根据“Learning Puppet 4”一书中的手册,我正在尝试使用 jorhett/puppet-mcollective 模块设置 MCollective。运行“mco ping”、“mco inventory node_name”等后出现以下错误。
警告 2016/08/11 07:21:19:activemq.rb:346:in `rescue in ssl_parameters' 无法设置完整的 SSL 验证模式,退回到未验证:RuntimeError:必须提供证书、密钥和 ca 以进行验证SSL 模式
这是我的配置:Hiera 主机名/puppetserver.yaml
# hostname/puppetserver.yaml
classes:
- mcollective::middleware
- mcollective::client
# Middleware configuration
mcollective::client_password: 'VpOS62qqpH3NEVEtP8rQsS2tpq6xwgOJEXsABjYDvoI='
mcollective::middleware::keystore_password: 'k7Dj+On3xGmQPX7CuCxgXaOFwHZFdKICeQQFpWlzg6E='
mcollective::middleware::truststore_password: 'k7Dj+On3xGmQPX7CuCxgXaOFwHZFdKICeQQFpWlzg6E='
Hiera common.yaml
---
puppet::status: 'running'
puppet::enabled: true
# every node installs the server
classes:
- mcollective::server
# The Puppet Server will host the middleware
mcollective::hosts:
- 'puppet.example.com'
mcollective::collectives:
- 'mcollective'
mcollective::connector: 'activemq'
mcollective::connector_ssl: true
mcollective::connector_ssl_type: 'anonymous'
# Access passwords
mcollective::server_password: 'h3Vh7JGGkyWxuehCvScXRwZmIZYRHtDDDxuS1W68XAQ='
mcollective::psk_key: 'y2Z2BzcsRFXCBidywQafyJoELH5bIkmZzXGssLLMVsw='
mcollective::facts::cronjob::run_every: 10
mcollective::server::package_ensure: 'latest'
mcollective::plugin::agents:
puppet:
version: 'latest'
mcollective::client::unix_group: vagrant
mcollective::client::package_ensure: 'latest'
mcollective::plugin::clients:
puppet:
version: 'latest'
集体服务器.cfg
# /etc/mcollective/server.cfg
libdir = /usr/libexec/mcollective
libdir = /opt/puppetlabs/mcollective/plugins
classesfile = /opt/puppetlabs/puppet/cache/state/classes.txt
daemonize = 1
direct_addressing = 1
main_collective = mcollective
collectives = mcollective
# ActiveMQ connector settings:
connector = activemq
plugin.activemq.heartbeat_interval = 30
plugin.activemq.pool.size = 1
plugin.activemq.pool.1.host = puppet.example.com
plugin.activemq.pool.1.port = 61614
plugin.activemq.pool.1.user = server
plugin.activemq.pool.1.password = h3Vh7JGGkyWxuehCvScXRwZmIZYRHtDDDxuS1W68XAQ=
plugin.activemq.pool.1.ssl = true
plugin.activemq.pool.1.ssl.fallback = true
# Send these messages to keep the Stomp connection alive.
# This solves NAT and firewall timeout problems.
registerinterval = 600
# Security provider
securityprovider = psk
plugin.psk = y2Z2BzcsRFXCBidywQafyJoELH5bIkmZzXGssLLMVsw=
# Facts
factsource = yaml
plugin.yaml = /etc/puppetlabs/mcollective/facts.yaml
# Puppet resource control
plugin.puppet.resource_allow_managed_resources = true
plugin.puppet.resource_type_whitelist = none
# Logging
logger_type = syslog
loglevel = info
logfacility = user
Mcollective 客户端.cfg
# Connector
libdir = /usr/libexec/mcollective
libdir = /opt/puppetlabs/mcollective/plugins
direct_addressing = 1
main_collective = mcollective
collectives = mcollective
connector = activemq
plugin.activemq.heartbeat_interval = 30
plugin.activemq.pool.size = 1
plugin.activemq.pool.1.host = puppet.example.com
plugin.activemq.pool.1.port = 61614
plugin.activemq.pool.1.user = client
plugin.activemq.pool.1.password = VpOS62qqpH3NEVEtP8rQsS2tpq6xwgOJEXsABjYDvoI=
plugin.activemq.pool.1.ssl = true
plugin.activemq.pool.1.ssl.fallback = true
# Security provider
securityprovider = psk
plugin.psk = y2Z2BzcsRFXCBidywQafyJoELH5bIkmZzXGssLLMVsw=
plugin.psk.callertype = uid
# Discovery
default_discovery_method = mc
direct_addressing_threshold = 10
default_discovery_options =
# Miscellaneous settings
color = 1
rpclimitmethod = first
# Performance settings
direct_addressing_threshold = 10
ttl = 60
# Logging
logger_type = console
loglevel = warn