puppet centos 6
[root@localhost Desktop]# rpm -ivh http://yum.puppetlabs.com/puppetlabs-release-el-6.noarch.rpm
Retrieving http://yum.puppetlabs.com/puppetlabs-release-el-6.noarch.rpm
curl: (6) Couldn't resolve host 'yum.puppetlabs.com'
error: skipping http://yum.puppetlabs.com/puppetlabs-release-el-6.noarch.rpm - transfer failed
[root@localhost Desktop]# rpm -ivh http://yum.puppetlabs.com/puppetlabs-release-el-6.noarch.rpm
Retrieving http://yum.puppetlabs.com/puppetlabs-release-el-6.noarch.rpm
warning: /var/tmp/rpm-tmp.N1qNJk: Header V4 RSA/SHA1 Signature, key ID ef8d349f: NOKEY
Preparing... ########################################### [100%]
1:puppetlabs-release ########################################### [100%]
[root@localhost Desktop]# yum install puppet-server
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Install Process
Determining fastest mirrors
* base: centos.excellmedia.net
* extras: centos.excellmedia.net
* updates: centos.excellmedia.net
puppetlabs-deps | 2.5 kB 00:00
puppetlabs-deps/primary_db | 12 kB 00:00
puppetlabs-products | 2.5 kB 00:00
puppetlabs-products/primary_db | 85 kB 00:00
Resolving Dependencies
--> Running transaction check
---> Package puppet-server.noarch 0:3.8.7-1.el6 will be installed
--> Processing Dependency: puppet = 3.8.7-1.el6 for package: puppet-server-3.8.7-1.el6.noarch
--> Running transaction check
---> Package puppet.noarch 0:3.8.7-1.el6 will be installed
--> Processing Dependency: ruby >= 1.8.7 for package: puppet-3.8.7-1.el6.noarch
--> Processing Dependency: ruby >= 1.8 for package: puppet-3.8.7-1.el6.noarch
--> Processing Dependency: facter >= 1:1.7.0 for package: puppet-3.8.7-1.el6.noarch
--> Processing Dependency: hiera >= 1.0.0 for package: puppet-3.8.7-1.el6.noarch
-->Processing Dependency: ruby-shadow for package: puppet-3.8.7-1.el6.noarch
-->Processing Dependency: ruby-augeas for package: puppet-3.8.7-1.el6.noarch
-->Processing Dependency: rubygem-json for package: puppet-3.8.7-1.el6.noarch
--> Processing Dependency: ruby(selinux) for package: puppet-3.8.7-1.el6.noarch
--> Processing Dependency: /usr/bin/ruby for package: puppet-3.8.7-1.el6.noarch
--> Running transaction check
---> Package facter.x86_64 1:2.4.6-1.el6 will be installed
---> Package hiera.noarch 0:1.3.4-1.el6 will be installed
---> Package libselinux-ruby.x86_64 0:2.0.94-7.el6 will be installed
---> Package ruby.x86_64 0:1.8.7.374-5.el6 will be installed
--> Processing Dependency: ruby-libs = 1.8.7.374-5.el6 for package: ruby-1.8.7.374-5.el6.x86_64
--> Processing Dependency: libruby.so.1.8()(64bit) for package: ruby-1.8.7.374-5.el6.x86_64
---> Package ruby-augeas.x86_64 0:0.4.1-3.el6 will be installed
---> Package ruby-shadow.x86_64 1:2.2.0-2.el6 will be installed
---> Package rubygem-json.x86_64 0:1.5.5-3.el6 will be installed
--> Processing Dependency: rubygems >= 1.3.7 for package: rubygem-json-1.5.5-3.el6.x86_64
--> Running transaction check
---> Package ruby-libs.x86_64 0:1.8.7.374-5.el6 will be installed
--> Processing Dependency: libreadline.so.5()(64bit) for package: ruby-libs-1.8.7.374-5.el6.x86_64
---> Package rubygems.noarch 0:1.3.7-5.el6 will be installed
-->Processing Dependency: ruby-rdoc for package: rubygems-1.3.7-5.el6.noarch
--> Running transaction check
---> Package compat-readline5.x86_64 0:5.2-17.1.el6 will be installed
---> Package ruby-rdoc.x86_64 0:1.8.7.374-5.el6 will be installed
--> Processing Dependency: ruby-irb = 1.8.7.374-5.el6 for package: ruby-rdoc-1.8.7.374-5.el6.x86_64
--> Running transaction check
---> Package ruby-irb.x86_64 0:1.8.7.374-5.el6 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
puppet-server noarch 3.8.7-1.el6 puppetlabs-products 24 k
Installing for dependencies:
compat-readline5 x86_64 5.2-17.1.el6 base 130 k
facter x86_64 1:2.4.6-1.el6 puppetlabs-products 99 k
hiera noarch 1.3.4-1.el6 puppetlabs-products 23 k
libselinux-ruby x86_64 2.0.94-7.el6 base 100 k
puppet noarch 3.8.7-1.el6 puppetlabs-products 1.6 M
ruby x86_64 1.8.7.374-5.el6 base 538 k
ruby-augeas x86_64 0.4.1-3.el6 puppetlabs-deps 21 k
ruby-irb x86_64 1.8.7.374-5.el6 base 318 k
ruby-libs x86_64 1.8.7.374-5.el6 base 1.7 M
ruby-rdoc x86_64 1.8.7.374-5.el6 base 381 k
ruby-shadow x86_64 1:2.2.0-2.el6 puppetlabs-deps 13 k
rubygem-json x86_64 1.5.5-3.el6 puppetlabs-deps 763 k
rubygems noarch 1.3.7-5.el6 base 207 k
Transaction Summary
================================================================================
Install 14 Package(s)
Total download size: 5.8 M
Installed size: 14 M
Is this ok [y/N]: y
Downloading Packages:
(1/14): compat-readline5-5.2-17.1.el6.x86_64.rpm | 130 kB 00:00
(2/14): facter-2.4.6-1.el6.x86_64.rpm | 99 kB 00:00
(3/14): hiera-1.3.4-1.el6.noarch.rpm | 23 kB 00:00
(4/14): libselinux-ruby-2.0.94-7.el6.x86_64.rpm | 100 kB 00:00
(5/14): puppet-3.8.7-1.el6.noarch.rpm | 1.6 MB 00:01
(6/14): puppet-server-3.8.7-1.el6.noarch.rpm | 24 kB 00:00
(7/14): ruby-1.8.7.374-5.el6.x86_64.rpm | 538 kB 00:00
(8/14): ruby-augeas-0.4.1-3.el6.x86_64.rpm | 21 kB 00:00
(9/14): ruby-irb-1.8.7.374-5.el6.x86_64.rpm | 318 kB 00:00
(10/14): ruby-libs-1.8.7.374-5.el6.x86_64.rpm | 1.7 MB 00:00
(11/14): ruby-rdoc-1.8.7.374-5.el6.x86_64.rpm | 381 kB 00:00
(12/14): ruby-shadow-2.2.0-2.el6.x86_64.rpm | 13 kB 00:00
(13/14): rubygem-json-1.5.5-3.el6.x86_64.rpm | 763 kB 00:01
(14/14): rubygems-1.3.7-5.el6.noarch.rpm | 207 kB 00:00
--------------------------------------------------------------------------------
Total 580 kB/s | 5.8 MB 00:10
warning: rpmts_HdrFromFdno: Header V4 RSA/SHA1 Signature, key ID 4bd6ec30: NOKEY
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabs
Importing GPG key 0x4BD6EC30:
Userid : Puppet Labs Release Key (Puppet Labs Release Key) <info@puppetlabs.com>
Package: puppetlabs-release-22.0-2.noarch (installed)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabs
Is this ok [y/N]: y
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-puppet
Importing GPG key 0xEF8D349F:
Userid : Puppet, Inc. Release Key (Puppet, Inc. Release Key) <release@puppet.com>
Package: puppetlabs-release-22.0-2.noarch (installed)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-puppet
Is this ok [y/N]: y
warning: rpmts_HdrFromFdno: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEY
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
Importing GPG key 0xC105B9DE:
Userid : CentOS-6 Key (CentOS 6 Official Signing Key) <centos-6-key@centos.org>
Package: centos-release-6-9.el6.12.3.x86_64 (@anaconda-CentOS-201703281317.x86_64/6.9)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
Is this ok [y/N]: y
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Warning: RPMDB altered outside of yum.
Installing : libselinux-ruby-2.0.94-7.el6.x86_64 1/14
Installing : compat-readline5-5.2-17.1.el6.x86_64 2/14
Installing : ruby-libs-1.8.7.374-5.el6.x86_64 3/14
Installing : ruby-1.8.7.374-5.el6.x86_64 4/14
Installing : 1:facter-2.4.6-1.el6.x86_64 5/14
Installing : 1:ruby-shadow-2.2.0-2.el6.x86_64 6/14
Installing : ruby-irb-1.8.7.374-5.el6.x86_64 7/14
Installing : ruby-rdoc-1.8.7.374-5.el6.x86_64 8/14
Installing : rubygems-1.3.7-5.el6.noarch 9/14
Installing : rubygem-json-1.5.5-3.el6.x86_64 10/14
Installing : hiera-1.3.4-1.el6.noarch 11/14
Installing : ruby-augeas-0.4.1-3.el6.x86_64 12/14
Installing : puppet-3.8.7-1.el6.noarch 13/14
Installing : puppet-server-3.8.7-1.el6.noarch 14/14
Verifying : puppet-server-3.8.7-1.el6.noarch 1/14
Verifying : puppet-3.8.7-1.el6.noarch 2/14
Verifying : ruby-rdoc-1.8.7.374-5.el6.x86_64 3/14
Verifying : compat-readline5-5.2-17.1.el6.x86_64 4/14
Verifying : 1:facter-2.4.6-1.el6.x86_64 5/14
Verifying : rubygem-json-1.5.5-3.el6.x86_64 6/14
Verifying : ruby-1.8.7.374-5.el6.x86_64 7/14
Verifying : 1:ruby-shadow-2.2.0-2.el6.x86_64 8/14
Verifying : rubygems-1.3.7-5.el6.noarch 9/14
Verifying : ruby-libs-1.8.7.374-5.el6.x86_64 10/14
Verifying : ruby-irb-1.8.7.374-5.el6.x86_64 11/14
Verifying : libselinux-ruby-2.0.94-7.el6.x86_64 12/14
Verifying : ruby-augeas-0.4.1-3.el6.x86_64 13/14
Verifying : hiera-1.3.4-1.el6.noarch 14/14
Installed:
puppet-server.noarch 0:3.8.7-1.el6
Dependency Installed:
compat-readline5.x86_64 0:5.2-17.1.el6 facter.x86_64 1:2.4.6-1.el6
hiera.noarch 0:1.3.4-1.el6 libselinux-ruby.x86_64 0:2.0.94-7.el6
puppet.noarch 0:3.8.7-1.el6 ruby.x86_64 0:1.8.7.374-5.el6
ruby-augeas.x86_64 0:0.4.1-3.el6 ruby-irb.x86_64 0:1.8.7.374-5.el6
ruby-libs.x86_64 0:1.8.7.374-5.el6 ruby-rdoc.x86_64 0:1.8.7.374-5.el6
ruby-shadow.x86_64 1:2.2.0-2.el6 rubygem-json.x86_64 0:1.5.5-3.el6
rubygems.noarch 0:1.3.7-5.el6
Complete!
