Puppet Server not starting after cert regen

asked 2016-08-24 11:38:43 -0600

mike.r gravatar image

updated 2016-08-24 11:41:00 -0600

Had to regenerate my Master, agent certs after altering DNS aliases, getting strange DB error with checksums

PE 2016.2.1 on Ubuntu 14.04, both Master and PuppetDB are on same box

at org.apache.http.impl.nio.client.CloseableHttpAsyncClientBase$1.run(CloseableHttpAsyncClientBase.java:64) ~[puppet-server-release.jar:na]
        at java.lang.Thread.run(Thread.java:745) ~[na:1.8.0_101]
2016-08-24 11:10:28,271 WARN  [qtp1808023046-59] **[puppetserver] Puppet Error connecting to MASTERNAME on 8081 at route /pdb/cmd/v1?checksum=e31c9a403e4e76da070b6193aea5a4bab93618f7&version=4&certname=MASTERNAME&command=replace_facts,** error message received was 'Error executing http request'. Failing over to the next PuppetDB server_url in the 'server_urls' list
2016-08-24 11:10:28,272 ERROR [qtp1808023046-59] [puppetserver] Puppet Failed to execute '/pdb/cmd/v1?checksum=e31c9a403e4e76da070b6193aea5a4bab93618f7&version=4&certname=MASTERNAME&command=replace_facts' on at least 1 of the following 'server_urls': https://MASTERNAME:8081
2016-08-24 11:10:28,273 ERROR [qtp1808023046-59] [puppetserver] Puppet /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/puppetdb/http.rb:115:in `raise_request_error' /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/puppetdb/http.rb:156:in `failover_action' /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/puppetdb/http.rb:214:in `action' /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/puppetdb/command.rb:63:in `submit' /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/profiler/around_profiler.rb:58:in `profile' /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/profiler.rb:51:in `profile' /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/puppetdb.rb:101:in `profile' /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/puppetdb/command.rb:62:in `submit' /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/puppetdb.rb:64:in `submit_command' /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/profiler/around_profiler.rb:58:in `profile' /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/profiler.rb:51:in `profile' /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/puppetdb.rb:101:in `profile' /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/puppetdb.rb:61:in `submit_command' /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/indirector/facts/puppetdb.rb:37:in `save' /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/profiler/around_profiler.rb:58:in `profile' /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/profiler.rb:51:in `profile' /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/puppetdb.rb:101:in `profile' /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/indirector/facts/puppetdb.rb:20:in `save' /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/indirector/indirection.rb:285:in `save' /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/node/facts.rb:21:in `save' /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/indirector/catalog/compiler.rb:42:in `extract_facts_from_request' /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/profiler/around_profiler.rb:58:in `profile' /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/profiler.rb:51:in `profile' /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/indirector/catalog/compiler.rb:23:in `extract_facts_from_request' /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/indirector/catalog/compiler.rb:48:in `find' /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/indirector/indirection.rb ...
(more)
edit retag flag offensive close merge delete

Comments

Can you try doing some `curl` commands, using `--cert`, `--cacert`, and `--key` with the master's certs, to the PuppetDB HTTP endpoints on port 8081? It sounds like you might need to update PuppetDB's ssl configuration, but curl would probably give you a better error message to help confirm that.

cprice404 gravatar imagecprice404 ( 2016-08-24 11:58:42 -0600 )edit