puppet配置问题统计

一、

[root@client puppet]# puppetd --test --server master.test.cominfo: Creating a new SSL key for clientinfo: Caching certificate for cainfo: Creating a new SSL certificate request for clientinfo: Certificate Request fingerprint (SHA256): 8C:D6:72:E7:CB:69:AA:2B:E5:37:12:EA:E2:14:55:4C:EA:22:43:FE:9A:B1:0F:78:E9:BB:AA:33:83:CA:13:8Ainfo: Caching certificate for clienterr: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate is not yet valid for /CN=Puppet CA: master.test.com]warning: Not using cache on failed catalogerr: Could not retrieve catalog; skipping runerr: Could not send report: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate is not yet valid for /CN=Puppet CA: master.test.com]

这个问题研究了半天 是因为时间同步的问题，很纠结。。。

二、

[root@client puppet]# puppetd --test --server master.test.comerr: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not parse for environment production: Syntax error at '=>'; expected '}' at /etc/puppet/manifests/site.pp:10 on node client.uxin.youxinpai.comwarning: Not using cache on failed catalogerr: Could not retrieve catalog; skipping run

 

这个很明显 语法错误，每行最后要以，结尾，每次最后的一行不加标点（vim /etc/puppet/manifests/site.pp）。

 

node default { file { "/tmp/test1111": #这是文件路径名； content =>"This is test of PUPPET" #这是文件的内容； }

file { "/tmp/logclean.sh": #这是文件路径名； owner => "root", group => "puppet", content => "find /log/ -type f -size +10KB | xgrep rm -rf\n", #这是文件的内容； mode => "0777" }

}

三、

添加ensure => present 这种参数的时候不用“”，

四、

当要删除证书的时候

首先在master端删除 你要删除的客户端

[root@master manifests]# ll /var/lib/puppet/ssl/ca/signed/client.pem client.uxin.youxinpai.com.pem master.test.com.pem

然后客户端需要删除ssl这个文件

[root@client puppet]# ll /var/lib/puppet/ssl/

之后重新申请即可

 

转载于:https://www.cnblogs.com/tengfei520/p/5486831.html

相关资源：JAVA上百实例源码以及开源项目