Ask Your Question
0

Could not retrieve facts from inventory service: 400 "Bad Request"

asked 2014-11-12 12:18:53 -0500

Mark Wunschel gravatar image

updated 2014-11-12 14:14:52 -0500

I installed a Puppet Master on Centos 6.5 and two Puppet Agents. The certificates have been signed and all three nodes show up in the Puppet Console. When I enter "puppet cert list -a" on the master, the certs for both agents show up with "+" next to them, so I know that they are good.

Both agents are failing their puppet runs and the console states Could not retrieve facts from inventory service: 400 "Bad Request"

When I do a manual puppet run on the agents I get Error: Could not retieve catalog from remote server: Error 400 on SERVER: Failed to submit 'replace facts' command for Puppet Master dns name to PuppetDB at Puppet Master dns name:8081: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate revoked for /CN=Puppet Master dns name] Warning: Not using cache on failed catalog Error: Could not retrieve catalog; skipping run

The auth.conf and the puppet.conf look to be in working order. The only difference from this master to another working master is in the puppet.conf file

Working Master: externalnodes = /etc/puppetlabs/puppet-dashboard/externalnode

New Master: does not have external_nodes in it's puppet.conf file.

Any suggestions on how to get these Puppet Agents to stop failing?

edit retag flag offensive close merge delete

Comments

1

Restart puppetdb if you can't `telnet puppetdb 8081`

awippler gravatar imageawippler ( 2014-11-12 13:11:52 -0500 )edit

Puppetdb is tied into the Puppet Master. When I try "service puppetmaster restart" *Stopping puppetmaster:* FAILED, but *Starting puppetmaster:* is OK

Mark Wunschel gravatar imageMark Wunschel ( 2014-11-12 15:34:40 -0500 )edit

2 Answers

Sort by » oldest newest most voted
0

answered 2014-11-12 14:14:07 -0500

Mark Wunschel gravatar image

In addition to the error above I also get the follow: Warning: Error 400 on Server: Could not retrieve facts for Puppet Agent: Failed to find facts from PuppetDB at Puppet Master:8081 SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate revoked for /CN=Puppet Master]

edit flag offensive delete link more
0

answered 2014-11-13 06:24:30 -0500

rnelson0 gravatar image

Do you perhaps have an iptables policy that does not allow inbound traffic on port 8081? Check 'iptables -L' on both masters for deltas. You can also try 'service iptables stop', test an agent, 'service iptables start' to simply take the firewall policy out of the equation for testing. Then, fix the policy. Do not leave iptables off.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2014-11-12 12:18:53 -0500

Seen: 972 times

Last updated: Nov 13 '14