Issue #4319 has been updated by Jasper Poppe.
Hi, the patch fixes my issue :) Don't think it's Nginx related for various
reasons. One is that it fine with the 0.25 series of Puppet.
I should learn some Ruby :s, was alredy looking in that file, but..
Here is (our down stripped) the nginx configuration I've used for the test:
upstream puppet-production {
server 127.0.0.1:18140;
server 127.0.0.1:18141;
server 127.0.0.1:18142;
server 127.0.0.1:18143;
}
server {
# Look at TLB size in /proc/cpuinfo (Linux) for the 4k pagesize
large_client_header_buffers 16 4k;
proxy_buffers 128 4k;
listen 8140;
# ssl_verify_client on;
ssl_verify_client optional;
root /var/empty;
ssl on;
ssl_certificate
/var/lib/puppet/ssl/certs/mp-puppetmaster002.intern.kijiji.net.pem;
ssl_certificate_key
/var/lib/puppet/ssl/private_keys/mp-puppetmaster002.intern.kijiji.net.pem;
ssl_client_certificate /var/lib/puppet/ssl/ca/ca_crt.pem;
ssl_crl /var/lib/puppet/ssl/ca/ca_crl.pem;
ssl_ciphers SSLv2:-LOW:-EXPORT:RC4+RSA;
ssl_session_cache shared:SSL:8m;
ssl_session_timeout 5m;
location / {
proxy_pass http://puppet-production;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Client-Verify SUCCESS;
proxy_set_header X-Client-Verify $ssl_client_verify;
proxy_set_header X-SSL-Subject $ssl_client_s_dn;
proxy_set_header X-SSL-Issuer $ssl_client_i_dn;
proxy_read_timeout 180;
}
}
I have also tried different versions of Nginx.
----------------------------------------
Bug #4319: File serving broken via mongrel in Puppet 2.6
http://projects.puppetlabs.com/issues/4319
Author: Jasper Poppe
Status: Unreviewed
Priority: High
Assigned to:
Category:
Target version:
Affected version: 2.6.0
Keywords:
Branch:
I have been busy for almost the whole day with this one, I hope I will give
enough detail. If more needed ping me.
File serving goes wrong in Puppet 2.6 via Mongrel, I suspect the issue is
caused by two slashes in the request URL. Here is a snippet of our Nginx log
file. In the middle line there are 2 slashes (in the file_content//modules
part).
- [21/Jul/2010:16:17:51 +0200] "GET
/production/file_metadata/modules/java/var/cache/debconf/sun-java5-jdk.seed
HTTP/1.1" 200 330 "-" "-"
- [21/Jul/2010:16:17:52 +0200] "GET
/production/file_content//modules/java/var/cache/debconf/sun-java5-jdk.seed
HTTP/1.1" 404 78 "-" "-"
- [21/Jul/2010:16:17:52 +0200] "GET
/production/file_metadata/modules/java/var/cache/debconf/sun-java5-jdk.seed
HTTP/1.1" 200 330 "-" "
We use exact the same Nginx configuration as we did for 2.5. I have tried many
different options but I don't expect the problem is there.
The interesting part is:
When you run the puppetmaster with the following parameters (so via webrick)
everything works fine.
/usr/sbin/puppetmasterd --no-daemonize --debug
When you run Puppet with Mongrel as backend the master says that it can not
find the contents of the file:
/usr/sbin/puppetmasterd --ssl_client_header=HTTP_X_SSL_SUBJECT
--servertype=mongrel --masterport=18140 --no-daemonize --debug
Snippet of master log:
debug: importing '/etc/puppet/manifests/stages.pp' in environment production
debug: Executing '/etc/puppet/scripts/get-config-version'
debug: No true answers and no default
debug: importing '/etc/puppet/modules/configs/cs-ops/manifests/init.pp' in
environment production
info: Automatically imported cs-ops from cs-ops into production
debug: File[/var/cache/debconf/sun-java5-jdk.seed]: Adding default for group
debug: File[/var/cache/debconf/sun-java5-jdk.seed]: Adding default for owner
debug: File[/var/cache/debconf/sun-java5-jdk.seed]: Adding default for mode
notice: Compiled catalog for cs-ops001b.foo.com in environment production
in 0.43 seconds
info: Caching catalog for cs-ops001b.foo.com
debug: Searched for resources in 0.01 seconds
debug: Searched for resource params and tags in 0.00 seconds
debug: Resource removal in 0.00 seconds
debug: Resource merger in 0.02 seconds
debug: Resource addition in 0.00 seconds
debug: Performed resource comparison in 0.02 seconds
debug: Using cached node for cs-ops001b.intern.marktplaats.nl
debug: Saved catalog to database in 0.04 seconds
info: Could not find file_content for
'/modules/java/var/cache/debconf/sun-java5-jdk.seed'
So the master says: info: Could not find file_content for
'/modules/java/var/cache/debconf/sun-java5-jdk.seed'
While the clients 'set' the content of the file with nothing :(
info: Retrieving plugin
info: /File[/var/lib/puppet/lib]: Storing newly-audited value for content
info: Loading facts in conterm
info: Loading facts in conterm
info: Caching catalog for cs-ops001.foo.com
info: Applying configuration version 'ref="refs/heads/master"
commit=212f99a4bce8f2b9edc5254d05d16573a2a84057'
notice:
/Stage[main]/Cs-ops/File[/var/cache/debconf/sun-java5-jdk.seed]/ensure: defined
content as '{md5}ff45e1ccbb1a98a180f242d6cb68215e'
notice: Finished catalog run in 0.08 seconds
It happens on any file I throw against it but here is my test snippet.
class cs-ops {
File {
owner => 'root',
group => 'root',
mode => '0644'
}
file { '/var/cache/debconf/sun-java5-jdk.seed':
source => 'puppet:///modules/java/var/cache/debconf/sun-java5-jdk.seed',
ensure => present;
}
}
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://projects.puppetlabs.com/my/account
--
You received this message because you are subscribed to the Google Groups
"Puppet Bugs" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-bugs?hl=en.
