Bug #263
Problems Migrating Old Puppet Master To New Master Server
Description
Prepare the new Puppet Master server¶
I decided to separate the administrative server to a virtual node. To do this I created a new LXC node and installed puppetmaster and puppetmaster-passenger:
apt-get install puppetmaster puppetmaster-passenger
Migrate the old server data¶
I then used rsync to synchronize the configuration files and cache from the old server to the new server:
rsync -avh -e ssh root@puppetmaster.orig.net:/etc/puppet /etc/ rsync -avh -e ssh root@puppetmaster.new.net:/var/lib/puppet /var/lib/
This includes CA and SSL certificates, and configuration reports. This should allow a transparent migration to the new puppet master server by preserving the contents of the old puppet master server.
Dump the puppet SQL database:
mysqldump -u root -p puppet > /path/to/backup/puppet.sql
Then restor it into the new server:
mysql -u root -p CREATE DATABASE puppet; GRANT ALL PRIVILEGES TO 'puppetuser'@'localhost' IDENTIFIED BY 'SuperSecretPassword'; FLUSH PRIVILEGES; EXIT mysql -u root -p puppet < /path/to/restore/puppet
Set the puppet clients to use the new puppet master¶
This is as simple as changing the puppet.conf on the clients and pointing them to the new server:
#server=old.puppet.server.com server=new.puppet.server.com
Troubleshooting¶
I got a few errors after setting the clients to the new puppet master server.- After testing the puppet connection on the clients, the first error I recieved:
err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not autoload active_record: uninitialized constant ActiveRecord
and
err: Could not retrieve catalog from remote server: Error 400 on SERVER: cannot load such file -- mysql
To solve this I had to install a few ruby gems:
gem install metaclass mocha passenger railties rspec rspec-core rspec-expectations rspec-mocks ruby-mysql sprockets sprockets-rails stomp systemu test-unit thor tilt will_paginate actionmailer activerecord mysql daemon_controller ftools hiera hiera-puppet hike hoe httpclient
- I started getting another error on the puppet clients after install the gems:
err: Could not retrieve catalog from remote server: Error 400 on SERVER: Puppet::Parser::Compiler failed with error ArgumentError: wrong number of arguments (1 for 0) on node client1.puppet.server.com
This one took me a little while to solve, apparrently the problem was that ruby1.9 had been installed when I had installed the vim-nox package. This caused the Apache Passenger module to compile Puppet Master under ruby1.9, a bug exists in puppet 2.7.6 that causes an error exactly the same as the one above. I removed ruby1.9 and vim-nox, and found that to solve the problem after restarting apache2:
apt-get remove --purge ruby1.9 apt-get autoremove apt-get clean service apache2 restart
Resources¶
Updated by Daniel Curtis over 10 years ago
- Subject changed from Problems Migrating Puppet Master Servers to Problems Migrating Old Puppet Master To New Master Server
Updated by Daniel Curtis over 10 years ago
- Description updated (diff)
- Status changed from In Progress to Closed
Updated by Daniel Curtis over 10 years ago
I encountered a problem while connecting puppet clients to the master server. The error that was given was:
err: Could not retrieve catalog from remote server: Server hostname 'newmaster.puppet.com' did not match server certificate; expected one of master.puppet.com, DNS:puppet, DNS:oldmaster.puppet.com, DNS:master.puppet.com
warning: Not using cache on failed catalog
err: Could not retrieve catalog; skipping run
err: Could not send report: Server hostname 'newmaster.puppet.com' did not match server certificate; expected one of master.puppet.com, DNS:puppet, DNS:oldmaster.puppet.com, DNS:master.puppet.com
From the error, it appeared that there was a conflict of which SSL certificate was used. I regenerated a new SSL certificate for the new puppet master using:
puppetca --generate --certdnsnames puppet:puppet.puppet.com:newmaster:newmaster.puppet.com lxc-admin.altservice.com
I then pointed the location of the SSL certificate in the puppet master apache configuration and restarted the web server:
service apache2 restart
That fixed the problem.
Updated by Daniel Curtis over 10 years ago
The previous problem with the conflicting ruby1.9.1 has come up again, another utility I plan to install requires the ruby1.9.1 package. However this previously broke the Puppet Master with an error, to work around this I added an explicit definition in the apache configuration to use the ruby1.8 binary:
nano /etc/apache2/sites-available/puppetmaster
LoadModule passenger_module /usr/lib/apache2/modules/mod_passenger.so
PassengerRuby /usr/bin/ruby1.8
I restarted apache2:
service apache2 restart
And now I can use both versions of ruby
Updated by Daniel Curtis about 9 years ago
- Project changed from 57 to GNU/Linux Administration
- Category set to Automated Server Management