Hi, Looks like Puppet agent cannot resolve the hostname set in puppet.conf. Please check whether correct hostname is set in puppet.conf and that it is resolvable via DNS or /etc/hosts file.
Also make sure hostname is correctly set in Puppet master. Output of `hostname` command should match the value in puppet.conf. Thanks. On Tue, Feb 23, 2016 at 2:10 PM, Bhathiya Jayasekara <[email protected]> wrote: > The problem was I didn't have a directory for my APIM version in > *hieradata/production/wso2/wso2am.* Thanks a lot Akila for helping me a > lot offline. > > But unfortunately I'm still away from success. Now I'm getting below > error. Any idea about the cause? > > root@apim-node-1:/opt# ./setup.sh > ##################################################### > Starting cleanup > ##################################################### > ##################################################### > Setting up environment > ##################################################### > ##################################################### > Installing > ##################################################### > Warning: Unable to fetch my node definition, but the agent run will > continue: > Warning: getaddrinfo: Name or service not known > Info: Retrieving plugin > Error: /File[/var/lib/puppet/lib]: Failed to generate additional resources > using 'eval_generate': getaddrinfo: Name or service not known > Error: /File[/var/lib/puppet/lib]: Could not evaluate: getaddrinfo: Name > or service not known Could not retrieve file metadata for > puppet://puppet/plugins: getaddrinfo: Name or service not known > Info: Loading facts in /var/lib/puppet/lib/facter/puppet_vardir.rb > Info: Loading facts in /var/lib/puppet/lib/facter/service_provider.rb > Info: Loading facts in /var/lib/puppet/lib/facter/package_provider.rb > Info: Loading facts in /var/lib/puppet/lib/facter/root_home.rb > Info: Loading facts in /var/lib/puppet/lib/facter/facter_dot_d.rb > Info: Loading facts in /var/lib/puppet/lib/facter/pe_version.rb > Error: Could not retrieve catalog from remote server: getaddrinfo: Name or > service not known > Warning: Not using cache on failed catalog > Error: Could not retrieve catalog; skipping run > Error: Could not send report: getaddrinfo: Name or service not known > > Thanks, > Bhathiya > > On Tue, Feb 23, 2016 at 10:44 AM, Bhathiya Jayasekara <[email protected]> > wrote: > >> Hi all, >> >> Thanks for the replies. The problem was the hostname as Lahiru mentioned. >> I didn't restart the VM after changing /etc/hostname before. Just restarted >> the VM now and issue is solved. I think it's better to update the doc if a >> restart is required after changing hostname. >> >> However I endedup in another error.. >> >> Error: Could not retrieve catalog from remote server: Error 400 on >> SERVER: Could not find data item classes in any Hiera data file and no >> default supplied at >> /etc/puppet/environments/production/manifests/site.pp:21 on node >> apim-node-1.openstacklocal >> Warning: Not using cache on failed catalog >> Error: Could not retrieve catalog; skipping run >> >> As mentioned in the doc, I have that site.pp in puppet master only. Do I >> need to have it in agent too? >> >> Thanks, >> Bhathiya >> >> >> >> On Tue, Feb 23, 2016 at 9:34 AM, Akila Ravihansa Perera < >> [email protected]> wrote: >> >>> Hi Bhathiya, >>> >>> Please try the following steps; >>> >>> 1. Delete all certificates in Puppet master (rm -rf >>> /var/lib/puppet/ssl/*) >>> 2. Delete all certificates in Puppet agent (rm -rf /var/lib/puppet/ssl/*) >>> You may use `puppet cert clean --all` command as well >>> >>> 3. Check puppet.conf in both Puppet agent and master >>> Agent should point to master hostname >>> server = puppet.example.com >>> >>> This hostname must resolve to corresponding IP address via DNS or hosts >>> file mappings >>> >>> This hostname must be the Puppet master's system hostname. Or else it >>> should be added as a property to puppet.conf in Puppet master instance >>> >>> dns_alt_names=puppet.example.com >>> >>> 4. Auto-signing should be enabled in puppet.conf in Puppet master. Or >>> all the white-listed hostnames should be added to autosign.conf in Puppet >>> master. >>> autosign = true >>> >>> 5. Restart Puppet master service after modifying above config files. >>> >>> Thanks. >>> >>> On Tue, Feb 23, 2016 at 7:43 AM, Lahiru Sandaruwan <[email protected]> >>> wrote: >>> >>>> Hi Bhathiya, >>>> >>>> Please check if the hostname(hostname command) is correctly set in >>>> puppet master. Also, after the certificate clearance, remember to restart >>>> puppet master. >>>> >>>> Thanks. >>>> >>>> On Tue, Feb 23, 2016 at 12:34 AM, Sajith Kariyawasam <[email protected]> >>>> wrote: >>>> >>>>> Hi Bhathiya, >>>>> >>>>> Did you delete old certs in puppet master as explained in [1] ? From >>>>> the commands you have listed, it seems you have deleted the certs in agent >>>>> side only. >>>>> [2] too provides some tips related to a similar issue. >>>>> Also, if you are testing in an IaaS, please make sure all the >>>>> necessary ports in puppet master instance are accessible from puppet agent >>>>> instance. >>>>> >>>>> >>>>> [1] >>>>> http://serverfault.com/questions/515296/puppet-agent-certificate-verify-failure >>>>> [2] >>>>> http://stackoverflow.com/questions/4528101/ssl-connect-returned-1-errno-0-state-sslv3-read-server-certificate-b-certificat >>>>> >>>>> Thanks, >>>>> Sajith >>>>> >>>>> On Tue, Feb 23, 2016 at 12:02 AM, Bhathiya Jayasekara < >>>>> [email protected]> wrote: >>>>> >>>>>> Thanks for the prompt response Pubudu. I already tried that and got >>>>>> below. >>>>>> >>>>>> root@apim-2:/opt# find /var/lib/puppet/ssl -name '*.pem' -exec rm {} >>>>>> \; >>>>>> root@apim-2:/opt# puppet agent -t >>>>>> Info: Creating a new SSL key for apim-2.openstacklocal >>>>>> Info: Caching certificate for ca >>>>>> Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml >>>>>> Info: Creating a new SSL certificate request for apim-2.openstacklocal >>>>>> Info: Certificate Request fingerprint (SHA256): >>>>>> 74:F4:B5:D3:39:02:0F:D7:6D:88:0C:06:4B:55:1C:08:7C:B8:C9:3E:91:0F:B1:C9:1B:07:DE:27:BB:D1:D5:55 >>>>>> Info: Caching certificate for apim-2.openstacklocal >>>>>> Info: Caching certificate_revocation_list for ca >>>>>> Error: Could not request certificate: SSL_connect returned=1 errno=0 >>>>>> state=SSLv3 read server certificate B: certificate verify failed: >>>>>> [certificate revoked for /CN=apim-2.openstacklocal] >>>>>> >>>>>> Thanks, >>>>>> Bhathiya >>>>>> >>>>>> On Mon, Feb 22, 2016 at 11:52 PM, Pubudu Gunatilaka <[email protected] >>>>>> > wrote: >>>>>> >>>>>>> Hi Bhathiya, >>>>>>> >>>>>>> Could you please check with this [1] ? I think you are having Error >>>>>>> 4. >>>>>>> >>>>>>> [1] - >>>>>>> http://suhan-opensource.blogspot.com/2014/10/puppet-master-agent-communication-errors.html >>>>>>> >>>>>>> Thank you! >>>>>>> >>>>>>> On Mon, Feb 22, 2016 at 11:47 PM, Bhathiya Jayasekara < >>>>>>> [email protected]> wrote: >>>>>>> >>>>>>>> Hi all, >>>>>>>> >>>>>>>> I followed all the steps in [1]. But at the end I'm getting below >>>>>>>> cert error. Can someone please help me to understand what's wrong? >>>>>>>> >>>>>>>> root@apim-2:/opt# ./setup.sh >>>>>>>> ##################################################### >>>>>>>> Starting cleanup >>>>>>>> ##################################################### >>>>>>>> ##################################################### >>>>>>>> Setting up environment >>>>>>>> ##################################################### >>>>>>>> ##################################################### >>>>>>>> Installing >>>>>>>> ##################################################### >>>>>>>> Warning: Unable to fetch my node definition, but the agent run will >>>>>>>> continue: >>>>>>>> Warning: SSL_connect returned=1 errno=0 state=SSLv3 read server >>>>>>>> certificate B: certificate verify failed: [certificate revoked for >>>>>>>> /CN=apim-2.openstacklocal] >>>>>>>> Info: Retrieving plugin >>>>>>>> Error: /File[/var/lib/puppet/lib]: Failed to generate additional >>>>>>>> resources using 'eval_generate': SSL_connect returned=1 errno=0 >>>>>>>> state=SSLv3 >>>>>>>> read server certificate B: certificate verify failed: [certificate >>>>>>>> revoked >>>>>>>> for /CN=apim-2.openstacklocal] >>>>>>>> Error: /File[/var/lib/puppet/lib]: Could not evaluate: SSL_connect >>>>>>>> returned=1 errno=0 state=SSLv3 read server certificate B: certificate >>>>>>>> verify failed: [certificate revoked for /CN=apim-2.openstacklocal] >>>>>>>> Could >>>>>>>> not retrieve file metadata for puppet://puppet/plugins: SSL_connect >>>>>>>> returned=1 errno=0 state=SSLv3 read server certificate B: certificate >>>>>>>> verify failed: [certificate revoked for /CN=apim-2.openstacklocal] >>>>>>>> Error: Could not retrieve catalog from remote server: SSL_connect >>>>>>>> returned=1 errno=0 state=SSLv3 read server certificate B: certificate >>>>>>>> verify failed: [certificate revoked for /CN=apim-2.openstacklocal] >>>>>>>> Warning: Not using cache on failed catalog >>>>>>>> Error: Could not retrieve catalog; skipping run >>>>>>>> Error: Could not send report: SSL_connect returned=1 errno=0 >>>>>>>> state=SSLv3 read server certificate B: certificate verify failed: >>>>>>>> [certificate revoked for /CN=apim-2.openstacklocal] >>>>>>>> >>>>>>>> [1] >>>>>>>> https://github.com/wso2/puppet-modules/wiki/Use-WSO2-Puppet-Modules-in-puppet-master-agent-Environment >>>>>>>> >>>>>>>> Thanks, >>>>>>>> >>>>>>>> -- >>>>>>>> *Bhathiya Jayasekara* >>>>>>>> *Senior Software Engineer,* >>>>>>>> *WSO2 inc., http://wso2.com <http://wso2.com>* >>>>>>>> >>>>>>>> *Phone: +94715478185 <%2B94715478185>* >>>>>>>> *LinkedIn: http://www.linkedin.com/in/bhathiyaj >>>>>>>> <http://www.linkedin.com/in/bhathiyaj>* >>>>>>>> *Twitter: https://twitter.com/bhathiyax >>>>>>>> <https://twitter.com/bhathiyax>* >>>>>>>> *Blog: http://movingaheadblog.blogspot.com >>>>>>>> <http://movingaheadblog.blogspot.com/>* >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> Dev mailing list >>>>>>>> [email protected] >>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> *Pubudu Gunatilaka* >>>>>>> Committer and PMC Member - Apache Stratos >>>>>>> Software Engineer >>>>>>> WSO2, Inc.: http://wso2.com >>>>>>> mobile : +94774079049 <%2B94772207163> >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> *Bhathiya Jayasekara* >>>>>> *Senior Software Engineer,* >>>>>> *WSO2 inc., http://wso2.com <http://wso2.com>* >>>>>> >>>>>> *Phone: +94715478185 <%2B94715478185>* >>>>>> *LinkedIn: http://www.linkedin.com/in/bhathiyaj >>>>>> <http://www.linkedin.com/in/bhathiyaj>* >>>>>> *Twitter: https://twitter.com/bhathiyax >>>>>> <https://twitter.com/bhathiyax>* >>>>>> *Blog: http://movingaheadblog.blogspot.com >>>>>> <http://movingaheadblog.blogspot.com/>* >>>>>> >>>>>> _______________________________________________ >>>>>> Dev mailing list >>>>>> [email protected] >>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> Sajith Kariyawasam >>>>> *Committer and PMC member, Apache Stratos, * >>>>> *WSO2 Inc.; http://wso2.com <http://wso2.com>* >>>>> *Mobile: 0772269575 <0772269575>* >>>>> >>>>> _______________________________________________ >>>>> Dev mailing list >>>>> [email protected] >>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>> >>>>> >>>> >>>> >>>> -- >>>> -- >>>> Lahiru Sandaruwan >>>> Committer and PMC member, Apache Stratos, >>>> Senior Software Engineer, >>>> WSO2 Inc., http://wso2.com >>>> lean.enterprise.middleware >>>> >>>> phone: +94773325954 >>>> email: [email protected] blog: http://lahiruwrites.blogspot.com/ >>>> linked-in: http://lk.linkedin.com/pub/lahiru-sandaruwan/16/153/146 >>>> >>>> >>>> _______________________________________________ >>>> Dev mailing list >>>> [email protected] >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>>> >>> >>> >>> -- >>> Akila Ravihansa Perera >>> WSO2 Inc.; http://wso2.com/ >>> >>> Blog: http://ravihansa3000.blogspot.com >>> >>> _______________________________________________ >>> Dev mailing list >>> [email protected] >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> >> -- >> *Bhathiya Jayasekara* >> *Senior Software Engineer,* >> *WSO2 inc., http://wso2.com <http://wso2.com>* >> >> *Phone: +94715478185 <%2B94715478185>* >> *LinkedIn: http://www.linkedin.com/in/bhathiyaj >> <http://www.linkedin.com/in/bhathiyaj>* >> *Twitter: https://twitter.com/bhathiyax <https://twitter.com/bhathiyax>* >> *Blog: http://movingaheadblog.blogspot.com >> <http://movingaheadblog.blogspot.com/>* >> > > > > -- > *Bhathiya Jayasekara* > *Senior Software Engineer,* > *WSO2 inc., http://wso2.com <http://wso2.com>* > > *Phone: +94715478185 <%2B94715478185>* > *LinkedIn: http://www.linkedin.com/in/bhathiyaj > <http://www.linkedin.com/in/bhathiyaj>* > *Twitter: https://twitter.com/bhathiyax <https://twitter.com/bhathiyax>* > *Blog: http://movingaheadblog.blogspot.com > <http://movingaheadblog.blogspot.com/>* > -- Akila Ravihansa Perera WSO2 Inc.; http://wso2.com/ Blog: http://ravihansa3000.blogspot.com
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
