Puppetmaster with apache/passenger on SL6

[Sans]

Dear experts,

Since I've moved my puppetmaster form SL5 (Scientific Linux) to SL6 with SELinux on, I'm facing loads of trouble. I also move away from WEBrick to apache/passenger, following the instruction here:

http://projects.puppetlabs.com/projects/1/wiki/Using_Passenger

and I can't start httpd any more. It fails with this:

Starting httpd: (98)Address already in use: make_sock: could not bind to address [::]:8140
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:8140
no listening sockets available, shutting down
Unable to open logs

The problem comes from the virtual-host file for puppetmaster, in which it listening port 8140 and in fact 8140 is already in use:

[root@serv05 conf.d]# semanage port -l | grep 8140
puppet_port_t                  tcp      8140

 

[root@serv05 conf.d]# netstat -tap | grep 814
tcp        0      0 *:8140                      *:*                         LISTEN      5882/ruby

 

Any idea what did I miss? Really appreciate any help.

Cheers,
San

[Denmat]

Hi,

Have you still got your puppetmaster service running? Don't need that running when using httpd and passenger.

Den

--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/rc2F-1NdkvoJ.
To post to this group, send email to puppet...@googlegroups.com.
To unsubscribe from this group, send email to puppet-users...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.

[Daniel Sung]

That's most likely your problem. Make sure to chkconfig off the puppetmaster service if you're using httpd.

Regards,

Daniel

[Sans]

Nope, I've stopped puppetmaster and also did chkconfig off but I thought puppetmasterd is still needs to be running(??).

But anyway, the main problem is port 8140 is already used by Ruby/puppet_port_t - what I should do about it? Cheers!!

To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com.

For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.

--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To post to this group, send email to puppet...@googlegroups.com.

To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com.

[Sans]

The problem with "port" has gone now but still apache fails to start, reporting this in the log:

[Mon May 14 00:37:42 2012] [error] Unable to configure RSA server private key
[Mon May 14 00:37:42 2012] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch

I have these in my apache configuration file:

SSLCertificateFile      /etc/puppet/ssl/certs/serv05.xxx.xxx.xxx.xx.uk.pem
SSLCertificateKeyFile   /etc/puppet/ssl/private_keys/serv05.xxx.xxx.xxx.xx.uk.pem
SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCACertificateFile    /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCARevocationFile     /var/lib/puppet/ssl/ca/ca_crl.pem

  
What possibly going wrong this time? Cheers!!

[Sans]

Sorry guys for making noise about the certificates: It's fixed now - I was using wrong certificates. I'm also able to start the httpd using port 8084 instead of 8140. Cheers!!