First time connecting agent to master, Could not request certificate: ...404

asked 2017-06-21 14:53:30 -0500

I'm sure that this is a configuration issue somewhere, but I don't know what needs to be changed.

I have three servers all running Oracle Linux 7.3, one running Foreman, one running puppet-server as installed using the foreman-installer and one running puppet-agent as installed using yum. (My hope was to use Foreman as a reporting server to keep tabs on the activities of Puppet but I have little to no interest in actually managing Puppet through the Foreman web interface. I feel that if administrators rely solely on graphical interfaces, they don't get a feel for what commands are actually responsible to make things happen) "puppet agent --test" on the 'client' fails. Both the client and the server have the same version of puppet-agent installed (puppet-agent-1.10.4-1.el7.x8664). I found that /etc/puppetlabs/puppet/puppet.conf has quite a bit of information populated on the puppet server but on the client machine, the file is mostly empty. I've tried a number of configurations but I get the same error messages each time. (empty configuration, configuration equal to puppet.conf found on the puppet server and configuration with just a few specific lines) Running 'puppet agent --test' from the server works fine, from the client, fails each time. A privatekey and public_key .pem file does get created. Running 'puppet cert --list --all' at the server returns no results at all. SELinux is set to permissive, firewalld has been disabled and removed from all three systems, iptables has been installed but currently disabled. All three systems are on the same VLAN. For the system acting as the agent, I've tried Oracle Linux 6.x and 7.x and on a different VLAN.

sudo netstat -tanp | grep LISTEN | grep 8140 tcp 0 0 0.0.0.0:8443 0.0.0.0:* LISTEN 976/ruby

I can telnet over 8140 from the host running the agent to the host running the server, so I know that it's both listening, and reachable and while the telnet session is open, I see the connection as ESTABLISHED.

[main]

server = shqeugpd03.cabelas.corp
environment = production
runinterval = 900
report = true
logdir = /var/log/puppetlabs/puppet

sudo /opt/puppetlabs/puppet/bin/puppet agent --test

Error: Could not request certificate: Find /puppet-ca/v1/certificate/ca?environment=production&failon404=true resulted in 404 with the message: <html> <head> <meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/> <title>Error 404 </title> </head> <body>

HTTP ERROR: 404

Problem accessing /puppet-ca/v1/certificate/ca. Reason:

    Not Found


Powered by Jetty:// </body> </html>

Exiting; failed to retrieve certificate and waitforcert is disabled

edit retag flag offensive close merge delete