On Monday, August 29, 2016 at 7:44:02 AM UTC-7, Michael Wildey wrote: > I removed the ssl folder and restarted the service. > But now it say that there is one file missing. > > >>java.lang.IllegalStateException: Cannot initialize master with partial > state; need all files or none. > Found: > /etc/puppetlabs/puppet/ssl/private_keys/puppetserver.localdomain.pem > Missing: > /etc/puppetlabs/puppet/ssl/certs/puppetserver.localdomain.pem<< > > Is it possible to delete > >>/etc/puppetlabs/puppet/ssl/private_keys/puppetserver.localdomain.pem<<? > > I attached the output of the log. Just in case this wasn't the problem. >
It sounds like you might have been able to remove the ssl directory but that you might have some process running - like a cron job running the puppet agent - which may be recreating the private key before you are able to restart the puppetserver service successfully. Maybe an easier approach would be to just generate a certificate for your master from the command line so that both the private key and certificate are in place when the puppetserver service starts. You could try running the following command: /opt/puppetlabs/puppet/bin/puppet cert generate puppetserver.localdomain After doing that, try to restart the puppetserver service again and see if it starts this time. Very sorry that this has been so painful of an issue to workaround. I really hope we're able to implement a fix for SERVER-528 <https://tickets.puppetlabs.com/browse/SERVER-528> sometime soon. --- Jeremy Am Dienstag, 23. August 2016 20:15:36 UTC+2 schrieb Jeremy Barlow: >> >> Michael, >> >> It looks like it got further that time but a different error came up this >> time: >> >> java.lang.IllegalStateException: Cannot initialize master with partial >> state; need all files or none. >> Found: >> /etc/puppetlabs/puppet/ssl/private_keys/puppetserver.localdomain.pem >> Missing: >> /etc/puppetlabs/puppet/ssl/certs/puppetserver.localdomain.pem >> >> >> This error, unfortunately, sounds like a bug previously reported in the >> Puppet JIRA tracker as SERVER-528 >> <https://tickets.puppetlabs.com/browse/SERVER-528>. The simplest way to >> work around this problem would be to just run... >> >> rm -rf /etc/puppetlabs/puppet/ssl >>> >> >> ... and restart the puppetserver service. puppetserver should recreate >> the "ssl" directory after it restarts and re-generate its own private key >> and certificate. >> >> Hope it starts up for you after that. >> >> --- Jeremy >> >> On Tuesday, August 23, 2016 at 9:41:18 AM UTC-7, Michael Wildey wrote: >>> >>> Jeremy, >>> it looks like the /etc/puppetlabs/puppetserver/conf.d/auth.conf is gone >>> and has been replaced by the /etc/puppetlabs/puppet/auth.conf >>> There is no differnence between both. >>> >>> I am now going to replace it with the auth.conf file wich is in the link >>> you've being posting. I hope this will help. >>> >>> After I did that I restarted the server and it is still shutting down >>> the web server. I am going to attach the output of the log file >>> puppetserver.log and what was written in foreground during the start >>> >>> Michael >>> >>> >>> >>> >>> >>> Am Samstag, 6. August 2016 17:29:48 UTC+2 schrieb Jeremy Barlow: >>>> >>>> Michael, >>>> >>>> Did you happen to move the file installed by default at >>>> /etc/puppetlabs/puppet/auth.conf to >>>> /etc/puppetlabs/puppetserver/conf.d/auth.conf. The formats for these two >>>> auth.conf files are completely different and cannot be used >>>> interchangeably. >>>> >>>> The file at /etc/puppetlabs/puppet/auth.conf has a "custom" format >>>> which looks something like this: >>>> >>>> path /puppet/v3/environments >>>> method find >>>> allow * >>>> >>>> ... >>>> >>>> The file at /etc/puppetlabs/puppetserver/conf.d/auth.conf should be in >>>> the HOCON format and should look something like this: >>>> >>>> authorization: { >>>> version: 1 >>>> rules: [ >>>> { >>>> # Allow nodes to retrieve their own catalog >>>> match-request: { >>>> path: "^/puppet/v3/catalog/([^/]+)$" >>>> type: regex >>>> method: [get, post] >>>> } >>>> allow: "$1" >>>> sort-order: 500 >>>> name: "puppetlabs catalog" >>>> }, >>>> ... >>>> ] >>>> } >>>> >>>> For reference, you can see the complete content of the Puppet Server >>>> auth.conf file for the 2.4.0 packages here >>>> <https://github.com/puppetlabs/puppetserver/blob/2.4.0/ezbake/config/conf.d/auth.conf> >>>> . >>>> >>>> --- Jeremy >>>> >>>> On Friday, August 5, 2016 at 8:58:04 AM UTC-7, Matthaus Litteken wrote: >>>>> >>>>> Michael, >>>>> If you don't mind posting the contents of your auth.conf as well, that >>>>> could help in figuring out what is going on. It looks like there is a >>>>> problem with the contents of the file, but without seeing the file, it is >>>>> hard to know what specifically is wrong. >>>>> >>>>> Thanks, >>>>> Matthaus >>>>> >>>>> On Fri, Aug 5, 2016 at 8:41 AM, 'Michael Wildey' via Puppet Users < >>>>> puppet...@googlegroups.com> wrote: >>>>> >>>>>> Matthaus, >>>>>> I found that I renamed the auth.conf by mistake. Now I renamed it >>>>>> again and then I started the hole server again. >>>>>> After that I tried to start the server again in foreground. The >>>>>> output is attached. >>>>>> >>>>>> Now there is written "Finished TK main lifecycle, shutting down >>>>>> Clojure agent threads" >>>>>> >>>>>> I am getting confused. I've downloaded a bundle from puppet and now >>>>>> it wont work. I can't imagine what went wrong during the installation >>>>>> and I >>>>>> blive I am not the first one to install puppetserver on a VM. Especially >>>>>> after i already installed it on an other VM. >>>>>> >>>>>> >>>>>> Hope you can help me her >>>>>> Michael >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> Am Freitag, 5. August 2016 02:24:52 UTC+2 schrieb Matthaus Litteken: >>>>>>> >>>>>>> Michael, >>>>>>> The important bit of that log is the following: >>>>>>> >>>>>>> 2016-08-03 17:12:31,742 ERROR [async-dispatch-2] [p.t.internal] Error >>>>>>> during service init!!! >>>>>>> java.lang.IllegalArgumentException: Missing authorization service >>>>>>> configuration. >>>>>>> >>>>>>> >>>>>>> That indicates that /etc/puppetlabs/puppetserver/conf.d/auth.conf >>>>>>> (https://docs.puppet.com/puppetserver/2.4/config_file_auth.html) is >>>>>>> empty or doesn't exist. The file that is laid down by default by our >>>>>>> packages is here: >>>>>>> https://github.com/puppetlabs/puppetserver/blob/master/ezbake/config/conf.d/auth.conf. >>>>>>> If you drop that file into >>>>>>> /etc/puppetlabs/puppetserver/conf.d/auth.conf the service should start >>>>>>> successfully. If not, attach the new log and I'd be happy to help debug >>>>>>> further. >>>>>>> >>>>>>> >>>>>>> Hope that helps, >>>>>>> >>>>>>> -Matthaus >>>>>>> >>>>>>> >>>>>>> On Wed, Aug 3, 2016 at 8:17 AM, 'Michael Wildey' via Puppet Users < >>>>>>> puppet...@googlegroups.com> wrote: >>>>>>> >>>>>>>> Ok, I did it now in foreground, just like you told me. >>>>>>>> What I have done before is that I changed the webserver.conf just >>>>>>>> like it is described here >> >>>>>>>> https://docs.puppet.com/puppetserver/latest/external_ca_configuration.html#web-server-configuration >>>>>>>> << >>>>>>>> >>>>>>>> The output is attached. >>>>>>>> >>>>>>>> Thanks for your hep >>>>>>>> >>>>>>>> >>>>>>>> Michael >>>>>>>> >>>>>>>> >>>>>>>> Am Dienstag, 2. August 2016 18:25:39 UTC+2 schrieb Matthaus >>>>>>>> Litteken: >>>>>>>>> >>>>>>>>> Michael, >>>>>>>>> >>>>>>>>> One good way of troubleshooting this sort of thing is to use the >>>>>>>>> foreground command. It will attempt to start the process but log >>>>>>>>> everything >>>>>>>>> to the console so it's easy to find. >>>>>>>>> `/opt/puppetlabs/bin/puppetserver >>>>>>>>> foreground` should do the right thing. If you can paste or gist the >>>>>>>>> log >>>>>>>>> output that would help a lot in figuring out what is going on. >>>>>>>>> >>>>>>>>> -Matthaus >>>>>>>>> >>>>>>>>> On Tue, Aug 2, 2016 at 7:11 AM, 'Michael Wildey' via Puppet Users >>>>>>>>> <puppet...