On Monday, April 27, 2015 at 1:43:48 AM UTC+12, Balasekhar Nelli wrote: > > Hi there, > > I have been struggling with the bug that Puppet Master on Foreman unable > to communicate with the newly provisioning instance and thereby Puppet > Modules are not installing on the newly provisioned instance. > > Please look through the screenshot for the errors. > > And please look through the log of /var/log/messages: > >> Apr 23 09:32:55 ip-172-31-52-219 puppet-agent[1277]: Could not request >>> certificate: The certificate retrieved from the master does not match the >>> agent's private key. >> >> Apr 23 09:32:55 ip-172-31-52-219 puppet-agent[1277]: Certificate >>> fingerprint: >>> 3F:D7:22:8C:64:45:A4:95:75:F3:DB:D3:2E:86:E5:4F:59:5F:FC:0B:5A:72:8A:54:BA:AF:FE:F0:A3:77:EC:84 >> >> Apr 23 09:32:55 ip-172-31-52-219 puppet-agent[1277]: To fix this, remove >>> the certificate from both the master and the agent and then start a puppet >>> run, which will automatically regenerate a certficate. >> >> Apr 23 09:32:55 ip-172-31-52-219 puppet-agent[1277]: On the master: >> >> Apr 23 09:32:55 ip-172-31-52-219 puppet-agent[1277]: puppet cert clean >>> aquaries.ec2.internal >> >> Apr 23 09:32:55 ip-172-31-52-219 puppet-agent[1277]: On the agent: >> >> Apr 23 09:32:55 ip-172-31-52-219 puppet-agent[1277]: rm -f >>> /var/lib/puppet/ssl/certs/aquaries.ec2.internal.pem >> >> Apr 23 09:32:55 ip-172-31-52-219 puppet-agent[1277]: puppet agent -t >> >> Apr 23 09:34:56 ip-172-31-52-219 puppet-agent[1277]: Starting Puppet >>> client version 3.6.2 >> >> Apr 23 09:34:56 ip-172-31-52-219 puppet-agent[1787]: Unable to fetch my >>> node definition, but the agent run will continue: >> >> Apr 23 09:34:56 ip-172-31-52-219 puppet-agent[1787]: >>> SSL_CTX_use_PrivateKey:: key values mismatch >> >> Apr 23 09:34:57 ip-172-31-52-219 puppet-agent[1787]: >>> (/File[/var/lib/puppet/lib]) Failed to generate additional resources using >>> 'eval_generate': SSL_CTX_use_PrivateKey:: key values mismatch >> >> Apr 23 09:34:57 ip-172-31-52-219 puppet-agent[1787]: >>> (/File[/var/lib/puppet/lib]) Could not evaluate: Could not retrieve file >>> metadata for puppet://ip-172-31-48-207.ec2.internal/plugins: >>> SSL_CTX_use_PrivateKey:: key values mismatch >> >> Apr 23 09:34:57 ip-172-31-52-219 puppet-agent[1787]: >>> (/File[/var/lib/puppet/lib]) Wrapped exception: >> >> Apr 23 09:34:57 ip-172-31-52-219 puppet-agent[1787]: >>> (/File[/var/lib/puppet/lib]) SSL_CTX_use_PrivateKey:: key values mismatch >> >> Apr 23 09:34:57 ip-172-31-52-219 puppet-agent[1787]: Could not retrieve >>> catalog from remote server: SSL_CTX_use_PrivateKey:: key values mismatch >> >> Apr 23 09:34:57 ip-172-31-52-219 puppet-agent[1787]: Using cached catalog >> >> Apr 23 09:34:57 ip-172-31-52-219 puppet-agent[1787]: Could not retrieve >>> catalog; skipping run >> >> Apr 23 09:34:57 ip-172-31-52-219 puppet-agent[1787]: Could not send >>> report: SSL_CTX_use_PrivateKey:: key values mismatch >> >> Apr 23 09:56:55 ip-172-31-52-219 dhclient[760]: DHCPREQUEST on eth0 to >>> 172.31.48.1 port 67 (xid=0x4d0c3d3f) >> >> Apr 23 09:56:55 ip-172-31-52-219 dhclient[760]: DHCPACK from 172.31.48.1 >>> (xid=0x4d0c3d3f) >> >> Apr 23 09:56:57 ip-172-31-52-219 dhclient[760]: bound to 172.31.52.219 -- >>> renewal in 1492 seconds. >> >> >> > > <https://lh3.googleusercontent.com/-wlRMz7CIeTk/VTy1-q5zovI/AAAAAAAAAGc/nay8pfzY5hM/s1600/Foreman123.png> > Thanks, > Balasekhar Nelli >
Hello, Have you done what's been suggested on the logs? Clean and remove? Also make sure you agent node has time syncing with your master. Hth, Lupin > > The information in this message may be proprietary and/or confidential, > and protected from disclosure. If the reader of this message is not the > intended recipient, you are hereby notified that any dissemination, > distribution or copying of this communication is strictly prohibited. If > you have received this communication in error, please notify ATMECS and > delete it from your computer. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/d35ec73e-a5e5-4f21-b349-340748a9b383%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
