How to get Run Puppet button working on Foreman?

Question

First of all, I know there is already a very similar question here on serverfault, but it doesn't quite answers my problem.

So, my setup is the following: I have one server, running Ubuntu 14.04 LTS and puppet master 3.4.3 with foreman 1.6. The client is a Windows 7 computer running puppet agent 3.7.0.

The automatic runs work fine, I just have trouble to get the Run Puppet button working. I always get this red overlay with this message:

failed to execute puppetrun: ERF12-4252 [ProxyAPI::ProxyException]: Unable to execute Puppet run ([RestClient::InternalServerError]: 500 Internal Server Error) for proxy https://puppetmaster:8443/puppet

I followed the instructions from the wiki and added on the node the file auth.conf, which did not exist before. I put it to C:\ProgramData\PuppetLabs\puppet\etc\, where the puppet.conf file resides. I also added an empty namespaceauth.conf to this directory. On the node and the server I activated listen=true. I added foreman-proxy to the sudoers file. I restarted the node service and the puppetmaster several times. This is where all the other postings I found said "now you have a working run puppet button". Except for me it is not working.

The only log entry I could find was in /var/log/foreman-proxy/proxy.log:

E, [2014-10-20T17:50:53.051681 #1119] ERROR -- : Failed puppet run: Check Log files

I checked all log files I could find, but couldn't find any further information as to what this error might be. Edit: added link to wiki 2nd Edit: I also checked the Foreman Error codes, but unfortunately, the code I get doesn't have any information linked to it. (yes, I checked for proxy communication errors - there are none)

Answer 1

Finally managed to get it running! It seems the error code (ERF12-4252) corresponds to different errors. I had different misconfigurations that returned different errors on the console, but Foreman always reported the same message.

The way to solve the issue for me was to use the puppet kick <mynode>command from the command line. There I discovered that my client certificate had a typo in its name and thus did not fit to the hostname.

On the Windows client I did the same (stopping the puppet windows service and starting the agent in the puppet command line window with puppet agent --debug --no-daemonizeto verify if anything happens on the agent.

This also helped in finding the correct directory for the auth.conf file. When installing the agent on Windows, the auth.conf file is placed in the install directory (usually C:\Program Files\PuppetLabs\Puppet\puppet\conf), but it is expected in C:\ProgramData\PuppetLabs\puppet\etc!

So, copying the file to this location and adding the required lines did the trick.

path /run
allow puppetmaster.dev.nextgen.local

After that, I only had to delete the old host in foreman, create a new certificate on the agent, sign it on the puppetmaster and add the new host in foreman.

Answer 2

The documentation on how to set different methods to make 'Run puppet' work is here:

Puppet section (4.3.7) of the Foreman manual

Currently remote runs can be setup through 'MCollective', 'Puppetssh' and 'puppetrun (or kick)' (deprecated).

Answer 3

it worked for me i opted for puppetssh source http://theforeman.org/manuals/1.11/index.html#4.3.6Puppet

follow that one instruction from the above link under the content puppetssh now edit the following line in the file.

/etc/foreman-proxy/settings.d/puppet

:puppetssh_command: /usr/bin/puppet agent --onetime --no-usecacheonfailure

convert it to

:puppetssh_command: /usr/bin/puppet agent --test

now it will work like charm feel free to reply if it doesn't worked cheers