Ask Your Question
0

How do I configure Puppet Agent on a Windows server?

asked 2016-11-09 19:45:13 -0500

Conventional gravatar image

updated 2016-11-09 19:47:09 -0500

How do I configure a Windows server to be a Puppet Agent server?

I am running Puppet Enterprise 4.x on CentOS 7 and Puppet Agent 3.7.4 on Windows Server 2012. I am trying to set this up for the first time. I know that there are no ports being blocked from the Puppet Master server to the Puppet Agent server.

When I run the puppet agent -t x.x.x.x command (from a Windows PowerShell window opened as administrator), I get this error:

Warning: Unable to fetch my node definition... x.x.x.x did not match server certificate...Failed to generate additional resources using 'eval_generate' ... did not match server certificate: expected one of ...

The puppet.conf file looked fine. On the Puppet Master server I ran "puppet cert list --all" shows the Puppet agent server has been signed.

I can ping the Puppet Agent server from the Puppet Master. I can ping the Puppet Master server from the Puppet Agent. The GUI of Puppet shows a message "Run Puppet has been disabled because Node Manager cannot connect to <fqdn of="" puppet="" agent="" server="">."

Why do I get the error above when I run the Puppet agent command?

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2016-11-15 19:53:34 -0500

I'm assuming the command you're trying to run is: puppet agent -t --server x.x.x.x

I'm also assuming that your x.x.x.x is referring to an IP address rather than a fully qualified domain name.

So, looking at what you posted, it seems the certificate you created is for a fully qualified domain name that doesn't match the IP address you're using. You would need to rerun that command with: puppet agent -t --server fully.qualified.domain.name.com replacing fully.qualified.domain.name.com with your server's actual FQDN. Also, you didn't include it here in your error, but I believe it should tell you what it was expecting (right after the "expected one of ..."). If the FQDN of what's listed in your error message doesn't resolve to the IP address you're trying to get to, you would have to fix that.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2016-11-09 19:45:13 -0500

Seen: 213 times

Last updated: Nov 09 '16