You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In module 4.1.0 version (or current code as of writing) there is an issue in the exec statement for ipset_sync.
# sync if needed by helper script
exec { "sync_ipset_${title}":
path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin', '/usr/local/bin', '/usr/local/sbin'],
# use helper script to do the sync
command => "ipset_sync -c '${config_path}' -i ${title}${ignore_contents_opt}",
# only when difference with in-kernel set is detected
unless => "ipset_sync -c '${config_path}' -d -i ${title}${ignore_contents_opt}",
require => [Package['ipset'], File['/usr/local/bin/ipset_sync']],
refreshonly => true,
}
If there is an error in ipset_sync (such as a duplicate ip in the sync. this can happen for example having a hostname and a load balancer address that points to the hostname) the refresh only will prevent the unless from running so you will end up with just an empty ip set with no errors and no retries on subsequent puppet runs. The problem is the use of refreshonly here, either it could be removed, or the command could remove the file on failure.
The text was updated successfully, but these errors were encountered:
In module 4.1.0 version (or current code as of writing) there is an issue in the exec statement for ipset_sync.
If there is an error in ipset_sync (such as a duplicate ip in the sync. this can happen for example having a hostname and a load balancer address that points to the hostname) the refresh only will prevent the unless from running so you will end up with just an empty ip set with no errors and no retries on subsequent puppet runs. The problem is the use of refreshonly here, either it could be removed, or the command could remove the file on failure.
The text was updated successfully, but these errors were encountered: