Jira (PDB-4880) PSQL performance issue - Autovacuum unable to clean up "pe-puppetdb.public.catalog_inputs"
Title: Message Title Maheswaran Shanmugam commented on PDB-4880 Re: PSQL performance issue - Autovacuum unable to clean up "pe-puppetdb.public.catalog_inputs" Three P1 cases raised by SCB in two weeks for the performance issue. The resource tuning for the PE infra component already done and looks good. In recent times, They are doing a lot of code push thro' CD4PE applying Sec patches. So, it's important to work on the table `catalog_inputs` which is the highest size among all tables in `puppetdb` of the Master node. That table size is normal in replica node. pe-puppetdb | public.catalog_inputs| 21 GB ( reduced from 23GB) - Master pe-puppetdb | public.catalog_inputs| 125 MB - Replica Add Comment This message was sent by Atlassian Jira (v8.5.2#805002-sha1:a66f935) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-bugs/JIRA.371316.159953433.34238.1599795960046%40Atlassian.JIRA.
Jira (PDB-4880) PSQL performance issue - Autovacuum unable to clean up "pe-puppetdb.public.catalog_inputs"
Title: Message Title Maheswaran Shanmugam updated an issue PuppetDB / PDB-4880 PSQL performance issue - Autovacuum unable to clean up "pe-puppetdb.public.catalog_inputs" Change By: Maheswaran Shanmugam Attachment: ports.txt Add Comment This message was sent by Atlassian Jira (v8.5.2#805002-sha1:a66f935) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-bugs/JIRA.371316.159953433.31411.1599534840038%40Atlassian.JIRA.
Jira (PDB-4880) PSQL performance issue - Autovacuum unable to clean up "pe-puppetdb.public.catalog_inputs"
Title: Message Title Maheswaran Shanmugam updated an issue PuppetDB / PDB-4880 PSQL performance issue - Autovacuum unable to clean up "pe-puppetdb.public.catalog_inputs" Change By: Maheswaran Shanmugam Environment: PE 2019.2.2pe-puppetdb | 6.7.3 - 1pe-puppetdb-termini | 6.7.3-1 Add Comment This message was sent by Atlassian Jira (v8.5.2#805002-sha1:a66f935) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-bugs/JIRA.371316.159953433.31410.1599534480029%40Atlassian.JIRA.
Jira (PDB-4880) PSQL performance issue - Autovacuum unable to clean up "pe-puppetdb.public.catalog_inputs"
Title: Message Title Maheswaran Shanmugam created an issue PuppetDB / PDB-4880 PSQL performance issue - Autovacuum unable to clean up "pe-puppetdb.public.catalog_inputs" Issue Type: Bug Affects Versions: PDB 6.7.3 Assignee: Unassigned Components: PuppetDB Created: 2020/09/07 8:05 PM Environment: PE 2019.2.2 pe-puppetdb | 6.7.3-1 pe-puppetdb-termini | 6.7.3-1 Priority: Major Reporter: Maheswaran Shanmugam This case is raised after seeing continuous performance issues for the customer. Issues description: All nodes appeared "not reporting" section in the console or Console reporting compilers are not responding or Grafana unable to get the metrics from compilers Log analysis: In all the above cases, ` netstat -pan | grep -i 5432` shows `TIME_WAIT` status ( Attached ports.txt from support script) Slowest query from support script: 2020-09-06 23:28:14.185 GMT [db:pe-puppetdb,sess:5f55631a.52a9,pid:21161,vtid:76/42777,tid:108303837] STATEMENT: with recursive live_paths(path, value) as (select key as path, value from (select (jsonb_each(stable||volatile)).* from factsets) as base_case union
Jira (FACT-2096) Windows system32 environment variable issue after installation of "RDS-RD-Server"
Title: Message Title Maheswaran Shanmugam commented on FACT-2096 Re: Windows system32 environment variable issue after installation of "RDS-RD-Server" Ongoing Customer case: https://puppetlabs.zendesk.com/agent/tickets/36810 Old case similar to this: https://puppetlabs.zendesk.com/agent/tickets/20168 Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-bugs/JIRA.332946.1572508394000.14531.1572508860041%40Atlassian.JIRA.
Jira (FACT-2096) Windows system32 environment variable issue after installation of "RDS-RD-Server"
Title: Message Title Maheswaran Shanmugam created an issue Facter / FACT-2096 Windows system32 environment variable issue after installation of "RDS-RD-Server" Issue Type: Bug Assignee: Unassigned Components: Windows Created: 2019/10/31 12:53 AM Environment: PE 2019.1.0 Agent OS: Server 2016 Priority: Major Reporter: Maheswaran Shanmugam On Windows servers after installation of Remote Desktop Services (Add-WindowsFeature RDS-RD-Server) the Puppet agent populates the system32 fact incorrectly with "C:\Users\username\WINDOWS\system32". Uninstalling RDS-RD-Server and rebooting the server returns the OS fact to "c:\windows\system32". With or without RDS-RD-Server installed the result of running the command: wmic os get systemdirectory is always "C:\Windows\system32" Example of the "facter os" command output: (`admwintert` - Domain user) PS C:\Windows\system32> facter os { architecture => "x64", family => "windows", hardware => "x86_64", name => "windows", release => { full => "2016", major => "2016" }, windows => { system32 => "C:\Users\admwintert\WINDOWS\system32" } } Customer ran another test and was able to reproduce the behavior with a vanilla AWS AMI: Windows_Server-2016-English-Full-Base-2019.10.09 (ami-0daaf340f2253cd6c) Customer launched, renamed and domain-joined it and then installed puppet. Then installed the Remote Desktop Session Host and rebooted. 'dawintert' is also a domain account. PS C:\Windows\system32> facter os { architecture => "x64", family => "windows", hardware => "x86_64", name => "windows", release => { full => "2016", major => "2016" } , windows => { system32 => "C:\Users\dawintert\WINDOWS\system32" } }
Jira (PDB-2487) Allow for a "resource-events-ttl" to reduce the number of days of events that are stored
Title: Message Title Maheswaran Shanmugam commented on PDB-2487 Re: Allow for a "resource-events-ttl" to reduce the number of days of events that are stored Another incident from DBS today. https://puppetlabs.zendesk.com/agent/tickets/36552 db_name | relation | pg_size_pretty -- #{database} | public.resource_events | 130 GB #{database} | public.resource_events_resource_timestamp | 61 GB #{database} | public.resource_events_unique | 52 GB #{database} | public.resource_events_resource_title_idx | 33 GB #{database} | public.resource_events_containing_class_idx | 16 GB #{database} | public.resource_events_timestamp_idx | 7739 MB #{database} | public.resource_events_reports_id_idx | 7104 MB #{database} | public.resource_events_status_idx | 7047 MB #{database} | public.resource_events_property_idx | 7042 MB {{}} Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-bugs/JIRA.119255.1456852336000.131060.1570435204184%40Atlassian.JIRA.
Jira (PUP-9989) Bug with attributes "purge_ssh_keys" in resource type "user"
Title: Message Title Maheswaran Shanmugam created an issue Puppet / PUP-9989 Bug with attributes "purge_ssh_keys" in resource type "user" Issue Type: Improvement Assignee: Unassigned Created: 2019/08/27 8:00 PM Environment: Test is conducted on PE 2018.1.8 & PE 2018.1.0 Priority: Normal Reporter: Maheswaran Shanmugam Issue: By default, attribute ```purge_ssh_keys => true``` in resource type ```user``` should look for keys in the .ssh/authorized_keys file in the user’s home directory and Purge any keys that aren’t managed as ssh_authorized_key resources. However, then one copy of that key (manually added many keys) is removed. Run puppet again, another copy is removed. Recreation Steps: 1) puppet code ssh_authorized_key { 'henry': ensure => present, user => 'henry', type => 'ssh-rsa', key => 'a1akCIARg5rKE2zxEfztF9Cgh2u2WnWzUvDRCsHQ+E2SmsEEBuxJ8RpPafjG/GxO2247JWGvKzO4zpAtFO7G4WowFU0qmyGCfNyJzPLJd7OSBJC58ooY6G6Lp94P1w9z+7/gM8MkJ6d4W6M9uJL9JCL2aKRmuHAbl0URLwsXq846I7zfix5qXowduRzZTWNBQm3K+iGsASpexG2i/eWuaZGmPxeGxq+t6OtiasRjg9oWInak0+63Uzjj0pDZ1uBlS9EbxaBk+suZQ10qYxoh3dPnuqqEEr83S7GMEKBDZjzkTstIplMXZkhYBJB93rAngbM+JvNb', } user { 'henry': ensure => present, home => '/home/henry', managehome => true, purge_ssh_keys => true, } 2) Add multiple lines in ```/home/henry/.ssh/authorized_keys``` ``` HEADER: This file was autogenerated at 2019-08-27 19:50:56 -0700 HEADER: by puppet. While it can still be managed manually, it HEADER: is definitely not recommended. ssh-rsa
Jira (PUP-9812) With "root" account, Puppet "ssh_authorized_keys" create file "authorized_keys" & change the owner & group
Title: Message Title Maheswaran Shanmugam created an issue Puppet / PUP-9812 With "root" account, Puppet "ssh_authorized_keys" create file "authorized_keys" & change the owner & group Issue Type: New Feature Assignee: Unassigned Components: Types and Providers Created: 2019/06/30 7:02 PM Environment: This case is tested with: PE: 2018.1.x v OS: RHEL 6.9 and Centos 7.0 Priority: Major Reporter: Maheswaran Shanmugam ``` ssh_authorized_key { 'ever...@magpie.example.com': ensure => present, user => 'everetv', type => 'ssh-rsa', key => 'B3Nza[...]qXfdaQ==', target => '/opt/sysadm/etc/ssh_keys/everetv/authorized_keys', } ``` By default, in this example, the resource type "ssh_authorized_key" looks for the file "authorized_keys" owned by the specific user "everetv" inside the directory "/opt/sysadm/etc/ssh_keys/everetv/". In the secure environment, this file can't be created as a specific user and end with following error. ``` Error: /Stage[main]/Main/Ssh_authorized_key[ever...@magpie.example.com]: Could not evaluate: Permission denied @ dir_s_mkdir - /opt/sysadm/etc/ssh_keys/everetv ``` Running agent service as root, there should be a feature to create the key file and change an owner and group as per property is given while defining the resource. This feature will be very handy to deal with the security requirement of the organization where the "non-root" account is not permitted to create the files. This case is raised in connection with customer ticket "https://puppetlabs.zendesk.com/agent/tickets/35293"
Jira (PDB-4390) Don't produce duplicate certname entries for certnames with special characters
Title: Message Title Maheswaran Shanmugam commented on PDB-4390 Re: Don't produce duplicate certname entries for certnames with special characters My query is related to customer ticket "https://puppetlabs.zendesk.com/agent/tickets/35203" Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-bugs/JIRA.311094.1559593774000.47106.1560482700401%40Atlassian.JIRA. For more options, visit https://groups.google.com/d/optout.
Jira (PDB-4072) HA out-of-sync after restart
Title: Message Title Maheswaran Shanmugam commented on PDB-4072 Re: HA out-of-sync after restart Customer "DBS" is getting this issue again. "https://puppetlabs.zendesk.com/agent/tickets/35069" Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-bugs/JIRA.274953.1536550707000.45873.1560413160519%40Atlassian.JIRA. For more options, visit https://groups.google.com/d/optout.
Jira (PDB-4389) Query for deactivated nodes
Title: Message Title Maheswaran Shanmugam commented on PDB-4389 Re: Query for deactivated nodes Austin Blatt Can you suggest how to remove these nodes permanently from the console and db. This behaviour is fixed with the latest release as per Jira ticket # PDB-4390 "https://tickets.puppetlabs.com/browse/PDB-4390" Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-bugs/JIRA.310994.155953334.45814.1560392880607%40Atlassian.JIRA. For more options, visit https://groups.google.com/d/optout.
Jira (PDB-4390) Don't produce duplicate certname entries for certnames with special characters
Title: Message Title Maheswaran Shanmugam commented on PDB-4390 Re: Don't produce duplicate certname entries for certnames with special characters Austin Blatt It's marked as fixed for latest release. Is there any workaround to fix this issue for an existing lower version like 2018.1.5...etc? Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-bugs/JIRA.311094.1559593774000.45804.1560392400548%40Atlassian.JIRA. For more options, visit https://groups.google.com/d/optout.
Jira (PDB-4389) Query for deactivated nodes
Title: Message Title Maheswaran Shanmugam commented on PDB-4389 Re: Query for deactivated nodes This ticket is raised to address the customer ticket "https://puppetlabs.zendesk.com/agent/tickets/34919". The nodes are showing in puppetdb and console. However, it's not getting deleted when purging. Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-bugs/JIRA.310994.155953334.31105.1559534040618%40Atlassian.JIRA. For more options, visit https://groups.google.com/d/optout.
Jira (PDB-4389) Query for deactivated nodes
Title: Message Title Maheswaran Shanmugam created an issue PuppetDB / PDB-4389 Query for deactivated nodes Issue Type: Improvement Assignee: Unassigned Created: 2019/06/02 8:42 PM Environment: This test is carried out on PE 2018.1.8 puppetdb version: 5.2.8 puppet-query v1.2.5 Priority: Normal Reporter: Maheswaran Shanmugam Hello, puppet query command is not listing out deactivated or expired nodes. [root@pe-201818-master ~]# puppet query 'nodes[] { deactivated is not null }' [] [root@pe-201818-master ~]# puppet query 'nodes[] { deactivated is not null or expired is not null }' [] Steps followed to reproduce: 1) puppet query all nodes. ```puppet query "nodes[certname] {}"``` 2) Manually deactivate the node ```puppet node deactivate ``` 3) Run puppet query looking for the node marked "deactivated is not null" ```puppet query 'nodes[] { deactivated is not null } '``` 4) Login into pe-puppetdb and select specific node from ```certnames``` table to ensure this node is deactiviated. ``` [root@pe-201818-master ~]# su - pe-postgres -s /bin/bash -c "/opt/puppetlabs/server/bin/psql -d pe-puppetdb" psql (9.6.12) Type "help" for help. pe-puppetdb=# select * from certnames where certname = 'yc3ctpdm4eyv3ni.delivery.puppetlabs.net'; id | certname | latest_report_id | deactivated | expired | package_hash | latest_report_timestamp -- 3 | yc3ctpdm4eyv3ni.delivery.puppetlabs.net | 120 | 2019-06-02 20:11:35.303-07 | | | 2019-05-29 08:48:05.553-07 (1 row) ```
Jira (PUP-3204) Find LDAP users and groups created mid-transaction.
Title: Message Title Maheswaran Shanmugam commented on PUP-3204 Re: Find LDAP users and groups created mid-transaction. Adding another ticket related to it. "https://puppetlabs.zendesk.com/agent/tickets/32160" Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.