I''m just starting out with puppet and have been seeing problems very similar to those in ticket #3083: http://projects.reductivelabs.com/issues/3083 First, an overview of my configuration. I have three physical servers, each running puppet 0.25.4. One of the servers is going to be my puppetmaster as well as a client. The other two servers in my configuration will only be puppetd clients. Their forward and reverse DNS do not match and, for political reasons, I can''t change them. I''ve set up puppetmasterd running on the main IP address of the first server. The puppetmaster''s puppet.conf contains: certname = server.example.com And the client''s puppet.con contains: certname = client1.example.com When I run puppetd with: puppetd --server server.example.com --fqdn client1.example.com I get the following for some seemingly random number of files in my manifests: puppetd[67238]: (//stats/File[/home/procrast/stats/denora.conf]) Failed to retrieve current state of resource: undefined method `closed?'' for nil:NilClass Could not retrieve file metadata for puppet://badger.valinor.net/stats/denora.conf: undefined method `closed?'' for nil:NilClass at /etc/puppet/modules/stats/manifests/init.pp:15 I gather from my reading that it''s DNS related somehow, but I''m not sure what else I need to set in order to override whatever puppet thinks the client/server should be. Thanks in advance! -Brian -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Hi Brian, On Mon, Mar 8, 2010 at 2:35 PM, Brian Keifer <brian@valinor.net> wrote:> I''m just starting out with puppet and have been seeing problems very > similar to those in ticket #3083: > > http://projects.reductivelabs.com/issues/3083 > > First, an overview of my configuration. I have three physical servers, > each running puppet 0.25.4. One of the servers is going to be my > puppetmaster as well as a client. The other two servers in my configuration > will only be puppetd clients. Their forward and reverse DNS do not match > and, for political reasons, I can''t change them. > > I''ve set up puppetmasterd running on the main IP address of the first > server. The puppetmaster''s puppet.conf contains: > > certname = server.example.com > > And the client''s puppet.con contains: > > certname = client1.example.com > > When I run puppetd with: > > puppetd --server server.example.com --fqdn client1.example.com > > I get the following for some seemingly random number of files in my > manifests: > > puppetd[67238]: (//stats/File[/home/procrast/stats/denora.conf]) Failed to > retrieve current state of resource: undefined method `closed?'' for > nil:NilClass Could not retrieve file metadata for puppet:// > badger.valinor.net/stats/denora.conf: undefined method `closed?'' for > nil:NilClass at /etc/puppet/modules/stats/manifests/init.pp:15 > > I gather from my reading that it''s DNS related somehow, but I''m not sure > what else I need to set in order to override whatever puppet thinks the > client/server should be. >1. Check the source attribute assignment. source => puppet:///modules/stats/denora.conf the third slash means use same server address as the server we connected to. maybe its hardcoded to be the server name? 2. you could also try: [puppetmasterd] certdnsnames=badger.valinor.net<http://badger.valinor.net/stats/denora.conf> on the server if you need this name to be accepted by the cert.> Thanks in advance! > > -Brian > >hope this helps, Dan> -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com<puppet-users%2Bunsubscribe@googlegroups.com> > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On Mar 9, 2010, at 12:17 AM, Dan Bode wrote:> > 1. Check the source attribute assignment. > > source => puppet:///modules/stats/denora.conf > > the third slash means use same server address as the server we connected to. > > maybe its hardcoded to be the server name? > > 2. you could also try: > > [puppetmasterd] > certdnsnames=badger.valinor.net > > on the server if you need this name to be accepted by the cert. >Thanks! I had been using source => "puppet://$servername/module/path/filename.ext". I switched