Jeff, I think I ran into this last weekend while setting up my own Puppet Master. It truly sounds like the exact same issue.
I believe I had to add an extra CNAME record for the name *puppet*, either that or I had to go and alter the *A-record * in my DNS from *puppetmaster *to *puppet*. -------------------------- Warron French On Wed, Feb 17, 2016 at 10:58 AM, Jeff Abrahamson <[email protected]> wrote: > I set up a puppetserver. It's, well, not generating errors outright. > > On the same host, I want to run a puppet agent. But the agent doesn't > seem to want to use the FQDN of the host, and so it fails to connect. > > [T] jeff@loire:~ $ puppet agent --debug --test > ... > Debug: Finishing transaction 27923380 > Debug: Creating new connection for *https://puppet:8140 > <https://puppet:8140>* > Error: Could not request certificate: getaddrinfo: Name or service not > known > Exiting; failed to retrieve certificate and waitforcert is disabled > 1,[T] jeff@loire:~ $ > 1,[T] jeff@loire:~ $ cat /etc/puppet/puppet.conf > [main] > logdir=/var/log/puppet > vardir=/var/lib/puppet > ssldir=/var/lib/puppet/ssl > rundir=/var/run/puppet > factpath=$vardir/lib/facter > certname = puppet > dns_alt_names = puppet,puppet.example.com > > [master] > # These are needed when the puppetmaster is run by passenger > # and can safely be removed if webrick is used. > ssl_client_header = SSL_CLIENT_S_DN > ssl_client_verify_header = SSL_CLIENT_VERIFY > > [agent] > server = puppet.example.com > [T] jeff@loire:~ $ cat /etc/hosts > 127.0.0.1 localhost > 127.0.1.1 ubuntu > > # The following lines are desirable for IPv6 capable hosts > ::1 localhost ip6-localhost ip6-loopback > ff02::1 ip6-allnodes > ff02::2 ip6-allrouters > > 139.162.147.68 loire.example.com loire > [T] jeff@loire:~ $ netstat -a | grep 8140 > tcp6 0 0 [::]:8140 [::]:* > LISTEN > [T] jeff@loire:~ $ > > > Of course, s/example/my-real-domain-name/g. Note that loire is the host's > A record, there's a CNAME called puppet. (Note that telnetting to > loire.example.com 8140 connects: the tcp6 is a netstat artefact as far as > I know.) > > Reflection, poking, and googling are drawing blanks for me. Any > suggestions ? > > > Jeff Abrahamson > +33 6 24 40 01 57 > +44 7920 594 255 <-- only when I'm in the UK > http://ml-week.com/ <http://www.ml-week.com/>* prochaine edition, > 2016* > > http://jeff.purple.com/ > http://blog.purple.com/jeff/ > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/CAM4Y7zxZJqbFo95e57fJOKjtBfXM20sEfJgYracAceoFMqrGXw%40mail.gmail.com > <https://groups.google.com/d/msgid/puppet-users/CAM4Y7zxZJqbFo95e57fJOKjtBfXM20sEfJgYracAceoFMqrGXw%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAJdJdQkHgKoxC91P_uMZtHPQuxsFQr2PwzVXAigtEXXKF9euLQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
