PuppetDB:连接被拒绝

我试图让PuppetDB在我的puppetmaster机器上运行。 问题是我在执行代理程序时总是收到以下消息:

err: Could not retrieve catalog from remote server: Error 400 on SERVER: Failed to submit 'replace facts' command for handsoff.dc0.testing.de to PuppetDB at handsoff:8081: Connection refused - connect(2)

傀儡大师,puppetdb和数据库都在同一台主机上“运行”。

这是我的/etc/puppet/puppetdb.conf

 [main] server = handsoff port = 8081 

我的/etc/puppetdb/jetty.ini

 [jetty] # Hostname or IP address to listen for clear-text HTTP. Default is localhost # host = <host> # Port to listen on for clear-text HTTP. port = 8080 # The following are SSL specific settings. They can be configured # automatically with the tool `puppetdb ssl-setup`, which is normally # ran during package installation. # The host or IP address to listen on for HTTPS connections ssl-host = localhost # The port to listen on for HTTPS connections ssl-port = 8081 # Private key path ssl-key = /etc/puppetdb/ssl/private.pem # Public certificate path ssl-cert = /etc/puppetdb/ssl/public.pem # Certificate authority path ssl-ca-cert = /etc/puppetdb/ssl/ca.pem certificate-whitelist = /etc/puppetdb/ssl-whitelist 

和ssl白名单文件:

 localhost handsoff handsoff.dc0.testing.de 

lsof显示我的侦听端口

 # lsof -i -P | grep puppetdb | grep 80 java 2549 puppetdb 20u IPv6 4982 0t0 TCP localhost:8080 (LISTEN) java 2549 puppetdb 34u IPv6 9353 0t0 TCP localhost:8081 (LISTEN) 

在我的/ etc / hosts中我有这些行

 127.0.0.1 localhost 127.0.1.1 handsoff handsoff.dc0.testing.de 

所以从我的angular度来看,木偶应该可以通过本地主机和通过手工连接到端口8081上的puppetdb。 (我testing了两个,都有相同的结果)

任何想法这可能是错误的设置?

编辑 :我也试图在我的puppetdb.conf设置:

 [main] server = localhost port = 8081 

但是,然后我得到err: Could not retrieve catalog from remote server: Error 400 on SERVER: Failed to submit 'replace facts' command for handsoff.dc0.testing.de to PuppetDB at localhost:8081: hostname does not match the server certificate

我正在使用自签名证书(在使用apt-get进行安装之后,没有更改任何内容)。 我的猜测是,白名单将允许我这样使用证书。 这是错的吗?

One Solution collect form web for “PuppetDB:连接被拒绝”

确保hostname -f给出完全限定的名称(如果没有,更新/etc/hostname并更新sysctl kernel.hostname={your hostname} )。

对于最新版本的PuppetDB(4.2):

  1. 停止puppetDB service puppetdb stop
  2. 删除旧证书: rm -rf /etc/puppetlabs/puppetdb/ssl/
  3. 生成新的证书,puppet DB带有一个方便的工具: puppetdb ssl-setup
  4. 如果您使用SSL连接到数据库,则可能需要更新密钥库:

     keytool -import -alias "My CA" -file /etc/puppetlabs/puppetdb/ssl/ca.pem -keystore /etc/puppetlabs/puppetdb/ssl/truststore.jks 
  5. 启动puppetDB service puppetdb start
服务器问题集锦,包括 Linux(Ubuntu, Centos,Debian等)和Windows Server服务器.