Puppet Setup File Permissions

Hello everyone.

I am trying to complete the task Puppet Setup File Permissions and after having followed several tutorials online I keep arriving at the same roadblock when trying to run puppet agent --test from the `Agent Node/App Server:

Error: The certificate for ‘CN=stapp03.stratos.xfusioncorp.com 1’ does not match its private key
Error: Could not run: The certificate for ‘CN=stapp03.stratos.xfusioncorp.com 1’ does not match its private key

Here are the task instructions:

- The Nautilus DevOps team has put data on all app servers in Stratos DC. `jump host` is configured as `Puppet master server`, and `all app servers are already been configured as Puppet agent nodes`. The team needs to update content of some of the existing files as well as update its permissions, etc. Please find below more details about the task:

- Create a Puppet programming file `games.pp` under `/etc/puppetlabs/code/environments/production/manifests` directory on `master node` i.e `Jump Server`. Using puppet `file resource`, perform the below mentioned tasks.

- File `beta.txt` already exists under `/opt/security` directory on `App Server 3`.

- Add content `Welcome to xFusionCorp Industries!` in file `beta.txt` on `App Server 3`.

- Set permissions `0655` for file `beta.txt` on `App Server 3`.

- Note: Please perform this task using `games.pp` only, `do not create any separate inventory file`.

When I ping both hosts from either server, the ping is successful:

ping jump_host.stratos.xfusioncorp.com

ping stapp03.stratos.xfusioncorp.com

I’m at a loss as I am completely new to Puppet.

Does anyone have any idea as to what could be wrong? Most of the tutorials that I have come across online are out of date with deprecated commands.

Thanks in advance to anyone who can help:-)

Have you tried sudo puppet agent --test? I think only the root user has the right certificate

Hi @francilio,

When I run sudo puppet agent --test I am now getting this error:

Warning: Unable to fetch my node definition, but the agent run will continue:Warning: bad component(expected host component): jump_host.stratos.xfusioncorp.comInfo: Retrieving pluginfactsError: /File[/opt/puppetlabs/puppet/cache/facts.d]: Failed to generate additional resources using 'eval_generate': bad component(expected host component): jump_host.stratos.xfusioncorp.comError: /File[/opt/puppetlabs/puppet/cache/facts.d]: Could not evaluate: Could not retrieve file metadata for puppet:///pluginfacts: bad component(expected host component): jump_host.stratos.xfusioncorp.comInfo: Retrieving pluginError: /File[/opt/puppetlabs/puppet/cache/lib]: Failed to generate additional resources using 'eval_generate': bad component(expected host component): jump_host.stratos.xfusioncorp.comError: /File[/opt/puppetlabs/puppet/cache/lib]: Could not evaluate: Could not retrieve file metadata for puppet:///plugins: bad component(expected host component): jump_host.stratos.xfusioncorp.com
Error: Could not retrieve catalog from remote server: bad component(expected host component): jump_host.stratos.xfusioncorp.com
Warning: Not using cache on failed catalogError: Could not retrieve catalog; skipping run
Error: Could not send report: bad component(expected host component): jump_host.stratos.xfusioncorp.co 

Thanks:-)

This is what I have added to /etc/puppetlabs/puppet/puppet.conf on my app server:

certname=stapp02.stratos.xfusioncorp.com

server=jump_host.stratos.xfusioncorp.com

PS - I am currently following along with this tutorial:

Update:

I have figured it out finally.

/etc/puppetlabs/puppet/puppet.conf should look like this:

certname = stapp01.stratos.xfusioncorp.com

server = puppet

…instead of what I originally had:-)

1 Like

I think the server configuration should be puppet, as it is where the nodes will connect to get the configuration. I don’t think you need to modify this file.
Can you show your pp file?

1 Like

Thanks @francilio,

I got it now. I just had to change the /etc/puppetlabs/puppet/puppet.conf file. I also had to install puppet-agent on App Server 1 this time around. I was able to finish the task.

1 Like

@juliettet, as per question puppet master and puppet agent are already configured.

@rahul456 I just completed this task and I validated it but it still failed