@googlegroups.com> wrote: >>>>>>>>> >>>>>>>>>> I already set the RAM on 2 GB. That was the first thing I though. >>>>>>>>>> But still it shuts down the web server in less than a second. >>>>>>>>>> The Log said it is Initialzing, starting and shutting down the >>>>>>>>>> web server in 0,2 seconds. This is the only information I get from >>>>>>>>>> the >>>>>>>>>> puppetserver.log. Is there a other log I don't know by now where I >>>>>>>>>> can get >>>>>>>>>> more information about it? >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Am Freitag, 29. Juli 2016 22:03:58 UTC+2 schrieb Rob Nelson: >>>>>>>>>>> >>>>>>>>>>> You can check the logs of the puppetserver startup. A common >>>>>>>>>>> reason is that VMs have less RAM than the process expects to be >>>>>>>>>>> allocated. >>>>>>>>>>> You can either increase the RAM or adjust the puppetserver settings >>>>>>>>>>> to use >>>>>>>>>>> less RAM, with impact to the performance of course. See >>>>>>>>>>> https://docs.puppet.com/puppetserver/latest/install_from_packages.html#system-requirements >>>>>>>>>>> >>>>>>>>>>> if that seems a likely cause. >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> Rob Nelson >>>>>>>>>>> rnel...@gmail.com >>>>>>>>>>> >>>>>>>>>>> On Fri, Jul 29, 2016 at 12:18 PM, 'Michael Wildey' via Puppet >>>>>>>>>>> Users <puppet...@googlegroups.com> wrote: >>>>>>>>>>> >>>>>>>>>>>> I installed an puppetserver just like ist is written in the >>>>>>>>>>>> manual https://docs.puppet.com/puppet/4.5/reference/index.html >>>>>>>>>>>> on Debian Jessie. >>>>>>>>>>>> >>>>>>>>>>>> My Problem is that as soon as I want to get a cert for an agent >>>>>>>>>>>> it says that the puppetserver doesn't listen on Port 8140. >>>>>>>>>>>> Now I found out that the web server stops immediately after >>>>>>>>>>>> being started, but I don't know why. >>>>>>>>>>>> >>>>>>>>>>>> Any help is welcome. >>>>>>>>>>>> >>>>>>>>>>>> -- >>>>>>>>>>>> You received this message because you are subscribed to the >>>>>>>>>>>> Google Groups "Puppet Users" group. >>>>>>>>>>>> To unsubscribe from this group and stop receiving emails from >>>>>>>>>>>> it, send an email to puppet-users...@googlegroups.com. >>>>>>>>>>>> To view this discussion on the web visit >>>>>>>>>>>> https://groups.google.com/d/msgid/puppet-users/93e0e0e8-2b10-48ea-82c3-40fa8ec86d91%40googlegroups.com >>>>>>>>>>>> >>>>>>>>>>>> <https://groups.google.com/d/msgid/puppet-users/93e0e0e8-2b10-48ea-82c3-40fa8ec86d91%40googlegroups.com?utm_medium=email&utm_source=footer> >>>>>>>>>>>> . >>>>>>>>>>>> For more options, visit https://groups.google.com/d/optout. >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>> You received this message because you are subscribed to the >>>>>>>>>> Google Groups "Puppet Users" group. >>>>>>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>>>>>> send an email to puppet-users...@googlegroups.com. >>>>>>>>>> To view this discussion on the web visit >>>>>>>>>> https://groups.google.com/d/msgid/puppet-users/e2741ca6-5d04-4949-b214-4b11775c4d37%40googlegroups.com >>>>>>>>>> >>>>>>>>>> <https://groups.google.com/d/msgid/puppet-users/e2741ca6-5d04-4949-b214-4b11775c4d37%40googlegroups.com?utm_medium=email&utm_source=footer> >>>>>>>>>> . >>>>>>>>>> >>>>>>>>>> For more options, visit https://groups.google.com/d/optout. >>>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>> You received this message because you are subscribed to the Google >>>>>>>> Groups "Puppet Users" group. >>>>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>>>> send an email to puppet-users...@googlegroups.com. >>>>>>>> To view this discussion on the web visit >>>>>>>> https://groups.google.com/d/msgid/puppet-users/695e4bc4-cc4f-4c96-98ef-5fa06705a53a%40googlegroups.com >>>>>>>> >>>>>>>> <https://groups.google.com/d/msgid/puppet-users/695e4bc4-cc4f-4c96-98ef-5fa06705a53a%40googlegroups.com?utm_medium=email&utm_source=footer> >>>>>>>> . >>>>>>>> >>>>>>>> For more options, visit https://groups.google.com/d/optout. >>>>>>>> >>>>>>> >>>>>>> -- >>>>>> You received this message because you are subscribed to the Google >>>>>> Groups "Puppet Users" group. >>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>> send an email to puppet-users...@googlegroups.com. >>>>>> To view this discussion on the web visit >>>>>> https://groups.google.com/d/msgid/puppet-users/524f9812-0df8-43d0-8fa7-773cd28e4e42%40googlegroups.com >>>>>> >>>>>> <https://groups.google.com/d/msgid/puppet-users/524f9812-0df8-43d0-8fa7-773cd28e4e42%40googlegroups.com?utm_medium=email&utm_source=footer> >>>>>> . >>>>>> >>>>>> For more options, visit https://groups.google.com/d/optout. >>>>>> >>>>> >>>>> -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/524294be-fd84-4d13-988e-abe36ff76c96%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
