Re: [Puppet Users] Re: Puppet, Yum, Cassandra, openjdk and --nodeps
On 30 Jul 2013 18:57, Paul Pham m...@paulpham.net wrote: Do most folks who use puppet not use yum? Or are most people okay with letting puppet install dependencies automagically? Puppet has different package providers and I use the appropriate one depending on what I want it to do. If I want Puppet to just install a package and fail if it's dependencies are not met I use the rpm provider and specify the location of the rpm file. If I want Puppet to install a package with all its dependencies then I use the yum provider (the default) usually with a local repository so I can make local changes - try fpm, pulp and similar tools. Of course there are similar providers for non-RHEL systems. Paul - Keith On Monday, July 29, 2013 10:58:11 AM UTC-7, jcbollinger wrote: On Wednesday, July 24, 2013 4:29:44 PM UTC-5, Paul Pham wrote: Hello, puppet n00b here. Trying to install cassandra via puppet. Works great, only caveat is cassandra (dsc12 package) lists openjdk as a dependency. Ironically enough, the datastax guys themselves recommend using Oracle JRE instead of openjdk, and there is even a bug that prevents cassandra from starting if it's using openjdk. Anyway, I fixed it by adding an exec to my puppet-java module that sets the Oracle JRE runtime as the defaults via alternatives, and it works fine. However, I still end up with two different java runtimes installed which I find to be a bit unclean. The root of the problem to me, though, is that by having puppet install dsc12, I lose visibility into what all those dependencies were that got installed along with it (I didn't realize openjdk was even installing until I started investigating why cassandra wasn't starting). So what I'd prefer to do is add each individual package dependency into my cassandra module itself, thereby explicitly installing only what I intend to install, and nothing else. The only way this works, though, is if I can somehow pass the --nodeps option into yum during puppet apply time. Otherwise, regardless of whether I already installed Oracle JRE, using yum to install dsc12 will automatically install openjdk. How have you guys handled scenarios like this? I tried searching through the topics here for yum nodeps but it seems people found different ways of solving their individual problems rather than sending flags to the yum provider itself. I also noticed this puppet feature request which unfortunately has remained open(?) for 3 years. I've also seen people suggest that nodeps should never be used with yum since the purpose of yum is to handle dependencies... but we also like some of the other features of yum, like being able to pull packages down by name automatically from our yum repo (which we manage in-house). Anyway, any insights would be great! Thanks, The best solution to the immediate problem would be to rebuild the RPM to correct the dependency information. There are even tools available by which you could edit your existing RPM without rebuilding it from scratch. As far as --nodeps goes, I am not aware that yum implements it, or anything similar. I find explicit documentation to the contrary, in fact. If you want to go that direction (very unwise) then you need to use rpm directly. If you use rpm directly, however, (including by explicitly telling Puppet to use the 'rpm' Package provider) then you probably still don't want --nodeps. Instead, you want rpm to fail when a package's dependencies are not satisfied, so that you can fix the problem. This is the route to take if you want to explicitly specify every package and avoid any others being installed. You do not then get automatic package downloads, but rpm understands http: URLs, so you can still pull packages from your local repository (or external ones) by specifying their complete URLs. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: 3.2.2 on CentOS 6.3, and Did not receive certificate
When having problems like this it is often a good idea to shut down the Apache web server and run: # puppet master --debug from a console instead. If that works then your Puppet setup is okay and you should look at your web server and passenger config. - Keith On 18 Jul 2013 20:21, Forrie for...@gmail.com wrote: Actually, with the improvements to Puppet 3.x, I wonder if it's really necessary to run Puppet under Passenger anymore... we have less than 100 hosts, but that could change. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Debugging Puppetmaster with Apache/Rack/Passenger
I believe the --debug in config.ru sends output to syslog so either look in /var/log/messages (or similar) or specify a log destination filename like: ARGV --logdest /var/log/puppet/puppet-master.log - Keith On 23 Jul 2013 09:15, Christian Flamm christian.le.fl...@gmail.com wrote: Hi, I'm currently trying to debug a performance issue I'm having. Therefore I would need DEBUG output. When using one puppetmaster process, this is fairly easy by starting it like this: puppet master --no-daemonize --debug Now I need to see this debug output when running puppetmaster the way I ususally do - using Apache/Rack/Passenger. After looking around a bit in the vhost config file cat /etc/httpd/conf.d/puppetmaster.conf LoadModule passenger_module /usr/lib/ruby/gems/1.8/gems/passenger-4.0.10/buildout/apache2/mod_passenger.so PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-4.0.10 PassengerDefaultRuby /usr/bin/ruby # TODO evaluate benefit of ThrottleRate PassengerStatThrottleRate 120 PassengerHighPerformance On PassengerMaxPoolSize 12 PassengerMaxRequests 1000 PassengerPoolIdleTime 600 Listen 8140 VirtualHost *:8140 SSLEngine On # Only allow high security cryptography. Alter if needed for compatibility. SSLProtocol All -SSLv2 SSLCipherSuite HIGH:!ADH:RC4+RSA:-MEDIUM:-LOW:-EXP SSLCertificateFile /var/lib/puppet/ssl/certs/puppetmaster .pem SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/ puppetmaster.pem SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem SSLCACertificateFile/var/lib/puppet/ssl/ca/ca_crt.pem SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem SSLVerifyClient optional SSLVerifyDepth 1 SSLOptions +StdEnvVars +ExportCertData # These request headers are used to pass the client certificate # authentication information on to the puppet master process RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e DocumentRoot /usr/share/puppet/rack/puppetmasterd/public/ Directory /usr/share/puppet/rack/puppetmasterd/ Options None AllowOverride None Order Allow,Deny Allow from All /Directory /VirtualHost I had a look at /usr/share/puppet/rack/puppetmasterd/config.ru which contains this: [snippet] # if you want debugging: # ARGV --debug ... so I enabled it. But this actually only gives me extra lines I believe belong to INFO log level: Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[^/catalog/([^/]+)$]) allowing 'method' find Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[^/catalog/([^/]+)$]) allowing $1 access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[^/node/([^/]+)$]) allowing 'method' find Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[^/node/([^/]+)$]) allowing $1 access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate_revocation_list/ca]) allowing 'method' find Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate_revocation_list/ca]) allowing * access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/report]) allowing 'method' save Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/report]) allowing * access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/file]) allowing * access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate/ca]) adding authentication any Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate/ca]) allowing 'method' find Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate/ca]) allowing * access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate/]) adding authentication any Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate/]) allowing 'method' find Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate/]) allowing * access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate_request]) adding authentication any Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate_request]) allowing 'method' find Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate_request]) allowing 'method' save Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate_request]) allowing * access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/]) adding authentication any Jul 22 17:17:47 puppetmaster puppet-master[22132]: Inserting default '~ ^/report/([^/]+)$' (auth true)
Re: [Puppet Users] Calling a custom class module via a manifest - puppet 0.24.8
Perhaps try removing the final trailing comma after enable = false. Some Puppet versions have a problem with this. - Keith On 24 Jun 2013 01:11, Manoj Bhola mbhol...@gmail.com wrote: Hi, I hope someone can help. I have created a custom class module which updates a configuration file. When I use the puppet command: puppet -e include custom, the file is replaced using the template file included in the module correctly. When I try to update settings in the configuration file using a manifest which uses my custom module, I get the following error from puppet: syntax error at '{'; expected '}' at /root/httpstk1.pp:1 Class Module --- class novell-httpstkd { # Check OES Version. Requires the oes facter additions # case $oes { OES11: { $conf_template = 'httpstkd.conf.oes11.erb' } OES2: { $conf_template = 'httpstkd.conf.oes2.erb' } default: { fail(Sorry your OES Version is not recognized) } } notify {addr-setting: message = Following variables will be used:\naddr = $addr | saddr = $saddr | filteraddr = $filteraddr | filtersubnet = $filtersubnet | cipher = $cipher | mailserver = $mailserver | mailfrom = $mailfrom | mailto = $mailto | nolum = $nolum | supervisoronly = $supervisoronly | httponly = $httponly | inventoryresolvelumownername = $inventoryresolvelumownername, } if $addr == { $_addr = 0.0.0.0:8008 } else { $_addr = $addr } if $saddr == { $_saddr = 0.0.0.0:8009 } else { $_saddr = $saddr } if $filteraddr == { $_filteraddr = } else { $_filteraddr = $filteraddr } if $filtersubnet == { $_filtersubnet = } else { $_filtersubnet = $filtersubnet } if $cipher == 'all' or $cipher == 'low' or $cipher == 'medium' or $cipher == 'high' { $_cipher = $cipher } else { $_cipher = 'all' } if $mailserver == { $_mailserver = } else { $_mailserver = $mailserver } if $mailto == { $_mailto = } else { $_mailto = $mailto } if $mailfrom == { $_mailfrom = } else { $_mailfrom = $mailfrom } if $nolum == 'true' or $nolum == 'false' { $_nolum = $nolum } else { $_nolum = 'false' } if $supervisoronly == 'true' or $supervisoronly == 'false' { $_supervisoronly = $supervisoronly } else { $_supervisoronly = 'false' } if $httponly == 'true' or $httponly == 'false' { $_httponly = $httponly } else { $_httponly = 'true' } if $inventoryresolvenonlumownername == 'true' or $inventoryresolvenonlumownername == 'false' { $_inventoryresolvenonlumownername = $inventoryresolvenonlumownername } else { $_inventoryresolvenonlumownername = 'false' } if $ensure != running or $ensure != stopped { $ensure = running } if $enable != true or $enable != false { $enable = true } file {'httpstkd_conf': path = '/etc/opt/novell/httpstkd.conf', ensure = file, content = template(novell-httpstkd/${conf_template}), owner = 'root', group = 'root', mode = '755', } service {'novell-httpstkd': name = 'novell-httpstkd', ensure = $ensure, enable = $enable, subscribe = File['httpstkd_conf'], } } Manifest (This errors calling the above module) class {novell-httpstkd: addr = $ipaddress, saddr = $ipaddress, filteraddr = 192.168.69.20, filtersubnet = 192.168.1.0 255.255.255.0, cipher = low, mailserver = mail.localdomain, mailfrom = nrm@$fqdn, mailto = supportadmin@localdomain, enable = false, } Manoj -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] PuppetLabs Module Toolkit
http://docs.puppetlabs.com/puppet/2.7/reference/modules_publishing.html Is there a toolkit generally used to develop/manage puppet modules? I've been playing with the modules on puppetlabs and have a question about the packaging used. It appears many of the developers are using some tools / toolkits to develop standardized packages. In addition to the standard files/manifests/templates construct there is also some metadata files for json, looks like ruby data in /specs. A Modulefile etc. I've seen this format across several contributors. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: Validation failed: Host already has a report for time and kind
This could be an issue with time on the host being inconsistent. Is it configured to use NTP to sync against a time server? - Keith On 11 Jun 2013 05:06, Luke Vidler luke.vid...@gmail.com wrote: Me Three, same versions and errors - Did you guys work out how to fix it yet? On Thursday, December 1, 2011 7:55:42 PM UTC+11, Chris Phillips wrote: Howdy, I've been getting this issue for about a month in dashboard. All our nodes poll on a cronjob between 00:00 and 01:00 daily, but one node has been getting this as a failed task for a while, with the yaml files building up on the server. Outside of this one cronjob, other puppet runs on the same node are running just fine. The backtrace on dashboard is: Importing report report-1009-84.yaml at 2011-**11-22 00:33 GMTValidation failed: Host already has a report for time and kind Backtrace /usr/share/puppet-dashboard/**vendor/rails/activerecord/lib/** active_record/validations.rb:**1102:in `save_without_dirty!' /usr/share/puppet-dashboard/**vendor/rails/activerecord/lib/** active_record/dirty.rb:87:in `save_without_transactions!' /usr/share/puppet-dashboard/**vendor/rails/activerecord/lib/** active_record/transactions.rb:**200:in `save!' /usr/share/puppet-dashboard/**vendor/rails/activerecord/lib/** active_record/connection_**adapters/abstract/database_** statements.rb:136:in `transaction' /usr/share/puppet-dashboard/**vendor/rails/activerecord/lib/** active_record/transactions.rb:**182:in `transaction' /usr/share/puppet-dashboard/**vendor/rails/activerecord/lib/** active_record/transactions.rb:**200:in `save!' /usr/share/puppet-dashboard/**vendor/rails/activerecord/lib/** active_record/transactions.rb:**208:in `rollback_active_record_state!**' /usr/share/puppet-dashboard/**vendor/rails/activerecord/lib/** active_record/transactions.rb:**200:in `save!' /usr/share/puppet-dashboard/**app/models/report.rb:113:in `create_from_yaml' /usr/share/puppet-dashboard/**app/models/report.rb:86:in `create_from_yaml_file' Any pointers appreciated. Thanks Chris -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Share Hiera configuration between 2 nodes?
You need to restart the Puppet Master process if you change hiera.yaml. - Keith On 5 Jun 2013 17:09, m3t...@gmail.com wrote: Yes and it seems to work [root@puppetmaster ~]# hiera classes -c /etc/puppet/environments/testing/hiera.yaml environment=testing role=webserver fqdn=node1 --debug -a DEBUG: Wed Jun 05 10:02:23 -0600 2013: Hiera YAML backend starting DEBUG: Wed Jun 05 10:02:23 -0600 2013: Looking up classes in YAML backend DEBUG: Wed Jun 05 10:02:23 -0600 2013: Looking for data source node1 DEBUG: Wed Jun 05 10:02:23 -0600 2013: Found classes in node1 DEBUG: Wed Jun 05 10:02:23 -0600 2013: Looking for data source webserver DEBUG: Wed Jun 05 10:02:23 -0600 2013: Found classes in webserver DEBUG: Wed Jun 05 10:02:23 -0600 2013: Looking for data source common DEBUG: Wed Jun 05 10:02:23 -0600 2013: Data retrieved from /etc/puppet/environments/testing/hieradata/common.yaml is not a Hash, setting defaults [keepalived, apache] On Wednesday, June 5, 2013 9:53:25 AM UTC-6, Ygor wrote: have you tried running hiera on the command line with debug ? “Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.” Bill Waterson (Calvin Hobbes) -- *From: *m3t...@gmail.com *To: *puppet...@googlegroups.com *Sent: *Wednesday, June 5, 2013 11:43:24 AM *Subject: *Re: [Puppet Users] Share Hiera configuration between 2 nodes? Ok maybe I spoke too soon... It looks like the hiera hierarchy is not seeing the custom fact and as a result is not applying the corresponding .yaml file. I expected it to load the hieradata\webserver.yaml file. However as the puppetmasterd debug log shows that it skips over this and loads the osfamily .yaml file. *hiera.yaml * --- :backends: - yaml :yaml: :datadir: /etc/puppet/environments/%{**environment}/hieradata :hierarchy: - %{fqdn} - %{role} - %{osfamily} - common *Puppetmasterd debug messages* *...* Info: Caching node for node1 DEBUG: Wed Jun 05 09:11:50 -0600 2013: Looking up apache_vhosts in YAML backend DEBUG: Wed Jun 05 09:11:50 -0600 2013: Looking for data source node1 DEBUG: Wed Jun 05 09:11:50 -0600 2013: Looking for data source RedHat DEBUG: Wed Jun 05 09:11:50 -0600 2013: Looking for data source common Notice: Compiled catalog for node1 in environment testing in 0.04 seconds *...* *Contents of hieradata folder:* [root@puppetmaster~]# ls /etc/puppet/environments/**testing/hieradata/ common.yaml webserver.yaml node1.yaml node2.yaml RedHat.yaml *Contents of /etc/facter/facts.d/role.yaml* --- role: webserver *node1* [root@node1 /]# puppet agent -t --environment=testing Info: Retrieving plugin Info: Loading facts in /var/lib/puppet/lib/facter/** iptables_persistent_version.rb Info: Loading facts in /var/lib/puppet/lib/facter/**facter_dot_d.rb Info: Loading facts in /var/lib/puppet/lib/facter/**root_home.rb Info: Loading facts in /var/lib/puppet/lib/facter/**puppet_vardir.rb Info: Loading facts in /var/lib/puppet/lib/facter/**iptables_version.rb Info: Loading facts in /var/lib/puppet/lib/facter/pe_**version.rb Info: Loading facts in /var/lib/puppet/lib/facter/**concat_basedir.rb Info: Loading facts in /var/lib/puppet/lib/facter/**ip6tables_version.rb Info: Caching catalog for node1 Info: Applying configuration version '1370444163' Notice: The value is: webserver Notice: /Stage[main]//Node[node1]/**Notify[The value is: webserver]/message: defined 'message' as 'The value is: webserver' Notice: Finished catalog run in 0.31 seconds *Facter test* [root@node1 /]# facter -p role webserver *Puppet Versions* [root@node1 /]# facter --version 1.7.1 [root@node1 /]# puppet --version 3.2.1 [root@puppetmaster ~]# facter --version 1.7.1 [root@puppetmaster ~]# puppet --version 3.2.1 Thanks for the help! On Tuesday, June 4, 2013 2:09:48 PM UTC-6, Keith Burdis wrote: You could set a custom role fact on node1 and node2 with the value webserver and then use the role fact in your Hiera hierarchy. For example using facter.d on on node1 and node2: # cd /etc/facter/facts.d # echo 'role: webserver' custom_facts.yaml # facter -p role role = webserver and on the master: # cat /etc/hiera.yaml ... :hierarchy: - %{role} ... with the common configuration in webserver.yaml under your Hiera datadir. - Keith On 4 June 2013 20:41, m3t...@gmail.com wrote: Hi, I am trying to use Hiera in puppet 3 and I have two nodes that both need the same configuration. In this case they are two web servers which have the same apache configuration. Rather than creating two seperate hiera files for node1.yaml and node2.yaml is there a way to group these by role (e.g. webserver.yaml)? I want to avoid duplicating the configuration if possible and keep the data in hiera. Thanks! Joe -- You received this message because you are subscribed to the Google Groups Puppet
Re: [Puppet Users] Share Hiera configuration between 2 nodes?
You could set a custom role fact on node1 and node2 with the value webserver and then use the role fact in your Hiera hierarchy. For example using facter.d on on node1 and node2: # cd /etc/facter/facts.d # echo 'role: webserver' custom_facts.yaml # facter -p role role = webserver and on the master: # cat /etc/hiera.yaml ... :hierarchy: - %{role} ... with the common configuration in webserver.yaml under your Hiera datadir. - Keith On 4 June 2013 20:41, m3t...@gmail.com wrote: Hi, I am trying to use Hiera in puppet 3 and I have two nodes that both need the same configuration. In this case they are two web servers which have the same apache configuration. Rather than creating two seperate hiera files for node1.yaml and node2.yaml is there a way to group these by role (e.g. webserver.yaml)? I want to avoid duplicating the configuration if possible and keep the data in hiera. Thanks! Joe -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Very slow puppet agent runs on empty/noop manifests (v3.2.1)
Are you running into the Socket.gethostbyname(Socket.gethostname) issue pointed out by Wil Cooley a few days ago? https://groups.google.com/forum/?fromgroups#!topic/puppet-dev/z09Nkk18tREhttps://groups.google.com/forum/?fromgroups#!topic/puppet-dev/z09Nkk18tRE If so there is potential /etc/hosts change in that thread that might sort out your issue. - Keith On 23 May 2013 17:16, Martin Langhoff martin.langh...@gmail.com wrote: This is a VM with 1GB RAM and almost nothing running on it. It takes 10s to read a manifest that defines one node, one class, and checks whether puppet package is installed... Where is all the time going? Is something wrong? Details - # cat /etc/redhat-release CentOS release 6.4 (Final) # vmstat procs ---memory-- ---swap-- -io --system-- -cpu- r b swpd free buff cache si sobibo in cs us sy id wa st 0 0 0 705996 32180 20747600 2 2 164 0 0 100 0 0 # time ruby -e 'puts 1' 1 real 0m0.012s user 0m0.003s sys 0m0.007s Just shy of 6s to display help! # time puppet help | head -n1 Usage: puppet subcommand [options] action [options] real 0m5.990s user 0m0.764s sys 0m0.212s And 10s to do nothing! # time puppet apply --noop --verbose manifests/site.pp Info: Applying configuration version '1369325470' Notice: Finished catalog run in 0.29 seconds real 0m10.226s user 0m3.065s sys 0m1.981s [root@rl01m-puppet puppet]# rpm -qi puppet Name: puppet Relocations: (not relocatable) Version : 3.2.1 Vendor: Puppet Labs Release : 1.el6 Build Date: Wed 22 May 2013 12:29:05 PM CDT Install Date: Wed 22 May 2013 04:09:54 PM CDT Build Host: verne-builder-1.delivery.puppetlabs.net Group : System Environment/Base Source RPM: puppet-3.2.1-1.el6.src.rpm Size: 3239292 License: ASL 2.0 Signature : RSA/SHA1, Wed 22 May 2013 02:14:33 PM CDT, Key ID 1054b7a24bd6ec30 URL : http://puppetlabs.com [root@rl01m-puppet puppet]# rpm -qi ruby Name: ruby Relocations: (not relocatable) Version : 1.8.7.352 Vendor: CentOS Release : 10.el6_4 Build Date: Fri 08 Mar 2013 08:27:43 AM CST Install Date: Wed 22 May 2013 04:09:51 PM CDT Build Host: c6b10.bsys.dev.centos.org Group : Development/Languages Source RPM: ruby-1.8.7.352-10.el6_4.src.rpm Size: 1897682 License: Ruby or GPLv2 Signature : RSA/SHA1, Fri 08 Mar 2013 10:50:23 AM CST, Key ID 0946fca2c105b9de Packager: CentOS BuildSystem http://bugs.centos.org URL : http://www.ruby-lang.org/ cheers, m -- martin.langh...@gmail.com - ask interesting questions - don't get distracted with shiny stuff - working code first ~ http://docs.moodle.org/en/User:Martin_Langhoff -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] puppet in an appliance model?
With PuppetDB 1.1 it is now possible to use exported resources when running puppet apply [1], though of course this still means having a central PuppetDB. This is not relevant for a single machine setup though, as you say. - Keith [1] http://docs.puppetlabs.com/puppetdb/1.3/connect_puppet_apply.html On 18 May 2013 12:45, Nikola Petrov nikol...@gmail.com wrote: Hi, Using puppet in standalone mode with puppet apply from a cronjob will work without problems. The only thing that will be missing are exported resources. But you won't need those if this is a single machine. -- Nikola On Fri, May 17, 2013 at 03:52:11PM -0700, Vince Taluskie wrote: Hey Folks, I am looking at using puppet to help manage/coordinate system integration among several teams collaborating on an appliance product.This is a little different than other environments where I've used puppet for managing large numbers of systems. In the appliance case, we need to build manage only a single system so a puppetmaster becomes extra baggage that is not really needed - what features will not work without one tho? Will erb templates still work? Will modules also function without a puppet master? i'm wondering if anyone has already shared their experiences with the group using puppet in this kind of mode. If so, please share and I will summarize. Thanks, Vince -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Rhel based distro and multiple package version installed
Two options come to mind: 1) Install the JDK and Tomcat products from tarball into separate directories for each version which is what I do with erwbgy/sunjdkhttp://forge.puppetlabs.com/erwbgy/sunjdk and erwbgy/tomcat http://forge.puppetlabs.com/erwbgy/tomcat 2) Create custom packages for each of the product versions installing the files into separate directories - for example using fpmhttps://groups.google.com/forum/#!msg/puppet-users/3phnJuKctdQ/RfAL3pd4NxIJ . - Keith On 18 May 2013 09:38, Luca Gervasi luca.gerv...@gmail.com wrote: Hello, i'm starting using Puppet on my personal lab. There I'd like to reproduce a multi base tomcat installation as follows: * Multiple jdk installations (multiple 1.6.x, multiple 1.7.x) * Multiple tomcat installations (multiple 6.0.x, multiple 7.0.x) Here is the problem: using the Package definition, i'm unable to have multiple jdk version (as 1.6.4 supersedes 1.6.3, leaving only the last one installed correctly), so I created a custom define that uses a File definition to copy multiple directories (/opt/java/jdk-$version) from my puppetmaster (recurse + purge) and used this as follows: tomcat::home { 6.0.37: version = 6.0.37} jdk::home { 1.6.24: version = 1.6.24} but i'm unable to create a simple check on my tomcat istances like a require tomcat-6.0.37. How can i accomplish what i need? Thanks in advance. Luca Gervasi -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Odd Issue with Ensure Latest
This is often an issue with the underlying yum command being executed. Try running: # puppet apply --verbose --debug --execute 'package {yum-plugin-versionlock: ensure = latest}' to see what is happening. On my host this shows that '/usr/bin/yum -d 0 -e 0 -y install yum-plugin-versionlock' is being executed so I'd try this command manually without the -y to see if I get any errors. - Keith On 16 May 2013 13:35, michael.r.bow...@gmail.com wrote: So I am having issue with a manifest that contains the class below. I was in hopes somebody could point me in the correct direction; Original class, works on many others systems I have this deployed to, class base::yum_plugins{ require base::yum_repos package {yum-versionlock: ensure = latest} package {yum-security: ensure = latest} } However on a machine we are building a template out of it fails. Debug: Executing '/bin/rpm -q yum-versionlock --nosignature --nodigest --qf %{NAME} %|EPOCH?{%{EPOCH}}:{0}| %{VERSION} %{RELEASE} %{ARCH} ' Error: Could not update: Could not find package yum-versionlock Error: /Stage[main]/Base::Yum_plugins/Package[yum-versionlock]/ensure: change from absent to latest failed: Could not update: Could not find package yum-versionlock Notice: /File[/etc/yum/pluginconf.d/versionlock.list]: Dependency Package[yum-versionlock] has failures: true Warning: /File[/etc/yum/pluginconf.d/versionlock.list]: Skipping because of failed dependencies Debug: Finishing transaction 70184260275260 Debug: Storing state Debug: Stored state in 0.02 seconds Notice: Finished catalog run in 6.66 seconds Debug: Value of 'preferred_serialization_format' (pson) is invalid for report, using default (yaml) Debug: report supports formats: b64_zlib_yaml raw yaml; using yaml [root@rhel6Template ~]# ^C [root@rhel6Template ~]# /bin/rpm -q yum-versionlock package yum-versionlock is not installed [root@rhel6Template ~]# /bin/rpm -q yum-plugin-versionlock yum-plugin-versionlock-1.1.30-14.el6.noarch Change class to represent yum-plugin-versionlock and it fails slightly different, class base::yum_plugins{ require base::yum_repos package {yum-plugin-versionlock: ensure = latest} package {yum-security: ensure = latest} Error: Failed to apply catalog: Could not find dependency Package[yum-versionlock] for File[/etc/yum/pluginconf.d/versionlock.list Yet Setting up Install Process Package yum-plugin-versionlock-1.1.30-14.el6.noarch already installed and latest version Nothing to do and [root@rhel6Template pluginconf.d]# cd /etc/yum/pluginconf.d/ [root@rhel6Template pluginconf.d]# ls product-id.conf rhnplugin.conf security.conf subscription-manager.conf versionlock.conf versionlock.list Any help woudld be greatly appreciated; Mike -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] vim-puppet syntax highlight
Perhaps try: $ echo 'syntax on' ~/.vimrc - Keith On 16 May 2013 15:27, Balasubramaniam Natarajan bala150...@gmail.comwrote: Hi I am trying to install vim-puppet for syntax highlight of puppet manifest file. I first installed vim-puppet and then vim. Then I ran vim-addon-manager -w install puppet I am still unable to see the colours on site.pp bala@WheezyMaster:~$ vim-addon-manager # Name User Status System Status editexistingremoved removed justify removed removed matchit removed removed puppet *installed installed* bala@WheezyMaster:~$ bala@WheezyMaster:~$ vim --version VIM - Vi IMproved 7.3 (2010 Aug 15, compiled Feb 10 2013 06:46:22) bala@WheezyMaster:~$ dpkg -l | grep vim ii vim2:7.3.547-7 i386 Vi IMproved - enhanced vi editor ii vim-addon-manager 0.5.2 all manager of addons for the Vim editor ii vim-common 2:7.3.547-7 i386 Vi IMproved - Common files ii vim-gnome 2:7.3.547-7 i386 Vi IMproved - enhanced vi editor - with GNOME2 GUI ii vim-gui-common 2:7.3.547-7 all Vi IMproved - Common GUI files ii vim-puppet 2.7.18-4 all syntax highlighting for puppet manifests in vim ii vim-runtime2:7.3.547-7 all Vi IMproved - Runtime files ii vim-tiny 2:7.3.547-7 i386 Vi IMproved - enhanced vi editor - compact version bala@WheezyMaster:~$ Could you please tell me where am I going wrong ? -- Regards, Balasubramaniam Natarajan www.blog.etutorshop.com -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Odd Issue with Ensure Latest
This package doesn't appear to exist in the default repositories for RHEL/CentOS 5: # cat /etc/redhat-release CentOS release 5.9 (Final) # yum install yum-plugin-versionlock Loaded plugins: fastestmirror, security Loading mirror speeds from cached hostfile * base: ftp.heanet.ie * extras: ftp.heanet.ie * updates: ftp.heanet.ie Setting up Install Process No package yum-plugin-versionlock available. Nothing to do Since you do seem to have the yum-plugin-versionlock package installed, try running: # rpm -qi yum-plugin-versionlock to see who the packager was. It may be that this repository is no longer enabled on the host that is having problems. - Keith On 16 May 2013 16:26, michael.r.bow...@gmail.com wrote: So this seems to be different between RHEL5 and RHEL6 the command you suggested ran fine. Here it is on another RHEL6 box [root@crypt mbowden]# puppet agent --verbose --onetime --no-daemonize info: Caching catalog for crypt.bowdoin.edu info: Applying configuration version '1368708690' err: /Stage[main]/Base::Yum_plugins/Package[yum-versionlock]/ensure: change from absent to latest failed: Could not update: Could not find package yum-versionlock at /etc/puppet/modules/base/manifests/yum_plugins.pp:3 notice: /Stage[main]/Patches::Nokernel/File[/etc/yum/pluginconf.d/versionlock.list]: Dependency Package[yum-versionlock] has failures: true warning: /Stage[main]/Patches::Nokernel/File[/etc/yum/pluginconf.d/versionlock.list]: Skipping because of failed dependencies err: /Stage[main]/Base::Yum_plugins/Package[yum-security]/ensure: change from absent to latest failed: Could not update: Could not find package yum-security at /etc/ puppet/modules/base/manifests/yum_plugins.pp:4 notice: Finished catalog run in 9.92 seconds [root@crypt mbowden]# yum install yum-versionlock Loaded plugins: product-id, rhnplugin, security, subscription-manager, versionlock This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register. This system is receiving updates from RHN Classic or RHN Satellite. Setting up Install Process Package yum-plugin-versionlock-1.1.30-14.el6.noarch already installed and latest version Nothing to do [root@crypt mbowden]# puppet apply --verbose --execute 'package {yum-plugin-versionlock: ensure = latest}' info: Applying configuration version '1368718137' notice: Finished catalog run in 3.42 seconds On Thursday, May 16, 2013 10:12:33 AM UTC-4, Keith Burdis wrote: This is often an issue with the underlying yum command being executed. Try running: # puppet apply --verbose --debug --execute 'package {yum-plugin-versionlock: ensure = latest}' to see what is happening. On my host this shows that '/usr/bin/yum -d 0 -e 0 -y install yum-plugin-versionlock' is being executed so I'd try this command manually without the -y to see if I get any errors. - Keith On 16 May 2013 13:35, michael@gmail.com wrote: So I am having issue with a manifest that contains the class below. I was in hopes somebody could point me in the correct direction; Original class, works on many others systems I have this deployed to, class base::yum_plugins{ require base::yum_repos package {yum-versionlock: ensure = latest} package {yum-security: ensure = latest} } However on a machine we are building a template out of it fails. Debug: Executing '/bin/rpm -q yum-versionlock --nosignature --nodigest --qf %{NAME} %|EPOCH?{%{EPOCH}}:{0}| %{VERSION} %{RELEASE} %{ARCH} ' Error: Could not update: Could not find package yum-versionlock Error: /Stage[main]/Base::Yum_**plugins/Package[yum-**versionlock]/ensure: change from absent to latest failed: Could not update: Could not find package yum-versionlock Notice: /File[/etc/yum/pluginconf.d/**versionlock.list]: Dependency Package[yum-versionlock] has failures: true Warning: /File[/etc/yum/pluginconf.d/**versionlock.list]: Skipping because of failed dependencies Debug: Finishing transaction 70184260275260 Debug: Storing state Debug: Stored state in 0.02 seconds Notice: Finished catalog run in 6.66 seconds Debug: Value of 'preferred_serialization_**format' (pson) is invalid for report, using default (yaml) Debug: report supports formats: b64_zlib_yaml raw yaml; using yaml [root@rhel6Template ~]# ^C [root@rhel6Template ~]# /bin/rpm -q yum-versionlock package yum-versionlock is not installed [root@rhel6Template ~]# /bin/rpm -q yum-plugin-versionlock yum-plugin-versionlock-1.1.30-**14.el6.noarch Change class to represent yum-plugin-versionlock and it fails slightly different, class base::yum_plugins{ require base::yum_repos package {yum-plugin-versionlock: ensure = latest} package {yum-security: ensure = latest} Error: Failed to apply catalog: Could not find dependency Package[yum-versionlock] for File[/etc/yum/pluginconf.d/** versionlock.list Yet Setting up Install Process Package yum
Re: [Puppet Users] Manual run with specific class
Perhaps try: # puppet apply --execute 'include manual' - Keith On 16 May 2013 21:40, Nev neva...@gmail.com wrote: I need to be able to run a certain class ONLY when it is called manually from the client. I created a class named manual and can run it from the client like this: puppet agent --no-daemonize --onetime --verbose --tags=manual However it only works if that class is specified in the node definition. I don't want this class to run automatically on the normal node run with the other classes. Is there any way to do this? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Manual run with specific class
If you don't want to transfer the class files (and any dependencies) over to the agent host, which is what I was suggesting here then perhaps you can get your desired behaviour using a custom fact. Assuming that you have facter.dot.d installed (usually from stdlib) do something like: $ echo 'run_manual: false' /etc/facter/facter.d/custom.yaml And then check this fact before including your manual class in your node config, something like: if $run_manual { include manual } Then when you do want to apply the class then change the fact value to true and do a onetime Puppet run. Details above might be slightly off as I am not in from of a computer but you get the idea. - Keith On 16 May 2013 23:40, Nev neva...@gmail.com wrote: thanks, but no: # puppet apply --execute 'include manual' Error: Could not find class manual On Thursday, May 16, 2013 2:47:35 PM UTC-6, Keith Burdis wrote: Perhaps try: # puppet apply --execute 'include manual' - Keith On 16 May 2013 21:40, Nev nev...@gmail.com wrote: I need to be able to run a certain class ONLY when it is called manually from the client. I created a class named manual and can run it from the client like this: puppet agent --no-daemonize --onetime --verbose --tags=manual However it only works if that class is specified in the node definition. I don't want this class to run automatically on the normal node run with the other classes. Is there any way to do this? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com. To post to this group, send email to puppet...@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: Design pattern for exported resources from EC2 autoscaled instances
You should be able to cluster Tomcat without using multicast by having a static members list with TCP pings to check the cluster nodes. You could of course use exported resources to create the static members list. Not sure about Glassfish but I'd expect it to be possible to do something similar as Weblogic allows the use of unicast instead of multicast for static clusters. - Keith On 29 Apr 2013 05:43, Shiva Narayanaswamy shiva.narayanasw...@gmail.com wrote: Thanks for your replies. mco is the solution I like. However AWS doesnt allow multicast, and hence I figured I cannot succesfully cluster glassfish or tomcat in AWS! On Monday, April 22, 2013 9:31:57 AM UTC+10, Shiva Narayanaswamy wrote: My setup has an EC2 autoscaling group of clustered glassfish application servers. Each glassfish instance will register itself with a DAS (Domain Administration Server) to become a member of the cluster, and deregister itself when it is killed. I was intending to orchestrate this via puppet exported resources. However I am stuck with trying to figure out how to get the DAS server to apply puppet configuration everytime an instance is born in the autoscaling group. I can schedule puppet to run on the DAS server every 30 minutes, but I cant afford to wait 30 minutes. I would like to do this as soon as an instance is provisioned. The only way I can think of doing this is using mcollective. Am I overlooking something? If I havent made myself very clear, please let me know, and I can try to explain better. Looking forward to some design patterns from some experienced gurus! Thanks, Shiva -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] checking puppet run status of node A during puppet run of node B
I don't believe there is any existing Puppet functionality that does this though the Capabilities armaturehttps://github.com/puppetlabs/armatures/blob/master/arm-6.capabilities/capabilities.md discusses a potential future solution. You might find dalen/puppetdbqueryhttps://github.com/dalen/puppet-puppetdbquery useful for your solution. - Keith On 29 April 2013 14:18, Schofield dbschofi...@gmail.com wrote: I have some middleware where the successful configuration of node B is dependent on the successful configuration of node A. Node B must pull additional information from node A during its configuration. Is there any built in functionality in puppet for checking the completion status of other nodes? Right now my intent is to write a custom function to query the puppetdb which is storing reports. I want to make sure I am not missing some other elegant solution in puppet that already does this. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Udefined method `get_uptime` for Facter::Util::Uptime:Module
Is the time set correctly on these hosts? If not then I'd suggest synchronising them with an NTP time server like those at pool.NTP.org. - Keith On 22 Apr 2013 17:54, Przemek p.slodkiew...@gmail.com wrote: Hi, I'm rookie puppet user and I trying to establish simple Server-Client connection on configuration: Server: *Fedora F18*, Puppet 3.1.1 (installed by yum), Ruby 1.8.7 Client: *Debian 6.0.6*, Puppet 3.1.1 (installed by guidehttp://shapeshed.com/setting-up-puppet-on-ubuntu-10-04/), Ruby 1.8.7 Server sign client certificate with success but now I'm struggle with apply simple puppet manifest site.pp. When I run Server and Client with no--daemonize and --debug I get error stack trace as fallow: Debug: Finishing transaction -615376128 Debug: Loaded state in 0.00 seconds Debug: node supports formats: b64_zlib_yaml pson raw yaml; using pson Debug: Using cached certificate for ca Debug: Using cached certificate for radkam Debug: Using cached certificate_revocation_list for ca Info: Retrieving plugin Debug: file_metadata supports formats: b64_zlib_yaml pson raw yaml; using pson Debug: Finishing transaction -615481918 The interpreter parameter to 'setcode' is deprecated and will be removed in a future version. *Error: Could not retrieve local facts: undefined method `get_uptime' for Facter::Util::Uptime:Module Error: Failed to apply catalog: Could not retrieve local facts: undefined method `get_uptime' for Facter::Util::Uptime:Module* Debug: Value of 'preferred_serialization_format' (pson) is invalid for report, using default (yaml) *Debug: report supports formats: b64_zlib_yaml raw yaml; using yaml /usr/lib/ruby/gems/1.8/gems/puppet-3.1.1/lib/puppet/agent.rb:89:in `exit': no implicit conversion from nil to integer (TypeError)* *from /usr/lib/ruby/gems/1.8/gems/puppet-3.1.1/lib/puppet/agent.rb:89:in `run_in_fork' from /usr/lib/ruby/gems/1.8/gems/puppet-3.1.1/lib/puppet/agent.rb:86:in `fork' from /usr/lib/ruby/gems/1.8/gems/puppet-3.1.1/lib/puppet/agent.rb:86:in `run_in_fork' from /usr/lib/ruby/gems/1.8/gems/puppet-3.1.1/lib/puppet/agent.rb:41:in `run' from /usr/lib/ruby/gems/1.8/gems/puppet-3.1.1/lib/puppet/application.rb:179:in `call' from /usr/lib/ruby/gems/1.8/gems/puppet-3.1.1/lib/puppet/application.rb:179:in `controlled_run' from /usr/lib/ruby/gems/1.8/gems/puppet-3.1.1/lib/puppet/agent.rb:39:in `run' from /usr/lib/ruby/gems/1.8/gems/puppet-3.1.1/lib/puppet/daemon.rb:205:in `run_event_loop' from /usr/lib/ruby/gems/1.8/gems/puppet-3.1.1/lib/puppet/daemon.rb:167:in `loop' from /usr/lib/ruby/gems/1.8/gems/puppet-3.1.1/lib/puppet/daemon.rb:167:in `run_event_loop' from /usr/lib/ruby/gems/1.8/gems/puppet-3.1.1/lib/puppet/daemon.rb:145:in `start' from /usr/lib/ruby/gems/1.8/gems/puppet-3.1.1/lib/puppet/application/agent.rb:357:in `main' from /usr/lib/ruby/gems/1.8/gems/puppet-3.1.1/lib/puppet/application/agent.rb:313:in `run_command' from /usr/lib/ruby/gems/1.8/gems/puppet-3.1.1/lib/puppet/application.rb:364:in `run' from /usr/lib/ruby/gems/1.8/gems/puppet-3.1.1/lib/puppet/application.rb:456:in `plugin_hook' from /usr/lib/ruby/gems/1.8/gems/puppet-3.1.1/lib/puppet/application.rb:364:in `run' from /usr/lib/ruby/gems/1.8/gems/puppet-3.1.1/lib/puppet/util.rb:504:in `exit_on_fail' from /usr/lib/ruby/gems/1.8/gems/puppet-3.1.1/lib/puppet/application.rb:364:in `run' from /usr/lib/ruby/gems/1.8/gems/puppet-3.1.1/lib/puppet/util/command_line.rb:132:in `run' from /usr/lib/ruby/gems/1.8/gems/puppet-3.1.1/lib/puppet/util/command_line.rb:86:in `execute' from /usr/lib/ruby/gems/1.8/gems/puppet-3.1.1/bin/puppet:4 from /usr/bin/puppet:23:in `load' from /usr/bin/puppet:23* * * I googled it but I couldn't find fix (except few info on this stackoverflow topichttp://stackoverflow.com/questions/3798107/undefined-method-get-uptime-for-facterutiluptimemodule-nomethoderror). * * Could you please help me with resolution? Best Regards -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Puppet 3.1, Hiera and a class parameter called service
