Puppet gives SSL error because master is not running?
Run puppet master --debug --no-daemonize
and if you come to see
Error: Could not run: Address already in use - bind(2)
It probably means that the puppet master is already running. Try checking the output of
netstat -anpl | grep 8140
if you see a line referencing port 8140 with LISTEN, then that is probably your issue. (The puppet master process listens on port 8140 for incoming connections from clients by default.)
If you've followed the default setup for Ubuntu, apache will have started, listening on port 8140.
sudo service apache2 stop
then carry on with the config.
Related videos on Youtube
Daniel Huger
Updated on September 18, 2022Comments
-
Daniel Huger almost 2 years
I started with two clean machines this time.
My master is running 12.04
Version: 2.7.11-1ubuntu2
Depends: ruby1.8, puppetmaster-common (= 2.7.11-1ubuntu2)
My client is 10.04
Version: 2.6.3-0ubuntu1~lucid1
Depends: puppet-common (=> 2.6.3-0ubuntu1~lucid1), ruby1.8
To setup Puppet tutorial: http://shapeshed.com/setting-up-puppet-on-ubuntu-10-04/
To connect master and client: http://shapeshed.com/connecting-clients-to-a-puppet-master/
The first time I tried to connect master to client failed with
SSL_connect error
. So I didrm -rf /etc/puppet/ssl/
to remove all the keys inside ssl folders.It looked like it work.... BUT
client# puppet agent --server puppet --waitforce 60 --test /usr/lib/ruby/1.8/facter/util/resolution.rb:46: warning: Insecure world writable dir /etc/condor in PATH, mode 040777 /usr/lib/ruby/1.8/puppet/defaults.rb:67: warning: Insecure world writable dir /etc/condor in PATH, mode 040777 info: Creating a new SSL key for giab10 warning: peer certificate won't be verified in this SSL session info: Caching certificate for ca warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session info: Creating a new SSL certificate request for mybox123 info: Certificate Request fingerprint (md5): XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session info: Caching certificate for mybox123 err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed warning: Not using cache on failed catalog It cached but then it couldn't retrieve it.
Let me stop here.... worrying I would mess something up. But let's check master's status.
* master is not running
WoW.... ???
master# service puppetmaster start * Starting puppet master [OK] master# service puppetmaster status * master is not running
-
I think time is sync. Well, we are behind a firewall so the port to sync time is disbaled. I checked with
date
and they seem okay. -
What about master not running? Is that the cause?
Any help is appreciated. Thanks!
/var/lib/puppet/log/masterhttp.log
[2012-06-30 00:13:25] INFO WEBrick 1.3.1 [2012-06-30 00:13:25] INFO ruby 1.8.7 (2011-06-30) [x86_64-linux] [2012-06-30 00:13:25] WARN TCPServer Error: Address already in use - bind(2) [2012-06-30 00:19:40] INFO WEBrick 1.3.1 [2012-06-30 00:19:40] INFO ruby 1.8.7 (2011-06-30) [x86_64-linux] [2012-06-30 00:19:40] WARN TCPServer Error: Address already in use - bind(2) [2012-06-30 00:28:58] INFO WEBrick 1.3.1 [2012-06-30 00:28:58] INFO ruby 1.8.7 (2011-06-30) [x86_64-linux] [2012-06-30 00:28:58] WARN TCPServer Error: Address already in use - bind(2) [2012-06-30 15:31:25] INFO WEBrick 1.3.1 [2012-06-30 15:31:25] INFO ruby 1.8.7 (2011-06-30) [x86_64-linux] [2012-06-30 15:31:25] WARN TCPServer Error: Address already in use - bind(2)
1 S puppet 5186 1 0 80 0 - 29410 poll_s 15:44 ? 00:00:00 /usr/bin/ruby1.8 /usr/bin/puppet master --masterport=8140 4 S root 5235 5005 0 80 0 - 2344 pipe_w 15:45 pts/0 00:00:00 grep --color=auto puppet kill -9 5186 puppet master service puppetmaster status * master is not running
I always have this error, but I always ignored it. http://pastebin.com/exbpArjv What could it mean? Time sync? Package not installed? Then how could we do puppetca in the first place?
-
qweet almost 12 yearson the Master host, check
/var/log/puppet/puppetmaster.log
and paste the an error here. Also- if the puppet client wasn't able to see the Puppet Master, then it would say so. Something else is happening here. -
qweet almost 12 yearsPost something from
masterhttp.log
. It should give us a clue as to why it's not working. -
Daniel Huger almost 12 years@qweet I just did. However, it's inside /var/lib/puppet,because /var/log/puppet has an empty log file. Thanks. Like I said, how come these address are being used? When I say clean I mean I've deleted puppetmaster and puppet.
-
qweet almost 12 yearsMight mean that you have a puppetmaster process still running, which has bound itself to the port that it likes to use. Try doing a
ps -elf | grep puppet
on the Master to see if there's an instance running. -
Daniel Huger almost 12 years@qweet Thanks. I did, but
puppetmaster status
still says NOPE. :( I checked the log and doesn't produce any more log. -
Daniel Huger almost 12 years@qweet Thanks. Here is the log: pastebin.com/exbpArjv I always ignored these errors.... what's the problem? I am trying to talk to puppet client.
-
qweet almost 12 years
-