[root@localhost Desktop]# puppet resource package puppet-server ensure=latest
package { 'puppet-server':
ensure => '3.8.7-1.el6',
}
[root@localhost Desktop]# /etc/init.d/puppetmaster restart
Stopping puppetmaster: [FAILED]
Starting puppetmaster: [ OK ]
[root@localhost Desktop]# /etc/init.d/puppetmaster restart
Stopping puppetmaster: [ OK ]
Starting puppetmaster: [ OK ]
[root@localhost Desktop]# rpm -Uvh https://yum.puppet.com/puppet6-release-el-6.noarch.rpm
Retrieving https://yum.puppet.com/puppet6-release-el-6.noarch.rpm
Preparing... ########################################### [100%]
1:puppet6-release ########################################### [100%]
[root@localhost Desktop]# yum install puppet-serverLoaded plugins: fastestmirror, refresh-packagekit, security
Setting up Install Process
Loading mirror speeds from cached hostfile
* base: centos.excellmedia.net
* extras: centos.excellmedia.net
* updates: centos.excellmedia.net
puppet6 | 2.5 kB 00:00
puppet6/primary_db | 147 kB 00:00
Package puppet-server-3.8.7-1.el6.noarch already installed and latest version
Nothing to do
[root@localhost Desktop]# puppetserver ca setup
bash: puppetserver: command not found
[root@localhost Desktop]# systemctl start puppetserver
bash: systemctl: command not found
[root@localhost Desktop]# systemctl enable puppetserver
bash: systemctl: command not found
[root@localhost Desktop]# service status puppetserver
status: unrecognized service
[root@localhost Desktop]# service puppetserver status
puppetserver: unrecognized service
[root@localhost Desktop]# service puppetmaster status
puppet (pid 3605) is running...
[root@localhost Desktop]# puppetmaster ca setup
bash: puppetmaster: command not found
[root@localhost Desktop]# puppet ^C
[root@localhost Desktop]# rpm -ivh http://yum.puppetlabs.com/el/6/products/i386/puppetlabs-release-6-7.noarch.rpm
Retrieving http://yum.puppetlabs.com/el/6/products/i386/puppetlabs-release-6-7.noarch.rpm
curl: (22) The requested URL returned error: 404 Not Found
error: skipping http://yum.puppetlabs.com/el/6/products/i386/puppetlabs-release-6-7.noarch.rpm - transfer failed
[root@localhost Desktop]# puppet resource service puppetmaster ensure=running enable=true
Notice: /Service[puppetmaster]/enable: enable changed 'false' to 'true'
service { 'puppetmaster':
ensure => 'running',
enable => 'true',
}
[root@localhost Desktop]# rpm install https://yum.puppetlabs.com/puppet-release-el-6.noarch.rpm
RPM version 4.8.0
Copyright (C) 1998-2002 - Red Hat, Inc.
This program may be freely redistributed under the terms of the GNU GPL
Usage: rpm [-aKfgpWHqVcdilsKiv?] [-a|--all] [-f|--file] [-g|--group]
[-p|--package] [-W|--ftswalk] [--pkgid] [--hdrid] [--fileid]
[--specfile] [--triggeredby] [--whatrequires] [--whatprovides]
[--nomanifest] [-c|--configfiles] [-d|--docfiles] [--dump] [-l|--list]
[--queryformat=QUERYFORMAT] [-s|--state] [--nofiledigest] [--nomd5]
[--nofiles] [--nodeps] [--noscript] [--comfollow] [--logical]
[--nochdir] [--nostat] [--physical] [--seedot] [--xdev]
[--whiteout] [--addsign] [-K|--checksig] [--delsign] [--import]
[--resign] [--nodigest] [--nosignature] [--initdb] [--rebuilddb]
[--aid] [--allfiles] [--allmatches] [--badreloc]
[-e|--erase <package>+] [--excludedocs] [--excludepath=<path>]
[--fileconflicts] [--force] [-F|--freshen <packagefile>+] [-h|--hash]
[--ignorearch] [--ignoreos] [--ignoresize] [-i|--install] [--justdb]
[--nodeps] [--nofiledigest] [--nomd5] [--nocontexts] [--noorder]
[--nosuggest] [--noscripts] [--notriggers] [--oldpackage]
[--percent] [--prefix=<dir>] [--relocate=<old>=<new>]
[--replacefiles] [--replacepkgs] [--test]
[-U|--upgrade <packagefile>+] [--quiet] [-D|--define 'MACRO EXPR']
[-E|--eval 'EXPR'] [--macros=<FILE:...>] [--nodigest] [--nosignature]
[--rcfile=<FILE:...>] [-r|--root ROOT] [--querytags] [--showrc]
[--quiet] [-v|--verbose] [--version] [-?|--help] [--usage]
[--scripts] [--setperms] [--setugids] [--conflicts] [--obsoletes]
[--provides] [--requires] [--info] [--changelog] [--xml]
[--triggers] [--last] [--dupes] [--filesbypkg] [--fileclass]
[--filecolor] [--fscontext] [--fileprovide] [--filerequire]
[--filecaps]
[root@localhost Desktop]# rpm -ivh https://yum.puppetlabs.com/puppet-release-el-6.noarch.rpm
Retrieving https://yum.puppetlabs.com/puppet-release-el-6.noarch.rpm
error: Failed dependencies:
puppet6-release conflicts with puppet-release-1.0.0-7.el6.noarch
puppet-release conflicts with puppet6-release-6.0.0-5.el6.noarch
[root@localhost Desktop]# yum remove puppet-release
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Remove Process
No Match for argument: puppet-release
Loading mirror speeds from cached hostfile
* base: centos.excellmedia.net
* extras: centos.excellmedia.net
* updates: centos.excellmedia.net
Package(s) puppet-release available, but not installed.
No Packages marked for removal
[root@localhost Desktop]# yum remove puppet*
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Remove Process
Resolving Dependencies
--> Running transaction check
---> Package puppet.noarch 0:3.8.7-1.el6 will be erased
---> Package puppet-server.noarch 0:3.8.7-1.el6 will be erased
---> Package puppet6-release.noarch 0:6.0.0-5.el6 will be erased
---> Package puppetlabs-release.noarch 0:22.0-2 will be erased
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Removing:
puppet noarch 3.8.7-1.el6 @puppetlabs-products 6.3 M
puppet-server noarch 3.8.7-1.el6 @puppetlabs-products 10 k
puppet6-release noarch 6.0.0-5.el6 installed 5.0 k
puppetlabs-release noarch 22.0-2 installed 13 k
Transaction Summary
================================================================================
Remove 4 Package(s)
Installed size: 6.3 M
Is this ok [y/N]: y
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Warning: RPMDB altered outside of yum.
Erasing : puppet-server-3.8.7-1.el6.noarch 1/4
Erasing : puppet-3.8.7-1.el6.noarch 2/4
Erasing : puppetlabs-release-22.0-2.noarch 3/4
Erasing : puppet6-release-6.0.0-5.el6.noarch 4/4
Verifying : puppet-server-3.8.7-1.el6.noarch 1/4
Verifying : puppet6-release-6.0.0-5.el6.noarch 2/4
Verifying : puppet-3.8.7-1.el6.noarch 3/4
Verifying : puppetlabs-release-22.0-2.noarch 4/4
Removed:
puppet.noarch 0:3.8.7-1.el6 puppet-server.noarch 0:3.8.7-1.el6
puppet6-release.noarch 0:6.0.0-5.el6 puppetlabs-release.noarch 0:22.0-2
Complete!
[root@localhost Desktop]# rpm -ivh https://yum.puppetlabs.com/puppet-release-el-6.noarch.rpm
Retrieving https://yum.puppetlabs.com/puppet-release-el-6.noarch.rpm
Preparing... ########################################### [100%]
1:puppet-release ########################################### [100%]
[root@localhost Desktop]# yum install puppet-serverLoaded plugins: fastestmirror, refresh-packagekit, security
Existing lock /var/run/yum.pid: another copy is running as pid 3810.
Another app is currently holding the yum lock; waiting for it to exit...
The other application is: PackageKit
Memory : 46 M RSS (356 MB VSZ)
Started: Sat Jul 27 12:51:30 2019 - 00:07 ago
State : Sleeping, pid: 3810
Setting up Install Process
Loading mirror speeds from cached hostfile
* base: centos.excellmedia.net
* extras: centos.excellmedia.net
* updates: centos.excellmedia.net
No package puppet-server available.
