[SERVER-2167] Work with community to use Puppet::Util::Execution.execute in hiera-eyaml[-gpg] - Puppet Tickets

XML

Word

Printable

Details

Type: Improvement
Status: Closed
Priority: Normal
Resolution: Fixed
Affects Version/s: None
Fix Version/s: None
Component/s: None
Labels:
None

Epic Link:
JRuby in the Wild
Team:
Coremunity

CS Priority:
Reviewed

QA Risk Assessment:
Needs Assessment

Description

Hiera-eyaml is the current way that most folks secure their secrets between master and agent. Some integrations, most notably gpg, require shelling out to external CLIs to do their work. When code running in Puppet does that it should be using Puppet::Util::Execution.execute. This has been considered a nice-to-have for a long time, but with folks scaling Java based Puppet Servers to larger and larger sizes using the execution helper becomes more and more critical (since spawning processes from a large JVM is problematic on most linuxes).

The Server team should work with the community to utilize Puppet::Util::Execution.execute in hiera-eyaml in the long term and hiera-eyaml-gpg specifically in the short term.

Attachments

Issue Links

relates to

SERVER-2021 Cannot allocate memory for 'gpg' with JRuby 9k and "large" JVM heap size

Closed

Activity

People

Assignee:: Unassigned

Reporter:: Justin Stoller

Votes:: 1 Vote for this issue

Watchers:: 20 Start watching this issue

Dates

Created:: 2018/03/29 2:46 PM

Updated:: 2022/02/22 2:37 PM

Resolved:: 2022/02/22 2:36 PM