connecting puppet servers to puppet db

2,674 views
Skip to first unread message

Svan

unread,
Oct 2, 2015, 10:31:16 AM10/2/15
to Puppet Users
Hi. I need help connecting a puppet server to puppetdb.

I installed puppetdb from packages (debian wheezy) following a guide from https://docs.puppetlabs.com/puppetdb/latest/install_from_packages.html

The install went fine :
1) before installing puppetdb, puppet was configured on the puppetdb host and 'puppet agent -t' finished successfully.
2) postgresql and puppetdb were installed and configured. service puppetdb status returns :
[ ok ] puppetdb is running.

But I can't get my puppet server to use puppet db.

Here are the config files that were modified :

/etc/puppetlabs/puppet/puppet.conf
[main]

[master]
dns_alt_names = puppetmaster
vardir = /opt/puppetlabs/server/data/puppetserver
logdir = /var/log/puppetlabs/puppetserver
rundir = /var/run/puppetlabs/puppetserver
pidfile = /var/run/puppetlabs/puppetserver/puppetserver.pid
codedir = /etc/puppetlabs/code
storeconfigs = true
storeconfigs_backend = store,puppetdb
reports = puppetdb



/etc/puppetlabs/puppet/puppetdb.conf 
[main]



/etc/puppetlabs/puppet/routes.yaml
---
master:
  facts:
    terminus: puppetdb
    cache: yaml


I changed the ownership of all files and directories under /etc/puppetlabs/puppet to puppet:puppet


But when I run 'puppet agent -t' on any host, I get the following error :

$ puppet agent -t
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Loading facts
Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Failed to submit 'replace facts' command for ftp.virt.mydomain.com to PuppetDB at puppetdb:8081: Error executing http request
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run


/var/log/puppetlabs/puppetserver/puppetserver.log shows this error :

2015-10-02 10:40:10,530 ERROR [c.p.h.c.i.PersistentSyncHttpClient] Error executing http request
javax.net.ssl.SSLException: hostname in certificate didn't match: <puppetdb> != <puppetdb.virt.mydomain.com>


It seems that puppet server tries to establish a connexion with puppetdb instead of puppetdb.virt.mydomain.com.
But puppetdb.conf points to puppetdb.virt.mydomain.com
I don't get it.

puppetdb is reachable from puppet server

svan@puppetmaster:/etc/puppetlabs/puppet# telnet puppetdb.virt.mydomain.com 8081
Trying 10.10.0.8...
Escape character is '^]'.
^CConnection closed by foreign host.

svan@puppetmaster:/etc/puppetlabs/puppet# telnet puppetdb 8081
Trying 10.10.0.8...
Escape character is '^]'.
^CConnection closed by foreign host.

Any help would be appreciated.

Thanks.

Svan.

Felix Barbeira

unread,
Oct 27, 2015, 8:59:15 AM10/27/15
to Puppet Users
It happens the same to me.

root@:/etc/puppetlabs/puppet# puppet agent -t
Warning: Unable to fetch my node definition, but the agent run will continue:
Warning: Error 400 on SERVER: Could not retrieve facts for server.com: Failed to find facts from PuppetDB at puppet:8140: Failed to execute '/pdb/query/v4/nodes/server.com/facts' on any of the following 'server_urls': https://puppetdb.server.com:8081
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Loading facts
Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Failed to execute '/pdb/cmd/v1?checksum=08ac7826fda2b64eb59d85ec1f5d2a54da225a03' on any of the following 'server_urls': https://puppetdb.server.com:8081
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
root@:/etc/puppetlabs/puppet#

Tehmasp Chaudhri

unread,
Mar 16, 2016, 3:20:57 PM3/16/16
to Puppet Users
You must make sure that each server's hostname is resolvable by DNS AND that resolvable hostname is indeed the hostname to which the puppet certs are created for. In short, all these errors stem from an improperly setup DNS. I just had the same issues and discovered that as the root cause. I now have a working Puppet Server 4.x writing to a PuppetDB 3.2.x on another host.
Reply all
Reply to author
Forward
0 new messages