Hi Martin, I am trying to use puppetlabs-puppetdb. This is being installed via my control repository. Unfortunately I am unable to start the service and am running into the errors / issues that I have previously stated. Thank you,
Kind regards, Callum McCrorie Junior Engineer/Project Management On Wed, 12 Oct 2022 at 15:37, Martin Alfke <[email protected]> wrote: > > Hi Callum, > > in general we use Puppet to also manage the Puppet Server. > Usually we recommend using puppetlabs-puppetdb, which will take care on > postgresql and puppetdb and the required settings and even restart > puppetserver process. > Instead of trying to manually solve an issue, you should automate your > automation (which is your Puppet server). > > hth, > Martin > > > On 12. Oct 2022, at 16:05, Callum McCrorie <[email protected]> wrote: > > > > Thank you Martin for your help with this. > > I have tried implementing what you suggested above and moving the database > > config to database.ini. Unfortunately there has been no change of outcome > > when trying to start puppetdb or when running puppet agent. There is also > > no new information / entries appearing in the .log files for puppetdb. > > Please could you provide any other ideas of how we should debug this issue > > or things to try? > > > > Kind regards, > > Callum McCrorie > > Junior Engineer/Project Management > > > > > > > > On Tue, 11 Oct 2022 at 08:52, Martin Alfke <[email protected]> wrote: > > Subname needs the PostgreSQL connection. Not the PuppetDB URL > > > > Wrong: > > subname = //localhost:8081/puppetdb > > > > Right: > > subname = //localhost:5432/puppetdb > > > > In my config all the database config is not in config.ini but in > > database.ini > > > > # /etc/puppetlabs/puppetdb/conf/database.ini > > [database] > > > > # The database address, i.e. //HOST:PORT/DATABASE_NAME > > # subname = //localhost:5432/puppetdb > > subname = //localhost:5432/puppetdb > > > > # Connect as a specific user > > # username = foobar > > username = puppetdb > > > > # Use a specific password > > # password = foobar > > password = puppetdb > > > > # How often (in minutes) to compact the database > > # gc-interval = 60 > > gc-interval = 60 > > classname = org.postgresql.Driver > > subprotocol = postgresql > > syntax_pgs = true > > node-purge-gc-batch-limit = 25 > > node-ttl = 7d > > node-purge-ttl = 14d > > report-ttl = 14d > > log-slow-statements = 10 > > conn-max-age = 60 > > conn-keep-alive = 45 > > conn-lifetime = 0 > > migrate = true > > > > > > Hth, > > Martin > > > >> On 10. Oct 2022, at 15:42, Callum McCrorie <[email protected]> > >> wrote: > >> > >> Hello, > >> I’m reaching out about an issue related to PuppetDB. I am hoping that > >> someone will be able to assist myself and my coworker in solving this > >> problem. > >> > >> When I take a look inside the puppetdb log file the error that I am > >> seeing is `ERROR [p.p.config] No subname set in the "database" > >> config`. Root to the log file is - > >> /var/log/puppetlabs/puppetdb/puppetdb.log. > >> > >> If I try to start puppetdb service manually by running `systemctl > >> start puppetdb` I then receive the following error message: > >> `Job for puppetdb.service failed because the control process exited > >> with error code. > >> See "systemctl status puppetdb.service" and "journalctl -xe" for details.` > >> > >> Following this when looking at `journalctl -xe` I can see the error > >> message: > >> `-- The unit puppetdb.service has entered the 'failed' state with > >> result 'exit-code' > >> Oct 04 13:37:36 puppet systemd[1]: Failed to start puppetdb Service. > >> -- Subject: A start job for unit puppetdb.service has failed.' > >> > >> I have also included in this the PuppetDB scripts and any related scripts. > >> > >> The following script is for puppet.conf location is > >> /etc/puppetlabs/puppet/puppet.conf. > >> > >> # This file can be used to override the default puppet settings. > >> # See the following links for more details on what settings are available: > >> # - https://puppet.com/docs/puppet/latest/config_important_settings.html > >> # - https://puppet.com/docs/puppet/latest/config_about_settings.html > >> # - https://puppet.com/docs/puppet/latest/config_file_main.html > >> # - https://puppet.com/docs/puppet/latest/configuration.html > >> [server] > >> vardir = /opt/puppetlabs/server/data/puppetserver > >> logdir = /var/log/puppetlabs/puppetserver > >> rundir = /var/run/puppetlabs/puppetserver > >> pidfile = /var/run/puppetlabs/puppetserver/puppetserver.pid > >> codedir = /etc/puppetlabs/code > >> > >> [master] > >> storeconfigs = true > >> storeconfigs_backend = puppetdb > >> reports = store, puppetdb > >> > >> [agent] > >> noop = true > >> > >> The next script is from puppetdb.conf location is > >> /etc/puppetlabs/puppet/puppetdb.conf > >> > >> [main] > >> server_urls = https://puppetdb.company.com:8081 > >> > >> > >> The puppetdb config.ini file > >> (/etc/puppetlabs/puppetdb/conf.d/config.ini) is