Still, this doesn't seem to work in my test setup, i.e. apache as proxy in
front of puppet. I get a "..timeout specified has expired: proxy: prefetch
request body failed to 127.0.0.1:18140" in apache's log.
GETs do work, just PUTs fail. Config is
Listen 8140
<Proxy balancer://puppetmaster>
BalancerMember http://127.0.0.1:18140
BalancerMember http://127.0.0.1:18141
</Proxy>
<VirtualHost *:8140>
SSLEngine On
SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA
SSLCertificateFile /var/lib/puppet/ssl/certs/server.pem
SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/server.pem
SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
SSLVerifyClient require
SSLVerifyDepth 1
SSLOptions +StdEnvVars
RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e
<Location />
SetHandler balancer-manager
Order allow,deny
Allow from all
</Location>
ProxyPass / balancer://puppetmaster/
ProxyPassReverse / balancer://puppetmaster/
ProxyPreserveHost On
ErrorLog /mirror/log/balancer_error_log
CustomLog /mirror/log/balancer_access_log "%h %l %u %t \"%r\" %>s %b
\"%{SSL_CLIENT_S_DN}x\" \"%{User-Agent}i\""
</VirtualHost>
and the perl code is
{
open my $up, "<", "$_[0]" or die "Something went wrong: ".$!; binmode
$up;
my $ck = Digest::MD5->new; $ck->addfile($up); close $up;
my $req = HTTP::Request::StreamingUpload->new(
PUT => "https://
".$server."/file_bucket_file/tftp/md5/".$ck->hexdigest,
path => $_[0],
headers => HTTP::Headers->new(
'Content-Type' => 'application/binary',
'Content-Length' => -s $_[0],
'Accept' => 's',
),
);
my $res = $ua->request($req);
die "Something went wrong: ".$res->status_line unless $res->is_success;
return $res->content;
}
SSL handshake does work, but the puppet process doesn't seem to receive any
data (I'm tailing its debug log). Not sure if I am doing something wrong, or
it is a problem in mod_proxy..
On Thu, Jun 2, 2011 at 4:47 PM, Razvan Cosma <razvan.co...@gmail.com> wrote:
>
> On Tue, May 31, 2011 at 7:41 PM, Daniel Pittman <dan...@puppetlabs.com>wrote:
>
>> On Tue, May 31, 2011 at 07:21, RCosma <razvan.co...@gmail.com> wrote:
>> > Should I compute the MD5 of the file and port its contents at the url ?
>>
>> Yeah, you would need to: the indirector, which this is an instance of,
>> requires that you uniquely identify where you are writing to. So, in
>> the case of the filebucket the "key" is that MD5 checksum; you would
>> need to calculate it for the file and supply it.
>>
>>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
