kreeuwijk
commented
3 years ago @ronvisser4 I'll test with a package collector and ensure_packages() function to workaround this issue.
Closed ronvisser4 closed 3 years ago
kreeuwijk
commented
3 years ago @ronvisser4 I'll test with a package collector and ensure_packages() function to workaround this issue.
kreeuwijk
commented
3 years ago @ronvisser4 this issue has been fixed in v0.2.8 of this module, which is now available on the Forge.
ronvisser4
commented
3 years ago Hi Kevin,
Thanks for your quick response.
I’m sorry to say it doesn’t always work. I tested version 0.2.9 and as you said it is now parse order dependent. So it fails in roughly 50% of the cases.
Regards Ron.
Van: Kevin Reeuwijk [mailto:notifications@github.com] Verzonden: vrijdag 15 januari 2021 11:52 Aan: puppetlabs/puppetlabs-patching_as_code puppetlabs-patching_as_code@noreply.github.com CC: Visser, Ron (R.L.) ron.visser.4@politie.nl; Mention mention@noreply.github.com Onderwerp: Re: [puppetlabs/puppetlabs-patching_as_code] duplicate declaration (#10)
@ronvisser4https://github.com/ronvisser4 this issue has been fixed in v0.2.8 of this module, which is now available on the Forge.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://github.com/puppetlabs/puppetlabs-patching_as_code/issues/10#issuecomment-760850883, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ASPEQGTXDJ64CEKEEBG564DS2AM4BANCNFSM4WDV7BHA.
kreeuwijk
commented
3 years ago OK, I'm aware of this and working on a solution.
kreeuwijk
commented
3 years ago @ronvisser4 please try v0.3.0 of the module, that should work for you.
ronvisser4
commented
3 years ago Hi Kevin,
Thanks for the fix! The duplicate declarations are gone!
But a new bug was introduced with this fix. Before the patches are applied the system reboots twice for pending reboots. After the patches are applied no reboot is issued although it should.
Environment: Patching_as_code v0.3.0 Server OS Ubuntu 20.04
Hiera definitions: patching_as_code::patch_group: test2 patching_as_code::patch_schedule: test2: day_of_week: Monday count_of_week: 4 hours: 10:30 - 11:00 max_runs: 1 reboot: ifneeded
Puppet runs Start time: Jan 25 2021 - 10:39:31 End time: Jan 25 2021 - 10:39:39 Logs: Jan 25 2021 - 10:39:39 /Stage[main]/Patching_as_code/Notify[Patching as Code - Pending reboot detected, performing reboot before patching...]/message start time: Jan 25 2021 - 10:41:04 end time: Jan 25 2021 - 10:41:11 logs: Jan 25 2021 - 10:41:11 /Stage[main]/Patching_as_code/Notify[Patching as Code - Pending reboot detected, performing reboot before patching...]/message
Start time: Jan 25 2021 - 10:42:27 End time: Jan 25 2021 - 10:47:42 This run updates 62 packages
After this puppet run the server needs a reboot according to the motd: 0 updates can be installed immediately. 0 of these updates are security updates.
System restart required
Regards, Ron.
Van: Kevin Reeuwijk [mailto:notifications@github.com] Verzonden: woensdag 20 januari 2021 18:34 Aan: puppetlabs/puppetlabs-patching_as_code puppetlabs-patching_as_code@noreply.github.com CC: Visser, Ron (R.L.) ron.visser.4@politie.nl; Mention mention@noreply.github.com Onderwerp: Re: [puppetlabs/puppetlabs-patching_as_code] duplicate declaration (#10)
@ronvisser4https://github.com/ronvisser4 please try v0.3.0 of the module, that should work for you.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://github.com/puppetlabs/puppetlabs-patching_as_code/issues/10#issuecomment-763812831, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ASPEQGQKXKEAB6RT77QMFXLS24HZHANCNFSM4WDV7BHA.
kreeuwijk
commented
3 years ago Hi Ron,
great to hear! The pending reboot detection and the reboot behavior when using reboot: ifneeded isn't a bug, but I can see where it could be improved.
pe_patchfact, which checks common aspects in the OS to determine if the OS needs a reboot. If it determines it does, the value of pe_patch.reboot.reboot_required becomes true. When patching_as_code sees this on the next puppet run, it performs a reboot due to the detected pending reboot.pe_patch fact to refresh itself (via a cron job on boot), and it should find the OS no longer needs a reboot. pe_patch.reboot.reboot_required then becomes false, and on the next agent run, no pending reboots will be found. Apparently in your case either the agent run happened before the fact could be refreshed, or the fact refresh actually detected another pending reboot, for whatever reason.pe_patch fact gets intentionally refreshed, which will set pe_patch.reboot.reboot_required to true if a reboot is pending. This pending reboot then happens on the next Puppet run.I'll see if I can perform an "real" pending reboot check directly in the module, instead of only relying on the pe_patch.reboot.reboot_required, as that causes a delay of 1 puppet run before the reboot actually happens. If that works, I can also use that to possibly detect a pending reboot right after patching and trigger a reboot immediately.
For now, you shouldn't see more pending reboots before patching as your main patch run now works correctly. You should only see a pending reboot on the first puppet run after patching. I'll let you know if I have a module update that makes this a little smarter though.
ronvisser4
commented
3 years ago Hi Kevin,
I checked, but the reboot does not happen on the next puppet run, so i am really interested in your real pending reboot check.
kreeuwijk
commented
3 years ago Hi Ron,
What is the value of the reboot section in the pe_patch fact? It can also be that the updated packages did not require a reboot. If you want a reboot to always happen after patching, simply set reboot: always for your specific patching_as_code::patch_schedule: in Hiera.
Kind regards, Kevin Reeuwijk Sr Principal Sales Engineer, EMEA mobile: +31 6 272 33 55 1 kevinr@puppet.com kevin.reeuwijk@puppet.com | @KevinReeuwijk Puppet http://www.puppet.com. The shortest path to better software.
On Wed, Jan 27, 2021 at 3:51 PM ronvisser4 notifications@github.com wrote:
Hi Kevin,
I checked, but the reboot does not happen on the next puppet run, so i am really interested in your real pending reboot check.
— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/puppetlabs/puppetlabs-patching_as_code/issues/10#issuecomment-768337752, or unsubscribe https://github.com/notifications/unsubscribe-auth/AGNBURYLMQY4HZKZ3FJYY4DS4AR7LANCNFSM4WDV7BHA .
ronvisser4
commented
3 years ago Hi Kevin,
The ubuntu server displays the following message in the motd upon login: System restart required
The reboot flag in the schedule is set to ifneeded, so I expected a reboot to happen.
Regards, Ron.
Van: Kevin Reeuwijk [mailto:notifications@github.com] Verzonden: woensdag 27 januari 2021 16:24 Aan: puppetlabs/puppetlabs-patching_as_code puppetlabs-patching_as_code@noreply.github.com CC: Visser, Ron (R.L.) ron.visser.4@politie.nl; Mention mention@noreply.github.com Onderwerp: Re: [puppetlabs/puppetlabs-patching_as_code] duplicate declaration (#10)
Hi Ron,
What is the value of the reboot section in the pe_patch fact? It can also be that the updated packages did not require a reboot. If you want a reboot to always happen after patching, simply set reboot: always for your specific patching_as_code::patch_schedule: in Hiera.
Kind regards, Kevin Reeuwijk Sr Principal Sales Engineer, EMEA mobile: +31 6 272 33 55 1 kevinr@puppet.commailto:kevinr@puppet.com kevin.reeuwijk@puppet.com<mailto:kevin.reeuwijk@puppet.com> | @KevinReeuwijk Puppet http://www.puppet.com. The shortest path to better software.
On Wed, Jan 27, 2021 at 3:51 PM ronvisser4 notifications@github.com<mailto:notifications@github.com> wrote:
Hi Kevin,
I checked, but the reboot does not happen on the next puppet run, so i am really interested in your real pending reboot check.
— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/puppetlabs/puppetlabs-patching_as_code/issues/10#issuecomment-768337752, or unsubscribe https://github.com/notifications/unsubscribe-auth/AGNBURYLMQY4HZKZ3FJYY4DS4AR7LANCNFSM4WDV7BHA .
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://github.com/puppetlabs/puppetlabs-patching_as_code/issues/10#issuecomment-768360635, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ASPEQGUOQIUCWQAF6RGZDODS4AVZ3ANCNFSM4WDV7BHA.
kreeuwijk
commented
3 years ago Hi Ron,
I mean to know the value of the pe_patch fact for that system (or the os_patching fact if you're using that). Can you share the current value of that fact for that node which reports it needs a reboot please?
Kind regards, Kevin Reeuwijk Sr Principal Sales Engineer, EMEA mobile: +31 6 272 33 55 1 kevinr@puppet.com kevin.reeuwijk@puppet.com | @KevinReeuwijk Puppet http://www.puppet.com. The shortest path to better software.
On Fri, Jan 29, 2021 at 7:48 AM ronvisser4 notifications@github.com wrote:
Hi Kevin,
The ubuntu server displays the following message in the motd upon login: System restart required
The reboot flag in the schedule is set to ifneeded, so I expected a reboot to happen.
Regards, Ron.
Van: Kevin Reeuwijk [mailto:notifications@github.com] Verzonden: woensdag 27 januari 2021 16:24 Aan: puppetlabs/puppetlabs-patching_as_code < puppetlabs-patching_as_code@noreply.github.com> CC: Visser, Ron (R.L.) ron.visser.4@politie.nl; Mention < mention@noreply.github.com> Onderwerp: Re: [puppetlabs/puppetlabs-patching_as_code] duplicate declaration (#10)
Hi Ron,
What is the value of the reboot section in the pe_patch fact? It can also be that the updated packages did not require a reboot. If you want a reboot to always happen after patching, simply set reboot: always for your specific patching_as_code::patch_schedule: in Hiera.
Kind regards, Kevin Reeuwijk Sr Principal Sales Engineer, EMEA mobile: +31 6 272 33 55 1 kevinr@puppet.commailto:kevinr@puppet.com <kevin.reeuwijk@puppet.com mailto:kevin.reeuwijk@puppet.com> | @KevinReeuwijk Puppet http://www.puppet.com. The shortest path to better software.
On Wed, Jan 27, 2021 at 3:51 PM ronvisser4 <notifications@github.com mailto:notifications@github.com> wrote:
Hi Kevin,
I checked, but the reboot does not happen on the next puppet run, so i am really interested in your real pending reboot check.
— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub < https://github.com/puppetlabs/puppetlabs-patching_as_code/issues/10#issuecomment-768337752>,
or unsubscribe < https://github.com/notifications/unsubscribe-auth/AGNBURYLMQY4HZKZ3FJYY4DS4AR7LANCNFSM4WDV7BHA>
.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub< https://github.com/puppetlabs/puppetlabs-patching_as_code/issues/10#issuecomment-768360635>, or unsubscribe< https://github.com/notifications/unsubscribe-auth/ASPEQGUOQIUCWQAF6RGZDODS4AVZ3ANCNFSM4WDV7BHA>.
------------------------- Disclaimer ---------------------------- De informatie verzonden met dit e-mailbericht (en bijlagen) is uitsluitend bestemd voor de geadresseerde(n) en zij die van de geadresseerde(n) toestemming kregen dit bericht te lezen. Kennisneming door anderen is niet toegestaan. De informatie in dit e-mailbericht (en bijlagen) kan vertrouwelijk van aard zijn en binnen het bereik van een geheimhoudingsplicht en/of een verschoningsrecht vallen. Indien dit e-mailbericht niet voor u bestemd is, wordt u verzocht de afzender daarover onmiddellijk te informeren en het e-mailbericht (en bijlagen) te vernietigen. Conform het beveiligingsbeleid van de Politie wordt e-mail van en naar de politie gecontroleerd op virussen, spam en phishing en moet deze e-mail voldoen aan de voor de overheid verplichte mailbeveiligingsstandaarden die zijn vastgesteld door het Forum Standaardisatie. Mail die niet voldoet aan het beveiligingsbeleid kan worden geblokkeerd waardoor deze de geadresseerde niet bereikt. De geadresseerde wordt hiervan niet in kennis gesteld.
The information sent in this E-mail message (including any attachments) is exclusively intended for the individual(s) to whom it is addressed and for the individual(s) who has/have had permission from the recipient(s) to read this message. Access by others is not permitted. The information in this E-mail message (including any attachments) may be of a confidential nature and may form part of the duty of confidentiality and/or the right of non-disclosure. If you have received this E-mail message in error, please notify the sender without delay and delete the E-mail message (including any attachments). In conformity with the security policy of the Police, E-mails from and to the Police are checked for viruses, spam and phishing and this E-mail must meet the standards of the government-imposed E-mail security as set by the Standardization Forum. Any E-mail failing to meet said security policy may be blocked as a result of which it will not reach the intended recipient. The recipient concerned will not be notified.
— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/puppetlabs/puppetlabs-patching_as_code/issues/10#issuecomment-769614633, or unsubscribe https://github.com/notifications/unsubscribe-auth/AGNBUR24RODOY4D6X5JDMNTS4JK37ANCNFSM4WDV7BHA .
ronvisser4
commented
3 years ago Hi Kevin,
Sorry, I missed that ☺
{ package_updates => [ "libc6", "locales", "libc-bin", "ubuntu-drivers-common", "lshw", "grub2-common", "grub-pc", "grub-pc-bin", "grub-common" ], package_update_count => 9, missing_update_kbs => [], security_package_updates => [], security_package_update_count => 0, blackouts => {}, pinned_packages => [], last_run => {}, patch_window => "rc3_group1", reboot_override => "default", reboots => { reboot_required => true, apps_needing_restart => {}, app_restart_required => false }, block_patching_on_warnings => "false", warnings => {}, blocked => false, blocked_reasons => [] }
Regards, Ron.
Van: Kevin Reeuwijk [mailto:notifications@github.com] Verzonden: vrijdag 29 januari 2021 09:36 Aan: puppetlabs/puppetlabs-patching_as_code puppetlabs-patching_as_code@noreply.github.com CC: Visser, Ron (R.L.) ron.visser.4@politie.nl; Mention mention@noreply.github.com Onderwerp: Re: [puppetlabs/puppetlabs-patching_as_code] duplicate declaration (#10)
Hi Ron,
I mean to know the value of the pe_patch fact for that system (or the os_patching fact if you're using that). Can you share the current value of that fact for that node which reports it needs a reboot please?
Kind regards, Kevin Reeuwijk Sr Principal Sales Engineer, EMEA mobile: +31 6 272 33 55 1 kevinr@puppet.commailto:kevinr@puppet.com kevin.reeuwijk@puppet.com<mailto:kevin.reeuwijk@puppet.com> | @KevinReeuwijk Puppet http://www.puppet.com. The shortest path to better software.
On Fri, Jan 29, 2021 at 7:48 AM ronvisser4 notifications@github.com<mailto:notifications@github.com> wrote:
Hi Kevin,
The ubuntu server displays the following message in the motd upon login: System restart required
The reboot flag in the schedule is set to ifneeded, so I expected a reboot to happen.
Regards, Ron.
Van: Kevin Reeuwijk [mailto:notifications@github.com] Verzonden: woensdag 27 januari 2021 16:24 Aan: puppetlabs/puppetlabs-patching_as_code < puppetlabs-patching_as_code@noreply.github.commailto:puppetlabs-patching_as_code@noreply.github.com> CC: Visser, Ron (R.L.) ron.visser.4@politie.nl<mailto:ron.visser.4@politie.nl>; Mention < mention@noreply.github.commailto:mention@noreply.github.com> Onderwerp: Re: [puppetlabs/puppetlabs-patching_as_code] duplicate declaration (#10)
Hi Ron,
What is the value of the reboot section in the pe_patch fact? It can also be that the updated packages did not require a reboot. If you want a reboot to always happen after patching, simply set reboot: always for your specific patching_as_code::patch_schedule: in Hiera.
Kind regards, Kevin Reeuwijk Sr Principal Sales Engineer, EMEA mobile: +31 6 272 33 55 1 kevinr@puppet.commailto:kevinr@puppet.com<mailto:kevinr@puppet.com%3cmailto:kevinr@puppet.com> <kevin.reeuwijk@puppet.com mailto:kevin.reeuwijk@puppet.com%0b> mailto:kevin.reeuwijk@puppet.com> | @KevinReeuwijk Puppet http://www.puppet.com. The shortest path to better software.
