Load Balance Puppet 3 masters with PuppetDB backend
264 views
Skip to first unread message
Felipe Salum
Nov 16, 2012, 4:33:03 PM11/16/12
to puppet...@googlegroups.com
Hi there.
I'm setting up a Puppet 3 + PuppetDB environment with the following architecture:
2 x puppetmaster/passenger with apache using Proxy Balance
1 x puppetdb
Following the Pro Puppet book, I set Apache on both puppetmasters to proxy the CA requests to just 1 puppetmaster server, and anything else between the 2 puppetmaster servers (call them workers).
Also both puppetmaster servers is set to use the puppetdb storeconfig backend.
Everything looks fine when I hit the puppetmaster running as the CA, but if my request is balanced to the 2nd puppetmaster worker I got the errors below:
root@puppetdb1:/# puppet agent --test --server puppet.puppet.test
Warning: Unable to fetch my node definition, but the agent run will continue:
Warning: Error 400 on SERVER: Could not retrieve facts for puppetdb1.puppet.test: Failed to submit 'replace facts' command for puppetdb1.puppet.test to PuppetDB at puppetdb1.puppet.test:8081: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read finished A
Info: Retrieving plugin
Info: Loading facts in /var/lib/puppet/lib/facter/pe_version.rb
Info: Loading facts in /var/lib/puppet/lib/facter/puppet_vardir.rb
Info: Loading facts in /var/lib/puppet/lib/facter/root_home.rb
Info: Loading facts in /var/lib/puppet/lib/facter/facter_dot_d.rb
Info: Loading facts in /var/lib/puppet/lib/facter/iptables.rb
Info: Loading facts in /var/lib/puppet/lib/facter/postgres_default_version.rb
Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Failed to submit 'replace facts' command for puppetdb1.puppet.test to PuppetDB at puppetdb1.puppet.test:8081: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read finished A
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
For some reason when my puppetmaster2 worker receives the request from any of my puppet agent nodes the facts fail.
192.168.168.9 - - [16/Nov/2012:13:15:10 -0800] "GET /production/node/puppetdb1.puppet.test? HTTP/1.1" 400 513 "-" "-"
192.168.168.9 - - [16/Nov/2012:13:15:16 -0800] "GET /production/file_metadatas/plugins?recurse=true&checksum_type=md5&links=manage&ignore=---+%0A++-+%22.svn%22%0A++-+CVS%0A++-+%22.git%22& HTTP/1.1" 200 40597 "-" "-"
192.168.168.9 - - [16/Nov/2012:13:15:18 -0800] "POST /production/catalog/puppetdb1.puppet.test HTTP/1.1" 400 461 "-" "-"
Can I use the architecture I described above and still have every puppetmaster from my load balance talking to PuppetDB ?
I tried to delete the ssl certificates, generate them again, run puppetdb-ssl-setup, etc but still same results.
Thanks,
Felipe
I'm setting up a Puppet 3 + PuppetDB environment with the following architecture:
2 x puppetmaster/passenger with apache using Proxy Balance
1 x puppetdb
Following the Pro Puppet book, I set Apache on both puppetmasters to proxy the CA requests to just 1 puppetmaster server, and anything else between the 2 puppetmaster servers (call them workers).
Also both puppetmaster servers is set to use the puppetdb storeconfig backend.
Everything looks fine when I hit the puppetmaster running as the CA, but if my request is balanced to the 2nd puppetmaster worker I got the errors below:
root@puppetdb1:/# puppet agent --test --server puppet.puppet.test
Warning: Unable to fetch my node definition, but the agent run will continue:
Warning: Error 400 on SERVER: Could not retrieve facts for puppetdb1.puppet.test: Failed to submit 'replace facts' command for puppetdb1.puppet.test to PuppetDB at puppetdb1.puppet.test:8081: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read finished A
Info: Retrieving plugin
Info: Loading facts in /var/lib/puppet/lib/facter/pe_version.rb
Info: Loading facts in /var/lib/puppet/lib/facter/puppet_vardir.rb
Info: Loading facts in /var/lib/puppet/lib/facter/root_home.rb
Info: Loading facts in /var/lib/puppet/lib/facter/facter_dot_d.rb
Info: Loading facts in /var/lib/puppet/lib/facter/iptables.rb
Info: Loading facts in /var/lib/puppet/lib/facter/postgres_default_version.rb
Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Failed to submit 'replace facts' command for puppetdb1.puppet.test to PuppetDB at puppetdb1.puppet.test:8081: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read finished A
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
For some reason when my puppetmaster2 worker receives the request from any of my puppet agent nodes the facts fail.
192.168.168.9 - - [16/Nov/2012:13:15:10 -0800] "GET /production/node/puppetdb1.puppet.test? HTTP/1.1" 400 513 "-" "-"
192.168.168.9 - - [16/Nov/2012:13:15:16 -0800] "GET /production/file_metadatas/plugins?recurse=true&checksum_type=md5&links=manage&ignore=---+%0A++-+%22.svn%22%0A++-+CVS%0A++-+%22.git%22& HTTP/1.1" 200 40597 "-" "-"
192.168.168.9 - - [16/Nov/2012:13:15:18 -0800] "POST /production/catalog/puppetdb1.puppet.test HTTP/1.1" 400 461 "-" "-"
Can I use the architecture I described above and still have every puppetmaster from my load balance talking to PuppetDB ?
I tried to delete the ssl certificates, generate them again, run puppetdb-ssl-setup, etc but still same results.
Thanks,
Felipe
Felipe Salum
Nov 20, 2012, 6:16:37 PM11/20/12
to puppet...@googlegroups.com
Following the http://docs.puppetlabs.com/guides/scaling_multiple_masters.html actually worked better. The Pro Puppet was missing the part of running puppet agent in the 2nd master with the dns_alt_names or I missed that part, anyway it is working now :)
Felipe
Felipe
Reply all
Reply to author
Forward
0 new messages