Issue #4762 has been updated by Daniel Pittman. Status changed from Needs Decision to In Topic Branch Pending Merge Target version set to 2.7.3
https://github.com/puppetlabs/puppet/pull/21 fixes this issue: Previously, we only allowed Puppet Clients at a maximum distance of somewhere between 7,494 and 14,988 kilometers from the master, depending on the variance in local conditions. While this gave us good data security against hostile clients connecting from the dark side of the moon, real world testing shows the moon folks are likely to just take over a local staging host and attack that way. Thanks, John, for the analysis and proposed solution. I am awful sorry that we took close to a year to actually fix this problem. So, instead, allow clients sufficient time they should be comfortable able to connect to a master from the moon. We still refuse clients further out, like Mars, since it seems unlikely that Puppet management over that distance should work. We advise the manned Mars expedition to deploy a local Puppet Master to manage infrastructure in their base, and to watch out for the martians. ---------------------------------------- Bug #4762: Speed of light interfering with normal puppet operation https://projects.puppetlabs.com/issues/4762 Author: John Ferlito Status: In Topic Branch Pending Merge Priority: High Assignee: Nigel Kersten Category: Doh! Target version: 2.7.3 Affected Puppet version: 0.25.5 Keywords: speed of light in a vacuum Branch: Puppet::Network::HTTP::WEBrick doesn't wait long enough for the connection to establish In puppet/network/http/webrick.rb there is the following code @mutex.synchronize do raise "WEBrick server is already listening" if @listening @listening = true @thread = Thread.new { @server.start { |sock| raise "Client disconnected before connection could be established" unless IO.select([sock],nil,nil,0.1) sock.accept @server.run(sock) } } sleep 0.1 until @server.status == :Running end end The select only waits for 100ms. In my situation I have servers in US and puppet masters in Australia. 100ms is nowhere near long enough for the connection to establish Maybe 2-5 seconds would be more appropriate -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
