Hi Martin, Following on from your previous reply, I have taken the steps that you have suggested. From here I have received two new errors. I have looked into these and tried finding a solution and working through fixing them. However, I have unfortunately had no success in doing so. I am wondering if you might have any ideas / suggestions on what I should try next. The two errors that I am facing are as follows.
Error one: Error: /Stage[main]/Puppetdb::Database::Postgresql/Postgresql::Server::Db[puppetdb]/Postgresql::Server::Role[puppetdb]/Postgresql_psql[CREATE ROLE puppetdb ENCRYPTED PASSWORD ****]: Could not evaluate: Error evaluating 'unless' clause, returned pid 628818 exit 1: 'Error: Could not execute posix command: Invalid group: postgres ' Error two: Error: /Stage[main]/Profiles::Puppetboard/Docker::Image[ ghcr.io/voxpupuli/puppetboard:3.5.0]/Exec[/usr/local/bin/update_docker_image.sh ghcr.io/voxpupuli/puppetboard:3.5.0]: Could not evaluate: Could not find command 'docker' Thank you, Kind regards, Callum McCrorie Junior Engineer/Project Management On Thu, 13 Oct 2022 at 08:48, Martin Alfke <[email protected]> wrote: > Best option is to completely remove the puppetdb service: > > - stop puppetdb process > - uninstall puppetdb Package > - remove puppetdb conf dir /etc/puppetlabs/puppetdb > > Now remove the puppetdb settings from puppet.conf file: > - storeconfigs = true > - storeconfigs_backend = puppetdb > - reports = puppetdb > > Then remove the files > /etc/puppetlabs/puppet/routes.yaml > and > /etc/puppetlabs/puppet/puppetdb.conf > > Now restart the puppetserver process. > > Then you can make use of the module and run the puppet agent on your > puppet server. > > > > > On 12. Oct 2022, at 16:46, Callum McCrorie <[email protected]> > wrote: > > > > Hi Martin, > > I am trying to use puppetlabs-puppetdb. This is being installed via my > > control repository. Unfortunately I am unable to start the service and > > am running into the errors / issues that I have previously stated. > > Thank you, > > > > Kind regards, > > Callum McCrorie > > Junior Engineer/Project Management > > > > On Wed, 12 Oct 2022 at 15:37, Martin Alfke <[email protected]> wrote: > >> > >> Hi Callum, > >> > >> in general we use Puppet to also manage the Puppet Server. > >> Usually we recommend using puppetlabs-puppetdb, which will take care on > postgresql and puppetdb and the required settings and even restart > puppetserver process. > >> Instead of trying to manually solve an issue, you should automate your > automation (which is your Puppet server). > >> > >> hth, > >> Martin > >> > >>> On 12. Oct 2022, at 16:05, Callum McCrorie <[email protected]> > wrote: > >>> > >>> Thank you Martin for your help with this. > >>> I have tried implementing what you suggested above and moving the > database config to database.ini. Unfortunately there has been no change of > outcome when trying to start puppetdb or when running puppet agent. There > is also no new information / entries appearing in the .log files for > puppetdb. > >>> Please could you provide any other ideas of how we should debug this > issue or things to try? > >>> > >>> Kind regards, > >>> Callum McCrorie > >>> Junior Engineer/Project Management > >>> > >>> > >>> > >>> On Tue, 11 Oct 2022 at 08:52, Martin Alfke <[email protected]> wrote: > >>> Subname needs the PostgreSQL connection. Not the PuppetDB URL > >>> > >>> Wrong: > >>> subname = //localhost:8081/puppetdb > >>> > >>> Right: > >>> subname = //localhost:5432/puppetdb > >>> > >>> In my config all the database config is not in config.ini but in > database.ini > >>> > >>> # /etc/puppetlabs/puppetdb/conf/database.ini > >>> [database] > >>> > >>> # The database address, i.e. //HOST:PORT/DATABASE_NAME > >>> # subname = //localhost:5432/puppetdb > >>> subname = //localhost:5432/puppetdb > >>> > >>> # Connect as a specific user > >>> # username = foobar > >>> username = puppetdb > >>> > >>> # Use a specific password > >>> # password = foobar > >>> password = puppetdb > >>> > >>> # How often (in minutes) to compact the database > >>> # gc-interval = 60 > >>> gc-interval = 60 > >>> classname = org.postgresql.Driver > >>> subprotocol = postgresql > >>> syntax_pgs = true > >>> node-purge-gc-batch-limit = 25 > >>> node-ttl = 7d > >>> node-purge-ttl = 14d > >>> report-ttl = 14d > >>> log-slow-statements = 10 > >>> conn-max-age = 60 > >>> conn-keep-alive = 45 > >>> conn-lifetime = 0 > >>> migrate = true > >>> > >>> > >>> Hth, > >>> Martin > >>> > >>>> On 10. Oct 2022, at 15:42, Callum McCrorie <[email protected]> > wrote: > >>>> > >>>> Hello, > >>>> I’m reaching out about an issue related to PuppetDB. I am hoping that > >>>> someone will be able to assist myself and my coworker in solving this > >>>> problem. > >>>> > >>>> When I take a look inside the puppetdb log file the error that I am > >>>> seeing is `ERROR [p.p.config] No subname set in the "database" > >>>> config`. Root to the log file is - > /var/log/puppetlabs/puppetdb/puppetdb.log. > >>>> > >>>> If I try to start puppetdb service manually by running `systemctl > >>>> start puppetdb` I then receive the following error message: > >>>> `Job for puppetdb.service failed because the control process exited > >>>> with error code. > >>>> See "systemctl status puppetdb.service" and "journalctl -xe" for > details.` > >>>> > >>>> Following this when looking at `journalctl -xe` I can see the error > message: > >>>> `-- The unit puppetdb.service has entered the 'failed' state with > >>>> result 'exit-code' > >>>> Oct 04 13:37:36 puppet systemd[1]: Failed to start puppetdb Service. > >>>> -- Subject: A start job for unit puppetdb.service has failed.' > >>>> > >>>> I have also included in this the PuppetDB scripts and any related > scripts. > >>>> > >>>> The following script is for puppet.conf location is > >>>> /etc/puppetlabs/puppet/puppet.conf. > >>>> > >>>> # This file can be used to override the default puppet settings. > >>>> # See the following links for more details on what settings are > available: > >>>> # - > https://puppet.com/docs/puppet/latest/config_important_settings.html > >>>> # - https://puppet.com/docs/puppet/latest/config_about_settings.html > >>>> # - https://puppet.com/docs/puppet/latest/config_file_main.html > >>>> # - https://puppet.com/docs/puppet/latest/configuration.html > >>>> [server] > >>>> vardir = /opt/puppetlabs/server/data/puppetserver > >>>> logdir = /var/log/puppetlabs/puppetserver > >>>> rundir = /var/run/puppetlabs/puppetserver > >>>> pidfile = /var/run/puppetlabs/puppetserver/puppetserver.pid > >>>> codedir = /etc/puppetlabs/code > >>>> > >>>> [master] > >>>> storeconfigs = true > >>>> storeconfigs_backend = puppetdb > >>>> reports = store, puppetdb > >>>> > >>>> [agent] > >>>> noop = true > >>>> > >>>> The next script is from puppetdb.conf location is > >>>> /etc/puppetlabs/puppet/puppetdb.conf > >>>> > >>>> [main] > >>>> server_urls = https://puppetdb.company.com:8081 > >>>> > >>>> > >>>> The puppetdb config.ini file > >>>> (/etc/puppetlabs/puppetdb/conf.d/config.ini) is as follows: > >>>> > >>>> #logging-config = /etc/puppetlabs/puppetdb/logback.xml > >>>> > >>>> #[command-processing] > >>>> # How many command-processing threads to use, defaults to (CPUs / 2) > >>>> # threads = 4 > >>>> > >>>> # How many threads can write to disk at once, defaults to min(CPUs / > 2, 4) > >>>> # concurrent-writes = 4 > >>>> > >>>> [global] > >>>> vardir = /var/lib/puppetdb > >>>> logging-config = /var/lib/puppetdb/logback.xml > >>>> > >>>> [database] > >>>> classname = org.postgresql.Driver > >>>> subprotocol = postgresql > >>>> subname = //localhost:8081/puppetdb > >>>> > >>>> [puppetdb] > >>>> certificate-whitelist = /path/to/file/containing/certnames > >>>> disable-update-checking = false > >>>> > >>>> The puppetdb jetty.ini file > >>>> (/etc/puppetlabs/puppetdb/conf.d/jetty.ini) is as follows: > >>>> > >>>> [jetty] > >>>> # IP address or hostname to listen for clear-text HTTP. To avoid > resolution > >>>> # issues, IP addresses are recommended over hostnames. > >>>> # Default is `localhost`. > >>>> # host = <host> > >>>> > >>>> # Port to listen on for clear-text HTTP. > >>>> port = 8080 > >>>> > >>>> # The following are SSL specific settings. They can be configured > >>>> # automatically with the tool `puppetdb ssl-setup`, which is normally > >>>> # ran during package installation. > >>>> > >>>> # IP address to listen on for HTTPS connections. Hostnames can also > be used > >>>> # but are not recommended to avoid DNS resolution issues. To listen > on all > >>>> # interfaces, use `0.0.0.0`. > >>>> ssl-host = 0.0.0.0 > >>>> > >>>> # The port to listen on for HTTPS connections > >>>> ssl-port = 8081 > >>>> > >>>> # Private key path > >>>> ssl-key = /etc/puppetlabs/puppetdb/ssl/private.pem > >>>> > >>>> # Public certificate path > >>>> ssl-cert = /etc/puppetlabs/puppetdb/ssl/public.pem > >>>> > >>>> # Certificate authority path > >>>> ssl-ca-cert = /etc/puppetlabs/puppetdb/ssl/ca.pem > >>>> > >>>> # Access logging configuration path. To turn off access logging > >>>> # comment out the line with `access-log-config=...` > >>>> access-log-config = /etc/puppetlabs/puppetdb/request-logging.xml > >>>> client-auth = want > >>>> > >>>> The puppetdb auth.conf file > >>>> (/etc/puppetlabs/puppetdb/conf.d/auth.conf) is as follows: > >>>> > >>>> authorization: { > >>>> version: 1 > >>>> rules: [ > >>>> { > >>>> # Allow unauthenticated access to the status service > endpoint > >>>> match-request: { > >>>> path: "/status/v1/services" > >>>> type: path > >>>> method: get > >>>> } > >>>> allow-unauthenticated: true > >>>> sort-order: 500 > >>>> name: "puppetlabs status service - full" > >>>> }, > >>>> { > >>>> match-request: { > >>>> path: "/status/v1/simple" > >>>> type: path > >>>> method: get > >>>> } > >>>> allow-unauthenticated: true > >>>> sort-order: 500 > >>>> name: "puppetlabs status service - simple" > >>>> }, > >>>> { > >>>> # Allow nodes to access the metrics service > >>>> # for puppetdb, the metrics service is the only > >>>> # service using the authentication service > >>>> match-request: { > >>>> path: "/metrics" > >>>> type: path > >>>> method: [get, post] > >>>> } > >>>> allow: "*" > >>>> sort-order: 500 > >>>> name: "puppetlabs puppetdb metrics" > >>>> }, > >>>> { > >>>> # Deny everything else. This ACL is not strictly > >>>> # necessary, but illustrates the default policy > >>>> match-request: { > >>>> path: "/" > >>>> type: path > >>>> } > >>>> deny: "*" > >>>> sort-order: 999 > >>>> name: "puppetlabs deny all" > >>>> } > >>>> ] > >>>> } > >>>> > >>>> > >>>> I hope that I have provided enough information needed for this issue > >>>> with puppetdb. If you would like any additional information to assist > >>>> with being able to solve this please feel free to ask, and thank you > >>>> in advance for your help on this issue > >>>> > >>>> -- > >>>> You received this message because you are subscribed to the Google > Groups "Puppet Users" group. > >>>> To unsubscribe from this group and stop receiving emails from it, > send an email to [email protected]. > >>>> To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/a106da8f-3946-42a3-9bc4-59b9643ff312n%40googlegroups.com > . > >>> > >>> > >>> -- > >>> You received this message because you are subscribed to the Google > Groups "Puppet Users" group. > >>> To unsubscribe from this group and stop receiving emails from it, send > an email to [email protected]. > >>> To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/6414FBA4-C7E6-4714-9C1C-7C1A44F924B6%40gmail.com > . > >>> > >>> -- > >>> You received this message because you are subscribed to the Google > Groups "Puppet Users" group. > >>> To unsubscribe from this group and stop receiving emails from it, send > an email to [email protected]. > >>> To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/CABUjAcDxMeR-squzZo6xFBDc3grkxaGiF5KU4V_mUoArw_ZBuw%40mail.gmail.com > . > >> > >> -- > >> You received this message because you are subscribed to the Google > Groups "Puppet Users" group. > >> To unsubscribe from this group and stop receiving emails from it, send > an email to [email protected]. > >> To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/4AC969D8-E685-45ED-9D8D-49DF409FE5CB%40gmail.com > . > > > > -- > > You received this message because you are subscribed to the Google > Groups "Puppet Users" group. > > To unsubscribe from this group and stop receiving emails from it, send > an email to [email protected]. > > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/CABUjAcD2io3Xfaash%3Dyz_nEqcr0LYtfZZgep1XZy8YQzfAesPA%40mail.gmail.com > . > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/BDA5E0BA-7D40-4DA5-81B1-8738441ADF83%40gmail.com > . > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CABUjAcCBYM%2BrPWnQW302k8T4qBh29RN9-NxQBSWZqohG%2BGtAMQ%40mail.gmail.com.
