Hi, On Mar 11, 12:02 am, Peter Meier <[email protected]> wrote: > > 1) When puppetd starts for the first time and cannot reach > > puppetmasterd (due to routing or firewall problem), it hangs and > > cannot be stopped with SIGTERM (that is used by /etc/init.d/puppet > > stop and restart) > > Might be related to 3) ?
I found out more but it is not yet fully reproducable on arbitrary hosts. It appears to be related to DNS domain detection: When puppetd completely fails to determine the domain name of the local host AND no "server = ..." directive is specified in the [puppetd] section of puppet.conf then puppetd does not terminate on SIGTERM. puppetd (or maybe ruby) tries at least the following to find the domain name: * calls program dnsdomainname * DNS-resolves the local hostname if it is not already fully qualified When it runs into the problem it prints the following two error lines: dnsdomainname: Unknown host dnsdomainname: Unknown host To reproduce you have to remove all "domain" and "search" lines from /etc/resolv.conf; make sure that hostname is the short name; check that dnsdomainname fails with "Unknown" host and that "nslookup <shortname>" does not resolve. But there seems to be another contributing factor that I could not yet find (it is not nscd). Then stop puppetd and run it in foreground. Trace output: # puppetd --no-daemonize -d -v --trace dnsdomainname: Unknown host dnsdomainname: Unknown host debug: Failed to load library 'selinux' for feature 'selinux' debug: Puppet::Type::User::ProviderPw: file pw does not exist debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/ dscl does not exist debug: Puppet::Type::User::ProviderUser_role_add: file roledel does not exist debug: Failed to load library 'ldap' for feature 'ldap' debug: Puppet::Type::User::ProviderLdap: feature ldap is missing debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl/public_keys]: Autorequiring File[/var/ lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl/private_keys/wodka1.pem]: Autorequiring File[/var/lib/puppet/ssl/private_keys] debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/ puppet] debug: /File[/var/lib/puppet/client_yaml]: Autorequiring File[/var/lib/ puppet] debug: /File[/var/lib/puppet/ssl/certs]: Autorequiring File[/var/lib/ puppet/ssl] debug: /File[/var/run/puppet/puppetd.pid]: Autorequiring File[/var/run/ puppet] debug: /File[/var/lib/puppet/ssl/private_keys]: Autorequiring File[/ var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl/public_keys/wodka1.pem]: Autorequiring File[/var/lib/puppet/ssl/public_keys] debug: /File[/var/lib/puppet/ssl/private]: Autorequiring File[/var/lib/ puppet/ssl] debug: /File[/var/lib/puppet/state/graphs]: Autorequiring File[/var/ lib/puppet/state] debug: /File[/var/lib/puppet/ssl/certificate_requests]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/ puppet] debug: /File[/etc/puppet/puppet.conf]: Autorequiring File[/etc/puppet] debug: /File[/var/lib/puppet/clientbucket]: Autorequiring File[/var/ lib/puppet] debug: Finishing transaction -609097158 with 0 changes err: Could not request certificate: getaddrinfo: Name or service not known err: Could not request certificate: getaddrinfo: Name or service not known err: Could not request certificate: getaddrinfo: Name or service not known err: Could not request certificate: getaddrinfo: Name or service not known The last line is repeated every few minutes. SIGTERM does not terminate puppetd. -gr -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
