Hi there, I have been struggling with the bug that Puppet Master on Foreman unable to communicate with the newly provisioning instance and thereby Puppet Modules are not installing on the newly provisioned instance.
Please look through the screenshot for the errors. And please look through the log of /var/log/messages: > Apr 23 09:32:55 ip-172-31-52-219 puppet-agent[1277]: Could not request >> certificate: The certificate retrieved from the master does not match the >> agent's private key. > > Apr 23 09:32:55 ip-172-31-52-219 puppet-agent[1277]: Certificate >> fingerprint: >> 3F:D7:22:8C:64:45:A4:95:75:F3:DB:D3:2E:86:E5:4F:59:5F:FC:0B:5A:72:8A:54:BA:AF:FE:F0:A3:77:EC:84 > > Apr 23 09:32:55 ip-172-31-52-219 puppet-agent[1277]: To fix this, remove >> the certificate from both the master and the agent and then start a puppet >> run, which will automatically regenerate a certficate. > > Apr 23 09:32:55 ip-172-31-52-219 puppet-agent[1277]: On the master: > > Apr 23 09:32:55 ip-172-31-52-219 puppet-agent[1277]: puppet cert clean >> aquaries.ec2.internal > > Apr 23 09:32:55 ip-172-31-52-219 puppet-agent[1277]: On the agent: > > Apr 23 09:32:55 ip-172-31-52-219 puppet-agent[1277]: rm -f >> /var/lib/puppet/ssl/certs/aquaries.ec2.internal.pem > > Apr 23 09:32:55 ip-172-31-52-219 puppet-agent[1277]: puppet agent -t > > Apr 23 09:34:56 ip-172-31-52-219 puppet-agent[1277]: Starting Puppet >> client version 3.6.2 > > Apr 23 09:34:56 ip-172-31-52-219 puppet-agent[1787]: Unable to fetch my >> node definition, but the agent run will continue: > > Apr 23 09:34:56 ip-172-31-52-219 puppet-agent[1787]: >> SSL_CTX_use_PrivateKey:: key values mismatch > > Apr 23 09:34:57 ip-172-31-52-219 puppet-agent[1787]: >> (/File[/var/lib/puppet/lib]) Failed to generate additional resources using >> 'eval_generate': SSL_CTX_use_PrivateKey:: key values mismatch > > Apr 23 09:34:57 ip-172-31-52-219 puppet-agent[1787]: >> (/File[/var/lib/puppet/lib]) Could not evaluate: Could not retrieve file >> metadata for puppet://ip-172-31-48-207.ec2.internal/plugins: >> SSL_CTX_use_PrivateKey:: key values mismatch > > Apr 23 09:34:57 ip-172-31-52-219 puppet-agent[1787]: >> (/File[/var/lib/puppet/lib]) Wrapped exception: > > Apr 23 09:34:57 ip-172-31-52-219 puppet-agent[1787]: >> (/File[/var/lib/puppet/lib]) SSL_CTX_use_PrivateKey:: key values mismatch > > Apr 23 09:34:57 ip-172-31-52-219 puppet-agent[1787]: Could not retrieve >> catalog from remote server: SSL_CTX_use_PrivateKey:: key values mismatch > > Apr 23 09:34:57 ip-172-31-52-219 puppet-agent[1787]: Using cached catalog > > Apr 23 09:34:57 ip-172-31-52-219 puppet-agent[1787]: Could not retrieve >> catalog; skipping run > > Apr 23 09:34:57 ip-172-31-52-219 puppet-agent[1787]: Could not send >> report: SSL_CTX_use_PrivateKey:: key values mismatch > > Apr 23 09:56:55 ip-172-31-52-219 dhclient[760]: DHCPREQUEST on eth0 to >> 172.31.48.1 port 67 (xid=0x4d0c3d3f) > > Apr 23 09:56:55 ip-172-31-52-219 dhclient[760]: DHCPACK from 172.31.48.1 >> (xid=0x4d0c3d3f) > > Apr 23 09:56:57 ip-172-31-52-219 dhclient[760]: bound to 172.31.52.219 -- >> renewal in 1492 seconds. > > > <https://lh3.googleusercontent.com/-wlRMz7CIeTk/VTy1-q5zovI/AAAAAAAAAGc/nay8pfzY5hM/s1600/Foreman123.png> Thanks, Balasekhar Nelli -- The information in this message may be proprietary and/or confidential, and protected from disclosure. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify ATMECS and delete it from your computer. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/d5d1769c-65a0-4ff9-ba6c-20d91d8e6809%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
