问题描述
我正在使用人偶5.5。在站中,代理看起来正在运行。但实际上上一次报告是一个月前(通常每10分钟运行一次) 当我运行命令'puppet agent -t'时,出现此错误:
puppet agent -t
Warning: Unable to fetch my node definition,but the agent run will continue:
Warning: SSL_connect returned=1 errno=0 state=unknown state: sslv3 alert certificate unknown
Info: Retrieving pluginfacts
Error: /File[C:/ProgramData/PuppetLabs/puppet/cache/facts.d]: Failed to generate additional resources using 'eval_generate': SSL_connect returned=1 errno=0 state=unknown state: sslv3 alert certificate unknown
Error: /File[C:/ProgramData/PuppetLabs/puppet/cache/facts.d]: Could not evaluate: Could not retrieve file metadata for puppet:///pluginfacts: SSL_connect returned=1 errno=0 state=unknown state: sslv3 alert certificate unknown
Info: Retrieving plugin
Error: /File[C:/ProgramData/PuppetLabs/puppet/cache/lib]: Failed to generate additional resources using 'eval_generate': SSL_connect returned=1 errno=0 state=unknown state: sslv3 alert certificate unknown
Error: /File[C:/ProgramData/PuppetLabs/puppet/cache/lib]: Could not evaluate: Could not retrieve file metadata for puppet:///plugins: SSL_connect returned=1 errno=0 state=unknown state: sslv3 alert certificate unknown
Info: Loading facts
Error: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=unknown state: sslv3 alert certificate unknown
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Error: Could not send report: SSL_connect returned=1 errno=0 state=unknown state: sslv3 alert certificate unknown
解决方法
解决这个问题的线索是木偶搜索以查找自定义事实和库的路径。此问题的原因是C:/ ProgramData / PuppetLabs / puppet / cache目录中的缓存SSL证书。您可以使用该路径搜索“ * .pem”文件,如果找到与主机名匹配的文件,请将其删除。然后,您需要确保从人偶主服务器puppet cert clean <hostname>
清除主机的所有旧证书,然后使用puppet agent -tv
在主机上再次运行人偶代理以生成新证书。在主服务器puppet cert sign <hostname>
上再次签名新证书,您应该一切顺利。