In the pre main stage I have defined rules to allow outbound and allow related and established. In the post main stage, it does a drop all. Before this was organized into stages, occasionally the drop all would get applied before keep established and allow outbound, and thus the client could lose its connection to the puppet master mid run.
On Tuesday, March 13, 2012 4:16:07 PM UTC-5, Mohamed wrote: > > Just out of curiosity, what do you mean by: > > > We ended > > up in situations where the drop rules would kick before the allow > > established rules, and thus kill the puppet run > > In my experience, what breaks is the reporting attempt puppet clients > makes to the master, not the puppet run itself. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/xBTznk59RKkJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
