Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Using puppetdb = true with server_type = 'puppetserver' doesn't seem to work #71

Open
jharlow1 opened this issue Jan 18, 2016 · 4 comments
Open

Using puppetdb = true with server_type = 'puppetserver' doesn't seem to work #71

jharlow1 opened this issue Jan 18, 2016 · 4 comments

Comments

@jharlow1
Copy link 

class { puppet::profile::agent:
   puppet_server => $::fqdn,
 }

 class { puppet::profile::master:
   server_type         => 'puppetserver',
   puppet_service_name => 'puppetserver',
   puppetdb            => true,
   puppetdb_server     => $::fqdn,
   puppetdb_version    => '2.3.8-1.el6',
 }

This results in what appears to be a chicken/egg problem...PuppetDB needs the puppetserver service to start up before it does anything (in order to generate certificates). However, if it knows the proper service name (puppetserver) to restart, then it tries to start up puppetdb before it gets around to starting puppetserver and the startup fails because there aren't any certs.

Ran into similar issue with the foreman puppet module, and can't seem to find a viable workaround aside from manually doing a puppet apply of the puppet server parts then the puppetdb parts....am I missing something ?
@jharlow1
Copy link
Author

Sorry, left of some pertinent info...This is on CentOS 6 with the following package versions:

puppetdb-terminus-2.3.8-1.el6.noarch
puppetdb-2.3.8-1.el6.noarch
puppet-3.8.4-1.el6.noarch
puppetserver-1.1.3-1.el6.noarch

@jharlow1
Copy link
Author

I guess the workaround is just to do

puppet cert generate `hostname`

before doing the puppet apply of the role containing this puppet module, but curious if there's a way to handle the whole thing with just a single puppet apply.

@rendhalver
Copy link
Member

Yeah this is a bit of a chicken egg problem.

I used to have the module setup so you could actually bootstrap it from scratch with puppet apply but I don't know if that will work anymore.

I will reinvestigate that and see if it can be fixed.

@jharlow1
Copy link
Author

Thanks...having to generate the cert before kicking off the apply isn't the end of the world, I just wanted to make sure I wasn't missing something stupid. I banged on it for a while and couldn't get anything working....it looks like there was at one point a similar issue open in the puppetdb module's issue tracker, but it wasn't fully ported over from the old github issue tracker into Jira and it was closed as a won't fix with minimal detail.

https://tickets.puppetlabs.com/browse/MODULES-227

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rendhalver @jharlow1