Puppet with splay=true

I have just noticed that the foreman-installer uses the splay setting from puppet.conf. I have splay=true set on all our servers including a server running a katello content proxy (only the main foreman/katello server has splay=false). I was wondering why the foreman-installer run on the proxy server wasn’t progressing until I have noticed that it is “hanging” on a puppet call. Due to the splay setting in puppet.conf it was sleeping.

I guess it would be good if foreman-installer would use the --no-splay option for all puppet runs…

Perhaps this is a feature noone noticed yet as it came with puppet 4.2 that apply takes splay into account.

Interesting and a good find. Which version of rubygem-kafo (or tfm-rubygem-kafo) is installed? I thought I had isolated it by using a separate conf file, but this would suggest it’s not.


That should include:

I wonder why the default puppet.conf still leaks.

If you want to always configure it, I think here would be the correct place to do so:

Otherwise here:

Perhaps in the latter it always needs to pass --config but point it to /dev/null?

Just made a test run with splay set. First time it “hangs”, these processes are running:

root      79916  79886  4 17:32 pts/1    00:00:01 ruby /sbin/foreman-installer
root      80289  79916  0 17:32 pts/1    00:00:00 sh -c echo "package { ['crane-selinux']: ensure => installed }" | /opt/puppetlabs/bin/puppet apply --detailed-exitcodes
root      80294  80289  9 17:32 pts/1    00:00:01 /opt/puppetlabs/puppet/bin/ruby /opt/puppetlabs/puppet/bin/puppet apply --detailed-exitcodes

Aha! It’s here:

That doesn’t use the isolated execution environment so it ‘leaks’.

A 100% untested patch:

If nobody beat me to it, I’ll try to test this tomorrow.

Sorry to bother: any chance to get this into the installer? I am still having this problem with my content proxy which has splay=true set in puppet.conf.

@ehelms what are your thoughts here? It may be easier (and safer) to always configure kafo’s Puppet run with splay=false. We never want that so we might as well be explicit about it. It’d be a safe cherry pick as well.