Maniphest T192848

puppetmaster puppet.conf refers to noexistent files
Closed, DuplicatePublic
Actions

Assigned To

None

Authored By

	Andrew
	Apr 23 2018, 8:29 PM

Description

On puppetmaster1001.wikimedia.org:

andrew@puppetmaster1001:/srv/private/modules/secret/secrets/puppetmaster$ tail /etc/puppet/puppet.conf
storeconfigs = true
storeconfigs_backend = puppetdb
stringify_facts = false

always_cache_features = true
trusted_node_data = true
# SSL
ssldir = /var/lib/puppet/server/ssl/
hostcert = /var/lib/puppet/server/ssl/certs/puppetmaster1001.eqiad.wmnet.pem
hostprivkey = /var/lib/puppet/server/ssl/private_keys/puppetmaster1001.eqiad.wmnet.pem
andrew@puppetmaster1001:/srv/private/modules/secret/secrets/puppetmaster$ sudo ls /var/lib/puppet/server/ssl/certs/puppetmaster1001.eqiad.wmnet.pem
ls: cannot access '/var/lib/puppet/server/ssl/certs/puppetmaster1001.eqiad.wmnet.pem': No such file or directory
andrew@puppetmaster1001:/srv/private/modules/secret/secrets/puppetmaster$ sudo ls /var/lib/puppet/server/ssl/private_keys/puppetmaster1001.eqiad.wmnet.pem
ls: cannot access '/var/lib/puppet/server/ssl/private_keys/puppetmaster1001.eqiad.wmnet.pem': No such file or directory
andrew@puppetmaster1001:/srv/private/modules/secret/secrets/puppetmaster$

Both $hostcert and $hostprivkey refer to files that don't actually exist. Clearly we're getting along fine without them, but this still seems kind of bad... I'm trying to troubleshoot an issue with a different puppetmaster (T181523) and have discovered that puppetmaster1001 is maybe not a great example to follow.

Related Objects
Search...

Status	Assigned	Task
Resolved	aborrero	T178717 Upgrade wmcs instances and masters to puppet 4.8
Resolved	None	T177254 Upgrade to puppet 4 (4.8 or newer)
Open	None	T330490 Next steps for Puppet 7
Open	None	T351104 Issues which should be fixed by puppet7 upgrade
Stalled	None	T179099 puppetmaster hostcert and hostprivkey point to nonexistent files
Duplicate	None	T192848 puppetmaster puppet.conf refers to noexistent files

Event Timeline

Andrew created this task.Apr 23 2018, 8:29 PM

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptApr 23 2018, 8:29 PM

Hey @Andrew, there's some additional information about this in T179099

ok, I'll close this as a duplicate. Looks like today's the day to fix the issue though... I read the task but still don't quite understand why we don't just not set those values.

Andrew closed this task as a duplicate of T179099: puppetmaster hostcert and hostprivkey point to nonexistent files.Apr 23 2018, 10:20 PM

• Vvjjkkii renamed this task from puppetmaster puppet.conf refers to noexistent files to feeaaaaaaa.Jul 1 2018, 1:14 AM

• Vvjjkkii reopened this task as Open.

• Vvjjkkii triaged this task as High priority.

• Vvjjkkii added projects: CheckUser, Connected-Open-Heritage-Batch-uploads (RAÄ-KMB_1_2017-02), Tamil-Sites, Gamepress, Hashtags, Jade, KartoEditor, Language-2018-Apr-June, New-Editor-Experiences, Mail, TCB-Team (now WMDE-TechWish).

• Vvjjkkii updated the task description. (Show Details)

• Vvjjkkii removed a subscriber: Aklapper.

Wong128hk renamed this task from feeaaaaaaa to puppetmaster puppet.conf refers to noexistent files.Jul 1 2018, 5:58 AM

Wong128hk raised the priority of this task from High to Needs Triage.

Wong128hk removed projects: TCB-Team (now WMDE-TechWish), Mail, New-Editor-Experiences, Language-2018-Apr-June, KartoEditor, Jade, Hashtags, Gamepress, Tamil-Sites, Connected-Open-Heritage-Batch-uploads (RAÄ-KMB_1_2017-02), CheckUser.

Wong128hk updated the task description. (Show Details)

Wong128hk closed this task as a duplicate of T179099: puppetmaster hostcert and hostprivkey point to nonexistent files.

Wong128hk added a subscriber: Aklapper.

puppetmaster puppet.conf refers to noexistent filesClosed, DuplicatePublicActions

Description

Related ObjectsSearch...

Event Timeline

puppetmaster puppet.conf refers to noexistent files
Closed, DuplicatePublic
Actions

Related Objects
Search...