Loading howto/puppet.md +19 −0 Original line number Original line Diff line number Diff line Loading @@ -1365,6 +1365,25 @@ code is directly pushed to the Puppet server without validation. Work is being done to [implement automated checks](https://gitlab.torproject.org/tpo/tpa/team/-/issues/31226) but that is only is being done to [implement automated checks](https://gitlab.torproject.org/tpo/tpa/team/-/issues/31226) but that is only being deployed on some clients for now. being deployed on some clients for now. Note that PuppetDB itself holds performance information about the Puppet agent runs, which are called "reports". Those reports contain information about changes operated on each server, how long the agent runs take and so on. Those metrics could be made more visible by using a dashboard, but that has not been implemented yet (see [issue 31969][]). [issue 31969]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/31969 The Puppet server, Puppet agents and PuppetDB keep logs of their operations. The latter keeps its logs in `/var/log/puppetdb/` for a maximum of 90 days or 1GB, whichever comes first (configured in `/etc/puppetdb/request-logging.xml` and `/etc/puppetdb/logback.xml`). The other logs are sent to `syslog`, and usually end up in `daemon.log`. Puppet should hold minimal personnally idenfiable information, like user names, user public keys and project names. # Discussion # Discussion This section goes more in depth into how Puppet is setup, why it was This section goes more in depth into how Puppet is setup, why it was Loading Loading
howto/puppet.md +19 −0 Original line number Original line Diff line number Diff line Loading @@ -1365,6 +1365,25 @@ code is directly pushed to the Puppet server without validation. Work is being done to [implement automated checks](https://gitlab.torproject.org/tpo/tpa/team/-/issues/31226) but that is only is being done to [implement automated checks](https://gitlab.torproject.org/tpo/tpa/team/-/issues/31226) but that is only being deployed on some clients for now. being deployed on some clients for now. Note that PuppetDB itself holds performance information about the Puppet agent runs, which are called "reports". Those reports contain information about changes operated on each server, how long the agent runs take and so on. Those metrics could be made more visible by using a dashboard, but that has not been implemented yet (see [issue 31969][]). [issue 31969]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/31969 The Puppet server, Puppet agents and PuppetDB keep logs of their operations. The latter keeps its logs in `/var/log/puppetdb/` for a maximum of 90 days or 1GB, whichever comes first (configured in `/etc/puppetdb/request-logging.xml` and `/etc/puppetdb/logback.xml`). The other logs are sent to `syslog`, and usually end up in `daemon.log`. Puppet should hold minimal personnally idenfiable information, like user names, user public keys and project names. # Discussion # Discussion This section goes more in depth into how Puppet is setup, why it was This section goes more in depth into how Puppet is setup, why it was Loading