Perhaps try using the str2bool function from puppetlabs-stdlib [1]. - Keith [1] https://github.com/puppetlabs/puppetlabs-stdlib On 17 Apr 2013 18:09, Matthias Saou matth...@saou.eu wrote: Hi, I'm trying to clean up some manifests by moving class parameters which I change globally to Hiera lookups. I've been fighting with a boolean parameter for the last hour. My class has a parameter called $service, to enable/disable its service (duh!). When I try to set mymodule::service: false from Hiera, it's ignored for some reason, and the $service variable inside mymodule is always true, because that's the default. If I pass a string, it gets across just fine. I just can't get the one useful value, which is the boolean opposite of the default... Other variable names don't seem to have this problem. It seems that I've been bitten once more by mostly-working-but-reserved-somewhere variable names. Does anyone know Hiera internals enough to confirm this? Do I have any options other than renaming the parameter? Matthias -- Matthias Saou ██ ██ ██ ██ Web: http://matthias.saou.eu/ ██ Mail/XMPP: matth...@saou.eu ██ ██ GPG: 4096R/E755CC63██ ██ ██ 8D91 7E2E F048 9C9C 46AF ██ ██ ██ ██ 21A9 7A51 7B82 E755 CC63 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] facter doesn't load from /ect/facter/facts.d
From that page: External facts are only available in Facter 1.7 and later. I expect you need to either upgrade or install the stdlib module. - Keith On 13 Apr 2013 15:18, Larry Fast lfast1...@gmail.com wrote: I'm trying to load custom facts via /etc/facter/facts.d/* according to instructions on http://docs.puppetlabs.com/guides/custom_facts.html#structured-data-facts I must have missed a setting somewhere because I get nothing. The first clue may be that /etc/facter didn't exist. I had to create it manually. Is there a setting or search path I need to create? Details: puppet 3.0.1 facter 1.6.14-1.el6 centos 6 I created 4 files in /etc/facter/facts.d: y1.yaml, t1.txt, j1.json and r1.rb Each file has it's appropriate format yaml, text, json, ruby. facter --debug says nothing about these files running puppet agent the facts from these files do not appear -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] puppet 3.x, rubygem pkg can't be found on a RHEL 6.4
Try running: # yum-config-manager --enable rhel-6-server-optional-rpms - Keith On 10 April 2013 10:04, Yusup Ashrap aph...@gmail.com wrote: I have having the same problem with install puppet on redhat 6.2. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] ssh_authorized_key errors in RHEL6
The permissions of /tmp should be 1777 so that all users can create files but the sticky bit is set. Setting the sticky bit ensures that files and directories under /tmp can only be renamed or deleted by the user that owns them. - Keith On 3 April 2013 00:41, Kubes pkubat.ml...@freepricealerts.com wrote: Thanks Josh chmoding 777 /tmp fixed the issue. mktemp worked fine as root, not as a user, until chmod. Does puppet sudo for sshkeys, etc? puppet is running as root. On Tuesday, April 2, 2013 12:06:52 PM UTC-4, Joshua Hoblitt wrote: Hello, On 04/02/2013 07:44 AM, Kubes wrote: cannot generate tempfile `/puppet20130331-3128-n19xxm-**9' I suspect this is the crux of your issue. Is there a /tmp on that system and is it world writable? Have you declared $TMPDIR? What does the puppet.conf look like on that system? Does `mktemp` work as expected? Eg. $ mktemp /tmp/tmp.7rj9E3NgP1 $ ls -la /tmp/tmp.7rj9E3NgP1 -rw--- 1 jhoblitt users 0 Apr 2 09:04 /tmp/tmp.7rj9E3NgP1 -Josh -- -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Encrypt Passwords in Manifests
If you use hiera try Craig Dunn's hiera-gpghttp://www.craigdunn.org/2011/10/secret-variables-in-puppet-with-hiera-and-gpg/ . - Keith On 3 April 2013 14:18, jim stra...@gmail.com wrote: Hello all I mainly use Puppet for managing windows hosts, and what to know they best way to either encrypt passwords in manifests or where to store them so they are encrypted and reference them as in a variable etc ? (if that makes sense) e.g. class roles::base::users { user { 'Administrator': ensure = present, password = 'Please_hide_me;01', } regards James -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Staging content from modules for temporary use by resources
Indeed, but other than saving disk space, I have found running multiple instances from the same installation more trouble than it is worth. Please do share your pattern though as I am sure there are others who disagree and I may change my mind :-) On 30 March 2013 10:20, Brian Lalor bla...@bravo5.org wrote: On Mar 28, 2013, at 10:56 AM, Keith Burdis ke...@burdis.org wrote: Today I started using Jordan Sissel's fpm [1] to build multiple rpms for each tomcat instance with a different prefix - something like: This seems like a good opportunity to use CATALINA_BASE for multiple Tomcat instances per install. I've got a pattern for this with Puppet that I'll share if anyone's interested. -- Brian Lalor bla...@bravo5.org -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: puppet 3 hiera configs hiding somewhere
Yes, perhaps try: # chown -R puppet:puppet /etc/puppet /var/lib/puppet - Keith On 28 Mar 2013 05:27, Nick Fagerlund nick.fagerl...@puppetlabs.com wrote: On Wednesday, March 27, 2013 6:22:05 PM UTC-7, Philip Brown wrote: nope, nothing. I tried your suggestion of explicitly setting it. It gets ignored. Oh wait, I just had another idea. File ownership/permissions? If you wrote it as root and it's only accessible to root, puppet master will have a problem, since it drops permissions to the puppet user once it gets started. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: puppet 3 hiera configs hiding somewhere
On 28 Mar 2013 01:22, Philip Brown p...@bolthole.com wrote: On Wed, Mar 27, 2013 at 2:10 PM, Nick Fagerlund nick.fagerl...@puppetlabs.com wrote: ... to keith's suggestion, of Also you can use the hiera command-line utility [1] to test - for example: # hiera --debug philcheck::value That doesnt quite work as-is, eh? Because I need to know how to set the client hostname, You could use: # hiera --debug philcheck:value hostname=$(facter hostname) - Keith -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Staging content from modules for temporary use by resources
I have been using the file, exec approach for my modules but transferring big zip or tar files is a pain because they take up space, as you say, and sometimes the transfer times out when the files are really big. Today I started using Jordan Sissel's fpm [1] to build multiple rpms for each tomcat instance with a different prefix - something like: $ sudo yum install ruby-devel rpmdevtools $ sudo gem install fpm $ tar -zxf apache-tomcat-7.0.37.tar.gz $ for USER in tomcat1 tomcat2 tomcat3; do fpm -t rpm -s dir --prefix /apps/$USER -C apache-tomcat-7.0.37 -n $USER -v 7.0.37 --rpm-user $USER --rpm-group tomcat $(ls apache-tomcat-7.0.37); done Created rpm {:path=tomcat1-7.0.37-1.x86_64.rpm} Created rpm {:path=tomcat2-7.0.37-1.x86_64.rpm} Created rpm {:path=tomcat3-7.0.37-1.x86_64.rpm} This works nicely with a local yum repository and Puppet package resources though I have had to get Puppet to fix file ownership after installation as some directories still have root ownership. - Keith On 28 March 2013 13:52, Bruno Harbulot br...@distributedmatter.net wrote: Hello, I would like to find a few to use files available in a module for the execution of a particular resource, without having to stage the file explicitly onto the client and possibly having to clean it up afterwards. (This could also apply to content coming from templates.) The use-cases I have in mind are: running a SQL file (to set up some content in a database), extracting an archive and running a self-executable installer (as generated with makeself, for example). Currently, one way to do this is to stage the file first and to make the resource (e.g. exec) using it depend on that file being set up: file { '/tmp/setupdb.sql' : source = puppet:///modules/${module_name}/setupdb.sql, mode = 644, backup = false, } exec { 'Setup the database': command = 'psql ${databasename} -f /tmp/setupdb.sql', onlyif = 'psql ... | grep ...', # Some condition to check whether a table exists, for example. requires = File['/tmp/setupdb.sql'], } The problem with this is that it looks procedural, and that it also leaves a useless temporary file behind. One way around this particular use case would be to have support for stdin input in exec (See: http://projects.puppetlabs.com/issues/653). Something like this would feel somewhat cleaner: exec { 'Setup the database': command = 'psql ${databasename}', stdin = puppet:///modules/${module_name}/setupdb.sql, onlyif = 'psql ... | grep ...', # Some condition to check whether a table exists, for example. } Nevertheless, this would only address part of the issue of handling files temporary files, since this would only work for commands that can read their main content from stdin (e.g. mysql, psql, tar). Another use case would be unzipping an archive into a specific directory: file { '/tmp/myfavouriteblogengine.zip': source = puppet:///modules/${module_name}/myfavouriteblogengine.zip, mode = 644, backup = false, } exec { 'Setup the engine for vhost1': command = 'cd /var/lib/www/vhost1 unzip /tmp/myfavouriteblogengine.zip ', creates = '/var/lib/www/vhost1/index.php', requires = File['/tmp/myfavouriteblogengine.zip'], } The problem remains: there's still a temporary file left over, and it doesn't feel very declarative. What are the typical patterns to deal with this kind of situation? Packaging for the distribution isn't necessarily viable: it requires a fair amount of additional setup, and not everything can be packaged easily (whatever the tools), since it would be difficult to install the same package multiple times for vhost1, vhost2, ... in cases similar to the example above. Best wishes, Bruno. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] puppet 3 hiera configs hiding somewhere
Perhaps try: # ln -sf /etc/puppet/hiera.yaml /etc/hiera.yaml Also you can use the hiera command-line utility [1] to test - for example: # hiera --debug philcheck::value - Keith [1] http://docs.puppetlabs.com/hiera/1/command_line.html On 27 March 2013 18:29, Philip Brown p...@bolthole.com wrote: We're using the puppetlabs puppet rpms, on redhat 6. puppet server version: 3.1.1 I wanted to start using hiera for some databinding type purposes. I set up a /etc/puppet/hiera.yaml, pointing to a special hieradata directory...but clients were not seeing the values I populated. So I made a very stripped down version of a manifest for testing, with $domain=hiera(philcheck::value) file {/tmp/hieratest: ensure = present, content=$domain \n, } The only way it found any hiera-set value, was if I put it in /var/lib/hiera/common.yaml Which is rather odd, because the autogenerated /etc/hiera.yaml does not mention common. it mentions global. And the config I created in /etc/puppet/hiera.yaml, I deliberately abused to reference common-p, instead of common. Yet it still pulls from common. While ignoring any varient of /var/lib/hiera/${hostname}.yaml What's going on and how can I fix this please? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] puppet 3.x, rubygem pkg can't be found on a RHEL 6.4
You need to enable the optional repository. On 27 Mar 2013 21:38, T.J. Yang tjyang2...@gmail.com wrote: Hi, I followed puppetlab procedure to install open source version of puppet agent 3.x. It works for CentOS 6.4 but not RHEL 6.4, anyone has pointer where I missed ? [root@mon04 ~]# yum install puppet Loaded plugins: product-id, refresh-packagekit, security, subscription-manager This system is receiving updates from Red Hat Subscription Management. rhel-6-server-cf-tools-1-rpms | 2.8 kB 00:00 rhel-6-server-rhev-agent-rpms | 2.8 kB 00:00 rhel-6-server-rpms | 3.7 kB 00:00 rhel-ha-for-rhel-6-server-rpms | 3.7 kB 00:00 Setting up Install Process Resolving Dependencies -- Running transaction check --- Package puppet.noarch 0:3.1.1-1.el6 will be installed -- Processing Dependency: ruby = 1.8.7 for package: puppet-3.1.1-1.el6.noarch -- Processing Dependency: ruby(abi) = 1.8 for package: puppet-3.1.1-1.el6.noarch -- Processing Dependency: facter = 1.6.11 for package: puppet-3.1.1-1.el6.noarch -- Processing Dependency: hiera = 1.0.0 for package: puppet-3.1.1-1.el6.noarch -- Processing Dependency: ruby(selinux) for package: puppet-3.1.1-1.el6.noarch -- Processing Dependency: ruby-augeas for package: puppet-3.1.1-1.el6.noarch -- Processing Dependency: /usr/bin/ruby for package: puppet-3.1.1-1.el6.noarch -- Processing Dependency: ruby-shadow for package: puppet-3.1.1-1.el6.noarch -- Running transaction check --- Package facter.x86_64 1:1.6.18-1.el6 will be installed --- Package hiera.noarch 0:1.1.2-1.el6 will be installed -- Processing Dependency: rubygem-json for package: hiera-1.1.2-1.el6.noarch --- Package libselinux-ruby.x86_64 0:2.0.94-5.3.el6 will be installed --- Package ruby.x86_64 0:1.8.7.352-10.el6_4 will be installed --- Package ruby-augeas.x86_64 0:0.4.1-1.el6 will be installed --- Package ruby-libs.x86_64 0:1.8.7.352-10.el6_4 will be installed -- Processing Dependency: libreadline.so.5()(64bit) for package: ruby-libs-1.8.7.352-10.el6_4.x86_64 --- Package ruby-shadow.x86_64 0:1.4.1-13.el6 will be installed -- Running transaction check --- Package compat-readline5.x86_64 0:5.2-17.1.el6 will be installed --- Package rubygem-json.x86_64 0:1.5.5-1.el6 will be installed -- Processing Dependency: rubygems for package: rubygem-json-1.5.5-1.el6.x86_64 -- Finished Dependency Resolution Error: Package: rubygem-json-1.5.5-1.el6.x86_64 (puppetlabs-deps) Requires: rubygems You could try using --skip-broken to work around the problem You could try running: rpm -Va --nofiles --nodigest [root@mon04 ~]# [root@xymon04 ~]# cat /etc/redhat-release Red Hat Enterprise Linux Server release 6.4 (Santiago) [root@mon04 ~]# [root@mon04 ~]# yum repolist Loaded plugins: product-id, refresh-packagekit, security, subscription-manager This system is receiving updates from Red Hat Subscription Management. rhel-6-server-cf-tools-1-rpms | 2.8 kB 00:00 rhel-6-server-rhev-agent-rpms | 2.8 kB 00:00 rhel-6-server-rpms | 3.7 kB 00:00 rhel-ha-for-rhel-6-server-rpms | 3.7 kB 00:00 repo idrepo name status epel Extra Packages for Enterprise Linux 6 - x86_64 8,516 puppetlabs-depsPuppet Labs Dependencies El 6 - x86_64 45 puppetlabs-productsPuppet Labs Products El 6 - x86_64 253 rhel-6-server-cf-tools-1-rpms Red Hat CloudForms Tools for RHEL 6 (RPMs) 31 rhel-6-server-rhev-agent-rpms Red Hat Enterprise Virtualization Agents for RHEL 6 Server (RPMs) 16 rhel-6-server-rpms Red Hat Enterprise Linux 6 Server (RPMs) 10,291 rhel-ha-for-rhel-6-server-rpms Red Hat Enterprise Linux High Availability (for RHEL 6 Server) (R253 rpmforge RHEL 6Server - RPMforge.net - dag 4,591 repolist: 23,996 [root@mon04 ~]# -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Can't convert Puppet::Util::Log into Integer
