Issue #2532 has been updated by Nigel Kersten.
So I may actually have described this incorrectly. Perhaps the actual case is that clients are now always required to talk to the CA on every run, but if so, that's a change in behavior. It also doesn't make a lot of sense, as the puppetmasterd process was started with --no-ca on testserver.mydomain, so it should really have failed to talk to that server as a CA if this is the case, but perhaps --no-ca isn't working. ---------------------------------------- Bug #2532: ca_server/ca_port config settings overrides server/masterport config settings http://projects.reductivelabs.com/issues/2532 Author: Nigel Kersten Status: Unreviewed Priority: High Assigned to: Category: Target version: Complexity: Unknown Affected version: 0.25.0 Keywords: <pre> root# puppetd -t --server testserver.mydomain info: Caching catalog for c216f41a-f902-4bfb-a222-850dd957bebb info: Applying configuration version '1250129163' notice: Finished catalog run in 0.01 seconds root# puppetd -t --server testserver.mydomain --ca_server localhost err: Could not retrieve catalog from remote server: Connection refused - connect(2) notice: Using cached catalog info: Applying configuration version '1250129163' notice: Finished catalog run in 0.01 seconds </pre> and: <pre> root# puppetd -t --server testserver.mydomain info: Caching catalog for c216f41a-f902-4bfb-a222-850dd957bebb info: Applying configuration version '1250129163' notice: Finished catalog run in 0.01 seconds root# puppetd -t --server testserver.mydomain --ca_port 8150 err: Could not retrieve catalog from remote server: Connection refused - connect(2) notice: Using cached catalog info: Applying configuration version '1250129163' notice: Finished catalog run in 0.01 seconds root# puppetd -t --server testserver.mydomain --ca_port 8150 --masterport 8140 err: Could not retrieve catalog from remote server: Connection refused - connect(2) notice: Using cached catalog info: Applying configuration version '1250129163' notice: Finished catalog run in 0.01 seconds </pre> This is pretty nasty, as people with dedicated ca_servers may not notice if they have their CA configured to also be a config server. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://reductivelabs.com/redmine/my/account --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en -~----------~----~----~----~------~----~------~--~---
