Where are the gc logs ? (Might be a daft question I’m not a Java dev !)

next to the normal puppetserver logs, if gc logging is enabled

It does not seem to be enabled - I presume we need a java option something like ‘-Xlog:gc*:file=<filename>,filecount=10,filesize=10m’ How long would the data remain - thats only 100Mb of logs if I’ve read it correctly ? I guess it depends on the number of clients (we have approx 1100 on this service and 2 compilers) Is there something specific to look for in the GC logs ?

That log option is clearly wrong as the puppetserver fails to start - any suggestions as to the correct version would be appreciated (I added to JAVA_ARGS)

Two issues ,filecount should be ::filecount - and the server was running java 8 (now switched to 17)

Now I have the gc log where does it show the code cache information ?

Every few seconds I’m seeing data like this reported in the gc.log - which of these indicates the size of the code cache ? Do I need a different setting in the Xlog params to get the code cache data ? [1589.940s][info][gc,phases ] GC(138) Pre Evacuate Collection Set: 0.3ms [1589.940s][info][gc,phases ] GC(138) Merge Heap Roots: 0.5ms [1589.940s][info][gc,phases ] GC(138) Evacuate Collection Set: 168.9ms [1589.940s][info][gc,phases ] GC(138) Post Evacuate Collection Set: 8.2ms [1589.940s][info][gc,phases ] GC(138) Other: 0.2ms [1589.940s][info][gc,heap ] GC(138) Eden regions: 871->0(864) [1589.940s][info][gc,heap ] GC(138) Survivor regions: 50->57(116) [1589.940s][info][gc,heap ] GC(138) Old regions: 325->325 [1589.940s][info][gc,heap ] GC(138) Archive regions: 2->2 [1589.940s][info][gc,heap ] GC(138) Humongous regions: 1->1 [1589.940s][info][gc,metaspace] GC(138) Metaspace: 507122K(623808K)->507122K(623808K) NonClass: 448768K(518528K)->448768K(518528K) Class: 58354K(105280K)->58354K(105280K) [1589.940s][info][gc ] GC(138) Pause Young (Normal) (G1 Evacuation Pause) 9983M->3071M(12288M) 178.123ms [1589.940s][info][gc,cpu ] GC(138) User=0.70s Sys=0.00s Real=0.18s

question: i'm trying to run

puppet-lint

against a single file, it's throwing an error because the module's

.puppet-lint.rc

file contains an option to disable one of the plugins that come with PDK, and refusing to do anything ...

$ puppet-lint --help
puppet-lint: invalid option: --no-strict_indent-check
Did you mean?  no-star-comments-check
puppet-lint: try 'puppet-lint --help' for more information

i'm assuming this is because the

puppet-lint

executable i'm running is not the same one that

pdk validate

runs internally ... is there a way to run the specific

puppet-lint

executable that PDK uses, directly from the command line, so it knows how to find (and therefore disable) that plugin?

Yes. I pointed that out a couple of times yesterday. I think that is pdk bundle exec puppet-lint

okay ... so i did all the necessary hoop-jumping and download the

pdk-3.5.1

package from the super-secret secure web site (two-factor auth where email is the only option? hello, TOTP anybody? or passkey? or yubikey? somebody was being lazy) ... some of the erroneous error messages i was seeing yesterday are now gone, but a few remain: (starting a thread)

@jms1 See https://github.com/puppetlabs/pdk-templates/blob/main/moduleroot/.puppet-lint.rc.erb for how puppet-lint config is generated. I have some examples on my laptop, will share here later (I re-enabled some disabled by default checks, like 140chars and missing docs).

Anyone is attending Singapore Tech Week today-tomorrow?

hi all, I want that clients upgrade their certificates automatically, I use Puppetserver 8 and Agents use version 8 and 7 ? thank you all

Use https://github.com/voxpupuli/puppet-puppet_certificate or update your agents to 8.2 and give them new certificates

Hi, if I have code like this and I want to run the next bit based on the 'returns' value, how do I reference that returns value? Like, if 'returns' == 0 do this thing.

exec { 'check_az_applicationmonitor_module':

command   => 'powershell.exe -NoProfile -Command "if (-not (Get-Module -ListAvailable -Name az.applicationmonitor)) { exit 1 }"',

path      => 'C:/Windows/System32/WindowsPowerShell/v1.0',

returns   => [0],

logoutput => true,

}

Thanks

That's against of nature of DSL

exec is already a "black ship"

So, yeah I posted that, went to lunch and realized I was looking at it wrong. Curious though what you mean by "black ship"

Not exactly idempotent construct

in Puppet world, you should be telling if az application monitor should exist or not, not other way around

But say you have to, for whatever real world scenario, what you want to achieve is usually solved by defining a fact

and in manifest you would check the fact value

But again, this is considered "bad style"

Thanks, I was working toward the fact thing in a couple ways but kept getting caught in a kind of circular logic. Basically, there's a script running that extracts a PowerShell module and enables the application monitor. But it executes every time because Puppet doesn't know if it's run. Thinking a combo of creating a fact that says it's installed and what version. Then check if a new version is there and change the fact to false.

The

exec

resource does have the

unless

and

onlyif

parameters. Run a different command to check if the main command should fire. Still not a great pattern.

A hack solution for Linux execs is something like $command && touch /worked

And then the exec can have the creates parameter that checks if /worked exists

oh yeah, the creates, Used that for a similar thing a while back. Thanks.