How should Puppet plugins be configured?
-
09-12-2019 - |
Question
If I externalise my Puppet module config to a directory outside of Puppet by adding the modulepath / manifestdir settings:
[main]
pluginsync=true
modulepath=/home/user/project/etc/puppet/modules
manifestdir=/home/user/project/etc/puppet/manifests
the agents log the following error:
"Could not evaluate: Could not retrieve information from source(s) puppet://my-dns-name/plugins"
so looks as if they no longer seem to be able to find the Facter facts I have installed in $modulepath//lib/facter ?
If I comment out the modulepath / manifestdir settings and copy the configuration back to the /etc/puppet install directory the agents work fine.
Do I maybe need to set the pluginsource setting also and if so, where to? Any pointers gratefully appreciated!
Solution
Are the permissions on your home directory restricted, e.g. to 0750? The puppetmaster will typically run as a dedicated puppet
user rather than root, so it probably can't read a private home directory.
The other possibility is SELinux if you're using it. I'd expect that the files in your home directory aren't labeled to permit access by a puppetmaster process. Do you see any AVC denials in syslog?