I responded to this in ask, but I'll answer here also. In the file /etc/puppetdb/conf.d/jetty.ini, the settings ssl-host and ssl-port must be set to listen on the SSL port (8081). However, if your ssl certs aren't yet configured this may fail for you. Usually puppetdb-ssl-setup is a good way to set these up automatically, so try this first. For ssl-host I usually recommend something like ::1 or 0.0.0.0 to listen on all ports for simplicity, but you can make this explicit if you like.
ken. On Thu, Dec 5, 2013 at 7:48 PM, Jon Yeargers <[email protected]> wrote: > I did `yum update` on my puppet server about a week ago. Up to that point I > had puppet and puppetdb running on the same machine. Since the update > puppetdb doesn't appear to be listening on port 8081 anymore. > > When I run `puppet agent --test` on a client I get this error: > > err: Could not retrieve catalog from remote server: Error 400 on SERVER: > Failed to submit 'replace facts' command for plugpc-005.client to PuppetDB > at puppet.server:8081: Connection refused - connect(2) > > Looking at `nmap -P0 puppet.server` shows that port 8081 isn't open. Trying > `telnet puppet.server 8081` confirms this. > > My configs are all set using the values from > [here].(http://docs.puppetlabs.com/puppetdb/latest/connect_puppet_master.html). > > `ps -ax` shows that the processes are running: > > 2040 ? Ss 4:55 /usr/sbin/openvpn --daemon --writepid > /var/run/openvpn/puppet.pid --config puppet.conf --cd /etc/openvpn > --script-security 2 > 29737 ? Sl 0:37 /usr/bin/java -XX:OnOutOfMemoryError=kill -9 > %p -Xmx192m -XX:+HeapDumpOnOutOfMemoryError > -XX:HeapDumpPath=/var/log/puppetdb/puppetdb-oom.hprof -jar > /usr/share/puppetdb/puppetdb.jar services -c /etc/puppetdb/conf.d > 29924 ? Sl 0:01 Passenger AppPreloader: > /usr/share/puppet/rack/puppetmasterd > 29963 ? Sl 0:00 Passenger RackApp: > /usr/share/puppet/rack/puppetmasterd > > > The output of `netstat -nap | grep 8081` is empty. > > Turning off iptables doesn't make any difference. (not that it would - > nobody is listening at the port anyway) > > NOTE: This system was working ok before the update. I could download configs > to clients and query the db for the results. > > So - what did I break? > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/f4f93c97-a763-40c4-96c6-6c341893fc74%40googlegroups.com. > For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNT%3DfF77%3DfzN3U_qphxLzRpCvXwx%2Bj2zX9X7kk0BVS9i6Kw%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
