max number of times that Puppet can perform patching within the patch window functionality is not working #88
Comments
|
@gggkearney the |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
For some reason, the ‘max runs’ option within the patch windows is being ignored. All of our patch groups have max_runs set to 1 but will continue to patch systems if patches are still available after the 'pe_patch_fact_generation.sh’ script is executed at the end of each patch run. Example below.
2nd_thu_20_22_prod_nr:
day_of_week: Thursday
count_of_week: 2
hours: 20:00 - 22:00
max_runs: 1
reboot: never
first puppet run within patch window – the packages available for patching were determined from the cron job (pe_patch_fact_generation.sh) which ran on March 27th
Apr 13 20:00:54 itf-sannav puppet-agent[89855]: Package[bpftool.x86_64] (unmanaged) will be updated by Patching_as_code
Apr 13 20:00:54 itf-sannav puppet-agent[89855]: Package[diffutils.x86_64] (unmanaged) will be updated by Patching_as_code
Apr 13 20:00:54 itf-sannav puppet-agent[89855]: Package[kernel.x86_64] (unmanaged) will be updated by Patching_as_code
Apr 13 20:00:54 itf-sannav puppet-agent[89855]: Package[kernel-tools.x86_64] (unmanaged) will be updated by Patching_as_code
Apr 13 20:00:54 itf-sannav puppet-agent[89855]: Package[kernel-tools-libs.x86_64] (unmanaged) will be updated by Patching_as_code
Apr 13 20:00:54 itf-sannav puppet-agent[89855]: Package[nss.x86_64] (unmanaged) will be updated by Patching_as_code
Apr 13 20:00:54 itf-sannav puppet-agent[89855]: Package[nss-sysinit.x86_64] (unmanaged) will be updated by Patching_as_code
Apr 13 20:00:54 itf-sannav puppet-agent[89855]: Package[nss-tools.x86_64] (unmanaged) will be updated by Patching_as_code
Apr 13 20:00:54 itf-sannav puppet-agent[89855]: Package[openssl.x86_64] (unmanaged) will be updated by Patching_as_code
Apr 13 20:00:54 itf-sannav puppet-agent[89855]: Package[openssl-libs.x86_64] (unmanaged) will be updated by Patching_as_code
Apr 13 20:00:54 itf-sannav puppet-agent[89855]: Package[zlib.x86_64] (unmanaged) will be updated by Patching_as_code
Apr 13 20:00:55 itf-sannav puppet-agent[89855]: (/Stage[main]/Patching_as_code/Exec[Patching as Code - Before patching - pre patch default commands]/returns) executed successfully
Apr 13 20:00:56 itf-sannav puppet-agent[89855]: (/Stage[main]/Patching_as_code::Linux::Patchday/Exec[Patching as Code - Clean Cache]/returns) executed successfully
Apr 13 20:01:40 itf-sannav puppet-agent[89855]: (/Stage[main]/Patching_as_code::Linux::Patchday/Package[bpftool.x86_64]/ensure) ensure changed '3.10.0-1160.83.1.el7' to '0:3.10.0-1160.88.1.el7'
Apr 13 20:01:46 itf-sannav puppet-agent[89855]: (/Stage[main]/Patching_as_code::Linux::Patchday/Package[diffutils.x86_64]/ensure) ensure changed '3.3-5.el7' to '0:3.3-6.el7_9'
Apr 13 20:03:38 itf-sannav puppet-agent[89855]: (/Stage[main]/Patching_as_code::Linux::Patchday/Package[kernel.x86_64]/ensure) ensure changed '3.10.0-1160.71.1.el7; 3.10.0-1160.76.1.el7; 3.10.0-1160.80.1.el7; 3.10.0-1160.81.1.el7; 3.10.0-1160.83.1.el7' to '0:3.10.0-1160.88.1.el7'
Apr 13 20:03:47 itf-sannav puppet-agent[89855]: (/Stage[main]/Patching_as_code::Linux::Patchday/Package[kernel-tools.x86_64]/ensure) ensure changed '3.10.0-1160.83.1.el7' to '0:3.10.0-1160.88.1.el7'
Apr 13 20:03:51 itf-sannav puppet-agent[89855]: (/Stage[main]/Patching_as_code::Linux::Patchday/Package[kernel-tools-libs.x86_64]/ensure) ensure changed '3.10.0-1160.88.1.el7' to '0:3.10.0-1160.88.1.el7'
Apr 13 20:03:57 itf-sannav puppet-agent[89855]: (/Stage[main]/Patching_as_code::Linux::Patchday/Package[nss.x86_64]/ensure) ensure changed '3.79.0-4.el7_9' to '0:3.79.0-5.el7_9'
Apr 13 20:04:00 itf-sannav puppet-agent[89855]: (/Stage[main]/Patching_as_code::Linux::Patchday/Package[nss-sysinit.x86_64]/ensure) ensure changed '3.79.0-5.el7_9' to '0:3.79.0-5.el7_9'
Apr 13 20:04:03 itf-sannav puppet-agent[89855]: (/Stage[main]/Patching_as_code::Linux::Patchday/Package[nss-tools.x86_64]/ensure) ensure changed '3.79.0-5.el7_9' to '0:3.79.0-5.el7_9'
Apr 13 20:04:10 itf-sannav puppet-agent[89855]: (/Stage[main]/Patching_as_code::Linux::Patchday/Package[openssl.x86_64]/ensure) ensure changed '1:1.0.2k-25.el7_9' to '1:1.0.2k-26.el7_9'
Apr 13 20:04:16 itf-sannav puppet-agent[89855]: (/Stage[main]/Patching_as_code::Linux::Patchday/Package[zlib.x86_64]/ensure) ensure changed '1.2.7-20.el7_9' to '0:1.2.7-21.el7_9'
Apr 13 20:04:16 itf-sannav puppet-agent[89855]: (/Stage[main]/Patching_as_code/File[Patching as Code - Save Patch Run Info]/ensure) defined content as '{sha256}363495f191055656bfb3ca11c9fe561d9497a656117dba2cf3f465bff65f4fd8'
Apr 13 20:04:16 itf-sannav puppet-agent[89855]: Patches installed, refreshing patching facts...
Apr 13 20:04:16 itf-sannav puppet-agent[89855]: (/Stage[main]/Patching_as_code/Notify[Patching as Code - Update Fact]/message) defined 'message' as 'Patches installed, refreshing patching facts...'
Apr 13 20:04:23 itf-sannav puppet-agent[89855]: (/Stage[main]/Pe_patch/Exec[pe_patch::exec::fact_upload]) Triggered 'refresh' from 1 event
Apr 13 20:04:45 itf-sannav pe_patch_fact_generation.sh: Uploading facts
Apr 13 20:04:51 itf-sannav pe_patch_fact_generation.sh: Patch data refreshed - This is checking for new packages available for patching. If any are found, PE_PATCH facts will be updated and they will be patched on the next Puppet run. (Should be during the next Patch window)
Apr 13 20:04:51 itf-sannav puppet-agent[89855]: (/Stage[main]/Pe_patch/Exec[pe_patch::exec::fact]) Triggered 'refresh' from 1 event
Apr 13 20:04:51 itf-sannav puppet-agent[89855]: (/Stage[main]/Patching_as_code/Exec[Patching as Code - After patching - post patch default commands]/returns) executed successfully
The text was updated successfully, but these errors were encountered: