I am running puppet 2.6.16, ruby 1.8.7-p249, on puppet server with
passenger on Apache. These are my gems:
builder (2.1.2)
fastthread (1.0.7)
mysql (2.8.1)
passenger (2.2.14)
rack (1.1.0)
rake (0.8.7)
We manually manage autosign.conf to allow new builds to continue so
certificates can be signed automatically. This has been working well for a
couple of years, but I've always wondered what triggers the puppet master
to sign the certificate. We can wait 5-10 minutes for a signing request to
be fulfilled.
We made a change last week to now use short names as the certificate names
(not FQDN) and now we're looking closer to 30 minutes for a request to be
signed :-(
The only correlation I can see in the logs is that just before a request is
signed, a new puppetmasterd is spawned by passenger:
Aug 28 22:15:09 engnadm010 puppet-master[26047]: [ID 702911 daemon.notice]
labcsvr004 has a waiting certificate request
Aug 28 22:24:06 engnadm010 puppet-master[26031]: [ID 702911 daemon.notice]
Compiled catalog for engnadm010.bfm.com in environment lab in 19.65 seconds
Aug 28 22:37:11 engnadm010 puppet-master[26031]: [ID 702911 daemon.notice]
labcsvr004 has a waiting certificate request
Aug 28 22:39:47 engnadm010 puppet-master[27717]: [ID 702911 daemon.notice]
Starting Puppet master version 2.6.16
Aug 28 22:40:52 engnadm010 puppet-master[26047]: [ID 702911 daemon.notice]
Signed certificate request for labcsvr004
Here are my passenger Apache config entries:
PassengerHighPerformance on
PassengerMaxPoolSize 15
PassengerPoolIdleTime 300
PassengerUseGlobalQueue on
PassengerStatThrottleRate 120
RackAutoDetect Off
RailsAutoDetect Off
Is there any way I can speed up things so that puppet signs the request
immediately?
Thanks
John
--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to [email protected].
For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
