Re: [Puppet Users] realize group before user ?
On 3/10/2010 8:54 AM, Jan-Frode Myklebust wrote:
I have this user and group that I need to realize:
@user { policyd:
ensure = present,
uid = 103,
gid = 103,
comment = Postfix Policy Daemon,
home= /home/policyd,
shell = /bin/bash,
}
@group { policyd:
ensure = present,
gid = 103,
}
but how do I make sure the group is created before the user? Only way
I can think of is realizing the group in a class that I require in
the class realizing the user, but that seems silly...
You only have to take care that both the user and the group are
realized. Puppet will automatically take care of creating a proper
dependency between the two.
If your question was actually about how to realize both user and group,
I'd recommend you using tags to mark both and then realize based on the
tags.
Regards, David Schmitt
--
dasz.at OG Tel: +43 (0)664 2602670 Web: http://dasz.at
Klosterneuburg UID: ATU64260999
FB-Nr.: FN 309285 g FB-Gericht: LG Korneuburg
--
You received this message because you are subscribed to the Google Groups Puppet
Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Is it possible for puppet to compile packages?
We use Nginx rather than apache due to a number of useful modules, however these modules need to be compiled in and therefore we're unable to use a package manager for installation. Would it be possible with puppet to grab specific versions of the various source files, compile them, and then configure the servers? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Is it possible for puppet to compile packages?
I'm not saying its a good thing, but I've created an rpm for passenger, which compiles the apache modules in the post installation scripts. all of the required packages for building it are part of the rpm package requirements... Ohad On Wed, Mar 10, 2010 at 4:45 PM, Phillip B Oldham phillip.old...@gmail.comwrote: We use Nginx rather than apache due to a number of useful modules, however these modules need to be compiled in and therefore we're unable to use a package manager for installation. Would it be possible with puppet to grab specific versions of the various source files, compile them, and then configure the servers? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Is it possible for puppet to compile packages?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10/03/10 8:02 PM, Ohad Levy wrote: I'm not saying its a good thing, but I've created an rpm for passenger, which compiles the apache modules in the post installation scripts. all of the required packages for building it are part of the rpm package requirements... What Ohad said. If, and it is rarely, I have to do this then I build some own RPM packages and stick them in a custom Yum repo and manage them like that. Regards James Turnbull - -- Author of: * Pro Linux System Administration (http://tinyurl.com/linuxadmin) * Pulling Strings with Puppet (http://tinyurl.com/pupbook) * Pro Nagios 2.0 (http://tinyurl.com/pronagios) * Hardening Linux (http://tinyurl.com/hardeninglinux) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBS5dgoyFa/lDkFHAyAQKA7gf+LjXqt5jjOdCLJct0vH7Jvwu32+XGL1Zb qidVELcFeCE4Nfpt0GhW15uQcS6TA/uj92vFPUrZ791Jh6GuHgt31VzrvSIplULM OuiorQPDISO5IC/PZQa6OoHmI+ReEfCeCskIlXOSL7yE7XHrl5lvI5dNU0UkiB1X kdu1/6rF9gzF0MX1yl7kCVf6VsZBSKAzBt9qnztsxZ13ll1I12BsbQDCRhH96vqy 6Xxk2MMbfevPnoFKN3pHKs4ulo2ZgappP0Vn4bc+vA8bwmMGZl1vdeyNpuPP4FN2 ocOvefzodcY0TRHvgYGekg0LVNj3AZzTk4W1HRnydRgWZV542v89jw== =Nar8 -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Upgraded puppet-server from EPEL 24.8 to 25.1 - now seeing puppetmasterd[xxxx]: Too many connections
Ohad, thanks for your reply! Last night ive had it and switched to gems only and had no problems at all with too many connections using storeconfigs The debian (lenny) packages where seriously outdated and now this is what my gem list looks like: ~# gem list *** LOCAL GEMS *** actionmailer (2.3.5) actionpack (2.3.5) activerecord (2.3.5) activeresource (2.3.5) activesupport (2.3.5) gem_plugin (0.2.3) rack (1.0.1) ##gem install rack -v 1.0.1 ## - rails does not like latest avail rack gem rails (2.3.5) rake (0.8.7) ruby-mysql (2.9.2) test-spec (0.10.0) Aaand the debianpackages: libmysql-ruby1.8 libmysqlclient15-dev That did it, it works, Im happy - thanks a lot! :) Cheers, Simon On 10 Mrz., 06:43, Ohad Levy ohadl...@gmail.com wrote: which version of activerecord is installed? you might want to give 2.3 a try and see if that solves your problems. Ohad On Tue, Mar 9, 2010 at 6:21 PM, Simon Mügge s...@webde.de wrote: Hey Ohad! Could you please elaborate on these faulty activerecord versions? I ran into the same problem (just with fewer (180) clients as Im not using mongrel yet), getting these errors on the clients: Could not retrieve catalog from remote server: Error 400 on SERVER: Too many connections I am running: 0.25.4 master/client, storeconfigs with local mysql5 (testing stage, it will move to a seperate machine.. ;) ), activrecord deb and mysql gem: activerecord: puppet-01:~# aptitude search active | grep ^i i libactiverecord-ruby - Ruby library that ties database tables to i A libactiverecord-ruby1.8 - Tie database tables to classes (Ruby 1.8) i A libactivesupport-ruby - utility classes and extensions to the Ruby i A libactivesupport-ruby1.8 - utility classes and extensions (Ruby 1.8) mysql: puppet-01:~# gem list mysql *** LOCAL GEMS *** mysql (2.8.1) puppet-01:~# aptitude search mysql | grep ^i i A libdbd-mysql-perl - A Perl5 database interface to the MySQL da i libdbd-mysql-ruby1.8 - Ruby/DBI MySQL driver for Ruby 1.8 i libmysql-ruby1.8 - MySQL module for Ruby 1.8 i libmysqlclient15-dev - MySQL database development files i A libmysqlclient15off - MySQL database client library i A mysql-client-5.0 - MySQL database client binaries i A mysql-common - MySQL database common files i mysql-server-5.0 - MySQL database server binaries lsof of puppetmaster looks like this: puppet-01:/etc/puppet# lsof -p 1829 | grep -v sock COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME puppetmas 1829 puppet cwd DIR 104,5 4096 1753254 /home/ simu puppetmas 1829 puppet rtd DIR 104,5 4096 2 / puppetmas 1829 puppet txt REG 104,5 3608 503705 /usr/ bin/ruby1.8 puppetmas 1829 puppet mem REG 104,5 1995676 504547 /usr/ lib/libmysqlclient.so.15.0.0 puppetmas 1829 puppet mem REG 104,5 77244 542449 /usr/ lib/ruby/1.8/i486-linux/mysql.so puppetmas 1829 puppet mem REG 104,5 67408 352284 /lib/ i686/cmov/libresolv-2.7.so puppetmas 1829 puppet mem REG 104,5 17880 352282 /lib/ i686/cmov/libnss_dns-2.7.so puppetmas 1829 puppet mem REG 104,5 42504 352285 /lib/ i686/cmov/libnss_files-2.7.so puppetmas 1829 puppet mem REG 104,5 38444 352272 /lib/ i686/cmov/libnss_nis-2.7.so puppetmas 1829 puppet mem REG 104,5 87800 352273 /lib/ i686/cmov/libnsl-2.7.so puppetmas 1829 puppet mem REG 104,5 30436 352277 /lib/ i686/cmov/libnss_compat-2.7.so puppetmas 1829 puppet mem REG 104,5 11904 543078 /usr/ lib/ruby/1.8/i486-linux/digest/sha1.so puppetmas 1829 puppet mem REG 104,5 7512 542262 /usr/ lib/ruby/1.8/i486-linux/shadow.so puppetmas 1829 puppet mem REG 104,5 6812 543082 /usr/ lib/ruby/1.8/i486-linux/digest/md5.so puppetmas 1829 puppet mem REG 104,5 1375588 516954 /usr/ lib/i686/cmov/libcrypto.so.0.9.8 puppetmas 1829 puppet mem REG 104,5 285188 516953 /usr/ lib/i686/cmov/libssl.so.0.9.8 puppetmas 1829 puppet mem REG 104,5 10260 543075 /usr/ lib/ruby/1.8/i486-linux/digest.so puppetmas 1829 puppet mem REG 104,5 265768 541618 /usr/ lib/ruby/1.8/i486-linux/openssl.so puppetmas 1829 puppet mem REG 104,5 12044 543089 /usr/ lib/ruby/1.8/i486-linux/racc/cparse.so puppetmas 1829 puppet mem REG 104,5 38588 543086 /usr/ lib/ruby/1.8/i486-linux/bigdecimal.so puppetmas 1829 puppet mem REG 104,5 9484 504995 /usr/ lib/gconv/UTF-16.so puppetmas 1829 puppet mem REG 104,5 25700 500846 /usr/ lib/gconv/gconv-modules.cache puppetmas 1829 puppet mem REG 104,5 13384 543065 /usr/
[Puppet Users] multiple environments different manifests not working
