Page MenuHomePhabricator
Create Task
Maniphest T248169

puppet populate failing on some nodes
Closed, ResolvedPublic
Actions

Description

the puppet-populate script and the puppet lookup --compile fail to resolve trusted facts. This means that it is not possible to use the compile command and also means some nodes are not present in the PCC .

PUP-5441 and PUP-9207 both seems to document similar issues

populate_puppetdb.py shows the following error when compiling however it only seems to trigger on some nodes and im not currently sure why

 2020-03-20T13:00:52 ] ERROR: Compilation failed for host chlorine.eqiad.wmnet: Command '['puppet', 'master', '--vardir=/var/lib/catalog-differ/puppet', '--modulepath=/tmp/fill-puppetdblS5HL2/1/production/private/modules:/tmp/fill-puppetdblS5HL2/1/production/src/modules', '--confdir=/tmp/fill-puppetdblS5HL2/1/production/src', '--compile=chlorine.eqiad.wmnet', '--color=false', '--yamldir=/var/lib/catalog-differ/puppet/yaml/puppetmaster1001.eqiad.wmnet', '--manifest=$confdir/manifests', '--environmentpath=$confdir/environments', '--storeconfigs', '--storeconfigs_backend=puppetdb']' returned non-zero exit status 30
Traceback (most recent call last):
  File "build/bdist.linux-x86_64/egg/puppet_compiler/puppet.py", line 83, in compile_storeconfigs
    subprocess.check_call(cmd, stdout=out, stderr=err, env=env)
  File "/usr/lib/python2.7/subprocess.py", line 190, in check_call
    raise CalledProcessError(retcode, cmd)
CalledProcessError: Command '['puppet', 'master', '--vardir=/var/lib/catalog-differ/puppet', '--modulepath=/tmp/fill-puppetdblS5HL2/1/production/private/modules:/tmp/fill-puppetdblS5HL2/1/production/src/modules', '--confdir=/tmp/fill-puppetdblS5HL2/1/production/src', '--compile=chlorine.eqiad.wmnet', '--color=false', '--yamldir=/var/lib/catalog-differ/puppet/yaml/puppetmaster1001.eqiad.wmnet', '--manifest=$confdir/manifests', '--environmentpath=$confdir/environments', '--storeconfigs', '--storeconfigs_backend=puppetdb']' returned non-zero exit status 30
Error: Evaluation Error: Left match operand must result in a String value. Got an Undef Value. (file: /tmp/fill-puppetdblS5HL2/1/production/src/manifests/realm.pp, line: 23, column: 4) on node chlorine.eqiad.wmnet

Error: Evaluation Error: Left match operand must result in a String value. Got an Undef Value. (file: /tmp/fill-puppetdblS5HL2/1/production/src/manifests/realm.pp, line: 23, column: 4) on node chlorine.eqiad.wmnet

Warning: Failed to compile catalog for node chlorine.eqiad.wmnet: Evaluation Error: Left match operand must result in a String value. Got an Undef Value. (file: /tmp/fill-puppetdblS5HL2/1/production/src/manifests/realm.pp, line: 23, column: 4) on node chlorine.eqiad.wmnet

Error: Failed to compile catalog for node chlorine.eqiad.wmnet: undefined method `to_resource' for nil:NilClass

Details

SubjectRepoBranchLines +/-
C:puppetdb::app: update puppet_compiler to scriptsoperations/puppetproduction+46 -56
populate_puppetdb: Add support for reading facts directly from diskoperations/software/puppet-compilermaster+58 -33
realm.pp: try and fix populate puppetdboperations/puppetproduction+3 -3
realm.pp: trusted facts unavailable when performing a lookup or pccoperations/puppetproduction+9 -3
Customize query in gerrit

Event Timeline

jbond created this task.Mar 20 2020, 1:05 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMar 20 2020, 1:05 PM
jbond added a comment.Mar 20 2020, 1:59 PM

