I''m wondering if there are any known issues with running puppet clients on a different subnet than the master. I''ve got a working config and I added a client on a separate subnet. I''ve updated my fileserver.conf and namespaceauth.conf accordingly to allow access for that subnet. However, when running puppetd, it takes about 5-10 minutes for the client to download its config. Turning the puppetmaster off, and then re-running puppetd on the client uses the cached config and runs in its normal 10-15 seconds. Pings across the subnet run at about .1ms, so I don''t think that''s the issue. Certs seem to be okay. I am getting an error message when running puppetmaster in debug mode, something to the effect of "allowing <ip address> but substituting <hostname>," so maybe that''s were the issue lies. Apologies for the cryptic error message, but I forgot to write it down before I left work. Any ideas would be greatly appreciated. Thanks --qbert --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
On May 14, 2008, at 4:44 PM, qbert980@gmail.com wrote:> > I''m wondering if there are any known issues with running puppet > clients on a different subnet than the master. I''ve got a working > config and I added a client on a separate subnet. I''ve updated my > fileserver.conf and namespaceauth.conf accordingly to allow access for > that subnet. However, when running puppetd, it takes about 5-10 > minutes for the client to download its config. Turning the > puppetmaster off, and then re-running puppetd on the client uses the > cached config and runs in its normal 10-15 seconds. Pings across the > subnet run at about .1ms, so I don''t think that''s the issue. > > Certs seem to be okay. I am getting an error message when running > puppetmaster in debug mode, something to the effect of "allowing <ip > address> but substituting <hostname>," so maybe that''s were the issue > lies. Apologies for the cryptic error message, but I forgot to write > it down before I left work.No, there aren''t any issues. It''s pretty much got to be your network configuration somehow. -- ''Tis better to be silent and be thought a fool, than to speak and remove all doubt. --Abraham Lincoln --------------------------------------------------------------------- Luke Kanies | http://reductivelabs.com | http://madstop.com --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
I run puppet in multiple subnets.. /29''s.. /28''s.. (we have 5 /18 supernets) quite happily; I doubt it''s anything related to network configuration that is causing the slowdown :( Arjuna Christensen | Systems Engineer Maximum Internet Ltd DDI: + 64 9 913 9683 | Ph: +64 9 915 1825 | Fax:: +64 9 300 7227 arjuna.christensen@maxnet.co.nz| www.maxnet.co.nz -----Original Message----- From: puppet-users@googlegroups.com [mailto:puppet-users@googlegroups.com] On Behalf Of qbert980@gmail.com Sent: Thursday, 15 May 2008 9:44 a.m. To: Puppet Users Subject: [Puppet Users] Puppet across subnets I''m wondering if there are any known issues with running puppet clients on a different subnet than the master. I''ve got a working config and I added a client on a separate subnet. I''ve updated my fileserver.conf and namespaceauth.conf accordingly to allow access for that subnet. However, when running puppetd, it takes about 5-10 minutes for the client to download its config. Turning the puppetmaster off, and then re-running puppetd on the client uses the cached config and runs in its normal 10-15 seconds. Pings across the subnet run at about .1ms, so I don''t think that''s the issue. Certs seem to be okay. I am getting an error message when running puppetmaster in debug mode, something to the effect of "allowing <ip address> but substituting <hostname>," so maybe that''s were the issue lies. Apologies for the cryptic error message, but I forgot to write it down before I left work. Any ideas would be greatly appreciated. Thanks --qbert --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
Hmm. Guess I''ll have to look at the network. What confuses me is when I run puppetmasterd in debug mode, I see the requests coming in. They seem to hang up a bit on the file.request. Tcpdump shows no issues, I''m not running iptables as of yet, and I''m not filtering any packets at the switch level. I''ve tried both ip/netmask and *.domain.org in my fileserver.conf file. Although, I am running bonding in the new subnet, which functions fine outside of puppet as far as I can tell. Guess I''ve got a test to do -- bonding vs. no bonding. I don''t know why this would be the case, but is there a possibility that puppet doesn''t like bonding? Thanks --qbert On May 14, 7:37 pm, "Arjuna Christensen" <arjuna.christen...@maxnet.co.nz> wrote:> I run puppet in multiple subnets.. /29''s.. /28''s.. (we have 5 /18 supernets) quite happily; > > I doubt it''s anything related to network configuration that is causing the slowdown :( > > Arjuna Christensen | Systems Engineer > Maximum Internet Ltd > DDI: + 64 9 913 9683 | Ph: +64 9 915 1825 | Fax:: +64 9 300 7227 > arjuna.christen...