FAQ
Hi all,

I'm setting up puppetdb to for storing facts et cetera. I installed
puppetdb-1.3.0-1.el6.noarch.rpm on my puppetdb.local host (which is
puppetized). This seems to work, service starts :).

When I edit the settings on my puppetmaster (puppet.local), something goes
wrong. I am following the guide [1]. I put the settings (storeconfigs =
true, storeconfigs_backend=puppetdb) on my puppetmaster and restart the
puppetmaster. When I do a --onetime on a node, I get the following error:

Error: Could not retrieve catalog from remote server: Error 400 on SERVER:
Failed to submit 'replace facts' command for gaia.local
to PuppetDB at puppetdb.local:8081: SSL_connect SYSCALL returned=5 errno=0
state=SSLv3 read finished A
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run


I'm thinking the problem is that I'm using gaia.local as the host name.
Puppet.local is an alias for gaia.local.


*Extra info:*
For completeness, the error on the puppetdb is:
WARN [qtp788652058-42] [io.nio] javax.net.ssl.SSLHandshakeException: null
cert chain

keystore.jks on the puppetdb has puppetdb.local with print
8C:E6:D1:02:89:9E:25:D3:E8:8F:63:75:8F:85:59:B5:17:BE:F8:47
truststore.jks on puppetdb has 'puppetdb ca' with print
62:8F:76:CE:5C:9D:23:B0:1D:9D:7A:2F:39:5A:74:43:1D:BB:D9:1E

$ openssl verify -CAfile /etc/puppet/ssl/ca/ca_crt.pem `puppet master
--configprint hostcert`
/etc/puppet/ssl/certs/puppetdb.kahuna.local.pem: OK

(yes, I have the SSL certs in /etc/puppet)

If someone could help, that would be great. I'm running in circles here.
Thanks!
kl

[1] http://docs.puppetlabs.com/puppetdb/1.3/connect_puppet_master.html

--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Search Discussions

  • Kl Puppetuser at May 8, 2013 at 2:22 pm
    I accidentally double-posted this. Didn't notice poppet-users was
    moderated. Maybe someone can delete this one? I am not too familiar with
    google groups.

    Original:
    https://groups.google.com/forum/#!topic/puppet-users/877mzTGZl1A

    Thanks!

    On Wednesday, May 8, 2013 4:13:20 PM UTC+2, kl.pup...@gmail.com wrote:

    Hi all,

    I'm setting up puppetdb to for storing facts et cetera. I installed
    puppetdb-1.3.0-1.el6.noarch.rpm on my puppetdb.local host (which is
    puppetized). This seems to work, service starts :).

    When I edit the settings on my puppetmaster (puppet.local), something goes
    wrong. I am following the guide [1]. I put the settings (storeconfigs =
    true, storeconfigs_backend=puppetdb) on my puppetmaster and restart the
    puppetmaster. When I do a --onetime on a node, I get the following error:

    Error: Could not retrieve catalog from remote server: Error 400 on SERVER:
    Failed to submit 'replace facts' command for gaia.local
    to PuppetDB at puppetdb.local:8081: SSL_connect SYSCALL returned=5 errno=0
    state=SSLv3 read finished A
    Warning: Not using cache on failed catalog
    Error: Could not retrieve catalog; skipping run


    I'm thinking the problem is that I'm using gaia.local as the host name.
    Puppet.local is an alias for gaia.local.


    *Extra info:*
    For completeness, the error on the puppetdb is:
    WARN [qtp788652058-42] [io.nio] javax.net.ssl.SSLHandshakeException: null
    cert chain

    keystore.jks on the puppetdb has puppetdb.local with print
    8C:E6:D1:02:89:9E:25:D3:E8:8F:63:75:8F:85:59:B5:17:BE:F8:47
    truststore.jks on puppetdb has 'puppetdb ca' with print
    62:8F:76:CE:5C:9D:23:B0:1D:9D:7A:2F:39:5A:74:43:1D:BB:D9:1E

    $ openssl verify -CAfile /etc/puppet/ssl/ca/ca_crt.pem `puppet master
    --configprint hostcert`
    /etc/puppet/ssl/certs/puppetdb.kahuna.local.pem: OK

    (yes, I have the SSL certs in /etc/puppet)

    If someone could help, that would be great. I'm running in circles here.
    Thanks!
    kl

    [1] http://docs.puppetlabs.com/puppetdb/1.3/connect_puppet_master.html
    --
    You received this message because you are subscribed to the Google Groups "Puppet Users" group.
    To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com.
    To post to this group, send email to puppet-users@googlegroups.com.
    Visit this group at http://groups.google.com/group/puppet-users?hl=en.
    For more options, visit https://groups.google.com/groups/opt_out.
  • Justin Lambert at May 9, 2013 at 12:53 pm
    I seem to get this off and on, but not consistently. Is yours every run?

    puppet-master[7020]: Failed to submit 'replace facts' command for ue1a-devdb01.ineu.us to PuppetDB at puppet.example.com:8081: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read finished A

    I am also on puppetdb 1.3.0, upgraded from 1.1.

    On May 8, 2013, at 8:13 AM, kl.puppetuser@gmail.com wrote:

    Hi all,

    I'm setting up puppetdb to for storing facts et cetera. I installed puppetdb-1.3.0-1.el6.noarch.rpm on my puppetdb.local host (which is puppetized). This seems to work, service starts :).

    When I edit the settings on my puppetmaster (puppet.local), something goes wrong. I am following the guide [1]. I put the settings (storeconfigs = true, storeconfigs_backend=puppetdb) on my puppetmaster and restart the puppetmaster. When I do a --onetime on a node, I get the following error:

    Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Failed to submit 'replace facts' command for gaia.local
    to PuppetDB at puppetdb.local:8081: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read finished A
    Warning: Not using cache on failed catalog
    Error: Could not retrieve catalog; skipping run


    I'm thinking the problem is that I'm using gaia.local as the host name. Puppet.local is an alias for gaia.local.


    Extra info:
    For completeness, the error on the puppetdb is:
    WARN [qtp788652058-42] [io.nio] javax.net.ssl.SSLHandshakeException: null cert chain

    keystore.jks on the puppetdb has puppetdb.local with print 8C:E6:D1:02:89:9E:25:D3:E8:8F:63:75:8F:85:59:B5:17:BE:F8:47
    truststore.jks on puppetdb has 'puppetdb ca' with print 62:8F:76:CE:5C:9D:23:B0:1D:9D:7A:2F:39:5A:74:43:1D:BB:D9:1E

    $ openssl verify -CAfile /etc/puppet/ssl/ca/ca_crt.pem `puppet master --configprint hostcert`
    /etc/puppet/ssl/certs/puppetdb.kahuna.local.pem: OK

    (yes, I have the SSL certs in /etc/puppet)

    If someone could help, that would be great. I'm running in circles here.
    Thanks!
    kl

    [1] http://docs.puppetlabs.com/puppetdb/1.3/connect_puppet_master.html

    --
    You received this message because you are subscribed to the Google Groups "Puppet Users" group.
    To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com.
    To post to this group, send email to puppet-users@googlegroups.com.
    Visit this group at http://groups.google.com/group/puppet-users?hl=en.
    For more options, visit https://groups.google.com/groups/opt_out.
    --
    You received this message because you are subscribed to the Google Groups "Puppet Users" group.
    To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com.
    To post to this group, send email to puppet-users@googlegroups.com.
    Visit this group at http://groups.google.com/group/puppet-users?hl=en.
    For more options, visit https://groups.google.com/groups/opt_out.

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
grouppuppet-users @
categoriespuppet
postedMay 8, '13 at 2:18p
activeMay 9, '13 at 12:53p
posts3
users2
websitepuppetlabs.com

2 users in discussion

Kl Puppetuser: 2 posts Justin Lambert: 1 post

People

Translate

site design / logo © 2022 Grokbase