[Puppet Users] Issue with package provider dnfmodule

2021-07-22 Thread 'Christian Masopust' via Puppet Users 
Hi guys,

 

I'm using dnfmodule provider to enable a module on my CentOS 8 systems:

 

ensure_packages( ['redis:6'], { provider => dnfmodule, ensure => present,
enable_only => true } )

 

I would expect that this enables the module at first run and then it leaves
it untouched, but what I see at any run is
that it will be "updated" each time:

 

Notice: /Stage[main]/Gt_redis/Package[redis:6]/ensure: created (corrective)

 

Debug output of the  puppet run:

 

Info: /Package[redis:6]: Starting to evaluate the resource (275 of 506)

Debug: Executing: '/usr/bin/dnf module list -d 0 -e 1'

Debug: Executing: '/usr/bin/dnf module enable -d 0 -e 1 -y redis:6'

Notice: /Stage[main]/Gt_redis/Package[redis:6]/ensure: created (corrective)

Debug: /Package[redis:6]: The container Class[Gt_redis] will propagate my
refresh event

Info: /Package[redis:6]: Evaluated in 7.61 seconds

 

 

So, is this an issue in puppet? Or is my resource configuration wrong?

 

Thanks,

Christian

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/000201d77f83%244eb1afb0%24ec150f10%24%40chello.at.

[Puppet Users] Override default schedule for all resources

2021-07-06 Thread 'Christian Masopust' via Puppet Users 
Hi puppet users,

 

we have a daily planned maintenance at 5am on our puppet server which means
that during that time

it's not available for our agents.

 

I'd like to avoid that the agents are trying to connect to the puppetserver
during that time.

 

My first idea was to use schedules, but that would mean to define the
schedule for each and every resource,
which definitly would be painful :)

 

So the next idea was to override the default schedule "puppet".   Does
anyone of you know if that's possible?

Or do you have other/better ideas how I could handle this?

 

Thanks,

Christian

 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/002301d77180%242f22c780%248d685680%24%40chello.at.

[Puppet Users] Re: Unknown resource type after Upgrade

2018-09-28 Thread Christian Reiß 
Hey,

thank you-- 
that clears that up. Seems like time will solve the issue; postponing the 
update for now.

Am Donnerstag, 27. September 2018 11:14:19 UTC+1 schrieb Christian Reiß:
>
> Hey folks,
>
> I am currently upgrading to 6.x on a test setup using my live puppet code; 
> trying to get it to work with 6.x.
> One weird issue I am getting is that alle default definitions (upper case 
> classes) are faulting:
>
> Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
> Server Error: Evaluation Error: Resource type not found: Nagios_service (
> file: /etc/puppetlabs/code/environments/production/modules/pn_icinga/
> manifests/client/checks.pp, line: 83, column: 3) on node outleapt.test
> Warning: Not using cache on failed catalog
> Error: Could not retrieve catalog; skipping run
>
>
>
> The corresponding manifest looks like this:
>
> Nagios_service {
> check_period  => '24x7',
> ensure=> $::pn_icinga::client::installed,
> host_name => $::trusted['certname'],
> initial_state => 'o',
> max_check_attempts=> '3',
> notification_interval => '5',
> notification_options  => 'w,u,c,r',
> notification_period   => $notification_period,
> notifications_enabled => '0',
> [...]
> }
>
> Did I miss a regression somewhere?
> Any help is greatly appreciated!
>
> -Chris.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/8a5b4fed-cf93-4c8a-8652-5fc3222952c0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Puppetserver does not auto-load.

2018-09-27 Thread Christian Reiß 
I have a wierd question:

On a fresh Server (Centos 7, PuppetServer 6) with only one nagios class 
(with nagios_core from forge I am getting this error:

Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
Server Error: Evaluation Error: Error while evaluating a Resource 
Statement, Could not autoload puppet/type/nagios_service: no such file to 
load -- puppet/util/nagios_maker (file: 
/etc/puppetlabs/code/environments/production/manifests/site.pp, line: 4, 
column: 3) on node hyposulphuric

If I do a puppet apply however, the same site.pp applies correctly without 
issues (well, it complains about exporting ressources not possible). Why 
would a puppet apply correctly load the puppet forge module when then 
puppet server (puppet agent --test) does not and yields above error?

I have been hitting my head against the issue all day.
Any help is greatly appreciated.

-Chris.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/b0c75235-39ab-434d-850a-84912a6a1fb3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Unknown resource type after Upgrade

2018-09-27 Thread Christian Reiß 
Hey Rafael,

thanks for your reply. Ironically I was readind the deprecated logs and 
seem to have missed that, After doing a puppet module install the error 
changed to

Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
Server Error: Evaluation Error: Error while evaluating a Type-Name, Could 
not autoload puppet/type/nagios_service: no such file to load -- puppet/util
/nagios_maker (file: /etc/puppetlabs/code/environments/production/modules/
pn_icinga/manifests/client/raid.pp, line: 15, column: 3) on node outleapt.
test

Mind pushing me once more in the right direction?

-Chris.


Am Donnerstag, 27. September 2018 11:25:34 UTC+1 schrieb Rafael Tomelin:
>
> Hi dear,
>
> This link the puppet6 release notes.
> https://puppet.com/docs/puppet/6.0/release_notes.html#deprecations
>
>
>- The Nagios types no longer ship with Puppet, and are now available 
>as the puppetlabs/nagios_core module from the Forge.
>
>
> Em qui, 27 de set de 2018 às 07:14, Christian Reiß  > escreveu:
>
>> Hey folks,
>>
>> I am currently upgrading to 6.x on a test setup using my live puppet 
>> code; trying to get it to work with 6.x.
>> One weird issue I am getting is that alle default definitions (upper case 
>> classes) are faulting:
>>
>> Error: Could not retrieve catalog from remote server: Error 500 on SERVER
>> : Server Error: Evaluation Error: Resource type not found: Nagios_service 
>> (file: /etc/puppetlabs/code/environments/production/modules/pn_icinga/
>> manifests/client/checks.pp, line: 83, column: 3) on node outleapt.test
>> Warning: Not using cache on failed catalog
>> Error: Could not retrieve catalog; skipping run
>>
>>
>>
>> The corresponding manifest looks like this:
>>
>> Nagios_service {
>> check_period  => '24x7',
>> ensure=> $::pn_icinga::client::installed,
>> host_name => $::trusted['certname'],
>> initial_state => 'o',
>> max_check_attempts=> '3',
>> notification_interval => '5',
>> notification_options  => 'w,u,c,r',
>> notification_period   => $notification_period,
>> notifications_enabled => '0',
>> [...]
>> }
>>
>> Did I miss a regression somewhere?
>> Any help is greatly appreciated!
>>
>> -Chris.
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to puppet-users...@googlegroups.com .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/puppet-users/bde5ac1d-f1ef-4454-885d-b499f22062c8%40googlegroups.com
>>  
>> <https://groups.google.com/d/msgid/puppet-users/bde5ac1d-f1ef-4454-885d-b499f22062c8%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
> -- 
>
> Atenciosamente,
>
> Rafael Tomelin
>
> skype: rafael.tomelin
>
> E-mail: rafael@gmail.com 
>
> RHCE  - Red Hat Certified Engineer
> PPT-205 - Puppet Certified Professional 2017
> Zabbix- ZABBIX Certified Specialist
> LPI3 
> ITIL v3
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/c2b29923-114f-4a82-8a66-cba5e428ca4b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Unknown resource type after Upgrade

2018-09-27 Thread Christian Reiß 
Hey folks,

I am currently upgrading to 6.x on a test setup using my live puppet code; 
trying to get it to work with 6.x.
One weird issue I am getting is that alle default definitions (upper case 
classes) are faulting:

Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
Server Error: Evaluation Error: Resource type not found: Nagios_service (
file: /etc/puppetlabs/code/environments/production/modules/pn_icinga/
manifests/client/checks.pp, line: 83, column: 3) on node outleapt.test
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run



The corresponding manifest looks like this:

Nagios_service {
check_period  => '24x7',
ensure=> $::pn_icinga::client::installed,
host_name => $::trusted['certname'],
initial_state => 'o',
max_check_attempts=> '3',
notification_interval => '5',
notification_options  => 'w,u,c,r',
notification_period   => $notification_period,
notifications_enabled => '0',
[...]
}

Did I miss a regression somewhere?
Any help is greatly appreciated!

-Chris.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/bde5ac1d-f1ef-4454-885d-b499f22062c8%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Question Exec resource

2016-08-01 Thread Christian Charpentier 
Yes the command exit with succes from a root shell. 
I'm gonna try to use exec environment parameter.

Thx

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/b1861de2-c520-4b1a-94a8-c1419d6f7ef4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Question Exec resource

2016-07-28 Thread Christian Charpentier 
Thnaks for your answer Martin.

Here is the beginning of the stack:

 [0;36mDebug: Executing '/bin/sh -c source /etc/profile && 
/opt/openam/bin/openam_install.sh install cm > /opt/openam/install.log' [0m

 [0;36mDebug: /Stage[main]/Openam::Config/Exec[openam_install]/returns: 
Certificate was added to keystore [0m
 [0;36mDebug: /Stage[main]/Openam::Config/Exec[openam_install]/returns: 
Certificate stored in file  [0m
 [0;36mDebug: /Stage[main]/Openam::Config/Exec[openam_install]/returns: 
Certificate was added to keystore [0m
 [0;36mDebug: /Stage[main]/Openam::Config/Exec[openam_install]/returns: 
java.net.ConnectException: Connection refused [0m
 [0;36mDebug: /Stage[main]/Openam::Config/Exec[openam_install]/returns: 
at java.net.PlainSocketImpl.socketConnect(Native Method) [0m



Could it be an SSL connection issue instead of a path issue with the java 
-jar command?

About the idenpotency, by using the creates attribute normally ensure the 
exec command will be executed only if the file/directory doesn't exist. So 
i should not have any problem with that.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/cf796f0d-7ddb-4ff5-bbfb-5ce67aeae565%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Question Exec resource

2016-07-27 Thread Christian Charpentier 
Hi,

I'm trying to install openam with puppet. To do this i'm using an exec 
resource:

exec { 'openam_install':
  command  => "source /etc/profile && /opt/openam/bin/openam_install.sh install 
${::env} > /opt/openam/install.log",
  provider => shell,
  creates  => '/var/lib/tomcat/webapps/sso',
}


The script openam_install.sh exit with an error code:

Debug: /Stage[main]/Openam::Config/Exec[openam_install]/returns:ERROR: 
command execution failed at line 247 !

Error: source /etc/profile && /opt/openam/bin/openam_install.sh install cm 
returned 1 instead of one of [0]

Error: /Stage[main]/Openam::Config/Exec[openam_install]/returns: change 
from notrun to 0 failed: source /etc/profile && 
/opt/openam/bin/openam_install.sh install cm returned 1 instead of one of 
[0]


Line 247 i have this:


java -jar 
/opt/openam/configurator/openam-configurator-tool-${openAMversion}.jar -f 
/opt/openam/configurator/openam.conf

echo "Restarting OpenAM"
service tomcat restart


The java -jar command fail but i can't figure out why because if i try to 
launch this command directly in a shell it works.


Any help would be appreciated.


Thanks.


Chris

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/c0c81a61-b7cc-46e8-b9cf-63020f7598fd%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: how to trigger puppet run on agents remotely

2015-11-30 Thread Christian Flamm 
Very simple, yet helpful: https://github.com/alcCapone/doll

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/a4772ecf-d499-4ac4-9f0a-025044ec166e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Anonymous block scope?

2015-08-28 Thread Christian Flamm 
Thanks for clearing this up!

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/b42ee960-9794-4821-b7fa-f5d4a578cab2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Anonymous block scope?

2015-08-27 Thread Christian Flamm 
Not proud of this idea, but...

if true {
...
}

?

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/871d73d6-7002-4b3a-a439-db8fe00c1391%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Anonymous block scope?

2015-08-27 Thread Christian Flamm 
Yes
Am 27.08.2015 13:07 schrieb "R.I.Pienaar" :

>
>
> - Original Message -
> > From: "Christian Flamm" 
> > To: "puppet-users" 
> > Sent: Thursday, August 27, 2015 12:03:11 PM
> > Subject: [Puppet Users] Anonymous block scope?
>
> > Hi,
> > is there a way to have anonymous block scope in puppet? In a couple of
> > languages you can simply create limited scope by opening and closing
> curly
> > braces {...}
> >
> > I'd like to use this to limit the area of effect of e.g. resource default
> > statements
> > (https://docs.puppetlabs.com/puppet/latest/reference/lang_defaults.html
> ).
>
> Puppet 4 address most of this, in 3 not so much.
>
> Are you asking about 3?
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Puppet Users" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/puppet-users/7M61d84szdQ/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/1046405241.85644.1440673655277.JavaMail.zimbra%40devco.net
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CANzp%2BZN1KwN5vy8SZ_XO3tjwHMWWZ6Rs9ibGLCJQDYfD9Zvo1A%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Anonymous block scope?

2015-08-27 Thread Christian Flamm 
Hi,
is there a way to have anonymous block scope in puppet? In a couple of 
languages you can simply create limited scope by opening and closing curly 
braces {...}

I'd like to use this to limit the area of effect of e.g. resource default 
statements 
(https://docs.puppetlabs.com/puppet/latest/reference/lang_defaults.html).

Thanks in advance,
Christian

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/452b2ddf-847d-418b-aeef-39f8b84a1e08%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: Puppet agent run runs slowly

2015-08-27 Thread Christian Flamm 
I most sincerely love you! 
Thank you, thank you, thank you!!!

Am Mittwoch, 26. August 2015 19:26:31 UTC+2 schrieb Christopher Wood:
>
> On Wed, Aug 26, 2015 at 05:13:19PM +0200, Constantin Wolber wrote: 
> >Hi, 
> >after some more searching and investigating i came to the solution 
> that 
> >the state.yaml file is the problem. The affected system contained a 
> >state.yaml file which was 147M big. So i deleted the file and after 
> the 
> >next run it was down to 347K and no performance issues occurred. 
> >Any idea what could have caused the file to get that big? 
> >Regards 
> >Constantin 
>
> I recall a thread way back where somebody was purging a growing directory 
> with puppet, I wonder if this is the same issue where the list of resources 
> to be deleted are appended to state.yaml ad infinitum. Maybe save 
> state.yaml backups and diff them? 
>
> Similar: 
>
> https://ask.puppetlabs.com/question/6544/state-file-constantly-growing/ 
>
> https://groups.google.com/forum/#!topic/puppet-users/Laj0WFBmdsU 
>
> >2015-08-26 16:56 GMT+02:00 Constantin Wolber 
> ><[1]constant...@gmail.com >: 
> > 
> >  Hi, 
> >  i tried the performance profiler, but it did not really help me 
> figuring 
> >  things out.  
> > 
> >  2015-08-26 14:48:21 + Puppet (debug): Storing state 
> > 
> >  2015-08-26 14:55:23 + Puppet (debug): Stored state in 422.03 
> seconds 
> > 
> >  What I'm interested in is how i can improve performance of that 
> step.  
> > 
> >  2015-08-25 18:14 GMT+02:00 kaustubh chaudhari <[2]kaus...@gmail.com 
> >: 
> > 
> >Hi, 
> > 
> >You can run profiler to check who and what is taking time in 
> detail. 
> > 
> >[3]https://puppetlabs.com/blog/tune-puppet-performance-profiler 
> > 
> >-Kaustubh 
> > 
> >On Tuesday, August 25, 2015 at 3:49:28 AM UTC-4, Constantin 
> Wolber 
> >wrote: 
> > 
> >  Hi, 
> >  i searched quite a bit with google but cannot really find an 
> idea of 
> >  what to change. 
> >  If i do a puppet agent run on a few of my managed servers i get 
> the 
> >  following results: 
> > 
> >  Notice: Finished catalog run in 486.54 seconds 
> > 
> >  Changes: 
> > 
> >  Events: 
> > 
> >  Resources: 
> > 
> >  Total: 2304 
> > 
> >  Time: 
> > 
> > Filebucket: 0.00 
> > 
> >Apt key: 0.00 
> > 
> > Anchor: 0.00 
> > 
> >   Schedule: 0.00 
> > 
> >  Group: 0.00 
> > 
> >   Exec: 0.00 
> > 
> >   User: 0.00 
> > 
> > Ssh authorized key: 0.00 
> > 
> >Package: 0.39 
> > 
> >   Last run: 1440488641 
> > 
> >Service: 2.71 
> > 
> > Config retrieval: 2.91 
> > 
> >   File: 22.60 
> > 
> >  Total: 28.62 
> > 
> >  Version: 
> > 
> > Config: 1440488048 
> > 
> > Puppet: 3.8.1 
> > 
> >  The summarized view looks good but it seems puppet spends a lot 
> of 
> >  time in different other places that don't count for the 
> summarize. 
> > 
> >  1. Debug: Loaded state in 119.18 seconds 
> > 
> >  2. Debug: Loaded state in 156.15 seconds 
> > 
> >  3. Debug: Stored state in 252.81 seconds 
> > 
> >  What is causing those excessive times for Loading and Storing 
> the 
> >  state. I did not really find a lot of hints on that topic.  
> > 
> >  Due to some ideas i already changed most of my recurse options 
> for 
> >  file type to recurse => "remote" 
> > 
> >  I also found the hint to use checksum => "none" but not sure 
> about 
> >  the effect of that change.  
> > 
> >  Any hints are welcome 
> > 
> >  Regards 
> > 
> >  Constantin 
> > 
> >-- 
> >You received this message because you are subscribed to a topic 
> in the 
> >Google Groups "Puppet Users" group. 
> >To unsubscribe from this topic, visit 
> >[4]
> https://groups.google.com/d/topic/puppet-users/BzfsN9axWss/unsubscribe. 
> >To unsubscribe from this group and all its topics, send an email 
> to 
> >[5]puppet-users...@googlegroups.com . 
> >To view this discussion on the web visit 
> >[6]
> https://groups.google.com/d/msgid/puppet-users/05bacd31-8a6c-4ab5-bdd3-a323f12ff249%40googlegroups.com.
>  
>
> >For more options, visit [7]https://groups.google.com/d/optout. 
> > 
> >-- 
> >You received this message because you are subscribed to the Google 
> Groups 
> >"Puppet Users" group. 
> >To unsubscribe from this group and stop receiving emails from it, 
> send an 
> >email to [8]puppet-users...@googlegroups.com . 
> >To

[Puppet Users] Problems with a resource default definition

2015-03-05 Thread Christian Hase 


Hi folks,

i want to declare a resource default globally for all available classes. I 
searched google and found this site:

https://ask.puppetlabs.com/question/396/howto-force-systemd-as-service-provider-globally/

These guys suggest this solution:

Service {
provider => systemd,
  }

*If you write this in a class, the resource default will only be valid 
> within that class, so if you want to have a global default you should 
> probably place that into your site.pp file.*



So i tested it. I wrote in my "$environment/manifests/site.pp" under 
default:

*node default {*
*  if $::operatingsystem == 'Sles12.0' {*
 *Service {*
*provider => "systemd",*
* }*
* notify{"SLES 12: Systemd als Service-Provideer":}*
*  }*
*}*


But i didn't see anything in the debug output on my testystem.

<https://lh3.googleusercontent.com/-mOSugk7Ff1o/VPRxuSiNCXI/AA0/wD6FxIkp5bg/s1600/2015-03-02%2B15_19_21-mgtwts001%2B-%2Bmgtwts001%2B-%2BRemotedesktopverbindung.png>












The i created a class called "services::providerdefault" which had the same 
content like the site.pp in the above. Just the line "node.." was exchanged 
with "class services::providerdefault {" so to get a class.

I made a requirement in a class for autofs and i got this output.

<https://lh6.googleusercontent.com/-tDrB9y1ango/VPRypklDWHI/ABA/oxmiZ_ccZaU/s1600/require%2Bclass%2Bproviderdefault.png>


































Now i get the notify in this run But the service wants to check with 
chkconfig and thats wrong. I'm asuming now that my default definition is 
not typed the right way or in a wrong place.

When i declare the provider directly in the resource declaration its 
working.

Can someone tell me how i have to declare a resource default that it is 
working for i.e. 5 services wich i include in the nodedefinition ?


Thanks in Advance

Christian Hase (Yes thats my real name ^-^ its german and means rabbit)

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/086b09d9-ce52-41e7-aa85-1fd9ba533164%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Dallas Fort-Worth Puppet User Group

2015-02-27 Thread Brad Christian 
Hi, I've started the DFWPUG. Please go to 
http://www.meetup.com/Dallas-Fort-Worth-Puppet-User-Group  
<http://www.meetup.com/Dallas-Fort-Worth-Puppet-User-Group>for details, 
I'll be organizing a first meeting soon.

Brad Christian
@vhipster

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/b7c04dc2-df5c-4275-9509-8ac163eae74c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Unreported Windows nodes (Puppet 3.7.3, Exchange 2010)

2015-02-05 Thread Christian Koep 
This is what it looks like: http://i.imgur.com/Woxi68C.png



On Thu, Feb 5, 2015 at 11:27 PM, Rob Reynolds  wrote:

> On Tue, Feb 3, 2015 at 8:25 AM, cko  wrote:
>
>> Icacls: http://i.imgur.com/s1xQy65.png
>>
>
> Can you run one against the last_run_report.yaml and the lock file (if
> still present)?
>
> I'm seeing a similar set of permissions for var/state but want to verify
> the permissions on the files (as they can be different).
>
>
>> I will upgrade to Puppet 3.7.3 this week an see if that fixed the issue.
>>
>>
>> On Monday, February 2, 2015 at 9:49:01 PM UTC+1, Rob Reynolds wrote:
>>>
>>>
>>>
>>> On Mon, Feb 2, 2015 at 5:05 AM, cko  wrote:
>>>
 I just noticed that the affected agents do not update the files located
 in "C:\ProgramData\PuppetLabs\puppet\var\state".

 Also interesting: The "agent_catalog_run.lock" file is not properly
 removed after a puppet run.

 See the timestamps on the files ( http://i.imgur.com/qE87OB5.png )

>>>
>>>
>>> Can you give me an icacls on that folder? icacls
>>> C:\ProgramData\PuppetLabs\puppet\var\state. Also I wonder if you have a
>>> connection issue in sending the report to the master? From the gist I
>>> didn't see an issue jump out at me though.
>>>
>>> Also, 3.7.4 just came out. I don't know for sure if it will resolve the
>>> issues or not.
>>>
>>>



 On Monday, December 15, 2014 at 5:24:55 PM UTC+1, Rob Reynolds wrote:
>
>
>
> On Sun, Dec 14, 2014 at 9:17 AM, cko  wrote:
>>
>> The Puppet Service is actually running.
>>
>> The eventlog shows records about successfully finished catalog runs.
>> All files in the C:\ProgramData\PuppetLabs\puppet\var\state
>> directory indicate that the puppet run finishes without problems.
>>
>> I suspect there is a problem with the submission of the report to the
>> puppet master unless the puppet run is triggered manually.
>>
>
> What user does the puppet agent service run under?
>
>
>
>>
>> That might be the reason they are marked "out of sync" in any
>> dashboard application (puppetdb, puppetexplorer, foreman).
>>
>>
>>
>>
>> On Sunday, December 14, 2014 4:48:59 AM UTC+1, Rob Reynolds wrote:
>>>
>>>
>>>
>>> On Tue, Dec 9, 2014 at 7:28 AM, cko  wrote:

 Hi,

 I'm currently having an issue with the Windows Server 2008R2 nodes
 in our Exchange 2010 environment.

 Since I upgraded the four nodes to Puppet 3.7.3 , they do not check
 in to the Puppetmaster via the Windows Service every 30 minutes like 
 all
 the other nodes do.

 Here is a gist of the output from "puppet agent -t --debug" that
 might help https://gist.github.com/anonymous/e972393ea742631ccaef

 Is there a problem in my environment or are there any known issues
 regarding this behavior?

>>>
>>> We are not aware of a known issue for this behavior. If you could
>>> check the eventlog and determine what issues it may be reporting?
>>>
  --
 You received this message because you are subscribed to the Google
 Groups "Puppet Users" group.
 To unsubscribe from this group and stop receiving emails from it,
 send an email to puppet-users...@googlegroups.com.
 To view this discussion on the web visit
 https://groups.google.com/d/msgid/puppet-users/4da95e8f-9c8f
 -4dca-a91d-dfae1ce1dd1d%40googlegroups.com
 
 .
 For more options, visit https://groups.google.com/d/optout.

>>>
>>>
>>> --
>>> Rob Reynolds
>>> Developer, Puppet Labs
>>>
>>> *Join us at **PuppetConf 2015, October 5-9 in Portland, OR - *
>>> http://2015.puppetconf.com/
>>> *Register early to save 40%!*
>>>
>>  --
>> You received this message because you are subscribed to the Google
>> Groups "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it,
>> send an email to puppet-users...@googlegroups.com.
>> To view this discussion on the web visit https://groups.google.com/d/
>> msgid/puppet-users/311eff85-ba40-42bf-a983-a363fe5a61d1%40goog
>> legroups.com
>> 
>> .
>>
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>
> --
> Rob Reynolds
> Developer, Puppet Labs
>
> *Join us at **PuppetConf 2015, October 5-9 in Portland, OR - *
> http://2015.puppetconf.com/
> *Register early to save 40%!*
>
  --
 You received this message because you are subs

Re: [Puppet Users] hiera variable problem

2014-08-07 Thread Christian Charpentier 
No, the command to get the hiera variable value (hiera nom) doesn't work.

The common.yaml file contents:

---
apache_packages_list:
 - apr-1.4.8
 - apr-devel-1.4.8
 - apr-util-1.5.2
 - apr-util-devel-1.5.2
 - distcache-1.4.5
 - distcache-devel-1.4.5
 - httpd-2.4.6
 - httpd-tools-2.4.6 
 - mod_ssl-2.4.6
 

classes: []

hiera_ressources_path: "/etc/puppet/hieradata"

nom: test

Regards,

Le jeudi 7 août 2014 15:23:01 UTC+2, Jose Luis Ledesma a écrit :
>
> Hi,
>
> What's the content of /etc/puppet/hieradata/common.yaml ?
>
> Does the hiera command line works?
> Something like:
> $ hiera nom
>
> Regards,
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/24a413db-919e-4da8-a08e-971fe87aa5ef%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] hiera variable problem

2014-08-07 Thread Christian Charpentier 
Hi,

I've been using hiera for several weeks now and all was working fine til 
few days ago when i started to get that kind of message:
Error: Could not retrieve catalog from remote server: Error 400 on SERVER: 
Could not find data item nom in any Hiera data file and no default supplied 
on node d0puppetclient.victor-buck.com
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run

So i tried to make a very simple test to check if the problem came from my 
last code changes and i'm still getting this message. I can't get hiera 
variable anymore.
Below the test i made:

*hiera.yaml*:
---
:backends:
  - yaml

:yaml:
  :datadir: /etc/puppet/hieradata

:hierarchy:
  - common


*site.pp*:
# /etc/puppet/manifests/site.pp

case $operatingsystem {
  'Solaris': { include role::solaris }
  'RedHat', 'CentOS': { include redhat::roles::common }
  /^(Debian|Ubuntu)$/: { include role::debian }
#  default: { include role::generic }
}

case $hostname {
  /^d0puppetclient/: { include test }
}


*test.pp*:
class test{

  $nom = hiera('nom')

file {"/root/test.txt":
ensure   => file,
source   => "/etc/puppet/test.txt.erb",
  }

}


*test.txt.erb*:
<%= nom %>

Any idea about to fix this?I thought this could be an file access right 
issue, so i tried to grante access on some files (755) and it's not 
working...
Thanks to those who 'll take time to read me and give me an answer :)

Christian

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/41e41e5f-7d26-46c4-9fe4-861b146c8f4f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Problem using hiera variable in templates

2014-06-30 Thread Christian Charpentier 
It was due to some kind of syntax error (= missing) :
<%=  scope.lookupvar('apache::config::servername') %> 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/f2fd38c8-f524-457d-9263-fd1a338c1a52%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Problem using hiera variable in templates

2014-06-24 Thread Christian Charpentier 
Hi,

I'm trying to use variables stored in hiera files in module templates. I 
read it's better to avoid to use hiera function in templates so i tried to 
get the hiera value in the config.pp manifest with a local variable.
Then to use the local variable in the template, but it doesn't work.

*common.yaml*

---
apache_packages_list:
 - apr-1.4.8
 - apr-devel-1.4.8
 - apr-util-1.5.2
 - apr-util-devel-1.5.2
 - distcache-1.4.5
 - distcache-devel-1.4.5
 - httpd-2.4.6
 - httpd-tools-2.4.6 
 - mod_ssl-2.4.6
 
accounts_conf_filename: accounts.victorbuckservices.com.conf
accounts_conf_balancer_filename: 
accounts.victorbuckservices.com.balancer.conf
certificate_filename: all.dev.victorbuckservices.com.crt
key_filename: all.dev.victorbuckservices.com.key


*ServerName: accounts.dev.victorbuckservices.comServerAdmin: 
t...@victorbuckservices.com*
SSLCertificateFile: /etc/pki/tls/certs/all.dev.victorbuckservices.com.crt
SSLCertificateKeyFile: 
/etc/pki/tls/private/all.dev.victorbuckservices.com.key
  

*config.pp*

class apache::config { 
$accounts_conf_filename= hiera('accounts_conf_filename')
$accounts_conf_balancer_filename  = 
hiera('accounts_conf_balancer_filename')
$crt_filename = 
hiera('certificate_filename')
$key_filename= hiera('key_filename')

   
* $servername = hiera('ServerName')$serveradmin = hiera('ServerAdmin')*

file {"/etc/httpd/conf.d/$accounts_conf_filename":
ensure   => file,
content  => 
template("/etc/puppet/hieradata/$accounts_conf_filename.erb"),
}
  
file {"/etc/httpd/conf.d/$accounts_conf_balancer_filename":
ensure   => file,
content  => 
template("/etc/puppet/hieradata/$accounts_conf_balancer_filename"),
}

file {'/etc/pki/tls/certs/$crt_filename':
ensure   => file,
content  => template("/etc/puppet/hieradata/$crt_filename"),
}

file {'/etc/pki/tls/private/$key_filename':
ensure   => file,
content  => template("/etc/puppet/hieradata/$key_filename"),
}

}

*accounts.victorbuckservices.com.conf.erb*


   ServerName <% ServerName =  
scope.lookupvar('apache::config::servername') %> 
ServerAdmin <% ServerAdmin = 
scope.lookupvar('apache::config::serveradmin') %> 

I also tried syntax as follow:
ServerName <%= scope.function_hiera('ServerName') %>
ServerName <%= @servername %> 

But i doesn't works neither.


Any idea or suggestion to make this right?

Cheers,
Christian

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/505d7ccb-20f2-4af6-a2f9-66a03535e495%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Puppet + hiera file backend problem

2014-06-10 Thread Christian Charpentier 
I have a file accounts.victorbuckservices.com.conf and not an .erb template.
It seems a little weird to me that we have to use template function either 
for .erb template or file backend.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/cf5550d3-2625-4825-9558-185490078b05%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Puppet + hiera file backend problem

2014-06-06 Thread Christian Charpentier 
Hi,

I'm using hiera with puppet and i want to store my resources out from the 
modules, in hieradata directory.

Here is my hiera.yaml file:

---
:hierarchy:
- common
#- %{operatingsystem}
- %{::hostname}

:backends:
- yaml
- file

:yaml:
:datadir: '/etc/puppet/hieradata'

:file:
:datadir: '/etc/puppet/hieradata'

:logger: console

The common.yaml file:

---
apache_packages_list:
 - apr-1.4.8
 - apr-devel-1.4.8
 - apr-util-1.5.2
 - apr-util-devel-1.5.2
 - distcache-1.4.5
 - distcache-devel-1.4.5
 - httpd-2.4.6
 - httpd-tools-2.4.6 
 - mod_ssl-2.4.6
 
accounts_conf_filename: accounts.victorbuckservices.com.conf
accounts_conf_balancer_filename: 
accounts.victorbuckservices.com.balancer.conf
certificate_filename: all.dev.victorbuckservices.com.crt
key_filename: all.dev.victorbuckservices.com.key


My site.pp call a role which call itself a profile which uses a module to 
install apache.
Here is the config..p of apache module:

class apache::config { 
$accounts_conf_filename   = hiera('accounts_conf_filename')
$accounts_conf_balancer_filename  = 
hiera('accounts_conf_balancer_filename')
$crt_filename = hiera('certificate_filename')
$key_filename = hiera('key_filename')

file {'/etc/httpd/conf.d/accounts.victorbuckservices.com.conf':
ensure   => file,
content  => template($accounts_conf_filename),
}
  
file {'/etc/httpd/conf.d/$accounts_conf_balancer_filename':
ensure   => file,
content  => template($accounts_conf_balancer_filename),
}

file {'/etc/pki/tls/certs/$crt_filename':
ensure   => file,
content  => template($crt_filename),
}

file {'/etc/pki/tls/private/$key_filename':
ensure   => file,
content  => template($key_filename),
}

}

I put data and resource files in /etc/puppet/hieradata/ and when i use the 
command line on the client:
puppet agent --server=d0puppet.victor-buck.com --debug --verbose --noop 
--test 
I got the following error :
Error 400 on Server: could not find template 
'accounts.victorbuckservices.com.conf' at 
/etc/puppet/modules/apache/manifests/config.pp:9 on node puppetclient

Someone to help to figure out what happen?
If there are some information missing to make easier to understand what's 
going on feel free to ask me.

