RHEL4 + puppet 3.x?

107 views
Skip to first unread message

Ryan Anderson

unread,
Feb 11, 2014, 5:33:04 PM2/11/14
to puppet...@googlegroups.com
I know this subject has been hashed over previously, but I'm not able to get a resolution from the discussion. See: https://groups.google.com/forum/#!msg/puppet-users/UJecs2MgkZo/bgjZ8kOvUlYJ

From what I understand, the problem with getting RHEL4 3.x puppet agent working with puppet 3.x master (running on a modern/supported platform) is the crusty openssl on RHEL4. I got puppet 3.4.2 installed successfully via a ruby gem, but it fails when communicating to my master (on RHEL6) due to SSL errrors. I've compiled openssl 1.0.1e on RHEL4, but have failed compiling a couple different versions of ruby against it. Does anyone have success getting RHEL4 3.x puppet agents working they can share? BTW: Don't judge, some of us need to support RHEL4 even if the vendor doesn't anymore.

Kinzel, David

unread,
Feb 11, 2014, 5:42:29 PM2/11/14
to puppet...@googlegroups.com

> I know this subject has been hashed over previously, but I'm not able to get a resolution from the discussion. > See: https://groups.google.com/forum/#!msg/puppet-users/UJecs2MgkZo/bgjZ8kOvUlYJ

> From what I understand, the problem with getting RHEL4 3.x puppet agent working with puppet 3.x master (running on a modern/supported > platform) is the crusty openssl on RHEL4. I got puppet 3.4.2 installed successfully via a ruby gem, but it fails when communicating to my > master (on RHEL6) due to SSL errrors. I've compiled openssl 1.0.1e on RHEL4, but have failed compiling a couple different versions of ruby > against it. Does anyone have success getting RHEL4 3.x puppet agents working they can share? BTW: Don't judge, some of us need to support RHEL4 > even if the vendor doesn't anymore.

----

Sorry for the bad posting here. We have very minimal of these left. I have simply been turning off ssl verify mode on them to make them work.


In lib/ruby/site_ruby/1.9.1/puppet/network/http/connection.rb edit the function initialize_connection... right before the @connection return put @connection.verify_mode = OpenSSL::SSL::VERIFY_NONE,

Eg:
@connection.use_ssl = use_ssl
# Use configured timeout (#1176)
@connection.read_timeout = Puppet[:configtimeout]
@connection.open_timeout = Puppet[:configtimeout]

cert_setup

@connection.verify_mode = OpenSSL::SSL::VERIFY_NONE <--- this.
@connection
end

It's not the best way I'm sure, but I can't be bothered to put any effort into these dinosaurs.






This email communication and any files transmitted with it may contain
confidential and or proprietary information and is provided for the use of the
intended recipient only. Any review, retransmission or dissemination of this
information by anyone other than the intended recipient is prohibited. If you
receive this email in error, please contact the sender and delete this
communication and any copies immediately. Thank you.

http://www.encana.com

Ryan Anderson

unread,
Feb 12, 2014, 7:23:57 PM2/12/14
to puppet...@googlegroups.com
Thanks for the hack, works like a charm!
Reply all
Reply to author
Forward
0 new messages