Karlesnine

Puppet 0.25 vs 0.24

Puppet Client 0.25 présent sur Ubuntu Lucid 10.4 n’est pas compatible avec un Puppet master en version 0.24 présent sur Ubuntu Karmic 9.4.

Le symptôme est le suivant : le puppet master semble ne jamais recevoir la demande de certificat. Coté client cela donne

sudo puppetd --waitforcert 60 --test info: Creating a new SSL key for h3-desktop warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session info: Creating a new SSL certificate request for h3-desktop warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session notice: Did not receive certificate warning: peer certificate won't be verified in this SSL session notice: Did not receive certificate

Sur le serveur cela donne

sudo puppetca --list No certificates to sign

L’avertissement était clair

Dans la Release Notes l’avertissement était clair :
Newer clients may not work with older servers and vice-versa. Where possible backwards-compatibility is maintained but it’s not always totally successful. The best approach is to ensure your master and clients are the same version. When upgrading it is also recommended that you upgrade your master first.

Solution, backport

Dans /etc/apt/source.list on ajoute

deb http://ubuntu.mirror.rafal.ca/ubuntu/ karmic-security main restricted deb-src http://ubuntu.mirror.rafal.ca/ubuntu/ karmic-security main restricted deb http://ubuntu.mirror.rafal.ca/ubuntu/ karmic-security universe deb-src http://ubuntu.mirror.rafal.ca/ubuntu/ karmic-security universe deb http://ubuntu.mirror.rafal.ca/ubuntu/ karmic-security multiverse deb-src http://ubuntu.mirror.rafal.ca/ubuntu/ karmic-security multiverse

Et puis zou

apt-get update aptitude -t karmic install puppet

Juste faire attention à pas tout péter à la prochaine mise à jour