Thanks.

Christian

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/00bf537c-6ac1-4351-b4c3-e4f99bdda189%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Error 400 on SERVER : could not find class xxx for yyy on node yyy

2014-06-02 Thread Christian Charpentier 
Thanks a lot Jose, i appreciate your help :)

Le vendredi 30 mai 2014 15:53:42 UTC+2, Jose Luis Ledesma a écrit :
>
> Class vstar::apache  should be in
>
> /etc/puppet/modules/vstar/manifests/apache.pp
>
> To allow autoloader find it.
>
> Regards,
> El 30/05/2014 15:48, "Christian Charpentier"  > escribió:
>
>> Hi,
>> I'm statrting using puppet with role/profile pattern and i'm facing a 
>> problem.
>> I use puppet 3.4.3 with a master running on red hat 2.6 and a client on a 
>> local VM centOS 6.5.
>> When i try to test my code with the command above i got an error : Error 
>> 400 on SERVER could not find class vstar::apache for puppetclient on node 
>> puppet client.
>>
>> puppet agent --server=d0puppet.victor-buck.com --debug --verbose --noop 
>> --test 
>>
>>
>> Here is my puppet code :
>>
>> # /etc/puppet/manifests/site.pp
>> import "classes/*"
>>  
>> case $operatingsystem {
>> 'Solaris':  { include role::solaris }
>> 'RedHat', 'CentOS': { include role::redhat  }
>> /^(Debian|Ubuntu)$/:{ include role::debian  }
>> default:{ include role::generic }
>> }
>>
>> case $hostname {
>> /^puppetclient/:   { include vstar::roles::www }
>> }
>>
>> #/etc/puppet/modules/vstar/manifests/roles/www.pp
>> class vstar::roles::www { 
>>   include vstar::profiles::webserver
>>   include vstar::profiles::mailserver
>> }
>>
>> #/etc/puppet/modules/vstar/manifests/profiles/webserver.pp
>> class vstar::profiles::webserver { 
>>   include vstar::apache
>>   include common::postfix
>> }
>>
>> #/etc/puppet/modules/vstar/manifests/apache/manifests/init.pp
>> class vstar::apache { 
>>   include apache::install, apache::service
>> }
>>
>> I can't figure out the issue here. Any idea on the solution to fix this?
>> Any comment or idea is welcome.
>>
>> Thanks.
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to puppet-users...@googlegroups.com .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/puppet-users/75a4d45f-9259-40c9-887e-c717b0d67c94%40googlegroups.com
>>  
>> <https://groups.google.com/d/msgid/puppet-users/75a4d45f-9259-40c9-887e-c717b0d67c94%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/29dbf5fe-e3a3-4eae-91a6-338b2bc6b820%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Error 400 on SERVER : could not find class xxx for yyy on node yyy

2014-05-30 Thread Christian Charpentier 
Hi,
I'm statrting using puppet with role/profile pattern and i'm facing a 
problem.
I use puppet 3.4.3 with a master running on red hat 2.6 and a client on a 
local VM centOS 6.5.
When i try to test my code with the command above i got an error : Error 
400 on SERVER could not find class vstar::apache for puppetclient on node 
puppet client.

puppet agent --server=d0puppet.victor-buck.com --debug --verbose --noop 
--test 


Here is my puppet code :

# /etc/puppet/manifests/site.pp
import "classes/*"
 
case $operatingsystem {
'Solaris':  { include role::solaris }
'RedHat', 'CentOS': { include role::redhat  }
/^(Debian|Ubuntu)$/:{ include role::debian  }
default:{ include role::generic }
}

case $hostname {
/^puppetclient/:   { include vstar::roles::www }
}

#/etc/puppet/modules/vstar/manifests/roles/www.pp
class vstar::roles::www { 
  include vstar::profiles::webserver
  include vstar::profiles::mailserver
}

#/etc/puppet/modules/vstar/manifests/profiles/webserver.pp
class vstar::profiles::webserver { 
  include vstar::apache
  include common::postfix
}

#/etc/puppet/modules/vstar/manifests/apache/manifests/init.pp
class vstar::apache { 
  include apache::install, apache::service
}

I can't figure out the issue here. Any idea on the solution to fix this?
Any comment or idea is welcome.

Thanks.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/75a4d45f-9259-40c9-887e-c717b0d67c94%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Two (hopefuly minor) Questions (ip-array, line for several hosts)

2013-10-23 Thread christian . reiss . sg 
Hey folks,

that worked, thanks.

-Christian.

Am Donnerstag, 10. Oktober 2013 11:54:31 UTC+2 schrieb 
christian...@googlemail.com:
>
> Hey Folks,
>
> I have two question, which I hope are minor. First off I would like an 
> array with all IPs for a system. This would come in handy for sshkeys, 
> hosts and the likes.
>
> Second, and more important, I need to add a line into a file for every 
> host. To clarify here is an example:
>
> - I have 3 (theoretical) nameservers, which configs (zones) get 
> distributed over puppet.
> - I want, in each zonefile a line
>
> "mydomain.de. IN NS <$fqdn::dns::server>."
>
> Furthermore I want those lines purged if a NS does clean/deactivated.
>
>
> Thanks for your help in advance!
> -Christian.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Two (hopefuly minor) Questions (ip-array, line for several hosts)

2013-10-10 Thread christian . reiss . sg 
Hey Folks,

I have two question, which I hope are minor. First off I would like an 
array with all IPs for a system. This would come in handy for sshkeys, 
hosts and the likes.

Second, and more important, I need to add a line into a file for every 
host. To clarify here is an example:

- I have 3 (theoretical) nameservers, which configs (zones) get distributed 
over puppet.
- I want, in each zonefile a line

"mydomain.de. IN NS <$fqdn::dns::server>."

Furthermore I want those lines purged if a NS does clean/deactivated.


Thanks for your help in advance!
-Christian.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Re: [windows server 2008 r2] puppet errors in 3.3.0 on exchange database servers

2013-10-04 Thread Christian Koep 
Hi Rob,
i just applied the changes to the windows.rb file.

The catalog run finished as usual. Thank you ;-)



On Thu, Oct 3, 2013 at 8:47 PM, Rob Reynolds  wrote:

> This verifies for us that this is a gating issue.
>
> Would you feel comfortable helping us verify that we've fixed this issue
> for you?
>
>
> https://github.com/ferventcoder/facter/blob/874a5a96ac5fa778c50f1e93424850022b1756cf/lib/facter/util/ip/windows.rb#L46-L47
>
>
>
>
> On Thu, Oct 3, 2013 at 1:42 PM, Christian Koep  wrote:
>
>> Yes, thats all i got from *facter --trace --debug*
>>
>>
>> On Thu, Oct 3, 2013 at 8:41 PM, Rob Reynolds  wrote:
>>
>>> Was this the entire log (minus anything you feel sensitive)?
>>>
>>>
>>> On Thu, Oct 3, 2013 at 1:15 PM, cko  wrote:
>>>
>>>> https://gist.github.com/anonymous/6814400
>>>>
>>>>
>>>> On Thursday, October 3, 2013 5:23:05 PM UTC+2, Rob Reynolds wrote:
>>>>
>>>>> You should be able to run
>>>>>
>>>>> facter --trace --debug
>>>>>
>>>>>
>>>>> On Wed, Oct 2, 2013 at 5:18 PM, cko  wrote:
>>>>>
>>>>>> Hi Ethan,
>>>>>>
>>>>>> what's the exact command that i would have to use?
>>>>>>
>>>>>>
>>>>>> On Wednesday, October 2, 2013 11:35:29 PM UTC+2, Ethan Brown wrote:
>>>>>>
>>>>>>> Christian -
>>>>>>>
>>>>>>> I'm doing the final verification of our fix, and was hoping that I
>>>>>>> could get the output from Facter run by itself?
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Fri, Sep 20, 2013 at 1:36 PM, Rob Reynolds 
>>>>>>> wrote:
>>>>>>>
>>>>>>>>  I would say with all of this in mind we move forward with a fix
>>>>>>>> where we look to see that the network adapter itself is also enabled. 
>>>>>>>> This
>>>>>>>> is laid out in the ticket that I noted earlier.
>>>>>>>>
>>>>>>>>
>>>>>>>> On Fri, Sep 20, 2013 at 7:44 AM, Rich Siegel wrote:
>>>>>>>>
>>>>>>>>>  Exchange DAG is essentially a cluster and the adapter in question
>>>>>>>>> the dag ip.
>>>>>>>>>
>>>>>>>>> My guess is the logic for adapters should be modded for when
>>>>>>>>> netconnectionid is not null.
>>>>>>>>>
>>>>>>>>> In general don't try to mess with hidden adapters on dags unless
>>>>>>>>> you understand ramifications.
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> You received this message because you are subscribed to the Google
>>>>>>>>> Groups "Puppet Users" group.
>>>>>>>>> To unsubscribe from this group and stop receiving emails from it,
>>>>>>>>> send an email to puppet-users...@**googlegroups.**com.
>>>>>>>>> To post to this group, send email to puppet...@googlegroups.com.
>>>>>>>>>
>>>>>>>>> Visit this group at http://groups.google.com/**group**
>>>>>>>>> /puppet-users <http://groups.google.com/group/puppet-users>.
>>>>>>>>> For more options, visit https://groups.google.com/**grou**
>>>>>>>>> ps/opt_out <https://groups.google.com/groups/opt_out>.
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> Rob Reynolds
>>>>>>>> Developer, Puppet Labs
>>>>>>>>
>>>>>>>> Join us at PuppetConf 2014, September 23-24 in San Francisco
>>>>>>>>
>>>>>>>> --
>>>>>>>> You received this message because you are subscribed to the Google
>>>>>>>> Groups "Puppet Users" group.
>>>>>>>> To unsubscribe from this group and stop receiving emails from it,
>>>>>>>> send an email to puppet-users...@**googlegroups.**com.
>>>>>>>

Re: [Puppet Users] Re: [windows server 2008 r2] puppet errors in 3.3.0 on exchange database servers

2013-10-03 Thread Christian Koep 
Yes, thats all i got from *facter --trace --debug*


On Thu, Oct 3, 2013 at 8:41 PM, Rob Reynolds  wrote:

> Was this the entire log (minus anything you feel sensitive)?
>
>
> On Thu, Oct 3, 2013 at 1:15 PM, cko  wrote:
>
>> https://gist.github.com/anonymous/6814400
>>
>>
>> On Thursday, October 3, 2013 5:23:05 PM UTC+2, Rob Reynolds wrote:
>>
>>> You should be able to run
>>>
>>> facter --trace --debug
>>>
>>>
>>> On Wed, Oct 2, 2013 at 5:18 PM, cko  wrote:
>>>
>>>> Hi Ethan,
>>>>
>>>> what's the exact command that i would have to use?
>>>>
>>>>
>>>> On Wednesday, October 2, 2013 11:35:29 PM UTC+2, Ethan Brown wrote:
>>>>
>>>>> Christian -
>>>>>
>>>>> I'm doing the final verification of our fix, and was hoping that I
>>>>> could get the output from Facter run by itself?
>>>>>
>>>>>
>>>>>
>>>>> On Fri, Sep 20, 2013 at 1:36 PM, Rob Reynolds wrote:
>>>>>
>>>>>>  I would say with all of this in mind we move forward with a fix
>>>>>> where we look to see that the network adapter itself is also enabled. 
>>>>>> This
>>>>>> is laid out in the ticket that I noted earlier.
>>>>>>
>>>>>>
>>>>>> On Fri, Sep 20, 2013 at 7:44 AM, Rich Siegel wrote:
>>>>>>
>>>>>>>  Exchange DAG is essentially a cluster and the adapter in question
>>>>>>> the dag ip.
>>>>>>>
>>>>>>> My guess is the logic for adapters should be modded for when
>>>>>>> netconnectionid is not null.
>>>>>>>
>>>>>>> In general don't try to mess with hidden adapters on dags unless you
>>>>>>> understand ramifications.
>>>>>>>
>>>>>>> --
>>>>>>> You received this message because you are subscribed to the Google
>>>>>>> Groups "Puppet Users" group.
>>>>>>> To unsubscribe from this group and stop receiving emails from it,
>>>>>>> send an email to puppet-users...@**googlegroups.**com.
>>>>>>> To post to this group, send email to puppet...@googlegroups.com.
>>>>>>>
>>>>>>> Visit this group at 
>>>>>>> http://groups.google.com/**group**/puppet-users<http://groups.google.com/group/puppet-users>
>>>>>>> .
>>>>>>> For more options, visit 
>>>>>>> https://groups.google.com/**grou**ps/opt_out<https://groups.google.com/groups/opt_out>
>>>>>>> .
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Rob Reynolds
>>>>>> Developer, Puppet Labs
>>>>>>
>>>>>> Join us at PuppetConf 2014, September 23-24 in San Francisco
>>>>>>
>>>>>> --
>>>>>> You received this message because you are subscribed to the Google
>>>>>> Groups "Puppet Users" group.
>>>>>> To unsubscribe from this group and stop receiving emails from it,
>>>>>> send an email to puppet-users...@**googlegroups.**com.
>>>>>> To post to this group, send email to puppet...@googlegroups.com.
>>>>>>
>>>>>> Visit this group at 
>>>>>> http://groups.google.com/**group**/puppet-users<http://groups.google.com/group/puppet-users>
>>>>>> .
>>>>>> For more options, visit 
>>>>>> https://groups.google.com/**grou**ps/opt_out<https://groups.google.com/groups/opt_out>
>>>>>> .
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> --
>>>>> Ethan Brown
>>>>> et...@puppetlabs.com
>>>>> Software Engineer
>>>>>
>>>>> *Join us at PuppetConf 2014, September 23-24 in San Francisco*
>>>>>
>>>>  --
>>>> You received this message because you are subscribed to the Google
>>>> Groups "Puppet Users" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>> an email to puppet-users...@**googlegroups.com.
&

[Puppet Users] Howto model different stages

2013-10-02 Thread Christian Flamm 
Hi all,
I'm trying to find a nice way to model different stages (like: live, test, 
dev) of puppet modules. Initially I thought of different branches inside 
one (Git) repository...  

   - either being checked out on one puppetmaster into different 
   directories being used as different puppet environments
   - or being checked out on different puppetmasters

but then colleagues of mine recently attended Citconf in Turin were 
somebody strongly recommended *not* to use puppet environments and/or 
branches.

I'd like to understand how you solve(d) this.

Thanks in advance,
Christian

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Re: Vagrant+Puppet using RVM to install Apache2+Passenger fails

2013-09-26 Thread Christian 
Anyone?

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Vagrant+Puppet using RVM to install Apache2+Passenger fails

2013-09-23 Thread Christian 
Hi all,

hope to be on the right place here..

I'm playing with Vagrant and Puppet for a small Apache2+Passenger Server 
above ubuntu-precise-32. I like to get this working for a small group of 
developers.

I confess, I didn't read the whole documentation about puppet, but I've 
browsed the whole Internet twice! ...about this problem. I only want to 
get this small environment working at the moment, so I don't want to spend 
much time in reading and coding examples. Maybe some of you can help me a 
bit.