to puppet:/// and added the certdnsnames line to my puppetmaster''s config file. My config looks a bit cleaner, but I''m still getting the random errors on my file definitions: err: //inspircd/File[/home/procrast/inspircd/conf/modules.conf]: Failed to retrieve current state of resource: undefined method `closed?'' for nil:NilClass Could not retrieve file metadata for puppet:///inspircd/modules.conf: undefined method `closed?'' for nil:NilClass at /etc/puppet/modules/inspircd/manifests/init.pp:15 From several test runs with: puppetd --server puppet.procrast.net --fqdn badger.procrast.net --no-daemonize --onetime --verbose I get between 3 and 9 of these errors each time, always a different subset of my files. These same files serve properly to my other two clients. I don''t get it. -Brian -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On Mar 9, 2010, at 6:36 AM, Brian Keifer wrote:> > On Mar 9, 2010, at 12:17 AM, Dan Bode wrote: > >> >> 1. Check the source attribute assignment. >> >> source => puppet:///modules/stats/denora.conf >> >> the third slash means use same server address as the server we connected to. >> >> maybe its hardcoded to be the server name? >> >> 2. you could also try: >> >> [puppetmasterd] >> certdnsnames=badger.valinor.net >> >> on the server if you need this name to be accepted by the cert. >> > > Thanks! I had been using source => "puppet://$servername/module/path/filename.ext". I switched to puppet:/// and added the certdnsnames line to my puppetmaster''s config file. My config looks a bit cleaner, but I''m still getting the random errors on my file definitions: > > err: //inspircd/File[/home/procrast/inspircd/conf/modules.conf]: Failed to retrieve current state of resource: undefined method `closed?'' for nil:NilClass Could not retrieve file metadata for puppet:///inspircd/modules.conf: undefined method `closed?'' for nil:NilClass at /etc/puppet/modules/inspircd/manifests/init.pp:15 > > From several test runs with: > > puppetd --server puppet.procrast.net --fqdn badger.procrast.net --no-daemonize --onetime --verbose > > I get between 3 and 9 of these errors each time, always a different subset of my files. These same files serve properly to my other two clients. > > I don''t get it.This might be related to http://projects.reductivelabs.com/issues/3083. Try using "puppetca --list --all" on the server and check if those clients are in the list. If they are not in the list, it''s probably that bug. -Patrick -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On Mar 9, 2010, at 4:57 PM, Patrick wrote:> > On Mar 9, 2010, at 6:36 AM, Brian Keifer wrote: > >> >> On Mar 9, 2010, at 12:17 AM, Dan Bode wrote: >> >>> >>> 1. Check the source attribute assignment. >>> >>> source => puppet:///modules/stats/denora.conf >>> >>> the third slash means use same server address as the server we connected to. >>> >>> maybe its hardcoded to be the server name? >>> >>> 2. you could also try: >>> >>> [puppetmasterd] >>> certdnsnames=badger.valinor.net >>> >>> on the server if you need this name to be accepted by the cert. >>> >> >> Thanks! I had been using source => "puppet://$servername/module/path/filename.ext". I switched to puppet:/// and added the certdnsnames line to my puppetmaster''s config file. My config looks a bit cleaner, but I''m still getting the random errors on my file definitions: >> >> err: //inspircd/File[/home/procrast/inspircd/conf/modules.conf]: Failed to retrieve current state of resource: undefined method `closed?'' for nil:NilClass Could not retrieve file metadata for puppet:///inspircd/modules.conf: undefined method `closed?'' for nil:NilClass at /etc/puppet/modules/inspircd/manifests/init.pp:15 >> >> From several test runs with: >> >> puppetd --server puppet.procrast.net --fqdn badger.procrast.net --no-daemonize --onetime --verbose >> >> I get between 3 and 9 of these errors each time, always a different subset of my files. These same files serve properly to my other two clients. >> >> I don''t get it. > > This might be related to http://projects.reductivelabs.com/issues/3083. Try using "puppetca --list --all" on the server and check if those clients are in the list. If they are not in the list, it''s probably that bug. > -Patrick >The problem client does appear to be listed. [root@badger /etc/puppet]# puppetca --list --all + badger.procrast.net + puppet.procrast.net -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On Mar 9, 2010, at 1:59 PM, Brian Keifer wrote:> > On Mar 9, 2010, at 4:57 PM, Patrick wrote: > >> >> On Mar 9, 2010, at 6:36 AM, Brian Keifer wrote: >> >>> >>> On Mar 9, 2010, at 12:17 AM, Dan Bode wrote: >>> >>>> >>>> 1. Check the source attribute assignment. >>>> >>>> source => puppet:///modules/stats/denora.conf >>>> >>>> the third slash means use same server address as the server we connected to. >>>> >>>> maybe its hardcoded to be the server name? >>>> >>>> 2. you could also try: >>>> >>>> [puppetmasterd] >>>> certdnsnames=badger.valinor.net >>>> >>>> on the server if you need this name to be accepted by the cert. >>>> >>> >>> Thanks! I had been using source => "puppet://$servername/module/path/filename.ext". I switched to puppet:/// and added the certdnsnames line to my puppetmaster''s config file. My config looks a bit cleaner, but I''m still getting the random errors on my file definitions: >>> >>> err: //inspircd/File[/home/procrast/inspircd/conf/modules.conf]: Failed to retrieve current state of resource: undefined method `closed?'' for nil:NilClass Could not retrieve file metadata for puppet:///inspircd/modules.conf: undefined method `closed?'' for nil:NilClass at /etc/puppet/modules/inspircd/manifests/init.pp:15 >>> >>> From several test runs with: >>> >>> puppetd --server puppet.procrast.net --fqdn badger.procrast.net --no-daemonize --onetime --verbose >>> >>> I get between 3 and 9 of these errors each time, always a different subset of my files. These same files serve properly to my other two clients. >>> >>> I don''t get it. >> >> This might be related to http://projects.reductivelabs.com/issues/3083. Try using "puppetca --list --all" on the server and check if those clients are in the list. If they are not in the list, it''s probably that bug. >> -Patrick >> > > The problem client does appear to be listed. > > [root@badger /etc/puppet]# puppetca --list --all > + badger.procrast.net > + puppet.procrast.netDoes puppetca show the other clients (that work) as being in the same domain? Also, take a look at /etc/puppet/fileserver.conf. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On Mar 9, 2010, at 5:50 PM, Patrick wrote:> > On Mar 9, 2010, at 1:59 PM, Brian Keifer wrote: > >> >> On Mar 9, 2010, at 4:57 PM, Patrick wrote: >> >>> >>> On Mar 9, 2010, at 6:36 AM, Brian Keifer wrote: >>> >>>> >>>> On Mar 9, 2010, at 12:17 AM, Dan Bode wrote: >>>> >>>>> >>>>> 1. Check the source attribute assignment. >>>>> >>>>> source => puppet:///modules/stats/denora.conf >>>>> >>>>> the third slash means use same server address as the server we connected to. >>>>> >>>>> maybe its hardcoded to be the server name? >>>>> >>>>> 2. you could also try: >>>>> >>>>> [puppetmasterd] >>>>> certdnsnames=badger.valinor.net >>>>> >>>>> on the server if you need this name to be accepted by the cert. >>>>> >>>> >>>> Thanks! I had been using source => "puppet://$servername/module/path/filename.ext". I switched to puppet:/// and added the certdnsnames line to my puppetmaster''s config file. My config looks a bit cleaner, but I''m still getting the random errors on my file definitions: >>>> >>>> err: //inspircd/File[/home/procrast/inspircd/conf/modules.conf]: Failed to retrieve current state of resource: undefined method `closed?'' for nil:NilClass Could not retrieve file metadata for puppet:///inspircd/modules.conf: undefined method `closed?'' for nil:NilClass at /etc/puppet/modules/inspircd/manifests/init.pp:15 >>>> >>>> From several test runs with: >>>> >>>> puppetd --server puppet.procrast.net --fqdn badger.procrast.net --no-daemonize --onetime --verbose >>>> >>>> I get between 3 and 9 of these errors each time, always a different subset of my files. These same files serve properly to my other two clients. >>>> >>>> I don''t