使用RHEL 5.2和Puppet 3.0.0配置Phusion Passenger 3.0.18

Question

我試圖在RHEL 5.2下配置Apache/Phusion Passenger。到目前爲止，apache的乘客模塊和mod_ssl的安裝已成功，但我在嘗試測試puppet客戶端代理時遇到了問題。

這是我passenger.conf位於/etc/httpd/conf.d的樣子

LoadModule passenger_module /usr/lib/ruby/gems/1.8/gems/passenger-3.0.18/ext/apache2/mod_passenger.so 

PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-3.0.18 
PassengerRuby /usr/bin/ruby 

# you probably want to tune these settings 
PassengerHighPerformance on 
PassengerMaxPoolSize 12 
PassengerPoolIdleTime 1500 
# PassengerMaxRequests 1000 
PassengerStatThrottleRate 120 
RackAutoDetect On 
RailsAutoDetect Off 

Listen 8140 

<VirtualHost *:8140> 
     SSLEngine on 
     SSLProtocol -ALL +SSLv3 +TLSv1 
     SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP 

     SSLCertificateFile  /var/lib/puppet/ssl/certs/xxxxx.pem 
     SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/xxxxx.pem 
     SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem 
     SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem 
     # If Apache complains about invalid signatures on the CRL, you can try disabling 
     # CRL checking by commenting the next line, but this is not recommended. 
     SSLCARevocationFile  /var/lib/puppet/ssl/ca/ca_crl.pem 
     SSLVerifyClient optional 
     SSLVerifyDepth 1 
     # The `ExportCertData` option is needed for agent certificate expiration warnings 
     SSLOptions +StdEnvVars +ExportCertData 

     # This header needs to be set if using a loadbalancer or proxy 
     RequestHeader unset X-Forwarded-For 

     RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e 
     RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e 
     RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e 

     DocumentRoot /etc/puppet/rack/public/ 
     RackBaseURI/
     <Directory /etc/puppet/rack/> 
       Options None 
       AllowOverride None 
       Order allow,deny 
       allow from all 
     </Directory> 
</VirtualHost> 

我的木偶配置/etc/puppet/puppet.conf

[main] 
    # The Puppet log directory. 
    # The default value is '$vardir/log'. 
    logdir = /var/log/puppet 

    # Where Puppet PID files are kept. 
    # The default value is '$vardir/run'. 
    rundir = /var/run/puppet 

    # Where SSL certificates are kept. 
    # The default value is '$confdir/ssl'. 
    ssldir = $vardir/ssl 
    ssl_client_header = SSL_CLIENT_S_DN 
    ssl_client_verify_header = SSL_CLIENT_VERIFY 
[agent] 
    # The file in which puppetd stores a list of the classes 
    # associated with the retrieved configuratiion. Can be loaded in 
    # the separate ``puppet`` executable using the ``--loadclasses`` 
    # option. 
    # The default value is '$confdir/classes.txt'. 
    classfile = $vardir/classes.txt 

    # Where puppetd caches the local configuration. An 
    # extension indicating the cache format is added automatically. 
    # The default value is '$confdir/localconfig'. 
    localconfig = $vardir/localconfig 

在httpd服務器日誌上，我可以看到以下警告：

[Mon Dec 03 13:53:08 2012] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) 
[Mon Dec 03 13:53:08 2012] [warn] RSA server certificate CommonName (CN) `xxxxx' does NOT match server name!? 
[Mon Dec 03 13:53:08 2012] [notice] Digest: generating secret for digest authentication ... 
[Mon Dec 03 13:53:08 2012] [notice] Digest: done 
[Mon Dec 03 13:53:08 2012] [warn] RSA server certificate CommonName (CN) `xxxxx' does NOT match server name!? 
[Mon Dec 03 13:53:08 2012] [notice] Apache/2.2.3 (Red Hat) configured -- resuming normal operations 

我跑木偶代理時，也得到了客戶端日誌HTML輸出--test

The application has exited during startup (i.e. during the evaluation of config/environment.rb). The error message may have been written to the web server's log file. Please check the web server's log file (i.e. not the (Rails) application's log file) to find out why the application exited. 
If that doesn't help, then please use the backtrace below to debug the problem. 

Application root: 
/etc/puppet/rack 



    /usr/lib/ruby/site_ruby/1.8/puppet/util.rb 514 in `exit' 
    /usr/lib/ruby/site_ruby/1.8/puppet/util.rb 514 in `exit_on_fail' 
    /usr/lib/ruby/site_ruby/1.8/puppet/application.rb 344 in `run' 
    /usr/lib/ruby/site_ruby/1.8/puppet/util/command_line.rb 76 in `execute' 
    config.ru 33 
    /usr/lib/ruby/gems/1.8/gems/rack-1.4.1/lib/rack/builder.rb 51 in `instance_eval' 
    /usr/lib/ruby/gems/1.8/gems/rack-1.4.1/lib/rack/builder.rb 51 in `initialize' 
    config.ru 1 in `new' 
    config.ru 1 

Config.ru

# a config.ru, for use with every rack-compatible webserver. 
# SSL needs to be handled outside this, though. 

# if puppet is not in your RUBYLIB: 
# $LOAD_PATH.unshift('/opt/puppet/lib') 

$0 = "master" 

# if you want debugging: 
# ARGV << "--debug" 

ARGV << "--rack" 

# Rack applications typically don't start as root. Set --confdir to prevent 
# reading configuration from ~/.puppet/puppet.conf 
ARGV << "--confdir" << "/etc/puppet" 

# NOTE: it's unfortunate that we have to use the "CommandLine" class 
# here to launch the app, but it contains some initialization logic 
# (such as triggering the parsing of the config file) that is very 
# important. We should do something less nasty here when we've 
# gotten our API and settings initialization logic cleaned up. 
# 
# Also note that the "$0 = master" line up near the top here is 
# the magic that allows the CommandLine class to know that it's 
# supposed to be running master. 
# 
# --cprice 2012-05-22 

require 'puppet/util/command_line' 
# we're usually running inside a Rack::Builder.new {} block, 
# therefore we need to call run *here*. 
run Puppet::Util::CommandLine.new.execute 

這是用在WEBrick默認Web服務器工作它沒有任何問題連接到木偶客戶。

任何其他線索可以幫助我解決這個問題？

Answer 1

由於默認文件中缺少參數，因此在3.0.0和3.0.1之間對config.ru進行了a fix處理。雖然你得到的錯誤不清楚，但這可能是問題所在。加入

以下行：

ARGV << "--vardir" << "/var/lib/puppet" 

嘗試抓住full config.ru from Puppet 3.0.1。