Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-10157

Observe server_list for CA requests


    • Type: Bug
    • Status: Resolved
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: PUP 6.11.0
    • Fix Version/s: PUP 6.12.0
    • Component/s: None
    • Template:
      PUP Bug Template
    • Epic Link:
    • Team:
    • Sprint:
      Platform Core KANBAN
    • Method Found:
      Needs Assessment
    • Release Notes:
      Bug Fix
    • Release Notes Summary:
      The ca service now observes the ServerList resolver when attempting to resolve routes. Previously we were only using SRV Records or the server/ca_server setting to find this information.
    • QA Risk Assessment:
      Needs Assessment


      puppet does not observe the server_list setting when making CA requests. This is a regression introduced in https://tickets.puppetlabs.com/browse/PUP-10040 as it wasn't apparent that Puppet::Rest::Routes called Puppet::Util::Connection.determine_server to set the @default_server.

      We need to enable the server_list resolver such that:

      1. If we successfully resolved the CA server/port once in a session, then we should always reuse that same server/port
      2. Next if SRV records are enabled, we should try to connect to each entry. If that fails, fallback to #3
      3. Next if server_list is set and ca_server is not set explicitly (so inherits server), we should try each server/port combo. If the list is exhausted, raise an error.
      4. Next fallback to ca_server setting which defaults to server. If that fails, fallback to #5
      5. Raise no more routes to try

      Note we are preserving the old behavior of "if the server list is exhausted, raise an error" instead of falling back to settings.




            • Assignee:
              melissa Melissa Stone
              josh Josh Cooper
            • Votes:
              0 Vote for this issue
              2 Start watching this issue


              • Created:

                Zendesk Support