Created
February 25, 2013 18:50
-
-
Save jrmoserbaltimore/5032213 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ]# puppet agent --test --verbose | |
| Warning: Unable to fetch my node definition, but the agent run will continue: | |
| Warning: Error 403 on SERVER: Forbidden request: localhost(127.0.0.1) access to /node/hq-puppet.sbgnet.com [find] at :131 | |
| Info: Retrieving plugin | |
| Error: /File[/var/lib/puppet/lib]: Failed to generate additional resources using 'eval_generate: Error 403 on SERVER: Forbidden request: localhost(127.0.0.1) access to /file_metadata/plugins [search] at :131 | |
| Error: /File[/var/lib/puppet/lib]: Could not evaluate: Error 403 on SERVER: Forbidden request: localhost(127.0.0.1) access to /file_metadata/plugins [find] at :131 Could not retrieve file metadata for puppet://hq-puppet.sbgnet.com/plugins: Error 403 on SERVER: Forbidden request: localhost(127.0.0.1) access to /file_metadata/plugins [find] at :131 | |
| Info: Loading facts in /etc/puppet/modules/percona/lib/facter/mysql_facts.rb | |
| Info: Loading facts in /etc/puppet/modules/percona/lib/facter/meminbytes.rb | |
| Info: Loading facts in /etc/puppet/modules/epel/lib/facter/os_maj_version.rb | |
| Info: Loading facts in /etc/puppet/modules/firewall/lib/facter/iptables.rb | |
| Info: Loading facts in /etc/puppet/modules/postgresql/lib/facter/postgres_default_version.rb | |
| Info: Loading facts in /etc/puppet/modules/stdlib/lib/facter/puppet_vardir.rb | |
| Info: Loading facts in /etc/puppet/modules/stdlib/lib/facter/pe_version.rb | |
| Info: Loading facts in /etc/puppet/modules/stdlib/lib/facter/root_home.rb | |
| Info: Loading facts in /var/lib/puppet/lib/facter/puppet_vardir.rb | |
| Info: Loading facts in /var/lib/puppet/lib/facter/root_home.rb | |
| Info: Loading facts in /var/lib/puppet/lib/facter/mysql_facts.rb | |
| Info: Loading facts in /var/lib/puppet/lib/facter/iptables.rb | |
| Info: Loading facts in /var/lib/puppet/lib/facter/os_maj_version.rb | |
| Info: Loading facts in /var/lib/puppet/lib/facter/meminbytes.rb | |
| Info: Loading facts in /var/lib/puppet/lib/facter/pe_version.rb | |
| Info: Loading facts in /var/lib/puppet/lib/facter/postgres_default_version.rb | |
| Could not retrieve selinux: Invalid argument - /proc/self/attr/current | |
| Could not retrieve selinux: Invalid argument - /proc/self/attr/current | |
| Could not retrieve selinux: Invalid argument - /proc/self/attr/current | |
| Could not retrieve selinux: Invalid argument - /proc/self/attr/current | |
| Could not retrieve selinux: Invalid argument - /proc/self/attr/current | |
| Could not retrieve selinux: Invalid argument - /proc/self/attr/current | |
| Could not retrieve selinux: Invalid argument - /proc/self/attr/current | |
| Error: Could not retrieve catalog from remote server: Error 403 on SERVER: Forbidden request: localhost(127.0.0.1) access to /catalog/hq-puppet.sbgnet.com [find] at :131 | |
| Warning: Not using cache on failed catalog | |
| Error: Could not retrieve catalog; skipping run | |
| Error: Could not send report: Error 403 on SERVER: Forbidden request: localhost(127.0.0.1) access to /report/hq-puppet.sbgnet.com [save] at :131 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [main] | |
| logdir = /var/log/puppet | |
| vardir = /var/lib/puppet | |
| ssldir = $vardir/ssl | |
| rundir = /var/run/puppet | |
| modulepath = $confdir/environments/$environment/modules:$confdir/modules | |
| manifest = $confdir/manifests/unknown_environment.pp | |
| factpath=$vardir/lib/facter | |
| server=hq-puppet.example.com | |
| ca_name=Puppet CA hq-puppet.example.com | |
| [agent] | |
| environment=production | |
| # Environments, all using the same manifests dir | |
| [production] | |
| manifestdir = $confdir/environments/$environment/manifests | |
| templatedir = $confdir/environments/$environment/templates | |
| manifest = $confdir/environments/$environment/manifests/site.pp | |
| [dmz] | |
| manifestdir = $confdir/environments/$environment/manifests | |
| templatedir = $confdir/environments/$environment/templates | |
| manifest = $confdir/environments/$environment/manifests/site.pp | |
| [master] | |
| # These are needed when the puppetmaster is run by passenger | |
| # and can safely be removed if webrick is used. | |
| ssl_client_header = SSL_CLIENT_S_DN | |
| ssl_client_verify_header = SSL_CLIENT_VERIFY | |
| certname = hq-puppet.example.com |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| upstream puppetmaster_unicorn { | |
| server unix:/var/run/puppet/puppetmaster_unicorn.sock fail_timeout=0; | |
| } | |
| server { | |
| listen 8140; | |
| ssl on; | |
| ssl_session_timeout 5m; | |
| ssl_certificate /var/lib/puppet/ssl/certs/hq-puppet.example.com.pem; | |
| ssl_certificate_key /var/lib/puppet/ssl/private_keys/hq-puppet.example.com.pem; | |
| ssl_client_certificate /var/lib/puppet/ssl/ca/ca_crt.pem; | |
| ssl_ciphers SSLv3:-LOW:-EXPORT:RC4+RSA; | |
| ssl_verify_client optional; | |
| root /usr/share/empty; | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| proxy_set_header X-Client-Verify $ssl_client_verify; | |
| proxy_set_header X-Client-DN $ssl_client_s_dn; | |
| proxy_set_header X-SSL-Issuer $ssl_client_i_dn; | |
| proxy_read_timeout 120; | |
| location / { | |
| proxy_pass http://puppetmaster_unicorn; | |
| proxy_redirect off; | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| worker_processes 4 | |
| working_directory "/etc/puppet" | |
| listen '/var/run/puppet/puppetmaster_unicorn.sock', :backlog => 512 | |
| timeout 120 | |
| pid "/var/run/puppet/puppetmaster_unicorn.pid" | |
| preload_app true | |
| if GC.respond_to?(:copy_on_write_friendly=) | |
| GC.copy_on_write_friendly = true | |
| end | |
| before_fork do |server, worker| | |
| old_pid = "#{server.config[:pid]}.oldbin" | |
| if File.exists?(old_pid) && server.pid != old_pid | |
| begin | |
| Process.kill("QUIT", File.read(old_pid).to_i) | |
| rescue Errno::ENOENT, Errno::ESRCH | |
| # someone else did our job for us | |
| end | |
| end | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment