SSL example manifests: wrong defaults result in non working ping #365
Description
Affected Puppet, Ruby, OS and module versions/distributions
- Puppet: 4.10.10
- Ruby:
- Distribution: Debian 8
- Module version: 3.1.0
How to reproduce (e.g Puppet code you use)
Use the example mco_profile provided by this module and setup mcollective.
https://github.com/voxpupuli/puppet-mcollective/tree/master/examples/ssl_example
What are you seeing
nodes can join the mcollective worker.
but the mco ping doesn't work.
if you enable the debug messages in the ~./.mcollective file (would be good to have hint for it in the example btw.) you see:
debug 2018/02/15 13:29:40: activemq.rb:419:in receive' Waiting for a message from ActiveMQ debug 2018/02/15 13:29:40: pluginmanager.rb:83:in []' Returning cached plugin security_plugin with class MCollective::Security::Ssl debug 2018/02/15 13:29:40: ssl.rb:222:in deserialize' De-Serializing using marshal debug 2018/02/15 13:29:40: ssl.rb:175:in validrequest?' Validating request from debug 2018/02/15 13:29:40: runnerstats.rb:43:in unvalidated' Incrementing unvalidated stat warn 2018/02/15 13:29:40: message.rb:189:in rescue in decode!' Failed to decode a message from 'broker.example.com': Received an invalid signature in message debug 2018/02/15 13:29:40: client.rb:137:in rescue in receive' Ignoring a message for some other client : Message reqid does not match our reqid 5a2bf6950ae357ccb59cccc
What behaviour did you expect instead
I expect a respond from all mcollective running nodes.
Output log
Any additional information you'd like to impart
the defaults here are "misguiding". Replace them with the readme.md values:
ssl_client_certs => 'puppet:///modules/site_mcollective/client_certs', ssl_ca_cert => 'puppet:///modules/site_mcollective/certs/ca.pem', ssl_server_public => 'puppet:///modules/site_mcollective/certs/server.pem', ssl_server_private => 'puppet:///modules/site_mcollective/private_keys/server.pem',
and make a note that this files need to be generated