ELTigre
2009-Aug-25 19:38 UTC
[Puppet Users] [warn] proxy: No protocol handler was valid for the URL /RPC2
I''m running puppetmasterd (0.24.8) with apache2 and mongrel on a
debian host. Apache2, mongrel instances and puppetmaster runs in the
same server. My apache2 puppetmaster.conf file is:
PidFile /var/run/apache2-puppetmaster.pid
# Include module configuration:
Include /etc/apache2/mods-enabled/*.load
Include /etc/apache2/mods-enabled/*.conf
TypesConfig /etc/mime.types
User www-data
Group www-data
ErrorLog /var/log/apache2/puppetmaster-error.log
Listen 8140
ProxyRequests Off
<Proxy balancer://puppetmaster>
BalancerMember http://127.0.0.1:18140
BalancerMember http://127.0.0.1:18141
BalancerMember http://127.0.0.1:18142
BalancerMember http://127.0.0.1:18143
BalancerMember http://127.0.0.1:18144
BalancerMember http://127.0.0.1:18145
BalancerMember http://127.0.0.1:18146
BalancerMember http://127.0.0.1:18147
BalancerMember http://127.0.0.1:18148
BalancerMember http://127.0.0.1:18149
</Proxy>
<VirtualHost *:8140>
SSLEngine on
SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA
SSLCertificateFile /var/lib/puppet/ssl/certs/
vps200.speedyrails.ca.pem
SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/
vps200.speedyrails.ca.pem
SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
SSLVerifyClient optional
SSLVerifyDepth 1
SSLOptions +StdEnvVars
RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e
<Location />
SetHandler balancer-manager
Order allow,deny
Allow from all
</Location>
ProxyPass / balancer://localhost:8140/
ProxyPassReverse / balancer://localhost:8140/
ProxyPreserveHost on
# SetEnv force-proxy-request-1.0 1
# SetEnv proxy-nokeepalive 1
LogLevel Debug
CustomLog "|/usr/bin/cronolog /var/log/apache2/vps200-access-%Y-
%m-%d.log" combined
ErrorLog "|/usr/bin/cronolog /var/log/apache2/vps200-error-%Y-%m-
%d.log"
# /etc/init.d/apache2-puppetmaster start (taken from
http://reductivelabs.com/trac/puppet/attachment/wiki/UsingMongrelOnDebian/apache2-puppetmaster).
# /etc/init.d/puppetmaster start (taken from
http://reductivelabs.com/trac/puppet/attachment/wiki/UsingMongrelOnDebian/puppetmaster.conf).
My ps axf outoput:
16815 ? Ss 0:00 /usr/sbin/apache2 -f /etc/apache2/
puppetmaster.conf -k start
16817 ? S 0:00 \_ /usr/bin/cronolog /var/log/apache2/
vps200-error-%Y-%m-%d.log
16818 ? S 0:00 \_ /usr/bin/cronolog /var/log/apache2/
vps200-access-%Y-%m-%d.log
16824 ? S 0:00 \_ /usr/sbin/apache2 -f /etc/apache2/
puppetmaster.conf -k start
16825 ? S 0:00 \_ /usr/sbin/apache2 -f /etc/apache2/
puppetmaster.conf -k start
16826 ? S 0:00 \_ /usr/sbin/apache2 -f /etc/apache2/
puppetmaster.conf -k start
16827 ? S 0:00 \_ /usr/sbin/apache2 -f /etc/apache2/
puppetmaster.conf -k start
16828 ? S 0:00 \_ /usr/sbin/apache2 -f /etc/apache2/
puppetmaster.conf -k start
16886 ? Ssl 0:00 /usr/local/bin/ruby /usr/sbin/puppetmasterd
--servertype=mongrel --masterport=18140 --pidfile=/var/
16911 ? Ssl 0:00 /usr/local/bin/ruby /usr/sbin/puppetmasterd
--servertype=mongrel --masterport=18141 --pidfile=/var/
16936 ? Ssl 0:00 /usr/local/bin/ruby /usr/sbin/puppetmasterd
--servertype=mongrel --masterport=18142 --pidfile=/var/
16961 ? Ssl 0:00 /usr/local/bin/ruby /usr/sbin/puppetmasterd
--servertype=mongrel --masterport=18143 --pidfile=/var/
16986 ? Ssl 0:00 /usr/local/bin/ruby /usr/sbin/puppetmasterd
--servertype=mongrel --masterport=18144 --pidfile=/var/
17011 ? Ssl 0:00 /usr/local/bin/ruby /usr/sbin/puppetmasterd
--servertype=mongrel --masterport=18145 --pidfile=/var/
17036 ? Ssl 0:00 /usr/local/bin/ruby /usr/sbin/puppetmasterd
--servertype=mongrel --masterport=18146 --pidfile=/var/
17061 ? Ssl 0:00 /usr/local/bin/ruby /usr/sbin/puppetmasterd
--servertype=mongrel --masterport=18147 --pidfile=/var/
17086 ? Ssl 0:00 /usr/local/bin/ruby /usr/sbin/puppetmasterd
--servertype=mongrel --masterport=18148 --pidfile=/var/
17111 ? Ssl 0:00 /usr/local/bin/ruby /usr/sbin/puppetmasterd
--servertype=mongrel --masterport=18149 --pidfile=/var/
The problem?
Any connection from a any puppet client gets an error:
# puppetd -tv
warning: peer certificate won''t be verified in this SSL session
err: Could not call puppetca.getcert: #<RuntimeError: HTTP-Error: 500
Internal Server Error>
err: Could not request certificate: Certificate retrieval failed: HTTP-
Error: 500 Internal Server Error
So, went to the apache log files and got this:
[Tue Aug 25 15:27:10 2009] [info] Initial (No.1) HTTPS request
received for child 1 (server puppetmasterd.domain:8140)
[Tue Aug 25 15:27:10 2009] [debug] mod_proxy_balancer.c(46): proxy:
BALANCER: canonicalising URL //localhost:8140/RPC2
[Tue Aug 25 15:27:10 2009] [debug] proxy_util.c(1507): [client
67xx.xx.xx] proxy: *: found reverse proxy worker for balancer://localhost/RPC2
[Tue Aug 25 15:27:10 2009] [debug] mod_proxy.c(966): Running scheme
balancer handler (attempt 0)
[Tue Aug 25 15:27:10 2009] [debug] mod_proxy_http.c(1927): proxy:
HTTP: declining URL balancer://localhost/RPC2
[Tue Aug 25 15:27:10 2009] [warn] proxy: No protocol handler was valid
for the URL /RPC2. If you are using a DSO version of mod_proxy, make
sure the proxy submodules are included in the configuration using
LoadModule.
[Tue Aug 25 15:27:10 2009] [debug] ssl_engine_kernel.c(1770): OpenSSL:
Write: SSL negotiation finished successfully
[Tue Aug 25 15:27:10 2009] [info] [client 67.xx.xx.xx] Connection
closed to child 1 with standard shutdown (server puppetmasterd.domain:
8140)
Any ideas?
regards,
Israel.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---
ELTigre
2009-Aug-26 02:20 UTC
[Puppet Users] Re: proxy: No protocol handler was valid for the URL /RPC2 (SOLVED)
I changed the entry: <Proxy balancer://puppetmaster> to this: <Proxy balancer://puppetmaster.domain> and changed too this two entries ProxyPass / balancer://localhost:8140/ ProxyPassReverse / balancer://localhost:8140/ to these one: ProxyPass / balancer://puppetmaster.domain:8140/ ProxyPassReverse / balancer://puppetmaster.domain:8140/ everything is working now! regards, Israel. On Aug 25, 2:38 pm, ELTigre <igalva...@gmail.com> wrote:> I''m running puppetmasterd (0.24.8) with apache2 and mongrel on a > debian host. Apache2, mongrel instances and puppetmaster runs in the > same server. My apache2 puppetmaster.conf file is: > > PidFile /var/run/apache2-puppetmaster.pid > > # Include module configuration: > > Include /etc/apache2/mods-enabled/*.load > Include /etc/apache2/mods-enabled/*.conf > > TypesConfig /etc/mime.types > > User www-data > Group www-data > > ErrorLog /var/log/apache2/puppetmaster-error.log > > Listen 8140 > > ProxyRequests Off > > <Proxy balancer://puppetmaster> > BalancerMemberhttp://127.0.0.1:18140 > BalancerMemberhttp://127.0.0.1:18141 > BalancerMemberhttp://127.0.0.1:18142 > BalancerMemberhttp://127.0.0.1:18143 > BalancerMemberhttp://127.0.0.1:18144 > BalancerMemberhttp://127.0.0.1:18145 > BalancerMemberhttp://127.0.0.1:18146 > BalancerMemberhttp://127.0.0.1:18147 > BalancerMemberhttp://127.0.0.1:18148 > BalancerMemberhttp://127.0.0.1:18149 > </Proxy> > > <VirtualHost *:8140> > SSLEngine on > SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA > SSLCertificateFile /var/lib/puppet/ssl/certs/ > vps200.speedyrails.ca.pem > SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/ > vps200.speedyrails.ca.pem > SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem > SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem > SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem > SSLVerifyClient optional > SSLVerifyDepth 1 > SSLOptions +StdEnvVars > > RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e > RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e > > <Location /> > SetHandler balancer-manager > Order allow,deny > Allow from all > </Location> > > ProxyPass / balancer://localhost:8140/ > ProxyPassReverse / balancer://localhost:8140/ > ProxyPreserveHost on > # SetEnv force-proxy-request-1.0 1 > # SetEnv proxy-nokeepalive 1 > LogLevel Debug > CustomLog "|/usr/bin/cronolog /var/log/apache2/vps200-access-%Y- > %m-%d.log" combined > ErrorLog "|/usr/bin/cronolog /var/log/apache2/vps200-error-%Y-%m- > %d.log" > > # /etc/init.d/apache2-puppetmaster start (taken fromhttp://reductivelabs.com/trac/puppet/attachment/wiki/UsingMongrelOnDe...). > > # /etc/init.d/puppetmaster start (taken fromhttp://reductivelabs.com/trac/puppet/attachment/wiki/UsingMongrelOnDe...). > > My ps axf outoput: > 16815 ? Ss 0:00 /usr/sbin/apache2 -f /etc/apache2/ > puppetmaster.conf -k start > 16817 ? S 0:00 \_ /usr/bin/cronolog /var/log/apache2/ > vps200-error-%Y-%m-%d.log > 16818 ? S 0:00 \_ /usr/bin/cronolog /var/log/apache2/ > vps200-access-%Y-%m-%d.log > 16824 ? S 0:00 \_ /usr/sbin/apache2 -f /etc/apache2/ > puppetmaster.conf -k start > 16825 ? S 0:00 \_ /usr/sbin/apache2 -f /etc/apache2/ > puppetmaster.conf -k start > 16826 ? S 0:00 \_ /usr/sbin/apache2 -f /etc/apache2/ > puppetmaster.conf -k start > 16827 ? S 0:00 \_ /usr/sbin/apache2 -f /etc/apache2/ > puppetmaster.conf -k start > 16828 ? S 0:00 \_ /usr/sbin/apache2 -f /etc/apache2/ > puppetmaster.conf -k start > 16886 ? Ssl 0:00 /usr/local/bin/ruby /usr/sbin/puppetmasterd > --servertype=mongrel --masterport=18140 --pidfile=/var/ > 16911 ? Ssl 0:00 /usr/local/bin/ruby /usr/sbin/puppetmasterd > --servertype=mongrel --masterport=18141 --pidfile=/var/ > 16936 ? Ssl 0:00 /usr/local/bin/ruby /usr/sbin/puppetmasterd > --servertype=mongrel --masterport=18142 --pidfile=/var/ > 16961 ? Ssl 0:00 /usr/local/bin/ruby /usr/sbin/puppetmasterd > --servertype=mongrel --masterport=18143 --pidfile=/var/ > 16986 ? Ssl 0:00 /usr/local/bin/ruby /usr/sbin/puppetmasterd > --servertype=mongrel --masterport=18144 --pidfile=/var/ > 17011 ? Ssl 0:00 /usr/local/bin/ruby /usr/sbin/puppetmasterd > --servertype=mongrel --masterport=18145 --pidfile=/var/ > 17036 ? Ssl 0:00 /usr/local/bin/ruby /usr/sbin/puppetmasterd > --servertype=mongrel --masterport=18146 --pidfile=/var/ > 17061 ? Ssl 0:00 /usr/local/bin/ruby /usr/sbin/puppetmasterd > --servertype=mongrel --masterport=18147 --pidfile=/var/ > 17086 ? Ssl 0:00 /usr/local/bin/ruby /usr/sbin/puppetmasterd > --servertype=mongrel --masterport=18148 --pidfile=/var/ > 17111 ? Ssl 0:00 /usr/local/bin/ruby /usr/sbin/puppetmasterd > --servertype=mongrel --masterport=18149 --pidfile=/var/ > > The problem? > > Any connection from a any puppet client gets an error: > # puppetd -tv > warning: peer certificate won''t be verified in this SSL session > err: Could not call puppetca.getcert: #<RuntimeError: HTTP-Error: 500 > Internal Server Error> > err: Could not request certificate: Certificate retrieval failed: HTTP- > Error: 500 Internal Server Error > > So, went to the apache log files and got this: > > [Tue Aug 25 15:27:10 2009] [info] Initial (No.1) HTTPS request > received for child 1 (server puppetmasterd.domain:8140) > [Tue Aug 25 15:27:10 2009] [debug] mod_proxy_balancer.c(46): proxy: > BALANCER: canonicalising URL //localhost:8140/RPC2 > [Tue Aug 25 15:27:10 2009] [debug] proxy_util.c(1507): [client > 67xx.xx.xx] proxy: *: found reverse proxy worker for balancer://localhost/RPC2 > [Tue Aug 25 15:27:10 2009] [debug] mod_proxy.c(966): Running scheme > balancer handler (attempt 0) > [Tue Aug 25 15:27:10 2009] [debug] mod_proxy_http.c(1927): proxy: > HTTP: declining URL balancer://localhost/RPC2 > [Tue Aug 25 15:27:10 2009] [warn] proxy: No protocol handler was valid > for the URL /RPC2. If you are using a DSO version of mod_proxy, make > sure the proxy submodules are included in the configuration using > LoadModule. > [Tue Aug 25 15:27:10 2009] [debug] ssl_engine_kernel.c(1770): OpenSSL: > Write: SSL negotiation finished successfully > [Tue Aug 25 15:27:10 2009] [info] [client 67.xx.xx.xx] Connection > closed to child 1 with standard shutdown (server puppetmasterd.domain: > 8140) > > Any ideas? > > regards, > Israel.--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---