Jeremy,
I removed the ssl folder and restarted the service.
But now it say that there is one file missing.
>>java.lang.IllegalStateException: Cannot initialize master with partial
state; need all files or none.
Found:
/etc/puppetlabs/puppet/ssl/private_keys/puppetserver.localdomain.pem
Missing:
/etc/puppetlabs/puppet/ssl/certs/puppetserver.localdomain.pem<<
Is it possible to delete
>>/etc/puppetlabs/puppet/ssl/private_keys/puppetserver.localdomain.pem<<?
I attached the output of the log. Just in case this wasn't the problem.
Michael
Am Dienstag, 23. August 2016 20:15:36 UTC+2 schrieb Jeremy Barlow:
>
> Michael,
>
> It looks like it got further that time but a different error came up this
> time:
>
> java.lang.IllegalStateException: Cannot initialize master with partial state;
> need all files or none.
> Found:
> /etc/puppetlabs/puppet/ssl/private_keys/puppetserver.localdomain.pem
> Missing:
> /etc/puppetlabs/puppet/ssl/certs/puppetserver.localdomain.pem
>
>
> This error, unfortunately, sounds like a bug previously reported in the
> Puppet JIRA tracker as SERVER-528
> <https://tickets.puppetlabs.com/browse/SERVER-528>. The simplest way to
> work around this problem would be to just run...
>
> rm -rf /etc/puppetlabs/puppet/ssl
>>
>
> ... and restart the puppetserver service. puppetserver should recreate
> the "ssl" directory after it restarts and re-generate its own private key
> and certificate.
>
> Hope it starts up for you after that.
>
> --- Jeremy
>
> On Tuesday, August 23, 2016 at 9:41:18 AM UTC-7, Michael Wildey wrote:
>>
>> Jeremy,
>> it looks like the /etc/puppetlabs/puppetserver/conf.d/auth.conf is gone
>> and has been replaced by the /etc/puppetlabs/puppet/auth.conf
>> There is no differnence between both.
>>
>> I am now going to replace it with the auth.conf file wich is in the link
>> you've being posting. I hope this will help.
>>
>> After I did that I restarted the server and it is still shutting down the
>> web server. I am going to attach the output of the log file
>> puppetserver.log and what was written in foreground during the start
>>
>> Michael
>>
>>
>>
>>
>>
>> Am Samstag, 6. August 2016 17:29:48 UTC+2 schrieb Jeremy Barlow:
>>>
>>> Michael,
>>>
>>> Did you happen to move the file installed by default at
>>> /etc/puppetlabs/puppet/auth.conf to
>>> /etc/puppetlabs/puppetserver/conf.d/auth.conf. The formats for these two
>>> auth.conf files are completely different and cannot be used interchangeably.
>>>
>>> The file at /etc/puppetlabs/puppet/auth.conf has a "custom" format which
>>> looks something like this:
>>>
>>> path /puppet/v3/environments
>>> method find
>>> allow *
>>>
>>> ...
>>>
>>> The file at /etc/puppetlabs/puppetserver/conf.d/auth.conf should be in
>>> the HOCON format and should look something like this:
>>>
>>> authorization: {
>>> version: 1
>>> rules: [
>>> {
>>> # Allow nodes to retrieve their own catalog
>>> match-request: {
>>> path: "^/puppet/v3/catalog/([^/]+)$"
>>> type: regex
>>> method: [get, post]
>>> }
>>> allow: "$1"
>>> sort-order: 500
>>> name: "puppetlabs catalog"
>>> },
>>> ...
>>> ]
>>> }
>>>
>>> For reference, you can see the complete content of the Puppet Server
>>> auth.conf file for the 2.4.0 packages here
>>> <https://github.com/puppetlabs/puppetserver/blob/2.4.0/ezbake/config/conf.d/auth.conf>
>>> .
>>>
>>> --- Jeremy
>>>
>>> On Friday, August 5, 2016 at 8:58:04 AM UTC-7, Matthaus Litteken wrote:
>>>>
>>>> Michael,
>>>> If you don't mind posting the contents of your auth.conf as well, that
>>>> could help in figuring out what is going on. It looks like there is a
>>>> problem with the contents of the file, but without seeing the file, it is
>>>> hard to know what specifically is wrong.