The manifest is working so far, but the Installation of passenger fails 
with this error:

notice: 
/Stage[main]/Rvm::Passenger::Apache::Ubuntu::Post/File[/etc/apache2/mods-enabled/passenger.load]/ensure:
 
created
err: /Stage[main]/Apache::Service/Service[httpd]: Failed to call refresh: 
Could not start Service[httpd]: Execution of '/etc/init.d/apache2 start' 
returned 1:  at /tmp/vagrant-puppet/modules-0/apache/manifests/service.pp:28
notice: 
/Stage[main]/Install-rvm/Rvm_gem[ruby-1.9.3-p448@mygemset/ruby-hmac]/ensure: 
created
notice: /Stage[main]/Postconfig/Exec[use-rubyver]/returns: executed 
successfully
notice: /Stage[main]/Postconfig/Exec[gemset-use]/returns: executed 
successfully
err: /Stage[main]/Postconfig/Exec[passenger-install-apache]/returns: change 
from notrun to 0 failed: rvm gemset use mygemset && 
passenger-install-apache2-module --auto returned 1 instead of one of [0] at 
/tmp/vagrant-puppet/manifests/development.pp:62

The passenger-install-apache2-module command runs smoothly if I fire it in 
a shell on the vagrant box. I think thats the problem for the first error. 
Apache cannot start because of the missing module.

The manifest I use is this:
http://pastie.org/private/xcsmy8b6lwivymegeqcrrw

Thanks in advance!

Chris


-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Puppet, Facter, looping through IPs

2013-08-14 Thread Christian Reiß 
Hello all,

I am trying to set up ssh keys (sshkeys) for populate 
/etc/ssh/ssh_known_hosts. So far it works great, but I want to have aliases 
for all ips online on that host. 

Two problems:

- The assumption is that the interface count and names are unknown. There 
can be one eth or many, none but a xapi device etc. There is, however, 
interfaces variable from facter, which holds all the interfaces.

- I need to loop through the array and use the contents of that variable, 
ie:

interfaces => eth0,eth1,lo,tun0
ipaddress => 46.229.47.132
ipaddress_eth0 => 46.229.47.132
ipaddress_eth1 => 10.1.0.2
ipaddress_lo => 127.0.0.1
ipaddress_tun0 => 10.10.0.1

So I would need to loop through interfaces, query the variable with the 
same name to get the ip address. All this by acoiding loopback.

- I dont know a good way to then add all compiled aliases into sshkeys.

Does anyone have a pointer / solution?

Thank you for your help in advance,
Chris.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Debugging Puppetmaster with Apache/Rack/Passenger

2013-07-24 Thread Christian Flamm 
Debug output is sent to Apache error log, because of missing permissions to 
write to the defined logdest.

So - bottom line - thanks for your reply, "--logdest" is necessary. Without 
it debug output is (per default) not sent to /var/log/messages.

Am Mittwoch, 24. Juli 2013 09:59:40 UTC+2 schrieb Christian Flamm:
>
> Did what you posted.
> Strange thing happened: nothing appears in the specified logdest. Instead: 
> the (wanted) debug output it now sent to apache's error log!
>
> I have no idea what's going on - but at least I have the output I was 
> looking for :-/
>
> Thanks,
> Christian
>
> Am Mittwoch, 24. Juli 2013 09:42:14 UTC+2 schrieb Keith Burdis:
>>
>> I believe the --debug in config.ru sends output to syslog so either look 
>> in /var/log/messages (or similar) or specify a log destination filename 
>> like:
>>
>> ARGV << "--logdest" << "/var/log/puppet/puppet-master.log"
>>
>>   - Keith
>>  On 23 Jul 2013 09:15, "Christian Flamm"  wrote:
>>
>>> Hi,
>>> I'm currently trying to debug a performance issue I'm having. Therefore 
>>> I would need "DEBUG" output. When using one puppetmaster process, this 
>>> is fairly easy by starting it like this:
>>>
>>> > puppet master --no-daemonize --debug
>>>
>>> Now I need to see this debug output when running puppetmaster the way I 
>>> ususally do - using Apache/Rack/Passenger. After looking around a bit in 
>>> the vhost config file
>>>
>>> > cat /etc/httpd/conf.d/puppetmaster.conf 
>>> LoadModule passenger_module 
>>> /usr/lib/ruby/gems/1.8/gems/passenger-4.0.10/buildout/apache2/mod_passenger.so
>>> PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-4.0.10
>>> PassengerDefaultRuby /usr/bin/ruby
>>> 
>>> # TODO evaluate benefit of ThrottleRate
>>> PassengerStatThrottleRate 120
>>> PassengerHighPerformance On
>>> PassengerMaxPoolSize 12
>>> PassengerMaxRequests 1000
>>> PassengerPoolIdleTime 600
>>> 
>>> Listen 8140
>>> 
>>> SSLEngine On
>>> 
>>> # Only allow high security cryptography. Alter if needed for 
>>> compatibility.
>>> SSLProtocol All -SSLv2
>>> SSLCipherSuite  HIGH:!ADH:RC4+RSA:-MEDIUM:-LOW:-EXP
>>> SSLCertificateFile  /var/lib/puppet/ssl/certs/
>>> .pem
>>> SSLCertificateKeyFile   /var/lib/puppet/ssl/private_keys/
>>> .pem
>>> SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
>>> SSLCACertificateFile/var/lib/puppet/ssl/ca/ca_crt.pem
>>> SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
>>> SSLVerifyClient optional
>>> SSLVerifyDepth  1
>>> SSLOptions  +StdEnvVars +ExportCertData
>>> 
>>> # These request headers are used to pass the client certificate
>>> # authentication information on to the puppet master process
>>> RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
>>> RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
>>> RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e
>>> 
>>> DocumentRoot /usr/share/puppet/rack/puppetmasterd/public/
>>> 
>>> Options None
>>> AllowOverride None
>>> Order Allow,Deny
>>> Allow from All
>>> 
>>> 
>>>
>>> I had a look at "/usr/share/puppet/rack/puppetmasterd/config.ru" which 
>>> contains this:
>>>
>>> [snippet]
>>> # if you want debugging:
>>> # ARGV << "--debug"
>>>
>>> ... so I enabled it. But this actually only gives me extra lines I 
>>> believe belong to "INFO" log level:
>>>
>>> Jul 22 17:17:47  puppet-master[22132]: 
>>> (access[^/catalog/([^/]+)$]) allowing 'method' find Jul 22 17:17:47 
>>>  puppet-master[22132]: (access[^/catalog/([^/]+)$]) allowing 
>>> $1 access Jul 22 17:17:47  puppet-master[22132]: 
>>> (access[^/node/([^/]+)$]) allowing 'method' find Jul 22 17:17:47 
>>>  puppet-master[22132]: (access[^/node/([^/]+)$]) allowing $1 
>>> access Jul 22 17:17:47  puppet-master[22132]: 
>>&

Re: [Puppet Users] Debugging Puppetmaster with Apache/Rack/Passenger

2013-07-24 Thread Christian Flamm 
Did what you posted.
Strange thing happened: nothing appears in the specified logdest. Instead: 
the (wanted) debug output it now sent to apache's error log!

I have no idea what's going on - but at least I have the output I was 
looking for :-/

Thanks,
Christian

Am Mittwoch, 24. Juli 2013 09:42:14 UTC+2 schrieb Keith Burdis:
>
> I believe the --debug in config.ru sends output to syslog so either look 
> in /var/log/messages (or similar) or specify a log destination filename 
> like:
>
> ARGV << "--logdest" << "/var/log/puppet/puppet-master.log"
>
>   - Keith
>  On 23 Jul 2013 09:15, "Christian Flamm" 
> > 
> wrote:
>
>> Hi,
>> I'm currently trying to debug a performance issue I'm having. Therefore I 
>> would need "DEBUG" output. When using one puppetmaster process, this is 
>> fairly easy by starting it like this:
>>
>> > puppet master --no-daemonize --debug
>>
>> Now I need to see this debug output when running puppetmaster the way I 
>> ususally do - using Apache/Rack/Passenger. After looking around a bit in 
>> the vhost config file
>>
>> > cat /etc/httpd/conf.d/puppetmaster.conf 
>> LoadModule passenger_module 
>> /usr/lib/ruby/gems/1.8/gems/passenger-4.0.10/buildout/apache2/mod_passenger.so
>> PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-4.0.10
>> PassengerDefaultRuby /usr/bin/ruby
>> 
>> # TODO evaluate benefit of ThrottleRate
>> PassengerStatThrottleRate 120
>> PassengerHighPerformance On
>> PassengerMaxPoolSize 12
>> PassengerMaxRequests 1000
>> PassengerPoolIdleTime 600
>> 
>> Listen 8140
>> 
>> SSLEngine On
>> 
>> # Only allow high security cryptography. Alter if needed for 
>> compatibility.
>> SSLProtocol All -SSLv2
>> SSLCipherSuite  HIGH:!ADH:RC4+RSA:-MEDIUM:-LOW:-EXP
>> SSLCertificateFile  /var/lib/puppet/ssl/certs/
>> .pem
>> SSLCertificateKeyFile   /var/lib/puppet/ssl/private_keys/
>> .pem
>> SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
>> SSLCACertificateFile/var/lib/puppet/ssl/ca/ca_crt.pem
>> SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
>> SSLVerifyClient optional
>> SSLVerifyDepth  1
>> SSLOptions  +StdEnvVars +ExportCertData
>> 
>> # These request headers are used to pass the client certificate
>> # authentication information on to the puppet master process
>> RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
>> RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
>> RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e
>> 
>> DocumentRoot /usr/share/puppet/rack/puppetmasterd/public/
>> 
>> Options None
>> AllowOverride None
>> Order Allow,Deny
>> Allow from All
>> 
>> 
>>
>> I had a look at "/usr/share/puppet/rack/puppetmasterd/config.ru" which 
>> contains this:
>>
>> [snippet]
>> # if you want debugging:
>> # ARGV << "--debug"
>>
>> ... so I enabled it. But this actually only gives me extra lines I 
>> believe belong to "INFO" log level:
>>
>> Jul 22 17:17:47  puppet-master[22132]: 
>> (access[^/catalog/([^/]+)$]) allowing 'method' find Jul 22 17:17:47 
>>  puppet-master[22132]: (access[^/catalog/([^/]+)$]) allowing 
>> $1 access Jul 22 17:17:47  puppet-master[22132]: 
>> (access[^/node/([^/]+)$]) allowing 'method' find Jul 22 17:17:47 
>>  puppet-master[22132]: (access[^/node/([^/]+)$]) allowing $1 
>> access Jul 22 17:17:47  puppet-master[22132]: 
>> (access[/certificate_revocation_list/ca]) allowing 'method' find Jul 
>> 22 17:17:47  puppet-master[22132]: 
>> (access[/certificate_revocation_list/ca]) allowing * access Jul 22 
>> 17:17:47  puppet-master[22132]: (access[/report]) allowing 
>> 'method' save Jul 22 17:17:47  puppet-master[22132]: 
>> (access[/report]) allowing * access Jul 22 17:17:47  
>> puppet-master[22132]: (access[/file]) allowing * access Jul 22 
>> 17:17:47  puppet-master[22132]: (access[/certificate/ca]) 
>> adding authentication any Jul 22 17:17:47  
>> puppet-master[22132]: (access[/certificate/ca]) allowing 'method'

[Puppet Users] Debugging Puppetmaster with Apache/Rack/Passenger

2013-07-23 Thread Christian Flamm 
Hi,
I'm currently trying to debug a performance issue I'm having. Therefore I 
would need "DEBUG" output. When using one puppetmaster process, this is 
fairly easy by starting it like this:

> puppet master --no-daemonize --debug

Now I need to see this debug output when running puppetmaster the way I 
ususally do - using Apache/Rack/Passenger. After looking around a bit in 
the vhost config file

> cat /etc/httpd/conf.d/puppetmaster.conf 
LoadModule passenger_module 
/usr/lib/ruby/gems/1.8/gems/passenger-4.0.10/buildout/apache2/mod_passenger.so
PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-4.0.10
PassengerDefaultRuby /usr/bin/ruby

# TODO evaluate benefit of ThrottleRate
PassengerStatThrottleRate 120
PassengerHighPerformance On
PassengerMaxPoolSize 12
PassengerMaxRequests 1000
PassengerPoolIdleTime 600

Listen 8140

SSLEngine On

# Only allow high security cryptography. Alter if needed for 
compatibility.
SSLProtocol All -SSLv2
SSLCipherSuite  HIGH:!ADH:RC4+RSA:-MEDIUM:-LOW:-EXP
SSLCertificateFile  /var/lib/puppet/ssl/certs/.pem
SSLCertificateKeyFile   /var/lib/puppet/ssl/private_keys/
.pem
SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCACertificateFile/var/lib/puppet/ssl/ca/ca_crt.pem
SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
SSLVerifyClient optional
SSLVerifyDepth  1
SSLOptions  +StdEnvVars +ExportCertData

# These request headers are used to pass the client certificate
# authentication information on to the puppet master process
RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e

DocumentRoot /usr/share/puppet/rack/puppetmasterd/public/

Options None
AllowOverride None
Order Allow,Deny
Allow from All



I had a look at "/usr/share/puppet/rack/puppetmasterd/config.ru" which 
contains this:

[snippet]
# if you want debugging:
# ARGV << "--debug"

... so I enabled it. But this actually only gives me extra lines I believe 
belong to "INFO" log level:

Jul 22 17:17:47  puppet-master[22132]: 
(access[^/catalog/([^/]+)$]) allowing 'method' find Jul 22 17:17:47 
 puppet-master[22132]: (access[^/catalog/([^/]+)$]) allowing 
$1 access Jul 22 17:17:47  puppet-master[22132]: 
(access[^/node/([^/]+)$]) allowing 'method' find Jul 22 17:17:47 
 puppet-master[22132]: (access[^/node/([^/]+)$]) allowing $1 
access Jul 22 17:17:47  puppet-master[22132]: 
(access[/certificate_revocation_list/ca]) allowing 'method' find Jul 22 
17:17:47  puppet-master[22132]: 
(access[/certificate_revocation_list/ca]) allowing * access Jul 22 
17:17:47  puppet-master[22132]: (access[/report]) allowing 
'method' save Jul 22 17:17:47  puppet-master[22132]: 
(access[/report]) allowing * access Jul 22 17:17:47  
puppet-master[22132]: (access[/file]) allowing * access Jul 22 17:17:47 
 puppet-master[22132]: (access[/certificate/ca]) adding 
authentication any Jul 22 17:17:47  puppet-master[22132]: 
(access[/certificate/ca]) allowing 'method' find Jul 22 17:17:47 
 puppet-master[22132]: (access[/certificate/ca]) allowing * 
access Jul 22 17:17:47  puppet-master[22132]: 
(access[/certificate/]) adding authentication any Jul 22 17:17:47 
 puppet-master[22132]: (access[/certificate/]) allowing 
'method' find Jul 22 17:17:47  puppet-master[22132]: 
(access[/certificate/]) allowing * access Jul 22 17:17:47 
 puppet-master[22132]: (access[/certificate_request]) adding 
authentication any Jul 22 17:17:47  puppet-master[22132]: 
(access[/certificate_request]) allowing 'method' find Jul 22 17:17:47 
 puppet-master[22132]: (access[/certificate_request]) 
allowing 'method' save Jul 22 17:17:47  
puppet-master[22132]: (access[/certificate_request]) allowing * access Jul 
22 17:17:47  puppet-master[22132]: (access[/]) adding 
authentication any Jul 22 17:17:47  puppet-master[22132]: 
Inserting default '~ ^/report/([^/]+)$' (auth true) ACL Jul 22 17:17:47 
 puppet-master[22132]: Inserting default '/status' (auth 
true) ACL

All the "DEBUG" lines I'm used to (e.g. "Debug: PROFILE...") are missing - 
but they are there using "puppet master --no-daemonize --debug".
What am I doing wrong? Thanks in advance.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, vi

Re: [Puppet Users] What's the benefit of Virtual Resources?

