Jira (PUP-9314) puppetdb-termini for puppet standalone try to connect to master

5 views
Skip to first unread message

Grégoire Menuel (JIRA)

unread,
Nov 15, 2018, 9:27:03 AM11/15/18
to puppe...@googlegroups.com
Grégoire Menuel created an issue
 
Puppet / Bug PUP-9314
puppetdb-termini for puppet standalone try to connect to master
Issue Type: Bug Bug
Affects Versions: PUP 6.0.4
Assignee: Unassigned
Created: 2018/11/15 6:26 AM
Priority: Normal Normal
Reporter: Grégoire Menuel

While trying to implement https://puppet.com/docs/puppetdb/6.0/connect_puppet_apply.html#option-a-set-up-an-ssl-proxy-for-puppetdb I've stumbled upon a bug which seems to have been caused https://github.com/puppetlabs/puppet/commit/1360fcc4ab8af8ab0be5ec57f40c045c59feb506 (PUP-8655).

puppet apply try to connect to the master (even though I don't have one) before sending the facts to puppetdb.

The following line in lib/puppet/ssl/validator/default_validator.rb seems to cause the problem.

def setup_connection(connection, ssl_host = Puppet.lookup(:ssl_host))
   

If I remove the Puppet.lookup call on this line everything works fine.
Add Comment Add Comment
 
This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)
Atlassian logo

Eric Thompson (JIRA)

unread,
Nov 15, 2018, 6:52:02 PM11/15/18
to puppe...@googlegroups.com
Eric Thompson updated an issue
Change By: Eric Thompson
Team: Coremunity

Eric Thompson (JIRA)

unread,
Nov 15, 2018, 6:53:02 PM11/15/18
to puppe...@googlegroups.com
Eric Thompson updated an issue
Change By: Eric Thompson
Team: Coremunity Server

Eric Thompson (JIRA)

unread,
Nov 15, 2018, 6:53:02 PM11/15/18
to puppe...@googlegroups.com
Eric Thompson assigned an issue to Tony Vu
Change By: Eric Thompson
Assignee: Tony Vu

Tony Vu (JIRA)

unread,
Nov 16, 2018, 1:07:03 PM11/16/18
to puppe...@googlegroups.com
Tony Vu commented on Bug PUP-9314
 
Re: puppetdb-termini for puppet standalone try to connect to master

Grégoire Menuel thanks for posting this.

Looking at the commit link, you can see that the lookup is removed from the constructor and then added as a default arg to the setup_connection method. Based on that, I don't think that the issue you are seeing is directly related to that commit, as the lookup would still happen in previous versions.

If I remove the Puppet.lookup call on this line everything works fine.

When you say that, what do you assign ssl_host to?

Tony Vu (JIRA)

unread,
Nov 27, 2018, 8:03:02 PM11/27/18
to puppe...@googlegroups.com
Tony Vu assigned an issue to Grégoire Menuel
 
Change By: Tony Vu
Assignee: Tony Vu Grégoire Menuel

Grégoire Menuel (JIRA)

unread,
Nov 29, 2018, 11:27:02 AM11/29/18
to puppe...@googlegroups.com

Based on that, I don't think that the issue you are seeing is directly related to that commit, as the lookup would still happen in previous versions.

Hum yeah you are right, the problem might indeed by elsewhere.

When you say that, what do you assign ssl_host to?

If I recall correctly I just remove the ssl_host definition in the function header. Since in my case ssl_certificates_are_present must be false it won't use ssl_host. The solution might be to only do the Puppet.lookup(:ssl_host) if ssl_certificates_are_present is true.

Grégoire Menuel (JIRA)

unread,
Nov 29, 2018, 11:28:02 AM11/29/18
to puppe...@googlegroups.com
Grégoire Menuel assigned an issue to Tony Vu
 
Change By: Grégoire Menuel
Assignee: Grégoire Menuel Tony Vu

Josh Cooper (JIRA)

unread,
Jun 19, 2019, 2:14:02 PM6/19/19
to puppe...@googlegroups.com
Josh Cooper commented on Bug PUP-9314
 
Re: puppetdb-termini for puppet standalone try to connect to master

Grégoire Menuel This part of puppet's code has been rewritten so that it no longer attempts to initialize the SSL state machine while in the process of making a network connection. Please try with a more recent version of puppet 6.4 or later

Craig Watson (JIRA)

unread,
Sep 18, 2019, 9:59:03 AM9/18/19
to puppe...@googlegroups.com
Craig Watson commented on Bug PUP-9314

This is fixed by PDB-4487

Louis Coilliot (JIRA)

unread,
Sep 18, 2019, 10:16:03 AM9/18/19
to puppe...@googlegroups.com

Hello, I struggled with the same problem. I don't know exactly when it has been fixed, but it works for me now.

puppet-agent-6.9.0
puppetdb-termini-6.6.0

Also I needed some additional parameters to make it work, in the configuration, in puppetdb.conf and puppet.conf.

This is detailed in the comments (2019/09/18) of the ticket PDB-4487 (https://tickets.puppetlabs.com/browse/PDB-4487)
Reply all
Reply to author
Forward
0 new messages