Hi all, I''m setting up puppetdb to for storing facts et cetera. I installed puppetdb-1.3.0-1.el6.noarch.rpm on my puppetdb.local host (which is puppetized). This seems to work, service starts :). When I edit the settings on my puppetmaster (puppet.local), something goes wrong. I am following the guide [1]. I put the settings (storeconfigs = true, storeconfigs_backend=puppetdb) on my puppetmaster and restart the puppetmaster. When I do a --onetime on a node, I get the following error: Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Failed to submit ''replace facts'' command for gaia.local to PuppetDB at puppetdb.local:8081: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read finished A Warning: Not using cache on failed catalog Error: Could not retrieve catalog; skipping run I''m thinking the problem is that I''m using gaia.local as the host name. Puppet.local is an alias for gaia.local. *Extra info:* For completeness, the error on the puppetdb is: WARN [qtp788652058-42] [io.nio] javax.net.ssl.SSLHandshakeException: null cert chain keystore.jks on the puppetdb has puppetdb.local with print 8C:E6:D1:02:89:9E:25:D3:E8:8F:63:75:8F:85:59:B5:17:BE:F8:47 truststore.jks on puppetdb has ''puppetdb ca'' with print 62:8F:76:CE:5C:9D:23:B0:1D:9D:7A:2F:39:5A:74:43:1D:BB:D9:1E $ openssl verify -CAfile /etc/puppet/ssl/ca/ca_crt.pem `puppet master --configprint hostcert` /etc/puppet/ssl/certs/puppetdb.kahuna.local.pem: OK (yes, I have the SSL certs in /etc/puppet) If someone could help, that would be great. I''m running in circles here. Thanks! kl [1] http://docs.puppetlabs.com/puppetdb/1.3/connect_puppet_master.html -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
I accidentally double-posted this. Didn''t notice poppet-users was moderated. Maybe someone can delete this one? I am not too familiar with google groups. Original: https://groups.google.com/forum/#!topic/puppet-users/877mzTGZl1A Thanks! On Wednesday, May 8, 2013 4:13:20 PM UTC+2, kl.pup...@gmail.com wrote:> > Hi all, > > I''m setting up puppetdb to for storing facts et cetera. I installed > puppetdb-1.3.0-1.el6.noarch.rpm on my puppetdb.local host (which is > puppetized). This seems to work, service starts :). > > When I edit the settings on my puppetmaster (puppet.local), something goes > wrong. I am following the guide [1]. I put the settings (storeconfigs = > true, storeconfigs_backend=puppetdb) on my puppetmaster and restart the > puppetmaster. When I do a --onetime on a node, I get the following error: > > Error: Could not retrieve catalog from remote server: Error 400 on SERVER: > Failed to submit ''replace facts'' command for gaia.local > to PuppetDB at puppetdb.local:8081: SSL_connect SYSCALL returned=5 errno=0 > state=SSLv3 read finished A > Warning: Not using cache on failed catalog > Error: Could not retrieve catalog; skipping run > > > I''m thinking the problem is that I''m using gaia.local as the host name. > Puppet.local is an alias for gaia.local. > > > *Extra info:* > For completeness, the error on the puppetdb is: > WARN [qtp788652058-42] [io.nio] javax.net.ssl.SSLHandshakeException: null > cert chain > > keystore.jks on the puppetdb has puppetdb.local with print > 8C:E6:D1:02:89:9E:25:D3:E8:8F:63:75:8F:85:59:B5:17:BE:F8:47 > truststore.jks on puppetdb has ''puppetdb ca'' with print > 62:8F:76:CE:5C:9D:23:B0:1D:9D:7A:2F:39:5A:74:43:1D:BB:D9:1E > > $ openssl verify -CAfile /etc/puppet/ssl/ca/ca_crt.pem `puppet master > --configprint hostcert` > /etc/puppet/ssl/certs/puppetdb.kahuna.local.pem: OK > > (yes, I have the SSL certs in /etc/puppet) > > If someone could help, that would be great. I''m running in circles here. > Thanks! > kl > > [1] http://docs.puppetlabs.com/puppetdb/1.3/connect_puppet_master.html >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
I seem to get this off and on, but not consistently. Is yours every run? puppet-master[7020]: Failed to submit ''replace facts'' command for ue1a-devdb01.ineu.us to PuppetDB at puppet.example.com:8081: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read finished A I am also on puppetdb 1.3.0, upgraded from 1.1. On May 8, 2013, at 8:13 AM, kl.puppetuser@gmail.com wrote:> Hi all, > > I''m setting up puppetdb to for storing facts et cetera. I installed puppetdb-1.3.0-1.el6.noarch.rpm on my puppetdb.local host (which is puppetized). This seems to work, service starts :). > > When I edit the settings on my puppetmaster (puppet.local), something goes wrong. I am following the guide [1]. I put the settings (storeconfigs = true, storeconfigs_backend=puppetdb) on my puppetmaster and restart the puppetmaster. When I do a --onetime on a node, I get the following error: > > Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Failed to submit ''replace facts'' command for gaia.local > to PuppetDB at puppetdb.local:8081: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read finished A > Warning: Not using cache on failed catalog > Error: Could not retrieve catalog; skipping run > > > I''m thinking the problem is that I''m using gaia.local as the host name. Puppet.local is an alias for gaia.local. > > > Extra info: > For completeness, the error on the puppetdb is: > WARN [qtp788652058-42] [io.nio] javax.net.ssl.SSLHandshakeException: null cert chain > > keystore.jks on the puppetdb has puppetdb.local with print 8C:E6:D1:02:89:9E:25:D3:E8:8F:63:75:8F:85:59:B5:17:BE:F8:47 > truststore.jks on puppetdb has ''puppetdb ca'' with print 62:8F:76:CE:5C:9D:23:B0:1D:9D:7A:2F:39:5A:74:43:1D:BB:D9:1E > > $ openssl verify -CAfile /etc/puppet/ssl/ca/ca_crt.pem `puppet master --configprint hostcert` > /etc/puppet/ssl/certs/puppetdb.kahuna.local.pem: OK > > (yes, I have the SSL certs in /etc/puppet) > > If someone could help, that would be great. I''m running in circles here. > Thanks! > kl > > [1] http://docs.puppetlabs.com/puppetdb/1.3/connect_puppet_master.html > > -- > You received this message because you are subscribed to the Google Groups "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. > To post to this group, send email to puppet-users@googlegroups.com. > Visit this group at http://groups.google.com/group/puppet-users?hl=en. > For more options, visit https://groups.google.com/groups/opt_out. > >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.