>>>>
>>>> Thanks,
>>>> Matthaus
>>>>
>>>> On Fri, Aug 5, 2016 at 8:41 AM, 'Michael Wildey' via Puppet Users <
>>>> [email protected]> wrote:
>>>>
>>>>> Matthaus,
>>>>> I found that I renamed the auth.conf by mistake. Now I renamed it
>>>>> again and then I started the hole server again.
>>>>> After that I tried to start the server again in foreground. The output
>>>>> is attached.
>>>>>
>>>>> Now there is written "Finished TK main lifecycle, shutting down
>>>>> Clojure agent threads"
>>>>>
>>>>> I am getting confused. I've downloaded a bundle from puppet and now it
>>>>> wont work. I can't imagine what went wrong during the installation and I
>>>>> blive I am not the first one to install puppetserver on a VM. Especially
>>>>> after i already installed it on an other VM.
>>>>>
>>>>>
>>>>> Hope you can help me her
>>>>> Michael
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> Am Freitag, 5. August 2016 02:24:52 UTC+2 schrieb Matthaus Litteken:
>>>>>>
>>>>>> Michael,
>>>>>> The important bit of that log is the following:
>>>>>>
>>>>>> 2016-08-03 17:12:31,742 ERROR [async-dispatch-2] [p.t.internal] Error
>>>>>> during service init!!!
>>>>>> java.lang.IllegalArgumentException: Missing authorization service
>>>>>> configuration.
>>>>>>
>>>>>>
>>>>>> That indicates that /etc/puppetlabs/puppetserver/conf.d/auth.conf
>>>>>> (https://docs.puppet.com/puppetserver/2.4/config_file_auth.html) is
>>>>>> empty or doesn't exist. The file that is laid down by default by our
>>>>>> packages is here:
>>>>>> https://github.com/puppetlabs/puppetserver/blob/master/ezbake/config/conf.d/auth.conf.
>>>>>> If you drop that file into
>>>>>> /etc/puppetlabs/puppetserver/conf.d/auth.conf the service should start
>>>>>> successfully. If not, attach the new log and I'd be happy to help debug
>>>>>> further.
>>>>>>
>>>>>>
>>>>>> Hope that helps,
>>>>>>
>>>>>> -Matthaus
>>>>>>
>>>>>>
>>>>>> On Wed, Aug 3, 2016 at 8:17 AM, 'Michael Wildey' via Puppet Users <
>>>>>> [email protected]> wrote:
>>>>>>
>>>>>>> Ok, I did it now in foreground, just like you told me.
>>>>>>> What I have done before is that I changed the webserver.conf just
>>>>>>> like it is described here >>
>>>>>>> https://docs.puppet.com/puppetserver/latest/external_ca_configuration.html#web-server-configuration
>>>>>>> <<
>>>>>>>
>>>>>>> The output is attached.
>>>>>>>
>>>>>>> Thanks for your hep
>>>>>>>
>>>>>>>
>>>>>>> Michael
>>>>>>>
>>>>>>>
>>>>>>> Am Dienstag, 2. August 2016 18:25:39 UTC+2 schrieb Matthaus Litteken:
>>>>>>>>
>>>>>>>> Michael,
>>>>>>>>
>>>>>>>> One good way of troubleshooting this sort of thing is to use the
>>>>>>>> foreground command. It will attempt to start the process but log
>>>>>>>> everything
>>>>>>>> to the console so it's easy to find. `/opt/puppetlabs/bin/puppetserver
>>>>>>>> foreground` should do the right thing. If you can paste or gist the
>>>>>>>> log
>>>>>>>> output that would help a lot in figuring out what is going on.
>>>>>>>>
>>>>>>>> -Matthaus
>>>>>>>>
>>>>>>>> On Tue, Aug 2, 2016 at 7:11 AM, 'Michael Wildey' via Puppet Users <
>>>>>>>> [email protected]> wrote:
>>>>>>>>
>>>>>>>>> I already set the RAM on 2 GB. That was the first thing I though.
>>>>>>>>> But still it shuts down the web server in less than a second.
>>>>>>>>> The Log said it is Initialzing, starting and shutting down the web
>>>>>>>>> server in 0,2 seconds. This is the only information I get from the
>>>>>>>>> puppetserver.log. Is there a other log I don't know by now where I
>>>>>>>>> can get
>>>>>>>>> more information about it?
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Am Freitag, 29. Juli 2016 22:03:58 UTC+2 schrieb Rob Nelson:
>>>>>>>>>>
>>>>>>>>>> You can check the logs of the puppetserver startup. A common
>>>>>>>>>> reason is that VMs have less RAM than the process expects to be
>>>>>>>>>> allocated.
>>>>>>>>>> You can either increase the RAM or adjust the puppetserver settings
>>>>>>>>>> to use
>>>>>>>>>> less RAM, with impact to the performance of course. See
>>>>>>>>>> https://docs.puppet.com/puppetserver/latest/install_from_packages.html#system-requirements
>>>>>>>>>>
>>>>>>>>>> if that seems a likely cause.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Rob Nelson
>>>>>>>>>> [email protected]
>>>>>>>>>>
>>>>>>>>>> On Fri, Jul 29, 2016 at 12:18 PM, 'Michael Wildey' via Puppet
>>>>>>>>>> Users <[email protected]> wrote:
>>>>>>>>>>
>>>>>>>>>>> I installed an puppetserver just like ist is written in the
>>>>>>>>>>> manual https://docs.puppet.com/puppet/4.5/reference/index.html
>>>>>>>>>>> on Debian Jessie.
>>>>>>>>>>>
>>>>>>>>>>> My Problem is that as soon as I want to get a cert for an agent
>>>>>>>>>>> it says that the puppetserver doesn't listen on Port 8140.
>>>>>>>>>>> Now I found out that the web server stops immediately after
>>>>>>>>>>> being started, but I don't know why.
>>>>>>>>>>>
>>>>>>>>>>> Any help is welcome.
>>>>>>>>>>>
>>>>>>>>>>> --
>>>>>>>>>>> You received this message because you are subscribed to the
>>>>>>>>>>> Google Groups "Puppet Users" group.
>>>>>>>>>>> To unsubscribe from this group and stop receiving emails from
>>>>>>>>>>> it, send an email to [email protected].
>>>>>>>>>>> To view this discussion on the web visit
>>>>>>>>>>> https://groups.google.com/d/msgid/puppet-users/93e0e0e8-2b10-48ea-82c3-40fa8ec86d91%40googlegroups.com
>>>>>>>>>>>
>>>>>>>>>>> <https://groups.google.com/d/msgid/puppet-users/93e0e0e8-2b10-48ea-82c3-40fa8ec86d91%40googlegroups.com?utm_medium=email&utm_source=footer>
>>>>>>>>>>> .
>>>>>>>>>>> For more options, visit https://groups.google.com/d/optout.
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>> You received this message because you are subscribed to the Google
>>>>>>>>> Groups "Puppet Users" group.
>>>>>>>>> To unsubscribe from this group and stop receiving emails from it,
>>>>>>>>> send an email to [email protected].
>>>>>>>>> To view this discussion on the web visit
>>>>>>>>> https://groups.google.com/d/msgid/puppet-users/e2741ca6-5d04-4949-b214-4b11775c4d37%40googlegroups.com
>>>>>>>>>
>>>>>>>>> <https://groups.google.com/d/msgid/puppet-users/e2741ca6-5d04-4949-b214-4b11775c4d37%40googlegroups.com?utm_medium=email&utm_source=footer>
>>>>>>>>> .
>>>>>>>>>
>>>>>>>>> For more options, visit https://groups.google.com/d/optout.
>>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>> You received this message because you are subscribed to the Google
>>>>>>> Groups "Puppet Users" group.
>>>>>>> To unsubscribe from this group and stop receiving emails from it,
>>>>>>> send an email to [email protected].
>>>>>>> To view this discussion on the web visit
>>>>>>> https://groups.google.com/d/msgid/puppet-users/695e4bc4-cc4f-4c96-98ef-5fa06705a53a%40googlegroups.com
>>>>>>>
>>>>>>> <https://groups.google.com/d/msgid/puppet-users/695e4bc4-cc4f-4c96-98ef-5fa06705a53a%40googlegroups.com?utm_medium=email&utm_source=footer>
>>>>>>> .
>>>>>>>
>>>>>>> For more options, visit https://groups.google.com/d/optout.
>>>>>>>
>>>>>>
>>>>>> --
>>>>> You received this message because you are subscribed to the Google
>>>>> Groups "Puppet Users" group.
>>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>>> an email to [email protected].
>>>>> To view this discussion on the web visit
>>>>> https://groups.google.com/d/msgid/puppet-users/524f9812-0df8-43d0-8fa7-773cd28e4e42%40googlegroups.com
>>>>>
>>>>> <https://groups.google.com/d/msgid/puppet-users/524f9812-0df8-43d0-8fa7-773cd28e4e42%40googlegroups.com?utm_medium=email&utm_source=footer>
>>>>> .