2013-07-12 Thread Christian Flamm 


Am Freitag, 12. Juli 2013 17:03:11 UTC+2 schrieb Nan Liu:
>
> On Fri, Jul 12, 2013 at 7:45 AM, Christian Flamm 
> 
> > wrote:
>
>> Hi,
>> I'm having trouble understanding the added value Virtual Resources 
>> provide. Let's say I'm having two different modules (that usually are 
>> assigned to different agents) that both contain a common resource (let's 
>> say a user). If I want to easily make it possible to assign both modules to 
>> the same agent - without suffering from the "duplicate resource 
>> declaration" error - I could make the resource definition virtual and 
>> realize it in different modules. See this simplified example.
>>
>> > cat $modulesdir/virtual/manifests/init.pp
>> class virtual {
>>   @user { 'admin': ensure => present }
>> }
>>
>> > cat $modulesdir/mailserver/manifests/init.pp
>> class mailserver {
>>   realize(User['admin'])
>>   # some more mailserver stuff...
>> }
>>
>> > cat $modulesdir/webserver/manifests/init.pp
>> class webserver {
>>   realize(User['admin'])
>>   # some more webserver stuff...
>> }
>>
>> > cat $manifestsdir/nodes.pp
>>  node // {
>>   include virtual
>>   include mailserver
>>   include webserver
>> }
>>
>>
>> My question: How is that different, more convenient or more flexible than 
>> extracting that admin user into its own module? Like that:
>>
>> > cat $modulesdir/adminuser/manifests/init.pp
>> class adminuser {
>>   user { 'admin': ensure => present }
>> }
>>
>> > cat $modulesdir/mailserver/manifests/init.pp
>> class mailserver {
>>   # some more mailserver stuff...
>> }
>>
>> > cat $modulesdir/webserver/manifests/init.pp
>> class webserver {
>>   # some more webserver stuff...
>> }
>>
>> > cat $manifestsdir/nodes.pp
>>  node // {
>>   include adminuser
>>   include mailserver
>>   include webserver
>> }
>>
>>
>> I guess I'm missing something here, or I'm using it wrong. 
>> Your help is highly appreciated, 
>>
>
>  In this simple case no, but think of a vinn diagram with overlapping 
> groups (such as user belonging to dbadmin/webadmin and two different teams 
> of dbadmin webadmin). You can easily realize virtual resource by tags, but 
> not so easy by splitting to class dbadmin/webadmin/db_and_webadmin ...
>
> HTH,
>
> Nan
>

Do you mean something like this?

> cat $modulesdir/virtual/manifests/init.pp
class virtual {
  @user { ['a', 'b', 'c', 'd']: ensure => present }
}

> cat $modulesdir/mailserver/manifests/init.pp
class mailserver {
  realize(User['a'], User['b'], User['c'])
  # some more mailserver stuff...
}

> cat $modulesdir/webserver/manifests/init.pp
class webserver {
  realize(User['b'], User['c'], User['d'])
  # some more webserver stuff...
}

> cat $manifestsdir/nodes.pp
node // {
  include virtual
  include mailserver
  include webserver
}

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] What's the benefit of Virtual Resources?

2013-07-12 Thread Christian Flamm 
Hi,
I'm having trouble understanding the added value Virtual Resources provide. 
Let's say I'm having two different modules (that usually are assigned to 
different agents) that both contain a common resource (let's say a user). 
If I want to easily make it possible to assign both modules to the same 
agent - without suffering from the "duplicate resource declaration" error - 
I could make the resource definition virtual and realize it in different 
modules. See this simplified example.

> cat $modulesdir/virtual/manifests/init.pp
class virtual {
  @user { 'admin': ensure => present }
}

> cat $modulesdir/mailserver/manifests/init.pp
class mailserver {
  realize(User['admin'])
  # some more mailserver stuff...
}

> cat $modulesdir/webserver/manifests/init.pp
class webserver {
  realize(User['admin'])
  # some more webserver stuff...
}

> cat $manifestsdir/nodes.pp
node // {
  include virtual
  include mailserver
  include webserver
}


My question: How is that different, more convenient or more flexible than 
extracting that admin user into its own module? Like that:

> cat $modulesdir/adminuser/manifests/init.pp
class adminuser {
  user { 'admin': ensure => present }
}

> cat $modulesdir/mailserver/manifests/init.pp
class mailserver {
  # some more mailserver stuff...
}

> cat $modulesdir/webserver/manifests/init.pp
class webserver {
  # some more webserver stuff...
}

> cat $manifestsdir/nodes.pp
node // {
  include adminuser
  include mailserver
  include webserver
}


I guess I'm missing something here, or I'm using it wrong. 
Your help is highly appreciated, 
thanks in advance,
Christian

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Nagios & Puppet

2013-06-27 Thread Christian Reiß 
Hello folks,

I am currently using Puppet to forge the nagios configuration files. Using 
exported ressources it really works well - to a point.

The one thing I am banging my head against is the service definitions. The 
services use stuff like remote-nrpe-zombie-procs, which of course, is not 
defined anywhere:

define service {
## --PUPPET_NAME-- (called '_naginator_name' in the 
manifest)check_zombie_procs_gaming
useremote-nrpe-zombie-procs
host_name  gaming.alpha-labs.net
}

So far I am letting puppet generate the three configs:

nagios_host.cfg
nagios_hostextinfo.cfg
nagios_service.cfg

Tho for this to work I would need a corresponding commands.cfg and all the 
Howtos out there do not seem to have my problem. The important snipplet 
from my config would be this:


 Nagios_host <<||>> {
 require => File[resource-d],
 notify => Service[icinga],
 }

 Nagios_service <<||>> {
 require => File[resource-d],
 notify => Service[icinga],
 }

 Nagios_hostextinfo <<||>> {
 require => File[resource-d],
 notify => Service[icinga],
 }

 Nagios_command <<||>> {
 require => File[resource-d],
 notify => Service[icinga],
 }


After banging my head for 3 evenings on this I really need your help.
Thanks for any pointers.

-Chris.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] puppet: 3.1.1 -> 3.2.1 load increase

2013-06-27 Thread Christian Flamm 
Forgot to say this explicitly: config_retrieval times (guess this includes 
catlog compilation) on the agents explode.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] puppet: 3.1.1 -> 3.2.1 load increase

2013-06-25 Thread christian . le . flamm 
Forgot to enable email notification here. Decided to go back to 3.1.1 a 
week ago. Will upgrade again to provide more specific load information. Thx!

You have to be a little bit more specific. Is load only CPU related, or 
> I/O? Also, what do the log say? 3.2 pushes lots of notices about syntax 
> obsolescence in the logs... 
>

>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] puppet: 3.1.1 -> 3.2.1 load increase

2013-06-13 Thread christian . le . flamm 
Hi,
I recently updated from puppet 3.1.1 to 3.2.1 and noticed quite a bit of 
increased load on the puppetmaster machine. I'm using 
the Apache/passenger/rack way of puppetmastering. 
Main symptom is: higher load on puppetmaster machine (8 cores): 

   - 3.1.1: around 4
   - 3.2.1: around 9-10
   
Any idea why there's more load on the machine with 3.2.1?

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Re: Variable re-use, override, inherit and include

2013-05-10 Thread christian . le . flamm 
Sorry, wasn't able to format it properly... formatting it had no effect.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Re: Variable re-use, override, inherit and include

2013-05-10 Thread christian . le . flamm 
Thx, maybe this was a little too straight from the hip... BTW: I've tried 
it - it even worked... but I see that's probably caused by a lot of strange 
luck...
 

> Subclasses can never 'override' ancestor class variables.  They can 
> partially *hide* them within their own scope by declaring a same-named 
> local variable, but that has no effect on what the parent class or any 
> other sees as the value of the parent-class variable.
>

Interesting objection - that's actually what I meant saying "override". 
Let's try something else: There's a module "module_x" and these 
directories: $moduledir/module_x/manifests/ and there's an "init.pp" with 
this content:

   class module_x {
include module_x::child
include module_x::another_child
include module_x::another_child2
include module_x::another_child3
...
   }

There's also a file 'constant.pp' containing this

class module_x::constant {
$var = 'value'
}

Class module_x::constant is not included. Classes like module_x::child 
should be able to inherit the default value of $var but also be able to 
hide it within their own scope by declaring a same-named local variable. It 
would look like this:

class module_x::child inherits module_x::constant {
// wants to use a default value for $var but should be able to hide it 
within their own scope.
}


Something wrong with that? 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Variable re-use, override, inherit and include

2013-05-03 Thread christian . le . flamm 
Hi,
a question regarding combining *inherit* and *include*: I have variable(s) 
defined in a father class and child classes should access these - but there 
should always be the possibility to override the default value. Let's 
assume this scenario:

There's a module "module_x" and these directories: 
$moduledir/module_x/manifests/ and there's an "init.pp" with this content:

class module_x {
$var = 'value'

include module_x::child
include module_x::another_child
include module_x::another_child2
include module_x::another_child3
...
}


 Class "module_x::child" in file "child.pp" should be able to use "$var" 
with its default value - but should also be allowed to override it. It 
would look like this:

class module_x::child inherits module_x {
// wants to use a default value for $var but should be able to override it.
}


Question: Is there somehow a problem that class "child" inherits class 
"module_x" *with all its many includes*?

Thanks in advance,
Christian

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Re: Defining custom resource types wrapping exec resources and using optional “unless”

2013-04-10 Thread christian . le . flamm 
Never heard of *undef *before - sounds great! Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Defining custom resource types wrapping exec resources and using optional “unless”

2013-04-10 Thread christian . le . flamm 


The following code example is purely academical but it illustrates my 
question pretty well.

   define touch($file=$title, $unless='/bin/false') {
   exec { "/bin/touch ${file}": unless => $unless }
   }

If I define my own resource type that wraps another *exec* resource and I 
want to *add an optional "unless" condition* that I - if set - pass to the 
optional "unless" condiftion of *exec* - do I have to preset the field with 
'/bin/false'?

My understanding is that for each catalog run and all uses of this custom 
ressource type this resource's unless check will then spawn a bash process 
running '/bin/false' if the unless field of "touch" hasn't been set .

What I actually intend is not to do any "unless" check at all if the field 
hasn't been set - including calling "/bin/false".

Any thoughts? Thanks!

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] "Could not find class" hiccups *often* once after manifest/module changes

2013-03-18 Thread christian . le . flamm 
Switching to an Apache/Passenger/Rack solution (and dumping WEBrick) seems 
to solve this problem.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] "Could not find class" hiccups *often* once after manifest/module changes

2013-03-08 Thread christian . le . flamm 
ick.rb:29:in `listen'
/usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:26:in 
`synchronize'
/usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:26:in `listen'
/usr/lib/ruby/site_ruby/1.8/puppet/network/server.rb:92:in `listen'
/usr/lib/ruby/site_ruby/1.8/puppet/network/server.rb:104:in `start'
/usr/lib/ruby/site_ruby/1.8/puppet/daemon.rb:136:in `start'
/usr/lib/ruby/site_ruby/1.8/puppet/application/master.rb:207:in `main'
/usr/lib/ruby/site_ruby/1.8/puppet/application/master.rb:157:in 
`run_command'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:364:in `run'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:456:in `plugin_hook'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:364:in `run'
/usr/lib/ruby/site_ruby/1.8/puppet/util.rb:504:in `exit_on_fail'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:364:in `run'
/usr/lib/ruby/site_ruby/1.8/puppet/util/command_line.rb:132:in `run'
/usr/lib/ruby/site_ruby/1.8/puppet/util/command_line.rb:86:in `execute'
/usr/bin/puppet:4

In /usr/lib/ruby/site_ruby/1.8/puppet/parser/compiler.rb:168 error 
"Puppet::Error, "Could not find class #{name} for #{node.name}"" is raised 
because a couple of lines above a check "if klass = 
scope.find_hostclass(name, :assume_fqname => fqname)" fails, see:

  def evaluate_classes(classes, scope, lazy_evaluate = true, fqname = false)
#Puppet.info classes
raise Puppet::DevError, "No source for scope passed to 
evaluate_classes" unless scope.source
class_parameters = nil
# if we are a param class, save the classes hash
# and transform classes to be the keys
if classes.class == Hash
  class_parameters = classes
  classes = classes.keys
end
classes.each do |name|
  # If we can find the class, then make a resource that will evaluate 
it.
  if klass = scope.find_hostclass(name, :assume_fqname => fqname) ### 
<<<-- This check fails

# If parameters are passed, then attempt to create a duplicate 
resource
# so the appropriate error is thrown.
if class_parameters
  resource = klass.ensure_in_catalog(scope, class_parameters[name] 
|| {})
else
  next if scope.class_scope(klass)
  resource = klass.ensure_in_catalog(scope)
end

# If they've disabled lazy evaluation (which the :include function 
does),
# then evaluate our resource immediately.
resource.evaluate unless lazy_evaluate
  else
raise Puppet::Error, "Could not find class #{name} for 
#{node.name}" ### <<<--- Here error is raised
  end
end
  end

in /usr/lib/ruby/site_ruby/1.8/puppet/parser/scope.rb:134

  def find_hostclass(name, options = {})
known_resource_types.find_hostclass(namespaces, name, options)
  end

in /usr/lib/ruby/site_ruby/1.8/puppet/resource/type_collection.rb:114

  def find_hostclass(namespaces, name, options = {})
find_or_load(namespaces, name, :hostclass, options)
  end

in /usr/lib/ruby/site_ruby/1.8/puppet/resource/type_collection.rb:197

  # Resolve namespaces and find the given object.  Autoload it if
  # necessary.
  def find_or_load(namespaces, name, type, options = {})
searchspace = options[:assume_fqname] ? [name].flatten : 
resolve_namespaces(namespaces, name)
searchspace.each do |fqname|
  result = send(type, fqname)
  unless result
# do not try to autoload if we already tried and it wasn't 
conclusive
# as this is a time consuming operation.
unless @notfound[fqname]
  result = loader.try_load_fqname(type, fqname)
  @notfound[fqname] = result.nil?
end
  end
  return result if result
end

return nil
  end

Am Freitag, 8. März 2013 11:08:57 UTC+1 schrieb David Schmitt:

> On 08.03.2013 10:33, christian...@gmail.com  wrote: 
> > Hi David, thanks for your answer! I only have the 'nodes.pp' import: 
> > 
> >  > egrep -R "import[ \t]" /opt/xxx/dev/puppet/ 
> >  /opt/xxx/dev/puppet/manifests/site.pp:import 'nodes.pp' 
> > 
> > Must I get rid of this? 
>
> You might want to run the puppetmaster from the shell with debugging 
> enabled (--no-daemonize --masterport  --verbose --debug) and post 
> the resulting log when you run an agent against that (--masterport  
> --test). In my case the puppet master actually loads the file which 
> contains the class, but fails to correctly register the contained class 
> until the next run. I only observed (and tested) that with parameterized 
> classes. 
>
>
> D. 
>
> > Best Regards, Christian 
> > 
> > 
> > Hi, 
> > 
> > I've reported a similar issue recently here: 
> > 
> > https://projects.puppetlabs.com/issues/19638 
> >

Re: [Puppet Users] "Could not find class" hiccups *often* once after manifest/module changes

2013-03-08 Thread christian . le . flamm 
Hi David, thanks for your answer! I only have the 'nodes.pp' import:

> egrep -R "import[ \t]" /opt/xxx/dev/puppet/
/opt/xxx/dev/puppet/manifests/site.pp:import 'nodes.pp'

Must I get rid of this?
Best Regards, Christian
 

>
> Hi, 
>
> I've reported a similar issue recently here: 
>
>https://projects.puppetlabs.com/issues/19638 
>
> I've tracked my problem to overshooting use of "import" calls in modules. 
>
> You might want to check if you're hitting the same bug. 
>
>
> Best Regards, David 
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] "Could not find class" hiccups *often* once after manifest/module changes

2013-03-08 Thread christian . le . flamm 


Hi, I’ve got no idea if this is a bug or some kind of 
misuse/misconfiguration. Hope somebody can help. Thanks!

If I change a file in a module or manifest directory this *often* results 
in errors, mostly of the following kinds

   - 
   
   Could not find class for on node
   - 
   
   Cannot find definition Class on node
   
These errors occur when puppet modules/manifests are changed – but it 
happens only once. If it happens affected puppet agents will use their 
cached catalog once. *The next time these agents request a catalog it is 
compiled flawlessly and everything will work like a charm* – all errors are 
gone. Problem is we have agents with large catalogs. Their catalog runs can 
take up to over a minute and so the time it takes for a change to be 
applied will then be doubled to take up to 2 or even 3 minutes.

Usually changes of modules/manifests are performed by “git pull”. But it’s 
easy to reproduce these error messages by simple “touch” operations. Here 
are some interesting log observations and their [commonness]. Yes AFAICS 
they always appear in triplets. It rarely happens that there are no 
problems at all after a modification.

