http keep alive timeout in puppetserver (ie, NOT apache)

[Matthew Nicholson]

So, in my shops setup we're doing puppetmaster load balancing via consul DNS, so, when agents run, they ask for puppetserver.service.consul, which returns what basically looks like RRDNS for the puppetservers which are up and available at that time. These records are, by design, served with a TTL of 0.

My problem is that, when agents have slow catalog runs (high load on those nodes, non-puppet related), I THINK whats happening is they are hitting their http_keepalive_timeout limit, closing their connection, and opening a new one, which most of the time will NOT end up going to the same  puppetserver that had previously built its catalog, resulting in an 'end of file' error. 

I know you can tune the agent side http_keepalive_timeout value, and I have, and thats helped, but docs say this needs to be lower than the servers version of that, however, it seems all docs refer to setting that in Apache/Passenger, not in the new Java PuppetServer. 

So, my question is, IS there a equiv? Can i just crank that up agent side until I'm satisfied agents will hold their initial connection open for the durration of their run, without puppetserver side changes? 

Thanks! 

Matt 

[Kevin Corcoran]

Matt,

I believe that the 'idle-timeout-milliseconds' is what you're looking for.  You'll want to put this in /etc/puppetlabs/puppetserver/conf.d/webserver.conf, inside the 'webserver' section in that file.  Here's a link to the documentation for that setting: https://github.com/puppetlabs/trapperkeeper-webserver-jetty9/blob/master/doc/jetty-config.md#idle-timeout-milliseconds.  You might also be interested in the 'so-linger-seconds' setting in that document.

Kevin