The agent only writes logs under /var/log/puppet if you run it as a service - for example using: $ service puppet once (Note that due to buffering it may take a few seconds for entries to appear in puppet.log.) There are a number of existing issues that could be related to your problem (#17297, #17887, #19344) but none of these appear to have a fix yet. Things to try: 1) File ownership on your master: # chown -R puppet:puppet /etc/puppet /var/lib/puppet 2) Upgrading to 3.1.1. If that doesn't work then post your puppet.conf. - Keith - Keith On 26 March 2013 09:04, Andrei-Florian Staicu andrei.sta...@gmail.comwrote: Hi all, Could anyone help me at least start debugging this issue? All agents have the same error, but i can't find anything on the master-side logs. And the agent-side logs are non-existent (/var/log/puppet is empty). Thanks. Versions: Master: Red Hat Enterprise Linux Server release 6.3 puppet-server-3.1.0-1.el6.noarch puppetdb-1.1.1-1.el6.noarch puppetdb-terminus-1.1.1-1.el6.noarch puppet-dashboard-1.2.21-1.el6.noarch puppet-3.1.0-1.el6.noarch Agents: Red Hat Enterprise Linux Server release 6.3 puppet-3.1.0-1.el6.noarch [root@somvat121892 ~]# puppet agent --test --verbose --debug Debug: Using settings: adding file resource 'lastrunfile': 'File[/var/lib/puppet/state/last_run_summary.yaml]{:links=:follow, :ensure=:file, :backup=false, :mode=644, :path=/var/lib/puppet/state/last_run_summary.yaml, :loglevel=:debug}' Debug: Failed to load library 'ldap' for feature 'ldap' Debug: Puppet::Type::User::ProviderLdap: feature ldap is missing Debug: Puppet::Type::User::ProviderPw: file pw does not exist Debug: Puppet::Type::User::ProviderUser_role_add: file roleadd does not exist Debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dsimport does not exist Debug: Failed to load library 'ldap' for feature 'ldap' Debug: Puppet::Type::Group::ProviderLdap: feature ldap is missing Debug: Puppet::Type::Group::ProviderPw: file pw does not exist Debug: Puppet::Type::Group::ProviderDirectoryservice: file /usr/bin/dscl does not exist Debug: Using settings: adding file resource 'logdir': 'File[/var/log/puppet]{:links=:follow, :group=puppet, :ensure=:directory, :backup=false, :owner=puppet, :mode=750, :path=/var/log/puppet, :loglevel=:debug}' Debug: Using settings: adding file resource 'certdir': 'File[/var/lib/puppet/ssl/certs]{:links=:follow, :ensure=:directory, :backup=false, :owner=puppet, :path=/var/lib/puppet/ssl/certs, :loglevel=:debug}' Debug: Using settings: adding file resource 'graphdir': 'File[/var/lib/puppet/state/graphs]{:links=:follow, :ensure=:directory, :backup=false, :path=/var/lib/puppet/state/graphs, :loglevel=:debug}' Debug: Using settings: adding file resource 'requestdir': 'File[/var/lib/puppet/ssl/certificate_requests]{:links=:follow, :ensure=:directory, :backup=false, :owner=puppet, :path=/var/lib/puppet/ssl/certificate_requests, :loglevel=:debug}' Debug: Using settings: adding file resource 'clientyamldir': 'File[/var/lib/puppet/client_yaml]{:links=:follow, :ensure=:directory, :backup=false, :mode=750, :path=/var/lib/puppet/client_yaml, :loglevel=:debug}' Debug: Using settings: adding file resource 'hostprivkey': 'File[/var/lib/puppet/ssl/private_keys/somvat121892.pem]{:links=:follow, :ensure=:file, :backup=false, :owner=puppet, :mode=600, :path=/var/lib/puppet/ssl/private_keys/somvat121892.pem, :loglevel=:debug}' Debug: Using settings: adding file resource 'resourcefile': 'File[/var/lib/puppet/state/resources.txt]{:links=:follow, :ensure=:file, :backup=false, :owner=root, :mode=640, :path=/var/lib/puppet/state/resources.txt, :loglevel=:debug}' Debug: Using settings: adding file resource 'lastrunreport': 'File[/var/lib/puppet/state/last_run_report.yaml]{:links=:follow, :ensure=:file, :backup=false, :mode=640, :path=/var/lib/puppet/state/last_run_report.yaml, :loglevel=:debug}' Debug: Using settings: adding file resource 'confdir': 'File[/etc/puppet]{:links=:follow, :ensure=:directory, :backup=false, :path=/etc/puppet, :loglevel=:debug}' Debug: Using settings: adding file resource 'ssldir': 'File[/var/lib/puppet/ssl]{:links=:follow, :ensure=:directory, :backup=false, :owner=puppet, :mode=771, :path=/var/lib/puppet/ssl, :loglevel=:debug}' Debug: Using settings: adding file resource 'privatekeydir': 'File[/var/lib/puppet/ssl/private_keys]{:links=:follow, :ensure=:directory, :backup=false, :owner=puppet, :mode=750, :path=/var/lib/puppet/ssl/private_keys, :loglevel=:debug}' Debug: Using settings: adding file resource 'client_datadir': 'File[/var/lib/puppet/client_data]{:links=:follow, :ensure=:directory, :backup=false, :mode=750, :path=/var/lib/puppet/client_data, :loglevel=:debug}' Debug: Using settings: adding file resource 'hostpubkey': 'File[/var/lib/puppet/ssl/public_keys/somvat121892.pem]{:links=:follow, :ensure=:file, :backup=false, :owner=puppet, :mode=644,
Re: [Puppet Users] err: Could not retrieve catalog from remote server: Error 400 on SERVER: Error 403 on SERVER: Forbidden request:
You could try adding: On 25 March 2013 16:50, Red Cricket red.cricket.b...@gmail.com wrote: Thanks for the reply Keith. I will definitively have to dig into the auth.conf, but the auth.conf I am using is the one created when I run ./puppet-enterprise-installer as per the PE 2.7 quickstart guide. Is there a way to let puppetlabs know that there is a problem during the evaluation period? On Sat, Mar 23, 2013 at 4:18 AM, Keith Burdis ke...@burdis.org wrote: Puppet runs fine on RHEL 6.2. It looks like your auth.conf is missing some entries. Do you perhaps have an auth.conf.rpmnew you need to move into place? - Keith Hi All, I am trying to follow the documentation at this link: http://docs.puppetlabs.com/pe/latest/quick_start.html When I get to the part where one runs ... sudo puppet agent --test I get this error message ... err: Could not retrieve catalog from remote server: Error 400 on SERVER: Error 403 on SERVER: Forbidden request: red-cricket-pe-master (xxx.xxx.xxx.xx) access to /facts/red-cricket-agent [save] authenticated at line 45 warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run Both systems are Red Hat Enterprise Linux Server release 6.2 (Santiago) ... maybe puppet does not support this version of redhat? Thanks Red -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] err: Could not retrieve catalog from remote server: Error 400 on SERVER: Error 403 on SERVER: Forbidden request:
You could try adding: path /facts auth any method find, search allow * before the deny entry at the end of the file and restarting your Puppet master. Or look for a similar entry and see if the allow line contains a specific hostname or IP that doesn't match what you expect. I don't know about Puppet Enterprise support arrangements. - Keith On 25 March 2013 16:50, Red Cricket red.cricket.b...@gmail.com wrote: Thanks for the reply Keith. I will definitively have to dig into the auth.conf, but the auth.conf I am using is the one created when I run ./puppet-enterprise-installer as per the PE 2.7 quickstart guide. Is there a way to let puppetlabs know that there is a problem during the evaluation period? On Sat, Mar 23, 2013 at 4:18 AM, Keith Burdis ke...@burdis.org wrote: Puppet runs fine on RHEL 6.2. It looks like your auth.conf is missing some entries. Do you perhaps have an auth.conf.rpmnew you need to move into place? - Keith Hi All, I am trying to follow the documentation at this link: http://docs.puppetlabs.com/pe/latest/quick_start.html When I get to the part where one runs ... sudo puppet agent --test I get this error message ... err: Could not retrieve catalog from remote server: Error 400 on SERVER: Error 403 on SERVER: Forbidden request: red-cricket-pe-master (xxx.xxx.xxx.xx) access to /facts/red-cricket-agent [save] authenticated at line 45 warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run Both systems are Red Hat Enterprise Linux Server release 6.2 (Santiago) ... maybe puppet does not support this version of redhat? Thanks Red -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] err: Could not retrieve catalog from remote server: Error 400 on SERVER: Error 403 on SERVER: Forbidden request:
Puppet runs fine on RHEL 6.2. It looks like your auth.conf is missing some entries. Do you perhaps have an auth.conf.rpmnew you need to move into place? - Keith Hi All, I am trying to follow the documentation at this link: http://docs.puppetlabs.com/pe/latest/quick_start.html When I get to the part where one runs ... sudo puppet agent --test I get this error message ... err: Could not retrieve catalog from remote server: Error 400 on SERVER: Error 403 on SERVER: Forbidden request: red-cricket-pe-master (xxx.xxx.xxx.xx) access to /facts/red-cricket-agent [save] authenticated at line 45 warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run Both systems are Red Hat Enterprise Linux Server release 6.2 (Santiago) ... maybe puppet does not support this version of redhat? Thanks Red -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: syntax problems trying to use Keith Burdis's erwbgy/system module without Hiera
Good news. I'd encourage people to file bug or feature requests on GitHub if they run into problems or have ideas for improvements. Tutorial documentation is coming Real Soon Now (TM) :-) - Keith On 22 March 2013 15:46, John Smith burnncrash...@gmail.com wrote: thank you very much!!! working much better now :) -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] disable puppet hostname resolution in standalone
Try adding an entry for your hostname in /etc/hosts - for example: 127.0.0.1 server1 - Keith On 22 Mar 2013 08:38, bibop554 bibop...@gmail.com wrote: Hi, I am using puppet 2.6.2-5 in debian 6.0.3. I would like to execute puppet in standalone, with puppet apply, but puppet does not start because it can't resolv the hostname to any IP (which is normal since i have no reason to have a hostname that resolves to an IP) Is it possible to somehow disable this check in puppet, so that it starts without trying to resolv the hostname ? I don't want the execution to be dependant of whether the hostname resolv to something or not. Here is an example of what happens: root@server1:/etc/puppet/modules# more sshd_server/manifests/init.pp node default { include sshd_server } class sshd_server { file { 'sshd_config': path = '/etc/ssh/sshd_config', ensure = file, owner = 'root', group = 'root', mode = '0644', content = template(/etc/puppet/modules/sshd_server/templates/sshd_config.erb), notify = Service['sshd-server'], } service { 'sshd-server': name = 'ssh', ensure = running, provider = debian, enable = true, hasrestart = true, hasstatus = true, } } root@server1:/etc/puppet/modules# puppet apply sshd_server/manifests/init.pp --verbose --debug Could not retrieve hostname: getaddrinfo: Name or service not known Could not retrieve hostname: getaddrinfo: Name or service not known dnsdomainname: Name or service not known /usr/lib/ruby/1.8/puppet/defaults.rb:190: undefined method `downcase' for nil:NilClass (NoMethodError) from /usr/lib/ruby/1.8/puppet.rb:100:in `require' from /usr/lib/ruby/1.8/puppet.rb:100 from /usr/lib/ruby/1.8/puppet/application.rb:278:in `require' from /usr/lib/ruby/1.8/puppet/application.rb:278:in `initialize' from /usr/lib/ruby/1.8/puppet/util/command_line.rb:55:in `new' from /usr/lib/ruby/1.8/puppet/util/command_line.rb:55:in `execute' from /usr/bin/puppet:4 root@server1:/etc/puppet/modules# more /etc/hosts 127.0.0.1 localhost.localdomain localhost root@server1:/etc/puppet/modules# hostname server1 root@server1:/etc/puppet/modules# Any ideas ? Thx -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: syntax problems trying to use Keith Burdis's erwbgy/system module without Hiera
Most of the classes take a config hash parameter so this would be: $ntp = { 'servers' = ['ntp1.domain.com'], } class { 'system::ntp': config = $ntp, } I use this internally and Byron showed me an example of how he used it with Foreman. - Keith On 22 March 2013 18:46, John Smith burnncrash...@gmail.com wrote: On Friday, March 22, 2013 8:54:50 AM UTC-7, Keith Burdis wrote: Good news. I'd encourage people to file bug or feature requests on GitHub if they run into problems or have ideas for improvements. Tutorial documentation is coming Real Soon Now (TM) :-) - Keith Keith, What's the equivalent non-hiera command to use ntp with your system module instead? If I try class { 'system::ntp': servers = [ 'ntp1.domain.com' ], } I get Invalid parameter servers at /etc/puppet/manifests/site.pp:36 Thanks! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] What's your hiera tree look like?