Hello, I was running Puppet server in version 0.24.8 on Srerver and 0.24.4 up to 0.24.8 on client and configured multiple environments. The desired behavior is to have different sets of manifests and modules for my two environments testing and production. But it works only for my modules not for my manifests folders. I discover this behavior because of an upgraded to version 0.25.4 on server and client, but I dont know if it is due to the update. For this update, I've changed the access to the puppetserver from passenger to the build in webbrick. My Clients are CentOS 5.4 and Debian Lenny, my Server is a CentOS 5.4 box. My configuration looks as follows: There are two folders in /etc/puppet: testing and production. On my server the puppet.conf looks like: [main] vardir = /var/lib/puppet logdir = /var/log/puppet rundir = /var/run/puppet ssldir = $vardir/ssl environments = production,testing [production] manifestdir = /etc/puppet/production/manifests modulepath = /etc/puppet/production/modules manifest = /etc/puppet/production/manifests/site.pp [testing] manifestdir = /etc/puppet/testing/manifests modulepath = /etc/puppet/testing/modules manifest = /etc/puppet/testing/manifests/site.pp [puppetmasterd] certdnsnames=puppet-server.fe.example.com:puppet-server.be.example.com:puppet-server.bla.example.com:puppet-server.test-frontend.example.com:puppet-server.test-backend.example.com [puppetd] classfile = $vardir/classes.txt localconfig = $vardir/localconfig server=puppet-server.fe.example.com environment = production On my Clients for the testing environment the puppet.conf file looks like: [main] vardir = /var/lib/puppet logdir = /var/log/puppet rundir = /var/run/puppet ssldir = $vardir/ssl environment=testing environments=testing [puppetd] classfile = $vardir/classes.txt localconfig = $vardir/localconfig server=puppet-server.fe.example.com Did someone have an idea what is going on in my case? best regards, Hubert -- Hubert Krause Risk Fraud Division INFORM GmbH, Pascalstraße 23, 52076 Aachen, Germany Phone: +49 24 08 - 94 56 5145 E-Mail: hubert.kra...@inform-ac.com, Web: http://www.inform-ac.com INFORM Institut fuer Operations Research und Management GmbH Registered AmtsG Aachen HRB1144 Gfhr. Adrian Weiler -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: realize group before user ?
That worked. Great, thanks! -jf -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Using puppet to automate tasks (ex: mysql slave setup)
I'm not sure if puppet can be coerced to do something like this, but I wanted to throw it out there as it's a process that seems fairly easy to automate. To create new mysql slaves my process goes something like this: 1) run innobackupex [1] on mysql master 2a) copy data from master to slave (takes a decent amount of time depending on wire speed and database size; usually on the order of 6-24 hrs) 2b) setup mysql slave w/ data from mysql master to start replicating binary log 3) import backup using innobackupex The problem here seems to be that I need to do things on two different hosts and only once certain things have happened. I figured I could easily specify the node that is the master and the slave in the manifests, but I'm not sure how far this gets me. I imagine through the creative use of exec's and onlyifs this should be doable, but I wanted to get other people's experiences with automating processes like this. -Doug [1] http://www.percona.com/docs/wiki/percona-xtrabackup:xtrabackup_manual#setting_up_a_new_slave_from_a_backup_in_replication signature.asc Description: OpenPGP digital signature
Re: [Puppet Users] Re: Dependency cycles, please help.
On Fri, Mar 5, 2010 at 1:09 PM, Julien Cornuwel cornu...@gmail.com wrote:
Could not apply complete catalog: Found dependency cycles in the following
relationships: Exec[/usr/sbin/a2enmod passenger] =
Exec[force-reload-apache2], Package[passenger] = Exec[passenger-install],
Exec[passenger-install] = File[passenger-conf], File[passenger-conf] =
Exec[/usr/sbin/a2enmod passenger], File[passenger-load] =
Exec[/usr/sbin/a2enmod passenger], Exec[passenger-install] =
File[passenger-load], Exec[force-reload-apache2] = Package[passenger]
Found it ! The error was here :
package { passenger:
ensure = $version,
provider = gem,
require = [Class['gems'], Class['ruby'], Class['apache2']]
}
It can be quite hard to visualise dependency cycles - if you get
Puppet to draw the resource graph, it's much easier to see where the
problem is:
http://bitfieldconsulting.com/puppet-dependency-graphs
J
--
Bitfield Consulting: we make software that makes things work
http://bitfieldconsulting.com/
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: memorysize returned as string - maybe
On Wed, Mar 10, 2010 at 1:24 AM, Ohad Levy ohadl...@gmail.com wrote:
another option that I use is to extend the string class in ruby, that would
allow you to do something like:
Facter.memorysize.to_gb
in order to do that add somewhere (e.g. before your custom fact)
class String
def to_gb
begin
value,unit=self.match(/(\d+|.+) ([KMG]B)$/i)[1..2]
case unit.to_sym
when nil, :B, :byte then (value.to_f / 1000_000_000)
when :GB, :G, :gigabyte then value.to_f
when :MB, :M, :megabyte then (value.to_f / 1000)
when :KB, :K, :kilobyte, :kB then (value.to_f / 1000_000)
else raise Unknown unit: #{unit.inspect}!
end
rescue
raise Unknown string
end
end
end
Ohad
I'd rather look into fixing the problem than doing code monkeypatching
in everyday environments and require folks to write facts to get this
data.
Let's look at making things like this available today in facter.
Patch material?
I generally think facts shouldn't include units anyway, yet we don't
want to break existing things that depend on them.
--Michael
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Is it possible for puppet to compile packages?
On Wed, Mar 10, 2010 at 4:04 AM, James Turnbull ja...@lovedthanlost.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10/03/10 8:02 PM, Ohad Levy wrote: I'm not saying its a good thing, but I've created an rpm for passenger, which compiles the apache modules in the post installation scripts. all of the required packages for building it are part of the rpm package requirements... What Ohad said. If, and it is rarely, I have to do this then I build some own RPM packages and stick them in a custom Yum repo and manage them like that. Regards James Turnbull which compiles the apache modules in the post installation scripts Apache modules can easily be shipped as seperate packages (mod_python as an example) that contain loadable modules. (Forgive my ignorance, but is that not doable for passenger?) Anyway, from a best practices perspective, it would be better to do the rebuilds on your build server as James said. You don't want to be doing compilation on production servers, and you won't have very good granularity into what happens if something goes wrong. rpm %post sections of any sufficient complexity are to be avoided. --Michael -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: memorysize returned as string - maybe
I fully agree - the main reason I've done this conversion is because I want
to show nice graphs in foreman :) and that was not an option to change
everyones facter.
Ohad
On Wed, Mar 10, 2010 at 11:41 PM, Michael DeHaan
mich...@reductivelabs.comwrote:
On Wed, Mar 10, 2010 at 1:24 AM, Ohad Levy ohadl...@gmail.com wrote:
another option that I use is to extend the string class in ruby, that
would
allow you to do something like:
Facter.memorysize.to_gb
in order to do that add somewhere (e.g. before your custom fact)
class String
def to_gb
begin
value,unit=self.match(/(\d+|.+) ([KMG]B)$/i)[1..2]
case unit.to_sym
when nil, :B, :byte then (value.to_f / 1000_000_000)
when :GB, :G, :gigabyte then value.to_f
when :MB, :M, :megabyte then (value.to_f / 1000)
when :KB, :K, :kilobyte, :kB then (value.to_f / 1000_000)
else raise Unknown unit: #{unit.inspect}!
end
rescue
raise Unknown string
end
end
end
Ohad
I'd rather look into fixing the problem than doing code monkeypatching
in everyday environments and require folks to write facts to get this
data.
Let's look at making things like this available today in facter.
Patch material?
I generally think facts shouldn't include units anyway, yet we don't
want to break existing things that depend on them.
--Michael
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com
.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] How to efficiently manage multiple packages installing in the same directory
site.pp
import classes/install_foo.pp
import classes/install_bar.pp
node 'standard.node.local' {
include install_foo
include install_bar
}
---
classes/install_foo.pp:
class install_foo {
file { /:
ensure = directory,
recurse = true,
source = puppet:///files/foo
}
}
---
classes/install_bar.pp:
class install_bar {
file { /:
ensure = directory,
recurse = true,
source = puppet:///files/bar
}
}
--
Yeah, I would recommend not doing this, and would want to know more
about the use case around why you wanted to do it that way.
If you have multiple sets of applications that you don't want to
package into something LSB compliant, it would be better to install
each seperate app in /opt or /srv, such as
/opt/foo and /opt/bar
That's not great by best practices' guidelines, but it works and gets
the job done if you don't want to package things so that they fully
understand /etc and /var and such.
The error you get is because Puppet will not allow the same resource
to be represented twice, but the larger problem is you're also kind of
subverting the point of the package manager
if you are overlaying files all over the file system. You lose the
ability manage dependencies and see how what got where, hence I'd
really recommend asking why the use case is like that.
If you're not deploying a full app, just perhaps a set of data files
or content, be more specific about where it should go:
file { /this/is/where/where/the/files/go:
ensure = directory,
recurse = true,
source = puppet:///files/wherever/bar
}
Versus doing paths relative to root.
Further, I don't really know how many files you are distributing this
way, but if it's the whole OS, that is going to be rather slow and not
entirely deseriable. If you strictly
have to do this, you might as well just rsync the content with an Exec
task ... though again, it's better if you can do something else.
--Michael
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: memorysize returned as string - maybe
On Wed, Mar 10, 2010 at 10:51 AM, Ohad Levy ohadl...@gmail.com wrote: I fully agree - the main reason I've done this conversion is because I want to show nice graphs in foreman :) and that was not an option to change everyones facter. Ohad I think it is actually an option.In order to trend facts efficiently (regardless of the app), we need numeric facts. Send us a patch for a numeric fact in facter (and for any other facts that have units), though I think we probably /do/ have to keep the existing ones around. --Michael -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Is it possible for puppet to compile packages?
I build debs for passenger based upon the brightbox PPA dsc file. I refuse to compile by hand on production. On Mar 10, 2010 7:46 AM, Michael DeHaan mich...@reductivelabs.com wrote: On Wed, Mar 10, 2010 at 4:04 AM, James Turnbull ja...@lovedthanlost.net wrote: -BEGIN PGP SI... Apache modules can easily be shipped as seperate packages (mod_python as an example) that contain loadable modules. (Forgive my ignorance, but is that not doable for passenger?) Anyway, from a best practices perspective, it would be better to do the rebuilds on your build server as James said. You don't want to be doing compilation on production servers, and you won't have very good granularity into what happens if something goes wrong. rpm %post sections of any sufficient complexity are to be avoided. --Michael -- You received this message because you are subscribed to the Google Groups Puppet Users group -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Is it possible for puppet to compile packages?
yeah, I'm ashamed - thats why I started by saying that its NOT a good idea ;) On Thu, Mar 11, 2010 at 12:01 AM, Nigel Kersten nig...@google.com wrote: I build debs for passenger based upon the brightbox PPA dsc file. I refuse to compile by hand on production. On Mar 10, 2010 7:46 AM, Michael DeHaan mich...@reductivelabs.com wrote: On Wed, Mar 10, 2010 at 4:04 AM, James Turnbull ja...@lovedthanlost.net wrote: -BEGIN PGP SI... Apache modules can easily be shipped as seperate packages (mod_python as an example) that contain loadable modules. (Forgive my ignorance, but is that not doable for passenger?) Anyway, from a best practices perspective, it would be better to do the rebuilds on your build server as James said. You don't want to be doing compilation on production servers, and you won't have very good granularity into what happens if something goes wrong. rpm %post sections of any sufficient complexity are to be avoided. --Michael -- You received this message because you are subscribed to the Google Groups Puppet Users group -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Failed to retrieve current state of resource a.o
Hi, i am new to puppet and installed / configured it the first time. I have some trouble with 2 Error Messages where google did not help till now: -- err: /File[/var/lib/puppet/lib]: Failed to retrieve current state of resource: Could not retrieve information from source(s) puppet://puppet.domain.net/plugins -- i noticed that this error disappears when i disable the pluginsync in puppet.conf #pluginsync = true with pluginsync on i get the error. I dont know what to do to get this work with pluginsync on. Second Problem is this: warning: Value of 'preferred_serialization_format' (pson) is invalid for report, using default (marshal) i think this is not very bad, but is there a way to solve this? If you need anything let me know. btw. OS is CentOS 5 best regards Sebastian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] puppetd hangs, dies
Hi, I experienced some problems with puppetd when it cannot reach puppetmasterd. They apply to 0.25.1 on Debian; I could not find these issues in changelog or bugtrack, so here I go: 1) When puppetd starts for the first time and cannot reach puppetmasterd (due to routing or firewall problem), it hangs and cannot be stopped with SIGTERM (that is used by /etc/init.d/puppet stop and restart) 2) puppetd had successfully connected to puppetmasterd before. When on a following scheduled connection attempt puppetmasterd cannot be reached (host down or network broken), puppetd terminates silently instead of retrying later. 3) When puppetd has actually established a connection to puppetmasterd and the network breaks, puppetd hangs until the server responds again; when there is a stateful firewall between these hosts that drops the established packets after some time puppetd hangs forever instead of closing the connection after some timeout and retrying later. Are these already known/fixed? -gr -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] DNS issues?
On Mar 10, 2010, at 6:54 AM, Brian Keifer wrote: On Mar 9, 2010, at 5:50 PM, Patrick wrote: On Mar 9, 2010, at 1:59 PM, Brian Keifer wrote: On Mar 9, 2010, at 4:57 PM, Patrick wrote: On Mar 9, 2010, at 6:36 AM, Brian Keifer wrote: On Mar 9, 2010, at 12:17 AM, Dan Bode wrote: 1. Check the source attribute assignment. source = puppet:///modules/stats/denora.conf the third slash means use same server address as the server we connected to. maybe its hardcoded to be the server name? 2. you could also try: [puppetmasterd] certdnsnames=badger.valinor.net on the server if you need this name to be accepted by the cert. Thanks! I had been using source = puppet://$servername/module/path/filename.ext. I switched to puppet:/// and added the certdnsnames line to my puppetmaster's config file. My config looks a bit cleaner, but I'm still getting the random errors on my file definitions: err: //inspircd/File[/home/procrast/inspircd/conf/modules.conf]: Failed to retrieve current state of resource: undefined method `closed?' for nil:NilClass Could not retrieve file metadata for puppet:///inspircd/modules.conf: undefined method `closed?' for nil:NilClass at /etc/puppet/modules/inspircd/manifests/init.pp:15 From several test runs with: puppetd --server puppet.procrast.net --fqdn badger.procrast.net --no-daemonize --onetime --verbose I get between 3 and 9 of these errors each time, always a different subset of my files. These same files serve properly to my other two clients. I don't get it. This might be related to http://projects.reductivelabs.com/issues/3083. Try using puppetca --list --all on the server and check if those clients are in the list. If they are not in the list, it's probably that bug. -Patrick The problem client does appear to be listed. [r...@badger /etc/puppet]# puppetca --list --all + badger.procrast.net + puppet.procrast.net Does puppetca show the other clients (that work) as being in the same domain? Also, take a look at /etc/puppet/fileserver.conf. Yep. They all show .procrast.net addresses. My fileserver.conf is quite basic at the moment. It's got the path to the files for each module and an allow * for each. I believe the fileserver.conf is set up correctly, as the problems are sporadic. On one run a file may fail, but on the other runs it copies properly. Additionally, the other two clients that are not on the same machine as the fileserver have no issues at all. Thanks! I really have no idea what's wrong. Here's some standard troubleshooting ideas that I would try. Here are a couple of things to compare between clients that work and clients that don't: What version of puppet are they using? Is the path to the server complicated? (How many router hops? is there a natting firewall in between? High latency? Packet loss?) What OS are you using? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] DNS issues?