On Wed, Jan 27, 2021 at 3:51 PM ronvisser4 <notifications@github.com mailto:notifications@github.com%0b> mailto:notifications@github.com> wrote:
Hi Kevin,
I checked, but the reboot does not happen on the next puppet run, so i am really interested in your real pending reboot check.
— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub < https://github.com/puppetlabs/puppetlabs-patching_as_code/issues/10#issuecomment-768337752>,
or unsubscribe < https://github.com/notifications/unsubscribe-auth/AGNBURYLMQY4HZKZ3FJYY4DS4AR7LANCNFSM4WDV7BHA>
.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub< https://github.com/puppetlabs/puppetlabs-patching_as_code/issues/10#issuecomment-768360635>, or unsubscribe< https://github.com/notifications/unsubscribe-auth/ASPEQGUOQIUCWQAF6RGZDODS4AVZ3ANCNFSM4WDV7BHA>.
------------------------- Disclaimer ---------------------------- De informatie verzonden met dit e-mailbericht (en bijlagen) is uitsluitend bestemd voor de geadresseerde(n) en zij die van de geadresseerde(n) toestemming kregen dit bericht te lezen. Kennisneming door anderen is niet toegestaan. De informatie in dit e-mailbericht (en bijlagen) kan vertrouwelijk van aard zijn en binnen het bereik van een geheimhoudingsplicht en/of een verschoningsrecht vallen. Indien dit e-mailbericht niet voor u bestemd is, wordt u verzocht de afzender daarover onmiddellijk te informeren en het e-mailbericht (en bijlagen) te vernietigen. Conform het beveiligingsbeleid van de Politie wordt e-mail van en naar de politie gecontroleerd op virussen, spam en phishing en moet deze e-mail voldoen aan de voor de overheid verplichte mailbeveiligingsstandaarden die zijn vastgesteld door het Forum Standaardisatie. Mail die niet voldoet aan het beveiligingsbeleid kan worden geblokkeerd waardoor deze de geadresseerde niet bereikt. De geadresseerde wordt hiervan niet in kennis gesteld.
The information sent in this E-mail message (including any attachments) is exclusively intended for the individual(s) to whom it is addressed and for the individual(s) who has/have had permission from the recipient(s) to read this message. Access by others is not permitted. The information in this E-mail message (including any attachments) may be of a confidential nature and may form part of the duty of confidentiality and/or the right of non-disclosure. If you have received this E-mail message in error, please notify the sender without delay and delete the E-mail message (including any attachments). In conformity with the security policy of the Police, E-mails from and to the Police are checked for viruses, spam and phishing and this E-mail must meet the standards of the government-imposed E-mail security as set by the Standardization Forum. Any E-mail failing to meet said security policy may be blocked as a result of which it will not reach the intended recipient. The recipient concerned will not be notified.
— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/puppetlabs/puppetlabs-patching_as_code/issues/10#issuecomment-769614633, or unsubscribe https://github.com/notifications/unsubscribe-auth/AGNBUR24RODOY4D6X5JDMNTS4JK37ANCNFSM4WDV7BHA .
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://github.com/puppetlabs/puppetlabs-patching_as_code/issues/10#issuecomment-769660824, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ASPEQGRVAEBOGJRLROJJCJDS4JXNTANCNFSM4WDV7BHA.
kreeuwijk
commented
3 years ago Ok, so I see your fact is reporting reboot_required => true, so your system should indeed reboot in the 1st puppet run after patching, while still in the patch window. Can you share the value of the schedule hash you're using? I'm curious to see how big the window is (start & end hours) and what your value for max_runs is.
Kind regards, Kevin Reeuwijk Sr Principal Sales Engineer, EMEA mobile: +31 6 272 33 55 1 kevinr@puppet.com kevin.reeuwijk@puppet.com | @KevinReeuwijk Puppet http://www.puppet.com. The shortest path to better software.
On Fri, Jan 29, 2021 at 9:42 AM ronvisser4 notifications@github.com wrote:
Hi Kevin,
Sorry, I missed that ☺
facter -p os_patching
{ package_updates => [ "libc6", "locales", "libc-bin", "ubuntu-drivers-common", "lshw", "grub2-common", "grub-pc", "grub-pc-bin", "grub-common" ], package_update_count => 9, missing_update_kbs => [], security_package_updates => [], security_package_update_count => 0, blackouts => {}, pinned_packages => [], last_run => {}, patch_window => "rc3_group1", reboot_override => "default", reboots => { reboot_required => true, apps_needing_restart => {}, app_restart_required => false }, block_patching_on_warnings => "false", warnings => {}, blocked => false, blocked_reasons => [] }
Regards, Ron.
Van: Kevin Reeuwijk [mailto:notifications@github.com] Verzonden: vrijdag 29 januari 2021 09:36 Aan: puppetlabs/puppetlabs-patching_as_code < puppetlabs-patching_as_code@noreply.github.com> CC: Visser, Ron (R.L.) ron.visser.4@politie.nl; Mention < mention@noreply.github.com> Onderwerp: Re: [puppetlabs/puppetlabs-patching_as_code] duplicate declaration (#10)
Hi Ron,
I mean to know the value of the pe_patch fact for that system (or the os_patching fact if you're using that). Can you share the current value of that fact for that node which reports it needs a reboot please?