Hi Andy, When trying to implement something like Craig Dunn's roles and profiles pattern with hiera I ended up with: :hierarchy: - %{hostname} - roles/%{role} - profiles/%{software1} - profiles/%{software2} - profiles/%{software3} - profiles/%{software4} - profiles/%{software5} - common so that I could specify multiple profiles for each role using custom facts - for example: system::fact { 'software': [ 'tomcat','activemq'] } What I'd really like to be able to match a regex like: - profiles/%{software\d+} having the elements in the hierarchy treated as a regex before they're evaluated as a string. - Keith On 20 March 2013 22:37, Andy Parker a...@puppetlabs.com wrote: On Tue, Mar 19, 2013 at 2:30 PM, Larry Fast lfast1...@gmail.com wrote: My Hiera tree is turning into a chaotic mess. I'm guessing that my tree structure is one problem source. So I'm wondering how other real users have setup hiera. Here are the core problems that are giving me headaches. I'd be interested in seeing some of these as well. I'm looking for real world examples of what people are putting in their hierarchies that we might be able to make better in a hiera 2, which is something that my team is looking at working on. # I need to version control my modules separately but hiera data is monolithic. If I need to change anything anywhere, I need to release a new version of the whole tree. Would you like to version the data with the modules, or would you want something else? # I can't easily review the final output from hiera within puppet because the traversal is dependent on facts. I need to feed the facts into Hiera before I get anything meaningful. yeah. As long as the data and hierarchy can be dependent on facts, I don't see any way around that. # Can't easily compare the config of two different servers. (really the same as the previous) Here's my Hiera tree. I'm very interested to know how others deal with these issues. Does Puppet Enterprise include Hiera mgmt tools? - %{environment}/%{project}/%{server_env}/%{module_name} - %{environment}/%{project}/%{server_env}/common - %{environment}/%{project}/%{role_name}-role/%{module_name} - %{environment}/%{project}/%{role_name}-role/common - %{environment}/%{project}/%{module_name} - %{environment}/%{location}/%{module_name} - %{environment}/%{module_name} - %{environment}/common PE doesn't include any tools for managing hiera, unfortunately. Are you only using the YAML backend? Or are you using anything else? NOTES: Each Environment is a copy of our git repo and includes the hiera tree. Project, Server_env, Role_name Location are custom facts -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Puppet 3.1.1 failing to generate Private Key Certificate: Permission denied - /etc/puppet/ssl/ca/ca_key.pem
The Puppet master runs as the puppet user so try: # chown -R puppet:puppet /etc/puppet - Keith On 13 March 2013 19:42, Mike Canty cantyma...@yahoo.com wrote: Successfully installed Puppet 3.1.1 under Centos 6. When trying to start puppet as the root user, puppet generates the following message: Could not prepare for execution: Permission denied - /etc/puppet/ssl/ca/ca_key.pem Any help is greatly appreciated! Mike -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] exec resource not refreshed when subscribed resource changes
The subscribe isn't needed if notify is used which is in point 1. There are multiple ways to solve the problem - I prefer pushing these events using notify rather than pulling via subscribe :-) On 21 March 2013 10:37, Felix Frank felix.fr...@alumni.tu-berlin.de wrote: Hi, On 03/14/2013 09:25 AM, Keith Burdis wrote: 2) Adding refreshonly = true to the exec. 3) Remove the creates and subscribe from the exec. The subscribe is actually fine, but yes - the 'creates' needs to go in order to allow repeated execution. Note that this can be considered unclean manifest design, because a) notifications can get lost during agent crashes (if you're unlucky) and b) if the exec fails, puppet will likely not notify again next time, which is a painful and not at all unlikely failure scenario. Ideally, you could construct a dynamic creates or unless clause, that will enable puppet to always infer wether the exec need running or not. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Can't get past Permission denied error
The master runs as the puppet user not root so try: # chown -R puppet:puppet /etc/puppet - Keith On 14 Mar 2013 15:09, Mike Canty cantyma...@yahoo.com wrote: I am running Centos 6 and was able to install Puppet 3.1.1. However, when trying to run puppet, as root, for the first time, I get the following message: # puppet master --nodaemonize --verbose --debug Could not prepare for exection: Permission denied - /etc/puppet/ssl/ca/ca_key.pem I'm not sure what the next steps are to troubleshoot this. Could anyone please provide insight and help? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Help me wrap my head around Yaml/Hiera with erwbgy/system
Hi Byron, Some suggestions: 1) Hiera comes with a handy command-line tool to query your config so try using that first. What does running: # hiera -h system::augeas return? If it returns the ntp hash then your hiera config is good. 2) If not, are /etc/hiera.yaml and /etc/puppet/hiera.yaml the same file? I usually symlink one to the other to avoid issues. 3) Assuming your environment is production (the default) based on your hiera.yaml the common.yaml file should be /etc/puppet/hieradata/production/common.yaml. Is this the case? 4) Not the point of your question, but to set NTP servers use system::ntp :-) It does uses Augeas underneath but is easier to use. - Keith On 14 March 2013 16:04, Byron Miller byr...@gmail.com wrote: Trying to figure out the erwbgy/system plugin and just getting stuck.. first run it did some changes, but it ignored parameters for ntp and now its not refreshing if I update the yaml at all, Im slightly lost at what I may be missing :) hiera.yaml --- :hierarchy: - %{certname} - %{environment} - global - %{environment}/common :backends: - yaml :yaml: :datadir: '/etc/puppet/hieradata' common.yaml system::packages::schedule: 'never' system::yumgroups::schedule: 'never' system::augeas: 'ntp': context: '/files/etc/ntp.conf' changes: - 'set server[0] 0.vmware.pool.ntp.org' - 'set server[1] 1.vmware.pool.ntp.org' - 'set server[2] 2.vmware.pool.ntp.org' first run, it updated to 0.pool.ntp.org and its still doing that, so I missed something important here. Puppet 3.1.1 I noticed all the hiera examples on the site for puppet all say coming soon. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: Help me wrap my head around Yaml/Hiera with erwbgy/system
The great thing about Puppet is that it gives you lots of different ways to manage your host data. Personally I am a big fan of hiera and its YAML backend because it is simple for non-Puppet users to understand and allows them to manage the config without having to write or modify Puppet manifests. I also find that using custom facts and different parts of the hierarchy for things like locations, operating systems and host roles it scales quite well for small to medium size setups (depending on what that means to you). If you're the only one who looks after Puppet config or the team that does are all Puppeteers or you have a simpler setup then going down the pure manifests route will work fine. Most people did this before Puppet 3. However hiera was invented for a reason :-) - Keith On 14 March 2013 20:10, windowsrefund windowsref...@gmail.com wrote: plugin aside, I strongly suggest not settling for YAML as a backend for Hiera since you're basically ending up with the same problem you were probably trying to solve; managing data in files. Sure, they're different files but still files. You may as well keep the data in your Puppet manifests and manage the data there... -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Host name lookup failure
The Puppet agent tries to connect to the master using the hostname 'puppet' by default so one solution may be to add an /etc/hosts entry for 'puppet' with the correct IP for your Puppet master: * # echo “your puppet master ip puppet” /etc/hosts* * * For example:* * # echo 10.0.67.1 puppet /etc/hosts If you are running the agent manually then you can specify the Puppet master hostname/IP using the --server parameter - for example: # puppet agent --test --server 10.0.67.1 and on RHEL-like systems you can configure the Puppet master hostname for the agent in /etc/sysconfig/puppet. - Keith On 15 March 2013 09:16, yarlagadda ramya rams.15...@gmail.com wrote: Hi all, I installed puppet agent in one ip in linux..and am trying to connect to master while installing only..agent is getting installed but its giving host name look up failure.. But i specified the correct host name only for the master for which it needs to be connected during installation..certificate is not getting generated..in it.. In the master when am trying to see puppet cert list for requets..it is throwing the following error: err: Could not call list: header too long header too long Can any one pls help me with this? Regards, Ramya Y -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] exec resource not refreshed when subscribed resource changes
Perhaps try: 1) Adding a notify = Exec['unpack_archive'] to the file resource. 2) Adding refreshonly = true to the exec. 3) Remove the creates and subscribe from the exec. That way the exec will only be called when the file changes. - Keith On 14 Mar 2013 07:56, dirk.heinri...@altum.de wrote: Hello, I've created a little class which should unpack a 7z archive on Windows. The class has a parameter for passing in the archive version, so that I can trigger an update when a new version of the archive is available. A simplyfied version looks like this (requires 7z): class my_archive ($version = undef) { file { 'version': path = 'C:/the_version', content = $version, ensure = present, mode = 0666, } # Extracting archive creates C:/some/dir exec { 'unpack_archive': command = cmd /c rmdir /S /Q C:\some/dir 7z x -oC:/some C:/path/to/archive-${version}.7z, creates = 'C:/some/dir/a_file', require = File['version'], path = $::path, subscribe = File['version'], } } I trigger this from site.pp like so: class { 'my_archive': version = '1.2.3' } The initial unpacking of (an older version of) the archive works fine, but when I change the version, I see that this change is recognized by the agent and a refresh is triggered, but the command isn't executed: Info: /Stage[main]/My_archive/File[version]: Filebucketed C:/the_version to puppet with sum 185910a1e94c599dc6541266286675bc Notice: /Stage[main]/My_archive/File[version]/content: content changed '{md5}185910a1e94c599dc6541266286675bc' to '{md5}d0cdd9a6594750ea1063643fcda90d3b' Debug: /Stage[main]/My_archive/File[version]: The container Class[My_archive] will propagate my refresh event Info: /Stage[main]/My_archive/File[version]: Scheduling refresh of Exec[unpack_archive] Debug: /Schedule[weekly]: Skipping device resources because running on a host Debug: Prefetching windows resources for package Notice: /Stage[main]/My_archive/Exec[unpack_archive]: Triggered 'refresh' from 1 events Debug: /Stage[main]/My_archive/Exec[unpack_archive]: The container Class[My_archive] will propagate my refresh event Debug: Class[My_archive]: The container Stage[main] will propagate my refresh event Debug: /Schedule[puppet]: Skipping device resources because running on a host Debug: Finishing transaction 144533424 Debug: Storing state Debug: Stored state in 0.06 seconds Notice: Finished catalog run in 0.75 seconds I tried to omit creates = ..., but this only makes the agent run the resource every time. I also tried adding refreshonly = true, but this doesn't help. I even tried adding refresh = ... with the exact same command without any change in behaviour. Any hints what could be wrong? Puppet Agent version on Windows is 3.1.0. Thanks... Dirk -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] dependency problem when apply class
There is no user type declared in the users class. Perhaps move the user type call out of the adm_user define. On 9 Mar 2013 17:57, mike miguelc...@gmail.com wrote: Hi guys, I need help with the class, i have created my class (users) but when i apply from agent apers the next error: [] [root@nodo1 ~]# puppet agent --test --verbose --noop Info: Retrieving plugin Info: Caching catalog for nodo1.example.com Error: Failed to apply catalog: Could not find dependency User[mike] for File[/home/mike] [] My class is: [] class users($user,$uid) { group { Administracion : gid= 3000, } define adm_user ($user,$uid) { user { $user : ensure = present, home= /home/$user, owner = $user, group = $user, mode= 0600, uid = $uid, gid = Administracion, require = Group[Administracion], } } file { /home/$user: ensure = directory, owner = $user, group = $user, mode= 0664, require = User[$user], } file { /home/$user/.ssh/: ensure = directory, owner = $user, group = $user, mode= 0664, require = File[/home/$user] } file { /home/$user/.ssh/id_rsa.pub: ensure = present, source = puppet:///modules/users/$user/id_rsa.pub, owner = $user, group = $user, mode= 0600, } } [] My class intance (inside site.pp) node 'nodo1.example.com' { class { 'users': user = 'elmo', uid = '9000',} } ¿What's the Problem? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Boolean in hiera... problems again
I am running 3.1.0 and hiera booleans appear to be working fine. - Keith On 6 March 2013 09:15, Richard Clark rich...@fohnet.co.uk wrote: On Wed, Mar 06, 2013 at 01:29:29PM +1000, Peter Brown wrote: Getting booleans from hiera to puppet is not currently not functioning like you would expect. There is a bug reported for it and they are working on it but it's still in progress last I looked. Would this http://projects.puppetlabs.com/issues/16178 be the report? If so, I'm really hoping that it's solved in 3.0.2 as running into the same issue myself :( -- Richard Clark rich...@fohnet.co.uk -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] I moved my modules and manifest directory in puppet master.
Perhaps Puppet is not using the puppet.conf file you think it is. Try running: # puppet agent --configprint confdir - Keith On 4 Mar 2013 20:49, JGonza1 jgonza1...@gmail.com wrote: I also made the changes below in the puppet.conf file to tell puppet where to look for the the modules and manifests. I then restart the puppet master then ran puppet command to apply changes to a puppet client it did not find anything to change just got these three lines info: Caching catalog for pdlnx-adpt03.kareoprod.ent, info: Applying configuration version '1362084986', notice: Finished catalog run in 0.33 seconds. WWhen I put the modules and manifests back in the original place puppet works. Is there anywhere else where I need to change the path to the modules? Changes that I made to puppet.conf file to point to the ne location of the modules and manifest. # The default value is '$confdir/manifests'. #manifestdir = /etc/puppet/manifests manifestdir = /etc/puppet2/manifests # The search path for modules, as a list of directories separated by the system path separator character. (Th e POSIX path separator is ':', and the Windows path separator is ';'.) # The default value is '$confdir/modules:/usr/share/puppet/modules'. #modulepath = /etc/puppet/modules:/usr/share/puppet/modules modulepath = /etc/puppet2/modules:/usr/share/puppet/modules -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: I moved my modules and manifest directory in puppet master.
Ok so Puppet is reading /etc/puppet/puppet.conf. The timestamp on this file shows is hasn't been changed for a few days though. Is the output of: # puppet agent --configprint moduledir # puppet agent --configprint manifestdir on the master what you expect? Perhaps you have a permissions / ownership issue. Try: # chown -R puppet:puppet /etc/puppet /etc/puppet2 Also see http://docs.puppetlabs.com/guides/configuring.html - Keith On 4 Mar 2013 21:16, JGonza1 jgonza1...@gmail.com wrote: I ran the command puppet agent --configprint confdir on both the master and the agetn and got the below for both. On the puppet master that is where the puppet.conf file is in /etc/puppet directory. [root@ct-eng-pup puppet]# puppet agent --configprint confdir /etc/puppet [root@ct-eng-pup puppet]# ll /etc/puppet total 2092 -rw-r--r--. 1 root root 2552 Sep 7 00:14 auth.conf -rw-r--r--. 1 root root 0 Sep 8 16:07 fileserver.conf drwxr-xr-x. 3 root root 4096 Mar 1 17:33 manifests drwxr-xr-x. 192 root puppet4096 Feb 27 13:45 modules -rw-r--r--. 1 root root61 Sep 7 14:29 namespaceauth.conf -rw-r--r--. 1 root root 41346 Feb 28 12:49 puppet.conf -r-xr-xr-x. 1 root root 2599 Sep 20 11:09 puppetd drwxrwx--x. 8 puppet root 4096 Sep 7 00:17 ssl [root@pdlnx-adpt03 ~]# puppet agent --configprint confdir /etc/puppet [root@pdlnx-adpt03 ~]# ll /etc/puppet total 8 -rw-r--r--. 1 root root 2552 Nov 12 13:52 auth.conf drwxrwx--x. 7 root root 4096 Nov 12 13:58 ssl On Monday, March 4, 2013 12:49:31 PM UTC-8, JGonza1 wrote: I also made the changes below in the puppet.conf file to tell puppet where to look for the the modules and manifests. I then restart the puppet master then ran puppet command to apply changes to a puppet client it did not find anything to change just got these three lines info: Caching catalog for pdlnx-adpt03.kareoprod.ent, info: Applying configuration version '1362084986', notice: Finished catalog run in 0.33 seconds. WWhen I put the modules and manifests back in the original place puppet works. Is there anywhere else where I need to change the path to the modules? Changes that I made to puppet.conf file to point to the ne location of the modules and manifest. # The default value is '$confdir/manifests'. #manifestdir = /etc/puppet/manifests manifestdir = /etc/puppet2/manifests # The search path for modules, as a list of directories separated by the system path separator character. (Th e POSIX path separator is ':', and the Windows path separator is ';'.) # The default value is '$confdir/modules:/usr/share/** puppet/modules'. #modulepath = /etc/puppet/modules:/usr/**share/puppet/modules modulepath = /etc/puppet2/modules:/usr/**share/puppet/modules -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: I moved my modules and manifest directory in puppet master.
