Configuring and tuning orchestration

After installing PE, you can change some default settings to further configure the orchestrator and pe-orchestration-services.

Configure the orchestrator and pe-orchestration-services

There are several parameters you can add to configure the behavior of the orchestrator and pe-orchestration-services.

  1. In the PE console, click Nodes > Classification, and in the PE Infrastructure group, select the PE Orchestrator group.
  2. On the Classes tab, locate the puppet_enterprise class indicated and add any of the following parameters and values as needed.

    Parameter Value
    puppet_enterprise::profile::master::app_management Disable or enable application management. Set to true or false.
    Enabled (true) by default.
    puppet_enterprise::profile::orchestrator::run_service Disable or enable orchestration services. Set to true or false.
    Enabled (true) by default.
    puppet_enterprise::profile::agent::pxp_enabled Disable or enable the PXP service. Set to true or false.
    If you disable this setting you can’t use the orchestrator or the Run Puppet button in the console.
    Enabled (true) by default.
    puppet_enterprise::profile::orchestrator::global_concurrent_compiles An integer that determines how many concurrent compile requests can be outstanding to the Puppet master, across all orchestrator jobs.
    The default value is "8".
    puppet_enterprise::profile::orchestrator::pcp_timeout A Puppet agent needs to connect to the PCP broker in order to do Puppet runs via the Puppet orchestrator. Set an integer to specify how much time should pass before the connection times out.
    The Puppet orchestrator defaults to "30" seconds. If the agent can’t connect to the broker in that time frame, the run will timeout.
  3. Click Add parameter as needed, and commit changes.
  4. On the node hosting the Puppet master, run Puppet.

Correcting ARP table overflow

In larger PE deployments that use MCollective or the PCP broker, you may encounter ARP table overflows and need to adjust some system settings.

Overflows occur when the ARP table—a local cache of IP address to MAC address resolutions—fills and starts evicting old entries. When frequently used entries are evicted, this can lead to an increase of extra network traffic (increasing CPU load on the broker and network latency) to restore them.

A typical log message will resemble the following:

[root@s1 peadmin]# tail -f /var/log/messages
Aug 10 22:42:36 s1 kernel: Neighbour table overflow.
Aug 10 22:42:36 s1 kernel: Neighbour table overflow.
Aug 10 22:42:36 s1 kernel: Neighbour table overflow.

To workaround this issue, you can increase several sysctl settings related to ARP tables:

# Set max table size
net.ipv6.neigh.default.gc_thresh3=4096
net.ipv4.neigh.default.gc_thresh3=4096
# Start aggressively clearing the table at this threshold
net.ipv6.neigh.default.gc_thresh2=2048
net.ipv4.neigh.default.gc_thresh2=2048
# Don't clear any entries until this threshold
net.ipv6.neigh.default.gc_thresh1=1024
net.ipv4.neigh.default.gc_thresh1=1024

These settings are appropriate for networks hosting up to 2000 agents.


Related links

  • Increasing the ulimit for pe-orchestration-services

    The various services in PE require up to one file handle per connected client. On most OS configurations, the defaults will not be high enough for more than a couple hundred clients. To support more clients, you need to increate the number of allowed file handles.

    Instructions for increasing the number of file handles are detailed on the Increasing the ulimit for PE services page.

↑ Back to top