> touch /opt/xxx/dev/puppet/manifests/site.pp

  [often] puppet-master[12498]: Could not find class  for  on 

  [often] puppet-master[12498]: Could not find class  for  on 

  [often] puppet-master[12498]: Could not find class  for  on 


> touch /opt/xxx/dev/puppet/puppet.conf

  [often] puppet-master[12498]: Could not find class  for  on 

  [often] puppet-master[12498]: Could not find class  for  on 

  [often] puppet-master[12498]: Could not find class  for  on 


  [sometimes] puppet-master[12498]: Cannot find definition Class on node 
  [sometimes] puppet-master[12498]: Cannot find definition Class on node 
  [sometimes] puppet-master[12498]: Cannot find definition Class on node 

  [rare] puppet-master[12498]: Puppet::Parser::AST::Resource failed with error 
ArgumentError: Invalid resource type  at  on node 

  [rare] puppet-master[12498]: Puppet::Parser::AST::Resource failed with error 
ArgumentError: Invalid resource type  at  on node 

  [rare] puppet-master[12498]: Puppet::Parser::AST::Resource failed with error 
ArgumentError: Invalid resource type  at  on node 


> touch /opt/xxx/dev/puppet/modules/dispatcher/manifests/init.pp

  [often] puppet-master[12498]: Could not find class  for  on 
  [often] puppet-master[12498]: Could not find class  for  on 
  [often] puppet-master[12498]: Could not find class  for  on 

Affected classes and nodes seem to be randomly chosen. 

Environment this runs in:

> ll /etc/puppet
lrwxrwxrwx 1 root root   34 Mar  7 10:01 auth.conf -> 
/opt/xxx/dev/puppet/auth.conf
lrwxrwxrwx 1 root root   38 Mar  7 10:01 autosign.conf -> 
/opt/xxx/dev/puppet/autosign.conf
lrwxrwxrwx 1 root root   40 Mar  7 10:01 fileserver.conf -> 
/opt/xxx/dev/puppet/fileserver.conf
lrwxrwxrwx 1 root root   36 Mar  7 10:01 puppet.conf -> 
/opt/xxx/dev/puppet/puppet.conf

> ls -A /opt/xxx/dev/puppet/
auth.conf  autosign.conf  fileserver.conf  .git  .gitignore  manifests  modules 
 .project  puppet.conf  scripts

> cat /etc/puppet/puppet.conf # on puppetmaster
[main]
 logdir = /var/log/puppet
 rundir = /var/run/puppet
 ssldir = $vardir/ssl
 modulepath = /opt/xxx/dev/puppet/modules
 manifestdir = /opt/xxx/dev/puppet/manifests
 manifest = /opt/xxx/dev/puppet/manifests/site.pp

[agent]
 classfile = $vardir/classes.txt
 localconfig = $vardir/localconfig
 server = 
 report = true
 splaylimit = 0
 runinterval = 30

 [master]
  certname=
  reports = http,log
  reportdir = /var/lib/puppet/reports/upload
  reporturl = http://:3000/reports

> cat /opt/xxx/dev/puppet/manifests/site.pp 
  import 'nodes.pp'
  $puppetserver = 

> rpm -qa | egrep "puppet|ruby"
  rubygem-rake-0.8.7-2.1.el6.noarch
  ruby-mysql-2.8.2-1.el6.x86_64
  libselinux-ruby-2.0.94-5.3.el6.x86_64
  puppet-3.1.0-1.el6.noarch
  rubygem-fastthread-1.0.7-2.el6.x86_64
  rubygem-mongrel-1.1.5-3.el6.x86_64
  ruby-1.8.7.352-7.el6_2.x86_64
  ruby-irb-1.8.7.352-7.el6_2.x86_64
  ruby-augeas-0.4.1-1.el6.x86_64
  ruby-shadow-1.4.1-13.el6.x86_64
  puppetlabs-release-6-6.noarch
  rubygems-1.3.7-1.el6.noarch
  puppet-server-3.1.0-1.el6.noarch
  rubygem-gem_plugin-0.2.3-3.el6.noarch
  rubygem-daemons-1.0.10-2.el6.noarch
  puppet-dashboard-1.2.22-1.el6.noarch
  ruby-libs-1.8.7.352-7.el6_2.x86_64
  ruby-rdoc-1.8.7.352-7.el6_2.x86_64
  rubygem-json-1.4.6-1.el6.x86_64

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Usage of puppet to deploy and configuration manage software patches

2012-11-09 Thread Christian 
I have some questions in terms of how to use puppet of configuration 
management for software patches. My previous approach was it to create a 
puppet module for each patch ... Like Patch1 includes (FileA, FileB, 
FileC), Patch2 includes (FileD, FileE)... So far so good and that works but 
now i have to create a Patch3 with lets say FileF and FileA included. As 
you can see there will be a puppet conflict as i can't deploy the same 
files within different modules. What is the right architecture and method 
to manage software patches? Is it to use rpms instead of? Or are there 
other ideas how to manage that with puppet.


-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/YNceAdQNZr4J.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Puppet 3.0 on Debian Lenny

2012-10-12 Thread Christian Page 
Felipe,

Thanks for the information, I will give this a shot!

Cheers,
Christian

On Friday, October 12, 2012 3:46:18 PM UTC-6, Felipe Salum wrote:
>
> Hi Christian,
>
> My libaugeas0 is 0.7.2 from backports: 
> http://archive.debian.org/debian-backports/pool/main/a/augeas/libaugeas0_0.7.2-1~bpo50+1_amd64.deb
>
> Install puppet from backports first so it will bring all the dependencies, 
> then upgrade to puppet from puppetlabs. That is how I do on Lenny.
>
> apt-get -t lenny-backports install -y puppet
> apt-get -t puppetlabs install -y puppet 
>
> Regards,
> Felipe
>
> On Friday, October 12, 2012 9:40:45 AM UTC-7, Christian Page wrote:
>>
>> Felipe,
>>
>> Perhaps you can answer a question for me, I am in a similar boat as you 
>> with having to continue to support Lenny after EOL. I am trying to install 
>> puppet but I have an unmet dependency of libaugeas0. It appears that only 
>> version 0.2.2-1 is in the backports repository on archive.debian.org, 
>> and puppet from apt.puppetlabs.com requires version 0.6.0. What did you 
>> have to do to get this dependency met?
>>
>> Thanks for your help,
>>
>> Christian
>>
>> On Tuesday, October 9, 2012 12:29:22 PM UTC-6, Felipe Salum wrote:
>>>
>>> Hi guys.
>>>
>>> I don't see the latest puppet 3.0 on the puppetlabs debian repository 
>>> for lenny and also the latest puppet dashboard.
>>>
>>> Aren't you guys adding the new versions to the deprecated Debian Lenny 
>>> anymore ?
>>>
>>> Can I grab the puppet 3.0 agent from squeeze to use on Lenny ?
>>>
>>> Regards,
>>> Felipe
>>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/QnBBgfqSY2kJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Puppet 3.0 on Debian Lenny

2012-10-12 Thread Christian Page 
Felipe,

Perhaps you can answer a question for me, I am in a similar boat as you 
with having to continue to support Lenny after EOL. I am trying to install 
puppet but I have an unmet dependency of libaugeas0. It appears that only 
version 0.2.2-1 is in the backports repository on archive.debian.org, and 
puppet from apt.puppetlabs.com requires version 0.6.0. What did you have to 
do to get this dependency met?

Thanks for your help,

Christian

On Tuesday, October 9, 2012 12:29:22 PM UTC-6, Felipe Salum wrote:
>
> Hi guys.
>
> I don't see the latest puppet 3.0 on the puppetlabs debian repository for 
> lenny and also the latest puppet dashboard.
>
> Aren't you guys adding the new versions to the deprecated Debian Lenny 
> anymore ?
>
> Can I grab the puppet 3.0 agent from squeeze to use on Lenny ?
>
> Regards,
> Felipe
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/_EVTTDOUqkYJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] install vmware tools through puppet

2012-09-22 Thread Christian McHugh 
I've done something similar using the open-vm package on debian hosts. 



On Saturday, September 22, 2012 3:06:10 PM UTC-5, Alan Evans wrote:
>
> I believe the open-vm-tools at http://packages.vmware.com/tools are ESX 
> host version agnostic.
>
> We pull the rhel 4-6 repos into RHN satellite and just use puppet ensure 
> the latest is installed.
>
> If you do t use satellite you could just clone the repo and configure yum 
> on the clients.
>
> Packages are available for RHEL, SuSE and deb at least.
>
> -Alan
> On Sep 22, 2012 3:25 PM, "Hai Tao" > wrote:
>
>> It is a useful tool. However, the difficulty is that our ENV has
>> multiple versions of ESX hosts, 3.5, 4.1 and 5.0. The guest OS has no
>> clue what version of ESX it is running on, so how can puppet server
>> push a correct version of vmware tools to a client?
>>
>> On Sat, Sep 22, 2012 at 11:20 AM, Michael Stahnke
>> > wrote:
>> > On Fri, Sep 21, 2012 at 6:48 PM, Jakov Sosic > 
>> wrote:
>> >> On 09/19/2012 11:55 PM, Hai Tao wrote:
>> >>>
>> >>> There seems to be a few vmware tools installation modules. Has someone
>> >>> used these modules to install VMware tools?
>> >>>
>> >>> Searching http://forge.puppetlabs.com ...
>> >>> NAMEDESCRIPTION
>> >>>
>> >>>  AUTHORKEYWORDS
>> >>> vchoi-vmwarePuppet module to handle installation, upgrade
>> >>> and reconfiguration of vmware tools on vmware virtual nodes.
>> >>>   @vchoivirtualization vmware vmware-tools
>> >>> vmware_tools vmtools
>> >>> razorsedge-vmwaretools  Puppet VMware Tools OSP Module
>> >>>
>> >>>  @razorsedge   vmware vmware-tools vmware_tools 
>> vmtools
>> >>> rhel CentOS SuSE OEL
>> >>> puppetlabs-vcenter  VMware vCenter installation and management
>> >>>
>> >>>  @puppetlabs   windows vmware vcenter vsphere
>> >>> 5UbZ3r0-vmwaretools This module handles the installation the
>> >>> VMware Tools Operating System Specific
>> >>>@5UbZ3r0  debian virtualization rhel CentOS
>> >>> vmware vmware-tools vmwaretools
>> >>> puppetlabs-appdirector  # VMware vFabric Application Directorâ
>> >>>¢ 
>> Puppet
>> >>> Service
>> >>> @puppetlabs   vmware
>> >>>
>> >>>
>> >>> How well does it work?
>> >>
>> >>
>> >> It seems that nobody tried this already. I'm interested too...
>> >>
>> >>
>> >> --
>> >> Jakov Sosic
>> >> www.srce.unizg.hr
>> >>
>> >>
>> >> --
>> >> You received this message because you are subscribed to the Google 
>> Groups
>> >> "Puppet Users" group.
>> >> To post to this group, send email to 
>> >> puppet...@googlegroups.com
>> .
>> >> To unsubscribe from this group, send email to
>> >> puppet-users...@googlegroups.com .
>> >> For more options, visit this group at
>> >> http://groups.google.com/group/puppet-users?hl=en.
>> >>
>> >
>> > I don't know that I would endorse one over another, but Puppet Labs
>> > did a module of the week post about one of them.
>> >
>> > http://puppetlabs.com/blog/module-of-the-week-razorsedge-vmwaretools/
>> >
>> > That might be a good starting point.
>> >
>> > --
>> > You received this message because you are subscribed to the Google 
>> Groups "Puppet Users" group.
>> > To post to this group, send email to 
>> > puppet...@googlegroups.com
>> .
>> > To unsubscribe from this group, send email to 
>> puppet-users...@googlegroups.com .
>> > For more options, visit this group at 
>> http://groups.google.com/group/puppet-users?hl=en.
>> >
>>
>>
>>
>> --
>> Hai Tao
>>
>> --
>> You received this message because you are subscribed to the Google Groups 
>> "Puppet Users" group.
>> To post to this group, send email to puppet...@googlegroups.com
>> .
>> To unsubscribe from this group, send email to 
>> puppet-users...@googlegroups.com .
>> For more options, visit this group at 
>> http://groups.google.com/group/puppet-users?hl=en.
>>
>> 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/FTYloCumctkJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

RE: [Puppet Users] puppet client could not request certificate: Error 500 on SERVER

2012-08-20 Thread Mark Christian 
Have you confirmed that puppet master is running as user = puppet?

On the master check: puppet --genconfig|grep user

Mark

From: puppet-users@googlegroups.com [mailto:puppet-users@googlegroups.com] On 
Behalf Of Jo Rhett
Sent: Monday, August 20, 2012 1:03 PM
To: puppet-users@googlegroups.com
Subject: Re: [Puppet Users] puppet client could not request certificate: Error 
500 on SERVER

You should spend some time and determine how and why that is happening. I can 
assure you that it's not normal, so this is something specific to some custom 
code on your site.

On Aug 19, 2012, at 10:56 AM, Stuart Cracraft wrote:
I am seriously thinking of putting those recursive chown's in root crontab on 
puppet masters and puppet agents for /etc/puppet* and
/var/lib/puppet*

I shouldn't have to do this but have
seen cases of ownership reversion.

--Stuart

Via Apple iPhone 4S on the AT&T Wireless Network


On Aug 13, 2012, at 3:04 AM, Frederik Vos  wrote:
For the people still looking for an answer:
chown -R puppet:puppet /var/lib/puppet/reports

Op woensdag 30 maart 2011 21:02:43 UTC+2 schreef hyzhang het volgende:
Thank. I am pasting the entire message here:

Mar 30 14:01:04 puppetclient1 puppet-agent[28571]: Could not request
certificate: Error 500 on SERVER: http://www.w3.org/TR/html4/strict.dtd";> 
   Ruby (Rack) application could not be started

RE: [Puppet Users] newish puppet on RHEL4 and/or SLES9?

2012-08-15 Thread Mark Christian 
I'm not running newish puppet on rhel/cent 4, but the 0.25.6 EPEL packages seem 
to work well enough with my puppet master that runs 2.7.18.


-Original Message-
From: puppet-users@googlegroups.com [mailto:puppet-users@googlegroups.com] On 
Behalf Of Jason Antman
Sent: Wednesday, August 15, 2012 7:42 AM
To: puppet-users@googlegroups.com
Subject: [Puppet Users] newish puppet on RHEL4 and/or SLES9?

I'm in the process of building out a new puppet master and pulling our
existing/legacy infrastructure into Puppet control for the basic
system-level stuff (mail, syslog, sudo, ssh, etc.). Unfortunately, the
directive from on high is that all of our hosts need to be managed by
the same system. That list is about 95% RHEL/Cent 5 or 6, but there's a
few RHEL4 and SLES9 machines on the "must have" list. As upgrades are
very unlikely, I'd like to be on the newest version possible - ideally,
2.7.12+ on the master so I can leverage puppetDB.

Is anyone out there running new-ish puppet (2.7, or else 2.6) on such
ancient beasts? If so, can anyone point me at sources for the packages,
and dependencies? Or perhaps have spec files to share?

I'd like to say I can spend the time to build and test puppet and all
the dependencies, but alas, that is very far from the case.

Thanks for any assistance,
Jason

PS - If you happen to be a competent generalist Linux admin in the
Boston, MA or Atlanta, GA area, feel free pass along your resume...

--
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.



Confidentiality Notice.
This message may contain information that is confidential or otherwise 
protected from disclosure. If you are not the intended recipient, you are 
hereby notified that any use, disclosure, dissemination, distribution,  or 
copying  of this message, or any attachments, is strictly prohibited.  If you 
have received this message in error, please advise the sender by reply e-mail, 
and delete the message and any attachments.  Thank you.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: hiera scope and hiera-foreman

2012-08-10 Thread Christian McHugh 
Okay. I figured out my issue. 

I'm not a developer so this is probably ugly, but came up with:
begin
  fqdn = scope.catalog.tags[4]
rescue
  fqdn = scope['fqdn'] if scope.has_key?('fqdn')
  Hiera.debug("trying mcollective")
end
Hiera.debug("got fqdn #{fqdn}")

That fqdn with both:
puppet master --debug --compile FQDN
and
hiera -d -c /etc/puppet/hiera.yaml -m FQDN

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/m6nAWXboqQIJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] hiera scope and hiera-foreman

2012-08-09 Thread Christian McHugh 
Hey all,

I've been messing around with the hiera-foreman backend to see if it would 
let me migrate to hiera and use foreman and an ENC. 
https://github.com/torrancew/hiera-foreman

It works by querying each node's yaml file from foreman. Currently this 
code works when called from the hiera command line with the -m (mcollective 
option). It uses the mcollective facts to pull the fqdn variable to know 
which node to grab the yaml for. So far so good. However, this breaks when 
you attempt to use it as a hiera backend in a puppet module, since it no 
longer has the mcollective facts, and fqdn available to it. 

