0

RHEL5.2でApache/PusionPassengerを設定しようとしています。これまでのところ、apache用のpassengerモジュールとmod_sslのインストールは成功しましたが、puppetクライアントエージェントをテストしようとすると問題が発生します。

これは、/ etc / httpd/conf.dにあるpassenger.confがどのように見えるです

LoadModule passenger_module /usr/lib/ruby/gems/1.8/gems/passenger-3.0.18/ext/apache2/mod_passenger.so

PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-3.0.18
PassengerRuby /usr/bin/ruby

# you probably want to tune these settings
PassengerHighPerformance on
PassengerMaxPoolSize 12
PassengerPoolIdleTime 1500
# PassengerMaxRequests 1000
PassengerStatThrottleRate 120
RackAutoDetect On
RailsAutoDetect Off

Listen 8140

<VirtualHost *:8140>
        SSLEngine on
        SSLProtocol -ALL +SSLv3 +TLSv1
        SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP

        SSLCertificateFile      /var/lib/puppet/ssl/certs/xxxxx.pem
        SSLCertificateKeyFile   /var/lib/puppet/ssl/private_keys/xxxxx.pem
        SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
        SSLCACertificateFile    /var/lib/puppet/ssl/ca/ca_crt.pem
        # If Apache complains about invalid signatures on the CRL, you can try disabling
        # CRL checking by commenting the next line, but this is not recommended.
        SSLCARevocationFile     /var/lib/puppet/ssl/ca/ca_crl.pem
        SSLVerifyClient optional
        SSLVerifyDepth  1
        # The `ExportCertData` option is needed for agent certificate expiration warnings
        SSLOptions +StdEnvVars +ExportCertData

        # This header needs to be set if using a loadbalancer or proxy
        RequestHeader unset X-Forwarded-For

        RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
        RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
        RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e

        DocumentRoot /etc/puppet/rack/public/
        RackBaseURI /
        <Directory /etc/puppet/rack/>
                Options None
                AllowOverride None
                Order allow,deny
                allow from all
        </Directory>
</VirtualHost>

私のパペット構成/etc/puppet/puppet.conf

[main]
    # The Puppet log directory.
    # The default value is '$vardir/log'.
    logdir = /var/log/puppet

    # Where Puppet PID files are kept.
    # The default value is '$vardir/run'.
    rundir = /var/run/puppet

    # Where SSL certificates are kept.
    # The default value is '$confdir/ssl'.
    ssldir = $vardir/ssl
    ssl_client_header = SSL_CLIENT_S_DN
    ssl_client_verify_header = SSL_CLIENT_VERIFY
[agent]
    # The file in which puppetd stores a list of the classes
    # associated with the retrieved configuratiion.  Can be loaded in
    # the separate ``puppet`` executable using the ``--loadclasses``
    # option.
    # The default value is '$confdir/classes.txt'.
    classfile = $vardir/classes.txt

    # Where puppetd caches the local configuration.  An
    # extension indicating the cache format is added automatically.
    # The default value is '$confdir/localconfig'.
    localconfig = $vardir/localconfig

httpdサーバーのログで次の警告が表示されます

[Mon Dec 03 13:53:08 2012] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Mon Dec 03 13:53:08 2012] [warn] RSA server certificate CommonName (CN) `xxxxx' does NOT match server name!?
[Mon Dec 03 13:53:08 2012] [notice] Digest: generating secret for digest authentication ...
[Mon Dec 03 13:53:08 2012] [notice] Digest: done
[Mon Dec 03 13:53:08 2012] [warn] RSA server certificate CommonName (CN) `xxxxx' does NOT match server name!?
[Mon Dec 03 13:53:08 2012] [notice] Apache/2.2.3 (Red Hat) configured -- resuming normal operations

puppet agent --testを実行すると、クライアントログからhtml出力も取得します

The application has exited during startup (i.e. during the evaluation of config/environment.rb). The error message may have been written to the web server's log file. Please check the web server's log file (i.e. not the (Rails) application's log file) to find out why the application exited.
If that doesn't help, then please use the backtrace below to debug the problem.

Application root:
/etc/puppet/rack



    /usr/lib/ruby/site_ruby/1.8/puppet/util.rb  514 in `exit'
    /usr/lib/ruby/site_ruby/1.8/puppet/util.rb  514 in `exit_on_fail'
    /usr/lib/ruby/site_ruby/1.8/puppet/application.rb   344 in `run'
    /usr/lib/ruby/site_ruby/1.8/puppet/util/command_line.rb 76  in `execute'
    config.ru   33  
    /usr/lib/ruby/gems/1.8/gems/rack-1.4.1/lib/rack/builder.rb  51  in `instance_eval'
    /usr/lib/ruby/gems/1.8/gems/rack-1.4.1/lib/rack/builder.rb  51  in `initialize'
    config.ru   1   in `new'
    config.ru   1

Config.ru

# a config.ru, for use with every rack-compatible webserver.
# SSL needs to be handled outside this, though.

# if puppet is not in your RUBYLIB:
# $LOAD_PATH.unshift('/opt/puppet/lib')

$0 = "master"

# if you want debugging:
# ARGV << "--debug"

ARGV << "--rack"

# Rack applications typically don't start as root.  Set --confdir to prevent
# reading configuration from ~/.puppet/puppet.conf
ARGV << "--confdir" << "/etc/puppet"

# NOTE: it's unfortunate that we have to use the "CommandLine" class
#  here to launch the app, but it contains some initialization logic
#  (such as triggering the parsing of the config file) that is very
#  important.  We should do something less nasty here when we've
#  gotten our API and settings initialization logic cleaned up.
#
# Also note that the "$0 = master" line up near the top here is
#  the magic that allows the CommandLine class to know that it's
#  supposed to be running master.
#
# --cprice 2012-05-22

require 'puppet/util/command_line'
# we're usually running inside a Rack::Builder.new {} block,
# therefore we need to call run *here*.
run Puppet::Util::CommandLine.new.execute

これは、WebrickのデフォルトのWebサーバーを使用して機能し、問題なくpuppetクライアントに接続していました。

この問題のトラブルシューティングに役立つ他の手がかりはありますか?

4

1 に答える 1

0

デフォルトファイルにパラメータがないため、3.0.0と3.0.1の間でconfig.ruに修正が加えられました発生しているエラーは明確ではありませんが、これが問題である可能性があります。

次の行が追加されました。

ARGV << "--vardir"  << "/var/lib/puppet"

Puppet3.0.1から完全なconfig.ruを取得してみてください。

于 2012-12-04T18:54:32.193 に答える