Ask Your Question

Errors when connecting from agent to master

asked 2016-02-19 18:21:15 -0600

anfield gravatar image

Have 2 separate VM servers setup. 1 master and 1 agent. From puppet agent getting errors when running the below command - puppet agent -t

Error: Could not request certificate: Connection refused - connect(2) Exiting; failed to retrieve certificate and waitforcert is disabled

I can ping from one to the other and the firewall is disabled. How do I troubleshoot the issue?

edit retag flag offensive close merge delete


The cert was originally generated on the master, is that the way its supposed to be done?

anfield gravatar imageanfield ( 2016-02-21 14:32:59 -0600 )edit

I am not very sure what's the problem. And if 8140 port is running on puppet master and is reachable from agent node, you try regenerating certs and see if this works. Info is here:

Mr_Sharma gravatar imageMr_Sharma ( 2016-02-21 14:49:38 -0600 )edit

port 8140 is open in iptables..but when i do a netstat its not listed at all

anfield gravatar imageanfield ( 2016-02-21 15:16:49 -0600 )edit

uninstalled the master and reinstalled, the agent can now connect..

anfield gravatar imageanfield ( 2016-02-21 19:05:31 -0600 )edit

Definitely, it was an installation issue. I am glad you got your track.

Mr_Sharma gravatar imageMr_Sharma ( 2016-02-22 06:45:10 -0600 )edit

3 Answers

Sort by ยป oldest newest most voted

answered 2016-02-21 01:31:37 -0600

Mr_Sharma gravatar image

Did your puppet agent resolves the "puppet" hostname to your puppet master?

If not you have to make a DNS entry or simply in hosts file you can have

puppet <puppetmaster fqdn>

I hope it helps.

edit flag offensive delete link more

answered 2016-02-21 14:14:28 -0600

anfield gravatar image

Yes I can ping puppet from the agent, I already have puppet beside the FQDN of the master in the agents host file. Ive setup puppet.conf on both as specified in the docs..One thing though - I Cannot telnet to 8140 from the agent to the master, but the firewall is off and I think iptables is turned off also

edit flag offensive delete link more

answered 2016-02-22 21:32:14 -0600

timelord gravatar image

updated 2016-02-22 21:32:59 -0600

Is this your first time running puppet agent on that node? Have you already signed the node's certificate on the puppet master server?

Go to puppet master server, and run the following command:

puppet cert list

If will show you a list of nodes waiting for their certificate to be signed. If you see your agent node in the list, run the following command:

puppet cert sign <>

Then you can run puppet agent -t on your agent node again.

edit flag offensive delete link more


The re-install of the master solved the issue. Thanks

anfield gravatar imageanfield ( 2016-02-22 22:05:13 -0600 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower


Asked: 2016-02-19 18:21:15 -0600

Seen: 2,699 times

Last updated: Feb 22 '16