Kind regards, Kevin Reeuwijk Sr Principal Sales Engineer, EMEA mobile: +31 6 272 33 55 1 kevinr@puppet.commailto:kevinr@puppet.com <kevin.reeuwijk@puppet.com mailto:kevin.reeuwijk@puppet.com> | @KevinReeuwijk Puppet http://www.puppet.com. The shortest path to better software.
On Fri, Jan 29, 2021 at 7:48 AM ronvisser4 <notifications@github.com mailto:notifications@github.com> wrote:
Hi Kevin,
The ubuntu server displays the following message in the motd upon login: System restart required
The reboot flag in the schedule is set to ifneeded, so I expected a reboot to happen.
Regards, Ron.
Van: Kevin Reeuwijk [mailto:notifications@github.com] Verzonden: woensdag 27 januari 2021 16:24 Aan: puppetlabs/puppetlabs-patching_as_code < puppetlabs-patching_as_code@noreply.github.com<mailto: puppetlabs-patching_as_code@noreply.github.com>> CC: Visser, Ron (R.L.) <ron.visser.4@politie.nl<mailto: ron.visser.4@politie.nl>>; Mention < mention@noreply.github.commailto:mention@noreply.github.com> Onderwerp: Re: [puppetlabs/puppetlabs-patching_as_code] duplicate declaration (#10)
Hi Ron,
What is the value of the reboot section in the pe_patch fact? It can also be that the updated packages did not require a reboot. If you want a reboot to always happen after patching, simply set reboot: always for your specific patching_as_code::patch_schedule: in Hiera.
Kind regards, Kevin Reeuwijk Sr Principal Sales Engineer, EMEA mobile: +31 6 272 33 55 1 kevinr@puppet.com<mailto:kevinr@puppet.com<mailto:kevinr@puppet.com% 3cmailto:kevinr@puppet.com>> <kevin.reeuwijk@puppet.com mailto:kevin.reeuwijk@puppet.com%0b> mailto:kevin.reeuwijk@puppet.com> | @KevinReeuwijk Puppet http://www.puppet.com. The shortest path to better software.
On Wed, Jan 27, 2021 at 3:51 PM ronvisser4 <notifications@github.com mailto:notifications@github.com%0b> mailto:notifications@github.com> wrote:
Hi Kevin,
I checked, but the reboot does not happen on the next puppet run, so i am really interested in your real pending reboot check.
— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub <
https://github.com/puppetlabs/puppetlabs-patching_as_code/issues/10#issuecomment-768337752>,
or unsubscribe <
https://github.com/notifications/unsubscribe-auth/AGNBURYLMQY4HZKZ3FJYY4DS4AR7LANCNFSM4WDV7BHA>
.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub<
https://github.com/puppetlabs/puppetlabs-patching_as_code/issues/10#issuecomment-768360635>,
or unsubscribe<
https://github.com/notifications/unsubscribe-auth/ASPEQGUOQIUCWQAF6RGZDODS4AVZ3ANCNFSM4WDV7BHA>.
------------------------- Disclaimer ---------------------------- De informatie verzonden met dit e-mailbericht (en bijlagen) is uitsluitend bestemd voor de geadresseerde(n) en zij die van de geadresseerde(n) toestemming kregen dit bericht te lezen. Kennisneming door anderen is niet toegestaan. De informatie in dit e-mailbericht (en bijlagen) kan vertrouwelijk van aard zijn en binnen het bereik van een geheimhoudingsplicht en/of een verschoningsrecht vallen. Indien dit e-mailbericht niet voor u bestemd is, wordt u verzocht de afzender daarover onmiddellijk te informeren en het e-mailbericht (en bijlagen) te vernietigen. Conform het beveiligingsbeleid van de Politie wordt e-mail van en naar de politie gecontroleerd op virussen, spam en phishing en moet deze e-mail voldoen aan de voor de overheid verplichte mailbeveiligingsstandaarden die zijn vastgesteld door het Forum Standaardisatie. Mail die niet voldoet aan het beveiligingsbeleid kan worden geblokkeerd waardoor deze de geadresseerde niet bereikt. De geadresseerde wordt hiervan niet in kennis gesteld.
The information sent in this E-mail message (including any attachments) is exclusively intended for the individual(s) to whom it is addressed and for the individual(s) who has/have had permission from the recipient(s) to read this message. Access by others is not permitted. The information in this E-mail message (including any attachments) may be of a confidential nature and may form part of the duty of confidentiality and/or the right of non-disclosure. If you have received this E-mail message in error, please notify the sender without delay and delete the E-mail message (including any attachments). In conformity with the security policy of the Police, E-mails from and to the Police are checked for viruses, spam and phishing and this E-mail must meet the standards of the government-imposed E-mail security as set by the Standardization Forum. Any E-mail failing to meet said security policy may be blocked as a result of which it will not reach the intended recipient. The recipient concerned will not be notified.
— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub < https://github.com/puppetlabs/puppetlabs-patching_as_code/issues/10#issuecomment-769614633>,
or unsubscribe < https://github.com/notifications/unsubscribe-auth/AGNBUR24RODOY4D6X5JDMNTS4JK37ANCNFSM4WDV7BHA>
.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub< https://github.com/puppetlabs/puppetlabs-patching_as_code/issues/10#issuecomment-769660824>, or unsubscribe< https://github.com/notifications/unsubscribe-auth/ASPEQGRVAEBOGJRLROJJCJDS4JXNTANCNFSM4WDV7BHA>.