Error: Nothing to do
[root@localhost Desktop]# yum install puppetserver
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Install Process
Loading mirror speeds from cached hostfile
* base: centos.excellmedia.net
* extras: centos.excellmedia.net
* updates: centos.excellmedia.net
Resolving Dependencies
--> Running transaction check
---> Package puppetserver.noarch 0:6.5.0-1.el6 will be installed
--> Processing Dependency: puppet-agent >= 5.5.0 for package: puppetserver-6.5.0-1.el6.noarch
--> Processing Dependency: java-1.8.0-openjdk-headless for package: puppetserver-6.5.0-1.el6.noarch
--> Running transaction check
---> Package facter.x86_64 1:2.4.6-1.el6 will be obsoleted
---> Package hiera.noarch 0:1.3.4-1.el6 will be obsoleted
---> Package java-1.8.0-openjdk-headless.x86_64 1:1.8.0.222.b10-0.el6_10 will be installed
--> Processing Dependency: nss >= 3.36.0 for package: 1:java-1.8.0-openjdk-headless-1.8.0.222.b10-0.el6_10.x86_64
---> Package puppet-agent.x86_64 0:6.7.2-1.el6 will be obsoleting
--> Running transaction check
---> Package nss.x86_64 0:3.27.1-13.el6 will be updated
--> Processing Dependency: nss = 3.27.1-13.el6 for package: nss-sysinit-3.27.1-13.el6.x86_64
--> Processing Dependency: nss(x86-64) = 3.27.1-13.el6 for package: nss-tools-3.27.1-13.el6.x86_64
---> Package nss.x86_64 0:3.36.0-9.el6_10 will be an update
--> Processing Dependency: nss-util >= 3.36.0 for package: nss-3.36.0-9.el6_10.x86_64
--> Processing Dependency: nspr >= 4.19.0 for package: nss-3.36.0-9.el6_10.x86_64
--> Processing Dependency: libnssutil3.so(NSSUTIL_3.33)(64bit) for package: nss-3.36.0-9.el6_10.x86_64
--> Processing Dependency: libnssutil3.so(NSSUTIL_3.31)(64bit) for package: nss-3.36.0-9.el6_10.x86_64
--> Running transaction check
---> Package nspr.x86_64 0:4.13.1-1.el6 will be updated
---> Package nspr.x86_64 0:4.19.0-1.el6 will be an update
---> Package nss-sysinit.x86_64 0:3.27.1-13.el6 will be updated
---> Package nss-sysinit.x86_64 0:3.36.0-9.el6_10 will be an update
---> Package nss-tools.x86_64 0:3.27.1-13.el6 will be updated
---> Package nss-tools.x86_64 0:3.36.0-9.el6_10 will be an update
---> Package nss-util.x86_64 0:3.27.1-3.el6 will be updated
---> Package nss-util.x86_64 0:3.36.0-1.el6 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository
Size
================================================================================
Installing:
puppet-agent x86_64 6.7.2-1.el6 puppet 24 M
replacing facter.x86_64 1:2.4.6-1.el6
replacing hiera.noarch 1.3.4-1.el6
puppetserver noarch 6.5.0-1.el6 puppet 74 M
Installing for dependencies:
java-1.8.0-openjdk-headless x86_64 1:1.8.0.222.b10-0.el6_10 updates 32 M
Updating for dependencies:
nspr x86_64 4.19.0-1.el6 base 114 k
nss x86_64 3.36.0-9.el6_10 updates 865 k
nss-sysinit x86_64 3.36.0-9.el6_10 updates 53 k
nss-tools x86_64 3.36.0-9.el6_10 updates 460 k
nss-util x86_64 3.36.0-1.el6 base 72 k
Transaction Summary
================================================================================
Install 3 Package(s)
Upgrade 5 Package(s)
Total download size: 132 M
Is this ok [y/N]: y
Downloading Packages:
(1/8): java-1.8.0-openjdk-headless-1.8.0.222.b10-0.el6_1 | 32 MB 00:10
(2/8): nspr-4.19.0-1.el6.x86_64.rpm | 114 kB 00:00
(3/8): nss-3.36.0-9.el6_10.x86_64.rpm | 865 kB 00:00
(4/8): nss-sysinit-3.36.0-9.el6_10.x86_64.rpm | 53 kB 00:00
(5/8): nss-tools-3.36.0-9.el6_10.x86_64.rpm | 460 kB 00:00
(6/8): nss-util-3.36.0-1.el6.x86_64.rpm | 72 kB 00:00
(7/8): puppet-agent-6.7.2-1.el6.x86_64.rpm | 24 MB 00:08
(8/8): puppetserver-6.5.0-1.el6.noarch.rpm | 74 MB 00:23
--------------------------------------------------------------------------------
Total 3.0 MB/s | 132 MB 00:43
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Warning: RPMDB altered outside of yum.
Updating : nspr-4.19.0-1.el6.x86_64 1/15
Updating : nss-util-3.36.0-1.el6.x86_64 2/15
Updating : nss-3.36.0-9.el6_10.x86_64 3/15
Updating : nss-sysinit-3.36.0-9.el6_10.x86_64 4/15
Installing : 1:java-1.8.0-openjdk-headless-1.8.0.222.b10-0.el6_10.x86 5/15
Installing : puppet-agent-6.7.2-1.el6.x86_64 6/15
Installing : puppetserver-6.5.0-1.el6.noarch 7/15
usermod: no changes
Updating : nss-tools-3.36.0-9.el6_10.x86_64 8/15
Erasing : hiera-1.3.4-1.el6.noarch 9/15
Erasing : 1:facter-2.4.6-1.el6.x86_64 10/15
Cleanup : nss-tools-3.27.1-13.el6.x86_64 11/15
Cleanup : nss-3.27.1-13.el6.x86_64 12/15
Cleanup : nss-sysinit-3.27.1-13.el6.x86_64 13/15
Cleanup : nss-util-3.27.1-3.el6.x86_64 14/15
Cleanup : nspr-4.13.1-1.el6.x86_64 15/15
Verifying : nss-sysinit-3.36.0-9.el6_10.x86_64 1/15
Verifying : puppet-agent-6.7.2-1.el6.x86_64 2/15
Verifying : 1:java-1.8.0-openjdk-headless-1.8.0.222.b10-0.el6_10.x86 3/15
Verifying : nss-util-3.36.0-1.el6.x86_64 4/15
Verifying : puppetserver-6.5.0-1.el6.noarch 5/15
Verifying : nss-tools-3.36.0-9.el6_10.x86_64 6/15
Verifying : nspr-4.19.0-1.el6.x86_64 7/15
Verifying : nss-3.36.0-9.el6_10.x86_64 8/15
Verifying : nspr-4.13.1-1.el6.x86_64 9/15
Verifying : nss-3.27.1-13.el6.x86_64 10/15
Verifying : nss-util-3.27.1-3.el6.x86_64 11/15
Verifying : 1:facter-2.4.6-1.el6.x86_64 12/15
Verifying : nss-sysinit-3.27.1-13.el6.x86_64 13/15
Verifying : hiera-1.3.4-1.el6.noarch 14/15
Verifying : nss-tools-3.27.1-13.el6.x86_64 15/15
Installed:
puppet-agent.x86_64 0:6.7.2-1.el6 puppetserver.noarch 0:6.5.0-1.el6
Dependency Installed:
java-1.8.0-openjdk-headless.x86_64 1:1.8.0.222.b10-0.el6_10
Dependency Updated:
nspr.x86_64 0:4.19.0-1.el6 nss.x86_64 0:3.36.0-9.el6_10
nss-sysinit.x86_64 0:3.36.0-9.el6_10 nss-tools.x86_64 0:3.36.0-9.el6_10
nss-util.x86_64 0:3.36.0-1.el6
Replaced:
facter.x86_64 1:2.4.6-1.el6 hiera.noarch 0:1.3.4-1.el6
Complete!
[root@localhost Desktop]# service puppetmaster statuspuppetmaster: unrecognized service
[root@localhost Desktop]# service puppetserver statuspuppetserver is stopped
[root@localhost Desktop]# service puppetserver start
Starting puppetserver: [ OK ]
[root@localhost Desktop]# service puppetserver restart
Stopping puppetserver: [ OK ]
Starting puppetserver: [ OK ]
[root@localhost Desktop]# vi /etc/puppetlabs/puppet/puppet.conf
[root@localhost Desktop]# puppetserver ca setup
bash: puppetserver: command not found
[root@localhost Desktop]# puppetmaster ca setup
bash: puppetmaster: command not found
[root@localhost Desktop]# service puppetserver status
puppetserver (pid 5165) is running...