>>>>>
>>>>> For more options, visit https://groups.google.com/d/optout.
>>>>>
>>>>
>>>>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/bae294b8-4b12-4d0e-b614-50b091a66750%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
2016-08-29 02:05:17,609 INFO [main] [o.e.j.u.log] Logging initialized @13743ms
2016-08-29 02:05:17,848 INFO [main] [p.t.s.w.jetty9-core] Removing buggy
security provider SunPKCS11-NSS version 1.7
2016-08-29 02:05:21,158 INFO [async-dispatch-2] [p.s.v.versioned-code-service]
No code-id-command set for versioned-code-service. Code-id will be nil.
2016-08-29 02:05:21,159 INFO [async-dispatch-2] [p.s.v.versioned-code-service]
No code-content-command set for versioned-code-service. Attempting to fetch
code content will fail.
2016-08-29 02:05:21,191 INFO [async-dispatch-2] [p.s.j.jruby-puppet-service]
Initializing the JRuby service
2016-08-29 02:05:21,193 WARN [async-dispatch-2] [p.s.j.jruby-puppet-service]
The 'jruby-puppet.use-legacy-auth-conf' setting is set to 'true'. Support for
the legacy Puppet auth.conf file is deprecated and will be removed in a future
release. Change this setting to 'false' and migrate your authorization rule
definitions in the /etc/puppetlabs/puppet/auth.conf file to the
/etc/puppetlabs/puppetserver/conf.d/auth.conf file.
2016-08-29 02:05:21,211 INFO [async-dispatch-2] [p.t.s.w.jetty9-service]
Initializing web server(s).
2016-08-29 02:05:21,230 INFO [clojure-agent-send-pool-0]
[p.s.j.jruby-puppet-internal] Creating JRuby instance with id 1.
2016-08-29 02:05:30,592 WARN [clojure-agent-send-pool-0] [puppetserver] Puppet
Comparing Symbols to non-Symbol values is deprecated
(file & line not available)
2016-08-29 02:05:30,677 INFO [clojure-agent-send-pool-0] [puppetserver] Puppet
Puppet settings initialized; run mode: master
2016-08-29 02:05:31,697 INFO [clojure-agent-send-pool-0]
[p.s.j.jruby-puppet-agents] Finished creating JRubyPuppet instance 1 of 1
2016-08-29 02:05:31,705 INFO [async-dispatch-2]
[p.s.c.puppet-server-config-core] Not overriding webserver settings with values
from core Puppet
2016-08-29 02:05:35,236 INFO [async-dispatch-2]
[p.s.c.certificate-authority-service] CA Service adding a ring handler
2016-08-29 02:05:35,256 INFO [async-dispatch-2] [p.s.p.puppet-admin-service]
Starting Puppet Admin web app
2016-08-29 02:05:35,277 ERROR [async-dispatch-2] [p.t.internal] Error during
service init!!!
java.lang.IllegalStateException: Cannot initialize master with partial state;
need all files or none.
Found:
/etc/puppetlabs/puppet/ssl/private_keys/puppetserver.localdomain.pem
Missing:
/etc/puppetlabs/puppet/ssl/certs/puppetserver.localdomain.pem
at
puppetlabs.puppetserver.certificate_authority$eval28603$partial_state_error__28608$fn__28609.invoke(certificate_authority.clj:286)
~[na:na]
at
puppetlabs.puppetserver.certificate_authority$eval28603$partial_state_error__28608.invoke(certificate_authority.clj:279)
~[na:na]
at
puppetlabs.puppetserver.certificate_authority$eval29174$initialize_master_ssl_BANG___29179$fn__29180.invoke(certificate_authority.clj:694)
~[na:na]
at
puppetlabs.puppetserver.certificate_authority$eval29174$initialize_master_ssl_BANG___29179.invoke(certificate_authority.clj:678)
~[na:na]
at
puppetlabs.services.ca.certificate_authority_service$reify__33833$service_fnk__5299__auto___positional$reify__33844.initialize_master_ssl_BANG_(certificate_authority_service.clj:42)
~[na:na]
at
puppetlabs.services.protocols.ca$eval33771$fn__33796$G__33757__33800.invoke(ca.clj:3)
