I dont know if i am doing something wrong, but i am trying to get puppetdb working with puppet opensource. the way i have it set up is i have a master and puppetdb in my datacenter, then each one of my customers has there own master in their datacenter's (I am a service provider). My master, and each master at each customer sends reports to puppetdb. But when an agent reporting to the master at their custoemr errors out.
Puppet Master Error:
[puppetserver] Puppet Error connecting to dev-puppetdb02 on 8081 at route /pdb/cmd/v1?checksum=9d4d14b78c66d7576792c4830cc12c1d4e622335&version=8&certname=dev-dc02.dev.local&command=store_report, error message received was 'Error executing http request'. Failing over to the next PuppetDB server_url in the 'server_urls' list
in the puppetserver.log
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
My CA Set up:
The puppet master in my DC is a ca, then each master at each customer is a CA as well, just for their nodes.
My PuppetDB setup:
node dev-puppetdb02 {
class { 'puppetdb':
manage_firewall => true,
open_listen_port => '0.0.0.0',
open_ssl_listen_port => '0.0.0.0',
listen_address => '0.0.0.0',
certificate_whitelist_file => "/etc/puppetlabs/puppetdb/certificate-whitelist",
certificate_whitelist => [ 'dev-puppet01.dev.local', 'dev-ops-slave02.dev.local'],
}
}
Things i have Tested
I can telnet from the slave master to the puppetdb and back from puppetdb to the slave master
↧
