I run chef-client frequently (ever 2 minutes or so) on a REL Linux box and I stumbled upon a " error because RHN has detected an abuse of service from this system" (See
https://access.redhat.com/knowledge/solutions/8165 for complete Error Message).
This happens in a simple package resource ('package “unzip” ').
It looks like the yum provider maintains a cache (http://www.rubydoc.info/github/opscode/chef/master/Chef/Provider/Package/Yum/YumCache) which is invalidated on every chef run and thus hits
the network.
Is there a way to avoid hitting the RHN every time? Checking if a package is already installed should be a local operation.
My use case for frequent runs is continuous deployment. I guess I could implement a semi push model by having the build server flip a flag and poll the flag with “chef free” cron job,
that in turn starts chef-client; But I’d like to avoid this if possible.
Regards,
Martin
RHN limits you to one API query per hour per machine. If it isn't in
your budget to get a Satellite subscription. Then your best option
might be to convert that continuous deployment machine requiring runs
every 2 mins. to a CentOS machine.
Eric G. Wolfe
Senior Linux Administrator,
IT Infrastructure Systems
Marshall University Computing Services
Drinko Library 428-K
One John Marshall Dr.
Huntington, WV 25755
Phone: 304.942.3970
Email: eric.wolfe@marshall.edu
You will be recognized and honored as a community leader.
On 02/19/2013 02:38 PM, Martin Eigenbrodt wrote:
I run chef-client frequently (ever 2 minutes or so) on a REL Linux box and I stumbled upon a " error because RHN has detected an abuse of service from this system" (See
What to do when yum or up2date command fails with RHN account has been disabled for 'Abuse of Service' ? - Red Hat Customer Portal for complete Error Message).
This happens in a simple package resource ('package "unzip" ').
It looks like the yum provider maintains a cache (http://www.rubydoc.info/github/opscode/chef/master/Chef/Provider/Package/Yum/YumCache) which is invalidated on every chef run and thus hits
the network.
Is there a way to avoid hitting the RHN every time? Checking if a package is already installed should be a local operation.
My use case for frequent runs is continuous deployment. I guess I could implement a semi push model by having the build server flip a flag and poll the flag with "chef free" cron job,
that in turn starts chef-client; But I'd like to avoid this if possible.
Regards,
Martin
That is amazingly awesome.
Would it make sense to try and hack something up to refuse to run more
often than that?
Adam
On 2/19/13 11:47 AM, "Eric G. Wolfe" eric.wolfe@marshall.edu wrote:
RHN limits you to one API query per hour per machine. If it isn't in
your budget to get a Satellite subscription. Then your best option
might be to convert that continuous deployment machine requiring runs
every 2 mins. to a CentOS machine.
Eric G. Wolfe
Senior Linux Administrator,
IT Infrastructure Systems
Marshall University Computing Services
Drinko Library 428-K
One John Marshall Dr.
Huntington, WV 25755
Phone: 304.942.3970
Email: eric.wolfe@marshall.edu
You will be recognized and honored as a community leader.
On 02/19/2013 02:38 PM, Martin Eigenbrodt wrote:
I run chef-client frequently (ever 2 minutes or so) on a REL Linux box
and I stumbled upon a " error because RHN has detected an abuse of
service from this system" (See
What to do when yum or up2date command fails with RHN account has been disabled for 'Abuse of Service' ? - Red Hat Customer Portal for complete Error
Message).
This happens in a simple package resource ('package "unzip" ').
It looks like the yum provider maintains a cache
(http://www.rubydoc.info/github/opscode/chef/master/Chef/Provider/Package
/Yum/YumCache) which is invalidated on every chef run and thus hits
the network.
Is there a way to avoid hitting the RHN every time? Checking if a
package is already installed should be a local operation.
My use case for frequent runs is continuous deployment. I guess I
could implement a semi push model by having the build server flip a flag
and poll the flag with "chef free" cron job,
that in turn starts chef-client; But I'd like to avoid this if possible.
Regards,
Martin
You could clone the repository and change your machines to point at the
local yum repository instead of the one at RHN (we've done this, 500+
machines all updating their caches against a remote server was getting
expensive....)
then you can set up an rsync job to keep the local repository up to date on
a daily or weekly basis.
-jesse
On Tue, Feb 19, 2013 at 2:47 PM, Eric G. Wolfe eric.wolfe@marshall.eduwrote:
RHN limits you to one API query per hour per machine. If it isn't in your
budget to get a Satellite subscription. Then your best option might be to
convert that continuous deployment machine requiring runs every 2 mins. to
a CentOS machine.
Eric G. Wolfe
Senior Linux Administrator,
IT Infrastructure Systems
------------------------------**--------
Marshall University Computing Services
Drinko Library 428-K
One John Marshall Dr.
Huntington, WV 25755
Phone: 304.942.3970
Email: eric.wolfe@marshall.edu
You will be recognized and honored as a community leader.
On 02/19/2013 02:38 PM, Martin Eigenbrodt wrote:
I run chef-client frequently (ever 2 minutes or so) on a REL Linux box
and I stumbled upon a " error because RHN has detected an abuse of service
from this system" (See
https://access.redhat.com/**knowledge/solutions/8165https://access.redhat.com/knowledge/solutions/8165for complete Error Message).
This happens in a simple package resource ('package "unzip" ').
It looks like the yum provider maintains a cache (
http://www.rubydoc.info/**github/opscode/chef/master/**
Chef/Provider/Package/Yum/**YumCachehttp://www.rubydoc.info/github/opscode/chef/master/Chef/Provider/Package/Yum/YumCache)
which is invalidated on every chef run and thus hits
the network.
Is there a way to avoid hitting the RHN every time? Checking if a package
is already installed should be a local operation.
My use case for frequent runs is continuous deployment. I guess I could
implement a semi push model by having the build server flip a flag and poll
the flag with "chef free" cron job,
that in turn starts chef-client; But I'd like to avoid this if possible.
Regards,
Martin