From 08e34dbcaebb0608df61d6540d4919cab71632f5 Mon Sep 17 00:00:00 2001 From: Alex Schultz Date: Thu, 18 Jul 2019 10:36:05 -0600 Subject: [PATCH] Re-Add facter cache for container configurations Rather than running all the facts for every invocation of container-puppet.py, let's cache the facts for the entire container config step. This is similar to what used to happen when we ran puppet in a single instance for a given step. This improves the time it takes puppet tp execute within the containers. When systems have large number of interfaces, the fact generation for puppet can come to a crawl given that puppet is not supposed to be invoked multiple times in parallel. By pre-caching the facts, we eliminate the need for puppet to do the network (and other fact) related lookups when running container configuration generation. This patch includes logic to exclude the puppet caching dirs that we mount as read only in the config containers. Change-Id: I94002572ec7ac1767fbfbfdf4c6fa6fbf0cd58d5 Closes-Bug: #1837082 Closes-Bug: #1835959 --- common/container-puppet.py | 13 ++++++++ common/deploy-steps-tasks.yaml | 54 ++++++++++++++++++++++++++++++++++ 2 files changed, 67 insertions(+) diff --git a/common/container-puppet.py b/common/container-puppet.py index 91266c2b5e..ea5de9154b 100755 --- a/common/container-puppet.py +++ b/common/container-puppet.py @@ -347,6 +347,16 @@ if not os.path.exists(sh_script): exclude_files+=" --exclude=$p" fi done + + # Exclude read-only mounted directories/files which we do not want + # to copy or delete. + ro_files="/etc/puppetlabs/ /opt/puppetlabs/" + for ro in $ro_files; do + if [ -e "$ro" ]; then + exclude_files+=" --exclude=$ro" + fi + done + echo "Rsyncing config files from ${rsync_srcs} into /var/lib/config-data/${NAME}" rsync -a $verbosity -R --delay-updates --delete-after $exclude_files $rsync_srcs /var/lib/config-data/${NAME} @@ -436,6 +446,9 @@ def mp_puppet_config(*args): '--volume', '/etc/pki/tls/certs/ca-bundle.trust.crt:/etc/pki/tls/certs/ca-bundle.trust.crt:ro', '--volume', '/etc/pki/tls/cert.pem:/etc/pki/tls/cert.pem:ro', '--volume', '%s:/var/lib/config-data/:rw' % config_volume_prefix, + # facter caching + '--volume', '/var/lib/container-puppet/puppetlabs/facter.conf:/etc/puppetlabs/facter/facter.conf:ro', + '--volume', '/var/lib/container-puppet/puppetlabs/:/opt/puppetlabs/:ro', # Syslog socket for puppet logs '--volume', '/dev/log:/dev/log:rw'] if privileged: diff --git a/common/deploy-steps-tasks.yaml b/common/deploy-steps-tasks.yaml index 3b878aa385..e5b3d2250e 100644 --- a/common/deploy-steps-tasks.yaml +++ b/common/deploy-steps-tasks.yaml @@ -421,6 +421,60 @@ - host_config ignore_errors: "{{ ansible_check_mode|bool }}" + ######################################### + # Pre-cache facts for container-puppet.py + ######################################### + + - name: Create puppet caching structures + file: + path: /var/lib/container-puppet/puppetlabs + state: directory + setype: svirt_sandbox_file_t + selevel: s0 + recurse: True + tags: + - container_config + - container_config_tasks + - name: Write facter cache config + copy: + dest: /var/lib/container-puppet/puppetlabs/facter.conf + content: | + facts : { + ttls: [ + { "kernel" : 8 hour }, + { "memory" : 8 hour }, + { "networking" : 8 hour }, + { "operating system" : 8 hour }, + { "processor" : 8 hour }, + ] + } + tags: + - container_config + - container_config_tasks + - name: Cleanup facter cache if exists + file: + path: /opt/puppetlabs/facter + state: absent + ignore_errors: True + tags: + - container_config + - container_config_tasks + - name: Pre-cache facts + command: facter --config /var/lib/container-puppet/puppetlabs/facter.conf + no_log: True + ignore_errors: True + tags: + - container_config + - container_config_tasks + - name: Sync cached facts + synchronize: + src: /opt/puppetlabs/ + dest: /var/lib/container-puppet/puppetlabs/ + delegate_to: "{{ inventory_hostname }}" + tags: + - container_config + - container_config_tasks + ###################################### # Generate config via container-puppet.py ######################################