Puppet/Facter“无法检索事实 fqdn":如何修复或规避? [英] Puppet/Facter "Could not retrieve fact fqdn": How to fix or circumvent?

问题描述

我正在学习 puppet 并尝试在家里的虚拟机上试验它.我还没有使用 puppet 服务器，只是在本地运行.它工作正常，但是每次我运行 puppet apply ... 时，我都会延迟几秒钟，之后它会显示消息

I'm learning about puppet and trying to experiment with it on a VM at home. I'm not using a puppet server yet, just running things locally. It works okay, but every time I run puppet apply ..., I get a delay of several seconds, after which it displays the message

warning: Could not retrieve fact fqdn

我认为该消息与延迟有关，我想摆脱它(延迟——我可以接受消息).谷歌搜索解决方案似乎表明它与 DNS 查找有某种关系，但我真的找不到关于它的任何其他信息，这似乎令人惊讶.我想要的只是能够在我的 vm 中快速应用清单，以便我可以进行实验.我怎样才能加快速度?

I assume the message is linked to the delay, and I want to get rid of it (the delay--I can live with the message). Googling for a solution seems to indicate that it's somehow related to DNS lookups, but I can't really find anything else about it, which seems surprising. All I want is to be able to apply manifests in my vm quickly so I can experiment. How can I speed things up?

更新:我在调试输出中没有看到任何额外的信息，但看起来像这样:

Update: I don't see any extra info in the debug output, but it looks like this:

$ puppet apply -dv puppet-1.pp 
warning: Could not retrieve fact fqdn
debug: Failed to load library 'rubygems' for feature 'rubygems'
debug: Failed to load library 'selinux' for feature 'selinux'
debug: Puppet::Type::File::ProviderMicrosoft_windows: feature microsoft_windows is missing
...

更新:我添加了ruby"标签，因为 puppet 的粉丝太少了.如果这不属于 ruby​​，或者您知道更好的标签，请告诉我.

Update: I added the "ruby" tag because puppet has so few followers. If this doesn't belong in ruby, or if you know a better tag for it, let me know.

再次更新: 了解了有关 puppet 的更多信息后，我现在了解到此消息来自名为Facter"的组件，该组件嗅探出有关运行 Puppet 的系统的事实".我找到了一些配置选项并尝试使用 "certname", "node_name" 和 "node_name_value"，但我无法让延迟消失.有谁知道如何告诉 Facter 忽略 fqdn 或如何让 Facter 能够在 Ubuntu 11.10 虚拟机上找到 fqdn?

Update again: Having learned some more about puppet, I now understand that this message is coming from the component called "Facter" that sniffs out "facts" about the system that Puppet is running on. I found some configuration options and played around with "certname", "node_name" and "node_name_value", but I couldn't get the delay to go away. Does anyone know specifically how to either tell Facter to ignore the fqdn or how to make Facter able to find the fqdn on an Ubuntu 11.10 vm?

进展:

$ cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.1.1

那是我的路由器，它通过 Tomato 运行 Dnsmasq.

That's my router, which is running Dnsmasq via Tomato.

$ dig -x 192.168.1.129 192.168.1.1

; <<>> DiG 9.7.3 <<>> -x 192.168.1.129 192.168.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21838
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;129.1.168.192.in-addr.arpa.    IN  PTR

;; ANSWER SECTION:
129.1.168.192.in-addr.arpa. 0   IN  PTR desk-vm-ubuntu-beta.

;; Query time: 14 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Sun Oct 16 17:47:47 2011
;; MSG SIZE  rcvd: 77

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27462
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;192.168.1.1.           IN  A

;; ANSWER SECTION:
192.168.1.1.        0   IN  A   192.168.1.1

;; Query time: 11 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Sun Oct 16 17:47:47 2011
;; MSG SIZE  rcvd: 45

strace 引导我到 arp，它阻塞了 5 秒，并且为每个 factor 调用了两次:

strace led me to arp, which was blocking for 5 seconds and called twice for each facter:

$ time arp -a
? (10.0.2.2) at 52:54:00:12:35:02 [ether] on eth0

real    0m5.127s
user    0m0.004s
sys     0m0.016s

我将虚拟机从 NAT 网络更改为桥接，以便它现在在网络上拥有一个 IP，并且 arp 现在立即返回.(我不是网络专家，所以我不知道为什么会这样，但这似乎是一个合理的尝试.)但是 factor 仍然总共需要大约 4-5 秒才能运行并且仍然报告无法检索事实 fqdn".facter -d 显示了多次出现的域值仍然为零"，一直到最后.我觉得还是有些地方不太对劲.

I changed the VM from NAT networking to bridged, so that it now has an IP on the network, and arp returns immediately now. (I'm no networking guru, so I have no idea why this worked, but it seemed a reasonable thing to try.) But facter still takes about 4-5 seconds total to run and still reports "Could not retrieve fact fqdn". facter -d shows several occurrences of "value for domain is still nil", all the way to the end. I'm thinking something still isn't quite right.

推荐答案

由于 puppet 使用 fqdn 事实来确定它作为哪个节点运行，如果无法确定它可能无法运行.鉴于您所描述的内容，最简单的调试方法是 facter fqdn 而不是您的 puppet 命令行.

Since puppet uses the fqdn fact to determine which node it is running as, it may not be possible to run if it can't be determined. Given what you're describing, the simplest thing to debug is facter fqdn instead of your puppet command-line.

如果几秒"非常接近 5 秒，则很可能是因为列出了一个错误的 DNS 服务器，因此您的 DNS 配置已损坏./etc/resolv.conf 中有什么?如果您使用 resolv.conf 中列出的第一个名称服务器运行 dig -x $HOSTIP $DNSSERVERIP 会发生什么?

If the "several seconds" is very close to exactly 5 seconds, it's very likely that your DNS configuration is broken with a single bad DNS server listed. What's in /etc/resolv.conf? What happens if you run dig -x $HOSTIP $DNSSERVERIP with the first nameserver listed in resolv.conf?

如果您查看facter/fqdn.rb，您可以看到facter 正在尝试做什么来解析fqdn.在我最方便的版本中，它使用 facter/hostname.rb 和 facter/domainname.rb 从 facter/util/resolution.rb 调用代码代码>.

If you look in facter/fqdn.rb you can see what exactly facter is trying to do to resolve the fqdn. In the version I have most handy it's using facter/hostname.rb and facter/domainname.rb which call code from facter/util/resolution.rb.

究竟会发生什么取决于您拥有什么版本的因子、什么操作系统，也可能还取决于您究竟安装了什么.调用 /bin/hostname、uname(等等)和做 DNS 查找都是很有可能的.你总是可以使用 strace -t facter fqdn 来查看什么花费了时间(寻找时间戳的差距)

Exactly what happens will depend on what version of facter you have, what OS, and possibly also what exactly you have installed. Calling /bin/hostname, uname (etc) and doing DNS lookups are all quite likely. You can always use strace -t facter fqdn to see what is taking the time (look for the gap in timestamps)

从您描述的所有内容来看，问题确实是 puppet/facter 真的想要一个域名，而您没有域名，您只有一个裸主机名.

From everything you've described, it does sound like the problem is that puppet/facter really wants to have a domain name and you don't have one, you just have a naked hostname.

将 domain example.com 添加到/etc/resolv.conf 应该可以解决问题.运行 hostname foo.example.com 也应该可以解决问题(但需要重新应用).永久解决方案取决于确切的操作系统设置.

Adding domain example.com to /etc/resolv.conf should do the trick. Running hostname foo.example.com should also do the trick (but will need to be re-applied). Permanent solutions depend on the exact OS setup.

这篇关于Puppet/Facter“无法检索事实 fqdn":如何修复或规避?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！