search

puppetlabs / pupperware

Container fun time lives here.
Other
183 stars 66 forks source link

ssl during docker-compose startup (puppet 6.x) #108

Closed montge closed 5 years ago

montge commented 5 years ago

Describe the Bug

puppetdb instance does not start during startup fails with the following error.

puppetdb_1  | Running /docker-entrypoint.d/30-configure-ssl.sh
puppetdb_1  | (/ssl.sh) Using configuration values:
puppetdb_1  | (/ssl.sh) * CERTNAME: 'puppetdb.internal' (/CN=puppetdb.internal)
puppetdb_1  | (/ssl.sh) * DNS_ALT_NAMES: ''
puppetdb_1  | (/ssl.sh) * CA: 'https://puppet.internal:8140/puppet-ca/v1'
puppetdb_1  | (/ssl.sh) * SSLDIR: '/etc/puppetlabs/puppet/ssl'
puppetdb_1  | (/ssl.sh) * WAITFORCERT: '120' seconds
puppetdb_1  | subject=CN = Puppet CA: puppet.internal
puppetdb_1  | issuer=CN = Puppet CA: puppet.internal
puppetdb_1  | Generating RSA private key, 4096 bit long modulus (2 primes)
puppetdb_1  | ..............................++++
puppetdb_1  | ......................++++
puppetdb_1  | e is 65537 (0x010001)
puppetdb_1  | writing RSA key
puppetdb_1  | subject=CN = puppetdb.internal
puppetdb_1  | issuer=CN = Puppet CA: puppet.internal
puppetdb_1  | (/ssl.sh) Successfully signed certificate '/etc/puppetlabs/puppet/ssl/certs/puppetdb.internal.pem'
puppetdb_1  | /ssl-setup.sh: 21: /ssl-setup.sh: Syntax error: "(" unexpected

It looks like ssl-setup.sh was last touched back in January.

Expected Behavior

Startup of puppetdb without error

Steps to Reproduce

git clone https://github.com/puppetlabs/pupperware.git
cd pupperware
docker-compose up -d

I was able to "fix" it by modifying docker-compose.yml file to revert back to older versions of puppet (5.2.0), but it appears the change in 6.x of puppet the change to ssl-setup.sh appears to break things.

...
services:
  puppet:
    hostname: puppet.${DOMAIN:-internal}
    image: puppet/puppetserver:${PUPPERWARE_VERSION:-latest}
...
  puppetdb:
    hostname: puppetdb.${DOMAIN:-internal}
    image: puppet/puppetdb:${PUPPERWARE_VERSION:-latest}
...

and creating a .env

PUPPERWARE_VERSION=5.2.0

Environment

underscorgan commented 5 years ago

Hi @montge, thanks for this report. The issue was due to moving the image from alpine to debian (due to networking issues we were seeing with the alpine image). It's been fixed in the puppetdb image and should be working now. Let us know if you have any other issues!

underscorgan commented 5 years ago

https://github.com/puppetlabs/puppetdb/pull/3042 is where this was fixed :)