在今天簽名證書的時候出現一個問題,就是我的agent 比 server版本新,所以導致出現了這樣的錯誤
notice: Starting Puppet client version 2.7.11
err: Could not retrieve catalog from remote server: Error 400 on SERVER: No support for http method POST
notice: Using cached catalog
err: Could not retrieve catalog; skipping run
^Cnotice: Caught INT; calling stop
因爲yum源上的最新版本截止到現在是2.6.17,現在只有通過rubygems 的方式進行update(注:我的原則,現在儘量不用源碼就不用源碼,那種菊花疼的事,你們懂的)
升級步驟如下(個人只是在測試下升級,生成環境,做好你的備份):
- [root@server ssl]# puppet --version
- 2.6.17
- [root@server ssl]# yum -y install rubygems
- [root@server ssl]# gem install puppetserver
- ERROR: could not find gem puppetserver locally or in a repository
- [root@server ssl]# gem install puppet
- Successfully installed facter-1.6.11
- Successfully installed puppet-2.7.19
- 2 gems installed
- Installing ri documentation for facter-1.6.11...
- Installing RDoc documentation for facter-1.6.11...
- Could not find main page README
- Could not find main page README
- Could not find main page README
- Could not find main page README
- [root@server ssl]# puppet --version
- 2.7.19
另google 摘抄了一些 puppet的常見error,及解決辦法
【puppet 常見錯誤列表】
1.Failed to retrieve current state of resource: Could not retrieve information from source(s)
err: //test/File[/tmp/sky]: Failed to retrieve current state of resource: Could not retrieve information from source(s) puppet:///test/foo at /etc/puppet/modules/test/manifests/init.pp:6
解決方法:這是一般大多人犯的問題,這個問題一般是出現在puppetmaster上,大部分是source這個路徑沒有寫對。可以查看init.pp的第6行,
一般正確的寫法是source => “puppet:///test/sky”,關於文件服務器的寫法,可以參閱之前的sky的文檔.
2.Could not retrieve information from environment production source(s) puppet://server.puppet.com/plugins
解決方法:這是一般都是通過yum或者apt-get安裝了puppet,在puppetmaster和客戶端的配置文件 裏有pluginsync=true ,
把兩端/etc/puppet.conf裏pluginsync=true ,改成pluginsync=false,並重啓puppetmaster即可解決。
再補充一種方法,如果不設置pluginsync=false,那麼就需要到少要建個插件。
3.Could not request certificate: undefined method `closed?’
err: Could not request certificate: undefined method `closed?' for nil:NilClass Exiting;
failed to retrieve certificate and watiforcert is disabled
解決方法:a.確保puppet的運行用戶是否有權限讀ssl認證文件。
b.確認防火牆是否打開8140端口。
4.Change from absent to file failed
err: //test/File[/tmp/sky/www.mysqlops.com]/ensure: change from absent to file failed: Could not set file on ensure: No such file or directory
解決方法:很明顯,可能是沒有/tmp/sky這個目錄,如果沒有,請使用 mkdir -p /tmp/sky.
5.Run of Puppet configuration client already in progress
解決方法,很明顯,a.可以通過ps -axf|grep puppet是否有puppet進程在運行。如果有,則停掉puppet,再運行,即可。
b.沒有進程,那有可能puppetdlock存在,則刪除之,使用 rm -rf /var/puppet/state/puppetdlock
6.Change failed ... Could not find server
err: //test/File[/tmp/sky]/content: change from {md5}068008008418dff20750a94336318974 to {md5}8db2d67767577c70b1251fd80ad32943 failed: Could not find server puppet
解決方法:這是設置了filebucket, 名稱爲puppet,但並不沒有使用真名。在配置文件/etc/puppet.conf裏設置如下:
filebucket { puppetmaster: server => "www.mysqlops.com" # server後面要用全名,即fqdn. }
7.Could not retrieve catalog: can't convert nil into String
err: Could not retrieve catalog: can't convert nil into String at /etc/puppet/modules/test/manifests/init.pp:29 on node web-01.test.com
解決方法:確認模板文件是否存在。一般都是文件不存在的時候報的。
8.undefined method `closed?’ for nil:NilClass
err: Could not retrieve catalog from remote server: undefined method `closed?' for nil:NilClas
解決方法:經常可能是語法錯誤,少了雙引號或者 大概號什麼的。
9.certificate verify failed
err: /File[/var/lib/puppet/lib]: Failed to generate additional resources using 'eval_generate': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
err: /File[/var/lib/puppet/lib]: Failed to retrieve current state of resource: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed Could not retrieve file metadata for puppet://puppet.example.com/plugins: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
解決方法:這可能是換了不同的兩臺puppetmaster服務器引起的。解決方法,刪除現有ssl證書。find /var/lib/puppet -type f -print0 |xargs -0r rm
10.Could not retrieve catalog from remote server
err: Could not retrieve catalog from remote server: No such file or directory - /var/lib/puppet/client_yaml/catalog
解決方法:明顯提示,/var/lib/puppet/client_yaml/可能不存在,沒有則創建之。
11.no certificate found and waitforcert is disabled
warning: peer certificate won’t be verified in this SSL session
Exiting; no certificate found and waitforcert is disabled
解決方法: 這個是需要puppetmaster端給客戶端ssl簽名.
a.puppetca -l #列出等待簽名的客戶端
b.puppetca -s hostname # hostname 是客戶端主機的名字。
12.Could not intern from pson: Could not convert from pson: Could not find relationship target ”
解決方法:這是一個bug, 針對版本0.25.1.在puppet0.25.5.1版本中可以在/etc/puppet/puppet.conf裏添加
preferred_serialization_format = yaml 即可解決。
13.Error 400 on SERVER: No support for http method POST
err: Could not retrieve catalog from remote server: Error 400 on SERVER: No support for http method POST
解決方法:這個問題可能是puppetmaster是2.6版本,puppet客戶端版本是2.7。請記住 ,puppetmaster版本可以大於或者等於客戶端的版本。
不能小於,互換下puppet角色,即可。
14.You cannot specify more than one of content, source, target
err: Could not run Puppet configuration client: You cannot specify more than one of content, source, target at /etc/puppet/modules/test/manifests/init.pp:10
解決方法:錯誤提示很顯示,不能爲一個文件指定多個來源。
15.Could not retrieve catalog from remote server: wrong header line format
解決方法,可能是模板語法錯誤,請使用命令檢查模板語法,示例:erb -x -T ‘-’ -P test/templates/cron/cron.erb |ruby -c
16.Cannot override local resource on node
err: Could not retrieve catalog from remote server: Error 400 on SERVER: Exported resource skyd[foo] cannot override local resource on node web-01.mysqlops.com
解決方法:這個問題,一般是在使用export 虛擬資源的時候會出現,可能是有重複的定義。
這可能是由於舊節點,運行puppet clean node。查看數據庫。使用下面的sql
“select hosts.name from hosts,resources where restype=’skyd’ and title=’foo’ and hosts.id = resources.host_id;”
17.Could not render to pson: invalid utf8 byte
err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not render to pson: invalid utf8 byte:
解決方法:可能是有無效的utf8字符,可以使用命令:od -c filename 進行檢查。
18. 在安裝dashboad的時候,報
RAILS_ENV=production db:migrate --trace (in /usr/local/puppet-dashboard) ** Invoke db:migrate (first_time) ** Invoke environment (first_time) ** Execute environment ** Execute db:migrate ** Invoke db:schema:dump (first_time) ** Invoke environment ** Execute db:schema:dump rake aborted! undefined method `reenable' for <Rake::Task db:schema:dump => [environment]>:Rake::Task
解決訪問,可能是gem版本不對,升級版本,請確認版本是否滿足安裝dashboad的要求。
19.在執行facter命令的時候報:
err: Could not run Puppet configuration client: Could not retrieve local facts: execution expired
解決方法,由於ubuntu升級導致的ec2.rb有新的改動,可以修改/usr/lib/ruby/1.8/facter這個目錄下面的ec2.rb文件後從新啓動後解決。 具體解決方法如下:1. cd /usr/lib/ruby/1.8/facter
2. cp ec2.rb{,.`date -I`} #備份新的ec2.rb這個文件
3. 從正常執行的主機複製ec2.rb這個文件進行覆蓋。或者比較兩個文件的不同,進行修改。
20.在使用gem 安裝的時候會報:
ERROR: Could not find a valid gem 'rake' (>= 0) in any repository ERROR: While executing gem ... (Gem::RemoteFetcher::FetchError)
解決方法:可能是沒有gem源,或者無法訪問源,大部分是網絡問題。
可以多添加下幾個gem 源來嘗試解決:
使用命令:
- gem sources -a http://gems.rubyforge.org
- gem sources -a http://gems.rubyonrails.org
- gem sources -a http://gemcutter.org
- gem sources -a http://rubygems.org
添加了上面的四個gem源,希望能解決,另外使用gem 安裝的過程比較慢,需要大家耐心點等待提示。
21.err: Could not request certificate: Retrieved certificate does not match private key; please remove certificate from server and regenerate it with the current key
解決方法:按照下面a-d四個步驟,即可。
a.在客戶端可以刪除rm -rf /var/lib/puppet/ssl/,
b.在puppetmaster端,執行 puppetca -c 客戶端主機名
c. 客戶端在重新生成證書請求: puppet –test –server puppetmaster主機名
d.在puppetmaster端,執行 puppetca -s 客戶端主機名