Thursday, September 29, 2016

Puppetserver refuses to start with /tmp mounted noexec.

Im in the process of investigating and moving our code base to Puppet 4.

I came across something very interesting today, in that Puppet 4 does not like /tmp to be mounted noexec.

Now, we mount /tmp with nosuid and noexec as per the recommendation in the Securing Debian Manual.

After much hours of trouble shooting I came across "Puppet Server run issue when /tmp/ directory mounted noexec" (And I dont know why I didnt read this in the first place.)

As per the recommendation, you basically need to add to /etc/default/puppetserver.


JAVA_ARGS="-Xms2g -Xmx2g -Djava.io.tmpdir=/var/tmp"

HTH

Brent

Tuesday, September 20, 2016

Puppetdb dies at random / silently

If you ever have it that the connection to puppet-db is refused or you find the daemon died.

Even if trawling through the puppetdb logs reveal nothing.

It might be that PuppetDB is running out of heap? Check
/var/log/puppetdb for the presence of the  file 'puppetdb-oom.hprof' for an indication that this is happening.

You may find the following to help.
https://docs.puppet.com/puppetdb/2.2/configure.html#configuring-the-java-heap-size

HTH
Brent