Puppet is a wonderful system automation tool, however the learning curve can be a little steep. We've collected some of the errors messages and "strange" behaviour you may come across together with explanations to help overcome these hurdles and boost adoption of this fabulous tool.

If you have any useful errors and explanations, please do send them in and we'll update this article.

General Puppet errors

These errors happen on current or popular versions of Puppet.

Failed to retrieve current state of resource: Could not retrieve information from source(s)

err: //test/File[/tmp/foo]: Failed to retrieve current state of resource: Could not retrieve information from source(s) puppet:///test/foo at /etc/puppet/modules test/manifests/init.pp:5


The file cannot be found on the puppetmaster. Check that the source file exists on the puppetmaster and is readable by the puppetmaster process. Note that the file is actually required to be in /etc/puppet/modules/test/files/foo.

If the error says ... from source(s) test/foo then you have omitted puppet:/// from your manifest - check that it says something like:

source => "puppet:///test/foo"


Could not request certificate: undefined method `closed?'

err: Could not request certificate: undefined method `closed?' for nil:NilClass Exiting; failed to retrieve certificate and watiforcert is disabled


This one is normally very simple - you've forgotten to run puppetd as root and so it does not have permission to read the certificates.

Change from absent to file failed

err: //test/File[/tmp/missing/foo]/ensure: change from absent to file failed: Could not set file on ensure: No such file or directory - /tmp/missing/foo at /etc/puppet/modules/test/manifests/init.pp:5


"No such file or directory? But you are supposed to make it!" is a typical response. The problem here is that the parent directory /tmp/missing does not exist. Either tell puppet to create the missing directory (note that you don't need an explicit dependency as puppet will do that for you) or resolve this in a different manner (for example by depending upon a package which creates the parent directory).

Change failed ... Could not find server

err: //test/File[/tmp/foo]/content: change from {md5}068008008418dff20750a94336318974 to {md5}8db2d67767577c70b1251fd80ad32943 failed: Could not find server puppet


The error here was that a filebucket had been set however the server name was set to "puppet" rather than the real name:

filebucket {
puppetmaster: server => "puppet1.example.com"
}


Could not retrieve catalog: can't convert nil into String

err: Could not retrieve catalog: can't convert nil into String at /etc/puppet/modules/test/manifests/init.pp:26 on node test.example.com


This error message happens when a template file is missing. As of v0.25.0, it prints a more helpful error message:

Could not find template 'test/foo' at /etc/puppet/modules/test/manifests/init.pp:26 on node test.example.com


undefined method `closed?' for nil:NilClass

err: Could not retrieve catalog from remote server: undefined method `closed?' for nil:NilClass


This error can occur when you have a bad error in a template - for example missing a closing quote. Double check any recent changes.

certificate verify failed

err: /File[/var/lib/puppet/lib]: Failed to generate additional resources using 'eval_generate': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
err: /File[/var/lib/puppet/lib]: Failed to retrieve current state of resource: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed Could not retrieve file metadata for puppet://puppet.example.com/plugins: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed


The server certificate that puppet has and the one that the puppetmaster is using differ. On a pure puppet node one simple way is just to remove the current SSL information and start again:

find /var/lib/puppet -type f -print0 |xargs -0r rm


no certificate found and waitforcert is disabled

warning: peer certificate won't be verified in this SSL session
Exiting; no certificate found and waitforcert is disabled


You just need to sign the certificate on the puppetmaster:

puppetca -l (returns a list of unsigned certificates)
puppetca -s node1.example.com


Could not retrieve catalog from remote server

err: Could not retrieve catalog from remote server: No such file or directory - /var/lib/puppet/client_yaml/catalog


This can occur if /var/lib/puppet/client_yaml/ is missing on the client (so that the catalog file cannot be written).

Could not render to pson: invalid utf8 byte

err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not render to pson: invalid utf8 byte: '�'


One of your templates contains a strange character. You can use "od -c filename" and look for the odd characters.

Version specific error messages

These errors happen on more specific versions of Puppet.

Could not intern from pson: Could not convert from pson: Could not find relationship target ''

err: Could not retrieve catalog from remote server: Could not intern from pson: Could not convert from pson: Could not find relationship target ''


This is a bug specific to v0.25.1.