Re: Func 0.27 + Puppet

Filip Slunecko <filip.slunecko@xxxxxxxxx> · Wed, 6 Apr 2011 16:54:23 +0200

Thank you. Everything runs fine now.
Problem was at overlord certificate paths.

Filip

On Wed, Apr 6, 2011 at 3:58 PM, seth vidal <skvidal@xxxxxxxxxxxxxxxxx> wrote:

On Wed, 2011-04-06 at 12:27 +0200, Filip Slunecko wrote:

> Hi,

>

> I'm trying to unify puppet with func too, but I'm still getting this

> error:

>

> Error: [('SSL routines', 'SSL3_READ_BYTES', 'sslv3 alert bad

> certificate'), ('SSL routines', 'SSL3_READ_BYTES', 'ssl handshake

> failure')]

>

> Minion config

>

> [main]

> log_level = INFO

> acl_dir = /etc/func/minion-acl.d

>

> listen_addr =

> listen_port = 51234

> minion_name = test-machine.test.org

> method_log_dir = /var/log/func/methods/

> use_certmaster = False

>

> ca_file=/var/lib/puppet/ssl/certs/ca.pem

> cert_file=/var/lib/puppet/ssl/certs/test-machine.test.org.pem

> key_file=/var/lib/puppet/ssl/private_keys/test-machine.test.org.pem

> crl_location=/var/lib/puppet/ssl/crl.pem

>

> overlord.conf

>

> # configuration for overlord

>

> [main]

> socket_timeout = 0

> backend = conf

> group_db =

> puppet_minions = True

>

> Could you please guide me in the right way?

>

> Thank you

>

Here's a script I use to setup the minion configs properly.

http://skvidal.fedorapeople.org/misc/make-minion-conf.sh.txt

on the overlord side you'll need to specify the path to the puppet CA

certificates.

often they are

ca_file=/var/lib/puppet/ssl/ca/ca_crt.pem

key_file=/var/lib/puppet/ssl/ca/ca_dec_key.pem

cert_file=/var/lib/puppet/ssl/ca/ca_crt.pem

-sv

_______________________________________________
Func-list mailing list
Func-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/func-list