Puppet clients don't update

Question

We are running puppet 2.7.11-1ubuntu2.4 (Ubuntu 12.04) on our clients and master. The clients don't seem to update automatically, but when I run:

sudo puppet agent --test

Everything works fine.

Current running processes on the client:

root      1764     1  0 Sep10 ?        00:00:05 /usr/bin/ruby1.8 /usr/bin/puppet agent

/etc/puppet/puppet.conf

[main]
  logdir=/var/log/puppet
  vardir=/var/lib/puppet
  ssldir=/var/lib/puppet/ssl
  rundir=/var/run/puppet
  factpath=$vardir/lib/facter
  templatedir=$confdir/templates
  prerun_command=/etc/puppet/etckeeper-commit-pre
  postrun_command=/etc/puppet/etckeeper-commit-post
  pluginsync=true

[master]
  # These are needed when the puppetmaster is run by passenger
  # and can safely be removed if webrick is used.
  ssl_client_header = SSL_CLIENT_S_DN 
  ssl_client_verify_header = SSL_CLIENT_VERIFY

[agent]
  server=<URL_REMOVED>
  configtimeout=300

/var/log/syslog.log

Sep 11 16:12:48 <HOSTNAME_REMOVED> puppet-agent[1764]: Did not receive certificate
Sep 11 16:14:48 <HOSTNAME_REMOVED> puppet-agent[1764]: Did not receive certificate
Sep 11 16:16:49 <HOSTNAME_REMOVED> puppet-agent[1764]: Did not receive certificate
Sep 11 16:18:49 <HOSTNAME_REMOVED> puppet-agent[1764]: Did not receive certificate
Sep 11 16:20:49 <HOSTNAME_REMOVED> puppet-agent[1764]: Did not receive certificate

/etc/default/puppet

# Defaults for puppet - sourced by /etc/init.d/puppet

# Start puppet on boot?
START=yes

# Startup options
DAEMON_OPTS=""

Does someone have an idea what could be wrong?

Answer 1

We actually recently found the cause of this problem.

Some nodes had a hostname in their puppet.conf that didn't match the hostname in the certificate of the server.

Also some nodes didn't use their FQDN when they contacted the server, which caused mismatches with the client certificates. We fixed that by adding the FQDN to /etc/hosts:

127.0.1.1 hostename.domain.edu hostename