nate
05/24/2023, 9:38 PM- name: rocky_compute
targets:
- _plugin: puppetdb
query: "inventory[certname] { facts.os.name = 'Rocky' and facts.group = 'compute'}"
instance: puppet6
we’re migrating from puppet 6 to 7, so we have two places to look. querying the puppet 7 db fails with a
Request to puppetdb at <https://puppetdb01.domain.edu:8081> failed with Failed to query PuppetDB: SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate).
Error executing plugin puppetdb from resolve_reference in puppetdb: Failed to connect to all PuppetDB server_urls: <https://puppetdb01.domain.edu:8081>.
is this error just telling me the CA cert is wrong for that named instance? setting log-level to trace shows success hitting the other one.puppetdb-instances:
puppet6:
server_urls: ['<https://old-puppetdb01.domain.edu:8081>']
cacert: "./certs/puppetmaster_ca.crt"
cert: "./certs/bolt.cert"
key: "./certs/bolt_key.pem"
puppet7:
server_urls: ['<https://puppetdb01.domain.edu:8081>']
cacert: "./certs/new_puppet_ca.crt"
cert: "./certs/bolt_puppet7.cert"
key: "./certs/bolt_puppet7.pem"