runinterval vs 'puppet agent --test'

[gene...@icloud.com]

I'm a new puppet user; just now doing some testing in a sandbox environment.

I have added 'runinterval' to the [agent] section of puppet.conf on one agent and set it to 60.   I can see (via 'tail -f /var/log/messages | grep puppet:') now that I get a "Notice:  Compiled catalog for myagent in environment production in 0.00 seconds' message every minute now on the puppet server so I'm assuming the new runinterval has taken effect on the one agent.

However, when I make a change for that node in a manifest on the server, it doesn't get pushed to the agent at its next check in.  In this case the change is to have telnet installed on the agent.  So, on the agent i'm testing with a 'which telnet' and it doesn't find /usr/bin/telnet.  

So, being impatient, from the agent  I run 'puppet agent --test' and it then installs telnet.  So, I manually remove it (yum remove telnet) and wait to see when puppet will install it again.  I don't see it happening though unless i force it with the 'puppet agent --test' run on the agent.

I'm sure I'm missing something in my understanding of what should be happening.  When the agent 'checks in' once every 60 seconds (because of my runinterval setting on the agent, shouldn't it detect that the actual configuration doesn't match the manifest and then install telnet again?

Thanks in advance for guidance!

Gene

[Philipp Dallig]

Ich think thats a caching problem.
Take a look into https://docs.puppetlabs.com/references/3.6.2/man/agent.html. Search for "--test".
Text you should found:

--test

Enable the most common options used for testing. These are 'onetime', 'verbose', 'ignorecache', 'no-daemonize', 'no-usecacheonfailure', 'detailed-exitcodes', 'no-splay', and 'show_diff'.

ignorecache is set with "--test". Default we have a cache of 3 Minutes. I think that should be the config value: https://docs.puppetlabs.com/references/latest/configuration.html#environmenttimeout

Philipp

[jcbollinger]

On Friday, October 31, 2014 2:19:58 PM UTC-5, gene...@icloud.com wrote:

I'm a new puppet user; just now doing some testing in a sandbox environment.

I have added 'runinterval' to the [agent] section of puppet.conf on one agent and set it to 60.   I can see (via 'tail -f /var/log/messages | grep puppet:') now that I get a "Notice:  Compiled catalog for myagent in environment production in 0.00 seconds' message every minute now on the puppet server so I'm assuming the new runinterval has taken effect on the one agent.

That's a very short run interval.  If your purpose for setting it so short is to facilitate testing then ok, but you are unlikely to be able to support many production clients if they all use such a short interval.

However, when I make a change for that node in a manifest on the server, it doesn't get pushed to the agent at its next check in.  In this case the change is to have telnet installed on the agent.  So, on the agent i'm testing with a 'which telnet' and it doesn't find /usr/bin/telnet.  

So, being impatient, from the agent  I run 'puppet agent --test' and it then installs telnet.  So, I manually remove it (yum remove telnet) and wait to see when puppet will install it again.  I don't see it happening though unless i force it with the 'puppet agent --test' run on the agent.

A manual agent run with --test does not itself produce different behavior at the master than an automated daemon-mode run does, and the agent's subsequent behavior depends entirely on machine state and the catalog provided by the master.  I suspect you are experiencing a cache timeout issue, the timing of which happened to mislead you about the nature of the problem.

 

I'm sure I'm missing something in my understanding of what should be happening.  When the agent 'checks in' once every 60 seconds (because of my runinterval setting on the agent, shouldn't it detect that the actual configuration doesn't match the manifest and then install telnet again?

The master improves performance and capacity by caching parsed manifests for a time (5 minutes by default, IIRC).  Details vary a bit with which version of the master you use, and with whether you are using (deprecated) 'config file environments' or their preferred replacement 'directory environments'.  Any way around, unless you have disabled caching altogether, there may be a delay between when you modify a manifest at the master and when the effects of that change start showing up in the catalogs the master builds.

The main way to flush the environment cache is to restart the master, which can be very smooth if you're running in a Rack server such as Passenger (just do a 'graceful' restart), but which incurs a brief down time if you're running a standalone master.


John

[Felix Frank]

On 11/02/2014 08:57 AM, Philipp Dallig wrote:
> ignorecache is set with "--test". Default we have a cache of 3 Minutes.
> I think that should be the config value:
> https://docs.puppetlabs.com/references/latest/configuration.html#environmenttimeout

You're mixing caching scopes here.

The ignorecache setting on the agent basically tells Puppet to not use
the locally cached catalog in case that the master fails to serve a new
catalog.

As far as I know, there is no way for the agent to tell the master to
process a catalog request and ignore caches while doing so.

The general problem is indeed confusing, because puppet agent --test
should not receive a different catalog than a background agent that is
running right before or after the --test invocation.

To the OP, here are things that you can check
- syslog on the agent system, the background agent should leave some
log traces
- /var/lib/puppet/state on the agent, which should be updated by the
background process - it includes the mentioned cached catalog, which you
should inspect to find wether the telnet package is in there or not

You might even wish to enable debug logging for the background agent, in
puppet.conf.

HTH,
Felix