1.7.0 for
package: puppet-3.8.7-1.el6.noarch
--> Processing Dependency: hiera >= 1.0.0 for package:
puppet-3.8.7-1.el6.noarch
-->Processing Dependency: ruby-shadow for package:
puppet-3.8.7-1.el6.noarch
-->Processing Dependency: ruby-augeas for package:
puppet-3.8.7-1.el6.noarch
-->Processing Dependency: rubygem-json for package:
puppet-3.8.7-1.el6.noarch
--> Processing Dependency: ruby(selinux) for package:
puppet-3.8.7-1.el6.noarch
--> Processing Dependency: /usr/bin/ruby for package:
puppet-3.8.7-1.el6.noarch
--> Running transaction check
---> Package facter.x86_64 1:2.4.6-1.el6 will be
installed
---> Package hiera.noarch 0:1.3.4-1.el6 will be installed
---> Package libselinux-ruby.x86_64 0:2.0.94-7.el6 will
be installed
---> Package ruby.x86_64 0:1.8.7.374-5.el6 will be
installed
--> Processing Dependency: ruby-libs = 1.8.7.374-5.el6
for package: ruby-1.8.7.374-5.el6.x86_64
--> Processing Dependency: libruby.so.1.8()(64bit) for
package: ruby-1.8.7.374-5.el6.x86_64
---> Package ruby-augeas.x86_64 0:0.4.1-3.el6 will be
installed
---> Package ruby-shadow.x86_64 1:2.2.0-2.el6 will be
installed
---> Package rubygem-json.x86_64 0:1.5.5-3.el6 will be
installed
--> Processing Dependency: rubygems >= 1.3.7 for package:
rubygem-json-1.5.5-3.el6.x86_64
--> Running transaction check
---> Package ruby-libs.x86_64 0:1.8.7.374-5.el6 will be
installed
--> Processing Dependency: libreadline.so.5()(64bit) for
package: ruby-libs-1.8.7.374-5.el6.x86_64
---> Package rubygems.noarch 0:1.3.7-5.el6 will be
installed
-->Processing Dependency: ruby-rdoc for package:
rubygems-1.3.7-5.el6.noarch
--> Running transaction check
---> Package compat-readline5.x86_64 0:5.2-17.1.el6 will
be installed
---> Package ruby-rdoc.x86_64 0:1.8.7.374-5.el6 will be
installed
--> Processing Dependency: ruby-irb = 1.8.7.374-5.el6 for
package: ruby-rdoc-1.8.7.374-5.el6.x86_64
--> Running transaction check
---> Package ruby-irb.x86_64 0:1.8.7.374-5.el6 will be
installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
puppet-server
noarch 3.8.7-1.el6 puppetlabs-products 24 k
Installing for dependencies:
compat-readline5
x86_64 5.2-17.1.el6 base 130 k
facter
x86_64 1:2.4.6-1.el6 puppetlabs-products 99 k
hiera
noarch 1.3.4-1.el6 puppetlabs-products 23 k
libselinux-ruby
x86_64 2.0.94-7.el6 base 100 k
puppet
noarch 3.8.7-1.el6 puppetlabs-products 1.6 M
ruby
x86_64 1.8.7.374-5.el6 base 538 k
ruby-augeas
x86_64 0.4.1-3.el6 puppetlabs-deps 21 k
ruby-irb
x86_64 1.8.7.374-5.el6 base 318 k
ruby-libs
x86_64 1.8.7.374-5.el6 base 1.7 M
ruby-rdoc
x86_64 1.8.7.374-5.el6 base 381 k
ruby-shadow
x86_64 1:2.2.0-2.el6 puppetlabs-deps 13 k
rubygem-json
x86_64 1.5.5-3.el6 puppetlabs-deps 763 k
rubygems
noarch 1.3.7-5.el6 base 207 k
Transaction Summary
================================================================================
Install 14 Package(s)
Total download size: 5.8 M
Installed size: 14 M
Is this ok [y/N]: y
Downloading Packages:
(1/14): compat-readline5-5.2-17.1.el6.x86_64.rpm | 130 kB 00:00
(2/14): facter-2.4.6-1.el6.x86_64.rpm | 99 kB
00:00
(3/14): hiera-1.3.4-1.el6.noarch.rpm | 23 kB
00:00
(4/14): libselinux-ruby-2.0.94-7.el6.x86_64.rpm | 100 kB 00:00
(5/14): puppet-3.8.7-1.el6.noarch.rpm | 1.6 MB 00:01
(6/14): puppet-server-3.8.7-1.el6.noarch.rpm |
24 kB 00:00
(7/14): ruby-1.8.7.374-5.el6.x86_64.rpm | 538 kB 00:00
(8/14): ruby-augeas-0.4.1-3.el6.x86_64.rpm | 21 kB
00:00
(9/14): ruby-irb-1.8.7.374-5.el6.x86_64.rpm | 318 kB 00:00
(10/14): ruby-libs-1.8.7.374-5.el6.x86_64.rpm | 1.7 MB 00:00
(11/14): ruby-rdoc-1.8.7.374-5.el6.x86_64.rpm | 381 kB 00:00
(12/14): ruby-shadow-2.2.0-2.el6.x86_64.rpm |
13 kB 00:00
(13/14): rubygem-json-1.5.5-3.el6.x86_64.rpm | 763 kB 00:01
(14/14): rubygems-1.3.7-5.el6.noarch.rpm | 207 kB 00:00
--------------------------------------------------------------------------------
Total 580
kB/s | 5.8 MB 00:10
warning: rpmts_HdrFromFdno: Header V4 RSA/SHA1 Signature,
key ID 4bd6ec30: NOKEY
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabs
Importing GPG key 0x4BD6EC30:
Userid : Puppet Labs Release Key (Puppet Labs Release Key)
<info@puppetlabs.com>
Package:
puppetlabs-release-22.0-2.noarch (installed)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabs
Is this ok [y/N]: y
Retrieving key from
file:///etc/pki/rpm-gpg/RPM-GPG-KEY-puppet
Importing GPG key 0xEF8D349F:
Userid : Puppet, Inc. Release Key (Puppet, Inc. Release Key)
<release@puppet.com>
Package:
puppetlabs-release-22.0-2.noarch (installed)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-puppet
Is this ok [y/N]: y
warning: rpmts_HdrFromFdno: Header V3 RSA/SHA1 Signature,
key ID c105b9de: NOKEY
Retrieving key from
file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
Importing GPG key 0xC105B9DE:
Userid : CentOS-6 Key (CentOS 6 Official Signing Key)
<centos-6-key@centos.org>
Package:
centos-release-6-9.el6.12.3.x86_64 (@anaconda-CentOS-201703281317.x86_64/6.9)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
Is this ok [y/N]: y
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Warning: RPMDB altered outside of yum.
Installing : libselinux-ruby-2.0.94-7.el6.x86_64 1/14
Installing : compat-readline5-5.2-17.1.el6.x86_64 2/14
Installing : ruby-libs-1.8.7.374-5.el6.x86_64 3/14
Installing : ruby-1.8.7.374-5.el6.x86_64 4/14
Installing : 1:facter-2.4.6-1.el6.x86_64 5/14
Installing : 1:ruby-shadow-2.2.0-2.el6.x86_64 6/14
Installing : ruby-irb-1.8.7.374-5.el6.x86_64 7/14
Installing : ruby-rdoc-1.8.7.374-5.el6.x86_64 8/14
Installing : rubygems-1.3.7-5.el6.noarch 9/14
Installing : rubygem-json-1.5.5-3.el6.x86_64 10/14
Installing : hiera-1.3.4-1.el6.noarch 11/14
Installing : ruby-augeas-0.4.1-3.el6.x86_64 12/14
Installing : puppet-3.8.7-1.el6.noarch 13/14
Installing : puppet-server-3.8.7-1.el6.noarch 14/14
Verifying :
puppet-server-3.8.7-1.el6.noarch 1/14
Verifying :
puppet-3.8.7-1.el6.noarch 2/14
Verifying :
ruby-rdoc-1.8.7.374-5.el6.x86_64 3/14
Verifying :
compat-readline5-5.2-17.1.el6.x86_64 4/14
Verifying :
1:facter-2.4.6-1.el6.x86_64 5/14
Verifying :
rubygem-json-1.5.5-3.el6.x86_64 6/14
Verifying :
ruby-1.8.7.374-5.el6.x86_64 7/14
Verifying :
1:ruby-shadow-2.2.0-2.el6.x86_64 8/14
Verifying :
rubygems-1.3.7-5.el6.noarch 9/14
Verifying :
ruby-libs-1.8.7.374-5.el6.x86_64 10/14
Verifying :
ruby-irb-1.8.7.374-5.el6.x86_64 11/14
Verifying :
libselinux-ruby-2.0.94-7.el6.x86_64 12/14
Verifying :
ruby-augeas-0.4.1-3.el6.x86_64 13/14
Verifying :
hiera-1.3.4-1.el6.noarch 14/14
Installed:
puppet-server.noarch 0:3.8.7-1.el6
Dependency Installed:
compat-readline5.x86_64 0:5.2-17.1.el6 facter.x86_64 1:2.4.6-1.el6
hiera.noarch
0:1.3.4-1.el6 libselinux-ruby.x86_64
0:2.0.94-7.el6
puppet.noarch
0:3.8.7-1.el6 ruby.x86_64
0:1.8.7.374-5.el6
ruby-augeas.x86_64 0:0.4.1-3.el6 ruby-irb.x86_64 0:1.8.7.374-5.el6
ruby-libs.x86_64 0:1.8.7.374-5.el6 ruby-rdoc.x86_64 0:1.8.7.374-5.el6
ruby-shadow.x86_64 1:2.2.0-2.el6 rubygem-json.x86_64 0:1.5.5-3.el6
rubygems.noarch
0:1.3.7-5.el6
Complete!
[root@localhost Desktop]# puppet resource package
puppet-server ensure=latest
package { 'puppet-server':
ensure => '3.8.7-1.el6',
}
[root@localhost Desktop]# /etc/init.d/puppetmaster restart
Stopping puppetmaster: [FAILED]
Starting puppetmaster: [ OK ]
[root@localhost Desktop]# /etc/init.d/puppetmaster restart
Stopping puppetmaster: [ OK ]
Starting puppetmaster: [ OK ]
[root@localhost Desktop]# rpm -Uvh
https://yum.puppet.com/puppet6-release-el-6.noarch.rpm
Retrieving https://yum.puppet.com/puppet6-release-el-6.noarch.rpm
Preparing...
