I have tried to setup Apache with passenger to host the puppetmaster but I
also want to cache. I have no problems running puppet within Passenger with
httpd. I also enabled mod_disk_cache within Apache. However, I still see my
puppet client htting the puppetmaster and the puppetmaster compiles the
manifest every time. In /var/cache/mod_cache, I can see that the data was
properly cached.
What is wrong with my configuration that still allows httpd to serve up the
request from the puppetmaster rather than using the cache? I was looking at
lessening the load on the puppetmaster and have the cache handle common
requests.
LoadModule ssl_module modules/mod_ssl.so
ServerName hostname
# RHEL/CentOS:
# And the passenger performance tuning settings:
PassengerHighPerformance On
PassengerUseGlobalQueue On
# Set this to about 1.5 times the number of CPU cores in your master:
PassengerMaxPoolSize 6
# Recycle master processes after they service 1000 requests
PassengerMaxRequests 1000
# Stop processes if they sit idle for 10 minutes
PassengerPoolIdleTime 600
PassengerTempDir /var/run/passenger
# Add %D for "The time taken to serve the request, in microseconds."
LogFormat "%h %l %u %t \"%r\" %>s %b %D \"%{Referer}i\" \"%{User-Agent}i\""
puppet
Listen 8140
<VirtualHost *:8140>
SSLEngine On
# Only allow high security cryptography. Alter if needed for
compatibility.
SSLProtocol All -SSLv2
SSLCipherSuite HIGH:!ADH:RC4+RSA:-MEDIUM:-LOW:-EXP
SSLCertificateFile /var/lib/puppet/ssl/certs/hostname.pem
SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/hostname.pem
SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
SSLVerifyClient optional
SSLVerifyDepth 1
SSLOptions +StdEnvVars +ExportCertData
# These request headers are used to pass the client certificate
# authentication information on to the puppet master process
RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e
RackAutoDetect On
DocumentRoot /usr/share/puppet/rack/puppetmasterd/public/
<Directory /usr/share/puppet/rack/puppetmasterd/>
Options Indexes
AllowOverride None
Order Allow,Deny
Allow from All
</Directory>
<IfModule mod_expires.c>
<Location /production/file_metadatas/>
ExpiresActive On
ExpiresDefault "access plus 30 minutes"
</Location>
</IfModule>
<IfModule mod_disk_cache.c>
CacheEnable disk /production/file_metadata/
CacheEnable disk /production/file_metadatas/
CacheRoot "/var/cache/mod_cache"
CacheDefaultExpire 1800
CacheIgnoreNoLastMod On
</IfModule>
</VirtualHost>
mod_cache]# ls -la
total 40
drwxr-xr-x 10 apache apache 4096 Aug 29 12:37 .
drwxr-xr-x. 18 root root 4096 Aug 29 12:36 ..
drwx------ 3 apache apache 4096 Aug 29 12:37 Hk
drwx------ 3 apache apache 4096 Aug 29 12:37 K5
drwx------ 3 apache apache 4096 Aug 29 12:37 Q9
drwx------ 3 apache apache 4096 Aug 29 12:37 Rl
drwx------ 3 apache apache 4096 Aug 29 12:37 St
drwx------ 3 apache apache 4096 Aug 29 12:37 ui
drwx------ 3 apache apache 4096 Aug 29 12:37 wV
drwx------ 3 apache apache 4096 Aug 29 12:37 _Z
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/e5761830-21de-4400-879e-218caa2fd004%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
