| About https://github.com/puppetlabs/puppet/blob/84bf2d8607a6ac9ffde4a061d25016afc06165b5/lib/puppet/configurer.rb#L74, the issue is we can't differentiate between the user wanted to used a cached catalog puppet agent --use_cached_catalog vs we're falling back to using the cached catalog. Can we modify the configurer so it uses Puppet[:use_cached_catalog] to determine what the initial intent was, while it uses a local variable to determine which mode we're currently in. And then if pluginsync fails, we change the local variable, but not Puppet[:use_cached_catalog]? About the inconsistencies when ignore_plugin_errors==false due to partial downloads, yeah, we have that issue now (prior to the ignore_plugin_errors when falling back to cached catalog). For example, normal daemonized agent does pluginsync, fails and the failure is ignored, agent requests catalog, which fails and falls back to cached catalog, but plugins may not match. I think to fix this plugins need to be downloaded in an atomic way. One option is to create a secure directory with the same parent as Puppet[:libdir] and use it to pluginsync. To avoid downloading files we already have, you'd have to copy everything from Puppet[:libdir] to libnew. So maybe something like: 1. create lib.new using ruby equivalent of mktemp -d lib.new and restrict permissions so only the current user can write
2. Pluginsync to lib.new
3. Rename Puppet[:libdir] to lib.old
4. Rename lib.new to Puppet[:libdir]
5. Delete lib.old recursively It's possible for puppet to crash/ctrl-c between any of those points. If it occurs between 3 and 4, then puppet will have lost all of its plugins. To account for that, if puppet starts and lib.old exists, but Puppet[:libdir] doesn't, then have recover its plugins by renaming lib.old to Puppet[:libdir]. If the crash occurs between 4 and 5, then the new plugins have been committed. So when puppet starts, if Puppet[:libdir] exists, have it delete the stale lib.old. That said, I'm thinking we should file a separate ticket to ensure pluginsync is atomic (since there's always been an opportunity for inconsistent plugins when falling back to a cached catalog). Thoughts? |
