The Docker agent section in dev_running_from_source.markdown has several issues discovered during testing:
-
IP-based connection fails — the example uses --server 172.17.0.1 (Docker host IP), but the server cert is issued for a hostname, not an IP. Connecting by IP fails with a TLS hostname mismatch error.
-
MASTERHOST required — dev-setup must be run with MASTERHOST=puppet (or similar) so the server cert covers the hostname the agent will use.
-
SSL volume needed — each docker run generates a new private key unless /etc/puppetlabs/puppet/ssl is persisted via a volume, causing cert/key mismatches on subsequent runs.
-
Cert signing not documented — the agent cannot compile a catalog until its cert is signed. The section should mention either enabling autosign or the manual signing step.
The section needs a rewrite that reflects the actual working workflow (tested in #161).
The Docker agent section in
dev_running_from_source.markdownhas several issues discovered during testing:IP-based connection fails — the example uses
--server 172.17.0.1(Docker host IP), but the server cert is issued for a hostname, not an IP. Connecting by IP fails with a TLS hostname mismatch error.MASTERHOST required —
dev-setupmust be run withMASTERHOST=puppet(or similar) so the server cert covers the hostname the agent will use.SSL volume needed — each
docker rungenerates a new private key unless/etc/puppetlabs/puppet/sslis persisted via a volume, causing cert/key mismatches on subsequent runs.Cert signing not documented — the agent cannot compile a catalog until its cert is signed. The section should mention either enabling autosign or the manual signing step.
The section needs a rewrite that reflects the actual working workflow (tested in #161).