FAQ
Hey;

I'm running a couple of very small puppet ver 3.3 instance primarily for
learning. Seems I have a way to go. I updated a file that's supposed to
be distributed in the modules then ran the puppet agent manually. It
didn't get sent to the remote host until I stopped httpd and started the
master from the command line:

puppet master --verbose --no-daemonize

Once that's done, and a "puppet agent --verbose --onetime --server=${srv}"
works fine. Missing files get restored, updated files get distributed.

There are no error messages in the syslog, httpd error log or http access
log. "service httpd configtest" comes back clean. I copied the info from
the passenger.conf file from the pro puppet book (nice book, btw).

Obviously the modules are right or they wouldn't get distributed when
operating under webrick.

The passenger.conf file is included below. I appreciate any
hints/tips/suggestions that anyone could provide.

Doug O'Leary

# cat passenger.conf
LoadModule passenger_module modules/mod_passenger.so
<IfModule mod_passenger.c>
    PassengerRoot /usr/share/rubygems/gems/passenger-3.0.21
    PassengerRuby /usr/bin/ruby
     PassengerHighPerformance on
     PassengerUseGlobalQueue on
     PassengerMaxPoolSize 6
     PassengerMaxRequests 4000
     PassengerPoolIdleTime 1800
</IfModule>

### Puppet config

Listen 8140
<VirtualHost *:8140>
     SSLEngine on
     SSLProtocol -ALL +SSLv3 +TLSv1
     SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
     SSLCertificateFile /var/lib/puppet/ssl/certs/pm.olearycomputers.com.pem
     SSLCertificateKeyFile
/var/lib/puppet/ssl/private_keys/pm.olearycomputers.com.pem
     SSLCertificateChainFile /var/lib/puppet/ssl/certs/ca.pem
     SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
## Disable following if apachecomplains about CRL
     SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
### Optional to allow CSR request; required if certs get distributed
### to clients during provisioning
     SSLVerifyClient optional
     SSLVerifyDepth 1
     SSLOptions +StdEnvVars
### Client headers record authentication info for downsteam workers
     RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
     RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
     RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e

     RackAutoDetect On
     DocumentRoot /etc/puppet/rack/puppetmaster/public/
     <Directory /etc/puppet/rack/puppetmaster/>
         Options None
         AllowOverride None
         Order allow,deny
         allow from all
     </Directory>
</VirtualHost>

--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Search Discussions

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
grouppuppet-users @
categoriespuppet
postedOct 11, '13 at 9:11p
activeOct 11, '13 at 9:11p
posts1
users1
websitepuppetlabs.com

1 user in discussion

Dkoleary: 1 post

People

Translate

site design / logo © 2021 Grokbase