Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-10664

Puppet 6 should log connection error details when a functional puppet master cannot be located

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: PUP 6.18.0
    • Fix Version/s: PUP 6.19.0
    • Component/s: None
    • Labels:
    • Template:
    • Team:
      Coremunity
    • Sprint:
      Platform Core KANBAN
    • Release Notes:
      Bug Fix
    • Release Notes Summary:
      Hide
      Puppet agents now always log errors that occur when trying to connect to each server in its "server_list" setting at the "err" level. Previously, the errors were only logged at the "debug" level or at the "err" level if the no servers were available.
      Show
      Puppet agents now always log errors that occur when trying to connect to each server in its "server_list" setting at the "err" level. Previously, the errors were only logged at the "debug" level or at the "err" level if the no servers were available.
    • QA Risk Assessment:
      Needs Assessment

      Description

      At the beginning of each run, the Puppet agent performs a health check to locate a functional Puppet Server to make API calls to. If this health check fails, the run fails with the following message:

      Error: Could not run Puppet configuration client: Could not select a functional puppet master from server_list: 'localhost:8140'
      

      In order to facilitate troubleshooting, the messages logged at error level should include some detail of what happened to the health check.

      Reproduction Case

      • Install Puppet 6 on CentOS 7:

      yum install -y http://yum.puppetlabs.com/puppet6-release-el-6.noarch.rpm
      yum install -y puppetserver
      

      • Configure the agent to check in locally and bootstrap the Puppet Server CA:

      source /etc/profile.d/puppet-agent.sh
       
      puppet config set server $(hostname -f)
      puppetserver ca setup
       
      systemctl start puppetserver
      

      • Provoke a health check failure by running the Puppet agent with the server url set to localhoost:

      puppet agent -t --server_list=localhost:8140
      

      Outcome

      The error message is very terse and just states that a healthy server could not be found:

      # puppet --version
      6.18.0
       
      # puppet agent -t --server_list=localhost:8140
      Error: Could not run Puppet configuration client: Could not select a functional puppet master from server_list: 'localhost:8140'
      

      Expected Outcome

      Raising the log level to DEBUG reveals that the health check failed due to a SSL validation error. These details should be logged at ERROR level so that the root cause of connection failures is visible for post-mortem debugging:

      # puppet agent -t --server_list=localhost:8140 --debug
      ...
      Debug: Unable to connect to server from server_list setting: Server hostname 'localhost' did not match server certificate; expected one of dull-sanatorium.delivery.puppetlabs.net, DNS:puppet, DNS:dull-sanatorium.delivery.puppetlabs.net
      ...
      Error: Could not run Puppet configuration client: Could not select a functional puppet master from server_list: 'localhost:8140'
      

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              josh Josh Cooper
              Reporter:
              chuck Charlie Sharpsteen
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Zendesk Support