########################################### [100%]
1:puppet6-release
########################################### [100%]
[root@localhost Desktop]# yum install puppet-serverLoaded
plugins: fastestmirror, refresh-packagekit, security
Setting up Install Process
Loading mirror speeds from cached hostfile
* base:
centos.excellmedia.net
* extras:
centos.excellmedia.net
* updates:
centos.excellmedia.net
puppet6 | 2.5
kB 00:00
puppet6/primary_db | 147
kB 00:00
Package puppet-server-3.8.7-1.el6.noarch already installed
and latest version
Nothing to do
[root@localhost Desktop]# puppetserver ca setup
bash: puppetserver: command not found
[root@localhost Desktop]# systemctl start puppetserver
bash: systemctl: command not found
[root@localhost Desktop]# systemctl enable puppetserver
bash: systemctl: command not found
[root@localhost Desktop]# service status puppetserver
status: unrecognized service
[root@localhost Desktop]# service puppetserver status
puppetserver: unrecognized service
[root@localhost Desktop]# service puppetmaster status
puppet (pid 3605) is
running...
[root@localhost Desktop]# puppetmaster ca setup
bash: puppetmaster: command not found
[root@localhost Desktop]# puppet ^C
[root@localhost Desktop]# rpm -ivh
http://yum.puppetlabs.com/el/6/products/i386/puppetlabs-release-6-7.noarch.rpm
Retrieving http://yum.puppetlabs.com/el/6/products/i386/puppetlabs-release-6-7.noarch.rpm
curl: (22) The requested URL returned error: 404 Not Found
error: skipping
http://yum.puppetlabs.com/el/6/products/i386/puppetlabs-release-6-7.noarch.rpm
- transfer failed
[root@localhost Desktop]# puppet resource service
puppetmaster ensure=running enable=true
Notice: /Service[puppetmaster]/enable: enable changed
'false' to 'true'
service { 'puppetmaster':
ensure => 'running',
enable => 'true',
}
[root@localhost Desktop]# rpm install https://yum.puppetlabs.com/puppet-release-el-6.noarch.rpm
RPM version 4.8.0
Copyright (C) 1998-2002 - Red Hat, Inc.
This program may be freely redistributed under the terms of
the GNU GPL
Usage: rpm [-aKfgpWHqVcdilsKiv?] [-a|--all] [-f|--file]
[-g|--group]
[-p|--package] [-W|--ftswalk] [--pkgid]
[--hdrid] [--fileid]
[--specfile]
[--triggeredby] [--whatrequires] [--whatprovides]
[--nomanifest]
[-c|--configfiles] [-d|--docfiles] [--dump] [-l|--list]
[--queryformat=QUERYFORMAT] [-s|--state] [--nofiledigest] [--nomd5]
[--nofiles]
[--nodeps] [--noscript] [--comfollow] [--logical]
[--nochdir]
[--nostat] [--physical] [--seedot] [--xdev]
[--whiteout]
[--addsign] [-K|--checksig] [--delsign] [--import]
[--resign]
[--nodigest] [--nosignature] [--initdb] [--rebuilddb]
[--aid]
[--allfiles] [--allmatches] [--badreloc]
[-e|--erase
<package>+] [--excludedocs] [--excludepath=<path>]
[--fileconflicts] [--force] [-F|--freshen <packagefile>+]
[-h|--hash]
[--ignorearch]
[--ignoreos] [--ignoresize] [-i|--install] [--justdb]
[--nodeps]
[--nofiledigest] [--nomd5] [--nocontexts] [--noorder]
[--nosuggest]
[--noscripts] [--notriggers] [--oldpackage]
[--percent]
[--prefix=<dir>] [--relocate=<old>=<new>]
[--replacefiles] [--replacepkgs] [--test]
[-U|--upgrade
<packagefile>+] [--quiet] [-D|--define 'MACRO EXPR']
[-E|--eval
'EXPR'] [--macros=<FILE:...>] [--nodigest] [--nosignature]
[--rcfile=<FILE:...>]
[-r|--root ROOT] [--querytags] [--showrc]
[--quiet]
[-v|--verbose] [--version] [-?|--help] [--usage]
[--scripts]
[--setperms] [--setugids] [--conflicts] [--obsoletes]
[--provides]
[--requires] [--info] [--changelog] [--xml]
[--triggers]
[--last] [--dupes] [--filesbypkg] [--fileclass]
[--filecolor]
[--fscontext] [--fileprovide] [--filerequire]
[--filecaps]
[root@localhost Desktop]# rpm -ivh
https://yum.puppetlabs.com/puppet-release-el-6.noarch.rpm
Retrieving
https://yum.puppetlabs.com/puppet-release-el-6.noarch.rpm
error: Failed dependencies:
puppet6-release
conflicts with puppet-release-1.0.0-7.el6.noarch
puppet-release
conflicts with puppet6-release-6.0.0-5.el6.noarch
[root@localhost Desktop]# yum remove puppet-release
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Remove Process
No Match for argument: puppet-release
Loading mirror speeds from cached hostfile
* base:
centos.excellmedia.net
* extras: centos.excellmedia.net
* updates:
centos.excellmedia.net
Package(s) puppet-release available, but not installed.
No Packages marked for removal
[root@localhost Desktop]# yum remove puppet*
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Remove Process
Resolving Dependencies
--> Running transaction check
---> Package puppet.noarch 0:3.8.7-1.el6 will be erased
---> Package puppet-server.noarch 0:3.8.7-1.el6 will be
erased
---> Package puppet6-release.noarch 0:6.0.0-5.el6 will be
erased
---> Package puppetlabs-release.noarch 0:22.0-2 will be
erased
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Removing:
puppet
noarch 3.8.7-1.el6 @puppetlabs-products 6.3 M
puppet-server
noarch 3.8.7-1.el6 @puppetlabs-products 10 k
puppet6-release
noarch 6.0.0-5.el6 installed 5.0 k
puppetlabs-release
noarch 22.0-2 installed 13 k
Transaction Summary
================================================================================
Remove 4
Package(s)
Installed size: 6.3 M
Is this ok [y/N]: y
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Warning: RPMDB altered outside of yum.
Erasing : puppet-server-3.8.7-1.el6.noarch 1/4
Erasing : puppet-3.8.7-1.el6.noarch 2/4
Erasing : puppetlabs-release-22.0-2.noarch 3/4
Erasing : puppet6-release-6.0.0-5.el6.noarch 4/4
Verifying :
puppet-server-3.8.7-1.el6.noarch 1/4
Verifying :
puppet6-release-6.0.0-5.el6.noarch
2/4
Verifying :
puppet-3.8.7-1.el6.noarch 3/4
Verifying :
puppetlabs-release-22.0-2.noarch 4/4
Removed:
puppet.noarch
0:3.8.7-1.el6
puppet-server.noarch 0:3.8.7-1.el6
puppet6-release.noarch 0:6.0.0-5.el6 puppetlabs-release.noarch 0:22.0-2
Complete!
[root@localhost Desktop]# rpm -ivh
https://yum.puppetlabs.com/puppet-release-el-6.noarch.rpm
Retrieving https://yum.puppetlabs.com/puppet-release-el-6.noarch.rpm
Preparing...
########################################### [100%]
1:puppet-release
########################################### [100%]
[root@localhost Desktop]# yum install puppet-serverLoaded
plugins: fastestmirror, refresh-packagekit, security
Existing lock /var/run/yum.pid: another copy is running as
pid 3810.
Another app is currently holding the yum lock; waiting for
it to exit...
The other
application is: PackageKit
Memory : 46 M RSS
(356 MB VSZ)
Started: Sat Jul
27 12:51:30 2019 - 00:07 ago
State : Sleeping,
pid: 3810
Setting up Install Process
Loading mirror speeds from cached hostfile
* base:
centos.excellmedia.net
* extras:
centos.excellmedia.net
* updates:
centos.excellmedia.net
No package puppet-server available.
