[Puppet Users] Re: Problem running 3.2.1 master with parser=future
I have the same issue but if I use puppet apply --parser future it works. On Monday, May 27, 2013 11:50:50 PM UTC-7, thijso wrote: First off, I was under the impression from what I have been able to find about the future parser that old manifests should remain working. If there are backwards incompatibilities I missed, then please ignore this (and point me to where they are mentioned, please). I have reduced my problem to a very simple and basic setup. If I leave out the line parser=future from my [main] section in puppet.conf on my master (hostname 'dua'), the following setup works: in nodes/dua.pp - node 'dua' inherits 'sistemdasar' {} in nodes/sistemdasar.pp node 'sistemdasar' { package { 'screen': ensure = latest, } } And in my debug output I also see that screen is checked to be the latest version. When I insert the line parser=future in my [main] section in puppet.conf and change nothing else, I get the following error when running 'puppet agent --test': Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not find parent resource type 'sistemdasar' of type node in production at /etc/puppet/manifests/nodes/dua.pp:1 on node dua Is this a bug? Wrong expectations? Deprecated syntax (I'm coming back to puppet after a very long time, and those manifests above are an adaptation of quite old stuff I had)? Thijs -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] squeeze dist-upgrade considerations - puppet 2.6.2 - 2.7.18
Am Freitag, 23. August 2013 16:57:24 UTC+2 schrieb Stig Sandbeck Mathisen: I want to dist-upgrade from squeeze to wheezy. The version will change from puppet 2.6.2 to puppet 2.7.18. Before starting the upgrade I would like to know if there were any syntax changes or stuff that could break my setup because of the version change. Check syslog on your puppet master. Deprecations will be visible there. -- Stig Sandbeck Mathisen It would be nice to be able to prepare for the most problem - before - breaking the setup. Does anybody has more experiences on this issue. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Managing multiple types of mounts
Please disregard this. I was mistaken in syntax and it works as it should. - Original Message - | - Original Message - | | Hi All, | | | | I have an issue whereby I need to manage a mount that is a physical | | mount of a device as well as a bind mount entry. | | | | | | Physical Mount | | == | | | | file { /exports: | | owner = root, | | group = root, | | mode = 771, | | ensure = directory, | | } | | | | file { /exports/homes: | | owner = root, | | group = Domain Users, | | mode = 2771, | | ensure = directory, | | require = File[/exports], | | } | | | | file { /srv: | | ensure = directory, | | } | | | | file { /srv/homes: | | ensure = directory, | | require = File[/srv], | | } | | | | | | mount { /exports/homes: | | device = LABEL=homes, | | fstype = xfs, | | ensure = mounted, | | options = inode64,nobarrier,delaylog,uquota,grpquota, | | atboot = true, | | require = File[/exports/homes], | | } | | | | | | But then I also need a bind mount | | | | mount { /srv/homes: | | device = /exports/homes, | | fstype = none, | | ensure = mounted, | | options = bind, | | atboot = true, | | } | | | | Sorry this is a mistype. It should be this | | mount { /export/homes: |device = /srv/homes, |fstype = none, |ensure = mounted, |options = bind, |atboot = true, | } | | | | -- | James A. Peltier | Manager, IT Services - Research Computing Group | Simon Fraser University - Burnaby Campus | Phone : 778-782-6573 | Fax : 778-782-3045 | E-Mail : jpelt...@sfu.ca | Website : http://www.sfu.ca/itservices | | “A successful person is one who can lay a solid foundation from the | bricks others have thrown at them.” -David Brinkley via Luke Shaw | | -- | You received this message because you are subscribed to the Google | Groups Puppet Users group. | To unsubscribe from this group and stop receiving emails from it, | send an email to puppet-users+unsubscr...@googlegroups.com. | To post to this group, send email to puppet-users@googlegroups.com. | Visit this group at http://groups.google.com/group/puppet-users. | For more options, visit https://groups.google.com/groups/opt_out. | -- James A. Peltier Manager, IT Services - Research Computing Group Simon Fraser University - Burnaby Campus Phone : 778-782-6573 Fax : 778-782-3045 E-Mail : jpelt...@sfu.ca Website : http://www.sfu.ca/itservices “A successful person is one who can lay a solid foundation from the bricks others have thrown at them.” -David Brinkley via Luke Shaw -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Best practices for infrastructure
Speaking in security terms, could be masterless puppet configuration less secure? I mean, the puppet code is in *all* the clients. On the other hand, the puppet code is only in the master, which I think is more secure (you can isolate it on a restricted VLAN, private network, etc). If the security of one client is vulnerated the hacker gets nothing, otherwise he would be able to read the whole puppet code. El viernes, 23 de agosto de 2013 18:51:07 UTC+2, Martin Langhoff escribió: On Fri, Aug 23, 2013 at 12:03 PM, Paul Archer geek...@gmail.comjavascript: wrote: I'm thinking about setting up a master in the colo with a slaved master at each site, I would strongly recommend using master-less recipes, which are actually a git repository as a master, and cronjobs running puppet apply as client. On that track, I have recently implemented just that, rolling out to 4 sites totalling a couple thousand client nodes. I have posted on this list about my glue / tools, which I am publishing at http://repo.or.cz/w/puppet-git.git . They allow you to feed the reports to a puppet dashboard (something that you usually lose in master-less setups. An addition to puppet-git being triggered via cron, I have a configuration that sets up an incrond rule, so if we need an immediate rollout, touching a file in a magic directory triggers the clients to update their config right now. My puppet-git is good, I recommend it :-) -- but YMMV on that. But using git as a master is, IMHO, best practice at scale. cheers, m -- martin@gmail.com javascript: - ask interesting questions - don't get distracted with shiny stuff - working code first ~ http://docs.moodle.org/en/User:Martin_Langhoff -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Best practices for infrastructure
On Sat, Aug 24, 2013 at 6:33 AM, Félix Barbeira fbarbe...@gmail.com wrote: Speaking in security terms, could be masterless puppet configuration less secure? I mean, the puppet code is in *all* the clients. On the other hand, the puppet code is only in the master, which I think is more secure (you can isolate it on a restricted VLAN, private network, etc). If the security of one client is vulnerated the hacker gets nothing, otherwise he would be able to read the whole puppet code. The difference is minimal. The master will happily serve any config to any host. The puppet server relies on the self-reported hostname, so a compromised host can go fishing for configurations. In my git-as-a-master configurations I use ssh to connect to the master. Yes, all hosts using the same master see the full set of configs. If I ever have a clearly separate security domain of sorts, plan would be to set up a separate git master. I think that makes sense too with a puppet master. cheers, m -- martin.langh...@gmail.com - ask interesting questions - don't get distracted with shiny stuff - working code first ~ http://docs.moodle.org/en/User:Martin_Langhoff -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Storage to process this request is not available when puppet runs on windows as a daemon.
Hi Derek, On Thu, Aug 22, 2013 at 8:32 AM, derek murphy derek.mur...@gmail.comwrote: I have a weird issue. I'm using puppet 3.2.3 and I have a simple module to install an msi (module below). If I run manually (from the start menu, or cmd using puppet agent - it works fine and installs. If I let the 30 minute scheduled run happen - I get Storage to process this request is not available. I think this is related to running the service as LocalSystem, but trying to access the network, since the service attempts to make an anonymous SMB connection. Does it work if you change the `source` parameter to a local drive? If that works, then I would create a domain service account, add it as a member of the local Administrators group, and configure the puppet service to run as that user. Or alternatively change the permissions on the remote share. Does anyone have any ideas what could cause this? I don't see too much on the net about it and for the life of me can't figure it out. On a side note - every puppet run also seems to install notepad++ again (I get a Package[np]/ensure: created - which also isn't ideal as it makes this system always be in a changed state. See http://docs.puppetlabs.com/windows/writing.html#packagepackage. The name of the resource needs to match the DisplayName specified in the registry. Any help people can give is appreciated. class wintest { if ($operatingsystem == 'windows') { package { 'np': ensure = installed, source = '\\files\Software\temp\npp.6.3.2.installer.msi', #provider = windows } } else { fail('This module is only supported on Windows') } } -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out. -- Josh Cooper Developer, Puppet Labs *Join us at PuppetConf 2013, August 22-23 in San Francisco - * http://bit.ly/pupconf13 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: Freebsd + Puppet 3.2.2 pkg_add -f ?
The real isssue I seem to be having is that puppet agent is ignoring my PACKAGESITE variable. I've set it accordingly per: http://projects.puppetlabs.com/projects/puppet/wiki/Puppet_Free_Bsd/8 pkg_add -r whatever works fine from the command line in bash and sh, but puppet runs use the url above instead of what I've set. Any ideas where I can set the packagesite var so that puppet can pick it up? On Wed, Aug 21, 2013 at 7:35 AM, Eugene Vilensky evilen...@googlemail.com wrote: On Tue, Aug 20, 2013 at 2:15 PM, joel johnston joeldjohns...@gmail.com wrote: The url is bad/wrong. For some reason it is injecting this %2F in front of pub where it SHOULD just be /pub/ %2F is a '/' in url encoding, maybe there is a trailing slash somewhere you can remove which will allow a proper URL to be constructed. -- You received this message because you are subscribed to a topic in the Google Groups Puppet Users group. To unsubscribe from this topic, visit https://groups.google.com/d/topic/puppet-users/1CqH0u84u6g/unsubscribe. To unsubscribe from this group and all its topics, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out. -- ___ Joel Johnston 760.437.5116 www.metaband.net www.j03l.com -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: chocolatey, windows, powershell and fault bucket
Hello Pavel, Can you please provide a log with --debug --trace --verbose appended to the end of the puppet apply? And what versions and modules you might be using. Thanks... -- Rob Reynolds Developer, Puppet Labs *Join us at PuppetConf 2013, August 22-23 in San Francisco - * http://bit.ly/pupconf13 On Wed, Aug 21, 2013 at 5:56 AM, Pavel Drobushevich p.drobushev...@gmail.com wrote: Hi all, I have similar problem. When I start puppet interactive console and run 'puppet agent -t' it complete successfully. But when I start puppet service under same (or any other use) it fail with powershell crash *Fault bucket , type 0* *Event Name: PowerShell* *Response: Not available* *Cab Id: 0* * * *Problem signature:* *P1: powershell.exe* *P2: 6.1.7601.17514* *P3: System.ComponentModel.Win32Exception* *P4: System.Management.Automation.Host.Host* *P5: erShell.ConsoleControl.GetActiveScreenBufferHandle* *P6: erShell.ConsoleControl.GetActiveScreenBufferHandle* *P7: Consol.. main thread* *P8: * *P9: * *P10* We use windows server 2008R2, powershell v2 and .net 4.0. ExecutionPolicy is RemoteSigned. Could you please provide more information how to fix it? Thanks in advance, Pavel On Tuesday, July 23, 2013 6:35:11 PM UTC+3, Rob Reynolds wrote: It's likely the powershell execution policy that you were seeing errors due to. -- Rob Reynolds Developer, Puppet Labs *Join us at PuppetConf 2013, August 22-23 in San Francisco - * http://bit.ly/pupconf13* **Register now and take advantage of the Final Countdown discount - save 15%!* On Tue, Jul 23, 2013 at 5:14 AM, Francesco Sacchi dep...@gmail.comwrote: I configured it to use my account and it started working without errors.. probably I did not try this one before... what kind of configuration could the other account miss? maybe the .net framework? anyway thank you for your systematic debugging :D Il giorno lunedì 22 luglio 2013 16:51:35 UTC+2, Francesco Sacchi ha scritto: Hi, I configured puppet open source with the chocolatey module and one windows client. When the puppet agent run as a service (not the interactive version) I can see in the windows event log some errors like Fault bucket 1734820220, type 5 Event name: PowerShell Fault bucket , type 0 Event name: PowerShell I tried to google it but I did not find anything relevant apart from some discussions about running powershell in a thread or something similar.. Any hint on how to fix this? Thanks f. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@**googlegroups.com. To post to this group, send email to puppet...@googlegroups.com. Visit this group at http://groups.google.com/**group/puppet-usershttp://groups.google.com/group/puppet-users . For more options, visit https://groups.google.com/**groups/opt_outhttps://groups.google.com/groups/opt_out . -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: chocolatey, windows, powershell and fault bucket
I opened a ticket about this a few days ago: http://projects.puppetlabs.com/issues/22258 (Doing a bit of reading/poking at code, but so far everything I know is on the ticket) Eric -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Best practices for infrastructure
On 08/24/2013 04:13 PM, Martin Langhoff wrote: On Sat, Aug 24, 2013 at 6:33 AM, Félix Barbeira fbarbe...@gmail.com mailto:fbarbe...@gmail.com wrote: Speaking in security terms, could be masterless puppet configuration less secure? I mean, the puppet code is in *all* the clients. On the other hand, the puppet code is only in the master, which I think is more secure (you can isolate it on a restricted VLAN, private network, etc). If the security of one client is vulnerated the hacker gets nothing, otherwise he would be able to read the whole puppet code. The difference is minimal. The master will happily serve any config to any host. The puppet server relies on the self-reported hostname, so a compromised host can go fishing for configurations. Only if you use autosign option. After the certificate is signed, agents report certname and not hostname. In that regard, puppet master is safer option, but also less scalable. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: puppet and custom nagios object variables
I figured out a way around this little problem, in our environment we also monitored the ILO and iDrac (remote console) ports on the servers. Before puppet we included a custom variable called _bmc_address ipaddress and then had a command in turn that used this variable. Since we intergrated puppet we had to figure out a way around this, instead we changed the command to look like this in the nagios config file command_line $USER1$/check_ping -H $ARG1$ -w 3000.0,80% -c 5000.0,100% -p 5 the $ARG1$ is the trick, this way when I do the service definition I can do this in the puppet exported resource: check_command = check_ipmi_ping!${::ipmi_ipaddress}, Where the $::ipmi_address is a custom Facter fact we made that reads the output of ipmitool lan print 1. This allows us to assocatiate the service correctly with the hostname, but use a different address that the host's primary address. BTW - I literally just implemented and tested this tonight. The reason I came across this post was because I was searching for how to use custom variables in nagios with nagios resources in puppet. :) On Tuesday, May 14, 2013 9:38:28 AM UTC-4, Mason wrote: Nagios support custom object variables ( http://nagios.sourceforge.net/docs/nagioscore/3/en/customobjectvars.html) buy prefixing them with an underscore: define host{ host_name linuxserver *_mac_address 00:06:5B:A6:AD:AA* * _rack_number R32* } However, I can't determine how to use these with puppet nagios resources. I'm assuming they aren't supported, but I'm also hoping that I just missed it in the documentation. Is anyone creating custom nagios object variables with puppet? Thanks for the help. — Mason Turner -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.