I am mostly using Puppet for Linux nodes, but I have started deploying it
on a handful of Windows nodes, but seem to run into SSL problems every time
on the initial deployment. I think I have hit this error on all three nodes
so far, but currently two are working and one is not. All three nodes are
virtually identical servers running Windows Server 2012 R2.
[0;36mDebug: Failed to load library 'syslog' for feature 'syslog' [0m
[0;36mDebug: Failed to load library 'selinux' for feature 'selinux' [0m
[0;36mDebug: Using settings: adding file resource 'confdir':
'File[C:/ProgramData/PuppetLabs/puppet/etc]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc",
:ensure=>:directory, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'vardir':
'File[C:/ProgramData/PuppetLabs/puppet/var]{:path=>"C:/ProgramData/PuppetLabs/puppet/var",
:ensure=>:directory, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'logdir':
'File[C:/ProgramData/PuppetLabs/puppet/var/log]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/log",
:mode=>"750", :ensure=>:directory, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'statedir':
'File[C:/ProgramData/PuppetLabs/puppet/var/state]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/state",
:mode=>"1755", :ensure=>:directory, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'rundir':
'File[C:/ProgramData/PuppetLabs/puppet/var/run]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/run",
:mode=>"755", :ensure=>:directory, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'libdir':
'File[C:/ProgramData/PuppetLabs/puppet/var/lib]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/lib",
:ensure=>:directory, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'certdir':
'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/certs]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/certs",
:ensure=>:directory, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'ssldir':
'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl",
:mode=>"771", :ensure=>:directory, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'publickeydir':
'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/public_keys]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/public_keys",
:ensure=>:directory, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'requestdir':
'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/certificate_requests]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/certificate_requests",
:ensure=>:directory, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'privatekeydir':
'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys",
:mode=>"750", :ensure=>:directory, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'privatedir':
'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/private]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/private",
:mode=>"750", :ensure=>:directory, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'hostprivkey':
'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys/testnode1.pem]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys/testnode1.pem",
:mode=>"600", :ensure=>:file, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'hostpubkey':
'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/public_keys/testnode1.pem]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/public_keys/testnode1.pem",
:mode=>"644", :ensure=>:file, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'localcacert':
'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/certs/ca.pem]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/certs/ca.pem",
:mode=>"644", :ensure=>:file, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'clientyamldir':
'File[C:/ProgramData/PuppetLabs/puppet/var/client_yaml]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/client_yaml",
:mode=>"750", :ensure=>:directory, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'client_datadir':
'File[C:/ProgramData/PuppetLabs/puppet/var/client_data]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/client_data",
:mode=>"750", :ensure=>:directory, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'clientbucketdir':
'File[C:/ProgramData/PuppetLabs/puppet/var/clientbucket]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/clientbucket",
:mode=>"750", :ensure=>:directory, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'graphdir':
'File[C:/ProgramData/PuppetLabs/puppet/var/state/graphs]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/state/graphs",
:ensure=>:directory, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Puppet::Type::File::ProviderPosix: feature posix is
missing [0m
[0;36mDebug: Failed to load library 'shadow' for feature 'libshadow' [0m
[0;36mDebug: /File[C:/ProgramData/PuppetLabs/puppet/var/log]:
Autorequiring File[C:/ProgramData/PuppetLabs/puppet/var] [0m
[0;36mDebug: /File[C:/ProgramData/PuppetLabs/puppet/var/state]:
Autorequiring File[C:/ProgramData/PuppetLabs/puppet/var] [0m
[0;36mDebug: /File[C:/ProgramData/PuppetLabs/puppet/var/run]:
Autorequiring File[C:/ProgramData/PuppetLabs/puppet/var] [0m
[0;36mDebug: /File[C:/ProgramData/PuppetLabs/puppet/var/lib]:
Autorequiring File[C:/ProgramData/PuppetLabs/puppet/var] [0m
[0;36mDebug: /File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/certs]:
Autorequiring File[C:/ProgramData/PuppetLabs/puppet/etc/ssl] [0m
[0;36mDebug: /File[C:/ProgramData/PuppetLabs/puppet/etc/ssl]:
Autorequiring File[C:/ProgramData/PuppetLabs/puppet/etc] [0m
[0;36mDebug: /File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/public_keys]:
Autorequiring File[C:/ProgramData/PuppetLabs/puppet/etc/ssl] [0m
[0;36mDebug:
/File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/certificate_requests]:
Autorequiring File[C:/ProgramData/PuppetLabs/puppet/etc/ssl] [0m
[0;36mDebug: /File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys]:
Autorequiring File[C:/ProgramData/PuppetLabs/puppet/etc/ssl] [0m
[0;36mDebug: /File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/private]:
Autorequiring File[C:/ProgramData/PuppetLabs/puppet/etc/ssl] [0m
[0;36mDebug:
/File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys/testnode1.pem]:
Autorequiring
File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys] [0m
[0;36mDebug:
/File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/public_keys/testnode1.pem]:
Autorequiring File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/public_keys] [0m
[0;36mDebug: /File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/certs/ca.pem]:
Autorequiring File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/certs] [0m
[0;36mDebug: /File[C:/ProgramData/PuppetLabs/puppet/var/client_yaml]:
Autorequiring File[C:/ProgramData/PuppetLabs/puppet/var] [0m
[0;36mDebug: /File[C:/ProgramData/PuppetLabs/puppet/var/client_data]:
Autorequiring File[C:/ProgramData/PuppetLabs/puppet/var] [0m
[0;36mDebug: /File[C:/ProgramData/PuppetLabs/puppet/var/clientbucket]:
Autorequiring File[C:/ProgramData/PuppetLabs/puppet/var] [0m
[0;36mDebug: /File[C:/ProgramData/PuppetLabs/puppet/var/state/graphs]:
Autorequiring File[C:/ProgramData/PuppetLabs/puppet/var/state] [0m
[0;36mDebug: Finishing transaction 36564120 [0m
[0;36mDebug: Using settings: adding file resource 'confdir':
'File[C:/ProgramData/PuppetLabs/puppet/etc]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc",
:ensure=>:directory, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'vardir':
'File[C:/ProgramData/PuppetLabs/puppet/var]{:path=>"C:/ProgramData/PuppetLabs/puppet/var",
:ensure=>:directory, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'logdir':
'File[C:/ProgramData/PuppetLabs/puppet/var/log]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/log",
:mode=>"750", :ensure=>:directory, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'statedir':
'File[C:/ProgramData/PuppetLabs/puppet/var/state]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/state",
:mode=>"1755", :ensure=>:directory, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'rundir':
'File[C:/ProgramData/PuppetLabs/puppet/var/run]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/run",
:mode=>"755", :ensure=>:directory, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'libdir':
'File[C:/ProgramData/PuppetLabs/puppet/var/lib]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/lib",
:ensure=>:directory, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'certdir':
'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/certs]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/certs",
:ensure=>:directory, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'ssldir':
'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl",
:mode=>"771", :ensure=>:directory, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'publickeydir':
'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/public_keys]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/public_keys",
:ensure=>:directory, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'requestdir':
'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/certificate_requests]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/certificate_requests",
:ensure=>:directory, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'privatekeydir':
'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys",
:mode=>"750", :ensure=>:directory, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'privatedir':
'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/private]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/private",
:mode=>"750", :ensure=>:directory, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'hostprivkey':
'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys/testnode1.pem]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys/testnode1.pem",
:mode=>"600", :ensure=>:file, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'hostpubkey':
'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/public_keys/testnode1.pem]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/public_keys/testnode1.pem",
:mode=>"644", :ensure=>:file, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: Using settings: adding file resource 'localcacert':
'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/certs/ca.pem]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/certs/ca.pem",
