Hi folks, I saw Vishal's question over on StackOverflow <https://stackoverflow.com/questions/46811001/puppet-error-ssl-read-shutdown-while-in-init/46822598>, and googling it came back to here!
I answered Vishal over on SO, but thought I'd post it here for Maxim also and close the loop: It seems like there was a breaking change brought in when updating the OpenSSL package with older Puppet 3. Puppet 3 itself is EOL since December of 2016, so I recommend you update to Puppet 4 or even 5, which came out this year. Another benefit: Puppet 4 and onward bundles it's own openssl, so you don't have to worry about breaking Puppet when upgrading openssl (See puppet-agent: What is it, and what's in it? <https://puppet.com/docs/puppet/4.8/about_agent.html>) You can do so with my helper script: wget -O - https://raw.githubusercontent.com/petems/puppet-install-shell/master/install_puppet_agent.sh | sudo sh Or manually: Puppet 5 rpm -ivh http://yum.puppetlabs.com/puppet5/puppet5-release-el-6.noarch.rpm yum install puppet-agent -y Puppet 4 rpm -ivh http://yum.puppetlabs.com/puppetlabs-release-pc1-el-6.noarch.rpm yum install puppet-agent -y On Thursday, October 12, 2017 at 3:39:54 PM UTC+1, Vishal Bhalla wrote: > > Yup - we are seeing similar problems. > > After our client Amazon Linux boxes updated to latest OpenSSL (SL > 1.0.2k-fips 26 Jan 2017) we now see > > Error: SSL_read:: shutdown while in init > > On puppet runs. Only way we could work around it was to perform a yum > rollback :( > > On Monday, 9 October 2017 12:48:09 UTC+1, Maxim Nikolaev wrote: >> >> Hi >> >> I'm using puppet agent 3.8.7 with puppetserver 2.8. Everything worked >> fine for long period. >> This week we set update on openssl (version >> openssl-1.0.2k-7.103.amzn1.x86_6). >> After that we started to get errors on puppet run: >> >> >> >> >> >> *Error: Could not set 'file' on ensure: SSL_read:: shutdown while in >> initError: Could not retrieve catalog from remote server: SSL_read:: >> shutdown while in init*I tried to play with pupptserver and puppet agent >> config. >> >> Added http_keepaalive_timout and set larger body-max-size. >> >> This resolve issue on existing servers. But each time I run puppet first >> time - I see this again. >> For ex, when I try to create Packer image - it always fail, because of this >> errors. >> >> I've looked for similar errors, but find nothing. >> >> Have someone experienced same problem? >> >> Thanks. >> >> > ------------------------------ > > *This email was sent by a company owned by Financial Times Group Limited > ("FT Group <http://aboutus.ft.com/corporate-information/#axzz3rajCSIAt>"), > registered office at Number One Southwark Bridge, London SE1 9HL. > Registered in England and Wales with company number 879531. This e-mail may > contain confidential information. If you are not the intended recipient, > please notify the sender immediately, delete all copies and do not > distribute it further. It could also contain personal views which are not > necessarily those of the FT Group. We may monitor outgoing or > incoming emails as permitted by law.* > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/d90b922a-56d4-4d55-95fd-e44eb8ea8201%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
