Hi everyone,
I am trying to setup the new puppetdb on my environment (currently it worked great with mysql databases). All the setup was made by package for debian squeeze and puppet is used with passenger.
Here are the configuration files:
--
cat /etc/puppetdb/conf.d/jetty.ini
[jetty]
# Hostname to list for clear-text HTTP. Default is localhost
#host = localhost
# Port to listen on for clear-text HTTP.
host = puppetdb.fqdn
port = 8080
ssl-host = puppetdb.fqdn
ssl-port = 8081
keystore = /etc/puppetdb/ssl/keystore.jks
truststore = /etc/puppetdb/ssl/truststore.jks
key-password = uTyCY6damAQn9KInqCLuvAO53
trust-password = uTyCY6damAQn9KInqCLuvAO53
--
cat /etc/puppet/puppetdb.conf
[main]
server = pupperdb.fqdn
port = 8081
--
--
Once everything is started:
2012-06-12 16:33:13,841 DEBUG [main] [bonecp.BoneCPDataSource] JDBC URL = jdbc:postgresql://localhost:5432/puppetdb, Username = puppetdb, partitions = 5, max (per partition) = 10, min (p
er partition) = 1, helper threads = 3, idle max age = 60 min, idle test period = 240 min
2012-06-12 16:33:13,979 INFO [main] [cli.services] Starting broker
2012-06-12 16:33:14,729 DEBUG [main] [page.PageFile] Page File: /usr/share/puppetdb/mq/localhost/KahaDB/db.data, Recovering page file...
2012-06-12 16:33:14,790 DEBUG [main] [index.BTreeIndex] loading
2012-06-12 16:33:14,795 DEBUG [main] [index.BTreeIndex] loading
2012-06-12 16:33:14,796 DEBUG [main] [index.BTreeIndex] loading
2012-06-12 16:33:14,796 DEBUG [main] [index.BTreeIndex] loading
2012-06-12 16:33:14,796 DEBUG [main] [index.BTreeIndex] loading
2012-06-12 16:33:14,796 DEBUG [main] [index.BTreeIndex] loading
2012-06-12 16:33:14,977 INFO [main] [journal.Journal] ignoring zero length, partially initialised journal data file: db-1.log number = 1 , length = 0
2012-06-12 16:33:14,987 DEBUG [main] [page.PageFile] Page File: /usr/share/puppetdb/mq/localhost/scheduler/scheduleDB.data, Recovering page file...
2012-06-12 16:33:15,031 DEBUG [main] [index.BTreeIndex] loading
2012-06-12 16:33:15,031 DEBUG [main] [index.BTreeIndex] loading
2012-06-12 16:33:15,031 DEBUG [main] [index.BTreeIndex] loading
2012-06-12 16:33:15,034 DEBUG [main] [index.BTreeIndex] loading
2012-06-12 16:33:15,109 INFO [main] [cli.services] Starting 2 command processor threads
2012-06-12 16:33:15,111 INFO [main] [cli.services] Starting query server
2012-06-12 16:33:15,111 INFO [main] [cli.services] Starting database compactor (60 minute interval)
2012-06-12 16:33:15,124 INFO [clojure-agent-send-off-pool-2] [mortbay.log] Logging to org.slf4j.impl.Log4jLoggerAdapter(org.mortbay.log) via org.mortbay.log.Slf4jLog
2012-06-12 16:33:15,126 DEBUG [clojure-agent-send-off-pool-2] [mortbay.log] Container Server@4f47afda + SocketC...@puppetdb.vitry.exploit.anticorp:8080 as connector
2012-06-12 16:33:15,131 DEBUG [clojure-agent-send-off-pool-2] [mortbay.log] Container Server@4f47afda + SslSocket...@puppetdb.vitry.exploit.anticorp:8081 as connector
2012-06-12 16:33:15,131 DEBUG [clojure-agent-send-off-pool-2] [mortbay.log] Container Server@4f47afda + AbstractHandler$0@4da4826b as handler
2012-06-12 16:33:15,132 INFO [clojure-agent-send-off-pool-2] [mortbay.log] jetty-6.1.x
2012-06-12 16:33:15,145 DEBUG [clojure-agent-send-off-pool-2] [mortbay.log] Container Server@4f47afda + org.mortbay.thread.QueuedThreadPool@76bd92e4 as threadpool
2012-06-12 16:33:15,148 DEBUG [clojure-agent-send-off-pool-2] [mortbay.log] started org.mortbay.thread.QueuedThreadPool@76bd92e4
2012-06-12 16:33:15,151 DEBUG [clojure-agent-send-off-pool-2] [mortbay.log] starting AbstractHandler$0@4da4826b
2012-06-12 16:33:15,151 DEBUG [clojure-agent-send-off-pool-2] [mortbay.log] started AbstractHandler$0@4da4826b
2012-06-12 16:33:15,151 DEBUG [clojure-agent-send-off-pool-2] [mortbay.log] starting Server@4f47afda
2012-06-12 16:33:15,153 INFO [clojure-agent-send-off-pool-2] [mortbay.log] Started SocketC...@puppetdb.vitry.exploit.anticorp:8080