[root@localhost Desktop]#
(30/38): libstdc++-4.4.7-23.el6.x86_64.rpm | 296 kB 00:00
(31/38): libstdc++-devel-4.4.7-23.el6.x86_64.rpm | 1.6 MB 00:00
(32/38): mod_ssl-2.2.15-69.el6.centos.x86_64.rpm | 99 kB 00:00
(33/38): mpfr-2.4.1-6.el6.x86_64.rpm | 157 kB 00:00
(34/38): openldap-devel-2.4.40-16.el6.x86_64.rpm | 1.1 MB 00:00
(35/38): openssl-devel-1.0.1e-57.el6.x86_64.rpm | 1.2 MB 00:00
(36/38): ppl-0.10.2-11.el6.x86_64.rpm | 1.3 MB 00:00
(37/38): ruby-devel-1.8.7.374-5.el6.x86_64.rpm | 318 kB 00:00
(38/38): zlib-devel-1.2.3-29.el6.x86_64.rpm | 44 kB 00:00
-------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 2.1 MB/s | 30 MB 00:14
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Updating : libcom_err-1.41.12-24.el6.x86_64 1/50
Updating : libgcc-4.4.7-23.el6.x86_64 2/50
Updating : libstdc++-4.4.7-23.el6.x86_64 3/50
Updating : apr-1.3.9-5.el6_9.1.x86_64 4/50
Installing : apr-devel-1.3.9-5.el6_9.1.x86_64 5/50
Updating : libcurl-7.19.7-53.el6_9.x86_64 6/50
Installing : mpfr-2.4.1-6.el6.x86_64 7/50
Installing : cpp-4.4.7-23.el6.x86_64 8/50
Updating : httpd-tools-2.2.15-69.el6.centos.x86_64 9/50
Updating : httpd-2.2.15-69.el6.centos.x86_64 10/50
Installing : libstdc++-devel-4.4.7-23.el6.x86_64 11/50
Installing : ppl-0.10.2-11.el6.x86_64 12/50
Installing : cloog-ppl-0.15.7-1.2.el6.x86_64 13/50
Updating : e2fsprogs-libs-1.41.12-24.el6.x86_64 14/50
Installing : libcom_err-devel-1.41.12-24.el6.x86_64 15/50
Updating : libss-1.41.12-24.el6.x86_64 16/50
Installing : libsepol-devel-2.0.41-4.el6.x86_64 17/50
Installing : libselinux-devel-2.0.94-7.el6.x86_64 18/50
Installing : libidn-devel-1.18-2.el6.x86_64 19/50
Installing : cyrus-sasl-devel-2.1.23-15.el6_6.2.x86_64 20/50
Installing : openldap-devel-2.4.40-16.el6.x86_64 21/50
Updating : libgomp-4.4.7-23.el6.x86_64 22/50
Installing : gcc-4.4.7-23.el6.x86_64 23/50
Installing : zlib-devel-1.2.3-29.el6.x86_64 24/50
Installing : autoconf-2.63-5.1.el6.noarch 25/50
Installing : automake-1.11.1-4.el6.noarch 26/50
Installing : expat-devel-2.0.1-13.el6_8.x86_64 27/50
Installing : apr-util-devel-1.3.9-3.el6_0.1.x86_64 28/50
Installing : keyutils-libs-devel-1.4-5.el6.x86_64 29/50
Installing : krb5-devel-1.10.3-65.el6.x86_64 30/50
Installing : openssl-devel-1.0.1e-57.el6.x86_64 31/50
Installing : httpd-devel-2.2.15-69.el6.centos.x86_64 32/50
Installing : libcurl-devel-7.19.7-53.el6_9.x86_64 33/50
Installing : gcc-c++-4.4.7-23.el6.x86_64 34/50
Updating : e2fsprogs-1.41.12-24.el6.x86_64 35/50
Installing : 1:mod_ssl-2.2.15-69.el6.centos.x86_64 36/50
Updating : curl-7.19.7-53.el6_9.x86_64 37/50
Installing : ruby-devel-1.8.7.374-5.el6.x86_64 38/50
Cleanup : e2fsprogs-1.41.12-23.el6.x86_64 39/50
Cleanup : curl-7.19.7-52.el6.x86_64 40/50
Cleanup : httpd-2.2.15-59.el6.centos.x86_64 41/50
Cleanup : httpd-tools-2.2.15-59.el6.centos.x86_64 42/50
Cleanup : libcurl-7.19.7-52.el6.x86_64 43/50
Cleanup : e2fsprogs-libs-1.41.12-23.el6.x86_64 44/50
Cleanup : libss-1.41.12-23.el6.x86_64 45/50
Cleanup : libstdc++-4.4.7-18.el6.x86_64 46/50
Cleanup : libgcc-4.4.7-18.el6.x86_64 47/50
Cleanup : libcom_err-1.41.12-23.el6.x86_64 48/50
Cleanup : apr-1.3.9-5.el6_2.x86_64 49/50
Cleanup : libgomp-4.4.7-18.el6.x86_64 50/50
Verifying : e2fsprogs-libs-1.41.12-24.el6.x86_64 1/50
Verifying : gcc-4.4.7-23.el6.x86_64 2/50
Verifying : httpd-2.2.15-69.el6.centos.x86_64 3/50
Verifying : krb5-devel-1.10.3-65.el6.x86_64 4/50
Verifying : apr-1.3.9-5.el6_9.1.x86_64 5/50
Verifying : libstdc++-devel-4.4.7-23.el6.x86_64 6/50
Verifying : automake-1.11.1-4.el6.noarch 7/50
Verifying : libcom_err-devel-1.41.12-24.el6.x86_64 8/50
Verifying : keyutils-libs-devel-1.4-5.el6.x86_64 9/50
Verifying : expat-devel-2.0.1-13.el6_8.x86_64 10/50
Verifying : mpfr-2.4.1-6.el6.x86_64 11/50
Verifying : libss-1.41.12-24.el6.x86_64 12/50
Verifying : openldap-devel-2.4.40-16.el6.x86_64 13/50
Verifying : autoconf-2.63-5.1.el6.noarch 14/50
Verifying : zlib-devel-1.2.3-29.el6.x86_64 15/50
Verifying : ruby-devel-1.8.7.374-5.el6.x86_64 16/50
Verifying : cloog-ppl-0.15.7-1.2.el6.x86_64 17/50
Verifying : libgomp-4.4.7-23.el6.x86_64 18/50
Verifying : gcc-c++-4.4.7-23.el6.x86_64 19/50
Verifying : openssl-devel-1.0.1e-57.el6.x86_64 20/50
Verifying : 1:mod_ssl-2.2.15-69.el6.centos.x86_64 21/50
Verifying : cyrus-sasl-devel-2.1.23-15.el6_6.2.x86_64 22/50
Verifying : libidn-devel-1.18-2.el6.x86_64 23/50
Verifying : apr-util-devel-1.3.9-3.el6_0.1.x86_64 24/50
Verifying : apr-devel-1.3.9-5.el6_9.1.x86_64 25/50
Verifying : libcurl-7.19.7-53.el6_9.x86_64 26/50
Verifying : ppl-0.10.2-11.el6.x86_64 27/50
Verifying : httpd-tools-2.2.15-69.el6.centos.x86_64 28/50
Verifying : libcom_err-1.41.12-24.el6.x86_64 29/50
Verifying : libsepol-devel-2.0.41-4.el6.x86_64 30/50
Verifying : libcurl-devel-7.19.7-53.el6_9.x86_64 31/50
Verifying : curl-7.19.7-53.el6_9.x86_64 32/50
Verifying : libstdc++-4.4.7-23.el6.x86_64 33/50
Verifying : httpd-devel-2.2.15-69.el6.centos.x86_64 34/50
Verifying : libselinux-devel-2.0.94-7.el6.x86_64 35/50
Verifying : cpp-4.4.7-23.el6.x86_64 36/50
Verifying : libgcc-4.4.7-23.el6.x86_64 37/50
Verifying : e2fsprogs-1.41.12-24.el6.x86_64 38/50
Verifying : libcom_err-1.41.12-23.el6.x86_64 39/50
Verifying : e2fsprogs-libs-1.41.12-23.el6.x86_64 40/50
Verifying : libcurl-7.19.7-52.el6.x86_64 41/50
Verifying : libss-1.41.12-23.el6.x86_64 42/50
Verifying : httpd-tools-2.2.15-59.el6.centos.x86_64 43/50
Verifying : e2fsprogs-1.41.12-23.el6.x86_64 44/50
Verifying : libstdc++-4.4.7-18.el6.x86_64 45/50
Verifying : curl-7.19.7-52.el6.x86_64 46/50
Verifying : apr-1.3.9-5.el6_2.x86_64 47/50
Verifying : libgcc-4.4.7-18.el6.x86_64 48/50
Verifying : libgomp-4.4.7-18.el6.x86_64 49/50
Verifying : httpd-2.2.15-59.el6.centos.x86_64 50/50
Installed:
automake.noarch 0:1.11.1-4.el6 gcc-c++.x86_64 0:4.4.7-23.el6 httpd-devel.x86_64 0:2.2.15-69.el6.centos
libcurl-devel.x86_64 0:7.19.7-53.el6_9 mod_ssl.x86_64 1:2.2.15-69.el6.centos openssl-devel.x86_64 0:1.0.1e-57.el6
ruby-devel.x86_64 0:1.8.7.374-5.el6 zlib-devel.x86_64 0:1.2.3-29.el6
Dependency Installed:
apr-devel.x86_64 0:1.3.9-5.el6_9.1 apr-util-devel.x86_64 0:1.3.9-3.el6_0.1 autoconf.noarch 0:2.63-5.1.el6
cloog-ppl.x86_64 0:0.15.7-1.2.el6 cpp.x86_64 0:4.4.7-23.el6 cyrus-sasl-devel.x86_64 0:2.1.23-15.el6_6.2
expat-devel.x86_64 0:2.0.1-13.el6_8 gcc.x86_64 0:4.4.7-23.el6 keyutils-libs-devel.x86_64 0:1.4-5.el6
krb5-devel.x86_64 0:1.10.3-65.el6 libcom_err-devel.x86_64 0:1.41.12-24.el6 libidn-devel.x86_64 0:1.18-2.el6
libselinux-devel.x86_64 0:2.0.94-7.el6 libsepol-devel.x86_64 0:2.0.41-4.el6 libstdc++-devel.x86_64 0:4.4.7-23.el6
mpfr.x86_64 0:2.4.1-6.el6 openldap-devel.x86_64 0:2.4.40-16.el6 ppl.x86_64 0:0.10.2-11.el6
Updated:
httpd.x86_64 0:2.2.15-69.el6.centos
Dependency Updated:
apr.x86_64 0:1.3.9-5.el6_9.1 curl.x86_64 0:7.19.7-53.el6_9 e2fsprogs.x86_64 0:1.41.12-24.el6 e2fsprogs-libs.x86_64 0:1.41.12-24.el6
httpd-tools.x86_64 0:2.2.15-69.el6.centos libcom_err.x86_64 0:1.41.12-24.el6 libcurl.x86_64 0:7.19.7-53.el6_9 libgcc.x86_64 0:4.4.7-23.el6
libgomp.x86_64 0:4.4.7-23.el6 libss.x86_64 0:1.41.12-24.el6 libstdc++.x86_64 0:4.4.7-23.el6
Complete!
[root@localhost signed]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
[root@localhost signed]# openssl verify -CAfile ca-bundle.pem $(puppet master --configprint hostcert)
Error loading file ca-bundle.pem
140416490313544:error:02001002:system library:fopen:No such file or directory:bss_file.c:169:fopen('ca-bundle.pem','r')
140416490313544:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:172:
140416490313544:error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib:by_file.c:279:
usage: verify [-verbose] [-CApath path] [-CAfile file] [-trusted_first] [-purpose purpose] [-crl_check] [-attime timestamp] [-engine e] cert1 cert2 ...
recognized usages:
sslclient SSL client
sslserver SSL server
nssslserver Netscape SSL server
smimesign S/MIME signing
smimeencrypt S/MIME encryption
crlsign CRL signing
any Any Purpose
ocsphelper OCSP helper
timestampsign Time Stamp signing
[root@localhost signed]# cp /etc/puppetlabs/puppet/ssl/ca/ca_crt.pem /etc/puppetlabs/puppet/ssl/ca/ca_crt.pem.old
[root@localhost signed]# cp ca-bundle.pem /etc/puppetlabs/puppet/ssl/ca/ca_crt.pem
cp: cannot stat `ca-bundle.pem': No such file or directory
[root@localhost signed]# cp ca-bundle.pem /etc/puppetlabs/puppet/ssl/certs/ca.pem
cp: cannot stat `ca-bundle.pem': No such file or directory
[root@localhost signed]# puppet agent -t
Warning: Unable to fetch my node definition, but the agent run will continue:
Warning: Failed to open TCP connection to server.itzgeek.local:8140 (Connection refused - connect(2) for "server.itzgeek.local" port 8140)
Info: Retrieving pluginfacts
Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Failed to generate additional resources using 'eval_generate': Failed to open TCP connection to server.itzgeek.local:8140 (Connection refused - connect(2) for "server.itzgeek.local" port 8140)
Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Could not evaluate: Could not retrieve file metadata for puppet:///pluginfacts: Failed to open TCP connection to server.itzgeek.local:8140 (Connection refused - connect(2) for "server.itzgeek.local" port 8140)
Info: Retrieving plugin
Error: /File[/opt/puppetlabs/puppet/cache/lib]: Failed to generate additional resources using 'eval_generate': Failed to open TCP connection to server.itzgeek.local:8140 (Connection refused - connect(2) for "server.itzgeek.local" port 8140)
Error: /File[/opt/puppetlabs/puppet/cache/lib]: Could not evaluate: Could not retrieve file metadata for puppet:///plugins: Failed to open TCP connection to server.itzgeek.local:8140 (Connection refused - connect(2) for "server.itzgeek.local" port 8140)
Error: Could not retrieve catalog from remote server: Failed to open TCP connection to server.itzgeek.local:8140 (Connection refused - connect(2) for "server.itzgeek.local" port 8140)
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Error: Could not send report: Failed to open TCP connection to server.itzgeek.local:8140 (Connection refused - connect(2) for "server.itzgeek.local" port 8140)
[root@localhost signed]# puppet cert generate
This command is no longer functional, please use `puppetserver ca` instead.
puppet-cert(8) -- Manage certificates and requests (Disabled)
========
ACTIONS
-------
Every action except 'list' and 'generate' requires a hostname to act on,
unless the '--all' option is set.
* clean:
Use `puppetserver ca clean --certname NAME[,NAME...]`
* fingerprint:
Use openssl directly:
`openssl x509 -noout -fingerprint -<digest> -inform pem -in certificate.crt`
* generate:
Use `puppetserver ca generate --certname NAME[,NAME...]`
* list:
Use `puppetserver ca list [--all]`
* print:
Use openssl directly:
`openssl x509 -noout -text -in certificate.pem`
* revoke:
Use `puppetserver ca revoke --certname NAME[,NAME...]`
* sign:
Use `puppetserver ca sign --certname NAME[,NAME...]`
* verify:
Use `puppet ssl verify [--certname NAME]`
* reinventory:
Removed.
OPTIONS
-------
There are a couple important notes about previously-supported options.
* --allow-dns-alt-names:
In order to sign certificates with subject alternative names using
`puppetserver ca sign`, the `allow-subject-alt-names` setting must be
set to true in the `certificate-authority` section of Puppet Server's
config.
* --allow-authorization-extensions:
In order to sign certificates with authorization extensions using
`puppetserver ca sign`, the `allow-authorization-extensions` setting must be
set to true in the `certificate-authority` section of Puppet Server's
config.
[root@localhost signed]# puppet cert --sign client.itzgeek.local
This command is no longer functional, please use `puppetserver ca` instead.
puppet-cert(8) -- Manage certificates and requests (Disabled)
========
ACTIONS
-------
Every action except 'list' and 'generate' requires a hostname to act on,
unless the '--all' option is set.
* clean:
Use `puppetserver ca clean --certname NAME[,NAME...]`
* fingerprint:
Use openssl directly:
`openssl x509 -noout -fingerprint -<digest> -inform pem -in certificate.crt`
* generate:
Use `puppetserver ca generate --certname NAME[,NAME...]`
* list:
Use `puppetserver ca list [--all]`
* print:
Use openssl directly:
`openssl x509 -noout -text -in certificate.pem`
* revoke:
Use `puppetserver ca revoke --certname NAME[,NAME...]`
* sign:
Use `puppetserver ca sign --certname NAME[,NAME...]`
* verify:
Use `puppet ssl verify [--certname NAME]`
* reinventory:
Removed.
OPTIONS
-------
There are a couple important notes about previously-supported options.
* --allow-dns-alt-names:
In order to sign certificates with subject alternative names using
`puppetserver ca sign`, the `allow-subject-alt-names` setting must be
set to true in the `certificate-authority` section of Puppet Server's
config.
* --allow-authorization-extensions:
In order to sign certificates with authorization extensions using
`puppetserver ca sign`, the `allow-authorization-extensions` setting must be
set to true in the `certificate-authority` section of Puppet Server's
config.
[root@localhost signed]# puppetserver ca list
Fatal error when running action 'list'
Error: Failed connecting to https://server.itzgeek.local:8140/puppet-ca/v1/certificate_statuses/any_key
Root cause: Failed to open TCP connection to server.itzgeek.local:8140 (Connection refused - connect(2) for "server.itzgeek.local" port 8140)
[root@localhost signed]# puppet agent --test
Warning: Unable to fetch my node definition, but the agent run will continue:
Warning: Failed to open TCP connection to server.itzgeek.local:8140 (Connection refused - connect(2) for "server.itzgeek.local" port 8140)
Info: Retrieving pluginfacts
Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Failed to generate additional resources using 'eval_generate': Failed to open TCP connection to server.itzgeek.local:8140 (Connection refused - connect(2) for "server.itzgeek.local" port 8140)
Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Could not evaluate: Could not retrieve file metadata for puppet:///pluginfacts: Failed to open TCP connection to server.itzgeek.local:8140 (Connection refused - connect(2) for "server.itzgeek.local" port 8140)
Info: Retrieving plugin
Error: /File[/opt/puppetlabs/puppet/cache/lib]: Failed to generate additional resources using 'eval_generate': Failed to open TCP connection to server.itzgeek.local:8140 (Connection refused - connect(2) for "server.itzgeek.local" port 8140)
Error: /File[/opt/puppetlabs/puppet/cache/lib]: Could not evaluate: Could not retrieve file metadata for puppet:///plugins: Failed to open TCP connection to server.itzgeek.local:8140 (Connection refused - connect(2) for "server.itzgeek.local" port 8140)
Error: Could not retrieve catalog from remote server: Failed to open TCP connection to server.itzgeek.local:8140 (Connection refused - connect(2) for "server.itzgeek.local" port 8140)
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Error: Could not send report: Failed to open TCP connection to server.itzgeek.local:8140 (Connection refused - connect(2) for "server.itzgeek.local" port 8140)
[root@localhost signed]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:8140
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@localhost signed]# service iptables stop
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
[root@localhost signed]# puppet agent --test
Warning: Unable to fetch my node definition, but the agent run will continue:
Warning: Failed to open TCP connection to server.itzgeek.local:8140 (Connection refused - connect(2) for "server.itzgeek.local" port 8140)
Info: Retrieving pluginfacts
Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Failed to generate additional resources using 'eval_generate': Failed to open TCP connection to server.itzgeek.local:8140 (Connection refused - connect(2) for "server.itzgeek.local" port 8140)
Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Could not evaluate: Could not retrieve file metadata for puppet:///pluginfacts: Failed to open TCP connection to server.itzgeek.local:8140 (Connection refused - connect(2) for "server.itzgeek.local" port 8140)
Info: Retrieving plugin
Error: /File[/opt/puppetlabs/puppet/cache/lib]: Failed to generate additional resources using 'eval_generate': Failed to open TCP connection to server.itzgeek.local:8140 (Connection refused - connect(2) for "server.itzgeek.local" port 8140)
Error: /File[/opt/puppetlabs/puppet/cache/lib]: Could not evaluate: Could not retrieve file metadata for puppet:///plugins: Failed to open TCP connection to server.itzgeek.local:8140 (Connection refused - connect(2) for "server.itzgeek.local" port 8140)
Error: Could not retrieve catalog from remote server: Failed to open TCP connection to server.itzgeek.local:8140 (Connection refused - connect(2) for "server.itzgeek.local" port 8140)
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Error: Could not send report: Failed to open TCP connection to server.itzgeek.local:8140 (Connection refused - connect(2) for "server.itzgeek.local" port 8140)
[root@localhost signed]# ps aux | grep puppet
root 31598 0.0 0.0 103332 852 pts/1 S+ 14:21 0:00 grep puppet
[root@localhost signed]# telnet server.itzgeek.local 8140
Trying 192.168.45.133...
telnet: connect to address 192.168.45.133: Connection refused
[root@localhost signed]# service puppetserver start
Starting puppetserver: [ OK ]
[root@localhost signed]# puppet cert sign server.itzgeek.local
This command is no longer functional, please use `puppetserver ca` instead.
puppet-cert(8) -- Manage certificates and requests (Disabled)
========
ACTIONS
-------
Every action except 'list' and 'generate' requires a hostname to act on,
unless the '--all' option is set.
* clean:
Use `puppetserver ca clean --certname NAME[,NAME...]`
* fingerprint:
Use openssl directly:
`openssl x509 -noout -fingerprint -<digest> -inform pem -in certificate.crt`
* generate:
Use `puppetserver ca generate --certname NAME[,NAME...]`
* list:
Use `puppetserver ca list [--all]`
* print:
Use openssl directly:
`openssl x509 -noout -text -in certificate.pem`
* revoke:
Use `puppetserver ca revoke --certname NAME[,NAME...]`
* sign:
Use `puppetserver ca sign --certname NAME[,NAME...]`
* verify:
Use `puppet ssl verify [--certname NAME]`
* reinventory:
Removed.
OPTIONS
-------
There are a couple important notes about previously-supported options.
* --allow-dns-alt-names:
In order to sign certificates with subject alternative names using
`puppetserver ca sign`, the `allow-subject-alt-names` setting must be
set to true in the `certificate-authority` section of Puppet Server's
config.
* --allow-authorization-extensions:
In order to sign certificates with authorization extensions using
`puppetserver ca sign`, the `allow-authorization-extensions` setting must be
set to true in the `certificate-authority` section of Puppet Server's
config.
[root@localhost signed]# puppetserver ca list
No certificates to list
[root@localhost signed]# puppetserver ca sign client.itzgeek.local
Error:
Unknown input `client.itzgeek.local`
No arguments given
Usage:
puppetserver ca sign [--help]
puppetserver ca sign [--config] --certname NAME[,NAME]
puppetserver ca sign --all
Description:
Given a comma-separated list of valid certnames, instructs the CA to sign
each cert.
Options:
--certname NAME[,NAME] the name(s) of the cert(s) to be signed
--config CONF Custom path to Puppet's config file
--help Display this command-specific help output
--all Operate on all certnames
[root@localhost signed]# puppet cert sign client.itzgeek.local
This command is no longer functional, please use `puppetserver ca` instead.
puppet-cert(8) -- Manage certificates and requests (Disabled)
========
ACTIONS
-------
Every action except 'list' and 'generate' requires a hostname to act on,
unless the '--all' option is set.
* clean:
Use `puppetserver ca clean --certname NAME[,NAME...]`
* fingerprint:
Use openssl directly:
`openssl x509 -noout -fingerprint -<digest> -inform pem -in certificate.crt`
* generate:
Use `puppetserver ca generate --certname NAME[,NAME...]`
* list:
Use `puppetserver ca list [--all]`
* print:
Use openssl directly:
`openssl x509 -noout -text -in certificate.pem`
* revoke:
Use `puppetserver ca revoke --certname NAME[,NAME...]`
* sign:
Use `puppetserver ca sign --certname NAME[,NAME...]`
* verify:
Use `puppet ssl verify [--certname NAME]`
* reinventory:
Removed.
OPTIONS
-------
There are a couple important notes about previously-supported options.
* --allow-dns-alt-names:
In order to sign certificates with subject alternative names using
`puppetserver ca sign`, the `allow-subject-alt-names` setting must be
set to true in the `certificate-authority` section of Puppet Server's
config.
* --allow-authorization-extensions:
In order to sign certificates with authorization extensions using
`puppetserver ca sign`, the `allow-authorization-extensions` setting must be
set to true in the `certificate-authority` section of Puppet Server's
config.
[root@localhost signed]# puppetserver ca list
Requested Certificates:
client.itzgeek.local (SHA256) 6E:72:96:CA:E2:A7:B5:31:24:AE:70:85:4B:93:90:2E:E6:9A:E3:C1:21:40:0E:E1:DD:C0:1C:17:D1:6D:40:55
[root@localhost signed]# yum --enablerepo=puppetlabs,ruby,epel install puppet-dashboard
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Install Process
Loading mirror speeds from cached hostfile
* base: centos.excellmedia.net
* extras: centos.excellmedia.net
* updates: centos.excellmedia.net
Nothing to do
[root@localhost signed]# service puppet-dashboard start
Starting Puppet Dashboard: => Booting WEBrick
=> Rails 2.3.12 application starting on http://0.0.0.0:3000
[FAILED]
[root@localhost signed]# service puppet-dashboard restart
Stopping Puppet Dashboard: [ OK ]
Starting Puppet Dashboard: => Booting WEBrick
=> Rails 2.3.12 application starting on http://0.0.0.0:3000
[FAILED]
[root@localhost signed]#
[root@localhost Desktop]# puppetserver ca list
Fatal error when running action 'list'
Error: Failed connecting to https://puppet:8140/puppet-ca/v1/certificate_statuses/any_key
Root cause: Failed to open TCP connection to puppet:8140 (getaddrinfo: Temporary failure in name resolution)
[root@localhost Desktop]# iptables -I INPUT -p tcp -m tcp --dport 8140 -j ACCEPT
[root@localhost Desktop]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
[root@localhost Desktop]# service iptables restart
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
iptables: Applying firewall rules: [ OK ]
[root@localhost Desktop]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:8140
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@localhost Desktop]# puppetserver ca listFatal error when running action 'list'
Error: Failed connecting to https://puppet:8140/puppet-ca/v1/certificate_statuses/any_key
Root cause: Failed to open TCP connection to puppet:8140 (getaddrinfo: Temporary failure in name resolution)
[root@localhost Desktop]# service ip6tables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT all ::/0 ::/0 state RELATED,ESTABLISHED
2 ACCEPT icmpv6 ::/0 ::/0
3 ACCEPT all ::/0 ::/0
4 ACCEPT udp ::/0 fe80::/64 state NEW udp dpt:546
5 ACCEPT tcp ::/0 ::/0 state NEW tcp dpt:22
6 REJECT all ::/0 ::/0 reject-with icmp6-adm-prohibited
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
1 REJECT all ::/0 ::/0 reject-with icmp6-adm-prohibited
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
[root@localhost Desktop]# service ip6tables stop
ip6tables: Setting chains to policy ACCEPT: filter [ OK ]
ip6tables: Flushing firewall rules: [ OK ]
ip6tables: Unloading modules: [ OK ]
[root@localhost Desktop]# chkconfig ip6tables off
[root@localhost Desktop]# puppetserver ca list
Fatal error when running action 'list'
Error: Failed connecting to https://puppet:8140/puppet-ca/v1/certificate_statuses/any_key
Root cause: Failed to open TCP connection to puppet:8140 (getaddrinfo: Temporary failure in name resolution)
[root@localhost Desktop]# vi /etc/hosts
[root@localhost Desktop]# hostname puppet
[root@localhost Desktop]# puppetserver ca list
Fatal error when running action 'list'
Error: Could not find 'hostcert' at '/etc/puppetlabs/puppet/ssl/certs/puppet.localdomain.pem'
[root@localhost Desktop]# yum install http://dl.marmotte.net/rpms/redhat/el6/x86_64/puppet-dashboard-1.2.5-1.el6/puppet-dashboard-1.2.5-1.el6.noarch.rpm
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Install Process
puppet-dashboard-1.2.5-1.el6.noarch.rpm | 4.8 MB 00:03
Examining /var/tmp/yum-root-biHpBz/puppet-dashboard-1.2.5-1.el6.noarch.rpm: puppet-dashboard-1.2.5-1.el6.noarch
Marking /var/tmp/yum-root-biHpBz/puppet-dashboard-1.2.5-1.el6.noarch.rpm to be installed
Loading mirror speeds from cached hostfile
* base: centos.excellmedia.net
* extras: centos.excellmedia.net
* updates: centos.excellmedia.net
Resolving Dependencies
--> Running transaction check
---> Package puppet-dashboard.noarch 0:1.2.5-1.el6 will be installed
-->Processing Dependency: ruby-mysql for package: puppet-dashboard-1.2.5-1.el6.noarch
--> Processing Dependency: rubygem(rake) for package: puppet-dashboard-1.2.5-1.el6.noarch
--> Running transaction check
---> Package puppet-dashboard.noarch 0:1.2.5-1.el6 will be installed
-->Processing Dependency: ruby-mysql for package: puppet-dashboard-1.2.5-1.el6.noarch
---> Package rubygem-rake.noarch 0:0.8.7-2.1.el6 will be installed
--> Finished Dependency Resolution
Error: Package: puppet-dashboard-1.2.5-1.el6.noarch (/puppet-dashboard-1.2.5-1.el6.noarch)
Requires: ruby-mysql
You could try using --skip-broken to work around the problem
You could try running: rpm -Va --nofiles --nodigest
[root@localhost Desktop]# yum install http://dl.marmotte.net/rpms/redhat/el6/x86_64/puppet-dashboard-1.2.5-1.el6/puppet-dashboard-1.2.5-1.el6.noarch.rpm ruby-mysql
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Install Process
puppet-dashboard-1.2.5-1.el6.noarch.rpm | 4.8 MB 00:01
Examining /var/tmp/yum-root-biHpBz/puppet-dashboard-1.2.5-1.el6.noarch.rpm: puppet-dashboard-1.2.5-1.el6.noarch
Marking /var/tmp/yum-root-biHpBz/puppet-dashboard-1.2.5-1.el6.noarch.rpm to be installed
Loading mirror speeds from cached hostfile
* base: centos.excellmedia.net
* extras: centos.excellmedia.net
* updates: centos.excellmedia.net
No package ruby-mysql available.
Resolving Dependencies
--> Running transaction check
---> Package puppet-dashboard.noarch 0:1.2.5-1.el6 will be installed
-->Processing Dependency: ruby-mysql for package: puppet-dashboard-1.2.5-1.el6.noarch
--> Processing Dependency: rubygem(rake) for package: puppet-dashboard-1.2.5-1.el6.noarch
--> Running transaction check
---> Package puppet-dashboard.noarch 0:1.2.5-1.el6 will be installed
-->Processing Dependency: ruby-mysql for package: puppet-dashboard-1.2.5-1.el6.noarch
---> Package rubygem-rake.noarch 0:0.8.7-2.1.el6 will be installed
--> Finished Dependency Resolution
Error: Package: puppet-dashboard-1.2.5-1.el6.noarch (/puppet-dashboard-1.2.5-1.el6.noarch)
Requires: ruby-mysql
You could try using --skip-broken to work around the problem
You could try running: rpm -Va --nofiles --nodigest
[root@localhost Desktop]# yum install http://dl.marmotte.net/rpms/redhat/el6/x86_64/puppet-dashboard-1.2.5-1.el6/puppet-dashboard-1.2.5-1.el6.noarch.rpm http://download-ib01.fedoraproject.org/pub/epel/6/x86_64/Packages/r/ruby-mysql-2.8.2-1.el6.x86_64.rpm
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Install Process
puppet-dashboard-1.2.5-1.el6.noarch.rpm | 4.8 MB 00:01
Examining /var/tmp/yum-root-biHpBz/puppet-dashboard-1.2.5-1.el6.noarch.rpm: puppet-dashboard-1.2.5-1.el6.noarch
Marking /var/tmp/yum-root-biHpBz/puppet-dashboard-1.2.5-1.el6.noarch.rpm to be installed
Loading mirror speeds from cached hostfile
* base: centos.excellmedia.net
* extras: centos.excellmedia.net
* updates: centos.excellmedia.net
ruby-mysql-2.8.2-1.el6.x86_64.rpm | 45 kB 00:00
Examining /var/tmp/yum-root-biHpBz/ruby-mysql-2.8.2-1.el6.x86_64.rpm: ruby-mysql-2.8.2-1.el6.x86_64
Marking /var/tmp/yum-root-biHpBz/ruby-mysql-2.8.2-1.el6.x86_64.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package puppet-dashboard.noarch 0:1.2.5-1.el6 will be installed
--> Processing Dependency: rubygem(rake) for package: puppet-dashboard-1.2.5-1.el6.noarch
---> Package ruby-mysql.x86_64 0:2.8.2-1.el6 will be installed
--> Running transaction check
---> Package rubygem-rake.noarch 0:0.8.7-2.1.el6 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
puppet-dashboard
noarch 1.2.5-1.el6 /puppet-dashboard-1.2.5-1.el6.noarch 82 M
ruby-mysql x86_64 2.8.2-1.el6 /ruby-mysql-2.8.2-1.el6.x86_64 143 k
Installing for dependencies:
rubygem-rake noarch 0.8.7-2.1.el6 base 404 k
Transaction Summary
================================================================================
Install 3 Package(s)
Total size: 83 M
Total download size: 404 k
Installed size: 84 M
Is this ok [y/N]: y
Downloading Packages:
rubygem-rake-0.8.7-2.1.el6.noarch.rpm | 404 kB 00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : ruby-mysql-2.8.2-1.el6.x86_64 1/3
Installing : rubygem-rake-0.8.7-2.1.el6.noarch 2/3
Installing : puppet-dashboard-1.2.5-1.el6.noarch 3/3
Verifying : rubygem-rake-0.8.7-2.1.el6.noarch 1/3
Verifying : puppet-dashboard-1.2.5-1.el6.noarch 2/3
Verifying : ruby-mysql-2.8.2-1.el6.x86_64 3/3
Installed:
puppet-dashboard.noarch 0:1.2.5-1.el6 ruby-mysql.x86_64 0:2.8.2-1.el6
Dependency Installed:
rubygem-rake.noarch 0:0.8.7-2.1.el6
Complete!
[root@localhost Desktop]# puppet agent -t
Warning: Unable to fetch my node definition, but the agent run will continue:
Warning: certificate verify failed [unable to get local issuer certificate for CN=puppet.localdomain]
Info: Retrieving pluginfacts
Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Failed to generate additional resources using 'eval_generate': certificate verify failed [unable to get local issuer certificate for CN=puppet.localdomain]
Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Could not evaluate: Could not retrieve file metadata for puppet:///pluginfacts: certificate verify failed [unable to get local issuer certificate for CN=puppet.localdomain]
Info: Retrieving plugin
Error: /File[/opt/puppetlabs/puppet/cache/lib]: Failed to generate additional resources using 'eval_generate': certificate verify failed [unable to get local issuer certificate for CN=puppet.localdomain]
Error: /File[/opt/puppetlabs/puppet/cache/lib]: Could not evaluate: Could not retrieve file metadata for puppet:///plugins: certificate verify failed [unable to get local issuer certificate for CN=puppet.localdomain]
Error: Could not retrieve catalog from remote server: certificate verify failed [unable to get local issuer certificate for CN=puppet.localdomain]
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Error: Could not send report: certificate verify failed [unable to get local issuer certificate for CN=puppet.localdomain]
You have mail in /var/spool/mail/root
[root@localhost Desktop]# hostname -f
server.itzgeek.local
[root@localhost Desktop]# source /etc/profile.d/puppet-agent.sh
[root@localhost Desktop]# puppetserver ca list
Fatal error when running action 'list'
Error: Failed connecting to https://server.itzgeek.local:8140/puppet-ca/v1/certificate_statuses/any_key
Root cause: SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate)
[root@localhost Desktop]# puppet resource service puppetmaster ensure=running enable=true
Error: Could not start Service[puppetmaster]: Execution of '/sbin/service puppetmaster start' returned 1: puppetmaster: unrecognized service
Error: /Service[puppetmaster]/ensure: change from 'stopped' to 'running' failed: Could not start Service[puppetmaster]: Execution of '/sbin/service puppetmaster start' returned 1: puppetmaster: unrecognized service
service { 'puppetmaster':
ensure => 'stopped',
enable => 'false',
}
[root@localhost Desktop]# puppet resource service puppetserver ensure=running enable=true
service { 'puppetserver':
ensure => 'running',
enable => 'true',
}
[root@localhost Desktop]# gem install rack passenger
ERROR: Error installing rack:
rack requires Ruby version >= 2.2.2.
ERROR: Error installing passenger:
rack requires Ruby version >= 2.2.2.
[root@localhost Desktop]# passenger–install–apache2–module^C
[root@localhost Desktop]# vim/etc/httpd/conf.d/puppetmaster.conf
bash: vim/etc/httpd/conf.d/puppetmaster.conf: No such file or directory
[root@localhost Desktop]# vim /etc/httpd/conf.d/puppetmaster.conf
[root@localhost Desktop]# /etc/init.d/puppetmasterd stop
bash: /etc/init.d/puppetmasterd: No such file or directory
[root@localhost Desktop]# /etc/init.d/httpd start
Starting httpd:
[root@localhost Desktop]# /etc/init.d/puppetserver stop
Stopping puppetserver: [ OK ]
[root@localhost Desktop]# /etc/init.d/httpd start
Starting httpd:
[root@localhost Desktop]# netstat–ln|grep8140
bash: grep8140: command not found
bash: netstat–ln: command not found
[root@localhost Desktop]# netstat –ln|grep 8140
usage: netstat [-veenNcCF] [<Af>] -r netstat {-V|--version|-h|--help}
netstat [-vnNcaeol] [<Socket> ...]
netstat { [-veenNac] -I[<Iface>] | [-veenNac] -i | [-cnNe] -M | -s } [delay]
-r, --route display routing table
-I, --interfaces=<Iface> display interface table for <Iface>
-i, --interfaces display interface table
-g, --groups display multicast group memberships
-s, --statistics display networking statistics (like SNMP)
-M, --masquerade display masqueraded connections
-v, --verbose be verbose
-n, --numeric don't resolve names
--numeric-hosts don't resolve host names
--numeric-ports don't resolve port names
--numeric-users don't resolve user names
-N, --symbolic resolve hardware names
-e, --extend display other/more information
-p, --programs display PID/Program name for sockets
-c, --continuous continuous listing
-l, --listening display listening server sockets
-a, --all, --listening display all sockets (default: connected)
-o, --timers display timers
-F, --fib display Forwarding Information Base (default)
-C, --cache display routing cache instead of FIB
-T, --notrim stop trimming long addresses
-Z, --context display SELinux security context for sockets
<Iface>: Name of interface to monitor/list.
<Socket>={-t|--tcp} {-u|--udp} {-S|--sctp} {-w|--raw} {-x|--unix} --ax25 --ipx --netrom
<AF>=Use '-A <af>' or '--<af>'; default: inet
List of possible address families (which support routing):
inet (DARPA Internet) inet6 (IPv6) ax25 (AMPR AX.25)
netrom (AMPR NET/ROM) ipx (Novell IPX) ddp (Appletalk DDP)
x25 (CCITT X.25)
[root@localhost Desktop]# netstat |grep 8140
[root@localhost Desktop]# puppet cert list
This command is no longer functional, please use `puppetserver ca` instead.
puppet-cert(8) -- Manage certificates and requests (Disabled)
========
ACTIONS
-------
Every action except 'list' and 'generate' requires a hostname to act on,
unless the '--all' option is set.
* clean:
Use `puppetserver ca clean --certname NAME[,NAME...]`
* fingerprint:
Use openssl directly:
`openssl x509 -noout -fingerprint -<digest> -inform pem -in certificate.crt`
* generate:
Use `puppetserver ca generate --certname NAME[,NAME...]`
* list:
Use `puppetserver ca list [--all]`
* print:
Use openssl directly:
`openssl x509 -noout -text -in certificate.pem`
* revoke:
Use `puppetserver ca revoke --certname NAME[,NAME...]`
* sign:
Use `puppetserver ca sign --certname NAME[,NAME...]`
* verify:
Use `puppet ssl verify [--certname NAME]`
* reinventory:
Removed.
OPTIONS
-------
There are a couple important notes about previously-supported options.
* --allow-dns-alt-names:
In order to sign certificates with subject alternative names using
`puppetserver ca sign`, the `allow-subject-alt-names` setting must be
set to true in the `certificate-authority` section of Puppet Server's
config.
* --allow-authorization-extensions:
In order to sign certificates with authorization extensions using
`puppetserver ca sign`, the `allow-authorization-extensions` setting must be
set to true in the `certificate-authority` section of Puppet Server's
config.
