SSL_connect SYSCALL returned=5

957 views
Skip to first unread message

JL

unread,
Dec 9, 2009, 3:50:34 PM12/9/09
to Puppet Users
During puppet catalog runs, I sometimes (~ 10%) get the following
message:

Failed to retrieve current state of resource: SSL_connect SYSCALL
returned=5 errno=0 state=SSLv2/v3 read server hello A

Has anyone else ran into this? I am running puppet 0.25.1 on Solaris
9 and 10. Let me know what other info you need to help debug...

Dan Bode

unread,
Dec 27, 2009, 3:19:52 AM12/27/09
to puppet...@googlegroups.com
Hi,

During puppet catalog runs, I sometimes (~ 10%) get the following
message:

Failed to retrieve current state of resource: SSL_connect SYSCALL
returned=5 errno=0 state=SSLv2/v3 read server hello A

Does this problem still persist? Is it always on the same clients? What webserver are you using (webbrick?) What OS is the puppet server running on?

thanks,

-Dan

--

You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To post to this group, send email to puppet...@googlegroups.com.
To unsubscribe from this group, send email to puppet-users...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.



JL

unread,
Dec 29, 2009, 3:31:01 PM12/29/09
to Puppet Users
> > Does this problem still persist?
yes

> > Is it always on the same clients?

It has happened on every client except (I think) the puppet server
itself. The clients are Solaris 10 boxes with a mix of sparc and
i386. It seems to be happening about 10x more on one particular
client, but I think that is explained by the fact that catalog runs
take much longer on that box due to a module that is only being
applied to it.

> > What webserver are you using (webbrick?)

Yes, though this will probably change soon due to what I have read in
the Puppet Scalability Notes. We currently have only deployed puppet
to 5 nodes, but plan on managing more than 50 nodes.

> > What OS is the puppet server running on?

Solaris 10

Silviu Paragina

unread,
Dec 29, 2009, 5:49:05 PM12/29/09
to puppet...@googlegroups.com
Just a suggestion: does this happen on nodes that have the same version
of openssl?

I'm not really sure if the local puppet connection is encrypted or not
(ie puppetd<->puppetmaster on the server).


Silviu

Dan Bode

unread,
Dec 30, 2009, 12:34:33 AM12/30/09
to puppet...@googlegroups.com

can you recreate with

#>puppetd --test --debug --trace

then post the output

thanks,

Dan
 

Peter Meier

unread,
Dec 30, 2009, 11:58:48 AM12/30/09
to puppet...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> I'm not really sure if the local puppet connection is encrypted or not
> (ie puppetd<->puppetmaster on the server).

the only unencrypted connection of puppet is during the cert exchange,
everything else is encrypted.

cheers pete
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEUEARECAAYFAks7hr0ACgkQbwltcAfKi386sgCYxLfhSFer2fMOOAfpmId4n4/L
GQCdHkFWNXKKI3S55ZI2Ug6a1/W83YQ=
=4VCg
-----END PGP SIGNATURE-----

JL

unread,
Jan 8, 2010, 9:09:49 AM1/8/10
to Puppet Users
> can you recreate with
>
> #>puppetd --test --debug --trace
>
> then post the output

I don't have a debug trace, but I can tell you that I switched from
webrick to mongrel with nginx and my problem went away.

Reply all
Reply to author
Forward
0 new messages