Ask Your Question
0

Could not retrieve information from environment from production source on files

asked 2015-06-17 13:32:34 -0500

bluethundr gravatar image

updated 2015-06-18 16:09:06 -0500

Hi all,

 I've setup a puppet module to install and keep the bacula backup system running on a number of systems.

Part of the formula I've come up with is to transfer an SSL cert/key pair to each host that uses the module. So that bacula can work over TLS.

 I have this defined in my bacula config manifest:

 file { "/etc/pki/tls/private/${::hostname}.mydomain.com.key":
       notify  => Service["bacula-fd"],
       owner => "bacula",
       group => "bacula",
       mode => 0400,
       require => Package["bacula-client","bacula-common"],
       source => "puppet:///modules/bacula/${::hostname}/${::hostname}.mydomain.com.key",
      }

     file { "/etc/pki/tls/certs/${::hostname}.mydomain.com.crt":
        notify  => Service["bacula-fd"],
        owner => "bacula",
        group => "bacula",
        mode => 0400,
        require => Package["bacula-client","bacula-common"],
       source => "puppet:///modules/bacula/${::hostname}/${::hostname}.mydomain.com.crt",
     }

This has been working perfectly fine for a while now. But only on SOME hosts that were recently added I'm getting "Could not retrieve information" errors on the keypairs that I'm trying to send over.

 Error: /Stage[main]/Bacula::Config/File[/etc/pki/tls/certs/monitor1.mydomain.com.crt]: Could not evaluate: Could not retrieve information from environment production source(s)      puppet:///modules/bacula/monitor1/monitor1.mydomain.com.crt     
 Error: /Stage[main]/Bacula::Config/File[/etc/pki/tls/private/monitor1.mydomain.com.key]: Could not evaluate:      Could not retrieve information from environment production source(s)      puppet:///modules/bacula/monitor1/monitor1.mydomain.com.key

And this is the weird part! All of the directories that I'm transferring keys and certs from have identical ownership and permissions for both the working and the non working hosts!

This is a directory listing of certs and keys that does NOT work:

 /etc/puppet/environments/production/modules/bacula/files/monitor1:
 total 8.0K
 -rw-r--r--. 1 puppet puppet 2.0K Jun 16 21:53 monitor1.mydomain.com.crt
 -rw-r--r--. 1 puppet puppet 3.2K Jun 16 21:53 monitor1.mydomain.com.key

And this is a listing from a directory containing certs and keys that DOES work:

/etc/puppet/environments/production/modules/bacula/files/logs:
 total 8.0K
 -rw-r--r--. 1 puppet puppet 1.9K Apr 23 22:14 logs.mydomain.com.crt
 -rw-r--r--. 1 puppet puppet 3.2K Apr 23 22:14 logs.mydomain.com.key

And these are permissions on the directories themselves:

 drwxr-xr-x. 2 puppet puppet 62 Jun 16 22:13 /etc/puppet/environments/production/modules/bacula/files/logs
 drwxr-xr-x. 2 puppet puppet 70 Jun 16 22:14 /etc/puppet/environments/production/modules/bacula/files/monitor1

Trouble is I can tell no difference between the working and non working directories.

If I run puppet  with the bacula module on the monitor1 host, I get the error. If I run puppet with the bacula module on the logs host, everything works fine! Same formula in the config manifest, different directories but same permissions on both, yet only one fails! This just isn't making any sense to me.

Puppet should be able to select the correct directory name to pull from for the monitor1 host based on the ... (more)

edit retag flag offensive close merge delete

1 answer

Sort by » oldest newest most voted
0

answered 2015-06-19 05:50:32 -0500

far4d gravatar image

Have you tried an alternative syntax (See File type reference)?

file { "/etc/nfs.conf":
  source => [
    "puppet:///modules/nfs/conf.$host",
    "puppet:///modules/nfs/conf.$operatingsystem",
    "puppet:///modules/nfs/conf"
  ]
}

Or you could try to remove the leading double colon from the facts? Instead of ${::fqdn} just write ${fqdn}

Best regards

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2015-06-17 13:29:41 -0500

Seen: 2,070 times

Last updated: Jun 19 '15