@maxnet.co.nz|www.maxnet.co.nz > > -----Original Message----- > From: puppet-users@googlegroups.com [mailto:puppet-users@googlegroups.com] On Behalf Of qbert...@gmail.com > Sent: Thursday, 15 May 2008 9:44 a.m. > To: Puppet Users > Subject: [Puppet Users] Puppet across subnets > > I''m wondering if there are any known issues with running puppet > clients on a different subnet than the master. I''ve got a working > config and I added a client on a separate subnet. I''ve updated my > fileserver.conf and namespaceauth.conf accordingly to allow access for > that subnet. However, when running puppetd, it takes about 5-10 > minutes for the client to download its config. Turning the > puppetmaster off, and then re-running puppetd on the client uses the > cached config and runs in its normal 10-15 seconds. Pings across the > subnet run at about .1ms, so I don''t think that''s the issue. > > Certs seem to be okay. I am getting an error message when running > puppetmaster in debug mode, something to the effect of "allowing <ip > address> but substituting <hostname>," so maybe that''s were the issue > lies. Apologies for the cryptic error message, but I forgot to write > it down before I left work. > > Any ideas would be greatly appreciated. > > Thanks > --qbert--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
The only thing in puppet which is network related that I''ve noticed is latency, as there are a lot of xml rpc requests... but in your case I don''t see a puppet related problem... Cheers, Ohad On Thu, May 15, 2008 at 10:39 AM, <qbert980@gmail.com> wrote:> > Hmm. Guess I''ll have to look at the network. What confuses me is when > I run puppetmasterd in debug mode, I see the requests coming in. They > seem to hang up a bit on the file.request. Tcpdump shows no issues, > I''m not running iptables as of yet, and I''m not filtering any packets > at the switch level. I''ve tried both ip/netmask and *.domain.org in my > fileserver.conf file. Although, I am running bonding in the new > subnet, which functions fine outside of puppet as far as I can tell. > Guess I''ve got a test to do -- bonding vs. no bonding. I don''t know > why this would be the case, but is there a possibility that puppet > doesn''t like bonding? > > Thanks > --qbert > > On May 14, 7:37 pm, "Arjuna Christensen" > <arjuna.christen...@maxnet.co.nz> wrote: > > I run puppet in multiple subnets.. /29''s.. /28''s.. (we have 5 /18 > supernets) quite happily; > > > > I doubt it''s anything related to network configuration that is causing > the slowdown :( > > > > Arjuna Christensen | Systems Engineer > > Maximum Internet Ltd > > DDI: + 64 9 913 9683 | Ph: +64 9 915 1825 | Fax:: +64 9 300 7227 > > arjuna.christen...@maxnet.co.nz|www.maxnet.co.nz > > > > -----Original Message----- > > From: puppet-users@googlegroups.com [mailto: > puppet-users@googlegroups.com] On Behalf Of qbert...@gmail.com > > Sent: Thursday, 15 May 2008 9:44 a.m. > > To: Puppet Users > > Subject: [Puppet Users] Puppet across subnets > > > > I''m wondering if there are any known issues with running puppet > > clients on a different subnet than the master. I''ve got a working > > config and I added a client on a separate subnet. I''ve updated my > > fileserver.conf and namespaceauth.conf accordingly to allow access for > > that subnet. However, when running puppetd, it takes about 5-10 > > minutes for the client to download its config. Turning the > > puppetmaster off, and then re-running puppetd on the client uses the > > cached config and runs in its normal 10-15 seconds. Pings across the > > subnet run at about .1ms, so I don''t think that''s the issue. > > > > Certs seem to be okay. I am getting an error message when running > > puppetmaster in debug mode, something to the effect of "allowing <ip > > address> but substituting <hostname>," so maybe that''s were the issue > > lies. Apologies for the cryptic error message, but I forgot to write > > it down before I left work. > > > > Any ideas would be greatly appreciated. > > > > Thanks > > --qbert > > >--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