Error: Nothing to do
[root@localhost Desktop]# yum install puppetserver
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Install Process
Loading mirror speeds from cached hostfile
* base:
centos.excellmedia.net
* extras:
centos.excellmedia.net
* updates:
centos.excellmedia.net
Resolving Dependencies
--> Running transaction check
---> Package puppetserver.noarch 0:6.5.0-1.el6 will be
installed
--> Processing Dependency: puppet-agent >= 5.5.0 for
package: puppetserver-6.5.0-1.el6.noarch
--> Processing Dependency: java-1.8.0-openjdk-headless
for package: puppetserver-6.5.0-1.el6.noarch
--> Running transaction check
---> Package facter.x86_64 1:2.4.6-1.el6 will be obsoleted
---> Package hiera.noarch 0:1.3.4-1.el6 will be obsoleted
---> Package java-1.8.0-openjdk-headless.x86_64
1:1.8.0.222.b10-0.el6_10 will be installed
--> Processing Dependency: nss >= 3.36.0 for package:
1:java-1.8.0-openjdk-headless-1.8.0.222.b10-0.el6_10.x86_64
---> Package puppet-agent.x86_64 0:6.7.2-1.el6 will be
obsoleting
--> Running transaction check
---> Package nss.x86_64 0:3.27.1-13.el6 will be updated
--> Processing Dependency: nss = 3.27.1-13.el6 for
package: nss-sysinit-3.27.1-13.el6.x86_64
--> Processing Dependency: nss(x86-64) = 3.27.1-13.el6
for package: nss-tools-3.27.1-13.el6.x86_64
---> Package nss.x86_64 0:3.36.0-9.el6_10 will be an
update
--> Processing Dependency: nss-util >= 3.36.0 for package:
nss-3.36.0-9.el6_10.x86_64
--> Processing Dependency: nspr >= 4.19.0 for package:
nss-3.36.0-9.el6_10.x86_64
--> Processing Dependency:
libnssutil3.so(NSSUTIL_3.33)(64bit) for package: nss-3.36.0-9.el6_10.x86_64
--> Processing Dependency: libnssutil3.so(NSSUTIL_3.31)(64bit)
for package: nss-3.36.0-9.el6_10.x86_64
--> Running transaction check
---> Package nspr.x86_64 0:4.13.1-1.el6 will be updated
---> Package nspr.x86_64 0:4.19.0-1.el6 will be an update
---> Package nss-sysinit.x86_64 0:3.27.1-13.el6 will be
updated
---> Package nss-sysinit.x86_64 0:3.36.0-9.el6_10 will be
an update
---> Package nss-tools.x86_64 0:3.27.1-13.el6 will be
updated
---> Package nss-tools.x86_64 0:3.36.0-9.el6_10 will be
an update
---> Package nss-util.x86_64 0:3.27.1-3.el6 will be
updated
---> Package nss-util.x86_64 0:3.36.0-1.el6 will be an
update
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository
Size
================================================================================
Installing:
puppet-agent
x86_64 6.7.2-1.el6 puppet 24 M
replacing
facter.x86_64 1:2.4.6-1.el6
replacing
hiera.noarch 1.3.4-1.el6
puppetserver
noarch 6.5.0-1.el6 puppet 74 M
Installing for dependencies:
java-1.8.0-openjdk-headless x86_64
1:1.8.0.222.b10-0.el6_10
updates 32 M
Updating for dependencies:
nspr
x86_64 4.19.0-1.el6 base 114 k
nss
x86_64 3.36.0-9.el6_10 updates 865 k
nss-sysinit
x86_64 3.36.0-9.el6_10 updates 53 k
nss-tools
x86_64 3.36.0-9.el6_10 updates 460 k
nss-util
x86_64 3.36.0-1.el6 base 72 k
Transaction Summary
================================================================================
Install 3
Package(s)
Upgrade 5
Package(s)
Total download size: 132 M
Is this ok [y/N]: y
Downloading Packages:
(1/8): java-1.8.0-openjdk-headless-1.8.0.222.b10-0.el6_1
| 32 MB 00:10
(2/8): nspr-4.19.0-1.el6.x86_64.rpm | 114 kB 00:00
(3/8): nss-3.36.0-9.el6_10.x86_64.rpm | 865 kB 00:00
(4/8): nss-sysinit-3.36.0-9.el6_10.x86_64.rpm | 53 kB
00:00
(5/8): nss-tools-3.36.0-9.el6_10.x86_64.rpm | 460 kB 00:00
(6/8): nss-util-3.36.0-1.el6.x86_64.rpm | 72 kB
00:00
(7/8): puppet-agent-6.7.2-1.el6.x86_64.rpm | 24 MB
00:08
(8/8): puppetserver-6.5.0-1.el6.noarch.rpm | 74 MB
00:23
--------------------------------------------------------------------------------
Total 3.0
MB/s | 132 MB 00:43
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Warning: RPMDB altered outside of yum.
Updating : nspr-4.19.0-1.el6.x86_64 1/15
Updating : nss-util-3.36.0-1.el6.x86_64 2/15
Updating : nss-3.36.0-9.el6_10.x86_64 3/15
Updating : nss-sysinit-3.36.0-9.el6_10.x86_64 4/15
Installing : 1:java-1.8.0-openjdk-headless-1.8.0.222.b10-0.el6_10.x86 5/15
Installing : puppet-agent-6.7.2-1.el6.x86_64 6/15
Installing : puppetserver-6.5.0-1.el6.noarch 7/15
usermod: no changes
Updating : nss-tools-3.36.0-9.el6_10.x86_64 8/15
Erasing : hiera-1.3.4-1.el6.noarch 9/15
Erasing : 1:facter-2.4.6-1.el6.x86_64 10/15
Cleanup : nss-tools-3.27.1-13.el6.x86_64 11/15
Cleanup : nss-3.27.1-13.el6.x86_64 12/15
Cleanup : nss-sysinit-3.27.1-13.el6.x86_64 13/15
Cleanup : nss-util-3.27.1-3.el6.x86_64 14/15
Cleanup : nspr-4.13.1-1.el6.x86_64 15/15
Verifying :
nss-sysinit-3.36.0-9.el6_10.x86_64 1/15
Verifying :
puppet-agent-6.7.2-1.el6.x86_64 2/15
Verifying : 1:java-1.8.0-openjdk-headless-1.8.0.222.b10-0.el6_10.x86 3/15
Verifying :
nss-util-3.36.0-1.el6.x86_64 4/15
Verifying :
puppetserver-6.5.0-1.el6.noarch 5/15
Verifying :
nss-tools-3.36.0-9.el6_10.x86_64 6/15
Verifying :
nspr-4.19.0-1.el6.x86_64 7/15
Verifying :
nss-3.36.0-9.el6_10.x86_64 8/15
Verifying :
nspr-4.13.1-1.el6.x86_64 9/15
Verifying :
nss-3.27.1-13.el6.x86_64 10/15
Verifying :
nss-util-3.27.1-3.el6.x86_64 11/15
Verifying :
1:facter-2.4.6-1.el6.x86_64 12/15
Verifying :
nss-sysinit-3.27.1-13.el6.x86_64 13/15
Verifying :
hiera-1.3.4-1.el6.noarch 14/15
Verifying :
nss-tools-3.27.1-13.el6.x86_64 15/15
Installed:
puppet-agent.x86_64 0:6.7.2-1.el6 puppetserver.noarch 0:6.5.0-1.el6
Dependency Installed:
java-1.8.0-openjdk-headless.x86_64
1:1.8.0.222.b10-0.el6_10
Dependency Updated:
nspr.x86_64
0:4.19.0-1.el6 nss.x86_64 0:3.36.0-9.el6_10
nss-sysinit.x86_64 0:3.36.0-9.el6_10 nss-tools.x86_64 0:3.36.0-9.el6_10
nss-util.x86_64 0:3.36.0-1.el6
Replaced:
facter.x86_64
1:2.4.6-1.el6 hiera.noarch
0:1.3.4-1.el6
Complete!
[root@localhost Desktop]# service puppetmaster statuspuppetmaster: unrecognized
service
[root@localhost Desktop]# service puppetserver statuspuppetserver is stopped
[root@localhost Desktop]# service puppetserver start
Starting puppetserver: [ OK ]
[root@localhost Desktop]# service puppetserver restart
Stopping puppetserver: [ OK ]
Starting puppetserver: [ OK ]
[root@localhost Desktop]# vi
/etc/puppetlabs/puppet/puppet.conf
[root@localhost Desktop]# puppetserver ca setup
bash: puppetserver: command not found
[root@localhost Desktop]# puppetmaster ca setup
bash: puppetmaster: command not found
[root@localhost Desktop]# service puppetserver status
puppetserver (pid
5165) is running...
[root@localhost Desktop]#
(30/38): libstdc++-4.4.7-23.el6.x86_64.rpm
| 296 kB 00:00
(31/38): libstdc++-devel-4.4.7-23.el6.x86_64.rpm
| 1.6
MB 00:00
(32/38): mod_ssl-2.2.15-69.el6.centos.x86_64.rpm
| 99 kB 00:00
(33/38): mpfr-2.4.1-6.el6.x86_64.rpm |
157 kB 00:00
(34/38): openldap-devel-2.4.40-16.el6.x86_64.rpm
| 1.1 MB 00:00
(35/38): openssl-devel-1.0.1e-57.el6.x86_64.rpm
| 1.2 MB 00:00
(36/38): ppl-0.10.2-11.el6.x86_64.rpm |
1.3 MB 00:00
(37/38): ruby-devel-1.8.7.374-5.el6.x86_64.rpm
| 318 kB 00:00
(38/38): zlib-devel-1.2.3-29.el6.x86_64.rpm
| 44 kB 00:00
-------------------------------------------------------------------------------------------------------------------------------------------------------------
Total
2.1 MB/s | 30 MB 00:14
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Updating : libcom_err-1.41.12-24.el6.x86_64
1/50
Updating : libgcc-4.4.7-23.el6.x86_64 2/50
Updating : libstdc++-4.4.7-23.el6.x86_64
3/50
Updating : apr-1.3.9-5.el6_9.1.x86_64
4/50
Installing : apr-devel-1.3.9-5.el6_9.1.x86_64
5/50
Updating : libcurl-7.19.7-53.el6_9.x86_64
6/50
Installing : mpfr-2.4.1-6.el6.x86_64
7/50
Installing : cpp-4.4.7-23.el6.x86_64
8/50
Updating :
httpd-tools-2.2.15-69.el6.centos.x86_64 9/50
Updating : httpd-2.2.15-69.el6.centos.x86_64
10/50
Installing : libstdc++-devel-4.4.7-23.el6.x86_64
11/50
Installing : ppl-0.10.2-11.el6.x86_64
12/50
Installing : cloog-ppl-0.15.7-1.2.el6.x86_64
13/50
Updating : e2fsprogs-libs-1.41.12-24.el6.x86_64 14/50
Installing : libcom_err-devel-1.41.12-24.el6.x86_64
15/50
Updating : libss-1.41.12-24.el6.x86_64
16/50
Installing : libsepol-devel-2.0.41-4.el6.x86_64
17/50
Installing : libselinux-devel-2.0.94-7.el6.x86_64
18/50
Installing : libidn-devel-1.18-2.el6.x86_64 19/50
Installing : cyrus-sasl-devel-2.1.23-15.el6_6.2.x86_64
20/50
Installing : openldap-devel-2.4.40-16.el6.x86_64
21/50
Updating : libgomp-4.4.7-23.el6.x86_64
22/50
Installing : gcc-4.4.7-23.el6.x86_64
23/50
Installing : zlib-devel-1.2.3-29.el6.x86_64
24/50
Installing : autoconf-2.63-5.1.el6.noarch
25/50
Installing : automake-1.11.1-4.el6.noarch
26/50
Installing : expat-devel-2.0.1-13.el6_8.x86_64 27/50
Installing : apr-util-devel-1.3.9-3.el6_0.1.x86_64
28/50
Installing : keyutils-libs-devel-1.4-5.el6.x86_64
29/50
Installing : krb5-devel-1.10.3-65.el6.x86_64
30/50
Installing : openssl-devel-1.0.1e-57.el6.x86_64
31/50
Installing : httpd-devel-2.2.15-69.el6.centos.x86_64
32/50
Installing : libcurl-devel-7.19.7-53.el6_9.x86_64
33/50
Installing : gcc-c++-4.4.7-23.el6.x86_64
34/50
Updating : e2fsprogs-1.41.12-24.el6.x86_64 35/50
Installing : 1:mod_ssl-2.2.15-69.el6.centos.x86_64
36/50
Updating : curl-7.19.7-53.el6_9.x86_64
37/50
Installing : ruby-devel-1.8.7.374-5.el6.x86_64
38/50
Cleanup : e2fsprogs-1.41.12-23.el6.x86_64
39/50
Cleanup : curl-7.19.7-52.el6.x86_64
40/50
Cleanup : httpd-2.2.15-59.el6.centos.x86_64
41/50
Cleanup :
httpd-tools-2.2.15-59.el6.centos.x86_64
42/50
Cleanup : libcurl-7.19.7-52.el6.x86_64 43/50
Cleanup : e2fsprogs-libs-1.41.12-23.el6.x86_64
44/50
Cleanup : libss-1.41.12-23.el6.x86_64
45/50
Cleanup : libstdc++-4.4.7-18.el6.x86_64
46/50
Cleanup : libgcc-4.4.7-18.el6.x86_64
47/50
Cleanup : libcom_err-1.41.12-23.el6.x86_64 48/50
Cleanup : apr-1.3.9-5.el6_2.x86_64
49/50
Cleanup : libgomp-4.4.7-18.el6.x86_64
50/50
Verifying :
e2fsprogs-libs-1.41.12-24.el6.x86_64 1/50
Verifying :
gcc-4.4.7-23.el6.x86_64
2/50
Verifying :
httpd-2.2.15-69.el6.centos.x86_64
3/50
Verifying :
krb5-devel-1.10.3-65.el6.x86_64
4/50
Verifying :
apr-1.3.9-5.el6_9.1.x86_64
5/50
Verifying :
libstdc++-devel-4.4.7-23.el6.x86_64 6/50
Verifying :
automake-1.11.1-4.el6.noarch
7/50
Verifying :
libcom_err-devel-1.41.12-24.el6.x86_64
8/50
Verifying :
keyutils-libs-devel-1.4-5.el6.x86_64
9/50
Verifying :
expat-devel-2.0.1-13.el6_8.x86_64
10/50
Verifying :
mpfr-2.4.1-6.el6.x86_64
11/50
Verifying :
libss-1.41.12-24.el6.x86_64
12/50
Verifying :
openldap-devel-2.4.40-16.el6.x86_64
13/50
Verifying :
autoconf-2.63-5.1.el6.noarch
14/50
Verifying :
zlib-devel-1.2.3-29.el6.x86_64
15/50
Verifying :
ruby-devel-1.8.7.374-5.el6.x86_64
16/50
Verifying :
cloog-ppl-0.15.7-1.2.el6.x86_64
17/50
Verifying :
libgomp-4.4.7-23.el6.x86_64
18/50
Verifying :
gcc-c++-4.4.7-23.el6.x86_64 19/50
Verifying :
openssl-devel-1.0.1e-57.el6.x86_64
20/50
Verifying :
1:mod_ssl-2.2.15-69.el6.centos.x86_64
21/50
Verifying :
cyrus-sasl-devel-2.1.23-15.el6_6.2.x86_64 22/50
Verifying :
libidn-devel-1.18-2.el6.x86_64
23/50
Verifying :
apr-util-devel-1.3.9-3.el6_0.1.x86_64
24/50
Verifying :
apr-devel-1.3.9-5.el6_9.1.x86_64
25/50
Verifying :
libcurl-7.19.7-53.el6_9.x86_64
26/50
Verifying :
ppl-0.10.2-11.el6.x86_64 27/50
Verifying :
httpd-tools-2.2.15-69.el6.centos.x86_64
28/50
Verifying : libcom_err-1.41.12-24.el6.x86_64
29/50
Verifying :
libsepol-devel-2.0.41-4.el6.x86_64
30/50
Verifying :
libcurl-devel-7.19.7-53.el6_9.x86_64
31/50
Verifying :
curl-7.19.7-53.el6_9.x86_64 32/50
Verifying :
libstdc++-4.4.7-23.el6.x86_64
33/50
Verifying :
httpd-devel-2.2.15-69.el6.centos.x86_64
34/50
Verifying :
libselinux-devel-2.0.94-7.el6.x86_64
35/50
Verifying :
cpp-4.4.7-23.el6.x86_64
36/50
Verifying :
libgcc-4.4.7-23.el6.x86_64 37/50
Verifying :
e2fsprogs-1.41.12-24.el6.x86_64
38/50
Verifying :
libcom_err-1.41.12-23.el6.x86_64
39/50
Verifying :
e2fsprogs-libs-1.41.12-23.el6.x86_64
40/50
Verifying :
libcurl-7.19.7-52.el6.x86_64
41/50
Verifying :
libss-1.41.12-23.el6.x86_64
42/50
Verifying :
httpd-tools-2.2.15-59.el6.centos.x86_64
43/50
Verifying :
e2fsprogs-1.41.12-23.el6.x86_64
44/50
Verifying :
libstdc++-4.4.7-18.el6.x86_64
45/50
Verifying :
curl-7.19.7-52.el6.x86_64
46/50
Verifying :
apr-1.3.9-5.el6_2.x86_64
47/50
Verifying :
libgcc-4.4.7-18.el6.x86_64 48/50
Verifying :
libgomp-4.4.7-18.el6.x86_64
49/50
Verifying :
httpd-2.2.15-59.el6.centos.x86_64
50/50
Installed:
automake.noarch
0:1.11.1-4.el6
gcc-c++.x86_64 0:4.4.7-23.el6 httpd-devel.x86_64
0:2.2.15-69.el6.centos
libcurl-devel.x86_64 0:7.19.7-53.el6_9 mod_ssl.x86_64
1:2.2.15-69.el6.centos
openssl-devel.x86_64 0:1.0.1e-57.el6
ruby-devel.x86_64 0:1.8.7.374-5.el6 zlib-devel.x86_64
0:1.2.3-29.el6
Dependency Installed:
apr-devel.x86_64 0:1.3.9-5.el6_9.1 apr-util-devel.x86_64
0:1.3.9-3.el6_0.1
autoconf.noarch 0:2.63-5.1.el6
cloog-ppl.x86_64 0:0.15.7-1.2.el6 cpp.x86_64 0:4.4.7-23.el6
cyrus-sasl-devel.x86_64 0:2.1.23-15.el6_6.2
expat-devel.x86_64 0:2.0.1-13.el6_8 gcc.x86_64 0:4.4.7-23.el6 keyutils-libs-devel.x86_64
0:1.4-5.el6
krb5-devel.x86_64 0:1.10.3-65.el6 libcom_err-devel.x86_64
0:1.41.12-24.el6
libidn-devel.x86_64 0:1.18-2.el6
libselinux-devel.x86_64 0:2.0.94-7.el6 libsepol-devel.x86_64 0:2.0.41-4.el6 libstdc++-devel.x86_64
0:4.4.7-23.el6
mpfr.x86_64
0:2.4.1-6.el6
openldap-devel.x86_64 0:2.4.40-16.el6 ppl.x86_64 0:0.10.2-11.el6
Updated:
httpd.x86_64
0:2.2.15-69.el6.centos
Dependency Updated:
apr.x86_64
0:1.3.9-5.el6_9.1
curl.x86_64 0:7.19.7-53.el6_9
e2fsprogs.x86_64 0:1.41.12-24.el6
e2fsprogs-libs.x86_64 0:1.41.12-24.el6
httpd-tools.x86_64 0:2.2.15-69.el6.centos libcom_err.x86_64 0:1.41.12-24.el6 libcurl.x86_64 0:7.19.7-53.el6_9 libgcc.x86_64 0:4.4.7-23.el6
libgomp.x86_64
0:4.4.7-23.el6 libss.x86_64
0:1.41.12-24.el6 libstdc++.x86_64
0:4.4.7-23.el6
Complete!
[root@localhost signed]# service httpd restart
Stopping httpd:
[ OK ]
Starting httpd:
[ OK ]
[root@localhost signed]# openssl verify -CAfile
ca-bundle.pem $(puppet master --configprint hostcert)
Error loading file ca-bundle.pem
140416490313544:error:02001002:system library:fopen:No such
file or directory:bss_file.c:169:fopen('ca-bundle.pem','r')
140416490313544:error:2006D080:BIO routines:BIO_new_file:no
such file:bss_file.c:172:
140416490313544:error:0B084002:x509 certificate
routines:X509_load_cert_crl_file:system lib:by_file.c:279:
usage: verify [-verbose] [-CApath path] [-CAfile file]
[-trusted_first] [-purpose purpose] [-crl_check] [-attime timestamp] [-engine
e] cert1 cert2 ...
recognized usages:
sslclient SSL client
sslserver SSL server
nssslserver Netscape SSL server
smimesign S/MIME signing
smimeencrypt S/MIME encryption
crlsign CRL signing
any Any Purpose
ocsphelper OCSP helper
timestampsign Time Stamp signing
[root@localhost signed]# cp
/etc/puppetlabs/puppet/ssl/ca/ca_crt.pem
/etc/puppetlabs/puppet/ssl/ca/ca_crt.pem.old
[root@localhost signed]# cp ca-bundle.pem
/etc/puppetlabs/puppet/ssl/ca/ca_crt.pem
cp: cannot stat `ca-bundle.pem': No such file or directory
[root@localhost signed]# cp ca-bundle.pem
/etc/puppetlabs/puppet/ssl/certs/ca.pem
cp: cannot stat `ca-bundle.pem': No such file or directory
[root@localhost signed]# puppet agent -t
Warning: Unable to fetch my node definition, but the agent
run will continue:
Warning: Failed to open TCP connection to
server.itzgeek.local:8140 (Connection refused - connect(2) for
"server.itzgeek.local" port 8140)
Info: Retrieving pluginfacts
Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Failed
to generate additional resources using 'eval_generate': Failed to open TCP
connection to server.itzgeek.local:8140 (Connection refused - connect(2) for
"server.itzgeek.local" port 8140)
Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Could
not evaluate: Could not retrieve file metadata for puppet:///pluginfacts:
Failed to open TCP connection to server.itzgeek.local:8140 (Connection refused
- connect(2) for "server.itzgeek.local" port 8140)
Info: Retrieving plugin
Error: /File[/opt/puppetlabs/puppet/cache/lib]: Failed to
generate additional resources using 'eval_generate': Failed to open TCP
connection to server.itzgeek.local:8140 (Connection refused - connect(2) for
"server.itzgeek.local" port 8140)
Error: /File[/opt/puppetlabs/puppet/cache/lib]: Could not
evaluate: Could not retrieve file metadata for puppet:///plugins: Failed to
open TCP connection to server.itzgeek.local:8140 (Connection refused -
connect(2) for "server.itzgeek.local" port 8140)
Error: Could not retrieve catalog from remote server: Failed
to open TCP connection to server.itzgeek.local:8140 (Connection refused -
connect(2) for "server.itzgeek.local" port 8140)
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Error: Could not send report: Failed to open TCP connection
to server.itzgeek.local:8140 (Connection refused - connect(2) for
"server.itzgeek.local" port 8140)
[root@localhost signed]# puppet cert generate
This command is no longer functional, please use
`puppetserver ca` instead.
puppet-cert(8) -- Manage certificates and requests
(Disabled)
========
ACTIONS
-------
Every action except 'list' and 'generate' requires a
hostname to act on,
unless the '--all' option is set.
* clean:
Use `puppetserver ca
clean --certname NAME[,NAME...]`
* fingerprint:
Use openssl directly:
`openssl x509 -noout
-fingerprint -<digest> -inform pem -in certificate.crt`
* generate:
Use `puppetserver ca
generate --certname NAME[,NAME...]`
* list:
Use `puppetserver ca
list [--all]`
* print:
Use openssl
directly:
`openssl x509 -noout
-text -in certificate.pem`
* revoke:
Use `puppetserver ca
revoke --certname NAME[,NAME...]`
* sign:
Use `puppetserver ca
sign --certname NAME[,NAME...]`
* verify:
Use `puppet ssl
verify [--certname NAME]`
* reinventory:
Removed.
OPTIONS
-------
There are a couple important notes about
previously-supported options.
* --allow-dns-alt-names:
In order to sign
certificates with subject alternative names using
`puppetserver ca
sign`, the `allow-subject-alt-names` setting must be
set to true in the `certificate-authority` section of Puppet
Server's
config.
* --allow-authorization-extensions:
In order to sign
certificates with authorization extensions using
`puppetserver ca
sign`, the `allow-authorization-extensions` setting must be
set to true in the `certificate-authority` section of Puppet
Server's
config.
[root@localhost signed]# puppet cert --sign client.itzgeek.local
This command is no longer functional, please use
`puppetserver ca` instead.
puppet-cert(8) -- Manage certificates and requests
(Disabled)
========
ACTIONS
-------
Every action except 'list' and 'generate' requires a
hostname to act on,
unless the '--all' option is set.
* clean:
Use `puppetserver ca
clean --certname NAME[,NAME...]`
* fingerprint:
Use openssl
directly:
`openssl x509 -noout
-fingerprint -<digest> -inform pem -in certificate.crt`
* generate:
Use `puppetserver ca
generate --certname NAME[,NAME...]`
* list:
Use `puppetserver ca
list [--all]`
* print:
Use openssl
directly:
`openssl x509 -noout
-text -in certificate.pem`
* revoke:
Use `puppetserver ca
revoke --certname NAME[,NAME...]`
* sign:
Use `puppetserver ca
sign --certname NAME[,NAME...]`
* verify:
Use `puppet ssl
verify [--certname NAME]`
* reinventory:
Removed.
OPTIONS
-------
There are a couple important notes about
previously-supported options.
* --allow-dns-alt-names:
In order to sign
certificates with subject alternative names using
`puppetserver ca
sign`, the `allow-subject-alt-names` setting must be
set to true in the `certificate-authority` section of Puppet
Server's
config.
* --allow-authorization-extensions:
In order to sign
certificates with authorization extensions using
`puppetserver ca
sign`, the `allow-authorization-extensions` setting must be
set to true in the `certificate-authority` section of Puppet
Server's
config.
[root@localhost signed]# puppetserver ca list
Fatal error when running action 'list'
Error: Failed
connecting to
https://server.itzgeek.local:8140/puppet-ca/v1/certificate_statuses/any_key
Root cause: Failed
to open TCP connection to server.itzgeek.local:8140 (Connection refused -
connect(2) for "server.itzgeek.local" port 8140)
[root@localhost signed]#
puppet agent --test
Warning: Unable to fetch my node definition, but the agent
run will continue:
Warning: Failed to open TCP connection to
server.itzgeek.local:8140 (Connection refused - connect(2) for
"server.itzgeek.local" port 8140)
Info: Retrieving pluginfacts
Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Failed
to generate additional resources using 'eval_generate': Failed to open TCP
connection to server.itzgeek.local:8140 (Connection refused - connect(2) for
"server.itzgeek.local" port 8140)
Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Could
not evaluate: Could not retrieve file metadata for puppet:///pluginfacts:
Failed to open TCP connection to server.itzgeek.local:8140 (Connection refused
- connect(2) for "server.itzgeek.local" port 8140)
Info: Retrieving plugin
Error: /File[/opt/puppetlabs/puppet/cache/lib]: Failed to
generate additional resources using 'eval_generate': Failed to open TCP
connection to server.itzgeek.local:8140 (Connection refused - connect(2) for
"server.itzgeek.local" port 8140)
Error: /File[/opt/puppetlabs/puppet/cache/lib]: Could not
evaluate: Could not retrieve file metadata for puppet:///plugins: Failed to
open TCP connection to server.itzgeek.local:8140 (Connection refused -
connect(2) for "server.itzgeek.local" port 8140)
Error: Could not retrieve catalog from remote server: Failed
to open TCP connection to server.itzgeek.local:8140 (Connection refused -
connect(2) for "server.itzgeek.local" port 8140)
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Error: Could not send report: Failed to open TCP connection
to server.itzgeek.local:8140 (Connection refused - connect(2) for
"server.itzgeek.local" port 8140)
[root@localhost signed]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp --
anywhere anywhere tcp dpt:8140
ACCEPT all --
anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp
-- anywhere anywhere
ACCEPT all --
anywhere anywhere
ACCEPT tcp --
anywhere anywhere state NEW tcp dpt:ssh
REJECT all --
anywhere anywhere reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt
source destination
REJECT all --
anywhere anywhere reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt
source destination
[root@localhost signed]# service iptables stop
iptables: Setting chains to policy ACCEPT: filter [
OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules:
[ OK ]
[root@localhost signed]#
puppet agent --test
Warning: Unable to fetch my node definition, but the agent
run will continue:
Warning: Failed to open TCP connection to
server.itzgeek.local:8140 (Connection refused - connect(2) for
"server.itzgeek.local" port 8140)
Info: Retrieving pluginfacts
Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Failed
to generate additional resources using 'eval_generate': Failed to open TCP
connection to server.itzgeek.local:8140 (Connection refused - connect(2) for
"server.itzgeek.local" port 8140)
Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Could
not evaluate: Could not retrieve file metadata for puppet:///pluginfacts:
Failed to open TCP connection to server.itzgeek.local:8140 (Connection refused
- connect(2) for "server.itzgeek.local" port 8140)
Info: Retrieving plugin
Error: /File[/opt/puppetlabs/puppet/cache/lib]: Failed to
generate additional resources using 'eval_generate': Failed to open TCP
connection to server.itzgeek.local:8140 (Connection refused - connect(2) for
"server.itzgeek.local" port 8140)
Error: /File[/opt/puppetlabs/puppet/cache/lib]: Could not
evaluate: Could not retrieve file metadata for puppet:///plugins: Failed to
open TCP connection to server.itzgeek.local:8140 (Connection refused -
connect(2) for "server.itzgeek.local" port 8140)
Error: Could not retrieve catalog from remote server: Failed
to open TCP connection to server.itzgeek.local:8140 (Connection refused -
connect(2) for "server.itzgeek.local" port 8140)
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Error: Could not send report: Failed to open TCP connection
to server.itzgeek.local:8140 (Connection refused - connect(2) for
"server.itzgeek.local" port 8140)
[root@localhost signed]#
ps aux | grep puppet
root 31598 0.0
0.0 103332 852 pts/1 S+
14:21 0:00 grep puppet
[root@localhost signed]#
telnet server.itzgeek.local 8140
Trying 192.168.45.133...
telnet: connect to address 192.168.45.133: Connection
refused
[root@localhost signed]# service puppetserver start
Starting puppetserver: [ OK ]
[root@localhost signed]# puppet cert sign
server.itzgeek.local
This command is no longer functional, please use `puppetserver
ca` instead.
puppet-cert(8) -- Manage certificates and requests
(Disabled)
========
ACTIONS
-------
Every action except 'list' and 'generate' requires a
hostname to act on,
unless the '--all' option is set.
* clean:
Use `puppetserver ca
clean --certname NAME[,NAME...]`
* fingerprint:
Use openssl
directly:
`openssl x509 -noout
-fingerprint -<digest> -inform pem -in certificate.crt`
* generate:
Use `puppetserver ca
generate --certname NAME[,NAME...]`
* list:
Use `puppetserver ca
list [--all]`
* print:
Use openssl
directly:
`openssl x509 -noout
-text -in certificate.pem`
* revoke:
Use `puppetserver ca
revoke --certname NAME[,NAME...]`
* sign:
Use `puppetserver ca
sign --certname NAME[,NAME...]`
* verify:
Use `puppet ssl
verify [--certname NAME]`
* reinventory:
Removed.
OPTIONS
-------
There are a couple important notes about
previously-supported options.
* --allow-dns-alt-names:
In order to sign
certificates with subject alternative names using
`puppetserver ca
sign`, the `allow-subject-alt-names` setting must be
set to true in the `certificate-authority` section of Puppet
Server's
config.
* --allow-authorization-extensions:
In order to sign
certificates with authorization extensions using
`puppetserver ca
sign`, the `allow-authorization-extensions` setting must be
set to true in the `certificate-authority` section of Puppet
Server's
config.
[root@localhost signed]# puppetserver ca list
No certificates to list
[root@localhost signed]# puppetserver ca sign
client.itzgeek.local
Error:
Unknown input
`client.itzgeek.local`
No arguments given
Usage:
puppetserver ca sign [--help]
puppetserver ca sign [--config] --certname NAME[,NAME]
puppetserver ca sign
--all
Description:
Given a comma-separated
list of valid certnames, instructs the CA to sign
each cert.