I think the reason that it works on some nodes and not others is because the puppetdb contains trusted facts. My working theory is that if you successfully compile a host then puppet db will automaticity populate the trusted facts variable. Theses trusted facts will then be available on further compilations. Once trusted facts where added to realm.pp any nodes that were not already in the puppetdb started to fail compilation as the trusted facts are not available. however anything which was already in the DB would work successfully

gerritbot added a comment.Mar 20 2020, 2:21 PM

Change 582048 had a related patch set uploaded (by Jbond; owner: John Bond):
[operations/puppet@production] realm.pp: fact the trusted certname fact if performing a lookup or pcc

https://gerrit.wikimedia.org/r/582048

gerritbot added a project: Patch-For-Review.Mar 20 2020, 2:21 PM
jbond added a comment.Mar 20 2020, 2:27 PM

looks like puppet lookup has plans to support this at some point

jbond moved this task from Unsorted 💣 to Active 🚁 on the User-jbond board.Mar 24 2020, 1:29 PM
gerritbot added a comment.Mar 26 2020, 12:22 PM

Change 582048 merged by Jbond:
[operations/puppet@production] realm.pp: trusted facts unavailable when performing a lookup or pcc

https://gerrit.wikimedia.org/r/582048

jbond closed this task as Resolved.Apr 16 2021, 10:46 AM

This is now possible using the cumin: Host variable override

Maintenance_bot removed a project: Patch-For-Review.Apr 16 2021, 11:10 AM
gerritbot added a comment.Feb 8 2022, 11:06 AM

Change 760909 had a related patch set uploaded (by Jbond; author: jbond):

[operations/puppet@production] realm.pp: try and fix populate puppetdb

https://gerrit.wikimedia.org/r/760909

Restricted Application added a project: Infrastructure-Foundations. · View Herald TranscriptFeb 8 2022, 11:06 AM
gerritbot added a project: Patch-For-Review.Feb 8 2022, 11:06 AM
gerritbot added a comment.Feb 8 2022, 11:14 AM

Change 760909 merged by Jbond:

[operations/puppet@production] realm.pp: try and fix populate puppetdb

https://gerrit.wikimedia.org/r/760909

Maintenance_bot removed a project: Patch-For-Review.Feb 8 2022, 12:10 PM
jbond added a comment.EditedFeb 8 2022, 1:27 PM

This is still not working. It seems we get to a state where puppetdb has an empty facts result. from what i can tell puppet queries puppetdb for facts gets a 200 with an empty set and then uses that. ideally we want to just force populate puppetdb to use the on disc yaml file all the time. so far i have tried adding a routs.yaml file but that dosn't seem to help

for information i dumped the settings used by populate_puppetdb

jbond added a comment.Feb 8 2022, 1:36 PM

currently running a local hack which adds a routes.yaml file

master:
  facts: {cache: yaml, terminus: yaml}
gerritbot added a comment.Feb 8 2022, 2:51 PM

Change 760955 had a related patch set uploaded (by Jbond; author: jbond):

[operations/puppet@production] C:puppetdb::app: update puppet_compiler to scripts

https://gerrit.wikimedia.org/r/760955

gerritbot added a project: Patch-For-Review.Feb 8 2022, 2:51 PM
gerritbot added a comment.Feb 8 2022, 9:22 PM

Change 760949 had a related patch set uploaded (by Jbond; author: jbond):

[operations/software/puppet-compiler@master] populate_puppetdb: Add support for reading facts directly from disk

https://gerrit.wikimedia.org/r/760949

gerritbot added a comment.Feb 10 2022, 11:09 AM

Change 760949 merged by jenkins-bot:

[operations/software/puppet-compiler@master] populate_puppetdb: Add support for reading facts directly from disk

https://gerrit.wikimedia.org/r/760949

gerritbot added a comment.Feb 10 2022, 11:37 AM

Change 760955 merged by Jbond:

[operations/puppet@production] C:puppetdb::app: update puppet_compiler to scripts

https://gerrit.wikimedia.org/r/760955

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL