Details
Normal Description
When running the puppet agent on a puppet master (that has puppetserver, puppetca, and puppetdb installed), the error returned on console is the following:
Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Failed to execute '/pdb/cmd/v1?checksum=929a9b572d788d0cce81043e7d0e46142a255404&version=5&certname=puppet-server.landcareresearch.co.nz&command=replace_facts&producer-timestamp=2019-12-16T23:11:18.935Z' on at least 1 of the following 'server_urls': https://<DNS>:8081
|
The following command works:
sudo curl 'https://<DNS>:8081/pdb/query/v4/nodes' --cacert /etc/puppetlabs/puppet/ssl/certs/ca.pem --cert /etc/puppetlabs/puppet/ssl/certs/<DNS>.pem --key /etc/puppetlabs/puppet/ssl/private_keys/<DNS>.pem
|
There are no errors in the logs and the puppdb-access.log doesn't have an entry.
config.ini
[global]
|
vardir = /opt/puppetlabs/server/data/puppetdb
|
logging-config = /etc/puppetlabs/puppetdb/logback.xml
|
jetty.ini
host = 0.0.0.0
|
port = 8080
|
ssl-host = 0.0.0.0
|
ssl-port = 8081
|
ssl-key = /etc/puppetlabs/puppetdb/ssl/private.pem
|
ssl-cert = /etc/puppetlabs/puppetdb/ssl/public.pem
|
ssl-ca-cert = /etc/puppetlabs/puppetdb/ssl/ca.pem
|
access-log-config = /etc/puppetlabs/puppetdb/request-logging.xml
|
puppetdb.ini
empty
puppet.conf
certname is <DNS>
Also enabled reports to puppetdb and storeconfigs to puppetdb
routes.yml
---
|
master:
|
facts:
|
terminus: puppetdb
|
cache: yaml
|
puppetdb.conf
[main]
|
server_urls = https://<DNS>:8081/
|
soft_write_failure = false
|
auth.conf
Has <DNS> in the allow array.
Additional Notes
I worked with austb (slack) on troubleshooting this issue. He suggested that I open a ticket.
PuppetDB can be connected via port 8080 in the web browser. Port 8081 does not work (since my web browser doesn't have the CA installed).