------------------------- Disclaimer ---------------------------- De informatie verzonden met dit e-mailbericht (en bijlagen) is uitsluitend bestemd voor de geadresseerde(n) en zij die van de geadresseerde(n) toestemming kregen dit bericht te lezen. Kennisneming door anderen is niet toegestaan. De informatie in dit e-mailbericht (en bijlagen) kan vertrouwelijk van aard zijn en binnen het bereik van een geheimhoudingsplicht en/of een verschoningsrecht vallen. Indien dit e-mailbericht niet voor u bestemd is, wordt u verzocht de afzender daarover onmiddellijk te informeren en het e-mailbericht (en bijlagen) te vernietigen. Conform het beveiligingsbeleid van de Politie wordt e-mail van en naar de politie gecontroleerd op virussen, spam en phishing en moet deze e-mail voldoen aan de voor de overheid verplichte mailbeveiligingsstandaarden die zijn vastgesteld door het Forum Standaardisatie. Mail die niet voldoet aan het beveiligingsbeleid kan worden geblokkeerd waardoor deze de geadresseerde niet bereikt. De geadresseerde wordt hiervan niet in kennis gesteld.
The information sent in this E-mail message (including any attachments) is exclusively intended for the individual(s) to whom it is addressed and for the individual(s) who has/have had permission from the recipient(s) to read this message. Access by others is not permitted. The information in this E-mail message (including any attachments) may be of a confidential nature and may form part of the duty of confidentiality and/or the right of non-disclosure. If you have received this E-mail message in error, please notify the sender without delay and delete the E-mail message (including any attachments). In conformity with the security policy of the Police, E-mails from and to the Police are checked for viruses, spam and phishing and this E-mail must meet the standards of the government-imposed E-mail security as set by the Standardization Forum. Any E-mail failing to meet said security policy may be blocked as a result of which it will not reach the intended recipient. The recipient concerned will not be notified.
— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/puppetlabs/puppetlabs-patching_as_code/issues/10#issuecomment-769664211, or unsubscribe https://github.com/notifications/unsubscribe-auth/AGNBURZMMULAFNBYPGIRSGLS4JYHRANCNFSM4WDV7BHA .
ronvisser4
commented
3 years ago I initially tested with: test2: day_of_week: Monday count_of_week: 4 hours: 10:30 - 11:00 max_runs: 1 reboot: ifneeded
And later on with max_runs: 5 and hours: 09:00 - 17:00 But there was no reboot after patching.
kreeuwijk
commented
3 years ago Ok, interesting. I'm assuming your puppet runinterval is 30 minutes? With your first schedule, that setup would cause the second run (which currently performs the post-patch reboot when using reboot: ifneeded) to happen outside of the patch window, which explains why a reboot didn't happen in that scenario.
For the second scenario with the extended hours, I think I see what the problem is for the reboot not happening after patching in your case: the max_runs: 1 setting is causing the post-patch reboot to not happen because I'm using the same reboot resource name for both pre-patch pending reboots and the post-patch reboot. As the pre-patching reboot already happened, Puppet thinks that reboot has reached its max run allowance of 1, and Puppet isn't allowing it to happen again. I will rename the reboot resources so they are unique, which should solve the issue in your specific setup.
I'll let you know when the updated version is on the Forge.
Kevin Reeuwijk Sr Principal Sales Engineer, EMEA mobile: +31 6 272 33 55 1 kevinr@puppet.com kevin.reeuwijk@puppet.com | @KevinReeuwijk Puppet http://www.puppet.com. The shortest path to better software.
On Fri, Jan 29, 2021 at 11:13 AM ronvisser4 notifications@github.com wrote:
I initially tested with: test2: day_of_week: Monday count_of_week: 4 hours: 10:30 - 11:00 max_runs: 1 reboot: ifneeded
And later on with max_runs: 5 and hours: 09:00 - 17:00 But there was no reboot after patching.
— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/puppetlabs/puppetlabs-patching_as_code/issues/10#issuecomment-769712704, or unsubscribe https://github.com/notifications/unsubscribe-auth/AGNBUR7W6WBTQOINNHXEHCLS4KC3PANCNFSM4WDV7BHA .
kreeuwijk
commented
3 years ago Version 0.4.0 is now published to the Forge, the completes solves the reboot issues and works much better now. When using reboots: ifneeded (like you are), reboots will happen immediately after patching now, using new pending reboot detection logic :-)
Kind regards, Kevin Reeuwijk Sr Principal Sales Engineer, EMEA mobile: +31 6 272 33 55 1 kevinr@puppet.com kevin.reeuwijk@puppet.com | @KevinReeuwijk Puppet http://www.puppet.com. The shortest path to better software.
On Fri, Jan 29, 2021 at 11:24 AM Kevin Reeuwijk kevin.reeuwijk@puppet.com wrote:
Ok, interesting. I'm assuming your puppet runinterval is 30 minutes? With your first schedule, that setup would cause the second run (which currently performs the post-patch reboot when using reboot: ifneeded) to happen outside of the patch window, which explains why a reboot didn't happen in that scenario.
For the second scenario with the extended hours, I think I see what the problem is for the reboot not happening after patching in your case: the max_runs: 1 setting is causing the post-patch reboot to not happen because I'm using the same reboot resource name for both pre-patch pending reboots and the post-patch reboot. As the pre-patching reboot already happened, Puppet thinks that reboot has reached its max run allowance of 1, and Puppet isn't allowing it to happen again. I will rename the reboot resources so they are unique, which should solve the issue in your specific setup.
I'll let you know when the updated version is on the Forge.