2012-06-12 16:33:15,153 DEBUG [clojure-agent-send-off-pool-2] [mortbay.log] started SocketC...@puppetdb.vitry.exploit.anticorp:8080
2012-06-12 16:33:15,164 DEBUG [clojure-agent-send-off-pool-2] [mortbay.log] Checking Resource aliases
2012-06-12 16:33:15,219 DEBUG [clojure-agent-send-off-pool-0] [listener.DefaultMessageListenerContainer] Established shared JMS Connection
2012-06-12 16:33:15,219 DEBUG [clojure-agent-send-off-pool-1] [listener.DefaultMessageListenerContainer] Established shared JMS Connection
2012-06-12 16:33:15,256 INFO [clojure-agent-send-off-pool-2] [mortbay.log] Started SslSocket...@puppetdb.vitry.exploit.anticorp:8081
2012-06-12 16:33:15,262 DEBUG [clojure-agent-send-off-pool-2] [mortbay.log] started SslSocket...@puppetdb.vitry.exploit.anticorp:8081
2012-06-12 16:33:15,262 DEBUG [clojure-agent-send-off-pool-2] [mortbay.log] started Server@4f47afda
and once I am trying to run any agent I am having the following error with the SSL port:
date && puppet agent -t --noop ; date
Tue Jun 12 16:31:16 CEST 2012
info: Retrieving plugin
info: Loading facts in meminbytes
info: Loading facts in facter_dot_d
info: Loading facts in root_home
info: Loading facts in puppet_vardir
info: Loading facts in meminbytes
info: Loading facts in facter_dot_d
info: Loading facts in root_home
info: Loading facts in puppet_vardir
err: Could not retrieve catalog from remote server: Error 400 on SERVER: Failed to submit 'replace facts' command for lnk4c-cks01.vitry.exploit.anticorp to PuppetDB at puppetdb.vitry.exploit.anticorp:8081: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed. This is often because the time is out of sync on the server or client
warning: Not using cache on failed catalog
err: Could not retrieve catalog; skipping run Tue Jun 12 16:31:23 CEST 2012
---
2012-06-12 16:31:23,054 WARN [1130816144@qtp-844964870-6] [mortbay.log] EXCEPTION
javax.net.ssl.SSLHandshakeException: Received fatal alert: decrypt_error
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1763)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1006)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1190) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1217)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1201)
at org.mortbay.jetty.security.SslSocketConnector$SslConnection.run(SslSocketConnector.java:675) at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)
If I change the port:
cat puppetdb.conf
[main]
server = puppetdb.vitry.exploit.anticorp
port = 8080
--
date && puppet agent -t --noop ; date Tue Jun 12 16:36:58 CEST 2012
info: Retrieving plugin
info: Loading facts in meminbytes
info: Loading facts in facter_dot_d
info: Loading facts in root_home
info: Loading facts in puppet_vardir
info: Loading facts in meminbytes
info: Loading facts in facter_dot_d
info: Loading facts in root_home
info: Loading facts in puppet_vardir
err: Could not retrieve catalog from remote server: Error 400 on SERVER: Failed to submit 'replace facts' command for lnk4c-cks01.vitry.exploit.anticorp to PuppetDB at puppetdb.vitry.exploit.anticorp:8080: SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: unknown protocol
warning: Not using cache on failed catalog
err: Could not retrieve catalog; skipping run
Tue Jun 12 16:37:01 CEST 2012
--
2012-06-12 16:36:57,836 DEBUG [1255344208@qtp-1992135396-2] [mortbay.log] uri=
2012-06-12 16:36:57,836 DEBUG [1255344208@qtp-1992135396-2] [mortbay.log] fields=
2012-06-12 16:36:57,836 DEBUG [1255344208@qtp-1992135396-2] [mortbay.log] EXCEPTION
HttpException(400,null,null)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:361)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212) at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
at org.mortbay.jetty.bio.SocketConnector$Connection.run(SocketConnector.java:228)
at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)
2012-06-12 16:36:57,844 DEBUG [1255344208@qtp-1992135396-2] [mortbay.log] BAD
Any idea, what could cause this error?
Regards,
JM