Puppet Enterprise is a superb platform for automating the configuration and deployment of functions to servers, however as a complicated infrastructure administration device with quite a few interconnected shifting parts– could be a problem to troubleshoot when issues go awry. That is very true when coping with cascading errors which can be onerous to isolate for decision. What follows is a brief record of a few of the extra frequent points one could encounter, and some tips about easy methods to troubleshoot and resolve them.
1. You Can’t Log in as Admin to the Console
Finding the suitable log recordsdata for evaluation is step one to figuring out the basis trigger:
Utilizing Third-party Authentication (Lively Listing, LDAP, et al.):
/var/log/pe-httpd/entry.log/var/log/pe-httpd/error.log
Utilizing Console Authentication Service (Puppet’s built-in authentication system):
/var/log/pe-consol-auth/cas.log
Admins can also discover themselves locked out after 10 unsuccessful login makes an attempt. On this state of affairs, one other admin should log in to manually clear the lock on the opposite account. Drawback solved–assuming one other admin account exists. But when not, then what? Operating the next will create a brand new admin account:
$ cd /decide/puppet/share/console-auth$ sudo /decide/puppet/bin/rake db:create_user USERNAME=”adminuser2@acmecorp.com” PASSWORD=”” ROLE=”Admin”
The brand new admin account can then be used to log in and unblock the opposite admin account.
Alternatively, one can unblock a consumer by immediately eradicating the block flag from their database file. Puppet has created a tutorial on how to do that, although it’s particular to PE-installed Postgres databases.
2. Nodes Are Not Showing within the Console Dashboard
Once more, make sure you verify the suitable logs as an preliminary troubleshooting step:
/var/log/pe-httpd/puppetdashboard.error.log/var/log/pe-httpd/puppetdashboard.entry.log/var/log/pe-httpd/puppetmaster.error.log
The Background Duties pane can present further details about why the nodes are usually not showing. A lot of background duties could point out a malfunctioning dashboard employee.
On this case, stopping and beginning the pe-puppet-dashboard-workers could repair the problem. Make sure to verify the Background Duties pane once more after restarting the dashboard staff to confirm that the variety of duties has gone down.
3. No Details are Listed for Nodes within the Console Dashboard, or the Node Supervisor Shows a Clean Web page or Error Message
Extra typically, this downside happens when there are points with Puppet’s inside dashboard certificates. This may be verified by analyzing the suitable log file:
/var/log/pe-httpd/puppetmaster.error.log
If any certificates verification or SSL errors exist, regenerating the interior dashboard certificates ought to resolve the problem.
4. The PuppetDB Received’t Begin or Fails Silently
A myriad of causes exist for a non-starting or failing PuppetDB, with the most typical being working out of reminiscence. To confirm that that is the case, verify the suitable log file:
/var/log/pe-puppetdb/puppetdb.log
In the event you see an error like “java.lang.OutOfMemoryError: Java heap space,” bumping up Puppet’s reminiscence to the next restrict ought to resolve the problem. This may be finished by enhancing both the /and so on/sysconfig/pe-puppetdb or /and so on/default/pe-puppetdb configuration file, relying in your OS.
5. No Nodes are Exhibiting Up in Stay Administration
When utilizing Stay Administration to browse assets on nodes and invoke orchestration actions, typically a clean pane seems with no nodes current. Evaluation of the /var/log/pe-httpd/error.log file ought to reveal a line that reads “No MCollective servers responded.” Restarting MCollective on the grasp and/or brokers ought to successfully repair the issue.
A remaining notice on logs: they’re your pals, and ought to be checked out first when encountering issues. Whereas this may occasionally look like a no brainer, the fact is that log recordsdata are sometimes ignored when apparent options come to thoughts. To make issues simpler, Puppet Labs created this cheat sheet for locating out the place the assorted logs are positioned and what the errors/warnings may doubtlessly imply. That stated, log evaluation ought to be the primary in a collection of steps in direction of resolving points encountered with Puppet.
Although these 5 generally encountered Puppet Enterprise issues can have numerous causes, in lots of circumstances the problems (e.g., non-reporting nodes or a failing database) are the results of misconfigurations previous to automation. It’s essential that the infrastructure and software configurations be seen and understood first, with the purpose of bringing the surroundings underneath management previous to automation. GuardRail simplifies the duty discovering automation necessities, and might even flip these necessities into pre-formatted Puppet manifests. By validating configurations each throughout post-build and on an ongoing foundation, you possibly can relaxation assured that the state of your techniques are underneath management and protected from configuration drift.
Prepared to save lots of time and streamline your belief administration course of?
