When using the Puppet Enterprise Azure Marketplace Image and ARM template, you might encounter some problems that this troubleshooting section can address.
You can get help with Puppet from us and the rest of the Puppet community. If you've purchased Puppet Enterprise, you can also access our knowledge base and open a support ticket.
You can also find troubleshooting information in the PE docs:
PE password hasn't been set, or I don't have the password
Access to the console is disabled until you set the console password.
To create or reset a password, use the
set_console_password.sh script described in the Launcing the ARM template section.
Agents can't connect because PE configuration isn't yet complete
When first booting the Puppet Master Azure VM, PE configuration must complete before you can connect and manage agents.
check_status.shscript to determine whether configuration has finished:
SSH user name or credentials don't work when connecting to the EC2 instance
This image is created and configured using Azure ARM templates. You can provision the VM to use SSH key pair access, or a user name and password.
ssh -i ~/.ssh/<id_rsa>.pem puppetadmin@<Public IP or VM FQDN>
Alternatively, you can set a password to log in using the admin password you entered as a parameter to the ARM template.
Unsigned certificates page in the console has an internal URL for the curl
The curl command on the console's Unsigned Certificates page contains a URL that uses your master's internal DNS name, which won't work for nodes that cannot resolve that name.
For example, the command might look like:
curl -k https://puppetmasterv2.liweionmsdnnwoe.xx.internal.cloudapp.net:8140/packages/current/install.bash | sudo bash
To use the curl command, change the internal DNS name to the VM's external qualified domain name, which is available from the Azure Portal in the Virtual Machines section.
Public and private hostnames are incorrectly configured in PE
This PE installation and recommended security group settings are configured to use the private (internal) VM hostname for communicating from managed nodes to the master.
To find the local hostname on the master, use Facter.
Then follow the steps in Certificates and DNS configuration section.
$ facter networking.fqdn puppetmdns.westus2.cloudapp.azure.com $ facter networking.dhcp 22.214.171.124 $ facter networking.ip 10.0.0.4 $ facter networking.domain puppetmasterv2.iwsmirleafiednzgwua4ghu1bc.xx.internal.cloudapp.net
Puppet agent run won't work when started by a non-root user
An agent run initiated by
puppetadmin or any other non-root user will
fail when attempting to access certificates, packages, and services.
Always start manual Puppet agent runs with super-user privileges:
sudo /usr/local/bin/puppet agent -t