Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-6684

Puppet agent run errors with `Could not run stack level too deep`

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Normal
    • Resolution: Cannot Reproduce
    • None
    • None
    • None
    • Platform Core

    Description

      I have configured Puppet Server to use an external CA, and generated the necessary keys.
      My puppet.conf looks like the following:

      [master]
      vardir = /opt/puppetlabs/server/data/puppetserver
      logdir = /var/log/puppetlabs/puppetserver
      rundir = /var/run/puppetlabs/puppetserver
      pidfile = /var/run/puppetlabs/puppetserver/puppetserver.pid
      codedir = /etc/puppetlabs/code
      ca = false
      cacert = /etc/puppet/ssl/certs/bubbleshadow-ca-cert.pem
      hostcert = /etc/puppet/ssl/certs/bubbleshadow-server-cert.pem
      hostprivkey = /etc/puppet/ssl/private_keys/bubbleshadow-server-key.pem
      ssl_client_ca_auth = /etc/puppet/ssl/certs/bubbleshadow-ca-cert.pem

      [agent]
      server = puppet.bubbleshadow.net
      hostcert = /etc/puppet/ssl/certs/bubbleshadow-agent-cert.pem
      hostprivkey = /etc/puppet/ssl/private_keys/bubbleshadow-agent-key.pem
      localcacert = /etc/puppet/ssl/certs/bubbleshadow-ca-cert.pem
      certificate_revocation = false

      However, when I try to run `puppet agent --test --debug` I get the following output:

      Debug: Using cached certificate for ca
      Debug: Dynamically-bound server lookup failed, falling back to ca_server setting
      Debug: Dynamically-bound port lookup failed; falling back to ca_port setting

      This continues to loop until it finally errors out with:

      Error: Could not run: stack level too deep

      I don't understand why it's trying to do anything with a CA, since the certificate has already been signed manually with openssl.

      Attachments

        Issue Links

          relates to

          New Feature - A new feature of the product, which has yet to be developed. PUP-6475 Agent should use first entry of server_list in cases where failover has not occured

          • Normal - Regular issue, some loss of functionality under specific circumstances.
          • Closed

          Activity

            People

              bubbleshadow Daniel Lynch
              bubbleshadow Daniel Lynch
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Zendesk Support