Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

node_list doesn't work as intended #62

Closed
JoshuaSmeda opened this issue May 17, 2022 · 3 comments
Closed

node_list doesn't work as intended #62

JoshuaSmeda opened this issue May 17, 2022 · 3 comments

Comments

@JoshuaSmeda
Copy link

When using --node_list with more than 1 host (that is valid, and exists in the PuppetDB). The following error gets returned:

I've obscured the hostnames.

Command:

puppet catalog diff --certificate_revocation=false puppet-compilers:8140/production puppet-compilers:8140/staging --show_resource_diff --content_diff --threads 4 --output_report /data/whatever.json --node_list=host1.domain.tld,host2.domain.tld --debug

Error:

Error: Unable to compile catalog for host1.domain.tld:
	Failed to retrieve catalog for host1.domain.tld from puppet-compilers in environment staging: Certname "" must not contain unprintable or non-ASCII characters

Error: Unable to compile catalog for host2.domain.tld:
	Failed to retrieve catalog for host2.domain.tld from puppet-compilers in environment staging: Certname "" must not contain unprintable or non-ASCII characters

The issue doesn't present itself, when one node is provided in the --node_list option.

If using fact-search, everything works correctly. But I have to use --node_search based on my requirements since I want to compile against a number of nodes instead of all nodes with a specific fact.

Any ideas on what the issue could be?
@bastelfreak
Copy link
Member

@JoshuaSmeda was that an issue that only happend in the specific docker container or could you reproduce this in the ubuntu container as well? I'm not able to reproduce this locally with the --certless --old_catalogs_from_puppetdb. I currently cannot test other options due to firewalling.

@bastelfreak
Copy link
Member

Also where is --certificate_revocation=false coming from?

@JoshuaSmeda
Copy link
Author

JoshuaSmeda commented May 24, 2022
edited

Hi @bastelfreak. This issue was specifically happening when using the Puppetlabs Docker image. Nothing interesting stood out in the trace / debug logs that would indicate the problem.

I've instead built my own flavor on Ubuntu Jammy Jellyfish , in the same fashion the Puppetlabs container was configured and I don't run into the issue anymore.

AFAIK, certificate-revocation prevents catalog_diff from downloading the CRL from the CA's (you can see this happen when --debug flag is passed in). I don't need the CRL for the type of work that I'm doing.

I'm not sure if it warrants a README.md write-up? If someone else runs into this issue, I'm sure they'll find it under the project's issue without hassle, and instead opt just to bake their own image if they run into a similar issue or spend the effort in debugging.

@JoshuaSmeda JoshuaSmeda closed this as not planned Won't fix, can't repro, duplicate, stale May 24, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bastelfreak @JoshuaSmeda