> No issue with connection to puppetdb on port 8081. Overall connectivity > looks good. > > [root@hostname conf.d]# telnet puppetdb 8081 > Trying XXX.XXX.XXX.XXX... > Connected to puppetdb. > Escape character is '^]'.
I'm not sure this is the correct hostname, so I wouldn't trust these test results. Looking back at your original error: Warning: Error 400 on SERVER: Could not retrieve facts for xxx.com: Failed to submit 'replace facts' command forxxx.com to PuppetDB at xxx.com:8081: Connection refused - connect(2) You obfuscate the hostname with xxx.com ... test with _that_ hostname (whatever it is). If that hostname is wrong, make sure you reflect the correct setting in /etc/puppet/puppetdb.conf ... perhaps setting server = puppetdb if that is the true hostname you wish to use. You need to be careful though, if the SSL certificate doesn't have a 'puppetdb' alias you will get SSL errors. > conf.d]# netstat -tpane|grep 80 > tcp 0 0 127.0.0.1:5432 127.0.0.1:58512 > ESTABLISHED 26 126802 19611/postgres > tcp 0 0 ::ffff:172.16.43.151:8080 :::* > LISTEN 496 126760 19343/java > tcp 0 0 :::80 :::* > LISTEN 0 12601 2537/httpd > tcp 0 0 :::8081 :::* > LISTEN 496 126765 19343/java > tcp 0 0 ::ffff:127.0.0.1:58512 ::ffff:127.0.0.1:5432 > ESTABLISHED 496 126801 19343/java > tcp 0 0 ::ffff:172.16.43.151:8081 ::ffff:172.16.43.151:33812 > TIME_WAIT 0 0 - So specifically here, its listening on 172.16.43.151 ... my suggestion about replacing this with 0.0.0.0 in jetty.ini might make a difference. > I read about using this whitelist.txt file to resolve the 'replace facts' > issue, but that does not seem to apply or work. > from /etc/puppetdb/conf.d/jetty.ini > > certificate-whitelist = /etc/puppetdb/whitelist.txt The advice you found seems unrelated to this error on the surface. While setting a certificate-whitelist is a good idea, I would undo it for now until we find the issue to make sure it doesn't cause other problems. > So my only remaining issue is reolving why it's throwing this error. My points about connection refused are still applicable here. ken. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNT%3DqbBL8gY80NnC1dc9fXswCuiNwwRphEDWe0_qoCuZLSQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
