[PDB-4479] Deactivate node commands sync after garbage collection Created: 2019/08/12  Updated: 2020/03/05  Resolved: 2020/02/12

Status: Resolved
Project: PuppetDB
Component/s: None
Affects Version/s: None
Fix Version/s: PDB 6.9.0, PDB 5.2.13

Type: Bug Priority: Normal
Reporter: Austin Blatt Assignee: Austin Blatt
Resolution: Fixed Votes: 0
Labels: docs_reviewed
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Acceptance Criteria:
  • Does not sync node deactivation commands that have a deactivated timestamp older than node-purge-ttl
  • Does not sync node data (agentless nodes 6.3.x+) that have a deactivated/expired timestamp older than node-purge-ttl
Epic Link: HA Improve Stability
Team: HA
Story Points: 2
Sprint: HA Team 2020-01-15, HA Team 2020-01-29, HA Team 2020-02-12
Method Found: Needs Assessment
Release Notes: Bug Fix
Release Notes Summary: Fixed an issue affecting PE installations where PuppetDB would fail to purge a deactivated node.
QA Risk Assessment: Needs Assessment


This is a bug in pe-puppetdb's HA sync because we only check the value of producer_timestamp and not the timestamps named deactivate and expired in the certnames table in the would_be_expired_locally? function of .../sync/core.clj

On the local PuppetDB, when a node is purged after a deactivate node command and then a garbage collection run after node-purge-ttl time has passed, the node is deleted.

The remote PuppetDB also has that deactivated node present, but has not run garbage collection, when the local PuppetDB (that has just garbage collection the node) attempts to sync from the remote it will sync back the node it just garbage collected.

This will result in a ping-pong effect and the node will never be purged from PuppetDB

Comment by Melissa Amos [ 2019/12/06 ]

In discussion with Heston Hoffman, we agreed this should go in PDB release notes, if anywhere.

Comment by Joshua Partlow [ 2020/02/07 ]

Austin Blatt What build of PE did this land in? And what fix versions? 2019.y only? Has the main master pe integration ci run with it?

Comment by Austin Blatt [ 2020/02/07 ]

Joshua Partlow this landed in PuppetDB on all PE streams yesterday afternoon so I believe it's been tested overnight on 2018.1.x and master. Looks like a network issue stopped promotion to Kearney so I re-kicked that promotion.

Generated at Wed Apr 01 15:20:30 PDT 2020 using Jira 8.5.2#805002-sha1:a66f9354b9e12ac788984e5d84669c903a370049.