Puppet 4.3.2客户端节点无法通过SSL连接到Puppet Server
我刚刚按照 the官方文档中的指南.
但是,在Google,SO或其他任何地方,似乎都没有好的潜在客户,我遇到了这个错误.
However, I encounter this error with seemingly no good leads on Google, SO, nor anywhere else.
[vagrant@client puppet]$ hostname
client.example.com
[vagrant@client puppet]$ puppet --version
4.3.2
[vagrant@client puppet]$ sudo puppet config print vardir ssldir
vardir = /var/opt/puppetlabs/puppetserver
ssldir = /var/opt/puppetlabs/puppetserver/ssl
[vagrant@client puppet]$ sudo puppet agent --test --server=puppet.example.com
Warning: Unable to fetch my node definition, but the agent run will continue:
Warning: SSL_connect SYSCALL returned=5 errno=0 state=unknown state
Info: Retrieving pluginfacts
Error: /File[/var/opt/puppetlabs/puppetserver/facts.d]: Failed to generate additional resources using 'eval_generate': Connection reset by peer - SSL_connect
Error: /File[/var/opt/puppetlabs/puppetserver/facts.d]: Could not evaluate: Could not retrieve file metadata for puppet:///pluginfacts: SSL_connect SYSCALL returned=5 errno=0 state=unknown state
Info: Retrieving plugin
Error: /File[/var/opt/puppetlabs/puppetserver/lib]: Failed to generate additional resources using 'eval_generate': SSL_connect SYSCALL returned=5 errno=0 state=unknown state
Error: /File[/var/opt/puppetlabs/puppetserver/lib]: Could not evaluate: Could not retrieve file metadata for puppet:///plugins: SSL_connect SYSCALL returned=5 errno=0 state=unknown state
Error: Could not retrieve catalog from remote server: SSL_connect SYSCALL returned=5 errno=0 state=unknown state
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Error: Could not send report: SSL_connect SYSCALL returned=5 errno=0 state=unknown state
此>是类似的错误,但是对于Ruby中的常规SSL,我不确定如何更改Puppet的密码(不要认为已启用).
This is a similar error, but for general SSL in Ruby, and I'm not sure how to change the cipher for Puppet (don't think it is enabled).
这篇文章似乎暗示这可能是Apache的错,但我不认为我在使用Apache.
This post seems to suggest it may be Apache's fault, but I don't think I'm using Apache.
有什么想法吗?
我遇到了同样的问题.
使用以下命令在代理上检查您的ssl目录:
Check your ssl directory on the agent with the command:
sudo puppet config print ssldir
您的ssl目录可能不在/etc/puppetlabs/puppet/ssl中,但可能在/opt/puppetlabs下.从该目录中删除您的证书(或整个目录),然后再次运行木偶.
Your ssl directory is probably not in /etc/puppetlabs/puppet/ssl, but probably under /opt/puppetlabs. Remove your certificate (or the entire catalog) from this directory and then perform another puppet run.