search

rundeck-plugins / rundeck-puppetenterprise-nodes-plugin

Get resource node data from Puppet Enterprise
3 stars 9 forks source link

rundeck host is expecting puppet master certificates #2

Open ltutar opened 8 years ago

ltutar commented 8 years ago

I have rundeck running on host xldagent.home and puppetmaster running on puppetmaster.home. rundeck version: 2.6.9 rundeck-puppetenterprise-nodes-plugin-0.9.3.jar puppet enterprise 2016.1.1

According to documentation https://docs.puppet.com/puppetdb/latest/api/query/curl.html#using-curl-from-remote-hosts-sslhttps , I turned on whitelisting. I can run the following command from the host xldagent.home host:

curl 'https://puppetmaster.home:8081/pdb/query/v4/nodes' \
  --tlsv1 \
  --cacert /etc/puppetlabs/puppet/ssl/certs/ca.pem \
  --cert /etc/puppetlabs/puppet/ssl/certs/xldagent.home.pem \
  --key /etc/puppetlabs/puppet/ssl/private_keys/xldagent.home.pem

and get the result:

[{"deactivated":null,"latest_report_hash":"aa0667162e2a205a6b8509a3dd7ef2ccc1a553db","facts_environment":"production","report_environment":"production","catalog_environment":"production","facts_timestamp":"2016-08-04T08:16:41.683Z","expired":null,"report_timestamp":"2016-08-04T07:41:05.475Z","certname":"xldagent.home","catalog_timestamp":"2016-08-04T08:16:47.018Z","latest_report_status":"changed"},{"deactivated":null,"latest_report_hash":"225fc66ae67c1d0409630828c11e07742fd9c377","facts_environment":"production","report_environment":"production","catalog_environment":"production","facts_timestamp":"2016-08-04T11:40:34.807Z","expired":null,"report_timestamp":"2016-08-04T11:40:43.696Z","certname":"puppetmaster.home","catalog_timestamp":"2016-08-04T11:40:40.142Z","latest_report_status":"unchanged"},{"deactivated":null,"latest_report_hash":"de198aec5856aa5c34bfa8531707e5153c0912e3","facts_environment":"production","report_environment":"production","catalog_environment":"production","facts_timestamp":"2016-08-04T11:40:48.844Z","expired":null,"report_timestamp":"2016-08-04T11:41:06.774Z","certname":"elkagent.home","catalog_timestamp":"2016-08-04T11:40:53.789Z","latest_report_status":"changed"}]

When I have the following entries in /var/lib/rundeck/projects/PetClinicProject/etc/project.properties

resources.source.1.type=puppet-enterprise
resources.source.1.config.PROPERTY_PUPPETDB_HOST=puppetmaster.home
resources.source.1.config.PROPERTY_PUPPETDB_PORT=8081
resources.source.1.config.PROPERTY_PUPPETDB_SSL_DIR=/opt/rundeck/ssl

rundeck will complain about the following:

Caused by: java.io.FileNotFoundException: /opt/rundeck/ssl/private_keys/puppetmaster.home.pem (No such file or directory)
    at java.io.FileInputStream.open0(Native Method)
    at java.io.FileInputStream.open(FileInputStream.java:195)

It would be nice if rundeck will instead look for xldagent.home certificates. Now I have to get the puppetmaster.home certificates to xldagent.home machine. No whitelist is now being used. Or I am missing something here?

ltutar commented 8 years ago

BTW. I am not using any mock server. I can see the nodes. grabberraster 0196

fbacchella commented 8 years ago

My pull request #7 should resolve your problem.

ltutar commented 8 years ago

Thank you very much. I'll test it tomorrow.

fbacchella commented 7 years ago

I think this issue should be close if my patch works.