问题
I have created the puppet master using aws opsworks. and I am able to add ami linux nodes automatically to the puppet master.
I am having issues when I tried to to add a windows 64 bit node to my puppet master by following this link https://puppet.com/docs/pe/2017.3/installing/installing_agents.html#install-windows-agents-with-the-msi-package
I copied the puppet-agent-x64.msi from the puppet master present in location to the windows node and /opt/puppetlabs/server/data/packages/public//windows-x86_64-/ and ran the installer to install the agent. the installation is successful and the Start Menu contains a Puppet folder with shortcuts for running the agent manually, running Facter, and opening a command prompt for use with Puppet tools.
But the windows node is not showing in puppet web ui and when i tried to run the puppet agent i get this error
"Running Puppet agent on demand ...
Error: Could not request certificate: Error 403 on SERVER: Forbidden request: /puppet-ca/v1/certificate/ca (method :get). Please see the server logs for details.
Exiting; failed to retrieve certificate and waitforcert is disabled
Press any key to continue . . ."
回答1:
You'll need to set allow_unauthenticated_ca to true on your OpsWorks master and then run puppet on it to make the change. Afterwards, you should be able to install the agent even if you're not provisioning from AWS or choose not to use the userdata script.
Steps:
- login to console.
- click on classification
- under PE infrastructure, select PE master.
- Go to configuration tab
- look for class
puppet_enterprise::profile::master - under parameters, select
allow_unauthenticated_caand set it totrue
Screenshot:
来源:https://stackoverflow.com/questions/48647384/windows-puppet-agent-does-not-connect-to-the-awsopsworks-puppet-enterprise-maste