Will puppet continue to apply changes if it cannot reach the server again?
This is probably a no-brainer, but at this point it is more of a sanity check. I was under the impression it will only make changes if it can successfully pull down a catalog from the Puppet server. Another engineer was doing some work on a box that had Puppet run in the past, but is now on a network with no Puppet presence. He swears files were being changed, and I believe it was with files that we had Puppet configure.
I guess to refine the question, if it runs successfully once, then the access to the Puppet server is completely removed for whatever reason, will it continue to apply the last set of configurations it received or will it no longer try since it cannot reach the Puppet server?
The master _has_ to be reachable in the begin of a PP agent run. One PP-agent-run then caches the catalog rxed by the master. Once it's been rxed completely, it gets applied. This _can_ happen w/o connexion to the master. However, (e.g.) file resources relying on `source => 'puppet:///…'` will fail
In short, once it receives the catalog the first time, it will definitely continue to apply it if changes are detected? Example, the catalog adds 1.2.3.4 to ntp.conf. If I change ntp.conf, it will see it's different and apply again with the last catalog it received regardless of a connection?
Not quite. The changes are detected _during_ catalog _application_. First, receive the catalog. The catalog tells resource X shall be like “this”. However, the has-state on the concrete machine is determined afterwards. And _then_ only if the “has” and “shall” state differ, changes are applied.
Again, note, things relying on connectivity to the PP master – e.g. rendering templates, retrieving files from the PP master – happen _during_ catalog application. Those resources might fail.
Only file resources with a source parameter could potentially fail. Templates are evaluated and the resulting string is placed statically in the catalog, so there is no dependency on the master when using a cached catalog.