Running the Puppet 4 master from the AIO package (especially passenger/rack)
196 views
Skip to first unread message
Felix Frank
Jul 17, 2015, 4:08:46 PM7/17/15
to puppet...@googlegroups.com
Hi list,
I'm currently trying to get Puppet 4 to work with nginx/passenger. I had
that working with Puppet 3.x pretty well, but the new packaging stumps me.
For one, the config.ru file is no longer being packaged, apparently.
It's missing from my systems regardless of whether puppet-agent or even
puppetserver are installed (having it in the latter would be kind of
weird, too, I guess).
Now I can retrieve the config.ru right from github, so that's not a
blocker. Next issue: The puppet user and group is now owned by package
puppetserver, apparently. Just getting the puppet-agent AIO will not
create it on my Debian 8 system. (The fact that there is not yet a
puppetserver package for jessie is an additional hinderance at this time.)
Currently, both WEBrick and Passenger error out on this testing VM
running Debian 8 with PC1.
There should probably be tickets for these issues, but I'd like to
gather some feedback first. Has anyone gotten their feet wet with
non-puppetserver masters that run 4.x?
Cheers,
Felix
I'm currently trying to get Puppet 4 to work with nginx/passenger. I had
that working with Puppet 3.x pretty well, but the new packaging stumps me.
For one, the config.ru file is no longer being packaged, apparently.
It's missing from my systems regardless of whether puppet-agent or even
puppetserver are installed (having it in the latter would be kind of
weird, too, I guess).
Now I can retrieve the config.ru right from github, so that's not a
blocker. Next issue: The puppet user and group is now owned by package
puppetserver, apparently. Just getting the puppet-agent AIO will not
create it on my Debian 8 system. (The fact that there is not yet a
puppetserver package for jessie is an additional hinderance at this time.)
Currently, both WEBrick and Passenger error out on this testing VM
running Debian 8 with PC1.
There should probably be tickets for these issues, but I'd like to
gather some feedback first. Has anyone gotten their feet wet with
non-puppetserver masters that run 4.x?
Cheers,
Felix
Felix Frank
Jul 17, 2015, 5:26:08 PM7/17/15
to puppet...@googlegroups.com
apparently. But no dice with passenger.
Using the OS Ruby will not work, obviously, since /opt/puppetlabs/... is
not in its lookup path. Works as designed. But then the vendored Ruby
from that tree has no rack support.
I failed to install the passenger gem there as well, because apparently,
Phusion only supports Ruby up to 2.1.3, whereas Puppet bundles 2.1.6.
I did try to get system Ruby to load Puppet by adding this at the top of
config.ru:
$LOAD_PATH.unshift('/opt/puppetlabs/puppet/lib/ruby/vendor_ruby')
But no dice. Puppet still cannot be loaded because (apparently) system
Ruby's openssl support is not up to par. Now perhaps it's possible to
load even more stuff from the vendored Ruby, but this whole approach
feels horribly wrong anyway, so I'm stopping right here.
As it stands, I guess if I really want to run Puppet 4 through
Passenger, I will need to install from source. Thoughts?
Thanks,
Felix
Ramin K
Jul 17, 2015, 5:53:29 PM7/17/15
to puppet...@googlegroups.com
using it to run a Ruby 2.1.6/Puppet 3.7.x master. I would attempt
something similar in your case.
http://ask.puppetlabs.com/question/16983/performance-improvements-without-updating-to-puppet-server/
Install Passenger 4.x via packages. Doesn't need to be built on the Ruby
you plan to use.
Point to /opt/puppetlabs ruby via PassengerRuby vhost directive.
Other than those two steps, it sounds like you're pretty close.
Ramin
Michael Stahnke
Jul 17, 2015, 6:32:27 PM7/17/15
to puppet...@googlegroups.com
For the AIO, you can certainly get passenger working. (Although we'd love to hear why PuppetServer isn't working or what you want).
