About | FAQ | Help
Ask Your Question
0

Puppet out of sync in foreman

asked 2016-07-06 03:43:44 -0500

Imagin0s gravatar image

Hello,

I am managing a certain number of nodes in foreman and I have some issues with certain nodes which are out of sync after a certain moment.

The certificate is OK, date is correctly synced and the agent is running :

Have you got an idea why after the puppet_interval, the node went out of sync ? Which log do I have to look at ?

Thanks.

edit retag flag offensive close merge delete
add a comment

3 Answers

Sort by ยป oldest newest most voted
1

answered 2016-07-07 03:41:27 -0500

domcleal gravatar image

The phrase "Out of sync" in Foreman means that no config management reports have been received within the past puppet_interval (30 mins or so). You should be trying to determine if reports are being sent and that they're showing in Foreman, and if not, whether there's an error or config issue on either the agent or master preventing their upload.

Remember: reports are sent from the agent to the master at the end of a run, then from the master to Foreman via a report processor (script).

  1. Are reports listed for the host? When was the last report? Are new reports being stored, but under a different hostname? Look at incoming reports under Monitor > Reports > Config management in the UI, and deselect the default eventful = true search at the top to see all reports.
  2. Is the Puppet agent running? Is it actually applying a catalog every 30 minutes? Check its log file, usually syslog (/var/log/messages, /var/log/syslog etc.) to check it's running regularly. Does it report in if you run puppet agent -t?
  3. Is the agent logging any errors that may prevent a report being uploaded?
  4. Are any report upload requests reaching Foreman? tail -f /var/log/foreman/production.log during an agent run and look for POST "/api/reports", which should finish with Completed 201 Created.
  5. Does the master log any errors? The Puppet master typically logs to syslog again, or if using Puppet Server, under /var/log/puppetlabs/.
edit flag offensive delete link more
add a comment
0

answered 2017-01-10 10:08:22 -0500

Imagin0s gravatar image

Hello,

Thanks for your answer domcleal. I am in case 3.. For several servers, when I get the service status on the puppet client, I got the following errors :

pufrm002 ssl :( # service puppet status โ— puppet.service - (null) Loaded: loaded (/etc/init.d/puppet) Active: active (running) since mar. 2017-01-03 15:42:33 CET; 6 days ago CGroup: /system.slice/puppet.service โ””โ”€951 /usr/bin/ruby /usr/bin/puppet agent

janv. 10 09:29:08 pufrm002 puppet-agent[951]: Did not receive certificate janv. 10 09:31:09 pufrm002 puppet-agent[951]: Did not receive certificate janv. 10 09:33:09 pufrm002 puppet-agent[951]: Did not receive certificate janv. 10 09:35:09 pufrm002 puppet-agent[951]: Did not receive certificate

I have deleted the certificates on client and master, and I have regenerated and signed them but it still doesn't work.

Would you please advise ?

Regards,

edit flag offensive delete link more
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2016-07-06 03:43:44 -0500

Seen: 1,349 times

Last updated: Jan 10 '17

Related questions

How to remove out of sync slaves older than x days from server

Issues synching yum.puppetlabs.com repo through Red Hat Satellite

Can you upgrade puppet agents before your puppet master?

puppet windows add wait or sleep

agent lockfile remove latency up to 5s and more !

Notify resource and Foreman

[Satellite 6] Access SAT6 global parameter in file template

Errors when connecting from agent to master

ProgramData directory missing and puppet.conf ignored

puppet agent error ubuntu 16.04