When using the Puppet Enterprise Azure Marketplace Image and ARM template, you might encounter some problems that this troubleshooting section can address.

You can get help with Puppet from us and the rest of the Puppet community. If you've purchased Puppet Enterprise, you can also access our knowledge base and open a support ticket.

You can also find troubleshooting information in the PE docs:

PE password hasn't been set, or I don't have the password

Access to the console is disabled until you set the console password.

To create or reset a password, use the script described in the Launcing the ARM template section.

Agents can't connect because PE configuration isn't yet complete

When first booting the Puppet Master Azure VM, PE configuration must complete before you can connect and manage agents.

Run the script to determine whether configuration has finished:
/opt/puppetlabs/azure/bin/ --wait 

SSH user name or credentials don't work when connecting to the EC2 instance

This image is created and configured using Azure ARM templates. You can provision the VM to use SSH key pair access, or a user name and password.

Note: The private key must be the pair of the sshPublicKey that was entered as a parameter for the ARM template.
ssh -i ~/.ssh/<id_rsa>.pem puppetadmin@<Public IP or VM FQDN>

Alternatively, you can set a password to log in using the admin password you entered as a parameter to the ARM template.

Unsigned certificates page in the console has an internal URL for the curl

The curl command on the console's Unsigned Certificates page contains a URL that uses your master's internal DNS name, which won't work for nodes that cannot resolve that name.

For example, the command might look like:

curl -k | sudo bash

To use the curl command, change the internal DNS name to the VM's external qualified domain name, which is available from the Azure Portal in the Virtual Machines section.

Public and private hostnames are incorrectly configured in PE

This PE installation and recommended security group settings are configured to use the private (internal) VM hostname for communicating from managed nodes to the master.

To find the local hostname on the master, use Facter.

$ facter networking.fqdn

$ facter networking.dhcp

$ facter networking.ip

$ facter networking.domain
Then follow the steps in Certificates and DNS configuration section.  

Puppet agent run won't work when started by a non-root user

An agent run initiated by puppetadmin or any other non-root user will fail when attempting to access certificates, packages, and services.

Always start manual Puppet agent runs with super-user privileges:

sudo /usr/local/bin/puppet agent -t
Puppet sites use proprietary and third-party cookies. By using our sites, you agree to our cookie policy.