Puppet users - Aug 2014 - Using puppet with Apache mod_disk_cache and passenger over SSL

I have tried to setup Apache with passenger to host the puppetmaster but I 
also want to cache. I have no problems running puppet within Passenger with 
httpd. I also enabled mod_disk_cache within Apache. However, I still see my 
puppet client htting the puppetmaster and the puppetmaster compiles the 
manifest every time. In /var/cache/mod_cache, I can see that the data was 
properly cached. 

What is wrong with my configuration that still allows httpd to serve up the 
request from the puppetmaster rather than using the cache? I was looking at 
lessening the load on the puppetmaster and have the cache handle common 
requests.

LoadModule ssl_module modules/mod_ssl.so

ServerName hostname

# RHEL/CentOS:
# And the passenger performance tuning settings:
PassengerHighPerformance On
PassengerUseGlobalQueue On
# Set this to about 1.5 times the number of CPU cores in your master:
PassengerMaxPoolSize 6
# Recycle master processes after they service 1000 requests
PassengerMaxRequests 1000
# Stop processes if they sit idle for 10 minutes
PassengerPoolIdleTime 600
PassengerTempDir /var/run/passenger

# Add %D for "The time taken to serve the request, in microseconds."

LogFormat "%h %l %u %t \"%r\" %>s %b %D
\"%{Referer}i\" \"%{User-Agent}i\""
puppet

Listen 8140
<VirtualHost *:8140>
    SSLEngine On

    # Only allow high security cryptography. Alter if needed for 
compatibility.
    SSLProtocol             All -SSLv2
    SSLCipherSuite          HIGH:!ADH:RC4+RSA:-MEDIUM:-LOW:-EXP
    SSLCertificateFile      /var/lib/puppet/ssl/certs/hostname.pem
    SSLCertificateKeyFile   /var/lib/puppet/ssl/private_keys/hostname.pem
    SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
    SSLCACertificateFile    /var/lib/puppet/ssl/ca/ca_crt.pem
    SSLCARevocationFile     /var/lib/puppet/ssl/ca/ca_crl.pem
    SSLVerifyClient         optional
    SSLVerifyDepth          1
    SSLOptions              +StdEnvVars +ExportCertData

    # These request headers are used to pass the client certificate
    # authentication information on to the puppet master process
    RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
    RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
    RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e

    RackAutoDetect On
    DocumentRoot /usr/share/puppet/rack/puppetmasterd/public/
    <Directory /usr/share/puppet/rack/puppetmasterd/>
        Options Indexes
        AllowOverride None
        Order Allow,Deny
        Allow from All
    </Directory>

    <IfModule mod_expires.c>
       <Location /production/file_metadatas/>
          ExpiresActive On
          ExpiresDefault "access plus 30 minutes"
       </Location>
    </IfModule>
    <IfModule mod_disk_cache.c>
       CacheEnable disk /production/file_metadata/
       CacheEnable disk /production/file_metadatas/
       CacheRoot "/var/cache/mod_cache"
       CacheDefaultExpire 1800
       CacheIgnoreNoLastMod On
    </IfModule>

</VirtualHost>

mod_cache]# ls -la
total 40
drwxr-xr-x  10 apache apache 4096 Aug 29 12:37 .
drwxr-xr-x. 18 root   root   4096 Aug 29 12:36 ..
drwx------   3 apache apache 4096 Aug 29 12:37 Hk
drwx------   3 apache apache 4096 Aug 29 12:37 K5
drwx------   3 apache apache 4096 Aug 29 12:37 Q9
drwx------   3 apache apache 4096 Aug 29 12:37 Rl
drwx------   3 apache apache 4096 Aug 29 12:37 St
drwx------   3 apache apache 4096 Aug 29 12:37 ui
drwx------   3 apache apache 4096 Aug 29 12:37 wV
drwx------   3 apache apache 4096 Aug 29 12:37 _Z


-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/e5761830-21de-4400-879e-218caa2fd004%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.