get it. >>> >>> This might be related to http://projects.reductivelabs.com/issues/3083. Try using "puppetca --list --all" on the server and check if those clients are in the list. If they are not in the list, it''s probably that bug. >>> -Patrick >>> >> >> The problem client does appear to be listed. >> >> [root@badger /etc/puppet]# puppetca --list --all >> + badger.procrast.net >> + puppet.procrast.net > > Does puppetca show the other clients (that work) as being in the same domain? Also, take a look at /etc/puppet/fileserver.conf. >Yep. They all show .procrast.net addresses. My fileserver.conf is quite basic at the moment. It''s got the path to the files for each module and an "allow *" for each. I believe the fileserver.conf is set up correctly, as the problems are sporadic. On one run a file may fail, but on the other runs it copies properly. Additionally, the other two clients that are not on the same machine as the fileserver have no issues at all. Thanks! -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On Mar 10, 2010, at 6:54 AM, Brian Keifer wrote:> > On Mar 9, 2010, at 5:50 PM, Patrick wrote: > >> >> On Mar 9, 2010, at 1:59 PM, Brian Keifer wrote: >> >>> >>> On Mar 9, 2010, at 4:57 PM, Patrick wrote: >>> >>>> >>>> On Mar 9, 2010, at 6:36 AM, Brian Keifer wrote: >>>> >>>>> >>>>> On Mar 9, 2010, at 12:17 AM, Dan Bode wrote: >>>>> >>>>>> >>>>>> 1. Check the source attribute assignment. >>>>>> >>>>>> source => puppet:///modules/stats/denora.conf >>>>>> >>>>>> the third slash means use same server address as the server we connected to. >>>>>> >>>>>> maybe its hardcoded to be the server name? >>>>>> >>>>>> 2. you could also try: >>>>>> >>>>>> [puppetmasterd] >>>>>> certdnsnames=badger.valinor.net >>>>>> >>>>>> on the server if you need this name to be accepted by the cert. >>>>>> >>>>> >>>>> Thanks! I had been using source => "puppet://$servername/module/path/filename.ext". I switched to puppet:/// and added the certdnsnames line to my puppetmaster''s config file. My config looks a bit cleaner, but I''m still getting the random errors on my file definitions: >>>>> >>>>> err: //inspircd/File[/home/procrast/inspircd/conf/modules.conf]: Failed to retrieve current state of resource: undefined method `closed?'' for nil:NilClass Could not retrieve file metadata for puppet:///inspircd/modules.conf: undefined method `closed?'' for nil:NilClass at /etc/puppet/modules/inspircd/manifests/init.pp:15 >>>>> >>>>> From several test runs with: >>>>> >>>>> puppetd --server puppet.procrast.net --fqdn badger.procrast.net --no-daemonize --onetime --verbose >>>>> >>>>> I get between 3 and 9 of these errors each time, always a different subset of my files. These same files serve properly to my other two clients. >>>>> >>>>> I don''t get it. >>>> >>>> This might be related to http://projects.reductivelabs.com/issues/3083. Try using "puppetca --list --all" on the server and check if those clients are in the list. If they are not in the list, it''s probably that bug. >>>> -Patrick >>>> >>> >>> The problem client does appear to be listed. >>> >>> [root@badger /etc/puppet]# puppetca --list --all >>> + badger.procrast.net >>> + puppet.procrast.net >> >> Does puppetca show the other clients (that work) as being in the same domain? Also, take a look at /etc/puppet/fileserver.conf. >> > > Yep. They all show .procrast.net addresses. My fileserver.conf is quite basic at the moment. It''s got the path to the files for each module and an "allow *" for each. > > I believe the fileserver.conf is set up correctly, as the problems are sporadic. On one run a file may fail, but on the other runs it copies properly. Additionally, the other two clients that are not on the same machine as the fileserver have no issues at all. > > Thanks!I really have no idea what''s wrong. Here''s some standard troubleshooting ideas that I would try. Here are a couple of things to compare between clients that work and clients that don''t: What version of puppet are they using? Is the path to the server complicated? (How many router hops? is there a natting firewall in between? High latency? Packet loss?) What OS are you using? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On Mar 10, 2010, at 11:48 AM, Patrick wrote:> > On Mar 10, 2010, at 6:54 AM, Brian Keifer wrote: > >> >> On Mar 9, 2010, at 5:50 PM, Patrick wrote: >> >>> >>> On Mar 9, 2010, at 1:59 PM, Brian Keifer wrote: >>> >>>> >>>> On Mar 9, 2010, at 4:57 PM, Patrick wrote: >>>> >>>>> >>>>> On Mar 9, 2010, at 6:36 AM, Brian Keifer wrote: >>>>> >>>>>> >>>>>> On Mar 9, 2010, at 12:17 AM, Dan Bode wrote: >>>>>> >>>>>>> >>>>>>> 1. Check the source attribute assignment. >>>>>>> >>>>>>> source => puppet:///modules/stats/denora.conf >>>>>>> >>>>>>> the third slash means use same server address as the server we connected to. >>>>>>> >>>>>>> maybe its hardcoded to be the server name? >>>>>>> >>>>>>> 2. you could also try: >>>>>>> >>>>>>> [puppetmasterd] >>>>>>> certdnsnames=badger.valinor.net >>>>>>> >>>>>>> on the server if you need this name to be accepted by the cert. >>>>>>> >>>>>> >>>>>> Thanks! I had been using source => "puppet://$servername/module/path/filename.ext". I switched to puppet:/// and added the certdnsnames line to my puppetmaster''s config file. My config looks a bit cleaner, but I''m still getting the random errors on my file definitions: >>>>>> >>>>>> err: //inspircd/File[/home/procrast/inspircd/conf/modules.conf]: Failed to retrieve current state of resource: undefined method `closed?'' for nil:NilClass Could not retrieve file metadata for puppet:///inspircd/modules.conf: undefined method `closed?'' for nil:NilClass at /etc/puppet/modules/inspircd/manifests/init.pp:15 >>>>>> >>>>>> From several test runs with: >>>>>> >>>>>> puppetd --server puppet.procrast.net --fqdn badger.procrast.net --no-daemonize --onetime --verbose >>>>>> >>>>>> I get between 3 and 9 of these errors each time, always a different subset of my files. These same files serve properly to my other two clients. >>>>>> >>>>>> I don''t get it. >>>>> >>>>> This might be related to http://projects.reductivelabs.com/issues/3083. Try using "puppetca --list --all" on the server and check if those clients are in the list. If they are not in the list, it''s probably that bug. >>>>> -Patrick >>>>> >>>> >>>> The problem client does appear to be listed. >>>> >>>> [root@badger /etc/puppet]# puppetca --list --all >>>> + badger.procrast.net >>>> + puppet.procrast.net >>> >>> Does puppetca show the other clients (that work) as being in the same domain? Also, take a look at /etc/puppet/fileserver.conf. >>> >> >> Yep. They all show .procrast.net addresses. My fileserver.conf is quite basic at the moment. It''s got the path to the files for each module and an "allow *" for each. >> >> I believe the fileserver.conf is set up correctly, as the problems are sporadic. On one run a file may fail, but on the other runs it copies properly. Additionally, the other two clients that are not on the same machine as the fileserver have no issues at all. >> > I really have no idea what''s wrong. Here''s some standard troubleshooting ideas that I would try. > > Here are a couple of things to compare between clients that work and clients that don''t: > What version of puppet are they using? > Is the path to the server complicated? (How many router hops? is there a natting firewall in between? High latency? Packet loss?) > What OS are you using?All clients and the server are using 0.25.4 installed via gem. The path to the two remote clients is 10-12 hops, but they work fine. The path to the client that''s running from the same machine as the puppetmaster is, naturally, zero hops. That''s the only one that''s having problems. The problem server is FreeBSD, but I''m fairly certain we can rule out the OS as the problem since the other clients can connect to it without issue and a puppetd on the FreeBSD machine can connect to a remote puppetmaster without any problems. Anyone else happen to have any insight or know of any documentation that specifically speaks to running puppetd and puppetmasterd on the same host with different IP addresses? Thanks! -Brian -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.