Project

General

Profile

Bug #263

Problems Migrating Old Puppet Master To New Master Server

Added by Daniel Curtis about 11 years ago. Updated almost 10 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Automated Server Management
Target version:
-
Start date:
12/19/2013
Due date:
% Done:

100%

Estimated time:
2.00 h
Spent time:

Description

Prepare the new Puppet Master server

I decided to separate the administrative server to a virtual node. To do this I created a new LXC node and installed puppetmaster and puppetmaster-passenger:

apt-get install puppetmaster puppetmaster-passenger

Migrate the old server data

I then used rsync to synchronize the configuration files and cache from the old server to the new server:

rsync -avh -e ssh root@puppetmaster.orig.net:/etc/puppet /etc/
rsync -avh -e ssh root@puppetmaster.new.net:/var/lib/puppet /var/lib/

This includes CA and SSL certificates, and configuration reports. This should allow a transparent migration to the new puppet master server by preserving the contents of the old puppet master server.

Dump the puppet SQL database:

mysqldump -u root -p puppet > /path/to/backup/puppet.sql

Then restor it into the new server:

mysql -u root -p

CREATE DATABASE puppet;
GRANT ALL PRIVILEGES TO 'puppetuser'@'localhost' IDENTIFIED BY 'SuperSecretPassword';
FLUSH PRIVILEGES;
EXIT

mysql -u root -p puppet < /path/to/restore/puppet

Set the puppet clients to use the new puppet master

This is as simple as changing the puppet.conf on the clients and pointing them to the new server:

#server=old.puppet.server.com
server=new.puppet.server.com

Troubleshooting

I got a few errors after setting the clients to the new puppet master server.
  • After testing the puppet connection on the clients, the first error I recieved:

err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not autoload active_record: uninitialized constant ActiveRecord

and

err: Could not retrieve catalog from remote server: Error 400 on SERVER: cannot load such file -- mysql

To solve this I had to install a few ruby gems:

gem install metaclass mocha passenger railties rspec rspec-core rspec-expectations rspec-mocks ruby-mysql sprockets sprockets-rails stomp systemu test-unit thor tilt will_paginate actionmailer activerecord mysql daemon_controller ftools hiera hiera-puppet hike hoe httpclient

  • I started getting another error on the puppet clients after install the gems:

err: Could not retrieve catalog from remote server: Error 400 on SERVER: Puppet::Parser::Compiler failed with error ArgumentError: wrong number of arguments (1 for 0) on node client1.puppet.server.com

This one took me a little while to solve, apparrently the problem was that ruby1.9 had been installed when I had installed the vim-nox package. This caused the Apache Passenger module to compile Puppet Master under ruby1.9, a bug exists in puppet 2.7.6 that causes an error exactly the same as the one above. I removed ruby1.9 and vim-nox, and found that to solve the problem after restarting apache2:

apt-get remove --purge ruby1.9
apt-get autoremove
apt-get clean
service apache2 restart

Resources

#1

Updated by Daniel Curtis about 11 years ago

  • Subject changed from Problems Migrating Puppet Master Servers to Problems Migrating Old Puppet Master To New Master Server
#2

Updated by Daniel Curtis about 11 years ago

  • Description updated (diff)
#3

Updated by Daniel Curtis about 11 years ago

  • Description updated (diff)
  • Status changed from In Progress to Closed
#4

Updated by Daniel Curtis about 11 years ago

  • Description updated (diff)
#5

Updated by Daniel Curtis about 11 years ago

I encountered a problem while connecting puppet clients to the master server. The error that was given was:

err: Could not retrieve catalog from remote server: Server hostname 'newmaster.puppet.com' did not match server certificate; expected one of master.puppet.com, DNS:puppet, DNS:oldmaster.puppet.com, DNS:master.puppet.com
warning: Not using cache on failed catalog
err: Could not retrieve catalog; skipping run
err: Could not send report: Server hostname 'newmaster.puppet.com' did not match server certificate; expected one of master.puppet.com, DNS:puppet, DNS:oldmaster.puppet.com, DNS:master.puppet.com

From the error, it appeared that there was a conflict of which SSL certificate was used. I regenerated a new SSL certificate for the new puppet master using:

puppetca --generate --certdnsnames puppet:puppet.puppet.com:newmaster:newmaster.puppet.com lxc-admin.altservice.com

I then pointed the location of the SSL certificate in the puppet master apache configuration and restarted the web server:

service apache2 restart

That fixed the problem.

#6

Updated by Daniel Curtis about 11 years ago

  • Description updated (diff)
#7

Updated by Daniel Curtis about 11 years ago

The previous problem with the conflicting ruby1.9.1 has come up again, another utility I plan to install requires the ruby1.9.1 package. However this previously broke the Puppet Master with an error, to work around this I added an explicit definition in the apache configuration to use the ruby1.8 binary:

nano /etc/apache2/sites-available/puppetmaster

LoadModule passenger_module /usr/lib/apache2/modules/mod_passenger.so
PassengerRuby /usr/bin/ruby1.8

I restarted apache2:

service apache2 restart

And now I can use both versions of ruby

#8

Updated by Daniel Curtis about 11 years ago

  • Project changed from 26 to 57
#9

Updated by Daniel Curtis almost 10 years ago

  • Project changed from 57 to GNU/Linux Administration
  • Category set to Automated Server Management

Also available in: Atom PDF