Options:
--certname
NAME[,NAME] the name(s) of the
cert(s) to be signed
--config
CONF Custom path to
Puppet's config file
--help Display this command-specific help
output
--all Operate on all
certnames
[root@localhost signed]# puppet cert sign client.itzgeek.local
This command is no longer functional, please use
`puppetserver ca` instead.
puppet-cert(8) -- Manage certificates and requests
(Disabled)
========
ACTIONS
-------
Every action except 'list' and 'generate' requires a
hostname to act on,
unless the '--all' option is set.
* clean:
Use `puppetserver ca
clean --certname NAME[,NAME...]`
* fingerprint:
Use openssl
directly:
`openssl x509 -noout
-fingerprint -<digest> -inform pem -in certificate.crt`
* generate:
Use `puppetserver ca
generate --certname NAME[,NAME...]`
* list:
Use `puppetserver ca
list [--all]`
* print:
Use openssl
directly:
`openssl x509 -noout
-text -in certificate.pem`
* revoke:
Use `puppetserver ca
revoke --certname NAME[,NAME...]`
* sign:
Use `puppetserver ca
sign --certname NAME[,NAME...]`
* verify:
Use `puppet ssl
verify [--certname NAME]`
* reinventory:
Removed.
OPTIONS
-------
There are a couple important notes about
previously-supported options.
* --allow-dns-alt-names:
In order to sign
certificates with subject alternative names using
`puppetserver ca
sign`, the `allow-subject-alt-names` setting must be
set to true in the `certificate-authority` section of Puppet
Server's
config.
* --allow-authorization-extensions:
In order to sign
certificates with authorization extensions using
`puppetserver ca
sign`, the `allow-authorization-extensions` setting must be
set to true in the `certificate-authority` section of Puppet
Server's
config.
[root@localhost signed]# puppetserver ca list
Requested Certificates:
client.itzgeek.local (SHA256)
6E:72:96:CA:E2:A7:B5:31:24:AE:70:85:4B:93:90:2E:E6:9A:E3:C1:21:40:0E:E1:DD:C0:1C:17:D1:6D:40:55
[root@localhost signed]# yum
--enablerepo=puppetlabs,ruby,epel install puppet-dashboard
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Install Process
Loading mirror speeds from cached hostfile
* base:
centos.excellmedia.net
* extras:
centos.excellmedia.net
* updates:
centos.excellmedia.net
Nothing to do
[root@localhost signed]# service puppet-dashboard start
Starting Puppet Dashboard: => Booting WEBrick
=> Rails 2.3.12 application starting on
http://0.0.0.0:3000
[FAILED]
[root@localhost signed]# service puppet-dashboard restart
Stopping Puppet Dashboard: [ OK ]
Starting Puppet Dashboard: => Booting WEBrick
=> Rails 2.3.12 application starting on
http://0.0.0.0:3000
[FAILED]
[root@localhost signed]#
[root@localhost Desktop]# puppetserver ca list
Fatal error when running action 'list'
Error: Failed
connecting to https://puppet:8140/puppet-ca/v1/certificate_statuses/any_key
Root cause: Failed
to open TCP connection to puppet:8140 (getaddrinfo: Temporary failure in name
resolution)
[root@localhost Desktop]# iptables -I INPUT -p tcp -m tcp
--dport 8140 -j ACCEPT
[root@localhost Desktop]# service iptables save
iptables: Saving firewall rules to
/etc/sysconfig/iptables:[ OK ]
[root@localhost Desktop]# service iptables restart
iptables: Setting chains to policy ACCEPT: filter [
OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
iptables: Applying firewall rules: [
OK ]
[root@localhost Desktop]#
iptables -L
Chain INPUT (policy ACCEPT)
target prot opt
source destination
ACCEPT tcp --
anywhere anywhere tcp dpt:8140
ACCEPT all --
anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp
-- anywhere anywhere
ACCEPT all --
anywhere anywhere
ACCEPT tcp --
anywhere anywhere state NEW tcp dpt:ssh
REJECT all --
anywhere anywhere reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt
source destination
REJECT all --
anywhere anywhere reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt
source destination
[root@localhost Desktop]# puppetserver ca listFatal error
when running action 'list'
Error: Failed
connecting to https://puppet:8140/puppet-ca/v1/certificate_statuses/any_key
Root cause: Failed
to open TCP connection to puppet:8140 (getaddrinfo: Temporary failure in name
resolution)
[root@localhost Desktop]# service ip6tables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT all
::/0 ::/0 state RELATED,ESTABLISHED
2 ACCEPT icmpv6
::/0 ::/0
3 ACCEPT all
::/0 ::/0
4 ACCEPT udp
::/0
fe80::/64 state NEW udp
dpt:546
5 ACCEPT tcp
::/0 ::/0 state NEW tcp dpt:22
6 REJECT all
::/0 ::/0 reject-with
icmp6-adm-prohibited
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
1 REJECT all
::/0 ::/0 reject-with icmp6-adm-prohibited
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
[root@localhost Desktop]# service ip6tables stop
ip6tables: Setting chains to policy ACCEPT: filter [
OK ]
ip6tables: Flushing firewall rules: [ OK ]
ip6tables: Unloading modules: [ OK ]
[root@localhost Desktop]# chkconfig ip6tables off
[root@localhost Desktop]# puppetserver ca list
Fatal error when running action 'list'
Error: Failed
connecting to https://puppet:8140/puppet-ca/v1/certificate_statuses/any_key
Root cause: Failed
to open TCP connection to puppet:8140 (getaddrinfo: Temporary failure in name
resolution)
[root@localhost Desktop]# vi /etc/hosts
[root@localhost Desktop]# hostname puppet
[root@localhost Desktop]# puppetserver ca list
Fatal error when running action 'list'
Error: Could not
find 'hostcert' at '/etc/puppetlabs/puppet/ssl/certs/puppet.localdomain.pem'
[root@localhost Desktop]# yum install
http://dl.marmotte.net/rpms/redhat/el6/x86_64/puppet-dashboard-1.2.5-1.el6/puppet-dashboard-1.2.5-1.el6.noarch.rpm
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Install Process
puppet-dashboard-1.2.5-1.el6.noarch.rpm | 4.8 MB 00:03
Examining
/var/tmp/yum-root-biHpBz/puppet-dashboard-1.2.5-1.el6.noarch.rpm:
puppet-dashboard-1.2.5-1.el6.noarch
Marking
/var/tmp/yum-root-biHpBz/puppet-dashboard-1.2.5-1.el6.noarch.rpm to be
installed
Loading mirror speeds from cached hostfile
* base:
centos.excellmedia.net
* extras:
centos.excellmedia.net
* updates:
centos.excellmedia.net
Resolving Dependencies
--> Running transaction check
---> Package puppet-dashboard.noarch 0:1.2.5-1.el6 will
be installed
-->Processing Dependency: ruby-mysql for package:
puppet-dashboard-1.2.5-1.el6.noarch
--> Processing Dependency: rubygem(rake) for package:
puppet-dashboard-1.2.5-1.el6.noarch
--> Running transaction check
---> Package puppet-dashboard.noarch 0:1.2.5-1.el6 will
be installed
-->Processing Dependency: ruby-mysql for package:
puppet-dashboard-1.2.5-1.el6.noarch
---> Package rubygem-rake.noarch 0:0.8.7-2.1.el6 will be
installed
--> Finished Dependency Resolution
Error: Package: puppet-dashboard-1.2.5-1.el6.noarch (/puppet-dashboard-1.2.5-1.el6.noarch)
Requires:
ruby-mysql
You could try using
--skip-broken to work around the problem
You could try
running: rpm -Va --nofiles --nodigest
[root@localhost Desktop]# yum install
http://dl.marmotte.net/rpms/redhat/el6/x86_64/puppet-dashboard-1.2.5-1.el6/puppet-dashboard-1.2.5-1.el6.noarch.rpm
ruby-mysql
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Install Process
puppet-dashboard-1.2.5-1.el6.noarch.rpm | 4.8 MB 00:01
Examining
/var/tmp/yum-root-biHpBz/puppet-dashboard-1.2.5-1.el6.noarch.rpm:
puppet-dashboard-1.2.5-1.el6.noarch
Marking
/var/tmp/yum-root-biHpBz/puppet-dashboard-1.2.5-1.el6.noarch.rpm to be
installed
Loading mirror speeds from cached hostfile
* base:
centos.excellmedia.net
* extras:
centos.excellmedia.net
* updates:
centos.excellmedia.net
No package ruby-mysql available.
Resolving Dependencies
--> Running transaction check
---> Package puppet-dashboard.noarch 0:1.2.5-1.el6 will
be installed
-->Processing Dependency: ruby-mysql for package:
puppet-dashboard-1.2.5-1.el6.noarch
--> Processing Dependency: rubygem(rake) for package:
puppet-dashboard-1.2.5-1.el6.noarch
--> Running transaction check
---> Package puppet-dashboard.noarch 0:1.2.5-1.el6 will be
installed
-->Processing Dependency: ruby-mysql for package:
puppet-dashboard-1.2.5-1.el6.noarch
---> Package rubygem-rake.noarch 0:0.8.7-2.1.el6 will be
installed
--> Finished Dependency Resolution
Error: Package: puppet-dashboard-1.2.5-1.el6.noarch (/puppet-dashboard-1.2.5-1.el6.noarch)
Requires:
ruby-mysql
You could try using
--skip-broken to work around the problem
You could try
running: rpm -Va --nofiles --nodigest
[root@localhost Desktop]# yum install
http://dl.marmotte.net/rpms/redhat/el6/x86_64/puppet-dashboard-1.2.5-1.el6/puppet-dashboard-1.2.5-1.el6.noarch.rpm
http://download-ib01.fedoraproject.org/pub/epel/6/x86_64/Packages/r/ruby-mysql-2.8.2-1.el6.x86_64.rpm
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Install Process
puppet-dashboard-1.2.5-1.el6.noarch.rpm | 4.8 MB 00:01
Examining
/var/tmp/yum-root-biHpBz/puppet-dashboard-1.2.5-1.el6.noarch.rpm:
puppet-dashboard-1.2.5-1.el6.noarch
Marking /var/tmp/yum-root-biHpBz/puppet-dashboard-1.2.5-1.el6.noarch.rpm
to be installed
Loading mirror speeds from cached hostfile
* base:
centos.excellmedia.net
* extras:
centos.excellmedia.net
* updates:
centos.excellmedia.net
ruby-mysql-2.8.2-1.el6.x86_64.rpm | 45 kB
00:00
Examining
/var/tmp/yum-root-biHpBz/ruby-mysql-2.8.2-1.el6.x86_64.rpm:
ruby-mysql-2.8.2-1.el6.x86_64
Marking
/var/tmp/yum-root-biHpBz/ruby-mysql-2.8.2-1.el6.x86_64.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package puppet-dashboard.noarch 0:1.2.5-1.el6 will
be installed
--> Processing Dependency: rubygem(rake) for package:
puppet-dashboard-1.2.5-1.el6.noarch
---> Package ruby-mysql.x86_64 0:2.8.2-1.el6 will be
installed
--> Running transaction check
---> Package rubygem-rake.noarch 0:0.8.7-2.1.el6 will be
installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch
Version Repository Size
================================================================================
Installing:
puppet-dashboard
noarch 1.2.5-1.el6
/puppet-dashboard-1.2.5-1.el6.noarch
82 M
ruby-mysql x86_64
2.8.2-1.el6
/ruby-mysql-2.8.2-1.el6.x86_64
143 k
Installing for dependencies:
rubygem-rake noarch
0.8.7-2.1.el6 base 404 k
Transaction Summary
================================================================================
Install 3
Package(s)
Total size: 83 M
Total download size: 404 k
Installed size: 84 M
Is this ok [y/N]: y
Downloading Packages:
rubygem-rake-0.8.7-2.1.el6.noarch.rpm | 404 kB 00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : ruby-mysql-2.8.2-1.el6.x86_64 1/3
Installing : rubygem-rake-0.8.7-2.1.el6.noarch 2/3
Installing : puppet-dashboard-1.2.5-1.el6.noarch 3/3
Verifying :
rubygem-rake-0.8.7-2.1.el6.noarch 1/3
Verifying :
puppet-dashboard-1.2.5-1.el6.noarch 2/3
Verifying :
ruby-mysql-2.8.2-1.el6.x86_64 3/3
Installed:
puppet-dashboard.noarch 0:1.2.5-1.el6 ruby-mysql.x86_64 0:2.8.2-1.el6
Dependency Installed:
rubygem-rake.noarch 0:0.8.7-2.1.el6
Complete!
[root@localhost Desktop]# puppet agent -t
Warning: Unable to fetch my node definition, but the agent
run will continue:
Warning: certificate verify failed [unable to get local
issuer certificate for CN=puppet.localdomain]
Info: Retrieving pluginfacts
Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Failed
to generate additional resources using 'eval_generate': certificate verify
failed [unable to get local issuer certificate for CN=puppet.localdomain]
Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Could
not evaluate: Could not retrieve file metadata for puppet:///pluginfacts:
certificate verify failed [unable to get local issuer certificate for
CN=puppet.localdomain]
Info: Retrieving plugin
Error: /File[/opt/puppetlabs/puppet/cache/lib]: Failed to
generate additional resources using 'eval_generate': certificate verify failed
[unable to get local issuer certificate for CN=puppet.localdomain]
Error: /File[/opt/puppetlabs/puppet/cache/lib]: Could not
evaluate: Could not retrieve file metadata for puppet:///plugins: certificate
verify failed [unable to get local issuer certificate for
CN=puppet.localdomain]
Error: Could not retrieve catalog from remote server:
certificate verify failed [unable to get local issuer certificate for
CN=puppet.localdomain]
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Error: Could not send report: certificate verify failed
[unable to get local issuer certificate for CN=puppet.localdomain]
You have mail in /var/spool/mail/root
[root@localhost Desktop]# hostname -f
server.itzgeek.local
[root@localhost Desktop]# source
/etc/profile.d/puppet-agent.sh
[root@localhost Desktop]# puppetserver ca list
Fatal error when running action 'list'
Error: Failed
connecting to
https://server.itzgeek.local:8140/puppet-ca/v1/certificate_statuses/any_key
Root cause:
SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable
to get local issuer certificate)
[root@localhost Desktop]# puppet resource service
puppetmaster ensure=running enable=true
Error: Could not start Service[puppetmaster]: Execution of
'/sbin/service puppetmaster start' returned 1: puppetmaster: unrecognized
service
Error: /Service[puppetmaster]/ensure: change from 'stopped'
to 'running' failed: Could not start Service[puppetmaster]: Execution of
'/sbin/service puppetmaster start' returned 1: puppetmaster: unrecognized
service
service { 'puppetmaster':
ensure => 'stopped',
enable => 'false',
}
[root@localhost Desktop]# puppet resource service
puppetserver ensure=running enable=true
service { 'puppetserver':
ensure => 'running',
enable => 'true',
}
[root@localhost Desktop]# gem install rack passenger
ERROR: Error
installing rack:
rack
requires Ruby version >= 2.2.2.
ERROR: Error
installing passenger:
rack
requires Ruby version >= 2.2.2.
[root@localhost Desktop]# passenger–install–apache2–module^C
[root@localhost Desktop]#
vim/etc/httpd/conf.d/puppetmaster.conf
bash: vim/etc/httpd/conf.d/puppetmaster.conf: No such file
or directory
[root@localhost Desktop]# vim
/etc/httpd/conf.d/puppetmaster.conf
[root@localhost Desktop]# /etc/init.d/puppetmasterd stop
bash: /etc/init.d/puppetmasterd: No such file or directory
[root@localhost Desktop]# /etc/init.d/httpd start
Starting httpd:
[root@localhost Desktop]# /etc/init.d/puppetserver stop
Stopping puppetserver: [ OK ]
[root@localhost Desktop]# /etc/init.d/httpd start
Starting httpd:
[root@localhost Desktop]# netstat–ln|grep8140
bash: grep8140: command not found
bash: netstat–ln: command not found
[root@localhost Desktop]# netstat –ln|grep 8140
usage: netstat [-veenNcCF] [<Af>] -r netstat {-V|--version|-h|--help}
netstat [-vnNcaeol] [<Socket> ...]
netstat { [-veenNac] -I[<Iface>] | [-veenNac] -i |
[-cnNe] -M | -s } [delay]
-r,
--route display routing
table
-I,
--interfaces=<Iface> display
interface table for <Iface>
-i,
--interfaces display interface
table
-g, --groups display multicast group
memberships
-s,
--statistics display networking
statistics (like SNMP)
-M,
--masquerade display
masqueraded connections
-v,
--verbose be verbose
-n, --numeric don't resolve names
--numeric-hosts don't
resolve host names
--numeric-ports don't
resolve port names
--numeric-users don't
resolve user names
-N,
--symbolic resolve hardware names
-e,
--extend display other/more
information
-p,
--programs display
PID/Program name for sockets
-c,
--continuous continuous listing
-l,
--listening display listening
server sockets
-a, --all,
--listening display all sockets
(default: connected)
-o,
--timers display timers
-F, --fib display Forwarding
Information Base (default)
-C, --cache display routing cache instead
of FIB
-T,
--notrim stop trimming long
addresses
-Z,
--context display SELinux
security context for sockets
<Iface>: Name of interface to monitor/list.
<Socket>={-t|--tcp} {-u|--udp} {-S|--sctp} {-w|--raw}
{-x|--unix} --ax25 --ipx --netrom
<AF>=Use '-A <af>' or '--<af>'; default:
inet
List of possible
address families (which support routing):
inet (DARPA Internet) inet6 (IPv6) ax25 (AMPR AX.25)
netrom (AMPR NET/ROM) ipx (Novell IPX) ddp (Appletalk DDP)
x25 (CCITT X.25)
[root@localhost Desktop]# netstat |grep 8140
[root@localhost Desktop]# puppet cert list
This command is no longer functional, please use
`puppetserver ca` instead.
puppet-cert(8) -- Manage certificates and requests
(Disabled)
========
ACTIONS
-------
Every action except 'list' and 'generate' requires a
hostname to act on,
unless the '--all' option is set.
* clean:
Use `puppetserver ca
clean --certname NAME[,NAME...]`
* fingerprint:
Use openssl
directly:
`openssl x509 -noout
-fingerprint -<digest> -inform pem -in certificate.crt`
* generate:
Use `puppetserver ca
generate --certname NAME[,NAME...]`
* list:
Use `puppetserver ca
list [--all]`
* print:
Use openssl
directly:
`openssl x509 -noout -text -in
certificate.pem`
* revoke:
Use `puppetserver ca
revoke --certname NAME[,NAME...]`
* sign:
Use `puppetserver ca
sign --certname NAME[,NAME...]`
* verify:
Use `puppet ssl
verify [--certname NAME]`
* reinventory:
Removed.
OPTIONS
-------
There are a couple important notes about
previously-supported options.
* --allow-dns-alt-names:
In order to sign
certificates with subject alternative names using
`puppetserver ca
sign`, the `allow-subject-alt-names` setting must be
set to true in the `certificate-authority` section of Puppet
Server's
config.
* --allow-authorization-extensions:
In order to sign
certificates with authorization extensions using
`puppetserver ca
sign`, the `allow-authorization-extensions` setting must be
set to true in the `certificate-authority` section of Puppet
Server's
config.
[root@localhost Desktop]# puppet master options
Error: Unknown Puppet subcommand 'master'
See 'puppet help' for help on available puppet subcommands
[root@localhost Desktop]# puppet server options
Error: Unknown Puppet subcommand 'server'
See 'puppet help' for help on available puppet subcommands
[root@localhost Desktop]# puppet help
Usage: puppet <subcommand> [options] <action>
[options]
Available subcommands:
Common:
agent The
puppet agent daemon
apply
Apply Puppet manifests locally
config
Interact with Puppet's settings.
help
Display Puppet help.
lookup
Interactive Hiera lookup
module
Creates, installs and searches for modules on the Puppet Forge.
resource The
resource abstraction layer shell
Specialized:
catalog
Compile, save, view, and convert catalogs.
describe
Display help about resource types
device
Manage remote network devices
doc
Generate Puppet references
epp
Interact directly with the EPP template parser/renderer.
facts
Retrieve and store facts.
filebucket
Store and retrieve files in a filebucket
generate
Generates Puppet code from Ruby definitions.
node View
and manage node definitions.
parser
Interact directly with the parser.
script Run
a puppet manifests as a script without compiling a catalog
ssl
Manage SSL keys and certificates for puppet SSL clients
See 'puppet help <subcommand><action>' for help
on a specific subcommand action.
See 'puppet help <subcommand>' for help on a specific
subcommand.
Puppet v6.7.2
[root@localhost Desktop]# puppet master options
Error: Unknown Puppet subcommand 'master'
See 'puppet help' for help on available puppet subcommands
[root@localhost Desktop]# ps aux | grep puppet
puppet 31630 66.0
25.9 4341364 1013616 ? Sl 14:22
2:11 /usr/bin/java -Xms2g -Xmx2g
-Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger
-Djava.security.egd=file:/dev/urandom -XX:OnOutOfMemoryError=kill -9 %p -cp
/opt/puppetlabs/server/apps/puppetserver/puppet-server-release.jar:/opt/puppetlabs/server/data/puppetserver/jars/*
clojure.main -m puppetlabs.trapperkeeper.main --config
/etc/puppetlabs/puppetserver/conf.d --bootstrap-config
/etc/puppetlabs/puppetserver/services.d/,/opt/puppetlabs/server/apps/puppetserver/config/services.d/
--restart-file /opt/puppetlabs/server/data/puppetserver/restartcounter
root 32057 0.0
0.0 103332 852 pts/2 S+
14:25 0:00 grep puppet
[root@localhost Desktop]#
login as: root
root@192.168.45.134's password:
[root@localhost ~]# rpm -ivh
https://yum.puppetlabs.com/puppet-release-el-6.noarch.rpm
Retrieving
https://yum.puppetlabs.com/puppet-release-el-6.noarch.rpm
warning: /var/tmp/rpm-tmp.YYcGuK: Header V4 RSA/SHA256
Signature, key ID ef8d349f: NOKEY
Preparing...
########################################### [100%]
1:puppet-release
########################################### [100%]
[root@localhost ~]# yum install -y puppet-agent
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Install Process
Determining fastest mirrors
* base:
centos.mirrors.estointernet.in
* extras:
centos.mirrors.estointernet.in
* updates:
centos.mirrors.estointernet.in
puppet
| 2.5 kB 00:00
puppet/primary_db | 147
kB 00:00
Resolving Dependencies
--> Running transaction check
---> Package puppet-agent.x86_64 0:6.7.2-1.el6 will be
installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
puppet-agent
x86_64 6.7.2-1.el6 puppet 24 M
Transaction Summary
================================================================================
Install 1
Package(s)
Total download size: 24 M
Installed size: 101 M
Downloading Packages:
puppet-agent-6.7.2-1.el6.x86_64.rpm | 24 MB
00:07
warning: rpmts_HdrFromFdno: Header V4 RSA/SHA256 Signature,
key ID ef8d349f: NOKEY
Retrieving key from
file:///etc/pki/rpm-gpg/RPM-GPG-KEY-puppet-release
Importing GPG key 0xEF8D349F:
Userid : Puppet, Inc. Release Key (Puppet, Inc. Release Key)
<release@puppet.com>
Package:
puppet-release-1.0.0-7.el6.noarch (installed)
From :
/etc/pki/rpm-gpg/RPM-GPG-KEY-puppet-release
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Warning: RPMDB altered outside of yum.
Installing : puppet-agent-6.7.2-1.el6.x86_64 1/1
Verifying :
puppet-agent-6.7.2-1.el6.x86_64 1/1
Installed:
puppet-agent.x86_64 0:6.7.2-1.el6
Complete!
[root@localhost ~]# puppet resource service puppet
ensure=running enable=true
-bash: puppet: command not found
[root@localhost ~]# service puppet-agent status
puppet-agent: unrecognized service
[root@localhost ~]# service puppet status
puppet is stopped
[root@localhost ~]# service puppet start
Starting puppet agent: [ OK ]
[root@localhost ~]# puppet resource service puppet
ensure=running enable=true
-bash: puppet: command not found
[root@localhost ~]# puppetserver ca listpuppetserver ca list
-bash: puppetserver: command not found
[root@localhost ~]# puppetserver ca list
-bash: puppetserver: command not found
[root@localhost ~]# vi /etc/puppetlabs/puppet/puppet.conf
[root@localhost ~]# puppetserver ca list
-bash: puppetserver: command not found
[root@localhost ~]# yum install telnet
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Install Process
Loading mirror speeds from cached hostfile
* base:
centos.mirrors.estointernet.in
* extras:
centos.mirrors.estointernet.in
* updates:
centos.mirrors.estointernet.in
Resolving Dependencies
--> Running transaction check
---> Package telnet.x86_64 1:0.17-48.el6 will be
installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
telnet
x86_64
1:0.17-48.el6 base 58 k
Transaction Summary
================================================================================
Install 1
Package(s)
Total download size: 58 k
Installed size: 109 k
Is this ok [y/N]: y
Downloading Packages:
telnet-0.17-48.el6.x86_64.rpm | 58 kB
00:00
warning: rpmts_HdrFromFdno: Header V3 RSA/SHA1 Signature,
key ID c105b9de: NOKEY
Retrieving key from
file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
Importing GPG key 0xC105B9DE:
Userid : CentOS-6 Key (CentOS 6 Official Signing Key)
<centos-6-key@centos.org>
Package:
centos-release-6-9.el6.12.3.x86_64 (@anaconda-CentOS-201703281317.x86_64/6.9)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
Is this ok [y/N]: y
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : 1:telnet-0.17-48.el6.x86_64 1/1
Verifying :
1:telnet-0.17-48.el6.x86_64 1/1
Installed:
telnet.x86_64
1:0.17-48.el6
Complete!
[root@localhost ~]# service iptables of
Usage: iptables {start|stop|reload|restart|condrestart|status|panic|save}
[root@localhost ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT all
-- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
2 ACCEPT icmp --
0.0.0.0/0 0.0.0.0/0
3 ACCEPT all
-- 0.0.0.0/0 0.0.0.0/0
4 ACCEPT tcp
-- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
5 REJECT all
-- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
1 REJECT all
-- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
[root@localhost ~]# service iptables stop
iptables: Setting chains to policy ACCEPT: filter [
OK ]
iptables: Flushing firewall rules: [
OK ]
iptables: Unloading modules: [ OK ]
[root@localhost ~]# service iptables save
iptables: Nothing to save. [WARNING]
[root@localhost ~]# chkconfig iptables off
[root@localhost ~]# chkconfig ip6tables off
[root@localhost ~]# getenforce
Enforcing
[root@localhost ~]# setenforce 0
[root@localhost ~]# vi /etc/selinux/config
[root@localhost ~]# vi /etc/hosts
[root@localhost ~]# telnet server.itzgeek.local 8140
telnet: server.itzgeek.local: Name or service not known
server.itzgeek.local: Unknown host
[root@localhost ~]# telnet server.itzgeek.local 8140^C
[root@localhost ~]# vi /etc/hosts
[root@localhost ~]# telnet server.itzgeek.local 8140
Trying 192.168.45.133...
Connected to server.itzgeek.local.
Escape character is '^]'.
Connection closed by foreign host.
[root@localhost ~]# puppet agent -t
-bash: puppet: command not found
[root@localhost ~]# puppet agent --t
-bash: puppet: command not found
[root@localhost ~]# puppet-agent --t
-bash: puppet-agent: command not found
[root@localhost ~]#
server.itzgeek.local /opt/puppetlabs/bin/puppet agent -t
-bash: server.itzgeek.local: command not found
[root@localhost ~]# /opt/puppetlabs/bin/puppet agent -t
Error: Could not run: Another puppet instance is already
running; exiting
[root@localhost ~]# service puppet status
puppet (pid 3088) is
running...
[root@localhost ~]# service puppet stop
Stopping puppet agent: [ OK ]
[root@localhost ~]# /opt/puppetlabs/bin/puppet agent -t
Info: Downloaded certificate for ca from
server.itzgeek.local
Error: certificate verify failed [unable to get local issuer
certificate for CN=puppet.localdomain]
Error: Could not run: certificate verify failed [unable to
get local issuer certificate for CN=puppet.localdomain]
[root@localhost ~]# /opt/puppetlabs/bin/puppetserver ca list
-bash: /opt/puppetlabs/bin/puppetserver: No such file or
directory
[root@localhost ~]# puppet agent --test
-bash: puppet: command not found
[root@localhost ~]# /opt/puppetlabs/bin/puppet agent -test
Error: Could not parse application options: ambiguous
option: -est
[root@localhost ~]# /opt/puppetlabs/bin/puppet agent --test
Error: certificate verify failed [unable to get local issuer
certificate for CN=puppet.localdomain]
Error: Could not run: certificate verify failed [unable to
get local issuer certificate for CN=puppet.localdomain]
[root@localhost ~]# telnet server.itzgeek.local 8140
Trying 192.168.45.133...
telnet: connect to address 192.168.45.133: Connection
refused
[root@localhost ~]# telnet server.itzgeek.local 8140
Trying 192.168.45.133...
telnet: connect to address 192.168.45.133: Connection
refused
[root@localhost ~]# telnet server.itzgeek.local 8140
Trying 192.168.45.133...
Connected to server.itzgeek.local.
Escape character is '^]'.
Connection closed by foreign host.
[root@localhost ~]# /opt/puppetlabs/bin/puppet agent --test
Info: Downloaded certificate revocation list for ca from
server.itzgeek.local
Info: Creating a new RSA SSL key for client.itzgeek.local
Info: csr_attributes file loading from
/etc/puppetlabs/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for
client.itzgeek.local
Info: Certificate Request fingerprint (SHA256):
6E:72:96:CA:E2:A7:B5:31:24:AE:70:85:4B:93:90:2E:E6:9A:E3:C1:21:40:0E:E1:DD:C0:1C:17:D1:6D:40:55
Info: Certificate for client.itzgeek.local has not been
signed yet
Couldn't fetch certificate from CA server; you might still
need to sign this agent's certificate (client.itzgeek.local).
Exiting now because the waitforcert setting is set to 0.
Comments
Post a Comment