Created
March 28, 2013 23:10
-
-
Save Freeaqingme/5267577 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Error: Error: /Stage[main]/Cluster::Core::Puppetmaster::Pupppet/File[/etc/puppet/hiera.yaml]: Could not evaluate: Could not retrieve information from environment production source(s) puppet:///prod-cluster/core/puppetmaster/hiera.yaml | |
Manifest: | |
--- | |
file { '/etc/puppet/hiera.yaml': | |
owner => puppet, | |
group => puppet, | |
mode => 440, | |
source => "puppet:///prod-cluster/core/puppetmaster/hiera.yaml" | |
} | |
---- | |
Strace: | |
... | |
[pid 19280] read(15, "\26\3\1\0\341\1\0\0\335\3\2QT\313\365W\205\25\31=\317\343\324\250\2265e\266\301\n\351\245"..., 8000) = 230 | |
[pid 19280] writev(15, [{"\26\3\2\0:\2\0\0006\3\2QT\313\365jb\225]\21\233\272\247:P\323)'bg\305W"..., 3754}], 1) = 3754 | |
[pid 19280] poll([{fd=15, events=POLLIN}], 1, 20447) = 1 ([{fd=15, revents=POLLIN}]) | |
[pid 19280] read(15, "\26\3\2\v\16\v\0\v\n\0\v\7\0\5\2550\202\5\2510\202\3\221\240\3\2\1\2\2\1\0020"..., 8000) = 3572 | |
[pid 19280] writev(15, [{"\26\3\2\6z\4\0\6v\0\0\1,\6pe\352\371\357\264\r\370v\361\271\367\353o\246\33\0333"..., 1738}], 1) = 1738 | |
[pid 19280] poll([{fd=15, events=POLLIN}], 1, 27564) = 1 ([{fd=15, revents=POLLIN}]) | |
[pid 19280] read(15, "\27\3\2\0\340\351=\224\30\375\240\262[U\35i\211'\3751vEI\245\214n\332\261\305\254n\213"..., 8000) = 229 | |
[pid 19280] stat("/etc/puppet/rack/public/production/file_metadata/prod-cluster/core/puppetmaster/hiera.yaml", 0x7fea2cfe8b20) = -1 ENOENT (No such file or directory) | |
[pid 19280] stat("/etc/puppet/rack/public/production/file_metadata/prod-cluster/core/puppetmaster/hiera.yaml.html", 0x7fea2cfe8af0) = -1 ENOENT (No such file or directory) | |
[pid 19280] write(29, "\1\34get\0app_root\0/etc/puppet/rack\0"..., 286) = 286 | |
[pid 19280] read(29, "\0\v", 2) = 2 | |
[pid 19280] read(29, "ok\00028070\0002\0", 11) = 11 | |
[pid 19280] write(29, "\0\10pass IO\0", 10) = 10 | |
[pid 19280] recvmsg(29, {msg_name(0)=NULL, msg_iov(1)=[{"\0", 1}], msg_controllen=24, {cmsg_len=20, cmsg_level=SOL_SOCKET, cmsg_type=SCM_RIGHTS, {41}}, msg_flags=0}, 0) = 1 | |
[pid 19280] write(29, "\0\7got IO\0", 9) = 9 | |
... | |
(file tried to retrieve: /etc/puppet/rack/public/production/file_metadata/prod-cluster/core/puppetmaster/hiera.yaml ) | |
fileserver.conf: | |
---- | |
[plugins] | |
allow *.dev.example.net | |
allow 127.0.0.1 | |
[prod-cluster] | |
path /etc/puppet/environments/production/files/cluster | |
allow * | |
----- | |
auth.conf: | |
---- | |
path ~ ^/file_(metadata|content)/prod-cluster/ | |
auth yes | |
allow * | |
path ~ ^/file_metadata/prod-cluster/core/puppetmaster/hiera.yaml | |
allow * | |
# allow nodes to retrieve their own catalog (ie their configuration) | |
path ~ ^/catalog/([^/]+)$ | |
method find | |
allow $1 | |
# allow nodes to retrieve their own node definition | |
path ~ ^/node/([^/]+)$ | |
method find | |
allow $1 | |
# allow all nodes to access the certificates services | |
path /certificate_revocation_list/ca | |
method find | |
allow * | |
# allow all nodes to store their reports | |
path /report | |
method save | |
allow * | |
# inconditionnally allow access to all files services | |
# which means in practice that fileserver.conf will | |
# still be used | |
path /file | |
allow * | |
# allow access to the master CA | |
path /certificate/ca | |
auth any | |
method find | |
allow * | |
path /certificate/ | |
auth any | |
method find | |
allow * | |
path /certificate_request | |
auth any | |
method find, save | |
allow * | |
# Configuration for Inventory Service | |
# Simple case with Inventory server on the same puppetmaster server | |
path /facts | |
auth no | |
method find, search | |
allow puppet01.dev.example.net | |
path /facts | |
auth no | |
method save | |
allow puppet01.dev.example.net | |
# Access to DashBoard (Here it's supposed to be on the puppetmaster) | |
# for file diff viewing | |
path /file_bucket_file | |
auth no | |
method find, search | |
allow puppet01.dev.example.net | |
# this one is not strictly necessary, but it has the merit | |
# to show the default policy which is deny everything else | |
path / | |
auth any |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment