Is it possible to puppet agent applies the config even when puppet master is unreachable?
1,009 views
Skip to first unread message
Armindo Silva
Nov 24, 2013, 10:46:17 AM11/24/13
to puppet...@googlegroups.com
I have several windows machines that are manage using puppet. Some of the machines connect to master through a openvpn tunnel, so when the openvpn client's service is stopped (sometimes by a rogue user), the puppet agent does not apply the config.
Is it possible make puppet agent use the cached configuration and apply the latest config it was able to fetch from the master? (which in my case includes ensuring the openvpn service is running).
Thank you.
Regards,
Armindo
Cristian Falcas
Nov 24, 2013, 4:13:14 PM11/24/13
to puppet...@googlegroups.com
From here http://docs.puppetlabs.com/learning/manifests.html :
puppet apply /path/to/your/manifest/init.pp
Or like so:
puppet apply --modulepath=/path/to/your/manifest -e "include my_class"
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/191056e4-e77b-4502-bb2d-ad72a9f8a129%40googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
puppet apply /path/to/your/manifest/init.pp
Or like so:
puppet apply --modulepath=/path/to/your/manifest -e "include my_class"
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/191056e4-e77b-4502-bb2d-ad72a9f8a129%40googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
Jo Rhett
Nov 24, 2013, 5:17:56 PM11/24/13
to puppet...@googlegroups.com
--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/191056e4-e77b-4502-bb2d-ad72a9f8a129%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
--
Jo Rhett
Net Consonance : net philanthropy to improve open source and internet projects.
Jo Rhett
Net Consonance : net philanthropy to improve open source and internet projects.
Author of Instant Puppet 3 Starter: http://www.netconsonance.com/instant-puppet-3-starter-book/
Felix Frank
Nov 27, 2013, 5:00:37 AM11/27/13
to puppet...@googlegroups.com
On 11/24/2013 11:17 PM, Jo Rhett wrote:
> You want
> this: http://docs.puppetlabs.com/references/latest/configuration.html#usecacheonfailure
+1
> You want
> this: http://docs.puppetlabs.com/references/latest/configuration.html#usecacheonfailure
Also, note that --test explicitly disables this option, but it should
default to enabled when *not* using --test, i.e. just --onetime
--no-daemonize.
R.I.Pienaar
Nov 27, 2013, 5:03:49 AM11/27/13
to puppet...@googlegroups.com
----- Original Message -----
> From: "Felix Frank" <felix...@alumni.tu-berlin.de>
> To: puppet...@googlegroups.com
> Sent: Wednesday, November 27, 2013 10:00:37 AM
> Subject: Re: [Puppet Users] Is it possible to puppet agent applies the config even when puppet master is unreachable?
>
> On 11/24/2013 11:17 PM, Jo Rhett wrote:
> > You want
> > this:
> > http://docs.puppetlabs.com/references/latest/configuration.html#usecacheonfailure
>
> +1
so those will fail.
worse the cache can open you to really nasty edge cases where you have a catalog compiled
for one set of manifests+files but if its reused later you might be getting files from
a newer code base which will really spoil your day.
The static catalog compiler thing will help with some of this - though still not for
a offline master - but it has many bugs and questionable implementation mechanics :(
You really want to think very very carefully before using the cache in production.
I'd say this option should be off by default
Armindo Silva
Nov 27, 2013, 7:38:00 AM11/27/13
to puppet...@googlegroups.com
Hi, first thank you for all your answers :)
I also dislike using cache on production, but if a node can not reach the master it should still be able to enforce the configuration it already received from the master.
I tried several options on puppet.conf from the node
usecacheonfailure=true
use_cached_catalog=true
ignorecache=false
But I always get this error when running the puppet agent:
Error: Failed to apply catalog: A connection attempt failed because the connected party did not
properly respond after a period of time, or established connection failed because connected host
has failed to respond. - connect(2)
Any ideas?
Thank you.
Armindo
I also dislike using cache on production, but if a node can not reach the master it should still be able to enforce the configuration it already received from the master.
I tried several options on puppet.conf from the node
usecacheonfailure=true
use_cached_catalog=true
ignorecache=false
But I always get this error when running the puppet agent:
Error: Failed to apply catalog: A connection attempt failed because the connected party did not
properly respond after a period of time, or established connection failed because connected host
has failed to respond. - connect(2)
Any ideas?
Thank you.
Armindo
Reply all
Reply to author
Forward
0 new messages