Bug #17062

changing --puppet-server-foreman-url does not restart puppetmaster/apache2 service

Added by Joost Polley 4 months ago. Updated 3 months ago.

Status:Closed
Priority:Normal
Assigned To:Dominic Cleal
Category:Foreman modules
Target version:-
Difficulty: Bugzilla link:
Found in release:1.12.3 Pull request:https://github.com/theforeman/puppet-puppet/pull/456
Story points-
Velocity based estimate-
Release1.14.0Release relationshipAuto

Description

When adding an additional trusted host with the foreman-installer (--foreman-proxy-trusted-hosts), the installer does not trigger a restart on the apache2 service, leading into puppet-master not being aware of the change. The foreman-proxy service restarts as expected.

In my case, not having the apache2 service restarted after this change did lead into failing of uploading reports from puppet agent node to Foreman.

Associated revisions

Revision 47679372
Added by Dominic Cleal 3 months ago

fixes #17062 - move master rack restart to puppet::server::service

Includes minor changes to containment of server configuration classes
to ensure notifies of changes from puppet::server::passenger and ::rack
all reach puppet::server::service.

History

#1 Updated by Michael Moll 4 months ago

That trusted_hosts setting is only used in foreman-proxy's settings. What problems are you seeing regarding the puppet master?

#2 Updated by Joost Polley 4 months ago

Michael Moll wrote:

That trusted_hosts setting is only used in foreman-proxy's settings. What problems are you seeing regarding the puppet master?

Apologies, I mentioned the wrong setting here. Is there a way I can decently edit the description / title of my ticket?

I'm talking about the --puppet-server-foreman-url. I did change that setting to fix my initial registration of the foreman-proxy with my Foreman instance. However, it looked like puppet-master did not pick this up (I noticed this when reports from my test node its puppet run did not end up in Foreman).

I got the following error in syslog:

Oct 20 19:08:37 dev-puppet-master puppet-master[14972]: ["/usr/lib/ruby/2.1.0/uri/generic.rb:214:in `initialize'", "/usr/lib/ruby/2.1.0
/uri/http.rb:84:in `initialize'", "/usr/lib/ruby/2.1.0/uri/common.rb:214:in `new'", "/usr/lib/ruby/2.1.0/uri/common.rb:214:in `parse'",
 "/usr/lib/ruby/2.1.0/uri/common.rb:747:in `parse'", "/usr/lib/ruby/2.1.0/uri/common.rb:1232:in `URI'", "/usr/lib/ruby/2.1.0/net/http.r
b:1029:in `proxy_uri'", "/usr/lib/ruby/2.1.0/net/http.rb:1016:in `proxy?'", "/usr/lib/ruby/2.1.0/net/http.rb:869:in `connect'", "/usr/l
ib/ruby/2.1.0/net/http.rb:863:in `do_start'", "/usr/lib/ruby/2.1.0/net/http.rb:852:in `start'", "/usr/lib/ruby/2.1.0/net/http.rb:1369:i
n `request'", "/usr/lib/ruby/vendor_ruby/puppet/reports/foreman.rb:65:in `process'", "/usr/lib/ruby/vendor_ruby/puppet/indirector/repor
t/processor.rb:37:in `block in process'", "/usr/lib/ruby/vendor_ruby/puppet/indirector/report/processor.rb:53:in `block in processors'" 
, "/usr/lib/ruby/vendor_ruby/puppet/indirector/report/processor.rb:51:in `each'", "/usr/lib/ruby/vendor_ruby/puppet/indirector/report/p
rocessor.rb:51:in `processors'", "/usr/lib/ruby/vendor_ruby/puppet/indirector/report/processor.rb:30:in `process'", "/usr/lib/ruby/vend
or_ruby/puppet/indirector/report/processor.rb:14:in `save'", "/usr/lib/ruby/vendor_ruby/puppet/indirector/indirection.rb:283:in `save'" 
, "/usr/lib/ruby/vendor_ruby/puppet/network/http/api/v1.rb:160:in `do_save'", "/usr/lib/ruby/vendor_ruby/puppet/network/http/api/v1.rb:
50:in `block in call'", "/usr/lib/ruby/vendor_ruby/puppet/context.rb:64:in `override'", "/usr/lib/ruby/vendor_ruby/puppet.rb:244:in `ov
erride'", "/usr/lib/ruby/vendor_ruby/puppet/network/http/api/v1.rb:49:in `call'", "/usr/lib/ruby/vendor_ruby/puppet/network/http/route.
rb:82:in `block in process'", "/usr/lib/ruby/vendor_ruby/puppet/network/http/route.rb:81:in `each'", "/usr/lib/ruby/vendor_ruby/puppet/
network/http/route.rb:81:in `process'", "/usr/lib/ruby/vendor_ruby/puppet/network/http/handler.rb:63:in `block in process'", "/usr/lib/
ruby/vendor_ruby/puppet/util/profiler/around_profiler.rb:58:in `profile'", "/usr/lib/ruby/vendor_ruby/puppet/util/profiler.rb:51:in `pr
ofile'", "/usr/lib/ruby/vendor_ruby/puppet/network/http/handler.rb:61:in `process'", "/usr/lib/ruby/vendor_ruby/puppet/network/http/rac
k.rb:21:in `call'", "/usr/lib/ruby/vendor_ruby/phusion_passenger/rack/thread_handler_extension.rb:74:in `process_request'", "/usr/lib/r
uby/vendor_ruby/phusion_passenger/request_handler/thread_handler.rb:141:in `accept_and_process_next_request'", "/usr/lib/ruby/vendor_ru
by/phusion_passenger/request_handler/thread_handler.rb:109:in `main_loop'", "/usr/lib/ruby/vendor_ruby/phusion_passenger/request_handle
r.rb:455:in `block (3 levels) in start_threads'"]

I did restart apache2 - which fixed the issue.

#3 Updated by Joost Polley 4 months ago

Small correction: actual log message of the report processor also included now.

Oct 20 19:08:37 dev-puppet-master puppet-master[14972]: Report processor failed: Could not send report to Foreman at dev-foreman.domain
.com/api/reports: the scheme http does not accept registry part: :80 (or bad hostname?)

Oct 20 19:08:37 dev-puppet-master puppet-master[14972]: ["/usr/lib/ruby/2.1.0/uri/generic.rb:214:in `initialize'", "/usr/lib/ruby/2.1.0
/uri/http.rb:84:in `initialize'", "/usr/lib/ruby/2.1.0/uri/common.rb:214:in `new'", "/usr/lib/ruby/2.1.0/uri/common.rb:214:in `parse'",
 "/usr/lib/ruby/2.1.0/uri/common.rb:747:in `parse'", "/usr/lib/ruby/2.1.0/uri/common.rb:1232:in `URI'", "/usr/lib/ruby/2.1.0/net/http.r
b:1029:in `proxy_uri'", "/usr/lib/ruby/2.1.0/net/http.rb:1016:in `proxy?'", "/usr/lib/ruby/2.1.0/net/http.rb:869:in `connect'", "/usr/l
ib/ruby/2.1.0/net/http.rb:863:in `do_start'", "/usr/lib/ruby/2.1.0/net/http.rb:852:in `start'", "/usr/lib/ruby/2.1.0/net/http.rb:1369:i
n `request'", "/usr/lib/ruby/vendor_ruby/puppet/reports/foreman.rb:65:in `process'", "/usr/lib/ruby/vendor_ruby/puppet/indirector/repor
t/processor.rb:37:in `block in process'", "/usr/lib/ruby/vendor_ruby/puppet/indirector/report/processor.rb:53:in `block in processors'" 
, "/usr/lib/ruby/vendor_ruby/puppet/indirector/report/processor.rb:51:in `each'", "/usr/lib/ruby/vendor_ruby/puppet/indirector/report/p
rocessor.rb:51:in `processors'", "/usr/lib/ruby/vendor_ruby/puppet/indirector/report/processor.rb:30:in `process'", "/usr/lib/ruby/vend
or_ruby/puppet/indirector/report/processor.rb:14:in `save'", "/usr/lib/ruby/vendor_ruby/puppet/indirector/indirection.rb:283:in `save'" 
, "/usr/lib/ruby/vendor_ruby/puppet/network/http/api/v1.rb:160:in `do_save'", "/usr/lib/ruby/vendor_ruby/puppet/network/http/api/v1.rb:
50:in `block in call'", "/usr/lib/ruby/vendor_ruby/puppet/context.rb:64:in `override'", "/usr/lib/ruby/vendor_ruby/puppet.rb:244:in `ov
erride'", "/usr/lib/ruby/vendor_ruby/puppet/network/http/api/v1.rb:49:in `call'", "/usr/lib/ruby/vendor_ruby/puppet/network/http/route.
rb:82:in `block in process'", "/usr/lib/ruby/vendor_ruby/puppet/network/http/route.rb:81:in `each'", "/usr/lib/ruby/vendor_ruby/puppet/
network/http/route.rb:81:in `process'", "/usr/lib/ruby/vendor_ruby/puppet/network/http/handler.rb:63:in `block in process'", "/usr/lib/
ruby/vendor_ruby/puppet/util/profiler/around_profiler.rb:58:in `profile'", "/usr/lib/ruby/vendor_ruby/puppet/util/profiler.rb:51:in `pr
ofile'", "/usr/lib/ruby/vendor_ruby/puppet/network/http/handler.rb:61:in `process'", "/usr/lib/ruby/vendor_ruby/puppet/network/http/rac
k.rb:21:in `call'", "/usr/lib/ruby/vendor_ruby/phusion_passenger/rack/thread_handler_extension.rb:74:in `process_request'", "/usr/lib/r
uby/vendor_ruby/phusion_passenger/request_handler/thread_handler.rb:141:in `accept_and_process_next_request'", "/usr/lib/ruby/vendor_ru
by/phusion_passenger/request_handler/thread_handler.rb:109:in `main_loop'", "/usr/lib/ruby/vendor_ruby/phusion_passenger/request_handle
r.rb:455:in `block (3 levels) in start_threads'"]