as follows: > >> > >> #logging-config = /etc/puppetlabs/puppetdb/logback.xml > >> > >> #[command-processing] > >> # How many command-processing threads to use, defaults to (CPUs / 2) > >> # threads = 4 > >> > >> # How many threads can write to disk at once, defaults to min(CPUs / 2, 4) > >> # concurrent-writes = 4 > >> > >> [global] > >> vardir = /var/lib/puppetdb > >> logging-config = /var/lib/puppetdb/logback.xml > >> > >> [database] > >> classname = org.postgresql.Driver > >> subprotocol = postgresql > >> subname = //localhost:8081/puppetdb > >> > >> [puppetdb] > >> certificate-whitelist = /path/to/file/containing/certnames > >> disable-update-checking = false > >> > >> The puppetdb jetty.ini file > >> (/etc/puppetlabs/puppetdb/conf.d/jetty.ini) is as follows: > >> > >> [jetty] > >> # IP address or hostname to listen for clear-text HTTP. To avoid resolution > >> # issues, IP addresses are recommended over hostnames. > >> # Default is `localhost`. > >> # host = <host> > >> > >> # Port to listen on for clear-text HTTP. > >> port = 8080 > >> > >> # The following are SSL specific settings. They can be configured > >> # automatically with the tool `puppetdb ssl-setup`, which is normally > >> # ran during package installation. > >> > >> # IP address to listen on for HTTPS connections. Hostnames can also be used > >> # but are not recommended to avoid DNS resolution issues. To listen on all > >> # interfaces, use `0.0.0.0`. > >> ssl-host = 0.0.0.0 > >> > >> # The port to listen on for HTTPS connections > >> ssl-port = 8081 > >> > >> # Private key path > >> ssl-key = /etc/puppetlabs/puppetdb/ssl/private.pem > >> > >> # Public certificate path > >> ssl-cert = /etc/puppetlabs/puppetdb/ssl/public.pem > >> > >> # Certificate authority path > >> ssl-ca-cert = /etc/puppetlabs/puppetdb/ssl/ca.pem > >> > >> # Access logging configuration path. To turn off access logging > >> # comment out the line with `access-log-config=...` > >> access-log-config = /etc/puppetlabs/puppetdb/request-logging.xml > >> client-auth = want > >> > >> The puppetdb auth.conf file > >> (/etc/puppetlabs/puppetdb/conf.d/auth.conf) is as follows: > >> > >> authorization: { > >> version: 1 > >> rules: [ > >> { > >> # Allow unauthenticated access to the status service endpoint > >> match-request: { > >> path: "/status/v1/services" > >> type: path > >> method: get > >> } > >> allow-unauthenticated: true > >> sort-order: 500 > >> name: "puppetlabs status service - full" > >> }, > >> { > >> match-request: { > >> path: "/status/v1/simple" > >> type: path > >> method: get > >> } > >> allow-unauthenticated: true > >> sort-order: 500 > >> name: "puppetlabs status service - simple" > >> }, > >> { > >> # Allow nodes to access the metrics service > >> # for puppetdb, the metrics service is the only > >> # service using the authentication service > >> match-request: { > >> path: "/metrics" > >> type: path > >> method: [get, post] > >> } > >> allow: "*" > >> sort-order: 500 > >> name: "puppetlabs puppetdb metrics" > >> }, > >> { > >> # Deny everything else. This ACL is not strictly > >> # necessary, but illustrates the default policy > >> match-request: { > >> path: "/" > >> type: path > >> } > >> deny: "*" > >> sort-order: 999 > >> name: "puppetlabs deny all" > >> } > >> ] > >> } > >> > >> > >> I hope that I have provided enough information needed for this issue > >> with puppetdb. If you would like any additional information to assist > >> with being able to solve this please feel free to ask, and thank you > >> in advance for your help on this issue > >> > >> -- > >> You received this message because you are subscribed to the Google Groups > >> "Puppet Users" group. > >> To unsubscribe from this group and stop receiving emails from it, send an > >> email to [email protected]. > >> To view this discussion on the web visit > >> https://groups.google.com/d/msgid/puppet-users/a106da8f-3946-42a3-9bc4-59b9643ff312n%40googlegroups.com. > > > > > > -- > > You received this message because you are subscribed to the Google Groups > > "Puppet Users" group. > > To unsubscribe from this group and stop receiving emails from it, send an > > email to [email protected]. > > To view this discussion on the web visit > > https://groups.google.com/d/msgid/puppet-users/6414FBA4-C7E6-4714-9C1C-7C1A44F924B6%40gmail.com. > > > > -- > > You received this message because you are subscribed to the Google Groups > > "Puppet Users" group. > > To unsubscribe from this group and stop receiving emails from it, send an > > email to [email protected]. > > To view this discussion on the web visit > > https://groups.google.com/d/msgid/puppet-users/CABUjAcDxMeR-squzZo6xFBDc3grkxaGiF5KU4V_mUoArw_ZBuw%40mail.gmail.com. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/4AC969D8-E685-45ED-9D8D-49DF409FE5CB%40gmail.com. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CABUjAcD2io3Xfaash%3Dyz_nEqcr0LYtfZZgep1XZy8YQzfAesPA%40mail.gmail.com.