Config files on a gist:
This should get you most of the way there. You might have to sub out passenger versions or something.
export PATH=/opt/puppetlabs/puppet/bin:$PATH
# install passenger
gem install --no-rdoc --no-ri passenger
# you need gcc, apr or build-essential installed
# this command is different if using nginx
passenger-install-apache2-module --languages ruby -a
# create a puppet user
# Add our user and group
if getent group 'puppet' &> /dev/null; then
/usr/sbin/groupmod --system 'puppet'
else
/usr/sbin/groupadd --system 'puppet'
fi
if getent passwd 'puppet' &> /dev/null; then
/usr/sbin/usermod --system --gid 'puppet' --home '/opt/puppetlabs/server/data/puppetmaster' --shell '/usr/sbin/nologin' 'puppet'
else
/usr/sbin/useradd --system --gid 'puppet' --home '/opt/puppetlabs/server/data/puppetmaster' --shell '/usr/sbin/nologin' 'puppet'
fi
# create public dir
mkdir -p /opt/puppetlabs/server/data/puppetmaster/public
mkdir -p /opt/puppetlabs/server/data/puppetmaster
mkdir -p /var/log/puppetlabs/puppetmaster
chown puppet:puppet /opt/puppetlabs/server/data/puppetmaster/public /opt/puppetlabs/server/data/puppetmaster /var/log/puppetlabs/puppetmaster /opt/puppetlabs/server/data/puppetmaster/config.ru
cp -p ./passenger-apache.conf /etc/apache2/sites-available/puppet-passenger
sed -i 's/__PASSENGER_VERSION__/5.0.16/g /etc/apache2/sites-available/puppet-passenger
--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/55A97952.9030403%40badapple.net.
For more options, visit https://groups.google.com/d/optout.
Felix Frank
Jul 17, 2015, 9:51:43 PM7/17/15
to puppet...@googlegroups.com
Hey Ramin and Michael,
thanks for your replies.
thanks for your replies.
On 07/17/2015 11:53 PM, Ramin K wrote:
I wrote a how-to on using different Rubies for your Puppet master and am using it to run a Ruby 2.1.6/Puppet 3.7.x master. I would attempt something similar in your case.
http://ask.puppetlabs.com/question/16983/performance-improvements-without-updating-to-puppet-server/
Install Passenger 4.x via packages. Doesn't need to be built on the Ruby you plan to use.
Point to /opt/puppetlabs ruby via PassengerRuby vhost directive.
Other than those two steps, it sounds like you're pretty close.
Yes, this does look pretty similar to what I attempted. Thanks for
this guide!
Things I learend:
1. Use the rack gem (as in your Gemfile) - this actually enabled nginx/passenger to load Puppet for me.
2. Passenger 5 may have issues.
The latter is a little tough to solve with nginx, because I rely on packages from Phusion themselves. Those currently come with Passenger 5. However, I can reproduce the problems with Passenger 4 on an older Debian 7 installation. So I'm ruling out Passenger 5 as the immediate issue at this time.
Things I learend:
1. Use the rack gem (as in your Gemfile) - this actually enabled nginx/passenger to load Puppet for me.
2. Passenger 5 may have issues.
The latter is a little tough to solve with nginx, because I rely on packages from Phusion themselves. Those currently come with Passenger 5. However, I can reproduce the problems with Passenger 4 on an older Debian 7 installation. So I'm ruling out Passenger 5 as the immediate issue at this time.
On 07/18/2015 12:32 AM, Michael Stahnke wrote:
For the AIO, you can certainly get passenger working. (Although we'd love to hear why PuppetServer isn't working or what you want).
Oh, puppetserver is working like a charm. I'm putting together
alternative instructions for nginx/passenger though, for those who
have reservations against the JVM.
This worked great with Puppet 3.x, so I hoped I could repeat with Puppet 4, but it proves more challenging.
This worked great with Puppet 3.x, so I hoped I could repeat with Puppet 4, but it proves more challenging.
Config files on a gist:
This should get you most of the way there. You might have to sub out passenger versions or something.
export PATH=/opt/puppetlabs/puppet/bin:$PATH# install passenger
gem install --no-rdoc --no-ri passenger# you need gcc, apr or build-essential installed
# this command is different if using nginxpassenger-install-apache2-module --languages ruby -a
I went for nginx packages from Phusion. From what I understand,
regular nginx cannot just load Passenger as a module. But I may look
into alternative ways of installation if this doesn't work.
