Ask Your Question

How do I deploy puppetdb on docker cluster?

asked 2014-11-27 15:40:04 -0500

hesco gravatar image

Q: How do I deploy puppetdb in a docker cluster, where I am using haproxy (and mode http, not https) as a frontend for the dashboard? The dashboard is visible, but the metrics are zero'd out, no data is making it into the database and running the agent on a node in the cluster gives me output like this:

Error 400 on SERVER: Could not retrieve resources from the PuppetDB at Server hostname '' did not match server certificate; expected on node

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted

answered 2014-11-27 15:53:21 -0500

hesco gravatar image

updated 2014-11-28 13:15:12 -0500

A: Resolving this was far more painful than the simple solution provided here suggests, and involved spending long hours reconstructing the entire installation and configuration to ensure that sane settings were in place. In the process I learned a bit about the architecture of puppetdb and the its configuration options. So I was able to extract value from the experience along with the frustration. But still; . . . In this response I will share both (1) my work-around which moved me past this roadblock; and (2) some clues on the diagnostics I performed which walked me around that learning curve alluded to above.

First the solution:

(1) The final resolution of the issue was embarassingly simple and involved (a) replacing the puppetdb resource record in the public DNS zone file of our domain, with a pdbdashboard A record pointing at our haproxy installation; (b) adding a puppetdb entry to the hosts file on the puppetmaster node which resolved to the internal IP on our private SDN; and (c) updating the /etc/puppet/puppetdb.conf file on the puppet master to set the server key to the FQDN for the puppetdb node, rather than its internal IP address.

Next the diagnostics we tried:

I documented my process in a seventeen part gist paste shared on the #puppet channel where I sought help. My appreciation to those who helped me sort out what I was doing right (in my first ever puppetdb installation) so as to focus my attention on the other issues. In the course of this process (which spanned too many days), I learned quite a bit about this technology.

What follows is a slightly sanitized version of the gist I used to work through this issue. I had used the puppetlabs/puppetdb module to manage the installation and configuration, but I used the recipe for doing that process manually to sort out whether I was missing any critical pieces.

Working my way through:

Step 1: Install and Configure Puppet


Step 2: Enable the Puppet Labs Package Repository


Step 3: Install PuppetDB


Step 4: Configure Database


Step 5: Start the PuppetDB Service


Finish: Connect Puppet to PuppetDB


Troubleshooting Installation Problems


puppetlabs/puppetdb module


root@puppetdb:~# puppet agent --test <snip> changed 'false' to 'true' Notice: Finished catalog run in 45.95 seconds

root@puppetdb:~# cat /etc/apt/sources.list.d/puppetlabs.list

root@puppetdb:~# puppet resource package puppetdb ensure=latest

root@puppetdb:~# dpkg -l | grep puppetdb

root@puppetdb:~# grep -v ^# /etc/puppetdb/conf.d/database.ini | grep -v ^$

classname = org.postgresql.Driver
subprotocol = postgresql
subname = //
username = puppetdb
password = secret
gc-interval = 60
log-slow-statements = 10
report-ttl = 14d
syntax_pgs = true
conn-keep-alive = 45
node-ttl = 0s
conn-lifetime = 0
node-purge-ttl = 0s
conn-max-age = 60

root@puppetdb:~# psql -U puppetdb --host= -d puppetdb puppetdb=> \dt #<-- lists 17 tables after the installation puppetdb ...

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower


Asked: 2014-11-27 15:40:04 -0500

Seen: 333 times

Last updated: Nov 28 '14