Kevin Reeuwijk Sr Principal Sales Engineer, EMEA mobile: +31 6 272 33 55 1 kevinr@puppet.com kevin.reeuwijk@puppet.com | @KevinReeuwijk Puppet http://www.puppet.com. The shortest path to better software.
On Fri, Jan 29, 2021 at 11:13 AM ronvisser4 notifications@github.com wrote:
I initially tested with: test2: day_of_week: Monday count_of_week: 4 hours: 10:30 - 11:00 max_runs: 1 reboot: ifneeded
And later on with max_runs: 5 and hours: 09:00 - 17:00 But there was no reboot after patching.
— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/puppetlabs/puppetlabs-patching_as_code/issues/10#issuecomment-769712704, or unsubscribe https://github.com/notifications/unsubscribe-auth/AGNBUR7W6WBTQOINNHXEHCLS4KC3PANCNFSM4WDV7BHA .
ronvisser4
commented
3 years ago Hi Kevin,
I tested version 0.4.0 and your new reboot logic works like a charm!
Regards, Ron.
Van: Kevin Reeuwijk [mailto:notifications@github.com] Verzonden: donderdag 4 februari 2021 18:02 Aan: puppetlabs/puppetlabs-patching_as_code puppetlabs-patching_as_code@noreply.github.com CC: Visser, Ron (R.L.) ron.visser.4@politie.nl; Mention mention@noreply.github.com Onderwerp: Re: [puppetlabs/puppetlabs-patching_as_code] duplicate declaration (#10)
Version 0.4.0 is now published to the Forge, the completes solves the reboot issues and works much better now. When using reboots: ifneeded (like you are), reboots will happen immediately after patching now, using new pending reboot detection logic :-)
Kind regards, Kevin Reeuwijk Sr Principal Sales Engineer, EMEA mobile: +31 6 272 33 55 1 kevinr@puppet.commailto:kevinr@puppet.com kevin.reeuwijk@puppet.com<mailto:kevin.reeuwijk@puppet.com> | @KevinReeuwijk Puppet http://www.puppet.com. The shortest path to better software.
On Fri, Jan 29, 2021 at 11:24 AM Kevin Reeuwijk kevin.reeuwijk@puppet.com<mailto:kevin.reeuwijk@puppet.com> wrote:
Ok, interesting. I'm assuming your puppet runinterval is 30 minutes? With your first schedule, that setup would cause the second run (which currently performs the post-patch reboot when using reboot: ifneeded) to happen outside of the patch window, which explains why a reboot didn't happen in that scenario.
For the second scenario with the extended hours, I think I see what the problem is for the reboot not happening after patching in your case: the max_runs: 1 setting is causing the post-patch reboot to not happen because I'm using the same reboot resource name for both pre-patch pending reboots and the post-patch reboot. As the pre-patching reboot already happened, Puppet thinks that reboot has reached its max run allowance of 1, and Puppet isn't allowing it to happen again. I will rename the reboot resources so they are unique, which should solve the issue in your specific setup.
I'll let you know when the updated version is on the Forge.
Kevin Reeuwijk Sr Principal Sales Engineer, EMEA mobile: +31 6 272 33 55 1 kevinr@puppet.commailto:kevinr@puppet.com kevin.reeuwijk@puppet.com<mailto:kevin.reeuwijk@puppet.com> | @KevinReeuwijk Puppet http://www.puppet.com. The shortest path to better software.
On Fri, Jan 29, 2021 at 11:13 AM ronvisser4 notifications@github.com<mailto:notifications@github.com> wrote:
I initially tested with: test2: day_of_week: Monday count_of_week: 4 hours: 10:30 - 11:00 max_runs: 1 reboot: ifneeded
And later on with max_runs: 5 and hours: 09:00 - 17:00 But there was no reboot after patching.
— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/puppetlabs/puppetlabs-patching_as_code/issues/10#issuecomment-769712704, or unsubscribe https://github.com/notifications/unsubscribe-auth/AGNBUR7W6WBTQOINNHXEHCLS4KC3PANCNFSM4WDV7BHA .
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://github.com/puppetlabs/puppetlabs-patching_as_code/issues/10#issuecomment-773460158, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ASPEQGQTOEPHKOCRLQU2Z3LS5LHJ3ANCNFSM4WDV7BHA.
kreeuwijk
commented
3 years ago Awesome, good to hear! Thanks for testing this!
Kevin Reeuwijk Sr Principal Sales Engineer, EMEA mobile: +31 6 272 33 55 1 kevinr@puppet.com kevin.reeuwijk@puppet.com | @KevinReeuwijk Puppet http://www.puppet.com. The shortest path to better software.
On Mon, Feb 8, 2021 at 1:24 PM ronvisser4 notifications@github.com wrote:
Hi Kevin,
I tested version 0.4.0 and your new reboot logic works like a charm!
Regards, Ron.
Van: Kevin Reeuwijk [mailto:notifications@github.com] Verzonden: donderdag 4 februari 2021 18:02 Aan: puppetlabs/puppetlabs-patching_as_code < puppetlabs-patching_as_code@noreply.github.com> CC: Visser, Ron (R.L.) ron.visser.4@politie.nl; Mention < mention@noreply.github.com> Onderwerp: Re: [puppetlabs/puppetlabs-patching_as_code] duplicate declaration (#10)
Version 0.4.0 is now published to the Forge, the completes solves the reboot issues and works much better now. When using reboots: ifneeded (like you are), reboots will happen immediately after patching now, using new pending reboot detection logic :-)
Kind regards, Kevin Reeuwijk Sr Principal Sales Engineer, EMEA mobile: +31 6 272 33 55 1 kevinr@puppet.commailto:kevinr@puppet.com <kevin.reeuwijk@puppet.com mailto:kevin.reeuwijk@puppet.com> | @KevinReeuwijk Puppet http://www.puppet.com. The shortest path to better software.