# create a puppet user# Add our user and groupif getent group 'puppet' &> /dev/null; then/usr/sbin/groupmod --system 'puppet'else/usr/sbin/groupadd --system 'puppet'fiif getent passwd 'puppet' &> /dev/null; then/usr/sbin/usermod --system --gid 'puppet' --home '/opt/puppetlabs/server/data/puppetmaster' --shell '/usr/sbin/nologin' 'puppet'else/usr/sbin/useradd --system --gid 'puppet' --home '/opt/puppetlabs/server/data/puppetmaster' --shell '/usr/sbin/nologin' 'puppet'fi
Is it a design decision that the puppet-agent AIO package doesn't
handle this?
I realize that WEBrick is deprecated, but support is still there. It strikes me as odd that the standalone master cannot operate after AIO installation without the user performing the above steps manually.
As an aside - as far as I know, the Puppet master runs a catalog on startup (before dropping privileges?) so should it not be able to take care of this by itself?
I realize that WEBrick is deprecated, but support is still there. It strikes me as odd that the standalone master cannot operate after AIO installation without the user performing the above steps manually.
As an aside - as far as I know, the Puppet master runs a catalog on startup (before dropping privileges?) so should it not be able to take care of this by itself?
# create public dirmkdir -p /opt/puppetlabs/server/data/puppetmaster/public
mkdir -p /opt/puppetlabs/server/data/puppetmaster
mkdir -p /var/log/puppetlabs/puppetmaster
Done.
Where exactly is this config.ru from? Again, it is quite definitely
not part of the PC1 packages for Debian.
cp -p ./passenger-apache.conf /etc/apache2/sites-available/puppet-passenger
sed -i 's/__PASSENGER_VERSION__/5.0.16/g /etc/apache2/sites-available/puppet-passenger
Eh, sure...for nginx there is not much by way of configuration
templates. I managed to compile one for the original Puppet
Essentials book that worked with Puppet 3.
It pretty much works for Puppet 4, but now I get the most informative stack ever.
[ 2015-07-18 02:40:57.4131 3254/7fc55d886700 App/Implementation.cpp:303 ]: Could not spawn process for application /etc/puppetlabs/puppet/rack: An error occured while starting up the preloader.
Error ID: 8013a2ba
Error details saved to: /tmp/passenger-error-dMKrUn.html
Message from application: exit (SystemExit)
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:452:in `exit'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:452:in `rescue in exit_on_fail'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:438:in `exit_on_fail'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/command_line.rb:66:in `execute'
config.ru:44:in `block in <main>'
(/etc/puppetlabs/puppet/rack is indeed where I created the rack root.)
What I did to get this far without loading errors:
* change passenger_ruby to /opt/puppetlabs/...
* created puppet user/group
* get config.ru from github (current master)
* install 'rack' gem in /opt/puppetlabs/...
I'm using PC1. Above error gets produced on
1. Debian 7 w/ nginx 1.6.1 and Passenger 4.0.52 and
2. Debian 8 w/ nginx 1.8.0 and Passenger 5.0.14
Thanks and regards,
Felix
It pretty much works for Puppet 4, but now I get the most informative stack ever.
[ 2015-07-18 02:40:57.4131 3254/7fc55d886700 App/Implementation.cpp:303 ]: Could not spawn process for application /etc/puppetlabs/puppet/rack: An error occured while starting up the preloader.
Error ID: 8013a2ba
Error details saved to: /tmp/passenger-error-dMKrUn.html
Message from application: exit (SystemExit)
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:452:in `exit'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:452:in `rescue in exit_on_fail'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:438:in `exit_on_fail'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/command_line.rb:66:in `execute'
config.ru:44:in `block in <main>'
(/etc/puppetlabs/puppet/rack is indeed where I created the rack root.)
What I did to get this far without loading errors:
* change passenger_ruby to /opt/puppetlabs/...
* created puppet user/group
* get config.ru from github (current master)
* install 'rack' gem in /opt/puppetlabs/...