:mode=>"644", :ensure=>:file, :loglevel=>:debug, :links=>:follow,
:backup=>false}' [0m
[0;36mDebug: /File[C:/ProgramData/PuppetLabs/puppet/var/log]:
Autorequiring File[C:/ProgramData/PuppetLabs/puppet/var] [0m
[0;36mDebug: /File[C:/ProgramData/PuppetLabs/puppet/var/state]:
Autorequiring File[C:/ProgramData/PuppetLabs/puppet/var] [0m
[0;36mDebug: /File[C:/ProgramData/PuppetLabs/puppet/var/run]:
Autorequiring File[C:/ProgramData/PuppetLabs/puppet/var] [0m
[0;36mDebug: /File[C:/ProgramData/PuppetLabs/puppet/var/lib]:
Autorequiring File[C:/ProgramData/PuppetLabs/puppet/var] [0m
[0;36mDebug: /File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/certs]:
Autorequiring File[C:/ProgramData/PuppetLabs/puppet/etc/ssl] [0m
[0;36mDebug: /File[C:/ProgramData/PuppetLabs/puppet/etc/ssl]:
Autorequiring File[C:/ProgramData/PuppetLabs/puppet/etc] [0m
[0;36mDebug: /File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/public_keys]:
Autorequiring File[C:/ProgramData/PuppetLabs/puppet/etc/ssl] [0m
[0;36mDebug:
/File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/certificate_requests]:
Autorequiring File[C:/ProgramData/PuppetLabs/puppet/etc/ssl] [0m
[0;36mDebug: /File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys]:
Autorequiring File[C:/ProgramData/PuppetLabs/puppet/etc/ssl] [0m
[0;36mDebug: /File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/private]:
Autorequiring File[C:/ProgramData/PuppetLabs/puppet/etc/ssl] [0m
[0;36mDebug:
/File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys/testnode1.pem]:
Autorequiring
File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys] [0m
[0;36mDebug:
/File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/public_keys/testnode1.pem]:
Autorequiring File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/public_keys] [0m
[0;36mDebug: /File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/certs/ca.pem]:
Autorequiring File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/certs] [0m
[0;36mDebug: Finishing transaction 37392876 [0m
[0;36mDebug: Using cached certificate for ca [0m
Exiting; failed to retrieve certificate and waitforcert is disabled
Error: Could not request certificate: SSL_connect SYSCALL returned=5
errno=0 state=SSLv2/v3 read server hello A
The puppet master log shows:
[2013-12-05 10:12:08] ERROR RuntimeError: Client disconnected before
connection could be established
/usr/lib64/ruby/vendor_ruby/1.8/puppet/network/http/webrick.rb:31:in
`listen'
/usr/lib64/ruby/1.8/webrick/server.rb:173:in `call'
/usr/lib64/ruby/1.8/webrick/server.rb:173:in `start_thread'
/usr/lib64/ruby/1.8/webrick/server.rb:162:in `start'
/usr/lib64/ruby/1.8/webrick/server.rb:162:in `start_thread'
/usr/lib64/ruby/1.8/webrick/server.rb:95:in `start'
/usr/lib64/ruby/1.8/webrick/server.rb:92:in `each'
/usr/lib64/ruby/1.8/webrick/server.rb:92:in `start'
/usr/lib64/ruby/1.8/webrick/server.rb:23:in `start'
/usr/lib64/ruby/1.8/webrick/server.rb:82:in `start'
/usr/lib64/ruby/vendor_ruby/1.8/puppet/network/http/webrick.rb:30:in
`listen'
/usr/lib64/ruby/vendor_ruby/1.8/puppet/network/http/webrick.rb:29:in
`initialize'
/usr/lib64/ruby/vendor_ruby/1.8/puppet/network/http/webrick.rb:29:in `new'
/usr/lib64/ruby/vendor_ruby/1.8/puppet/network/http/webrick.rb:29:in
`listen'
/usr/lib64/ruby/vendor_ruby/1.8/puppet/network/http/webrick.rb:26:in
`synchronize'
/usr/lib64/ruby/vendor_ruby/1.8/puppet/network/http/webrick.rb:26:in
`listen'
/usr/lib64/ruby/vendor_ruby/1.8/puppet/network/server.rb:92:in
`listen'
/usr/lib64/ruby/vendor_ruby/1.8/puppet/network/server.rb:104:in
`start'
/usr/lib64/ruby/vendor_ruby/1.8/puppet/daemon.rb:136:in `start'
/usr/lib64/ruby/vendor_ruby/1.8/puppet/application/master.rb:207:in
`main'
/usr/lib64/ruby/vendor_ruby/1.8/puppet/application/master.rb:157:in
`run_command'
/usr/lib64/ruby/vendor_ruby/1.8/puppet/application.rb:364:in `run'
/usr/lib64/ruby/vendor_ruby/1.8/puppet/application.rb:456:in
`plugin_hook'
/usr/lib64/ruby/vendor_ruby/1.8/puppet/application.rb:364:in `run'
/usr/lib64/ruby/vendor_ruby/1.8/puppet/util.rb:504:in `exit_on_fail'
/usr/lib64/ruby/vendor_ruby/1.8/puppet/application.rb:364:in `run'
/usr/lib64/ruby/vendor_ruby/1.8/puppet/util/command_line.rb:132:in
`run'
/usr/lib64/ruby/vendor_ruby/1.8/puppet/util/command_line.rb:86:in
`execute'
/usr/bin/puppet:4
I suspected the time being out of sync was an issue, so I tried syncing the
time on this server and I then renamed the hostname, uninstalled Puppet,
deleted the data in C:\ProgramData, removed the certificate on the puppet
master, and tried the whole process over again. I continue to get the exact
same error. It does not go away after waiting a while like I have seen
sometimes.
I've confirmed that there is no firewall issue here. It is able to connect
to the puppet master.
Any idea on what is going on here? Or how to debug? I suppose I could try
to debug with an openssl client, but I don't know how to replicate the
exact environment that this puppet agent is using.
Thanks,
Dan
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/e4bbc251-a50e-4848-93d2-b9b2438d5aae%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