#4 Updated by Michael Moll 4 months ago

  • Subject changed from foreman-installer: add additional --foreman-proxy-trusted-hosts does not restart apache2 service to changing --puppet-server-foreman-url does not restart puppetmaster/apache2 service
  • Category changed from foreman-installer script to Foreman modules

#5 Updated by Dominic Cleal 3 months ago

It does refresh puppet::server::service, but when using a Rack-based master (under Apache) then this wouldn't trigger a restart. It only restarts the standalone service (non-Rack Puppet 3 or Puppet Server).

[ WARN 2016-11-14 10:05:34 verbose]  /Stage[main]/Foreman::Puppetmaster/File[/etc/puppetlabs/puppet/foreman.yaml]/content: 
[ WARN 2016-11-14 10:05:34 verbose] --- /etc/puppetlabs/puppet/foreman.yaml     2016-11-09 04:53:50.914000000 -0500
[ WARN 2016-11-14 10:05:34 verbose] +++ /tmp/puppet-file20161114-31466-k8qw52   2016-11-14 10:05:34.810000000 -0500
[ WARN 2016-11-14 10:05:34 verbose] @@ -1,5 +1,5 @@
[ WARN 2016-11-14 10:05:34 verbose]  ---
[ WARN 2016-11-14 10:05:34 verbose] -:url: "https://foreman.example.com" 
[ WARN 2016-11-14 10:05:34 verbose] +:url: "https://puppet.example.com" 
[ WARN 2016-11-14 10:05:34 verbose]  :ssl_ca: "/etc/puppetlabs/puppet/ssl/ca/ca_crt.pem" 
[ WARN 2016-11-14 10:05:34 verbose]  :ssl_cert: "/etc/puppetlabs/puppet/ssl/certs/foreman.example.com.pem" 
[ WARN 2016-11-14 10:05:34 verbose]  :ssl_key: "/etc/puppetlabs/puppet/ssl/private_keys/foreman.example.com.pem" 
[ WARN 2016-11-14 10:05:34 verbose]  /Stage[main]/Foreman::Puppetmaster/File[/etc/puppetlabs/puppet/foreman.yaml]/content: current_value {md5}ee8881b0c971c49dbd622cec1fe27f66, should be {md5}3ea7a27139655485174a99c746e46f79 (noop)
[ WARN 2016-11-14 10:05:34 verbose]  Class[Foreman::Puppetmaster]: Would have triggered 'refresh' from 1 events
[ INFO 2016-11-14 10:05:34 verbose]  Class[Foreman::Puppetmaster]: Scheduling refresh of Anchor[puppet::server::config_end]
[ WARN 2016-11-14 10:05:34 verbose]  /Stage[main]/Puppet::Server::Config/Anchor[puppet::server::config_end]: Would have triggered 'refresh' from 1 events
[ WARN 2016-11-14 10:05:38 verbose]  Class[Puppet::Server::Config]: Would have triggered 'refresh' from 1 events
[ INFO 2016-11-14 10:05:38 verbose]  Class[Puppet::Server::Config]: Scheduling refresh of Class[Foreman_proxy::Config]
[ INFO 2016-11-14 10:05:38 verbose]  Class[Puppet::Server::Config]: Scheduling refresh of Class[Foreman_proxy::Service]
[ INFO 2016-11-14 10:05:38 verbose]  Class[Puppet::Server::Config]: Scheduling refresh of Class[Puppet::Server::Service]

#6 Updated by The Foreman Bot 3 months ago

  • Status changed from New to Ready For Testing
  • Assigned To set to Dominic Cleal
  • Pull request https://github.com/theforeman/puppet-puppet/pull/456 added

#7 Updated by Dominic Cleal 3 months ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

#8 Updated by Dominic Cleal 3 months ago

  • Release set to 1.14.0

Also available in: Atom PDF