I'm using PC1. Above error gets produced on
1. Debian 7 w/ nginx 1.6.1 and Passenger 4.0.52 and
2. Debian 8 w/ nginx 1.8.0 and Passenger 5.0.14
Thanks and regards,
Felix
Michael Stahnke
Jul 17, 2015, 10:54:06 PM7/17/15
to puppet...@googlegroups.com
On Fri, Jul 17, 2015 at 6:51 PM, Felix Frank <Felix...@alumni.tu-berlin.de> wrote:
Hey Ramin and Michael,
thanks for your replies.
On 07/17/2015 11:53 PM, Ramin K wrote:
I wrote a how-to on using different Rubies for your Puppet master and am using it to run a Ruby 2.1.6/Puppet 3.7.x master. I would attempt something similar in your case.
http://ask.puppetlabs.com/question/16983/performance-improvements-without-updating-to-puppet-server/
Install Passenger 4.x via packages. Doesn't need to be built on the Ruby you plan to use.
Point to /opt/puppetlabs ruby via PassengerRuby vhost directive.
Other than those two steps, it sounds like you're pretty close.
Yes, this does look pretty similar to what I attempted. Thanks for this guide!
Things I learend:
1. Use the rack gem (as in your Gemfile) - this actually enabled nginx/passenger to load Puppet for me.
2. Passenger 5 may have issues.
The latter is a little tough to solve with nginx, because I rely on packages from Phusion themselves. Those currently come with Passenger 5. However, I can reproduce the problems with Passenger 4 on an older Debian 7 installation. So I'm ruling out Passenger 5 as the immediate issue at this time.
I had it working with passenger-5.0.7 last time I tested, so I don't think it's passenger.
Yes. In the most typical use cases the Puppet User isn't required on the endpoint. Some people didn't like a new user everywhere, so we now put it in only when something needs it (e.g. puppetserver).
I realize that WEBrick is deprecated, but support is still there. It strikes me as odd that the standalone master cannot operate after AIO installation without the user performing the above steps manually.
Well, it technically doesn't have to run as puppet, obviously it could be whatever, that's just the example we gave.
As an aside - as far as I know, the Puppet master runs a catalog on startup (before dropping privileges?) so should it not be able to take care of this by itself?
# create public dirmkdir -p /opt/puppetlabs/server/data/puppetmaster/public
mkdir -p /opt/puppetlabs/server/data/puppetmaster
mkdir -p /var/log/puppetlabs/puppetmaster
Done.
Where exactly is this config.ru from? Again, it is quite definitely not part of the PC1 packages for Debian.
This was from a repo I had where I tested that passenger support still worked again puppet 4. It probably has some deltas from the one on master. I should probably submit a PR :)
cp -p ./passenger-apache.conf /etc/apache2/sites-available/puppet-passenger
sed -i 's/__PASSENGER_VERSION__/5.0.16/g /etc/apache2/sites-available/puppet-passenger
Eh, sure...for nginx there is not much by way of configuration templates. I managed to compile one for the original Puppet Essentials book that worked with Puppet 3.
I honestly know much less about nginx, so I might be less helpful here.
It pretty much works for Puppet 4, but now I get the most informative stack ever.
[ 2015-07-18 02:40:57.4131 3254/7fc55d886700 App/Implementation.cpp:303 ]: Could not spawn process for application /etc/puppetlabs/puppet/rack: An error occured while starting up the preloader.
Error ID: 8013a2ba
Error details saved to: /tmp/passenger-error-dMKrUn.html
Message from application: exit (SystemExit)
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:452:in `exit'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:452:in `rescue in exit_on_fail'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:438:in `exit_on_fail'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/command_line.rb:66:in `execute'
config.ru:44:in `block in <main>'
That's ruby-speak for "it broke" :)
That pretty much means something isn't right, but difficult to say what. Does the nginx log have any more details?
(/etc/puppetlabs/puppet/rack is indeed where I created the rack root.)
What I did to get this far without loading errors:
* change passenger_ruby to /opt/puppetlabs/...
* created puppet user/group
* get config.ru from github (current master)
* install 'rack' gem in /opt/puppetlabs/...
I'm using PC1. Above error gets produced on
1. Debian 7 w/ nginx 1.6.1 and Passenger 4.0.52 and
2. Debian 8 w/ nginx 1.8.0 and Passenger 5.0.14
Thanks and regards,
Felix
--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/55A9B120.3050409%40Alumni.TU-Berlin.de.