Maybe a issue related to dns direct and reverse query timeouts? On 15 Mag, 04:39, qbert...@gmail.com wrote:> Hmm. Guess I''ll have to look at the network. What confuses me is when > I run puppetmasterd in debug mode, I see the requests coming in. They > seem to hang up a bit on the file.request. Tcpdump shows no issues, > I''m not running iptables as of yet, and I''m not filtering any packets > at the switch level. I''ve tried both ip/netmask and *.domain.org in my > fileserver.conf file. Although, I am running bonding in the new > subnet, which functions fine outside of puppet as far as I can tell. > Guess I''ve got a test to do -- bonding vs. no bonding. I don''t know > why this would be the case, but is there a possibility that puppet > doesn''t like bonding? > > Thanks > --qbert > > On May 14, 7:37 pm, "Arjuna Christensen" > > <arjuna.christen...@maxnet.co.nz> wrote: > > I run puppet in multiple subnets.. /29''s.. /28''s.. (we have 5 /18 supernets) quite happily; > > > I doubt it''s anything related to network configuration that is causing the slowdown :( > > > Arjuna Christensen | Systems Engineer > > Maximum Internet Ltd > > DDI:+ 64 9 913 9683| Ph:+64 9 915 1825| Fax:: +64 9 300 7227 > > arjuna.christen...@maxnet.co.nz|www.maxnet.co.nz > > > -----Original Message----- > > From: puppet-users@googlegroups.com [mailto:puppet-users@googlegroups.com] On Behalf Of qbert...@gmail.com > > Sent: Thursday, 15 May 2008 9:44 a.m. > > To: Puppet Users > > Subject: [Puppet Users] Puppet across subnets > > > I''m wondering if there are any known issues with running puppet > > clients on a different subnet than the master. I''ve got a working > > config and I added a client on a separate subnet. I''ve updated my > > fileserver.conf and namespaceauth.conf accordingly to allow access for > > that subnet. However, when running puppetd, it takes about 5-10 > > minutes for the client to download its config. Turning the > > puppetmaster off, and then re-running puppetd on the client uses the > > cached config and runs in its normal 10-15 seconds. Pings across the > > subnet run at about .1ms, so I don''t think that''s the issue. > > > Certs seem to be okay. I am getting an error message when running > > puppetmaster in debug mode, something to the effect of "allowing <ip > > address> but substituting <hostname>," so maybe that''s were the issue > > lies. Apologies for the cryptic error message, but I forgot to write > > it down before I left work. > > > Any ideas would be greatly appreciated. > > > Thanks > > --qbert--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
And the winner is. . . Reverse DNS. Stupid reverse dns. Sorry to place blame on puppet when it wasn''t deserved. Thanks Al. --qbert On May 15, 2:19 am, "Al @ Lab42" <lab42...@gmail.com> wrote:> Maybe a issue related to dns direct and reverse query timeouts? > > On 15 Mag, 04:39, qbert...@gmail.com wrote: > > > Hmm. Guess I''ll have to look at the network. What confuses me is when > > I run puppetmasterd in debug mode, I see the requests coming in. They > > seem to hang up a bit on the file.request. Tcpdump shows no issues, > > I''m not running iptables as of yet, and I''m not filtering any packets > > at the switch level. I''ve tried both ip/netmask and *.domain.org in my > > fileserver.conf file. Although, I am running bonding in the new > > subnet, which functions fine outside of puppet as far as I can tell. > > Guess I''ve got a test to do -- bonding vs. no bonding. I don''t know > > why this would be the case, but is there a possibility that puppet > > doesn''t like bonding? > > > Thanks > > --qbert > > > On May 14, 7:37 pm, "Arjuna Christensen" > > > <arjuna.christen...@maxnet.co.nz> wrote: > > > I run puppet in multiple subnets.. /29''s.. /28''s.. (we have 5 /18 supernets) quite happily; > > > > I doubt it''s anything related to network configuration that is causing the slowdown :( > > > > Arjuna Christensen | Systems Engineer > > > Maximum Internet Ltd > > > DDI:+ 64 9 913 9683| Ph:+64 9 915 1825| Fax:: +64 9 300 7227 > > > arjuna.christen...@maxnet.co.nz|www.maxnet.co.nz > > > > -----Original Message----- > > > From: puppet-users@googlegroups.com [mailto:puppet-users@googlegroups.com] On Behalf Of qbert...@gmail.com > > > Sent: Thursday, 15 May 2008 9:44 a.m. > > > To: Puppet Users > > > Subject: [Puppet Users] Puppet across subnets > > > > I''m wondering if there are any known issues with running puppet > > > clients on a different subnet than the master. I''ve got a working > > > config and I added a client on a separate subnet. I''ve updated my > > > fileserver.conf and namespaceauth.conf accordingly to allow access for > > > that subnet. However, when running puppetd, it takes about 5-10 > > > minutes for the client to download its config. Turning the > > > puppetmaster off, and then re-running puppetd on the client uses the > > > cached config and runs in its normal 10-15 seconds. Pings across the > > > subnet run at about .1ms, so I don''t think that''s the issue. > > > > Certs seem to be okay. I am getting an error message when running > > > puppetmaster in debug mode, something to the effect of "allowing <ip > > > address> but substituting <hostname>," so maybe that''s were the issue > > > lies. Apologies for the cryptic error message, but I forgot to write > > > it down before I left work. > > > > Any ideas would be greatly appreciated. > > > > Thanks > > > --qbert--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---