If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

prevent puppet from running on t-w732-spot-* instances



Infrastructure & Operations
RelOps: Puppet
a year ago
8 months ago


(Reporter: grenade, Unassigned)



(Whiteboard: [windows][aws])


(1 attachment)



a year ago
The puppet service on current t-w732 amis appears to be enabled and running causing unnecessary network chatter between spot instances and puppet masters. The service should be disabled during the golden ami creation phase in userdata.

Comment 1

a year ago
Created attachment 8770586 [details] [review]

The Disable-Service -serviceName 'puppet' line here should stop and disable the running puppet service. For golden runs we use the puppet agent cli rather than the service, so there's no good reason for it to be running.

The Remove-ItemProperty -Name 'fPromptForPassword' -Path 'HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services' line is a piggyback change to change the rdp service behaviour to allow rdp clients to authenticate from the command line (as all our other windows instances allow). This simplifies instance maintenance and allows for automation scripts to create maintenance sessions. Note that credentials are still required, they just don't have to be physically typed for each session.
Attachment #8770586 - Flags: review?(mcornmesser)
Attachment #8770586 - Flags: review?(mcornmesser) → review+
Duplicate of this bug: 1264315
You need to log in before you can comment on or make changes to this bug.