Felix Frank
Jul 18, 2015, 8:01:57 PM7/18/15
to puppet...@googlegroups.com
Hi Michael,
I can't find more details to help me track that down, but I'm getting
convinced that the problem is that my Passenger is installed onto OS
Ruby instead of Puppet's Ruby. I could not use your apache config
verbatim, see reason below. Apache starts after some modifications (e.g.
loading the passenger module from the debian package instead of from the
gem) but yields errors that look similar to those I get from nginx.
From your own instructions:
On 07/18/2015 04:53 AM, Michael Stahnke wrote:
> export PATH=/opt/puppetlabs/puppet/bin:$PATH
> # install passenger
> gem install --no-rdoc --no-ri passenger
This consistently fails for me (puppet-agent 1.2.1):
# /opt/puppetlabs/puppet/bin/gem install passenger
Building native extensions. This could take a while...
ERROR: Error installing passenger:
ERROR: Failed to build gem native extension.
/opt/puppetlabs/puppet/bin/ruby extconf.rb
Attempting to download
https://oss-binaries.phusionpassenger.com/binaries/passenger/by_release/5.0.14/rubyext-ruby-2.1.6-x86_64-linux.tar.gz
into
/opt/puppetlabs/puppet/lib/ruby/gems/2.1.0/gems/passenger-5.0.14/download_cache
*** Could not download
https://oss-binaries.phusionpassenger.com/binaries/passenger/by_release/5.0.14/rubyext-ruby-2.1.6-x86_64-linux.tar.gz:
2015-07-19 01:42:30 ERROR 404: Not Found.
...
This kind of makes sense, for if you look into the directory listing on
that phusion server, there are only files for Ruby 2.1.3, no other 2.1.x
releases. I can only assume that when you built that test setup, that
the bundled Ruby was just that version.
As yet another aside, I cannot seem to find a changelog for the AIO
package. The Debian package has the default changelog.Debian.gz, but
this contains no information. I was wondering if the Ruby version has at
all changed since the 1.0 release.
Thanks for the feedback so far. I believe that as long as we retain Rack
support, we should make sure that it works out of the box, no?
Cheers,
Felix
I can't find more details to help me track that down, but I'm getting
convinced that the problem is that my Passenger is installed onto OS
Ruby instead of Puppet's Ruby. I could not use your apache config
verbatim, see reason below. Apache starts after some modifications (e.g.
loading the passenger module from the debian package instead of from the
gem) but yields errors that look similar to those I get from nginx.
From your own instructions:
On 07/18/2015 04:53 AM, Michael Stahnke wrote:
> export PATH=/opt/puppetlabs/puppet/bin:$PATH
> # install passenger
> gem install --no-rdoc --no-ri passenger
# /opt/puppetlabs/puppet/bin/gem install passenger
Building native extensions. This could take a while...
ERROR: Error installing passenger:
ERROR: Failed to build gem native extension.
/opt/puppetlabs/puppet/bin/ruby extconf.rb
Attempting to download
https://oss-binaries.phusionpassenger.com/binaries/passenger/by_release/5.0.14/rubyext-ruby-2.1.6-x86_64-linux.tar.gz
into
/opt/puppetlabs/puppet/lib/ruby/gems/2.1.0/gems/passenger-5.0.14/download_cache
*** Could not download
https://oss-binaries.phusionpassenger.com/binaries/passenger/by_release/5.0.14/rubyext-ruby-2.1.6-x86_64-linux.tar.gz:
2015-07-19 01:42:30 ERROR 404: Not Found.
...
This kind of makes sense, for if you look into the directory listing on
that phusion server, there are only files for Ruby 2.1.3, no other 2.1.x
releases. I can only assume that when you built that test setup, that
the bundled Ruby was just that version.
As yet another aside, I cannot seem to find a changelog for the AIO
package. The Debian package has the default changelog.Debian.gz, but
this contains no information. I was wondering if the Ruby version has at
all changed since the 1.0 release.
Thanks for the feedback so far. I believe that as long as we retain Rack
support, we should make sure that it works out of the box, no?
Cheers,
Felix
Reply all
Reply to author
Forward
0 new messages