I'm running into an issue on one of our puppet4 servers where the agent only works when run as 'puppet agent -t' but fails when run via the puppet service 'systemctl restart puppet' results in errors as follows:
Jun 15 14:49:45 puppet21b puppet-agent[29620]: Starting Puppet client version 4.8.1
Jun 15 14:49:45 puppet21b puppet-agent[29622]: Unable to fetch my node definition, but the agent run will continue:
Jun 15 14:49:45 puppet21b puppet-agent[29622]: getaddrinfo: Name or service not known
I've seen similar behavior when running the first puppet run via puppet agent -t (not waiting for the service to start and do the run itself) and the solution has been to remove all certs in /etc/puppetlabs/puppet/ssl/ and running puppet cert clean hostname.fqdn on the puppet master, however since this is the puppet master also, I don't want to lose all the client certs for other puppet clients.
What's the proper procedure to clean the agent certs if the master is on the same system?
I'm running puppet 4.8.1 on CentOS 7.3.1611
/etc/puppetlabs/puppet/puppet.conf:
[master]
certname = puppet4.fqdn
dns_alt_names = puppet.fqdn, puppet, puppet4
vardir = /opt/puppetlabs/server/data/puppetserver
logdir = /var/log/puppetlabs/puppetserver
rundir = /var/run/puppetlabs/puppetserver
pidfile = /var/run/puppetlabs/puppetserver/puppetserver.pid
codedir = /etc/puppetlabs/code
autosign = true
[main]
environmentpath = $confdir/environments
manifestdir = /etc/puppetlabs/puppet/environments/$environment/manifests
pluginsync = true
[agent]
server = puppet4