feat: update docs for puppet (#390)

- k8s / metallb / cilium created chaos - broke puppet agent and servers - adding issue/resolution here Reviewed-on: #390
2025-09-13 12:57:44 +10:00 · 2025-09-13 12:57:44 +10:00 · 938a6ac990
commit 938a6ac990
parent 0665873dc8
1 changed files with 18 additions and 0 deletions
--- a/doc/puppet/README.md
+++ b/doc/puppet/README.md
@ -29,3 +29,21 @@ these steps are required when adding additional puppet masters, as the subject a

    sudo systemctl start puppetserver
    sudo cp /root/current_crl.pem /etc/puppetlabs/puppet/ssl/crl.pem
+
+
+## troubleshooting
+
+### Issue 1:
+
+    [sysadmin@ausyd1nxvm2056 ~]$ sudo puppet agent -t
+    Error: The CRL issued by 'CN=Puppet CA: prodinf01n01.main.unkin.net' is missing
+
+Find another puppetserver that IS working, copy the `/etc/puppetlabs/puppet/ssl/crl.pem` to this host, run puppet again.
+
+
+### Issue 2:
+
+    [sysadmin@ausyd1nxvm2097 ~]$ sudo puppet agent -t
+    Error: Failed to parse CA certificates as PEM
+
+The puppet-agents CA cert `/etc/puppetlabs/puppet/ssl/certs/ca.pem` is empty or missing. Grab it from any other host. Run puppet again.