Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Inconsistent configurations in Wazuh Puppet agent installation #6504

Closed
davidcr01 opened this issue Sep 13, 2023 · 0 comments · Fixed by #6506
Closed

Inconsistent configurations in Wazuh Puppet agent installation #6504

davidcr01 opened this issue Sep 13, 2023 · 0 comments · Fixed by #6506
Assignees
@vcerenu
Labels
level/task Task issue type/enhancement Enhancement issue

Comments

@davidcr01
Copy link
Contributor

Description

Some inconsistent configurations have been detected in the following documentation: https://documentation.wazuh.com/current/deployment-options/deploying-with-puppet/setup-puppet/install-puppet-agent.html#agent-configuration

The documentation specifies that the /etc/puppetlabs/puppet/puppet.conf must have the following content:

[main]
server = puppet-master.com

But, in the server configuration, the documentation specifies a different content of the configuration file /etc/puppetlabs/puppet/puppet.conf:

[main]
server = puppet-master

Because of this, when trying to generate the certificates of the agent, the following error is generated:

Error: Another puppet instance is already running and the waitforlock setting is set to 0; exiting

The systemctl status puppet-server command in the Puppet server shows the following:

Sep 12 08:35:36 ubuntu20 puppet-agent[3820]: Connection to https://puppet-master.com:8140/puppet-ca/v1 failed, trying next route: Request to https://puppet-master.com:8140/puppet-ca/v1 timed out connect operati>
Sep 12 08:35:36 ubuntu20 puppet-agent[3820]: Wrapped exception:
Sep 12 08:35:36 ubuntu20 puppet-agent[3820]: execution expired
Sep 12 08:35:36 ubuntu20 puppet-agent[3820]: No more routes to ca
Sep 12 08:39:36 ubuntu20 puppet-agent[3820]: Connection to https://puppet-master.com:8140/puppet-ca/v1 failed, trying next route: Request to https://puppet-master.com:8140/puppet-ca/v1 timed out connect operati>
Sep 12 08:39:36 ubuntu20 puppet-agent[3820]: Wrapped exception:
Sep 12 08:39:36 ubuntu20 puppet-agent[3820]: execution expired
Sep 12 08:39:36 ubuntu20 puppet-agent[3820]: No more routes to ca

✔️ But, if the config file /etc/puppetlabs/puppet/puppet.conf of the agent is changed to puppet-master instead of puppet-master.com the certificate works as expected:

root@ubuntu20:/home/vagrant# puppet agent -t
Info: csr_attributes file loading from /etc/puppetlabs/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for ubuntu20
Info: Certificate Request fingerprint (SHA256): 25:85:F4:3C:B0:E0:82:1D:07:65:D4:E0:99:7F:B9:AE:19:E3:E9:F9:03:D9:5C:9F:E1:5E:11:0F:C2:90:CB:F2
Info: Certificate for ubuntu20 has not been signed yet
Couldn't fetch certificate from CA server; you might still need to sign this agent's certificate (ubuntu20).
Exiting now because the waitforcert setting is set to 0.

So then, it is necessary to change the documentation and specify the same hostnames in both configurations.
@davidcr01 davidcr01 added level/task Task issue type/enhancement Enhancement issue labels Sep 13, 2023
@wazuhci wazuhci moved this to Backlog in Release 4.5.3 Sep 13, 2023
@vcerenu vcerenu self-assigned this Sep 13, 2023
@wazuhci wazuhci moved this from Backlog to In progress in Release 4.5.3 Sep 13, 2023
@vcerenu vcerenu mentioned this issue Sep 13, 2023
Merged
7 tasks
@teddytpc1 teddytpc1 linked a pull request Sep 13, 2023 that will close this issue
Inconsistent configurations in Wazuh Puppet agent installation #6506
Merged
7 tasks
@wazuhci wazuhci moved this from In progress to Pending review in Release 4.5.3 Sep 13, 2023
@github-project-automation github-project-automation bot moved this from Pending review to Done in Release 4.5.3 Sep 14, 2023
@c-bordon c-bordon mentioned this issue Sep 28, 2023
Closed
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@vcerenu vcerenu

Labels
level/task Task issue type/enhancement Enhancement issue
Projects
No open projects
Release 4.5.3
Status: Done
Milestone
No milestone
3 participants
@teddytpc1 @vcerenu @davidcr01