On Mar 10, 2010, at 11:48 AM, Patrick wrote: On Mar 10, 2010, at 6:54 AM, Brian Keifer wrote: On Mar 9, 2010, at 5:50 PM, Patrick wrote: On Mar 9, 2010, at 1:59 PM, Brian Keifer wrote: On Mar 9, 2010, at 4:57 PM, Patrick wrote: On Mar 9, 2010, at 6:36 AM, Brian Keifer wrote: On Mar 9, 2010, at 12:17 AM, Dan Bode wrote: 1. Check the source attribute assignment. source = puppet:///modules/stats/denora.conf the third slash means use same server address as the server we connected to. maybe its hardcoded to be the server name? 2. you could also try: [puppetmasterd] certdnsnames=badger.valinor.net on the server if you need this name to be accepted by the cert. Thanks! I had been using source = puppet://$servername/module/path/filename.ext. I switched to puppet:/// and added the certdnsnames line to my puppetmaster's config file. My config looks a bit cleaner, but I'm still getting the random errors on my file definitions: err: //inspircd/File[/home/procrast/inspircd/conf/modules.conf]: Failed to retrieve current state of resource: undefined method `closed?' for nil:NilClass Could not retrieve file metadata for puppet:///inspircd/modules.conf: undefined method `closed?' for nil:NilClass at /etc/puppet/modules/inspircd/manifests/init.pp:15 From several test runs with: puppetd --server puppet.procrast.net --fqdn badger.procrast.net --no-daemonize --onetime --verbose I get between 3 and 9 of these errors each time, always a different subset of my files. These same files serve properly to my other two clients. I don't get it. This might be related to http://projects.reductivelabs.com/issues/3083. Try using puppetca --list --all on the server and check if those clients are in the list. If they are not in the list, it's probably that bug. -Patrick The problem client does appear to be listed. [r...@badger /etc/puppet]# puppetca --list --all + badger.procrast.net + puppet.procrast.net Does puppetca show the other clients (that work) as being in the same domain? Also, take a look at /etc/puppet/fileserver.conf. Yep. They all show .procrast.net addresses. My fileserver.conf is quite basic at the moment. It's got the path to the files for each module and an allow * for each. I believe the fileserver.conf is set up correctly, as the problems are sporadic. On one run a file may fail, but on the other runs it copies properly. Additionally, the other two clients that are not on the same machine as the fileserver have no issues at all. I really have no idea what's wrong. Here's some standard troubleshooting ideas that I would try. Here are a couple of things to compare between clients that work and clients that don't: What version of puppet are they using? Is the path to the server complicated? (How many router hops? is there a natting firewall in between? High latency? Packet loss?) What OS are you using? All clients and the server are using 0.25.4 installed via gem. The path to the two remote clients is 10-12 hops, but they work fine. The path to the client that's running from the same machine as the puppetmaster is, naturally, zero hops. That's the only one that's having problems. The problem server is FreeBSD, but I'm fairly certain we can rule out the OS as the problem since the other clients can connect to it without issue and a puppetd on the FreeBSD machine can connect to a remote puppetmaster without any problems. Anyone else happen to have any insight or know of any documentation that specifically speaks to running puppetd and puppetmasterd on the same host with different IP addresses? Thanks! -Brian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] How to efficiently manage multiple packages installing in the same directory
On Wed, Mar 10, 2010 at 9:59 AM, Michael DeHaan mich...@reductivelabs.com wrote: Yeah, I would recommend not doing this, and would want to know more about the use case around why you wanted to do it that way. Hi Michael (and Patrick and Claus). We are in heavy development of a storage app, as well as collaborating with several universities in testing their own applications on a storage network we manage. We would like to make sure machine X is always running the latest versions of applications Foo and Bar. We want to use a flat folder of files because it's quick and simple and doesn't require writing debian build files, RPM specs, or otherwise having to package the files up in any way given that we are constantly (every few days) updating binaries and configs. I don't mean simply upgrading an existing file, I'm talking about adding new files and removing old files. Essentially we'd like to use Puppet as an rsync-like tool, albeit with a lot more intelligence and flexibility. The error you get is because Puppet will not allow the same resource to be represented twice, but the larger problem is you're also kind of subverting the point of the package manager if you are overlaying files all over the file system. I know that's generally true, but in this instance, each package's file are orthogonal. Only package foo will have /etc/foo.conf. I was expecting that Puppet could manage multiple File / statements as long as the files for each package on the Puppet server were unique. If you're not deploying a full app, just perhaps a set of data files or content, be more specific about where it should go: In a static environment your point make sense. However we and our other collaborators are adding/removing files at a furious rate, and I'd like to avoid spending 15 minutes each time tweaking Puppet config files. I know that this is far from the typical use case, but I do believe it is a *valid* use case. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Making Puppet run faster
We have puppet 0.24.8 running on multiple EIGHT core 3.16Ghz servers with 32Gb of RAM, and in each case puppet is taking longer and longer to run, as we have it control more. Currently it's taking up to 20 minutes to perform a run. What approaches can I take to significantly reduce the time it takes puppet to run? It's ALSO sucking up an inordinate amount of CPU while it performs a run. The server is using passenger. Doug -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Making Puppet run faster
On Wed, Mar 10, 2010 at 9:58 AM, Douglas Garstang doug.garst...@gmail.com wrote: We have puppet 0.24.8 running on multiple EIGHT core 3.16Ghz servers with 32Gb of RAM, and in each case puppet is taking longer and longer to run, as we have it control more. Currently it's taking up to 20 minutes to perform a run. What approaches can I take to significantly reduce the time it takes puppet to run? It's ALSO sucking up an inordinate amount of CPU while it performs a run. The server is using passenger. What Ruby version are you running ? Do you have storeconfigs on? How have you configured passenger? Upgrading to 0.25.4 on your server and clients will improve file transfers, and significantly reduce memory consumption, but CPU usage will still be high in my experience. Doug -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- nigel -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Making Puppet run faster
On Wed, Mar 10, 2010 at 12:58 PM, Douglas Garstang doug.garst...@gmail.com wrote: We have puppet 0.24.8 running on multiple EIGHT core 3.16Ghz servers with 32Gb of RAM, and in each case puppet is taking longer and longer to run, as we have it control more. Currently it's taking up to 20 minutes to perform a run. What approaches can I take to significantly reduce the time it takes puppet to run? It's ALSO sucking up an inordinate amount of CPU while it performs a run. The server is using passenger. Doug Some more information about details on what you are managing would be helpful here. One open bug for instance is about updating Puppet to batch yum transactions, which can speed up run time. If you are seeing very long runs on the client, that can be a factor. On the server side, there are various things you might want to do, such as selectively updating certain servers at a time (i.e. using puppetrun) or setting up different schedules for different machines so they don't hit all at once (such as using cron). We're also working to reduce server load via cached catalogs and so forth, though it ultimately does depend a bit about how much you are managing per server. --Michael -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Making Puppet run faster
On 10/03/10 18:58, Douglas Garstang wrote: We have puppet 0.24.8 running on multiple EIGHT core 3.16Ghz servers with 32Gb of RAM, and in each case puppet is taking longer and longer to run, as we have it control more. Currently it's taking up to 20 minutes to perform a run. What approaches can I take to significantly reduce the time it takes puppet to run? It's ALSO sucking up an inordinate amount of CPU while it performs a run. The server is using passenger. Where do you experience the issue: on the clients or on the master? 0.25 highly improved the master performance and file serving. High cpu usage on the client is highly dependent on what you are managing (ie most of the time is usually spent in other processes than puppet, like package manager). Something that also can stress clients is managing deep file hierarchies. For high cpu usage on the master, you can try to: * disable storeconfigs or use thin_storeconfigs (0.25) * make sure your clients sleep longer than the default or use splay times so they don't ask their catalogs at the same time * use a different ruby interpreter, and/or passenger * if you're doing tons of file serving, offload those to a static server (see my last blog article in my signature). This will free your masters to serve more catalogs per unit of time. Hope that helps, -- Brice Figureau My Blog: http://www.masterzen.fr/ -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Making Puppet run faster
On Wed, Mar 10, 2010 at 10:06 AM, Nigel Kersten nig...@google.com wrote: On Wed, Mar 10, 2010 at 9:58 AM, Douglas Garstang doug.garst...@gmail.com wrote: We have puppet 0.24.8 running on multiple EIGHT core 3.16Ghz servers with 32Gb of RAM, and in each case puppet is taking longer and longer to run, as we have it control more. Currently it's taking up to 20 minutes to perform a run. What approaches can I take to significantly reduce the time it takes puppet to run? It's ALSO sucking up an inordinate amount of CPU while it performs a run. The server is using passenger. What Ruby version are you running ? Do you have storeconfigs on? How have you configured passenger? Ruby version, on client and server is: ruby 1.8.5 (2006-08-25) [x86_64-linux] We aren't using storeconfigs... I think the idea of putting puppet config in a db stupid, because you lose your ability to revision control your changes. I configured passenger as per: http://reductivelabs.com/trac/puppet/wiki/UsingPassenger Upgrading to 0.25.4 on your server and clients will improve file transfers, and significantly reduce memory consumption, but CPU usage will still be high in my experience. Until I know for sure that 0.25.4 will fix the performance problems, given that I've had all sorts of problems with 0.25.x in the past (as it relates to SSL keys), I really don't want to do that. I can't take that risk. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Making Puppet run faster
On Wed, Mar 10, 2010 at 10:18 AM, Brice Figureau brice-pup...@daysofwonder.com wrote: On 10/03/10 18:58, Douglas Garstang wrote: We have puppet 0.24.8 running on multiple EIGHT core 3.16Ghz servers with 32Gb of RAM, and in each case puppet is taking longer and longer to run, as we have it control more. Currently it's taking up to 20 minutes to perform a run. What approaches can I take to significantly reduce the time it takes puppet to run? It's ALSO sucking up an inordinate amount of CPU while it performs a run. The server is using passenger. Where do you experience the issue: on the clients or on the master? 0.25 highly improved the master performance and file serving. The issue is on the clients. The master seems fine. I'd like to avoid 0.25 for now, as I simply could not get the SSL keys to work with it the last time I tried and I can't risk production seems not being able to receive updates for days on end. High cpu usage on the client is highly dependent on what you are managing (ie most of the time is usually spent in other processes than puppet, like package manager). Something that also can stress clients is managing deep file hierarchies. We probably have some deep file hierarchies. For high cpu usage on the master, you can try to: * disable storeconfigs or use thin_storeconfigs (0.25) * make sure your clients sleep longer than the default or use splay times so they don't ask their catalogs at the same time * use a different ruby interpreter, and/or passenger * if you're doing tons of file serving, offload those to a static server (see my last blog article in my signature). This will free your masters to serve more catalogs per unit of time. The main isssue isn't even really the high CPU usage... it's just that the client takes 20 minutes to run. That's the really inconvenient bit. We aren't using storeconfigs. Putting config in a db is crazy. We only have a total of maybe a dozen machines running the client, so I doubt increasing the time between runs will make any difference. We ARE using passenger on the server (said that in my original post). Not doing tons of file serving... the master is not working anywhere near as hard as the clients. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Making Puppet run faster
On Wed, Mar 10, 2010 at 10:19 AM, Douglas Garstang doug.garst...@gmail.com wrote: On Wed, Mar 10, 2010 at 10:06 AM, Nigel Kersten nig...@google.com wrote: On Wed, Mar 10, 2010 at 9:58 AM, Douglas Garstang doug.garst...@gmail.com wrote: We have puppet 0.24.8 running on multiple EIGHT core 3.16Ghz servers with 32Gb of RAM, and in each case puppet is taking longer and longer to run, as we have it control more. Currently it's taking up to 20 minutes to perform a run. What approaches can I take to significantly reduce the time it takes puppet to run? It's ALSO sucking up an inordinate amount of CPU while it performs a run. The server is using passenger. What Ruby version are you running ? Do you have storeconfigs on? How have you configured passenger? Ruby version, on client and server is: ruby 1.8.5 (2006-08-25) [x86_64-linux] You should see significant improvements if you move to a more recent Ruby stack. A simple test is http://www.rubyenterpriseedition.com as you can install to /opt and not interfere with your current stack or have to work on packaging while you just evaluate it. I have it all packaged for debian now, but I used to simply symlink puppet/facter etc from the normal ruby lib into the Ruby EE one. We aren't using storeconfigs... I think the idea of putting puppet config in a db stupid, because you lose your ability to revision control your changes. That's not all it can do, but that's somewhat irrelevant. I configured passenger as per: http://reductivelabs.com/trac/puppet/wiki/UsingPassenger I have this config for 4 VCPUs and 4GB RAM: IfModule mod_passenger.c PassengerMaxRequests 5500 PassengerPoolIdleTime 600 PassengerMaxPoolSize 10 PassengerStatThrottleRate 600 /IfModule MaxRequests isn't so necessary with 0.25, but definitely stops memory leaks. what do your machines look like when they're busy? Are all cores maxed out? uptime/load stats? memory consumption? Upgrading to 0.25.4 on your server and clients will improve file transfers, and significantly reduce memory consumption, but CPU usage will still be high in my experience. Until I know for sure that 0.25.4 will fix the performance problems, given that I've had all sorts of problems with 0.25.x in the past (as it relates to SSL keys), I really don't want to do that. I can't take that risk. No-one knows for sure whether 0.25.4 will fix your specific issues. You don't have a development environment you can test on? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- nigel -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Making Puppet run faster
On Wed, Mar 10, 2010 at 10:24 AM, Douglas Garstang doug.garst...@gmail.com wrote: On Wed, Mar 10, 2010 at 10:18 AM, Brice Figureau brice-pup...@daysofwonder.com wrote: On 10/03/10 18:58, Douglas Garstang wrote: We have puppet 0.24.8 running on multiple EIGHT core 3.16Ghz servers with 32Gb of RAM, and in each case puppet is taking longer and longer to run, as we have it control more. Currently it's taking up to 20 minutes to perform a run. What approaches can I take to significantly reduce the time it takes puppet to run? It's ALSO sucking up an inordinate amount of CPU while it performs a run. The server is using passenger. Where do you experience the issue: on the clients or on the master? 0.25 highly improved the master performance and file serving. The issue is on the clients. The master seems fine. I'd like to avoid 0.25 for now, as I simply could not get the SSL keys to work with it the last time I tried and I can't risk production seems not being able to receive updates for days on end. If the issue is on the clients, then ignore everything I said above :) Are you sure the server isn't a bottleneck though? Does it look overloaded? High cpu usage on the client is highly dependent on what you are managing (ie most of the time is usually spent in other processes than puppet, like package manager). Something that also can stress clients is managing deep file hierarchies. We probably have some deep file hierarchies. For high cpu usage on the master, you can try to: * disable storeconfigs or use thin_storeconfigs (0.25) * make sure your clients sleep longer than the default or use splay times so they don't ask their catalogs at the same time * use a different ruby interpreter, and/or passenger * if you're doing tons of file serving, offload those to a static server (see my last blog article in my signature). This will free your masters to serve more catalogs per unit of time. The main isssue isn't even really the high CPU usage... it's just that the client takes 20 minutes to run. That's the really inconvenient bit. We aren't using storeconfigs. Putting config in a db is crazy. We only have a total of maybe a dozen machines running the client, so I doubt increasing the time between runs will make any difference. We ARE using passenger on the server (said that in my original post). Not doing tons of file serving... the master is not working anywhere near as hard as the clients. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- nigel -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Making Puppet run faster
We aren't using storeconfigs... I think the idea of putting puppet config in a db stupid, because you lose your ability to revision control your changes. Just on a technical note, this is not what storeconfigs are about so much. It also gives you information such as the current value of facts on each node (such as giving you a simple inventory system) The puppet manifest still drives the system, and can still be version controlled. --Michael -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Making Puppet run faster
On Wed, Mar 10, 2010 at 10:25 AM, Nigel Kersten nig...@google.com wrote: On Wed, Mar 10, 2010 at 10:19 AM, Douglas Garstang doug.garst...@gmail.com wrote: On Wed, Mar 10, 2010 at 10:06 AM, Nigel Kersten nig...@google.com wrote: On Wed, Mar 10, 2010 at 9:58 AM, Douglas Garstang doug.garst...@gmail.com wrote: We have puppet 0.24.8 running on multiple EIGHT core 3.16Ghz servers with 32Gb of RAM, and in each case puppet is taking longer and longer to run, as we have it control more. Currently it's taking up to 20 minutes to perform a run. What approaches can I take to significantly reduce the time it takes puppet to run? It's ALSO sucking up an inordinate amount of CPU while it performs a run. The server is using passenger. What Ruby version are you running ? Do you have storeconfigs on? How have you configured passenger? Ruby version, on client and server is: ruby 1.8.5 (2006-08-25) [x86_64-linux] You should see significant improvements if you move to a more recent Ruby stack. A simple test is http://www.rubyenterpriseedition.com as you can install to /opt and not interfere with your current stack or have to work on packaging while you just evaluate it. I have it all packaged for debian now, but I used to simply symlink puppet/facter etc from the normal ruby lib into the Ruby EE one. We aren't using storeconfigs... I think the idea of putting puppet config in a db stupid, because you lose your ability to revision control your changes. That's not all it can do, but that's somewhat irrelevant. I configured passenger as per: http://reductivelabs.com/trac/puppet/wiki/UsingPassenger I have this config for 4 VCPUs and 4GB RAM: IfModule mod_passenger.c PassengerMaxRequests 5500 PassengerPoolIdleTime 600 PassengerMaxPoolSize 10 PassengerStatThrottleRate 600 /IfModule MaxRequests isn't so necessary with 0.25, but definitely stops memory leaks. what do your machines look like when they're busy? Are all cores maxed out? uptime/load stats? memory consumption? Thanks Nigel. Let me go check this stuff. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
RE: [Puppet Users] Using puppet to automate tasks (ex: mysql slave setup)
In my environment I'd probably do something like this with Func (https://fedorahosted.org/func/). It's primarily used with RedHat based systems. If that's not a problem for you, then you can write scripts on your overlord that run commands on any systems running the func daemon and reporting to your overlord. Your specific issue could be solved mostly with the Command and CopyFile module or, with a little Python experience, you could write your own module using the available api. It takes some work getting Func implemented but can be done quite easily with an existing puppet infrastructure or with something like Cobbler. byron -Original Message- From: puppet-users@googlegroups.com [mailto:puppet-us...@googlegroups.com] On Behalf Of Doug Warner Sent: Wednesday, March 10, 2010 8:19 AM To: puppet-users@googlegroups.com Subject: [Puppet Users] Using puppet to automate tasks (ex: mysql slave setup) I'm not sure if puppet can be coerced to do something like this, but I wanted to throw it out there as it's a process that seems fairly easy to automate. To create new mysql slaves my process goes something like this: 1) run innobackupex [1] on mysql master 2a) copy data from master to slave (takes a decent amount of time depending on wire speed and database size; usually on the order of 6-24 hrs) 2b) setup mysql slave w/ data from mysql master to start replicating binary log 3) import backup using innobackupex The problem here seems to be that I need to do things on two different hosts and only once certain things have happened. I figured I could easily specify the node that is the master and the slave in the manifests, but I'm not sure how far this gets me. I imagine through the creative use of exec's and onlyifs this should be doable, but I wanted to get other people's experiences with automating processes like this. -Doug [1] http://www.percona.com/docs/wiki/percona-xtrabackup:xtrabackup_manual#setting_up_a_new_slave_from_a_backup_in_replication -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Making Puppet run faster
On 10/03/10 19:24, Douglas Garstang wrote:
On Wed, Mar 10, 2010 at 10:18 AM, Brice Figureau
brice-pup...@daysofwonder.com wrote:
On 10/03/10 18:58, Douglas Garstang wrote:
We have puppet 0.24.8 running on multiple EIGHT core 3.16Ghz servers
with 32Gb of RAM, and in each case puppet is taking longer and longer
to run, as we have it control more. Currently it's taking up to 20
minutes to perform a run.
What approaches can I take to significantly reduce the time it takes
puppet to run? It's ALSO sucking up an inordinate amount of CPU while
it performs a run. The server is using passenger.
Where do you experience the issue: on the clients or on the master?
0.25 highly improved the master performance and file serving.
The issue is on the clients. The master seems fine. I'd like to avoid
0.25 for now, as I simply could not get the SSL keys to work with it
the last time I tried and I can't risk production seems not being able
to receive updates for days on end.
High cpu usage on the client is highly dependent on what you are
managing (ie most of the time is usually spent in other processes than
puppet, like package manager). Something that also can stress clients is
managing deep file hierarchies.
We probably have some deep file hierarchies.
Try to comment those in your manifests, just to see if that is the root
cause.
Also make sure you don't have a default like this:
File { checksum = md5 }
or other checksum in your non-sourced/non-content file{} resource.
Because that means all your local not sourced file management will have
to md5 every managed file. If you combine this with deep hierarchies and
recursion, then you'll have some CPU consumption troubles.
If you have those recursive not sourced file {} resources, make sure to use:
checksum = undef
in them to at least not md5 everything.
I think this problem doesn't exist in 0.25.
For high cpu usage on the master, you can try to:
* disable storeconfigs or use thin_storeconfigs (0.25)
* make sure your clients sleep longer than the default or use splay
times so they don't ask their catalogs at the same time
* use a different ruby interpreter, and/or passenger
* if you're doing tons of file serving, offload those to a static
server (see my last blog article in my signature). This will free your
masters to serve more catalogs per unit of time.
The main isssue isn't even really the high CPU usage... it's just that
the client takes 20 minutes to run. That's the really inconvenient
bit. We aren't using storeconfigs. Putting config in a db is crazy. We
only have a total of maybe a dozen machines running the client, so I
doubt increasing the time between runs will make any difference. We
ARE using passenger on the server (said that in my original post). Not
doing tons of file serving... the master is not working anywhere near
as hard as the clients.
You can ignore my above advice since only your clients are affected.
--
Brice Figureau
My Blog: http://www.masterzen.fr/
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] config settings for environments
Hello. The documentation on using multiple environments says there are only a couple of settings that make sense per-environment (modulepath, templatedir, manifest) but it’s not clear to me whether or not those are the only ones supported. Specifically, I’m trying to set config_version. Each of my environments are clones of the same git repo at different points in its history, so using git to determine a config_version should yield different results in different environments. I set a default value for config_version and then do something like this for a test environment: [test] manifest = /etc/puppet/manifests/test/site.pp modulepath = /etc/puppet/manifests/test/modules config_version = 'git --git-dir /etc/puppet/manifests/test/.git rev-parse --shor t HEAD 2/dev/null || echo' But the configuration version shown on the client is always that of production (the default). -- Rob McBroom http://www.skurfer.com/ It's not that I think guns, drugs, prostitution, swimming, eating and reading should be legal. It's just that no one on Earth has the authority to make them illegal. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] config settings for environments
On Mar 10, 2010, at 3:07 PM, Rob McBroom wrote: Hello. The documentation on using multiple environments says there are only a couple of settings that make sense per-environment (modulepath, templatedir, manifest) but it’s not clear to me whether or not those are the only ones supported. Sorry, forgot to say that both master and client are at 0.25.4. Thanks. -- Rob McBroom http://www.skurfer.com/ Because it screws up the order in which people normally read text. Original message: Why is it bad to top-post your reply? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Making Puppet run faster
On Wed, Mar 10, 2010 at 11:41 AM, Brice Figureau
brice-pup...@daysofwonder.com wrote:
On 10/03/10 19:24, Douglas Garstang wrote:
On Wed, Mar 10, 2010 at 10:18 AM, Brice Figureau
brice-pup...@daysofwonder.com wrote:
On 10/03/10 18:58, Douglas Garstang wrote:
We have puppet 0.24.8 running on multiple EIGHT core 3.16Ghz servers
with 32Gb of RAM, and in each case puppet is taking longer and longer
to run, as we have it control more. Currently it's taking up to 20
minutes to perform a run.
What approaches can I take to significantly reduce the time it takes
puppet to run? It's ALSO sucking up an inordinate amount of CPU while
it performs a run. The server is using passenger.
Where do you experience the issue: on the clients or on the master?
0.25 highly improved the master performance and file serving.
The issue is on the clients. The master seems fine. I'd like to avoid
0.25 for now, as I simply could not get the SSL keys to work with it
the last time I tried and I can't risk production seems not being able
to receive updates for days on end.
High cpu usage on the client is highly dependent on what you are
managing (ie most of the time is usually spent in other processes than
puppet, like package manager). Something that also can stress clients is
managing deep file hierarchies.
We probably have some deep file hierarchies.
Try to comment those in your manifests, just to see if that is the root
cause.
Also make sure you don't have a default like this:
File { checksum = md5 }
or other checksum in your non-sourced/non-content file{} resource.
Because that means all your local not sourced file management will have
to md5 every managed file. If you combine this with deep hierarchies and
recursion, then you'll have some CPU consumption troubles.
If you have those recursive not sourced file {} resources, make sure to use:
checksum = undef
in them to at least not md5 everything.
I think this problem doesn't exist in 0.25.
Thanks. Checked and files are NOT being checksummed.
Doug.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Making Puppet run faster
So, it became apparent to me, after emailing someone off list, that managing a lot of files in deep directory structures might be part of the cause. We are running 10 instances of JBOSS and 10 instances of tomcat on each of these servers. Don't ask me why, it's just the way it was done before I arrived and changing it is not trivial. On disk, each instance of JBOSS starts at /opt/jboss/current/server/tfelN (where N is the instance number) and each instance of tomcat starts at: /opt/tomcat/tfelN/starterkit/current (where N is the instance number) I manually looked through the puppet config and counted 25 unique files that are being managed for jboss and tomcat within these paths. If you do the math, 25 x 10 x 2 = 500. That's therefore (currently) 500 unique files that are being managed in these deep directory structures. Could that potentially be the reason behind puppets crap performance? Doug. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Making Puppet run faster
On 10/03/10 22:06, Douglas Garstang wrote: So, it became apparent to me, after emailing someone off list, that managing a lot of files in deep directory structures might be part of the cause. We are running 10 instances of JBOSS and 10 instances of tomcat on each of these servers. Don't ask me why, it's just the way it was done before I arrived and changing it is not trivial. On disk, each instance of JBOSS starts at /opt/jboss/current/server/tfelN (where N is the instance number) and each instance of tomcat starts at: /opt/tomcat/tfelN/starterkit/current (where N is the instance number) Do you source the whole hierarchy? Or do you only manage it? I manually looked through the puppet config and counted 25 unique files that are being managed for jboss and tomcat within these paths. If you do the math, 25 x 10 x 2 = 500. That's therefore (currently) 500 unique files that are being managed in these deep directory structures. Could that potentially be the reason behind puppets crap performance? What do you manage for those files? But no, 500 doesn't seem like a high number to me. You mentioned in another e-mail in this thread that the problem is more the 20 minutes run than the CPU. Could it be possible you have many slow execs? Or you manage many packages? This also reminds me Ohad's bug: http://projects.reductivelabs.com/issues/1719 At this stage you should probably run puppetd on the console in --debug to see what happens (and run with --summarize too) and if it stalls. -- Brice Figureau My Blog: http://www.masterzen.fr/ -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Making Puppet run faster
On Wed, Mar 10, 2010 at 1:17 PM, Brice Figureau
brice-pup...@daysofwonder.com wrote:
On 10/03/10 22:06, Douglas Garstang wrote:
So, it became apparent to me, after emailing someone off list, that
managing a lot of files in deep directory structures might be part of
the cause.
We are running 10 instances of JBOSS and 10 instances of tomcat on
each of these servers. Don't ask me why, it's just the way it was done
before I arrived and changing it is not trivial.
On disk, each instance of JBOSS starts at
/opt/jboss/current/server/tfelN (where N is the instance number)
and each instance of tomcat starts at:
/opt/tomcat/tfelN/starterkit/current (where N is the instance number)
Do you source the whole hierarchy?
Or do you only manage it?
I manually looked through the puppet config and counted 25 unique
files that are being managed for jboss and tomcat within these paths.
If you do the math, 25 x 10 x 2 = 500. That's therefore (currently)
500 unique files that are being managed in these deep directory
structures. Could that potentially be the reason behind puppets crap
performance?
What do you manage for those files?
But no, 500 doesn't seem like a high number to me.
You mentioned in another e-mail in this thread that the problem is more
the 20 minutes run than the CPU.
Could it be possible you have many slow execs?
Or you manage many packages?
This also reminds me Ohad's bug:
http://projects.reductivelabs.com/issues/1719
At this stage you should probably run puppetd on the console in --debug
to see what happens (and run with --summarize too) and if it stalls.
I just ran puppet in debug mode and it was obvious that most of the
puppet run time was spent in checksumming files.
Eg:
debug:
//Node[app01.fr.xxx.com]/Jboss::Instance[tfel8]/File[/opt/jboss/current/server/tfel8/conf/jboss.web/localhost/rewrite.properties]:
Creating checksum {md5}f5d16bcc20b92631eb59514018fd34e5
... takes a long time to run. Multiple that by several hundred files...
However, when I run this on the command line:
md5sum
/opt/jboss/current/server/tfel8/conf/jboss.web/localhost/rewrite.properties
... the result is instananeous... So... is puppet using a ruby library
for performing md5 checksums? Is that where the performance bottle
neck could be?
Doug
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Making Puppet run faster
On Wed, Mar 10, 2010 at 1:34 PM, Douglas Garstang
doug.garst...@gmail.com wrote:
On Wed, Mar 10, 2010 at 1:17 PM, Brice Figureau
brice-pup...@daysofwonder.com wrote:
On 10/03/10 22:06, Douglas Garstang wrote:
So, it became apparent to me, after emailing someone off list, that
managing a lot of files in deep directory structures might be part of
the cause.
We are running 10 instances of JBOSS and 10 instances of tomcat on
each of these servers. Don't ask me why, it's just the way it was done
before I arrived and changing it is not trivial.
On disk, each instance of JBOSS starts at
/opt/jboss/current/server/tfelN (where N is the instance number)
and each instance of tomcat starts at:
/opt/tomcat/tfelN/starterkit/current (where N is the instance number)
Do you source the whole hierarchy?
Or do you only manage it?
I manually looked through the puppet config and counted 25 unique
files that are being managed for jboss and tomcat within these paths.
If you do the math, 25 x 10 x 2 = 500. That's therefore (currently)
500 unique files that are being managed in these deep directory
structures. Could that potentially be the reason behind puppets crap
performance?
What do you manage for those files?
But no, 500 doesn't seem like a high number to me.
You mentioned in another e-mail in this thread that the problem is more
the 20 minutes run than the CPU.
Could it be possible you have many slow execs?
Or you manage many packages?
This also reminds me Ohad's bug:
http://projects.reductivelabs.com/issues/1719
At this stage you should probably run puppetd on the console in --debug
to see what happens (and run with --summarize too) and if it stalls.
I just ran puppet in debug mode and it was obvious that most of the
puppet run time was spent in checksumming files.
Eg:
debug:
//Node[app01.fr.xxx.com]/Jboss::Instance[tfel8]/File[/opt/jboss/current/server/tfel8/conf/jboss.web/localhost/rewrite.properties]:
Creating checksum {md5}f5d16bcc20b92631eb59514018fd34e5
... takes a long time to run. Multiple that by several hundred files...
However, when I run this on the command line:
md5sum
/opt/jboss/current/server/tfel8/conf/jboss.web/localhost/rewrite.properties
... the result is instananeous... So... is puppet using a ruby library
for performing md5 checksums? Is that where the performance bottle
neck could be?
Doug
Also...
I just grabbed an example online of performing an md5 checksum on a
file in ruby.
Ran it on the same file above.
Result was instananeous... the question remains... what is puppet doing???
Doug
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] How to efficiently manage multiple packages installing in the same directory
On Wed, 2010-03-10 at 12:59 -0500, Michael DeHaan wrote: It could be said that time saved now does not mean time saved later. Especially if you are adding/removing files at a furious rate, this will lead to conflicts sooner or later, and it will be highly appreciated if you can track down where a specific file or change came from. I can understand that you want to avoid the burden of building distribution packages. A quick alternative could be to setup separate directories for each app, like Michael suggested, /opt/foo, /opt/bar, but to use a version control system such as Subversion to manage and update the contents. Just checkout the app foo to /opt/foo, to make /opt/foo a working copy. Then commit the latest version to your central repository and let puppet do the svn update on all your nodes. Best Regards, Claus PS: Don't confuse high activity with high productivity. It takes time to build robust systems. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Is it possible for puppet to compile packages?
Actualy, this is not much different to what Ruby gems are doing when the have a native part or native bindings. It's a way to create platform independent packages. -- Claus On Wed, 2010-03-10 at 10:45 -0500, Michael DeHaan wrote: On 10/03/10 8:02 PM, Ohad Levy wrote: I'm not saying its a good thing, but I've created an rpm for passenger, which compiles the apache modules in the post installation scripts. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] puppetd hangs, dies
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi I experienced some problems with puppetd when it cannot reach puppetmasterd. They apply to 0.25.1 on Debian; I could not find these issues in changelog or bugtrack, so here I go: 1) When puppetd starts for the first time and cannot reach puppetmasterd (due to routing or firewall problem), it hangs and cannot be stopped with SIGTERM (that is used by /etc/init.d/puppet stop and restart) Might be related to 3) ? 2) puppetd had successfully connected to puppetmasterd before. When on a following scheduled connection attempt puppetmasterd cannot be reached (host down or network broken), puppetd terminates silently instead of retrying later. this might be the cause for: http://projects.reductivelabs.com/issues/2888 if you can provide any further details or even reproduce this problem with --trace --debug it would be very helpfull. 3) When puppetd has actually established a connection to puppetmasterd and the network breaks, puppetd hangs until the server responds again; when there is a stateful firewall between these hosts that drops the established packets after some time puppetd hangs forever instead of closing the connection after some timeout and retrying later. can you reproduce that and get details about where it hangs? If --trace - --debug isn't verbose enough, maybe with ruby --debug puppet ... Are these already known/fixed? I would say 1 and 3 are together one, which would be nice if you can reproduce it and file reports with debug data. And 2 is imho the cause for #2888 which would be awesome if you could add more details. Thanks. cheers pete -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuYJRsACgkQbwltcAfKi38iQgCcDCqa6DjYAYUo9Y2zA4Iss3yl bsUAn0/+EbrR5BLaLEDV640gYfm3CzE8 =i/28 -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Making Puppet run faster
On Wed, Mar 10, 2010 at 1:38 PM, Douglas Garstang
doug.garst...@gmail.com wrote:
On Wed, Mar 10, 2010 at 1:34 PM, Douglas Garstang
doug.garst...@gmail.com wrote:
On Wed, Mar 10, 2010 at 1:17 PM, Brice Figureau
brice-pup...@daysofwonder.com wrote:
On 10/03/10 22:06, Douglas Garstang wrote:
So, it became apparent to me, after emailing someone off list, that
managing a lot of files in deep directory structures might be part of
the cause.
We are running 10 instances of JBOSS and 10 instances of tomcat on
each of these servers. Don't ask me why, it's just the way it was done
before I arrived and changing it is not trivial.
On disk, each instance of JBOSS starts at
/opt/jboss/current/server/tfelN (where N is the instance number)
and each instance of tomcat starts at:
/opt/tomcat/tfelN/starterkit/current (where N is the instance number)
Do you source the whole hierarchy?
Or do you only manage it?
I manually looked through the puppet config and counted 25 unique
files that are being managed for jboss and tomcat within these paths.
If you do the math, 25 x 10 x 2 = 500. That's therefore (currently)
500 unique files that are being managed in these deep directory
structures. Could that potentially be the reason behind puppets crap
performance?
What do you manage for those files?
But no, 500 doesn't seem like a high number to me.
You mentioned in another e-mail in this thread that the problem is more
the 20 minutes run than the CPU.
Could it be possible you have many slow execs?
Or you manage many packages?
This also reminds me Ohad's bug:
http://projects.reductivelabs.com/issues/1719
At this stage you should probably run puppetd on the console in --debug
to see what happens (and run with --summarize too) and if it stalls.
I just ran puppet in debug mode and it was obvious that most of the
puppet run time was spent in checksumming files.
Eg:
debug:
//Node[app01.fr.xxx.com]/Jboss::Instance[tfel8]/File[/opt/jboss/current/server/tfel8/conf/jboss.web/localhost/rewrite.properties]:
Creating checksum {md5}f5d16bcc20b92631eb59514018fd34e5
... takes a long time to run. Multiple that by several hundred files...
However, when I run this on the command line:
md5sum
/opt/jboss/current/server/tfel8/conf/jboss.web/localhost/rewrite.properties
... the result is instananeous... So... is puppet using a ruby library
for performing md5 checksums? Is that where the performance bottle
neck could be?
Doug
Jeez. it went quiet in this thread didn't it...
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Failed to retrieve current state of resource a.o
On Wed, Mar 10, 2010 at 11:35 PM, skoesters skoest...@gmx.de wrote: err: /File[/var/lib/puppet/lib]: Failed to retrieve current state of resource: Could not retrieve information from source(s) puppet://puppet.domain.net/plugins do you have plugins in your fileserv.conf? if you do, try to remove it. warning: Value of 'preferred_serialization_format' (pson) is invalid for report, using default (marshal) Thats not a problem, basically its a warning message (which should have been a debug message IMHO) - saying that the report was serialized and send via marshal and not pson (as reports cant be serialized using pson at the moment). -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Is setting a dynamic namevar bad practice?
hmm.. one option would be to use a virtual @exec, and realize it instead.
Ohad
On Thu, Mar 11, 2010 at 7:45 AM, briwood briw...@berkeley.edu wrote:
An array is passed to aegir::platform_directory causing it to invoke
the define aegir::platform_directory multiple times. In the define I
set namevar of the exec to unpack-drupal-${name} in order to to
avoid the error Duplicate definition: Exec[unpack-drupal].
class aegir::platform::dev inherits aegir::platform {
$environments = [ dev, qa ]
if $environments {
aegir::platform_directory { $environments:
platform_dir = $platform_dir,
}
}
}
define aegir::platform_directory (
ensure = directory,
source = puppet:///aegir/empty
) {
file {${name}:
ensure = $ensure,
recurse = true,
force = $ensure ? {
absent = true,
default = false
},
source = $source,
owner = $aegir_unix_user,
group = $aegir_unix_group,
#TODO: selinux
mode = 775,
}
/*
* setting namevar unpack-drupal-${name} to avoid Duplicate
definition:
* Exec[unpack-drupal] resulting from passing an array to this
define.
*
* tar.gz files seem to be automatically cleaned up--no need to
remove them.
*/
exec { unpack-drupal-${name}:
command = /bin/tar zxf *.gz /bin/rm *.gz,
cwd = $name,
onlyif = test -e *.gz,
require = File[$name],
}
}
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com
.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] London Puppet Training - Early-bird rate expires March 15th
Hi All - Early registration is still available for Puppet Training in London: Puppet Master Training: March 29-31st: March 16th = £1,495, March 15th = £1,595. Puppet Developer Training: April 1st 2nd: March 16th = £895, March 15th = £995. Sign up Here to reserve your seat: http://www.regonline.com/Checkin.asp?EventId=813907 We're about 3/4 full at this point so still have some room. Becoming a Puppet Master - 3 Days: Puppet Training consists of 3 days of hands-on training performed by a Reductive Labs Puppet professional. Attendees will be taught the principles and best practices of Puppet in a series of lectures and labs.This training is ideal for those who want a Puppet jumpstart. Newer members at an organization already using Puppet, or experienced sysadmins wanting to bring Puppet into their team will get everything they need to deploy solutions. Topics covered include: * Configuring Puppet and Puppetmaster * Resource Types and the Resource Abstraction Layer * Virtual Resources, Exported Resources and Stored Configs * Meta-parameters, Dependencies and Events * Classes, Modules and Definitions * Tags and Environments * Puppet Language Patterns and Best Practices Puppet Developer Curriculum - 2 Days: This is an advanced course for those Puppet users who are interested in developing skills and learning best practices for creating their own custom Resource Types and Modules. * Introduction to Ruby for Puppet * Advanced Function and Fact development * Resource Type and Provider development * Testing practices and RSpec for Puppet Looking forward to seeing you there. Any questions? Need lodging recommendations? Email me at sc...@reductivelabs.com or call at 1.503.805.9065. Best, Scott C. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Failed to retrieve current state of resource a.o
Hi and thanks for your answer, no, i do not have plugins in my fileserver config. my puppet.conf looks like this: --- [main] # Where Puppet stores dynamic and growing data. # The default value is '/var/puppet'. vardir = /var/lib/puppet # The Puppet log directory. # The default value is '$vardir/log'. logdir = /var/log/puppet # Where Puppet PID files are kept. # The default value is '$vardir/run'. rundir = /var/run/puppet # Where SSL certificates are kept. # The default value is '$confdir/ssl'. ssldir = $vardir/ssl pluginsync = false factpath = $vardir/lib/facter [puppetd] vardir = /var/lib/puppet # The file in which puppetd stores a list of the classes # associated with the retrieved configuratiion. Can be loaded in # the separate ``puppet`` executable using the ``--loadclasses`` # option. # The default value is '$confdir/classes.txt'. classfile = $vardir/classes.txt # Where puppetd caches the local configuration. An # extension indicating the cache format is added automatically. # The default value is '$confdir/localconfig'. localconfig = $vardir/localconfig report = true splay = true splaylimit = 300 [puppetmasterd] vardir = /var/lib/puppet user=puppet group=puppet --- with pluginsync = false everything looks ok: --- [r...@div ~]# puppetd --server puppet.domain.net --test info: Caching catalog for div.domain.net info: Applying configuration version '1268289896' warning: Value of 'preferred_serialization_format' (pson) is invalid for report, using default (marshal) notice: Finished catalog run in 0.09 seconds --- with pluginsync = true i get the error message: --- [r...@div ~]# puppetd --server puppet.domain.net --test info: Retrieving plugin err: /File[/var/lib/puppet/lib]: Failed to retrieve current state of resource: Could not retrieve information from source(s) puppet://puppet.domain.net/plugins notice: /File[/var/lib/puppet/lib/facter]: Dependency file[/var/lib/ puppet/lib] has 1 failures warning: /File[/var/lib/puppet/lib/facter]: Skipping because of failed dependencies info: Caching catalog for div.domain.net info: Applying configuration version '1268290128' warning: Value of 'preferred_serialization_format' (pson) is invalid for report, using default (marshal) notice: Finished catalog run in 0.09 seconds --- best regards Sebastian On Mar 11, 2:53 am, Ohad Levy ohadl...@gmail.com wrote: On Wed, Mar 10, 2010 at 11:35 PM, skoesters skoest...@gmx.de wrote: err: /File[/var/lib/puppet/lib]: Failed to retrieve current state of resource: Could not retrieve information from source(s) puppet://puppet.domain.net/plugins do you have plugins in your fileserv.conf? if you do, try to remove it. warning: Value of 'preferred_serialization_format' (pson) is invalid for report, using default (marshal) Thats not a problem, basically its a warning message (which should have been a debug message IMHO) - saying that the report was serialized and send via marshal and not pson (as reports cant be serialized using pson at the moment). -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
