Re: [Puppet Users] Connection Timed Out updating node on 3g mobile broadband device

[Denmat]

Interesting setup. Sometimes providers block uncommon ports. Can you get to 8140 over your 3/4g? If not, try running on 443 (change puppet.conf or apache ports).

If none of these work check the docs for timeout settings (can't remember of hand).

Den

On 26/10/2012, at 3:55, Steve <steve...@gmail.com> wrote:

I have a puppetmaster on an Amazon EC2 instance of Ubuntu 12.04. All of the puppet nodes I am running are also on ubuntu server 12.04. I can connect any of the nodes on a wireless or LAN connection. When I switch my node to a Verizon mobile 3g or 4g device I run "puppet agent -t" and I get the message

err: Could not retrieve catalog from remote server: Connection time out - SSL_connect

warning: Not using cache on failed catalog

err: Could not retrieve catalog; skipping run

err: Could not send report: Connection timed out - SSL_connect

Before I got the message there was a long pause about 20 minutes long trying to do the update.

I can download and install packages with the 3g connection using apt-get install. I can access webpages including secure pages using Lynx. I can ping the Puppet Master.

I wanted to make sure I was getting through to the Puppet Master so I removed the certificate from both the Puppet Master and the Client. Then I ran "puppet agent -t" and the certificate was signed and I can see it again on the Puppet Master and the client. 

I checked port 8140 to see that it is open in Amazon, and it is. There is no firewall enabled in the instance itself.

Next I limited the puppet update to only one trivial module and nothing changed.

Lastly, I connected a node that is on a desktop version of Ubuntu 12.10 and connected my Verizon device. I had the similar behavior. The system paused for 10 to 20 minutes like before then gave me the message:

Error: Failed to apply catalog: execution expired

Error: Could not send report: execution expired

Since I have little experience with puppet or these devices, I suspect the device has some sort of interrupt or time out on the device that causes problems with the puppet process.

Anyways as far as I can tell the only thing I cannot do with this connection is update puppet.

--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/PHNcXaR-TyAJ.
To post to this group, send email to puppet...@googlegroups.com.
To unsubscribe from this group, send email to puppet-users...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.

[Steve]

I was able to telnet port 8140 via the 3g connection.

I also tried to lower the MTU on the interface and I was still unsuccessful. So I set it back

One thing I don't understand is that the error message has now changed to 

err: Could not retrieve catalog from remote server: Connection reset by peer - SSL_connect

warning: Not using cache on failed catalog

err: Could not retrieve catalog; skipping run

err: Could not send report: Connection reset by peer - SSL_connect

I am going to try the timeout setting in the module, but the only module I have running is one that checks to see if a particular service is running.

[Steve]

The fix was lowering the MTU.

I ran ifconfig ppp0 mtu 1000 and puppet runs without any problem.

I didn't think this fixed it in my last post because I made some changes on the puppet master. Once I fixed those changes I lowered the MTU and it works!!