On Fri, Jan 29, 2021 at 11:24 AM Kevin Reeuwijk <kevin.reeuwijk@puppet.com mailto:kevin.reeuwijk@puppet.com> wrote:
Ok, interesting. I'm assuming your puppet runinterval is 30 minutes? With your first schedule, that setup would cause the second run (which currently performs the post-patch reboot when using reboot: ifneeded) to happen outside of the patch window, which explains why a reboot didn't happen in that scenario.
For the second scenario with the extended hours, I think I see what the problem is for the reboot not happening after patching in your case: the max_runs: 1 setting is causing the post-patch reboot to not happen because I'm using the same reboot resource name for both pre-patch pending reboots and the post-patch reboot. As the pre-patching reboot already happened, Puppet thinks that reboot has reached its max run allowance of 1, and Puppet isn't allowing it to happen again. I will rename the reboot resources so they are unique, which should solve the issue in your specific setup.
I'll let you know when the updated version is on the Forge.
Kevin Reeuwijk Sr Principal Sales Engineer, EMEA mobile: +31 6 272 33 55 1 kevinr@puppet.commailto:kevinr@puppet.com <kevin.reeuwijk@puppet.com mailto:kevin.reeuwijk@puppet.com> | @KevinReeuwijk Puppet http://www.puppet.com. The shortest path to better software.
On Fri, Jan 29, 2021 at 11:13 AM ronvisser4 <notifications@github.com mailto:notifications@github.com> wrote:
I initially tested with: test2: day_of_week: Monday count_of_week: 4 hours: 10:30 - 11:00 max_runs: 1 reboot: ifneeded
And later on with max_runs: 5 and hours: 09:00 - 17:00 But there was no reboot after patching.
— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub < https://github.com/puppetlabs/puppetlabs-patching_as_code/issues/10#issuecomment-769712704>,
or unsubscribe < https://github.com/notifications/unsubscribe-auth/AGNBUR7W6WBTQOINNHXEHCLS4KC3PANCNFSM4WDV7BHA>
.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub< https://github.com/puppetlabs/puppetlabs-patching_as_code/issues/10#issuecomment-773460158>, or unsubscribe< https://github.com/notifications/unsubscribe-auth/ASPEQGQTOEPHKOCRLQU2Z3LS5LHJ3ANCNFSM4WDV7BHA>.
------------------------- Disclaimer ---------------------------- De informatie verzonden met dit e-mailbericht (en bijlagen) is uitsluitend bestemd voor de geadresseerde(n) en zij die van de geadresseerde(n) toestemming kregen dit bericht te lezen. Kennisneming door anderen is niet toegestaan. De informatie in dit e-mailbericht (en bijlagen) kan vertrouwelijk van aard zijn en binnen het bereik van een geheimhoudingsplicht en/of een verschoningsrecht vallen. Indien dit e-mailbericht niet voor u bestemd is, wordt u verzocht de afzender daarover onmiddellijk te informeren en het e-mailbericht (en bijlagen) te vernietigen. Conform het beveiligingsbeleid van de Politie wordt e-mail van en naar de politie gecontroleerd op virussen, spam en phishing en moet deze e-mail voldoen aan de voor de overheid verplichte mailbeveiligingsstandaarden die zijn vastgesteld door het Forum Standaardisatie. Mail die niet voldoet aan het beveiligingsbeleid kan worden geblokkeerd waardoor deze de geadresseerde niet bereikt. De geadresseerde wordt hiervan niet in kennis gesteld.
The information sent in this E-mail message (including any attachments) is exclusively intended for the individual(s) to whom it is addressed and for the individual(s) who has/have had permission from the recipient(s) to read this message. Access by others is not permitted. The information in this E-mail message (including any attachments) may be of a confidential nature and may form part of the duty of confidentiality and/or the right of non-disclosure. If you have received this E-mail message in error, please notify the sender without delay and delete the E-mail message (including any attachments). In conformity with the security policy of the Police, E-mails from and to the Police are checked for viruses, spam and phishing and this E-mail must meet the standards of the government-imposed E-mail security as set by the Standardization Forum. Any E-mail failing to meet said security policy may be blocked as a result of which it will not reach the intended recipient. The recipient concerned will not be notified.
— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/puppetlabs/puppetlabs-patching_as_code/issues/10#issuecomment-775109130, or unsubscribe https://github.com/notifications/unsubscribe-auth/AGNBUR4I5D7EL4LAW3AS6BTS57JWHANCNFSM4WDV7BHA .
Describe the Bug
When using the patching_as_code module we get the following error: Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Error while evaluating a Resource Statement, Duplicate declaration: Package[grafana-enterprise] is already declared at (file: /etc/puppetlabs/code/environments/isc65515/forge-modules/patching_as_code/manifests/linux/patchday.pp, line: 65); cannot redeclare (file: /etc/puppetlabs/code/environments/isc65515/modules/sbt/manifests/grafana.pp, line: 3) (file: /etc/puppetlabs/code/environments/isc65515/modules/sbt/manifests/grafana.pp, line: 3, column: 3) on node XXXX
Expected Behavior
We expect that the patching_as_code module can be attached to servers als having other modules attached.
Steps to Reproduce
Steps to reproduce the behavior:
Environment
Additional Context