Page MenuHomePhabricator
Create Task
Maniphest T350809

Sporadic puppet failures
Closed, ResolvedPublic
Actions

Description

Since moving to puppet7 puppet runs have started to have sporadic faliures with error messages such as

/Stage[main]/Base::Screenconfig/File[/root/.screenrc]

Could not evaluate: Could not retrieve information from environment production source(s) puppet:///modules/base/screenrc

Theses errors happen at the time of puppet-merge and are a by product of using g10k. when we preform puppet merger to the puppet servers we update a repo in /srv/git/puppet and then use g10k to sync the data to /srv/puppet_code. during this time there is a short period of time when there is no data in /srv/puppet_code and as such we see theses errors. We did not have this issue on with puppet masters as puppet-merge updates the puppetcode directory directly, this has its own issue in that agents could get the wrong file or a partially written file.

We should investigate if we can improve g10k to make it atomic we could also consider removing g10k, this is not currently used however i think if we can keep it it opens up some possibilities for future improvements

Details

SubjectRepoBranchLines +/-
puppet-merge: add prometheus metricsoperations/puppetproduction+39 -1
puppet-merge: don't symlink environmentsoperations/puppetproduction+16 -9
puppet-merge: Fix up help messageoperations/puppetproduction+3 -3
puppet-merge: add prometheus metricsoperations/puppetproduction+33 -1
puppetserver: use a symlink to swap in new codeoperations/puppetproduction+70 -33
puppetserver: cache codeoperations/puppetproduction+365 -1
Customize query in gerrit

Related Objects
Search...

Event Timeline

jbond triaged this task as Medium priority.Nov 8 2023, 4:38 PM
jbond created this task.
Restricted Application added a project: Infrastructure-Foundations. · View Herald TranscriptNov 8 2023, 4:38 PM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
jbond added a comment.Nov 8 2023, 4:44 PM

https://github.com/xorpaul/g10k/issues/157 is intresting

jbond added a project: Puppet-Infrastructure.Nov 9 2023, 3:16 PM
jhathaway subscribed.Nov 9 2023, 3:16 PM
MoritzMuehlenhoff subscribed.Nov 9 2023, 3:17 PM
jhathaway added a comment.Nov 13 2023, 8:49 PM

I took a brief look around to try to understand what other folks are doing, but documentation is surprisingly sparse.

Code manager takes care of this in the enterprise version, they discussed implementing something in the opensource version, but never did, https://puppet.atlassian.net/browse/SERVER-1234.

Looks like most people cobble together something like:

  1. Stage new code
  2. Sync code to puppetservers
  3. Symlink new code into place
  4. Send a HUP signal to the puppetserver

The last step is also interesting, as it relates to puppetserver's caching ability. Evidently in the enterprise version environment_timeout is set to unlimited and Code Manager takes care of hitting puppetserver's rest endpoint to tell it to drop its caches when new code is pushed. A similar result can be obtained by HUPing puppetserver which is mentioned in the ticket. I tried that in the dcl lab environment and it significantly reduces successive puppet run times:

Puppet applies on pki1001:
With environment_timeout = 0 (default)

22 seconds

With environment_timeout = unlimited

14 seconds

With environment_timeout = unlimited, followed by, systemctl reload puppetserver

22 seconds

jbond added a comment.Nov 14 2023, 12:00 PM

@jhathaway thanks for investigating by the sounds of it would could probably have a bit of a win if we:

  • set environment_timeout = unlimited
  • update puppet-merge to do a systemctl reload puppetserver after g10k

I agree the best solution would be to make use of symlinks but by the sounds of it the above would still be an improvement?

jbond raised the priority of this task from Medium to High.Nov 14 2023, 4:16 PM
jbond removed a project: Puppet CI.

set priority to high as this is causing issues

gerritbot added a comment.Nov 14 2023, 11:17 PM

Change 974283 had a related patch set uploaded (by JHathaway; author: JHathaway):

[operations/puppet@production] puppetserver: cache code

https://gerrit.wikimedia.org/r/974283

gerritbot added a project: Patch-For-Review.Nov 14 2023, 11:17 PM
gerritbot added a comment.Nov 16 2023, 2:25 PM

Change 974283 merged by Jbond:

[operations/puppet@production] puppetserver: cache code

https://gerrit.wikimedia.org/r/974283

Maintenance_bot removed a project: Patch-For-Review.Nov 16 2023, 2:31 PM
jhathaway closed this task as Resolved.Nov 20 2023, 8:53 PM
jhathaway claimed this task.
jbond added a comment.Nov 21 2023, 11:19 AM

Looking at puppet board we are still having issues when we do a puppet merge. The following are times in utc where we had a puppet-merge occurring, each of theses times we have 8-10 puppet failures

  • 10:55:46
  • 11:02:35
  • 11:07:32
jbond reopened this task as Open.Nov 21 2023, 11:19 AM
jhathaway added a comment.Nov 21 2023, 2:52 PM

Thanks for reopening @jbond I'll take a look at those.

JMeybohm subscribed.Nov 22 2023, 4:25 PM
MatthewVernon mentioned this in T317616: Revisit CDN<-->Swift communication.Nov 22 2023, 4:34 PM
gerritbot added a comment.Nov 22 2023, 8:58 PM

Change 976857 had a related patch set uploaded (by JHathaway; author: JHathaway):

[operations/puppet@production] puppetserver: use a symlink to swap in new code

https://gerrit.wikimedia.org/r/976857

gerritbot added a project: Patch-For-Review.Nov 22 2023, 8:58 PM
gerritbot added a comment.Nov 22 2023, 10:23 PM

Change 976857 merged by JHathaway:

[operations/puppet@production] puppetserver: use a symlink to swap in new code

https://gerrit.wikimedia.org/r/976857

Maintenance_bot removed a project: Patch-For-Review.Nov 22 2023, 10:30 PM
gerritbot added a comment.Nov 23 2023, 12:01 AM

Change 976878 had a related patch set uploaded (by JHathaway; author: JHathaway):

[operations/puppet@production] puppet-merge: don't symlink environments

https://gerrit.wikimedia.org/r/976878

gerritbot added a project: Patch-For-Review.Nov 23 2023, 12:01 AM
gerritbot added a comment.Nov 23 2023, 12:10 AM

Change 976878 merged by JHathaway:

[operations/puppet@production] puppet-merge: don't symlink environments

https://gerrit.wikimedia.org/r/976878

Maintenance_bot removed a project: Patch-For-Review.Nov 23 2023, 12:10 AM
gerritbot added a comment.Nov 24 2023, 12:36 PM

Change 977185 had a related patch set uploaded (by Jbond; author: jbond):

[operations/puppet@production] puppet-merge: Fix up help message

https://gerrit.wikimedia.org/r/977185

gerritbot added a project: Patch-For-Review.Nov 24 2023, 12:36 PM
gerritbot added a comment.Nov 24 2023, 12:55 PM

Change 977184 had a related patch set uploaded (by Jbond; author: jbond):

[operations/puppet@production] puppet-merge: add prometheus metrics

https://gerrit.wikimedia.org/r/977184

gerritbot added a comment.Nov 28 2023, 11:06 AM

Change 977185 merged by Jbond:

[operations/puppet@production] puppet-merge: Fix up help message

https://gerrit.wikimedia.org/r/977185

gerritbot added a comment.Nov 28 2023, 11:06 AM

Change 977184 merged by Jbond:

[operations/puppet@production] puppet-merge: add prometheus metrics

https://gerrit.wikimedia.org/r/977184

Maintenance_bot removed a project: Patch-For-Review.Nov 28 2023, 11:10 AM
gerritbot added a comment.Nov 28 2023, 11:45 AM

Change 978017 had a related patch set uploaded (by Jbond; author: Jbond):

[operations/puppet@production] puppet-merge: add prometheus metrics

https://gerrit.wikimedia.org/r/978017

gerritbot added a project: Patch-For-Review.Nov 28 2023, 11:45 AM
jhathaway closed this task as Resolved.Dec 8 2023, 10:59 PM

I looked at a few puppet merge times in the puppetserver logs and compared those to puppetboard. I am not seeing sporadic failures anymore so resolving.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL