The pe-bolt-server and pe-ace-server stop running, causing the puppet infra regenerate plan to fail in Puppet Enterprise.
Error messages and logs
You can get this error message after a Puppet run on the primary server:
The certificate for 'SSL CERTIFICATE' does not match its private key You can get this error message after a Puppet run on the pe-bolt-server and pe-ace-server:
Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Could not get metadata for Puppet:///modules/MODULENAME/FILE.conf Version and installation information
PE version: All supported
Solution
The rate limit on your infrastructure firewall causes Puppet runs to fail in PE.
To stop the rate limit on the primary server, remove rate limiting from the iptables firewall.
An example of the iptables rule causing the issue:
ACCEPT tcp -- anywhere anywhere tcp limit: avg 25/min burst 100
How can we improve this article?
0 comments
Please sign in to leave a comment.
Related articles