Puppet agent can't find server

24
votes

I'm new to puppet, but picking it up quickly. Today, I'm running into an issue when trying to run the following:

$ puppet agent --no-daemonize --verbose --onetime

**err: Could not request certificate: getaddrinfo: Name or service not known
Exiting; failed to retrieve certificate and waitforcert is disabled**

It would appear the agent doesn't know what server to connect to. I could just specify --server on the command line, but that will be of no use to me when this runs as a daemon in production, so instead, I specify the server name in /etc/puppet/puppet.conf like so:

[main]
    server = puppet.<my domain>

I do have a DNS entry for puppet.<my domain> and if I dig puppet.<my domain>, I see that the name resolves correctly.

All puppet documentation I have read states that the agent tries to connect to a puppet master at puppet by default and your options are host file trickery or do the right thing, create a CNAME in DNS, and edit the puppet.conf accordingly, which I have done.

So what am I missing? Any help is greatly appreciated!

5
puppet
Playing with this more, I'm beginning to wonder if puppet.conf is even read when executed in this manor. I've put garbage in puppet.conf and even tried deleting it and neither seems to impact the results when the agent is run from the command line. It does, however, prevent clean startup and shutdown when run as a service. Could it be this simple? - Kent Rancourt

5 Answers

57
votes

D'oh! Need to sudo to do this! Then everything works.

3
votes

I had to use the --server flag:

sudo puppet agent --server=puppet.example.org
0
votes

I actually had the same error but I was using the two learning puppet vm and trying run the 'puppet agent --test' command.

I solved the problem by opening the file /etc/hosts on both the master and the agent vm and the line 

***.***.***.*** learn.localdomain learn puppet.localdomain puppet

The ip address (the asterisks) was originally some random number. I had to change this number on both vm so that it was the ip address of the master node.

So I guess for experienced users my advice is to check the /etc/hosts file to make sure that the ip addresses in here for the master and agent not only match but are the same as the ip address of the master.

for other noobs like me my advice is to read the documentation more clearly. This was a step in the 'setting up an agent vm' process the I totally missed xD

0
votes

In my case I was getting same error but it was due to the cert which should been signed to node on puppetmaster server.

to check pending certs run following:

puppet cert list

"node.domain.com" (SHA256) 8D:E5:8A:2*******"

sign the cert to node:

puppet cert sign node.domain.com

0
votes

Had the same issue today on puppet 2.6 on CentOS 6.4 All I did to resolve the issue was to check the usual stuff such as hosts and resolv.conf to ensure they were as expected (compared with a working server) and then;

  1. Removed /var/lib/puppet directory rm -rf /var/lib/puppet
  2. Cleared the certificate on the puppet master puppetca --clean servername
  3. Restarted the network service network restart
  4. Re-ran puppet

Even though the resolv.conf was identical to the working server, puppet updated resolv.conf and immediately re-signed the certificate and replaced all the puppet lib files.

Everything was fine after that.