What section of /etc/puppet/puppet.conf is your moduledir etc set in? This should be in [main] or [master] - see the 'Config Blocks' section in the docs. Alternatively perhaps the master has not actually been restarted somehow and is still using the old config. - Keith On 4 Mar 2013 21:54, JGonza1 jgonza1...@gmail.com wrote: I ran the commands and I see that puppt is still pointing to /etc/puppet not /etc/puppet2 for both modules and manifests, see below. [root@ct-eng-pup etc]# puppet agent --configprint manifestdir /etc/puppet/manifests [root@ct-eng-pup etc]# puppet agent --configprint modulepath /etc/puppet/modules:/usr/share/puppet/modules [root@ct-eng-pup etc]# On Monday, March 4, 2013 12:49:31 PM UTC-8, JGonza1 wrote: I also made the changes below in the puppet.conf file to tell puppet where to look for the the modules and manifests. I then restart the puppet master then ran puppet command to apply changes to a puppet client it did not find anything to change just got these three lines info: Caching catalog for pdlnx-adpt03.kareoprod.ent, info: Applying configuration version '1362084986', notice: Finished catalog run in 0.33 seconds. WWhen I put the modules and manifests back in the original place puppet works. Is there anywhere else where I need to change the path to the modules? Changes that I made to puppet.conf file to point to the ne location of the modules and manifest. # The default value is '$confdir/manifests'. #manifestdir = /etc/puppet/manifests manifestdir = /etc/puppet2/manifests # The search path for modules, as a list of directories separated by the system path separator character. (Th e POSIX path separator is ':', and the Windows path separator is ';'.) # The default value is '$confdir/modules:/usr/share/** puppet/modules'. #modulepath = /etc/puppet/modules:/usr/**share/puppet/modules modulepath = /etc/puppet2/modules:/usr/**share/puppet/modules -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] how to implement cascading defaults based on puppet classes
Have you looked at using hiera [1] for your configuration? It is very good for cascading defaults with more specific config at the top of the hierarchy and the least specific at the bottom. It is part of Puppet 3 and an add on for 2.7. - Keith [1] http://www.devco.net/archives/2011/06/05/hiera_a_pluggable_hierarchical_data_store.php On 10 Feb 2013 06:00, Roman Shaposhnik ro...@shaposhnik.org wrote: Hi! suppose my puppet recipes are deploying a configuration for the entire cluster (lets say Hadoop) consisting of quite a few distributed systems (lets say distributed file-system -- HDFS, scheduler -- YARN, coordinator -- zookeeper). Each of these distributed systems in turn consists of a few agents (e.g. in HDFS there's a NameNode, DataNode, etc.). My biggest concern is how to make it possible to cascade defaults in such a way that they can be specified at each of the levels: entire cluster, subsystem, an agent that is part of the subsystem. To be more explicit, suppose I have a node description that looks like this: - class { cluster::hdfs::datanode: namenode_uri = hdfs://foo.company.com, auth = kerberos } class { cluster::hdfs::secondary_namenode: namenode_uri = hdfs://foo.company.com, auth = kerberos } class { cluster::zookeeper::server: ensemble = zoo1.company.com, auth = kerberos } - What would be the ideal way for me to not repeat myself and set auth as a cluster-level default, while having namenode_uri as an HDFS-level default? Really, what I need should look something like: -- class { cluster: auth = kerberos } class { hdfs: namenode_uri = hdfs://foo.company.com } class { cluster::hdfs::datanode: } class { cluster::hdfs::secondary_namenode: } class { cluster::zookeeper::server: ensemble = zoo1.company.com, } Any ideas on how this could be implemented? I've tried a couple of things, but so far no luck. The natural way of solving it via inheritance (e.g. cluster::hdfs inherits cluster and cluster::hdfs::datanode inherits cluster::hdfs, etc.) seems to be of no help at all. Another thing I was considering was something along the lines of: class cluster::hdfs::datanode ( $auth = $cluster::hdfs::params::auth ) inherits cluster::hdfs::params {...} .. class cluster::hdfs::params { if defined(Class['cluster::hdfs']) { $auth = $cluster::hdfs::auth } elsif defined(Class['cluster']) { $auth = $cluster::auth } else { $auth = 'simple' } } seems to be pretty ugly and worse yet dependent on the parsing order. Am I missing something obvious here? Thanks, Roman. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: RFC: Default File Permissions
Since it would apply to more than just permissions perhaps 'source_attributes' would be better? - Keith On 9 Feb 2013 01:21, Jakov Sosic jso...@srce.hr wrote: On 02/08/2013 06:46 PM, Josh Cooper wrote: Hi John, On Fri, Feb 8, 2013 at 9:22 AM, jcbollinger john.bollin...@stjude.org wrote: On Thursday, February 7, 2013 7:48:58 PM UTC-6, Josh Cooper wrote: Recently, the issue of copying file modes from remote sources was discussed on the puppet-users mailing list[1], although it equally applies to owner and group. One issue is what permissions to apply to newly created files when none are specified? Historically, Puppet has always copied the permissions from the file source to the newly created one. However, this causes problems on Windows[2] agents due to the way that Puppet emulates POSIX permissions. We break NTFS access control inheritance to ensure the effective permissions are not greater than what Puppet has granted. It also causes problems on *nix agents, when the files' source is remote and uid/gids are not synchronized. A second, but related issue, is that Puppet applies the same copy-permissions logic to files that already exist. This goes against what jcbollinger said, unmanaged resources and resource properties should not be modified by Puppet[3], and what Nigel said, A core principle of Puppet is that you can choose to only manage the attributes of a resource that you care about, and can leave the rest unmanaged.[4] However, this bug has been around so long, at least 0.24.8, that we can't change behaviors in a minor release.[5] Patrick and I talked about this and would like to propose adding a file parameter, something like `use_source_permissions`. If true and permissions are unspecified, Puppet would continue copying source permissions as it does today, for both newly created and existing files. This would be the default. If false and permission are unspecified, Puppet would never copy them from the source. Instead the permission defaults for newly created files would be based on the user that Puppet is running as. And the permissions for existing files would be unmodified. Doing so would provide a mechanism for resolving both #5240 and #18931. Comments and feedback welcome. I think this is a fine and useful idea, but I'm not sure it goes far enough. In the first place, it says nothing about uid / gid, even though it is acknowledged that the same problem applies to them. Is that just an oversight? Good point, I didn't explicitly mention this, but yes, I am proposing that this behavior affect all file permissions - uid, gid, and mode. In the second place, there is another usage mode to consider: what if you want to copy source permissions / uid / gid in the event that Puppet creates the file (since you cannot create the file without choosing those properties somehow), but you do not want to enforce those properties on the file if it already exists? I'm not convinced that this case needs to be supported, but it should at least be considered. So this is really the heart of issue #5240. Perhaps use_source_permissions needs to be more than a boolean? Something like: use_source_permissions :always - what puppet does today (default) :creates - only apply source permissions when creating a file :never - what I was proposing Also, I didn't explicitly mention this, but I am proposing that this affect all types of file resources (file, dir, link), not just files. Could this attribute be shorter? Like 'use_source_perm' or just 'source_perms'? And I agree with this solution, and in the next major version simply change default to never and that's it :) -- Jakov Sosic www.srce.unizg.hr -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@**googlegroups.compuppet-users%2bunsubscr...@googlegroups.com . To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/**group/puppet-users?hl=enhttp://groups.google.com/group/puppet-users?hl=en . For more options, visit https://groups.google.com/**groups/opt_outhttps://groups.google.com/groups/opt_out . -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Is it possible to enable SSL tracing on the master and agent?
If you are running the master under mod_passenger then you can set 'LogLevel debug'. On 3 February 2013 04:29, Schofield dbschofi...@gmail.com wrote: I would like to see the SSL handshake between the master and agent. How do I enable this? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: mcollective puppetd plugin does not work
I can't check at the moment but shouldn't that be 'mco puppet runonce fqdn= puppet.example.net' ? - Keith On 1 February 2013 11:23, snlsingha...@gmail.com wrote: Hey i have installed mcollective server cleint and puppet master, agent successfully. I have also installed puppet agent plugin. But when i run mco puppet runonce * [ ] 2 / 2 Finished processing 2 / 2 hosts in 1093.05 ms This command runs successfully for all nodes. But i want to run puppet agent for only the specified server. For this i m using .. mco puppet runonce --server puppet.example.net I m getting following error === The puppet application failed to run, use -v for full error details: Cannot validate input server: Unknown validator: 'puppet_server_address'. I m unable to find put the issue. Please help me?? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Puppet service
Try running the Puppet agent manually with 'puppet agent --test --verbose'. The output should indicate what is preventing it from starting. - Keith On 31 Jan 2013 09:44, Mamta Garg itsmamta.b...@gmail.com wrote: Please find now. On Wed, Jan 30, 2013 at 4:49 PM, Nikola Petrov nikol...@gmail.com wrote: On Tue, Jan 29, 2013 at 07:21:06AM -0500, Mamta Garg wrote: HI All, Can any anyone please help me with attached screenshot. Actually i am not able to lauch puppet dashboard and when i have tried to running below command ,getting error. puppet resource service puppet ensure=running enable=true Hi, I suspect that you forgot the screenshot as I cannot see it -- Nikola -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- Thanks and Regards, Mamta Garg -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Puppet service
Run it where you were getting the error you posted. - Keith On 31 Jan 2013 09:59, Mamta Garg itsmamta.b...@gmail.com wrote: So this command i should run it on master machine? On Thu, Jan 31, 2013 at 4:53 AM, Keith Burdis ke...@burdis.org wrote: Try running the Puppet agent manually with 'puppet agent --test --verbose'. The output should indicate what is preventing it from starting. - Keith On 31 Jan 2013 09:44, Mamta Garg itsmamta.b...@gmail.com wrote: Please find now. On Wed, Jan 30, 2013 at 4:49 PM, Nikola Petrov nikol...@gmail.comwrote: On Tue, Jan 29, 2013 at 07:21:06AM -0500, Mamta Garg wrote: HI All, Can any anyone please help me with attached screenshot. Actually i am not able to lauch puppet dashboard and when i have tried to running below command ,getting error. puppet resource service puppet ensure=running enable=true Hi, I suspect that you forgot the screenshot as I cannot see it -- Nikola -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- Thanks and Regards, Mamta Garg -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- Thanks and Regards, Mamta Garg -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Puppet service
One of the best ways to learn Puppet is to go through the Learning Puppet documentation at http://docs.puppetlabs.com/learning/. They provide a VM that you can download and use so you can get started quite quickly. I'd suggest working through this as it will help you to understand the errors that you are seeing. - Keith On 31 January 2013 11:05, Mamta Garg itsmamta.b...@gmail.com wrote: Hi Keith, It will really helpfull if could guide me for further step. Thanks, Mamta On Thu, Jan 31, 2013 at 5:13 AM, Mamta Garg itsmamta.b...@gmail.comwrote: Ran this command ,getting as in screeshot but All nodes are still showing unresponsive. On Thu, Jan 31, 2013 at 5:05 AM, Keith Burdis ke...@burdis.org wrote: Run it where you were getting the error you posted. - Keith On 31 Jan 2013 09:59, Mamta Garg itsmamta.b...@gmail.com wrote: So this command i should run it on master machine? On Thu, Jan 31, 2013 at 4:53 AM, Keith Burdis ke...@burdis.org wrote: Try running the Puppet agent manually with 'puppet agent --test --verbose'. The output should indicate what is preventing it from starting. - Keith On 31 Jan 2013 09:44, Mamta Garg itsmamta.b...@gmail.com wrote: Please find now. On Wed, Jan 30, 2013 at 4:49 PM, Nikola Petrov nikol...@gmail.comwrote: On Tue, Jan 29, 2013 at 07:21:06AM -0500, Mamta Garg wrote: HI All, Can any anyone please help me with attached screenshot. Actually i am not able to lauch puppet dashboard and when i have tried to running below command ,getting error. puppet resource service puppet ensure=running enable=true Hi, I suspect that you forgot the screenshot as I cannot see it -- Nikola -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- Thanks and Regards, Mamta Garg -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en . For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- Thanks and Regards, Mamta Garg -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- Thanks and Regards, Mamta Garg -- Thanks and Regards, Mamta Garg -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [SUSPECTED SPOOFING] [Puppet Users] how to get report or last_run_report
Perhaps 'puppet node' is what you're looking for? $ sudo puppet node status $(facter fqdn) [sudo] password for kburdis: lnxmgt-01.domain Currently active Last catalog: 2013-01-31T14:57:22.518Z Last facts: 2013-01-31T14:57:14.732Z To get more info you'll can install PuppetDB and that's as simple as: # puppet module install puppetlabs/puppetdb Then update auth.conf to make the inventory service accessible: # vim /etc/puppet/auth.conf ... # Permit all access to the facts endpoint: # (Note that this will allow access to both facts and facts_search, since the # path is read as a prefix.) path /facts auth any method find, search allow * ... Then you can query data about your nodes - for example: $ PUPPETMASTER_HOST=$(facter fqdn) $ PUPPETMASTER_PORT=443 $ MYNODE=$(facter fqdn) $ *curl -k -H Accept: yaml https://${PUPPETMASTER_HOST}:${PUPPETMASTER_PORT}/production/facts/${MYNODE} | head* % Total% Received % Xferd Average Speed TimeTime Time Current Dload Upload Total SpentLeft Speed 100 3630 100 36300 0 31795 0 --:--:-- --:--:-- --:--:-- 708k --- !ruby/object:Puppet::Node::Facts expiration: 2013-01-31 15:27:14.027384 +00:00 name: lnxmgt-01.domain values: sshrsakey: B3NzaC1yc2EBIwAAAQEAnIMv0+l7LqSC2uNHBTTZVex/2o4E9H1zgieVlM7VZIvmieHPb7Kl/FtgFrqr7C13u2HiNHO67yOVZkMyFjIfR8ywtHyNr8kEQcKQCDJNtixXQHRqRVFRr0yg/+ptRfP0Ajix0nUle2oDa0KZbQc5sFjBkvAOdej99UXEL2TD7yNFnzz4fU9SpV+VBfRUjkFGxrmN6TlJuaugtij7+P9tX4I/CoW/8/LWIRVKjA6cX+NVC3g3v5982JWcesd3S5fwP6do655dZtKaeiFzhqE5KscIhTRUOGjAKGZJ2yfW3DeaaH7V1mPbEuHSw5Elk+m9JBpHrHqDMfxCPleCEY9LDQ== is_virtual: true swapfree: 3.47 GB augeasversion: 0.9.0 netmask_lo: 255.0.0.0 hardwaremodel: x86_64 See http://docs.puppetlabs.com/guides/inventory_service.html for more details. - Keith On 31 January 2013 14:33, GRANIER Bernard (MORPHO) bernard.gran...@morpho.com wrote: This post receive no answer, so I imagine that there is no API to know if a node has the state defined by manifest or if manifests have been applied without error ... Not so cool ... Cordialement, Bernard Granier CE Plateforme Système bernard.gran...@morpho.com 01 58 11 32 51 Hi, Using a command line, Is it possible to get a report for a node, report stored on server, or to get the last_run_report stored on agent ? I try using the REST API but I did not succeed. After a build, our application is installed on a testbed using pupet and when the application is installed, some tests and others processing are running. I thought to use the REST API to know when the node is in resquested status and when the application is installed but maybe there is another way. Is there ? I looked to puppetdb and dashboard API, but I did not understand that they could fill my needs. I know that I can define a report processor specially for that, but if I do that I do not know if I wll be abble to display report in a console like foreman or to define another report processor. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. # This e-mail and any attached documents may contain confidential or proprietary information. If you are not the intended recipient, you are notified that any dissemination, copying of this e-mail and any attachments thereto or use of their contents by any means whatsoever is strictly prohibited. If you have received this e-mail in error, please advise the sender immediately and delete this e-mail and all attached documents from your computer system. # -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: Calling a subclass correctly in a node def?
If you like the style guide the you'll like puppet-lint - https://github.com/rodjek/puppet-lint - Keith On 31 January 2013 16:15, Kodiak Firesmith kfiresm...@gmail.com wrote: I figured this out via taking another look at the style guide. This is resolved. Changed this to this: class mysql-server inherits mysql{} ...to... class mysql::server inherits mysql{} And in node def: include mysql::server Worked perfectly. Thanks style guide! *http://docs.puppetlabs.com/guides/style_guide.html#class-inheritance* -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: Calling a subclass correctly in a node def?
I certainly found it so :-) On 31 Jan 2013 17:09, Kodiak Firesmith kfiresm...@gmail.com wrote: Thanks very much Keith; if it's nearly as thorough as rpmlint I've no doubt it will be illustrative and saddening to run my humble modules through. :) On Thursday, January 31, 2013 11:18:22 AM UTC-5, Keith Burdis wrote: If you like the style guide the you'll like puppet-lint - https://github.com/rodjek/**puppet-linthttps://github.com/rodjek/puppet-lint - Keith On 31 January 2013 16:15, Kodiak Firesmith kfire...@gmail.com wrote: I figured this out via taking another look at the style guide. This is resolved. Changed this to this: class mysql-server inherits mysql{} ...to... class mysql::server inherits mysql{} And in node def: include mysql::server Worked perfectly. Thanks style guide! *http://docs.puppetlabs.com/guides/style_guide.html#class-inheritance* -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@**googlegroups.com. To post to this group, send email to puppet...@googlegroups.com. Visit this group at http://groups.google.com/**group/puppet-users?hl=enhttp://groups.google.com/group/puppet-users?hl=en . For more options, visit https://groups.google.com/**groups/opt_outhttps://groups.google.com/groups/opt_out . -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: Reusable Puppet config for Vagrant
Thank you both for sharing details of your Vagrant setups. This will certainly save me some time. - Keith On 30 Jan 2013 07:01, Felipe Salum fsa...@gmail.com wrote: I have done something similar, installing puppet master, puppetdb and a few nodes for testing, everything via vagrant. https://github.com/fsalum/vagrant-puppet Felipe On Tuesday, January 29, 2013 6:42:42 AM UTC-8, blalor wrote: I took an hour this morning to document how I use Vagrant and Puppet together to provision development VMs as well as more production-like systems. This may be entirely elementary to folks who are more fluent with Puppet, but this is an example I thought was lacking. https://github.com/blalor/**vagrant-puppet-examplehttps://github.com/blalor/vagrant-puppet-example I welcome feedback and criticism of this setup. I'm looking to minimize the difference between local development environments and production systems as much as possible. Thanks, Brian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Puppet 3.02 issue
The puppet master runs as the puppet user so try 'chown -R puppet:puppet /etc/puppet /var/log/puppet /var/lib/puppet'. - Keith On 30 Jan 2013 18:39, Raymond Regnier raymondregn...@gmail.com wrote: Hey all, this is my first post. I did try and search the group first before posting :) I've been using puppet for quit some time now and decide it was time to install 3.02.. So I blew a way my old installation of 2.6 and started from scratch. So to test I have two servers running on cent os 6.3. One's to be a master and one's a client On the client I have installed (yum install puppet) on the master I have installed (yum install puppet and yum install puppet-server) I kept my old puppet.conf for reference and determined that most of the configuration options are the same... ( just a basic test.. wanna run a couple modules to move files thats about it ) I have yum installed everything as root So when I start my master.. I'm able to start the puppet agent(service puppet start).(as root) but then when I try and start the master (service puppetmaster start) (as root) it says its starts.. but then when I do a service status it states puppet dead but pid file exists.. so then I go under /var/log/messages and I See this Starting puppet master version 3.0.2 reopening log files Could not run: Permission denied - /var/log/puppet/masterhttpd.log I also see this too Starting puppet client version 3.0.2 reopening log file failed to apply catalog connection refused - connect 2 could not send report - connect when I check /var/log/puppet/masterhttpd.log it shows masterhttpd.log as rw -rw puppet puppet.. So naturally I do a chmod 777 on it but it doesn't make a difference. any ideas what could be my issue? Never had anything like this on 2.6.. Thanks so much -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Puppet 3.02 issue
Try 'service puppetmaster restart' and see if you get any logs under /var/logs/puppet. If that doesn't work try 'service puppetmaster stop', delete the pid file and then run 'service puppet master start'. - Keith On 30 Jan 2013 18:53, Raymond Regnier raymondregn...@gmail.com wrote: Tried that.. so now its owned by puppet:puppet -rw-rw however it still gives me the same errror On Wednesday, January 30, 2013 1:49:36 PM UTC-5, Keith Burdis wrote: The puppet master runs as the puppet user so try 'chown -R puppet:puppet /etc/puppet /var/log/puppet /var/lib/puppet'. - Keith On 30 Jan 2013 18:39, Raymond Regnier raymond...@gmail.com wrote: Hey all, this is my first post. I did try and search the group first before posting :) I've been using puppet for quit some time now and decide it was time to install 3.02.. So I blew a way my old installation of 2.6 and started from scratch. So to test I have two servers running on cent os 6.3. One's to be a master and one's a client On the client I have installed (yum install puppet) on the master I have installed (yum install puppet and yum install puppet-server) I kept my old puppet.conf for reference and determined that most of the configuration options are the same... ( just a basic test.. wanna run a couple modules to move files thats about it ) I have yum installed everything as root So when I start my master.. I'm able to start the puppet agent(service puppet start).(as root) but then when I try and start the master (service puppetmaster start) (as root) it says its starts.. but then when I do a service status it states puppet dead but pid file exists.. so then I go under /var/log/messages and I See this Starting puppet master version 3.0.2 reopening log files Could not run: Permission denied - /var/log/puppet/masterhttpd.**log I also see this too Starting puppet client version 3.0.2 reopening log file failed to apply catalog connection refused - connect 2 could not send report - connect when I check /var/log/puppet/masterhttpd.**log it shows masterhttpd.log as rw -rw puppet puppet.. So naturally I do a chmod 777 on it but it doesn't make a difference. any ideas what could be my issue? Never had anything like this on 2.6.. Thanks so much -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@**googlegroups.com. To post to this group, send email to puppet...@googlegroups.com. Visit this group at http://groups.google.com/**group/puppet-users?hl=enhttp://groups.google.com/group/puppet-users?hl=en . For more options, visit https://groups.google.com/**groups/opt_outhttps://groups.google.com/groups/opt_out . -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Puppet 3.02 issue
Do the parent directories - /etc, /var, /var/log etc have 755 permissions? Perhaps the puppet user can't access one or more of these directories. - Keith On 30 Jan 2013 19:10, Raymond Regnier raymondregn...@gmail.com wrote: So I've changed all puppet directories and files to puppet:puppet.. Nothing gets written to the masterhttp.log under /var/log/puppet it shows the master as starting when I do servce master start however it says this Starting puppet master version 3.0.2 reopening log files Could not run: Permission denied - /var/log/puppet/masterhttpd. **log When I do a service puppetmaster status it states puppet dead but pid file exists. I manually delete the pid file and it does the same thing On Wednesday, January 30, 2013 2:00:27 PM UTC-5, Keith Burdis wrote: Try 'service puppetmaster restart' and see if you get any logs under /var/logs/puppet. If that doesn't work try 'service puppetmaster stop', delete the pid file and then run 'service puppet master start'. - Keith On 30 Jan 2013 18:53, Raymond Regnier raymond...@gmail.com wrote: Tried that.. so now its owned by puppet:puppet -rw-rw however it still gives me the same errror On Wednesday, January 30, 2013 1:49:36 PM UTC-5, Keith Burdis wrote: The puppet master runs as the puppet user so try 'chown -R puppet:puppet /etc/puppet /var/log/puppet /var/lib/puppet'. - Keith On 30 Jan 2013 18:39, Raymond Regnier raymond...@gmail.com wrote: Hey all, this is my first post. I did try and search the group first before posting :) I've been using puppet for quit some time now and decide it was time to install 3.02.. So I blew a way my old installation of 2.6 and started from scratch. So to test I have two servers running on cent os 6.3. One's to be a master and one's a client On the client I have installed (yum install puppet) on the master I have installed (yum install puppet and yum install puppet-server) I kept my old puppet.conf for reference and determined that most of the configuration options are the same... ( just a basic test.. wanna run a couple modules to move files thats about it ) I have yum installed everything as root So when I start my master.. I'm able to start the puppet agent(service puppet start).(as root) but then when I try and start the master (service puppetmaster start) (as root) it says its starts.. but then when I do a service status it states puppet dead but pid file exists.. so then I go under /var/log/messages and I See this Starting puppet master version 3.0.2 reopening log files Could not run: Permission denied - /var/log/puppet/masterhttpd.**lo**g I also see this too Starting puppet client version 3.0.2 reopening log file failed to apply catalog connection refused - connect 2 could not send report - connect when I check /var/log/puppet/masterhttpd.**lo**g it shows masterhttpd.log as rw -rw puppet puppet.. So naturally I do a chmod 777 on it but it doesn't make a difference. any ideas what could be my issue? Never had anything like this on 2.6.. Thanks so much -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@**googlegroups.**com. To post to this group, send email to puppet...@googlegroups.com. Visit this group at http://groups.google.com/**group** /puppet-users?hl=enhttp://groups.google.com/group/puppet-users?hl=en . For more options, visit https://groups.google.com/**grou**ps/opt_outhttps://groups.google.com/groups/opt_out . -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@**googlegroups.com. To post to this group, send email to puppet...@googlegroups.com. Visit this group at http://groups.google.com/**group/puppet-users?hl=enhttp://groups.google.com/group/puppet-users?hl=en . For more options, visit https://groups.google.com/**groups/opt_outhttps://groups.google.com/groups/opt_out . -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https
Re: [Puppet Users] Cron job based on gateway
Here's one way: 1) Install the erwbgy/system module: # puppet module install erwbgy/system 2) Configure a custom fact using facter_dot_d for the default gateway: include system::schedules $config = { 'default_route' = { 'type' = 'script', 'value' = #!/bin/bash\nprintf default_route=; /sbin/ip route show | /usr/bin/perl -ane 'print \$F[2] if /^default /o', } } class { '::system::facts': config = $config, } 3) Create the cron job using this custom fact: cron { 'mycron': command = /usr/bin/ELFexecutable -g ${default_route}, hour= 1, minute = 1, } - Keith On 29 January 2013 14:12, Balasubramaniam Natarajan bala150...@gmail.comwrote: Hi Is there a way for puppet to create cron job on each of my node based on my gateway's IP ? bala@bala-desktop:~$ route -n Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface 10.0.2.00.0.0.0 255.255.255.0 U 1 00 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 00 eth0 0.0.0.0 10.0.2.20.0.0.0 UG0 00 eth0 bala@bala-desktop:~$ For example if my gateway is 10.0.2.2 then I need to set up a cron job like the following, with my gateway being a parameter which I pass to my ELFexecutable 1 1 * * * /usr/bin/ELFexecutable -g 10.0.2.2 For now I can do it to a extent, please let me know if I am on the correct path ? Or is there a better way to do it, currently when I list all the facter I don't see any with the gateway address. -- Regards, Balasubramaniam Natarajan www.blog.etutorshop.com -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Extending a standard type
You can set the default values to undef and then the standard user type will use its defaults (if any). It usually makes sense to default the ensure parameter to 'present' though because if it is undef then nothing will happen: define site::user ( $ensure = 'present', $comment = undef, $home = undef, $password = undef, ) { user { $title: ensure = $ensure, comment = $comment, home = $home, password = $password, } ... } Note that $name and $title are the same thing so you probably shouldn't specify a value for $name. - Keith On 27 January 2013 00:55, Matthew Pounsett matt.pouns...@gmail.com wrote: I'm trying to extend the standard 'user' type to add maintenance of some of the contents of a user's home directory, and I'm trying to avoid creating an entirely new custom type if I can. The approach I'm taking is to create a site::user defined type which in turns calls the standard user type. I'm having a problem figuring out how to manage the optional parameters. The most likely path seems to be something like this (simplified for example): define site::user ( $comment, $ensure, $home, $name = $title, $password, ) { user { $title: comment = $comment, ensure = $ensure, home = $home, name = $name, password = $password, } } The problem with this, of course, is that the parameters to site::user aren't optional, and I'd like them to be. I've tried setting their defaults to null strings, but I get errors about reassigning variables if I do that. Of course, this would be even better.. but doesn't appear to be a valid syntax in puppet: define site::user ( $**args ) { user { $title: $args } } This seems to me to be the sort of thing that'd be in a puppet cookbook, but google hasn't shown me any useful docs or examples for what I'm trying to do. Does this approach even make sense, or is there a better way? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Puppet issues
When you specify include sysctl then Puppet includes the sysctl class and this class only ensures that the /etc/sysctl.conf file exists: class sysctl { file { /etc/sysctl.conf: ensure = present, owner = root, group = root, mode = 0644, } } which it likely already does so Puppet does nothing. Your users class calls some of your defined types so you see Puppet creating resources. I expect you want to create some of your sysctl defined types in your sysctl class as well. You can supply --debug command-line option to see what Puppet is doing under the hood. - Keith On 29 January 2013 06:05, linuxhack2...@gmail.com wrote: Hi, I am newbie in puppet and just learning the things. I have created the module to create users which is worked great. But I have created another one for sysctl which doesn't updated on agent server and as well on the puppet master itself. Working for users add: = [root@puppet ~]# cat /etc/puppet/manifests/classes/**users.pp class users { users::add { testsudo: username= 'testsudo', comment = 'Sudo Testing', shell = '/bin/bash', password_hash = '$1$ULu2WAcE$k6/**d5orSPRxsJWDhlvEEf.' } users::add { testing: username= 'testing', comment = 'Sudo Testing', shell = '/bin/bash', password_hash = '$1$ULu2WAcE$k6/**d5orSPRxsJWDhlvEEf.' } } define users::add($username, $comment, $shell, $password_hash) { user { $username: ensure = 'present', home = /home/${username}, comment = $comment, shell = $shell, managehome = 'true', password = $password_hash, } } = Not working sysctl: = [root@puppet ~]# cat /etc/puppet/manifests/classes/**sysctl.pp class sysctl { file { /etc/sysctl.conf: ensure = present, owner = root, group = root, mode = 0644, } } define sysctl::settings ($ensure=present, $source=, $content=) { $sysctl_file = /etc/sysctl.conf exec { reload-sysctl-settings: command = /sbin/sysctl -p ${sysctl_file}, require = File[$sysctl_file], subscribe = [ File[$sysctl_file], File[/etc/sysctl.conf], ], refreshonly = true, } if $source { file { $sysctl_file: ensure = $ensure, source = $source, owner = root, group = root, mode = 0644, notify = Exec[reload-sysctl-settings]**, } } if $content { file { $sysctl_file: ensure = $ensure, content= ${content}, owner = root, group = root, mode = 0644, notify = Exec[reload-sysctl-settings]**, } } } define sysctl::lvs_direct_routing ($ensure=present) { sysctl::settings { lvs-direct-routing: priority = $priority, ensure = $ensure, source = puppet://puppet.domain.com/**files/direct-routing.confhttp://puppet.domain.com/files/direct-routing.conf , } } define sysctl::tcp_performance ($ensure=present) { sysctl::settings { tcp-performance: priority = $priority, ensure = $ensure, source = puppet://puppet.domain.com/**files/performance.confhttp://puppet.domain.com/files/performance.conf , } } === site.pp file: === [root@puppet ~]# cat /etc/puppet/manifests/site.pp import classes/* node default { include users include sysctl } node test { include users include sysctl } node 'server.domain.co' inherits test { } node 'shiva.domain2.co' inherits test { } If I run the command puppetd --server puppet.domain.com --waitforcert 60 --test from agent then it creates users but it doesn't update anything about sysctl and even it doesn't throw any errors too. Even I have tried to execute the command puppet -tv on puppet master itself which has the same issue. May I know where I am mistaking with sysctl? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com.