Jira (PUP-8662) puppet plugin download doesn't re-use HTTP connections

0 views
Skip to first unread message

Charlie Sharpsteen (JIRA)

unread,
Apr 13, 2018, 8:34:03 PM4/13/18
to puppe...@googlegroups.com
Charlie Sharpsteen created an issue
 
Puppet / Bug PUP-8662
puppet plugin download doesn't re-use HTTP connections
Issue Type: Bug Bug
Affects Versions: PUP 5.5.0, PUP 4.10.10
Assignee: Unassigned
Created: 2018/04/13 5:33 PM
Priority: Normal Normal
Reporter: Charlie Sharpsteen

The puppet plugin download command doesn't re-use connections to the
Puppet Server when downloading plugins from modules. This adds considerable time to
downloads along with extra load on the Puppet Server due to multiple redundant TLS handshakes.

Reproduction Case

  • Install puppet-agent 5.5.0 and puppetserver 5.3.0 on a CentOS 7
    node:

rpm -Uvh http://yum.puppetlabs.com/puppet5/puppet5-release-el-7.noarch.rpm
 
yum install -y puppet-agent-5.5.0 puppetserver-5.3.0

  • Configure the puppet agent to connect to the local host and start
    puppetserver:

/opt/puppetlabs/bin/puppet config set --section main server $(hostname -f)
 
systemctl start puppetserver

  • Run puppet agent -t to verify things work.
  • Install the puppetlabs-windows module, which brings in a ton of
    plugins that will have to be synced:

/opt/puppetlabs/bin/puppet module install puppetlabs-windows

  • Empty the plugin cache, and time a puppet agent run along with the
    number of network connections it opens:

rm -rf /opt/puppetlabs/puppet/cache/lib
 
time /opt/puppetlabs/bin/puppet agent -t --http_debug 2>&1|grep -e Info: -e 'opening connection'

  • Empty the cache again and time a puppet plugin download run along
    with the number of network connections opened:

rm -rf /opt/puppetlabs/puppet/cache/lib
 
time /opt/puppetlabs/bin/puppet plugin download --verbose --http_debug 2>&1|grep -e Info: -e 'opening connection'

Outcome

The puppet agent run uses a handful of connections:

# rm -rf /opt/puppetlabs/puppet/cache/lib
 
# time /opt/puppetlabs/bin/puppet agent -t --http_debug 2>&1|grep -e Info: -e 'opening connection'
 
 
 
opening connection to wzwhytp204ipraf.delivery.puppetlabs.net:8140...
 
Info: Using configured environment 'production'
 
Info: Retrieving pluginfacts
 
Info: Retrieving plugin
 
opening connection to wzwhytp204ipraf.delivery.puppetlabs.net:8140...
 
Info: Retrieving locales
 
Info: Loading facts
 
Info: Caching catalog for wzwhytp204ipraf.delivery.puppetlabs.net
 
Info: Applying configuration version '1523665266'
 
 
 
real	0m43.990s
 
user	0m16.685s
 
sys	0m1.497s

The puppet plugin download run uses hundreds of connections and takes much
longer than the puppet agent run despite only doing a subset of the work:

# rm -rf /opt/puppetlabs/puppet/cache/lib
 
# time /opt/puppetlabs/bin/puppet plugin download --verbose --http_debug 2>&1|grep -e Info: -e 'opening connection'
 
 
 
Info: Retrieving pluginfacts
 
opening connection to wzwhytp204ipraf.delivery.puppetlabs.net:8140...
 
Info: Retrieving plugin
 
opening connection to wzwhytp204ipraf.delivery.puppetlabs.net:8140...
 
opening connection to wzwhytp204ipraf.delivery.puppetlabs.net:8140...
 
opening connection to wzwhytp204ipraf.delivery.puppetlabs.net:8140...
 
... omitted hundreds of open calls for brevity ...
 
opening connection to wzwhytp204ipraf.delivery.puppetlabs.net:8140...
 
opening connection to wzwhytp204ipraf.delivery.puppetlabs.net:8140...
 
opening connection to wzwhytp204ipraf.delivery.puppetlabs.net:8140...
 
opening connection to wzwhytp204ipraf.delivery.puppetlabs.net:8140...
 
Info: Retrieving locales
 
opening connection to wzwhytp204ipraf.delivery.puppetlabs.net:8140...
 
 
 
real  3m39.345s
 
user  1m29.576s
 
sys 0m2.405s

Expected Outcome

The puppet plugin download action should complete much faster than
puppet agent -t when populating a cold plugin cache.
Add Comment Add Comment
 
This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)
Atlassian logo

Charlie Sharpsteen (JIRA)

unread,
Apr 13, 2018, 8:34:03 PM4/13/18
to puppe...@googlegroups.com
Charlie Sharpsteen updated an issue
Change By: Charlie Sharpsteen
Priority: Normal Major

Josh Cooper (JIRA)

unread,
Apr 16, 2018, 4:16:04 PM4/16/18
to puppe...@googlegroups.com
Josh Cooper updated an issue
Change By: Josh Cooper
Team: Platform Core Coremunity

Josh Cooper (JIRA)

unread,
Aug 12, 2019, 7:06:03 PM8/12/19
to puppe...@googlegroups.com
Josh Cooper assigned an issue to Josh Cooper
Change By: Josh Cooper
Assignee: Josh Cooper

Josh Cooper (JIRA)

unread,
Aug 12, 2019, 7:06:04 PM8/12/19
to puppe...@googlegroups.com
Josh Cooper updated an issue
Change By: Josh Cooper
Sprint: Platform Core KANBAN

Josh Cooper (JIRA)

unread,
Aug 12, 2019, 8:24:04 PM8/12/19
to puppe...@googlegroups.com
Josh Cooper updated an issue
Change By: Josh Cooper
Fix Version/s: PUP 6.4.4
Fix Version/s: PUP 6.0.11
Fix Version/s: PUP 5.5.17

Josh Cooper (JIRA)

unread,
Aug 12, 2019, 8:26:02 PM8/12/19
to puppe...@googlegroups.com
Josh Cooper commented on Bug PUP-8662
 
Re: puppet plugin download doesn't re-use HTTP connections

The networking and ssl code is fragile prior to 6.4, so for those versions I've added a simple patch to fix puppet plugin download specifically. I'll file a separate ticket to delete the non-caching pool to avoid this kind of problem in the future, and same with the puppet device command. The reason I couldn't do that earlier, is we have to be careful about reusing connections with different SSL context/trust stores, and that's not possible in the older code.

Kris Bosland (JIRA)

unread,
Aug 16, 2019, 6:07:02 PM8/16/19
to puppe...@googlegroups.com
Kris Bosland commented on Bug PUP-8662

Merged to master at 0fd3f00.

Josh Cooper (JIRA)

unread,
Aug 21, 2019, 3:03:04 PM8/21/19
to puppe...@googlegroups.com
Josh Cooper updated an issue
Change By: Josh Cooper
Release Notes Summary: puppet plugin download will reuse HTTPS connections significantly speeding up the download process.
Release Notes: Bug Fix

Josh Cooper (JIRA)

unread,
Aug 21, 2019, 3:03:05 PM8/21/19
to puppe...@googlegroups.com

Dorin Pleava (JIRA)

unread,
Sep 11, 2019, 9:23:04 AM9/11/19
to puppe...@googlegroups.com
Dorin Pleava updated an issue
 
Change By: Dorin Pleava
Fix Version/s: PUP 6.9.0

Josh Cooper (JIRA)

unread,
Sep 16, 2019, 2:59:05 PM9/16/19
to puppe...@googlegroups.com
Josh Cooper updated an issue
Change By: Josh Cooper
Fix Version/s: PUP 6.0.11

Jean Bond (JIRA)

unread,
Sep 16, 2019, 4:14:59 PM9/16/19
to puppe...@googlegroups.com
Jean Bond updated an issue
Change By: Jean Bond
Labels: resolved-issue-added
Reply all
Reply to author
Forward
0 new messages