Puppet Master 代理配置

Question

我在木偶代理测试中遇到错误：

parallels@puppet-server:~$ puppet agent -t
Error: Could not request certificate: Failed to open TCP connection to puppet:8140 (getaddrinfo: Name or service not known)
Exiting; failed to retrieve certificate and waitforcert is disabled
parallels@puppet-server:~$ sudo puppet agent -t
Warning: Unable to fetch my node definition, but the agent run will continue:
Warning: Failed to open TCP connection to puppet:8140 (getaddrinfo: Name or service not known)
Info: Retrieving pluginfacts
Error: /File[/var/cache/puppet/facts.d]: Failed to generate additional resources using 'eval_generate': Failed to open TCP connection to puppet:8140 (getaddrinfo: Name or service not known)
Error: /File[/var/cache/puppet/facts.d]: Could not evaluate: Could not retrieve file metadata for puppet:///pluginfacts: Failed to open TCP connection to puppet:8140 (getaddrinfo: Name or service not known)
Info: Retrieving plugin
Error: /File[/var/cache/puppet/lib]: Failed to generate additional resources using 'eval_generate': Failed to open TCP connection to puppet:8140 (getaddrinfo: Name or service not known)
Error: /File[/var/cache/puppet/lib]: Could not evaluate: Could not retrieve file metadata for puppet:///plugins: Failed to open TCP connection to puppet:8140 (getaddrinfo: Name or service not known)
Error: Could not retrieve catalog from remote server: Failed to open TCP connection to puppet:8140 (getaddrinfo: Name or service not known)
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Error: Could not send report: Failed to open TCP connection to puppet:8140 (getaddrinfo: Name or service not known)

主配置文件： /etc/puppet/puppet.conf ：

[main]
ssldir = /var/lib/puppet/ssl
logdir = /var/log/puppet
localconfig = $vardir/localconfig
classfile = $vardir/classes.txt
[master]
environment = production
server = puppet-server
ca_server = puppet-server
vardir = /var/lib/puppet
cadir  = /var/lib/puppet/ssl/ca
dns_alt_names = puppet

/etc/hosts ：

127.0.0.1   localhost
127.0.1.1   parallels-Parallels-Virtual-Platform

# The following lines are desirable for IPv6 capable hosts
::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
192.168.64.14  puppet-server 
192.168.64.16  node-01

代理配置文件： /etc/puppet/puppet.conf ：

[main]
ssldir = /var/lib/puppet/ssl
vardir = /var/lib/puppet
cadir  = /var/lib/puppet/ssl/ca
dns_alt_names = puppet

[agent]
server=192.168.64.14
ca_server=192.168.64.14

代理/etc/hosts ：

127.0.0.1   localhost
127.0.1.1   parallels-Parallels-Virtual-Platform
192.168.64.14  puppet-server                                   
192.168.64.16  node-01

# The following lines are desirable for IPv6 capable hosts
::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

Answer 1

正如错误消息所说：

无法打开 TCP 连接到 puppet:8140 (getaddrinfo: Name or service not known)

它找不到主机puppet 。

如果将其添加到客户端和服务器上的/etc/hosts中，它应该可以工作：

192.168.64.14  puppet

Answer 2

如果您以非 root 用户身份运行puppet agent -t ，Puppet 会在 ~/.puppetlabs 下创建配置文件夹结构并忽略 /etc/puppetlabs/puppet/*（来源： https://puppet.com/docs/puppet/ latest/dirs_confdir.html ，如果您不使用最新版本，则可以从下拉列表中选择您的版本）

如果可以，请尝试以 root 身份运行（ sudo -i首先，然后运行puppet agent -t ）或尝试使用 sudo （这对我不起作用，但对你可能）。