~[na:na]
at
puppetlabs.services.protocols.ca$eval33771$fn__33796$G__33756__33805.invoke(ca.clj:3)
~[na:na]
at clojure.core$partial$fn__4527.invoke(core.clj:2494)
~[puppet-server-release.jar:na]
at
puppetlabs.services.master.master_service$reify__30347$service_fnk__5299__auto___positional$reify__30366.init(master_service.clj:45)
~[na:na]
at
puppetlabs.trapperkeeper.services$eval5105$fn__5106$G__5093__5109.invoke(services.clj:8)
~[na:na]
at
puppetlabs.trapperkeeper.services$eval5105$fn__5106$G__5092__5113.invoke(services.clj:8)
~[na:na]
at
puppetlabs.trapperkeeper.internal$eval13828$run_lifecycle_fn_BANG___13835$fn__13836.invoke(internal.clj:177)
~[na:na]
at
puppetlabs.trapperkeeper.internal$eval13828$run_lifecycle_fn_BANG___13835.invoke(internal.clj:160)
~[na:na]
at
puppetlabs.trapperkeeper.internal$eval13857$run_lifecycle_fns__13862$fn__13863.invoke(internal.clj:211)
~[na:na]
at
puppetlabs.trapperkeeper.internal$eval13857$run_lifecycle_fns__13862.invoke(internal.clj:188)
[na:na]
at
puppetlabs.trapperkeeper.internal$eval14328$build_app_STAR___14337$fn$reify__14347.init(internal.clj:561)
[na:na]
at
puppetlabs.trapperkeeper.internal$eval14374$boot_services_for_app_STAR__STAR___14381$fn__14382$fn__14384.invoke(internal.clj:587)
[na:na]
at
puppetlabs.trapperkeeper.internal$eval14374$boot_services_for_app_STAR__STAR___14381$fn__14382.invoke(internal.clj:586)
[na:na]
at
puppetlabs.trapperkeeper.internal$eval14374$boot_services_for_app_STAR__STAR___14381.invoke(internal.clj:580)
[na:na]
at clojure.core$partial$fn__4529.invoke(core.clj:2499)
[puppet-server-release.jar:na]
at
puppetlabs.trapperkeeper.internal$eval13896$initialize_lifecycle_worker__13907$fn__13908$fn__13995$state_machine__11872__auto____13996$fn__13998.invoke(internal.clj:228)
[na:na]
at
puppetlabs.trapperkeeper.internal$eval13896$initialize_lifecycle_worker__13907$fn__13908$fn__13995$state_machine__11872__auto____13996.invoke(internal.clj:228)
[na:na]
at
clojure.core.async.impl.ioc_macros$run_state_machine.invoke(ioc_macros.clj:1011)
[na:na]
at
clojure.core.async.impl.ioc_macros$run_state_machine_wrapped.invoke(ioc_macros.clj:1015)
[na:na]
at clojure.core.async$ioc_alts_BANG_$fn__12040.invoke(async.clj:378)
[na:na]
at clojure.core.async$do_alts$fn__11986$fn__11989.invoke(async.clj:247)
[na:na]
at
clojure.core.async.impl.channels.ManyToManyChannel$fn__6807$fn__6808.invoke(channels.clj:95)
[na:na]
at clojure.lang.AFn.run(AFn.java:22) [puppet-server-release.jar:na]
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
[na:1.7.0_75]
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
[na:1.7.0_75]
at java.lang.Thread.run(Thread.java:745) [na:1.7.0_75]
2016-08-29 02:05:35,296 INFO [main] [p.t.internal] Beginning shutdown sequence
2016-08-29 02:05:35,314 INFO [async-dispatch-3] [p.t.s.w.jetty9-service]
Shutting down web server(s).
2016-08-29 02:05:35,338 INFO [clojure-agent-send-pool-1]
[p.s.j.jruby-puppet-agents] Flush request received; creating new JRuby pool.
2016-08-29 02:05:35,355 INFO [clojure-agent-send-pool-1]
[p.s.j.jruby-puppet-agents] Replacing old JRuby pool with new instance.
2016-08-29 02:05:35,364 INFO [clojure-agent-send-pool-1]
[p.s.j.jruby-puppet-agents] Swapped JRuby pools, beginning cleanup of old pool.
2016-08-29 02:05:35,383 INFO [clojure-agent-send-pool-1]
[p.s.j.jruby-puppet-internal] Cleaned up old JRuby instance with id 1.
2016-08-29 02:05:35,412 INFO [main] [p.t.internal] Finished shutdown sequence
