Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-10157

Observe server_list for CA requests



    • Bug
    • Status: Resolved
    • Normal
    • Resolution: Fixed
    • PUP 6.11.0
    • PUP 6.12.0
    • None
    • Coremunity
    • Platform Core KANBAN
    • Needs Assessment
    • Bug Fix
    • The ca service now observes the ServerList resolver when attempting to resolve routes. Previously we were only using SRV Records or the server/ca_server setting to find this information.
    • Needs Assessment


      puppet does not observe the server_list setting when making CA requests. This is a regression introduced in https://tickets.puppetlabs.com/browse/PUP-10040 as it wasn't apparent that Puppet::Rest::Routes called Puppet::Util::Connection.determine_server to set the @default_server.

      We need to enable the server_list resolver such that:

      1. If we successfully resolved the CA server/port once in a session, then we should always reuse that same server/port
      2. Next if SRV records are enabled, we should try to connect to each entry. If that fails, fallback to #3
      3. Next if server_list is set and ca_server is not set explicitly (so inherits server), we should try each server/port combo. If the list is exhausted, raise an error.
      4. Next fallback to ca_server setting which defaults to server. If that fails, fallback to #5
      5. Raise no more routes to try

      Note we are preserving the old behavior of "if the server list is exhausted, raise an error" instead of falling back to settings.




            melissa Melissa Stone
            josh Josh Cooper
            0 Vote for this issue
            2 Start watching this issue



              Zendesk Support