[root@localhost Desktop]# puppet master options
Error: Unknown Puppet subcommand 'master'
See 'puppet help' for help on available puppet subcommands
[root@localhost Desktop]# puppet server options
Error: Unknown Puppet subcommand 'server'
See 'puppet help' for help on available puppet subcommands
[root@localhost Desktop]# puppet help
Usage: puppet <subcommand> [options] <action> [options]
Available subcommands:
Common:
agent The puppet agent daemon
apply Apply Puppet manifests locally
config Interact with Puppet's settings.
help Display Puppet help.
lookup Interactive Hiera lookup
module Creates, installs and searches for modules on the Puppet Forge.
resource The resource abstraction layer shell
Specialized:
catalog Compile, save, view, and convert catalogs.
describe Display help about resource types
device Manage remote network devices
doc Generate Puppet references
epp Interact directly with the EPP template parser/renderer.
facts Retrieve and store facts.
filebucket Store and retrieve files in a filebucket
generate Generates Puppet code from Ruby definitions.
node View and manage node definitions.
parser Interact directly with the parser.
script Run a puppet manifests as a script without compiling a catalog
ssl Manage SSL keys and certificates for puppet SSL clients
See 'puppet help <subcommand><action>' for help on a specific subcommand action.
See 'puppet help <subcommand>' for help on a specific subcommand.
Puppet v6.7.2
[root@localhost Desktop]# puppet master options
Error: Unknown Puppet subcommand 'master'
See 'puppet help' for help on available puppet subcommands
[root@localhost Desktop]# ps aux | grep puppet
puppet 31630 66.0 25.9 4341364 1013616 ? Sl 14:22 2:11 /usr/bin/java -Xms2g -Xmx2g -Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger -Djava.security.egd=file:/dev/urandom -XX:OnOutOfMemoryError=kill -9 %p -cp /opt/puppetlabs/server/apps/puppetserver/puppet-server-release.jar:/opt/puppetlabs/server/data/puppetserver/jars/* clojure.main -m puppetlabs.trapperkeeper.main --config /etc/puppetlabs/puppetserver/conf.d --bootstrap-config /etc/puppetlabs/puppetserver/services.d/,/opt/puppetlabs/server/apps/puppetserver/config/services.d/ --restart-file /opt/puppetlabs/server/data/puppetserver/restartcounter
root 32057 0.0 0.0 103332 852 pts/2 S+ 14:25 0:00 grep puppet
[root@localhost Desktop]#
login as: root
root@192.168.45.134's password:
[root@localhost ~]# rpm -ivh https://yum.puppetlabs.com/puppet-release-el-6.noarch.rpm
Retrieving https://yum.puppetlabs.com/puppet-release-el-6.noarch.rpm
warning: /var/tmp/rpm-tmp.YYcGuK: Header V4 RSA/SHA256 Signature, key ID ef8d349f: NOKEY
Preparing... ########################################### [100%]
1:puppet-release ########################################### [100%]
[root@localhost ~]# yum install -y puppet-agent
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Install Process
Determining fastest mirrors
* base: centos.mirrors.estointernet.in
* extras: centos.mirrors.estointernet.in
* updates: centos.mirrors.estointernet.in
puppet | 2.5 kB 00:00
puppet/primary_db | 147 kB 00:00
Resolving Dependencies
--> Running transaction check
---> Package puppet-agent.x86_64 0:6.7.2-1.el6 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
puppet-agent x86_64 6.7.2-1.el6 puppet 24 M
Transaction Summary
================================================================================
Install 1 Package(s)
Total download size: 24 M
Installed size: 101 M
Downloading Packages:
puppet-agent-6.7.2-1.el6.x86_64.rpm | 24 MB 00:07
warning: rpmts_HdrFromFdno: Header V4 RSA/SHA256 Signature, key ID ef8d349f: NOKEY
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-puppet-release
Importing GPG key 0xEF8D349F:
Userid : Puppet, Inc. Release Key (Puppet, Inc. Release Key) <release@puppet.com>
Package: puppet-release-1.0.0-7.el6.noarch (installed)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-puppet-release
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Warning: RPMDB altered outside of yum.
Installing : puppet-agent-6.7.2-1.el6.x86_64 1/1
Verifying : puppet-agent-6.7.2-1.el6.x86_64 1/1
Installed:
puppet-agent.x86_64 0:6.7.2-1.el6
Complete!
[root@localhost ~]# puppet resource service puppet ensure=running enable=true
-bash: puppet: command not found
[root@localhost ~]# service puppet-agent status
puppet-agent: unrecognized service
[root@localhost ~]# service puppet status
puppet is stopped
[root@localhost ~]# service puppet start
Starting puppet agent: [ OK ]
[root@localhost ~]# puppet resource service puppet ensure=running enable=true
-bash: puppet: command not found
[root@localhost ~]# puppetserver ca listpuppetserver ca list
-bash: puppetserver: command not found
[root@localhost ~]# puppetserver ca list
-bash: puppetserver: command not found
[root@localhost ~]# vi /etc/puppetlabs/puppet/puppet.conf
[root@localhost ~]# puppetserver ca list
-bash: puppetserver: command not found
[root@localhost ~]# yum install telnet
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Install Process
Loading mirror speeds from cached hostfile
* base: centos.mirrors.estointernet.in
* extras: centos.mirrors.estointernet.in
* updates: centos.mirrors.estointernet.in
Resolving Dependencies
--> Running transaction check
---> Package telnet.x86_64 1:0.17-48.el6 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
telnet x86_64 1:0.17-48.el6 base 58 k
Transaction Summary
================================================================================
Install 1 Package(s)
Total download size: 58 k
Installed size: 109 k
Is this ok [y/N]: y
Downloading Packages:
telnet-0.17-48.el6.x86_64.rpm | 58 kB 00:00
warning: rpmts_HdrFromFdno: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEY
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
Importing GPG key 0xC105B9DE:
Userid : CentOS-6 Key (CentOS 6 Official Signing Key) <centos-6-key@centos.org>
Package: centos-release-6-9.el6.12.3.x86_64 (@anaconda-CentOS-201703281317.x86_64/6.9)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
Is this ok [y/N]: y
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : 1:telnet-0.17-48.el6.x86_64 1/1
Verifying : 1:telnet-0.17-48.el6.x86_64 1/1
Installed:
telnet.x86_64 1:0.17-48.el6
Complete!
[root@localhost ~]# service iptables of
Usage: iptables {start|stop|reload|restart|condrestart|status|panic|save}
[root@localhost ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
4 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
5 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
1 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
[root@localhost ~]# service iptables stop
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
[root@localhost ~]# service iptables save
iptables: Nothing to save. [WARNING]
[root@localhost ~]# chkconfig iptables off
[root@localhost ~]# chkconfig ip6tables off
[root@localhost ~]# getenforce
Enforcing
[root@localhost ~]# setenforce 0
[root@localhost ~]# vi /etc/selinux/config
[root@localhost ~]# vi /etc/hosts
[root@localhost ~]# telnet server.itzgeek.local 8140
telnet: server.itzgeek.local: Name or service not known
server.itzgeek.local: Unknown host
[root@localhost ~]# telnet server.itzgeek.local 8140^C
[root@localhost ~]# vi /etc/hosts
[root@localhost ~]# telnet server.itzgeek.local 8140
Trying 192.168.45.133...
Connected to server.itzgeek.local.
Escape character is '^]'.
Connection closed by foreign host.
[root@localhost ~]# puppet agent -t
-bash: puppet: command not found
[root@localhost ~]# puppet agent --t
-bash: puppet: command not found
[root@localhost ~]# puppet-agent --t
-bash: puppet-agent: command not found
[root@localhost ~]# server.itzgeek.local /opt/puppetlabs/bin/puppet agent -t
-bash: server.itzgeek.local: command not found
[root@localhost ~]# /opt/puppetlabs/bin/puppet agent -t
Error: Could not run: Another puppet instance is already running; exiting
[root@localhost ~]# service puppet status
puppet (pid 3088) is running...
[root@localhost ~]# service puppet stop
Stopping puppet agent: [ OK ]
[root@localhost ~]# /opt/puppetlabs/bin/puppet agent -t
Info: Downloaded certificate for ca from server.itzgeek.local
Error: certificate verify failed [unable to get local issuer certificate for CN=puppet.localdomain]
Error: Could not run: certificate verify failed [unable to get local issuer certificate for CN=puppet.localdomain]
[root@localhost ~]# /opt/puppetlabs/bin/puppetserver ca list
-bash: /opt/puppetlabs/bin/puppetserver: No such file or directory
[root@localhost ~]# puppet agent --test
-bash: puppet: command not found
[root@localhost ~]# /opt/puppetlabs/bin/puppet agent -test
Error: Could not parse application options: ambiguous option: -est
[root@localhost ~]# /opt/puppetlabs/bin/puppet agent --test
Error: certificate verify failed [unable to get local issuer certificate for CN=puppet.localdomain]
Error: Could not run: certificate verify failed [unable to get local issuer certificate for CN=puppet.localdomain]
[root@localhost ~]# telnet server.itzgeek.local 8140
Trying 192.168.45.133...
telnet: connect to address 192.168.45.133: Connection refused
[root@localhost ~]# telnet server.itzgeek.local 8140
Trying 192.168.45.133...
telnet: connect to address 192.168.45.133: Connection refused
[root@localhost ~]# telnet server.itzgeek.local 8140
Trying 192.168.45.133...
Connected to server.itzgeek.local.
Escape character is '^]'.
Connection closed by foreign host.
[root@localhost ~]# /opt/puppetlabs/bin/puppet agent --test
Info: Downloaded certificate revocation list for ca from server.itzgeek.local
Info: Creating a new RSA SSL key for client.itzgeek.local
Info: csr_attributes file loading from /etc/puppetlabs/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for client.itzgeek.local
Info: Certificate Request fingerprint (SHA256): 6E:72:96:CA:E2:A7:B5:31:24:AE:70:85:4B:93:90:2E:E6:9A:E3:C1:21:40:0E:E1:DD:C0:1C:17:D1:6D:40:55
Info: Certificate for client.itzgeek.local has not been signed yet
Couldn't fetch certificate from CA server; you might still need to sign this agent's certificate (client.itzgeek.local).
Exiting now because the waitforcert setting is set to 0.
Comments
Post a Comment