Hello John,
I made the situation as simple as possible and - unfortunatly - I still can reproduce the problem.
I have two nodes called BGHW-DS-T-AA1 and BGHW-DS-T-SA1 and two modules called java and tomcat. The only task of the modules is to copy one file to the node. The module java is used on both nodes while tomcat is needed on BGHW-DS-T-SA1 only. This is defined via hiera. I append the files at the end of this posting.
After restarting the puppet master I call "puppet agent -t" on BGHW-DS-T-AA1 in a while-loop and the module "java" is applied. After some time I call "puppet agent -t" on BGHW-DS-T-SA1 and afterwards the module "tomcat" is applied on BGHW-DS-T-AA1 as well!
This is the shell on BGHW-P-AA1 (the important line is the red one):
BGHW-DS-T-AA1:/data/software # while true; do date ; puppet agent -t; sleep 1; echo ; done
Fr 8. Aug 14:22:11 CEST 2014
Info: Retrieving plugin
Info: Caching catalog for bghw-ds-t-aa1.bghw.de
Info: Applying configuration version '1407500588'
Notice: My certificate identifies me as 'bghw-ds-t-aa1.bghw.de'; I identify myself as 'bghw-ds-t-aa1.bghw.de', or alternatively as 'BGHW-DS-T-AA1'
Notice: /Stage[main]/Main/Notify[Node ID]/message: defined 'message' as 'My certificate identifies me as 'bghw-ds-t-aa1.bghw.de'; I identify myself as 'bghw-ds-t-aa1.bghw.de', or alternatively as 'BGHW-DS-T-AA1''
Notice: Finished catalog run in 2.20 seconds
Fr 8. Aug 14:22:17 CEST 2014
Info: Retrieving plugin
Info: Caching catalog for bghw-ds-t-aa1.bghw.de
Info: Applying configuration version '1407500588'
Notice: My certificate identifies me as 'bghw-ds-t-aa1.bghw.de'; I identify myself as 'bghw-ds-t-aa1.bghw.de', or alternatively as 'BGHW-DS-T-AA1'
Notice: /Stage[main]/Main/Notify[Node ID]/message: defined 'message' as 'My certificate identifies me as 'bghw-ds-t-aa1.bghw.de'; I identify myself as 'bghw-ds-t-aa1.bghw.de', or alternatively as 'BGHW-DS-T-AA1''
Notice: Finished catalog run in 2.13 seconds
Fr 8. Aug 14:22:25 CEST 2014
Info: Retrieving plugin
Info: Caching catalog for bghw-ds-t-aa1.bghw.de
Info: Applying configuration version '1407500588'
Notice: My certificate identifies me as 'bghw-ds-t-aa1.bghw.de'; I identify myself as 'bghw-ds-t-aa1.bghw.de', or alternatively as 'BGHW-DS-T-AA1'
Notice: /Stage[main]/Main/Notify[Node ID]/message: defined 'message' as 'My certificate identifies me as 'bghw-ds-t-aa1.bghw.de'; I identify myself as 'bghw-ds-t-aa1.bghw.de', or alternatively as 'BGHW-DS-T-AA1''
Notice: Finished catalog run in 2.24 seconds
Fr 8. Aug 14:22:32 CEST 2014
Info: Retrieving plugin
Info: Caching catalog for bghw-ds-t-aa1.bghw.de
Info: Applying configuration version '1407500588'
Notice: My certificate identifies me as 'bghw-ds-t-aa1.bghw.de'; I identify myself as 'bghw-ds-t-aa1.bghw.de', or alternatively as 'BGHW-DS-T-AA1'
Notice: /Stage[main]/Main/Notify[Node ID]/message: defined 'message' as 'My certificate identifies me as 'bghw-ds-t-aa1.bghw.de'; I identify myself as 'bghw-ds-t-aa1.bghw.de', or alternatively as 'BGHW-DS-T-AA1''
Notice: /Stage[main]/Tomcat/File[/data/software/apache-tomcat-7.0.37.tar.gz]/ensure: defined content as '{md5}a3cfe7ea8e8d2155cb2a0016e10b615f'
Notice: Finished catalog run in 4.97 seconds
Fr 8. Aug 14:22:43 CEST 2014
Info: Retrieving plugin
Info: Caching catalog for bghw-ds-t-aa1.bghw.de
Info: Applying configuration version '1407500588'
Notice: My certificate identifies me as 'bghw-ds-t-aa1.bghw.de'; I identify myself as 'bghw-ds-t-aa1.bghw.de', or alternatively as 'BGHW-DS-T-AA1'
Notice: /Stage[main]/Main/Notify[Node ID]/message: defined 'message' as 'My certificate identifies me as 'bghw-ds-t-aa1.bghw.de'; I identify myself as 'bghw-ds-t-aa1.bghw.de', or alternatively as 'BGHW-DS-T-AA1''
Notice: Finished catalog run in 2.56 secondsOn BGHW-DS-T-SA1 "puppet agent -t" was startet at 14:22:29
BGHW-DS-T-SA1:/data/software # date ; puppet agent -t
Fr 8. Aug 14:22:29 CEST 2014
Info: Retrieving plugin
Info: Caching catalog for bghw-ds-t-sa1.bghw.de
Info: Applying configuration version '1407500588'
Notice: My certificate identifies me as 'bghw-ds-t-sa1.bghw.de'; I identify myself as 'bghw-ds-t-sa1.bghw.de', or alternatively as 'BGHW-DS-T-SA1'
Notice: /Stage[main]/Main/Notify[Node ID]/message: defined 'message' as 'My certificate identifies me as 'bghw-ds-t-sa1.bghw.de'; I identify myself as 'bghw-ds-t-sa1.bghw.de', or alternatively as 'BGHW-DS-T-SA1''
Notice: Finished catalog run in 2.86 secondsI reduced the number of files in /etc/puppet on the master as far as possible:
puppet@BGHW-P-SV1:/etc/puppet> find . -type f
./manifests/site.pp
./auth.conf
./hiera/node/BGHW-DS-T-SA1.bghw.de.yaml
./hiera/node/BGHW-DS-T-AA1.bghw.de.yaml
./modules/tomcat/manifests/init.pp
./modules/tomcat/files/apache-tomcat-7.0.37.tar.gz
./modules/java/manifests/init.pp
./modules/java/files/jdk-7u11-linux-x64.tar.gz
./puppet.conf
./hiera.yamlHere you find the important files:
puppet@BGHW-P-SV1:/etc/puppet> cat hiera.yaml
:backends:
- yaml
:yaml:
:datadir: /etc/puppet/hiera
:hierarchy:
- "node/%{::fqdn}"
puppet@BGHW-P-SV1:/etc/puppet> cat hiera/node/BGHW-DS-T-AA1.bghw.de.yaml
---
classes:
- java
puppet@BGHW-P-SV1:/etc/puppet> cat hiera/node/BGHW-DS-T-SA1.bghw.de.yaml
---
classes:
- java
- tomcat
puppet@BGHW-P-SV1:/etc/puppet> cat modules/java/manifests/init.pp
class java () {
file { "/data/software/jdk-7u11-linux-x64.tar.gz":
ensure => present,
owner => uvdsadmin,
group => uvds-group,
mode => 644,
source => "puppet:///modules/java/jdk-7u11-linux-x64.tar.gz",
}
}
include java
puppet@BGHW-P-SV1:/etc/puppet> cat modules/tomcat/manifests/init.pp
class tomcat () {
file { "/data/software/apache-tomcat-7.0.37.tar.gz":
ensure => present,
owner => uvdsadmin,
group => uvds-group,
mode => 644,
source => "puppet:///modules/tomcat/apache-tomcat-7.0.37.tar.gz",
}
}
include tomcat
puppet@BGHW-P-SV1:/etc/puppet> cat manifests/site.pp
# File site.pp
notify { 'Node ID':
message => "My certificate identifies me as '${trusted['certname']}'; I identify myself as '${::clientcert}', or alternatively as '${::hostname}'"
}
node default {
hiera_include('classes')
}
puppet@BGHW-P-SV1:/etc/puppet>As far as I can see, the identifications of my nodes are ok and the manifests of the modules look fine, too. I can stop the master giving "tomcat" to BGHW-DS-T-AA1 by restarting the puppet master service on the puppet master. The behaviour somehow corresponds to your information as the master has to read tomcat/manifests/init.pp when building the catalog for BGHW-DS-T-SA1. But this should have no effect on BGHW-DS-T-AA1, should it?
Thanks for any help on this!
This problem is severe for us as we cannot use puppet before it is solved.