Ask Your Question
0

How do I deploy puppetdb on docker cluster?

asked 2014-11-27 15:40:04 -0500

hesco gravatar image

Q: How do I deploy puppetdb in a docker cluster, where I am using haproxy (and mode http, not https) as a frontend for the dashboard? The dashboard is visible, but the metrics are zero'd out, no data is making it into the database and running the agent on a node in the cluster gives me output like this:

Error 400 on SERVER: Could not retrieve resources from the PuppetDB at 10.0.150.25:8081: Server hostname '10.0.150.25' did not match server certificate; expected puppetdb.example.com on node some_node.example.com

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2014-11-27 15:53:21 -0500

hesco gravatar image

updated 2014-11-28 13:15:12 -0500

A: Resolving this was far more painful than the simple solution provided here suggests, and involved spending long hours reconstructing the entire installation and configuration to ensure that sane settings were in place. In the process I learned a bit about the architecture of puppetdb and the its configuration options. So I was able to extract value from the experience along with the frustration. But still; . . . In this response I will share both (1) my work-around which moved me past this roadblock; and (2) some clues on the diagnostics I performed which walked me around that learning curve alluded to above.

First the solution:

(1) The final resolution of the issue was embarassingly simple and involved (a) replacing the puppetdb resource record in the public DNS zone file of our domain, with a pdbdashboard A record pointing at our haproxy installation; (b) adding a puppetdb entry to the hosts file on the puppetmaster node which resolved to the internal IP on our private SDN; and (c) updating the /etc/puppet/puppetdb.conf file on the puppet master to set the server key to the FQDN for the puppetdb node, rather than its internal IP address.

Next the diagnostics we tried:

I documented my process in a seventeen part gist paste shared on the #puppet channel where I sought help. My appreciation to those who helped me sort out what I was doing right (in my first ever puppetdb installation) so as to focus my attention on the other issues. In the course of this process (which spanned too many days), I learned quite a bit about this technology.

What follows is a slightly sanitized version of the gist I used to work through this issue. I had used the puppetlabs/puppetdb module to manage the installation and configuration, but I used the recipe for doing that process manually to sort out whether I was missing any critical pieces.

Working my way through: https://docs.puppetlabs.com/puppetdb/...frompackages.html

Step 1: Install and Configure Puppet

010-puppet-agent-runs-on-puppetdb

Step 2: Enable the Puppet Labs Package Repository

020-enable-puppetlabs-repos

Step 3: Install PuppetDB

030-install-puppetdb

Step 4: Configure Database

040-configure_postgresql
042-test-postgresql-config

Step 5: Start the PuppetDB Service

050-start-puppetdb-service
052-puppetdb-iptables-save

Finish: Connect Puppet to PuppetDB

060-connect-puppetmaster-to-puppetdb
062-unable-to-connect-to-puppetdb
064-puppetmaster-puppet.conf

Troubleshooting Installation Problems

070-puppetdb-netstat
072-puppetmaster_iptables-save
074-puppetdb-ssl-cert
076-jetty.ini
078-verify-certificate
080-tcpdump-puppetdb-connection

puppetlabs/puppetdb module

110-puppetdb-server
112-puppetdb-master-config

root@puppetdb:~# puppet agent --test <snip> changed 'false' to 'true' Notice: Finished catalog run in 45.95 seconds


root@puppetdb:~# cat /etc/apt/sources.list.d/puppetlabs.list


root@puppetdb:~# puppet resource package puppetdb ensure=latest

root@puppetdb:~# dpkg -l | grep puppetdb


root@puppetdb:~# grep -v ^# /etc/puppetdb/conf.d/database.ini | grep -v ^$

[database]
classname = org.postgresql.Driver
subprotocol = postgresql
subname = //10.0.150.16:5432/puppetdb
username = puppetdb
password = secret
gc-interval = 60
log-slow-statements = 10
report-ttl = 14d
syntax_pgs = true
conn-keep-alive = 45
node-ttl = 0s
conn-lifetime = 0
node-purge-ttl = 0s
conn-max-age = 60

root@puppetdb:~# psql -U puppetdb --host=10.0.1.16 -d puppetdb puppetdb=> \dt #<-- lists 17 tables after the installation puppetdb ...

(more)
edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2014-11-27 15:40:04 -0500

Seen: 333 times

Last updated: Nov 28 '14