search

voxpupuli / puppet-augeasproviders_sysctl

Augeas-based sysctl type and provider for Puppet
Apache License 2.0
10 stars 36 forks source link

Sysctl is re-applied everytime #63

Closed arcenik closed 3 years ago

arcenik commented 3 years ago

With the last version 2.6.1, Puppet will apply the same sysctl settings every time it run.

The extract from debug output of the Puppet agent

Debug: Prefetching augeas resources for sysctl
Debug: Executing: '/sbin/sysctl -e net.ipv4.tcp_keepalive_time net.ipv4.tcp_keepalive_intvl net.ipv4.tcp_keepalive_probes'
Debug: Executing: '/sbin/sysctl -n net.ipv4.tcp_keepalive_time'
Debug: Executing: '/sbin/sysctl -n net.ipv4.tcp_keepalive_time'
Notice: /Stage[main]/Profiles::Tcpkeepalive/Sysctl[net.ipv4.tcp_keepalive_time]/value: changed configuration value from '' to '30'
Debug: Executing: '/sbin/sysctl -w net.ipv4.tcp_keepalive_time=30'
Debug: /Stage[main]/Profiles::Tcpkeepalive/Sysctl[net.ipv4.tcp_keepalive_time]: The container Class[Profiles::Tcpkeepalive] will propagate my refresh event
Debug: Executing: '/sbin/sysctl -n net.ipv4.tcp_keepalive_intvl'
Debug: Executing: '/sbin/sysctl -n net.ipv4.tcp_keepalive_probes'

For some reason, Puppet fails to retrieve the current value of net.ipv4.tcp_keepalive_time and re-apply it. This does not occurs with version 2.6.0

The Puppet code

class profiles::tcpkeepalive (
  Integer $tcp_keepalive_time = 30,
  Integer $tcp_keepalive_intvl = 10,
  Integer $tcp_keepalive_probes = 6,
){
  ensure_resource(
    'sysctl', 'net.ipv4.tcp_keepalive_time', {
      ensure => present,
      value  => $tcp_keepalive_time,
      target => '/etc/sysctl.d/tcp_keeplive.conf',
    })
  ensure_resource(
    'sysctl', 'net.ipv4.tcp_keepalive_intvl', {
      ensure => present,
      value  => $tcp_keepalive_intvl,
      target => '/etc/sysctl.d/tcp_keeplive.conf',
    })
  ensure_resource(
    'sysctl', 'net.ipv4.tcp_keepalive_probes', {
      ensure => present,
      value  => $tcp_keepalive_probes,
      target => '/etc/sysctl.d/tcp_keeplive.conf',
    })
}

The technical context

# puppet --version
6.24.0
# cat /etc/centos-release
CentOS Linux release 7.9.2009 (Core)
trevor-vaughan commented 3 years ago

@arcenik Can you try the latest HEAD of this repo and let me know if the issue persists?

arcenik commented 3 years ago

Using the latest HEAD (commit c369d72db85c8d4a1228e8bbbdb50d4599447599) did solved the issue.