So my question is, what is the recommended way of querying the current 
hostname(s) in a hiera backend for it to know what host it should lookup 
the needed yaml? 

Thanks!

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/Yhe1cfLjofAJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] add an rpm to a host

2012-06-27 Thread Christian DeKonink 
Thanks for your immediate response. The first solution you propesed worked
flawlessly. I like that. Thanks.

On Fri, Jun 22, 2012 at 9:23 AM, Christopher Wood <
christopher_w...@pobox.com> wrote:

>
> class myrpm {
>  package { 'foo_bar': }
> }
>
> node "myhost.me.com" {
>  class { 'myrpm': }
> }
>
> If this is something that you absolutely must do by the end of the day on
> a Friday because some manager is a maniac, you can deploy the rpm via a
> file resource and then install it by specifying alternate package type
> parameters:
>
> class myrpm {
>  $myrpm = '/tmp/foo_bar_1.0.rpm'
>  $myrpmsource = "puppet:///modules/myrpm/foo_bar_1.0.rpm"
>  $mypkg = "foo_bar"
>  file { $myrpm:
>source => $myrpmsource,
>  }
>  package { $mypkg:
>provider => 'rpm',
>source => $myrpm,
>require => File[$myrpm],
>  }
> }
>
> node "myhost.me.com" {
>  class { 'myrpm': }
> }
>
> With the above I am assuming that your classes are in modules (save your
> sanity, use them). More on modules:
>
> http://docs.puppetlabs.com/puppet/2.7/reference/modules_fundamentals.html
> http://docs.puppetlabs.com/module_cheat_sheet.html
>
> Also remember dependencies:
>
> http://docs.puppetlabs.com/references/stable/metaparameter.html#require
>
> And more generally:
>
> http://docs.puppetlabs.com/guides/language_guide.html
>
>
> >How would I deploy this to all hosts that talk to my puppetmaster?
> >Thanks
> >Chris
> >
> >--
> >You received this message because you are subscribed to the Google
> Groups
> >"Puppet Users" group.
> >To post to this group, send email to puppet-users@googlegroups.com.
> >To unsubscribe from this group, send email to
> >puppet-users+unsubscr...@googlegroups.com.
> >For more options, visit this group at
> >http://groups.google.com/group/puppet-users?hl=en.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] add an rpm to a host

2012-06-22 Thread Christian DeKonink 
Hi

I am new to puppet. I have an existing puppet 2.6 config and I have about
400 hosts that I would like to install a package on. the specific package is

foo_bar_1.0.rpm

How would I deploy this to all hosts that talk to my puppetmaster?

Thanks
Chris

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: puppetlabs-firewall stages and persistence

2012-06-19 Thread Christian McHugh 
I have this working in our environment as a module, which I will attempt to 
describe. 

module: casfirewall
init.pp
class casfirewall {
  include casfirewall::default, casfirewall::fwpre, casfirewall::fwpost

  file {"/etc/iptables":
ensure => "directory",
owner => "root",
group => "root",
mode => 700,
  }

  # Always persist firewall rules
  exec { "persist-firewall":
command => $operatingsystem ? {
  "debian" => "/sbin/iptables-save > /etc/iptables/rules.v4",
  /(RedHat|CentOS)/ => "/sbin/iptables-save > /etc/sysconfig/iptables",
},
refreshonly => true,
require => File["/etc/iptables"],
  }
  Firewall {
notify => Exec["persist-firewall"],
before => Class["casfirewall::fwpost"],
require => Class["casfirewall::fwpre"],
  }

  # Setup firewall resource
  resources { "firewall": purge => true }
}


As you can see, this holds the meat and potatoes by including the Firewall 
notify, before, and require bits. 
The fwpre class contains the initial firewall settings (abbreviated here)
class casfirewall::fwpre {
  Firewall {
require => undef,
  }

  firewall { "000 allow outbound":
proto => "all",
chain => "OUTPUT",
action => accept,
  }...

The fwpost class contains the drop everything else rule. Because of the 
before ordering in init.pp this rule gets applied last (and was the reason 
for starting this thread in the first place)
class casfirewall::fwpost {
  firewall {"999 drop all":
proto => "all",
action => drop,
before => undef,
  }
}

In our init.pp we also have defined a default class. This contains all the 
rules to open ports to our monitoring servers or backup servers. These get 
applied after the initial pre class, and before the post as you would 
expect. 

I hope that helps. The suggestions given in this thread about firewall 
ordering very much helped us. I look forward to seeing the firewall module 
get another release and more user uptake.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/-B3-kjpoFvYJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Generating dhcp/pxe configuration from puppet

2012-04-20 Thread Christian Requena 
Hi,

I set the whole thing up and got not the expected results. The thing
is, that:

"It’s important to mention here that you will only get exported
resources from hosts whose configurations have been compiled. If hostB
exports a resource but hostB has never connected to the server, then
no host will get that exported resource."

That means that the nodes must be already installed in order to use
the information.  I need this information mainly from the nodes that
are not existant yet. I want to boot them using PXE and run the whole
installation procedure afterwards.

I want to describe the nodes in a nodes.pp and from there setup DHCP
and PXE for them.

Any other hints?

Cheers,
Christian

On Apr 18, 10:22 am, Luke Bigum  wrote:
> If you wanted to do this all in Puppet, you could take the same approach
> that people do with Nagios an use exported resources. Have each of your
> nodes export some kind of resource that describes what it's DHCP
> configuration would be based on it's IP and MAC address Facts, then
> collect those resources on your DHCP server and write out your config
> file(s).
>
> http://docs.puppetlabs.com/guides/exported_resources.html
>
> If you wanted to do this outside of Puppet then you could parse all of
> your node's Facts cache (/var/lib/puppet/yaml/facts on my machine) but
> that assumes all the information you need is in Facter.
>
> On 18/04/12 08:22, Christian Requena wrote:
>
>
>
>
>
>
>
>
>
> > Hello,
>
> > I want to generate my infrastructure's dhcp/pxe config from puppet,
> > but to go through the node definitions?   Btw. we only use explicit
> > definitions, no regexp. So everything is explicit.
>
> > I thought about using Puppet::Parser...something ... any hints?
>
> > Thanks for you help!
> > Christian
> > --
> > You received this message because you are subscribed to the Google
> > Groups "Puppet Users" group.
> > To post to this group, send email to puppet-users@googlegroups.com.
> > To unsubscribe from this group, send email to
> > puppet-users+unsubscr...@googlegroups.com.
> > For more options, visit this group at
> >http://groups.google.com/group/puppet-users?hl=en.
>
> --
> Luke Bigum
>
> Information Systems
> Ph: +44 (0) 20 3192 2520
> luke.bi...@lmax.com |http://www.lmax.com
> LMAX, Yellow Building, 1A Nicholas Road, London W11 4AN
>
> FX and CFDs are leveraged products that can result in losses exceeding
> your deposit.  They are not suitable for everyone so please ensure you
> fully understand the risks involved.  The information in this email is not
> directed at residents of the United States of America or any other
> jurisdiction where trading in CFDs and/or FX is restricted or prohibited
> by local laws or regulations.
>
> The information in this email and any attachment is confidential and is
> intended only for the named recipient(s). The email may not be disclosed
> or used by any person other than the addressee, nor may it be copied in
> any way. If you are not the intended recipient please notify the sender
> immediately and delete any copies of this message. Any unauthorised
> copying, disclosure or distribution of the material in this e-mail is
> strictly forbidden.
>
> LMAX operates a multilateral trading facility.  Authorised and regulated
> by the Financial Services Authority (firm registration number 509778) and
> is registered in England and Wales (number 06505809).
> Our registered address is Yellow Building, 1A Nicholas Road, London, W11
> 4AN.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Generating dhcp/pxe configuration from puppet

2012-04-18 Thread Christian Requena 
Hello,

I want to generate my infrastructure's dhcp/pxe config from puppet, but
to go through the node definitions?   Btw. we only use explicit
definitions, no regexp. So everything is explicit.

I thought about using Puppet::Parser...something ... any hints?


Thanks for you help!
Christian

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: puppetlabs-firewall stages and persistence

2012-03-14 Thread Christian McHugh 
Super, it all works great!

Since the whole fwpre class is run before everything else, is it necessary 
to define each resource with dependencies with firewall {"002 testing": 
...}->firewall {... as in your gist?

Anyway, works great for us now. Thanks much!

All that remains is waiting for a new release to get firewall rules at boot 
on debian, and then some magic work yet to be done for not stomping on 
custom chains like fail2ban.




On Wednesday, March 14, 2012 11:53:31 AM UTC-5, Ken Barber wrote:
>
> > You said:
> >>
> >> the numbers in the namevar are ultimately for how they get
> >> ordered in the file ruleset as you state - but not what order
> >> they are _inserted_.
> >
> > Which makes me still think that the order various modules kick can affect
> > the firewall rules. Thus, a stage after main is still needed to guarantee
> > that the drop happens last. I hope I'm wrong, is there any alternative?
>
> If you look at my example in the gist:
>
> Firewall {
>   notify => Exec["persist-firewall"],
>   before => Class["my_soe::fwpost"],
>   require => Class["my_soe::fwpre"],
> }
>
> I'm setting it so that by default, every rule firewall resource runs
> 'before' Class["my_soe::fwpost"], and it requires
> Class["my_soe::fwpre"]. So in this example it doesn't need stages -
> just put your pre & post in those classes.
>
> ken.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/zzV3pegM5bUJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: puppetlabs-firewall stages and persistence

2012-03-14 Thread Christian McHugh 
Great! ... almost?

The Firewall notify dependency check almost covers everything. I really 
like its elegance.

The one problem I can still think of is that the firewall module is not the 
only one setting firewall rules. In the puppetlabs/apache module, for 
example, it attempts to open up port 80. Since there is no guarantee when a 
module is applied it is possible the firewall module will kick, followed by 
apache. Since the last rule in the firewall module is to drop all, it will 
match before the apache open port 80.

It is a little bit difficult to test module ordering aside from restarting 
the puppet master and just trying it out on a test node for about an hour. 
So I haven't tested this today. 
You said: 

> the numbers in the namevar are ultimately for how they get 

ordered in the file ruleset as you state - but not what order 

they are _inserted_.


Which makes me still think that the order various modules kick can affect 
the firewall rules. Thus, a stage after main is still needed to guarantee 
that the drop happens last. I hope I'm wrong, is there any alternative? 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/8LCJU0uojjMJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: puppetlabs-firewall stages and persistence

2012-03-13 Thread Christian McHugh 
In the pre main stage I have defined rules to allow outbound and allow 
related and established. In the post main stage, it does a drop all. Before 
this was organized into stages, occasionally the drop all would get applied 
before keep established and allow outbound, and thus the client could lose 
its connection to the puppet master mid run.

On Tuesday, March 13, 2012 4:16:07 PM UTC-5, Mohamed wrote:
>
> Just out of curiosity, what do you mean by:
>
> > We ended
> > up in situations where the drop rules would kick before the allow
> > established rules, and thus kill the puppet run
>
> In my experience, what breaks is the reporting attempt puppet clients
> makes to the master, not the puppet run itself.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/xBTznk59RKkJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: puppetlabs-firewall stages and persistence

2012-03-13 Thread Christian McHugh 
I appreciate the interest but I don't understand how you can tell me you 
don't have any experience with the module but yet know that I'm doing it 
wrong. The puppetlabs firewall module does not have classes or anything 
else to base a dependency on. I agree, I would rather not use stages, which 
is why I originally posted this to see how folks were making it go. 

If you do find a way to order rules without stages I'd love to hear about 
it.



On Monday, March 12, 2012 7:49:18 AM UTC-5, jcbollinger wrote:
>
> It is incorrect that you must use run stages to achieve your desired 
> ordering.  In fact, it is *never* the case that run stages are the 
> only solution to ordering issues in Puppet, because there is nothing 
> you can do with them that you cannot also do with ordinary resource 
> relationships. 
>
> In many cases, solving an ordering problem by use of run stages is 
> like putting in a tack with a sledgehammer: not only is it overkill, 
> it also doesn't afford much precision or finesse. 
>
> I have no experience with the module in question, so I have no 
> specific suggestions to offer, but if you find run stages too crude a 
> tool for your task then I can advise you about how to achieve your 
> ordering requirements otherwise. 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/t6rnTOXMrNgJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: puppetlabs-firewall stages and persistence

2012-03-10 Thread Christian McHugh 
Sounds interesting. As far as I've seen, the puppetlabs-firewall resource 
activates instantly. I've not tried to have them all write out to a file 
and trigger an exec iptables-restore. 

If the firewall resource kicks the only way I think it can, then we had an 
issue of firewall ordering. While rules are defined as "100 open port" and 
"999 drop all" the numbering did not seem to make any difference. We ended 
up in situations where the drop rules would kick before the allow 
established rules, and thus kill the puppet run. Our workaround was to run 
our base open ports rules in a pre stage, normal service stuff in main, and 
the drop in post.

If you have any recommendations for a better way to handle the fireall, I'd 
love to hear about it.



On Saturday, March 10, 2012 1:11:02 AM UTC-6, tujwww wrote:
>
> Looks like you are applying the rules in Pre, Main and Post stage using 
> firewall, i wonder what could be the requirement to apply the rules in 
> different stages instead of creating a File resource, Service notify 
> trigger using Exec iptables-restore, if you don't mind giving a little 
> elaboration. 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/_GIF40iCIRYJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: puppetlabs-firewall stages and persistence

2012-03-09 Thread Christian McHugh 

>
> Thus far I've only been able to get puppet to run without making the 
> firewall persistent.
>

In the case of running the exec save-rules in the post: it's no good if 
your hosts are at all dynamic since it only runs after the main stage. So 
if you have an existing host, add another normal firewall rule, that rule 
will get added on the next puppet run. But since the firewall drop rule 
that exists in the post stage has already been pushed out, the post bits 
never get called, and thus the firewall rules are not saved and your update 
will be lost at boot.

I'm hoping something happens in development since there has not been a new 
revision in a little while and the github patches are stacking up.

Cheers

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/GQeDShNZDRAJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: puppetlabs-firewall stages and persistence

2012-02-15 Thread Christian McHugh 
I've got slightly more info. In trying to figure this out I ran across
http://projects.puppetlabs.com/issues/10665 where it was suggested
that the persist-firewall bits (already shown in the previous message)
get placed into site.pp. This almost worked perfectly.

I've placed the following inside a node definition.
class { "localfw::pre": stage => "pre" }
class { "localfw::post": stage => "post" }
include localfw

If I keep localfw::post empty of firewall definitions, everything
works fine. However, once I place anything in there (such as an empty
test: firewall { "999 testing": ; } I get an error about cyclic
dependencies.

# puppet agent -v --no-daemonize --onetime
info: Retrieving plugin
info: Loading facts in iptables
info: Loading facts in sshkeys
info: Loading facts in etc_facts
info: Loading facts in iptables
info: Loading facts in sshkeys
info: Loading facts in etc_facts
info: Caching catalog for testhost
err: Could not apply complete catalog: Found dependency cycles in the
following relationships: Firewall[999 drop all] => Exec[persist-
firewall], Exec[persist-firewall] => Firewall[999 drop all]; try using
the '--graph' option and open the '.dot' files in OmniGraffle or
GraphViz
notice: Finished catalog run in 0.65 seconds

Is this a bug, or am I doing something wrong? In trying to figure that
out it looks like it may be related to puppet bug #5349? Any thoughts?

The puppetlabs firewall module seems so close to being usable. Saving
the firewall to enable on boot is the last missing bit in my
checklist. Thanks much!

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] puppetlabs-firewall stages and persistence

2012-02-15 Thread Christian McHugh 
Hi all,

I'm attempting to use the puppetlabs-firewall module. In testing,
rules are enabled in a random order, so it seems necessary to utilize
puppet stages to guarantee proper ordering.

I created a module to organize my firewalling. It consists of
localfw::pre to open the INPUT chain for established and related
connections, localfw::default for most normal rules, and localfw::post
to block everything else.

I run localfw::pre before stage[main] and localfw::post after. This
has fixed my firewall rules ordering issue, yay. However, rules are
now not being saved :(

I tried adding include localfw::config to ::pre, ::post, and ::default
which consisted of the persistence definitions:
exec { "persist-firewall":
command => "/sbin/iptables-save > /var/lib/iptables/rules.v4",
require => File ["/var/lib/iptables"],
refreshonly => true,
  }
  Firewall {
notify => Exec["persist-firewall"]
  }


and while I don't get any errors, I also don't get any firewall rules
saved. It appears that Firewall never kicks to run the exec. If I add
these bits to localfw::pre, then the pre rules get saved. If I add to
localfw::post then all get saved, as expected. But in that case,
normal firewall changes to a node don't cause localfw::post to run
again, and thus aren't saved.

What is the recommended way to save iptables rules for persistence
when using puppet stages? Has anyone made this work?

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Dynamically extending the group membership of a custom system user

2012-02-13 Thread Christian Requena 

Hello,

I need to expand the membership of a custom system user depending on the 
availability of some group on the target system i.e.


   user {
"logger":
name => "logger",
ensure => "present",
groups => ["adm", "wheel", "this _group_ if it exists"],
shell => "/bin/bash";
}

The "this _group_ if it exists" entry only works, if the group was 
already create.  I need to expand the list of groups depending on the 
availability of some groups like i.e.


  user {
"logger":
name => "logger",
ensure => "present",
[ 'mongodv', 'postgres', 'custom', 'www' ].each do | g |
g.exist? _groups < g.to_s
end
groups => _groups
shell => "/bin/bash";
}

I know that is totally wrong, but I just want to describe what I'm 
aiming to.


Thanks!
Christian

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: explicit class dependencies

2011-12-07 Thread Christian G. Warden 
On Wed, Dec 07, 2011 at 01:36:13PM -0800, jcbollinger wrote:
> On Dec 6, 4:12 pm, "Christian G. Warden"  wrote:
> > On Tue, Dec 06, 2011 at 01:38:38PM -0800, Nan Liu wrote:
> > > On Tue, Dec 6, 2011 at 12:27 PM, Christian G. Warden  
> > > wrote:
> > > > Do explicit class dependencies work?
[...]
> > Here's the problem I was actually trying to
> > troubleshoot:
> > class config {
> >   $x = 'abc'
> > }
> >
> > class uses_config {
> >   Class['config'] -> Class['uses_config']
> >   $x = $config::x
> > }
> >
> > include uses_config
> > include config
> >
> > This results in:
> > warning: Scope(Class[Uses_config]): Could not look up qualified variable 
> > 'config::x'; class config has not been evaluated
> >
> > I think it's similar to the problem I asked about with tags in another 
> > thread.
> > If I include config before uses_config, I don't get an error.
> 
> Indeed, it is at least partially a parse order issue, and it looks
> like you may be confusing that with application order.

Thanks, John.  This explanation is very helpful.  Indeed, I've been
having trouble understanding what happens during the parsing/compiling
stage.

> Class and resource relationships, such as those declared via the arrow
> syntax in your example or via the 'require' family of resource
> metaparameters, govern the order in which resources are applied to
> nodes.  That has very little to do with the order in which manifest
> files are processed by Puppet.  The relationship you declare in your
> example does not cause class 'config' to be included on the node, nor
> its manifest to be parsed.  It only specifies that class 'config' must
> be applied to the node before class 'uses_config', which is pointless
> in this simplified example.  Class 'uses_config' needs class 'config'
> to already have been parsed, however, and you example does nothing to
> make that so.

At least part of my confusion is the use of imprecise language in the
documentation.  For example, this example from the language guide's section on
qualified variables[1]:
class myclass {
$test = 'content'
}

class anotherclass {
$other = $myclass::test
}
"Variable qualification is dependent on the *evaluation order* of your 
classes.
Class myclass must be evaluated before class anotherclass for variables 
to be
set correctly." (emphasis added)

The term, evaluation order, is not used anywhere else in the language guide.
Does it refer to parsing, compiling, instantiation, or configuration, to use
the terms from the puppet internals[2] documentation?

> For influencing parse order you have three functions: 'import' (which
> you shouldn't use except in certain special cases such as site.pp),
> 'include', and 'require'.  The 'import' function processes one or more
> manifest files explicitly.  The 'include' and 'require' functions both
> assign the specified class to the current node, autoloading and
> processing its manifest first, if necessary.  The 'require' function
> additionally establishes a relationship between the requiring class
> and the required one, of just the type that your example creates via
> the arrow syntax; in other words, it declares both types of
> dependencies in a simple statement.

The parameterized classes documentation[3] is also confusing.  It states that
"you should explicitly state your class's dependencies inside its definition
using the relationship chaining syntax" and explicitly declare your required
parameterized classes "in your outermost node or class definitions", which is
what I tried to do in my example.

> Generally speaking, if one class references variables of another class
> then the first class should 'include' the second, or posibly 'require'
> it if that's appropriate.  If it cannot do so (because the latter
> class is parameterized, for instance) then you have an extra burden to
> ensure that classes are declared and/or 'include'd in an order that
> works.

This statement from the parameterized classes documentation[3] obscures the
limitation in the language you identify above:

"For those who prefer implicit declaration, we're working on a safe way 
to
implicitly declare parameterized classes, but the design work isn't 
finished at
the time of this writing."

It suggests that it is only an aesthetic issue, but it really means that there
is currently n

Re: [Puppet Users] explicit class dependencies

2011-12-06 Thread Christian G. Warden 
On Tue, Dec 06, 2011 at 01:38:38PM -0800, Nan Liu wrote:
> On Tue, Dec 6, 2011 at 12:27 PM, Christian G. Warden  
> wrote:
> > Do explicit class dependencies work?
> > This simple example fails with:
> > Could not find resource 'Class[Config]' for relationship on 
> > 'Class[Uses_config]'
> >
> >        class config {
> >        }
> >
> >        class uses_config {
> >          Class['config'] -> Class['uses_config']
> >        }
> >
> >        include uses_config
> >
> > Am I doing something?
> 
> You didn't declare include class config. If you intend uses_config to
> automatically include class config, you should declare it there. In
> either case you are missing include config or class { config: }
> somewhere.

Thanks, Nan.  Sorry, I got a little overzealous in trying to come up
with a minimal example.  Here's the problem I was actually trying to
troubleshoot:
class config {
  $x = 'abc'
}

class uses_config {
  Class['config'] -> Class['uses_config']
  $x = $config::x
}

include uses_config
include config

This results in:
warning: Scope(Class[Uses_config]): Could not look up qualified variable 
'config::x'; class config has not been evaluated

I think it's similar to the problem I asked about with tags in another thread.
If I include config before uses_config, I don't get an error.

Christian

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] explicit class dependencies

2011-12-06 Thread Christian G. Warden 
Do explicit class dependencies work?
This simple example fails with:
Could not find resource 'Class[Config]' for relationship on 'Class[Uses_config]'

class config {
}

class uses_config {
  Class['config'] -> Class['uses_config']
}

include uses_config

Am I doing something?

Thanks,
Christian

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] scope of tags

2011-12-06 Thread Christian G. Warden 
According to the tagging documentation[1], tags are automatically
created for enclosing node, define, and class structures.

  1.  
http://projects.puppetlabs.com/projects/1/wiki/Using_Tags#Automatic-Tagging

If I create three classes like this:
class first {
  tag('doot')
}

class second {
  if tagged(first) {
 warning('first tag found')
  } else {
 warning('first tag not found')
  }
  if tagged(doot) {
 warning('doot tag found')
  } else {
 warning('doot tag not found')
  }
  if tagged(third) {
 warning('third tag found')
  } else {
 warning('third tag not found')
  }
}

class third {
}


and declare them:
class {
  'first':;
  'second':;
  'third':;
}

why does the 'first' tag exist within the 'second' class?  This seems to be
inconsistent with the documentation since 'first' doesn't enclose 'second'.
But given that the 'first' tag is set, why isn't the 'third' tag also set?

Finally, is there a way to extend the scope of a tag through explicit
dependencies?  I'd like to do something like:
Class['first'] -> Class['second'] <- Class['third']
such that tags 'first', 'doot', and 'third' are all present in 'second'.

Thanks,
Christian

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Dynamic configuration file

2011-11-29 Thread Christian G. Warden 
On Tue, Nov 29, 2011 at 03:23:22PM +1100, Gonzalo Servat wrote:
> We use a package called "Torque Scheduler" which is based on a
> configuration file that defines nodes, the queues they handle, how many
> slots, etc. The config file format is similar to:
> 
> unlimited   ... 
> 
> node: : ...
> 
> node: : ...
> 
> ...
> node: : ...
> 
> 
> (a node may or may not be listed as "unlimited")
> 
> We would normally store this file as-is in Puppet and push it out using
> file {}, but I'd like to "Puppetize" it. Ideally, I'd like to be able to do
> the following:
> 
> node { "node1":
>unlimited => true,
>load => XX,
>slots => XX,
>queues => {
>   "queue1" => 80,
>   "queue2" => 20,
>   "queueN" => XX
>}
> }
> 
> So basically to build the config file, I'd have to process all the nodes
> and where unlimited is true, add to the "unlimited" line.
> 
> I know what I want the config file to look like, but I'm not sure how to
> achieve this in Puppet. Does this sound like a job for a custom Puppet
> provider? I can't figure out how I would build the "unlimited" line over
> time.
> 
> Can anyone suggest a module that does something similar to this so I can
> get some ideas flowing?

I did something similar by creating a template for a single line of a config
file, then merging the individual lines.

This is from puppet ~0.18.0 so the syntax might not be exactly right
for current versions, but you should get the idea.

define lbservice($virtual_ips, $real_ips, $ports = [80], $primary_server = lb1) 
{
   $service = $name
   file {
  "/etc/ha.d/ldirectord.cf.d/$service":
 content => template("ldirectord.cf.snippet.rb"),
 notify => Mergesnippets["/etc/ha.d/ldirectord.cf"],
 backup => false;
   }
}

define mergesnippets($mode = 644, $owner = root, $group = root, $refreshonly = 
true) {
exec { "build_snippet_file-$name":
command => "/bin/cat $name.d/* > $name",
refreshonly => $refreshonly,
}
file { $name:
mode => $mode,
owner => $owner,
group => $group
}
}

node lb1,lb2 {
   lbservice {
  1: virtual_ips => ["192.168.1.129"], real_ips => ["10.0.0.185", 
"10.0.0.186"], ports => [25, 80, 443];
  2: virtual_ips => ["192.168.1.130"], real_ips => ["10.0.0.188"], ports => 
[25, 80, 443];
   }
}

The contents of ldirectord.cf.snippet.rb:
virtual=<%= Integer(service)|0x1000 %><% real_ips.each do |real_server| %>
   real=<%= real_server %> gate<% end %>
   service=http
   request="ldirector.html"
   receive="Test Page"
   scheduler=rr
   checktype=negotiate


Your torquenode resource type would pretty similar to the lbservice
one.

Hope that helps,
Christian

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

RE: [Puppet Users] Concat module

2011-11-03 Thread Mark Christian 
Can't speak to concat, but you might consider using augeas for managing 
/etc/sysctl.conf.  There is an excellent example of this at: 
http://projects.puppetlabs.com/projects/1/wiki/Puppet_Augeas , see "Working 
Examples"

> -Original Message-
> From: puppet-users@googlegroups.com [mailto:puppet-users@googlegroups.com]
> On Behalf Of Douglas Garstang
> Sent: Thursday, November 03, 2011 11:59 AM
> To: Puppet Users
> Subject: [Puppet Users] Concat module
>
> All,
>
> Trying to use the concat module with:
>
>
> class sysctl::common {
>
> include concat::setup
>
> concat {
> '/etc/sysctl.conf':
> owner => 'root',
> group => 'root',
> mode  => '0644';
> }
>
> concat::fragment {
> '/etc/sysctl.conf':
> target  => '/etc/sysctl.conf',
> content => 'kernel.sem=250 32000 32 2048',
> order   => '99';
>}
>
> }
>
> Getting this error:
> Nov  3 14:54:04 dev-c3-app-90 puppet-agent[8143]: Failed to apply
> catalog: Parameter path failed: File paths must be fully qualified,
> not 'undef' at /etc/puppet/devmp/modules/concat/manifests/setup.pp:37
>
> What am I doing wrong?
>
> Doug.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to puppet-
> users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>


Confidentiality Notice.
This message may contain information that is confidential or otherwise 
protected from disclosure. If you are not the intended recipient, you are 
hereby notified that any use, disclosure, dissemination, distribution,  or 
copying  of this message, or any attachments, is strictly prohibited.  If you 
have received this message in error, please advise the sender by reply e-mail, 
and delete the message and any attachments.  Thank you.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: I managed to break my Cent5 mongrel puppetmaster after upgrading from EPEL .25.5 to 2.6.6

2011-10-13 Thread Mark Christian 
I removed the rubygem-mongrel rpm and reinstalled it.  That appears to
have fixed my issue.

On Oct 13, 6:22 pm, Mark Christian  wrote:
> CentOS release 5.7 (Final)
> puppet-server-2.6.6-1.el5.noarch
> ruby-1.8.5-19.el5_6.1.x86_64
> rake, version 0.9.2
>
> The upgrade from 25.5 to 2.6.6 had been working fine.
>
> Not sure if this is relevant: I then attempted to get puppet-dashboard
> working using this 
> guide:http://docs.puppetlabs.com/guides/installing_dashboard.html
> I managed to upgrade rake, but never got this to work: rake
> RAILS_ENV=production db:migrate , I then decided to restart the
> puppetmaster and now I get this message:
>
> Starting puppetmaster:
> Port: 18140/usr/lib/ruby/site_ruby/1.8/puppet/network/http.rb:8:in
> `server_class_by_type': Mongrel is not installed on this platform
> (ArgumentError)
>         from /usr/lib/ruby/site_ruby/1.8/puppet/network/server.rb:157:in
> `http_server_class_by_type'
>         from /usr/lib/ruby/site_ruby/1.8/puppet/network/server.rb:137:in
> `http_server_class'
>         from /usr/lib/ruby/site_ruby/1.8/puppet/network/server.rb:58:in
> `initialize'
>         from /usr/lib/ruby/site_ruby/1.8/puppet/application/master.rb:104:in
> `new'
>         from /usr/lib/ruby/site_ruby/1.8/puppet/application/master.rb:104:in
> `main'
>         from /usr/lib/ruby/site_ruby/1.8/puppet/application/master.rb:46:in
> `run_command'
>         from /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:304:in `run'
>         from /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:410:in
> `exit_on_fail'
>         from /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:304:in `run'
>         from /usr/sbin/puppetmasterd:4
>                                                            [FAILED]
>
> Any help would be most appreciated.  Thanks in advance.
>
> $ cat /etc/puppet/puppet.conf
> [main]
>     # Where Puppet stores dynamic and growing data.
>     # The default value is '/var/puppet'.
>     vardir = /var/lib/puppet
>
>     # The Puppet log directory.
>     # The default value is '$vardir/log'.
>     logdir = /var/log/puppet
>
>     # Where Puppet PID files are kept.
>     # The default value is '$vardir/run'.
>     rundir = /var/run/puppet
>
>     # Where SSL certificates are kept.
>     # The default value is '$confdir/ssl'.
>     ssldir = $vardir/ssl
>
> [production]
> modulepath=/etc/puppet/modules
> manifest=/etc/puppet/manifests/site.pp
>
> [development]
> modulepath=/etc/puppet/environments/development/modules
> manifest=/etc/puppet/environments/development/manifests/site.pp
> trace=true
> report=false
>
> [agent]
>     # The file in which puppetd stores a list of the classes
>     # associated with the retrieved configuratiion.  Can be loaded in
>     # the separate ``puppet`` executable using the ``--loadclasses``
>     # option.
>     # The default value is '$confdir/classes.txt'.
>     classfile = $vardir/classes.txt
>
>     # Where puppetd caches the local configuration.  An
>     # extension indicating the cache format is added automatically.
>     # The default value is '$confdir/localconfig'.
>     localconfig = $vardir/localconfig
>
> [master]
>     user = root
>     storeconfigs = false
>     dbadapter = mysql
>     dbuser = puppet
>     dbpassword =
>     dbserver = localhost
>     dbsocket = /var/lib/mysql/mysql.sock
>
>     modulepath = $confdir/modules
>
>     factsync = true
>     factpath = $vardir/facts
>
>     environments=production,development
>
>     # The list of reports to generate.  All reports are looked for
>     # in puppet/reports/.rb, and multiple report names should be
>     # comma-separated (whitespace is okay).
>     # The default value is 'store'.
>     reports = store, rrdgraph, tagmail
>     tagmap = /etc/puppet/tagmail.conf
>
>     # Whether RRD information should be graphed.
>     rrdgraph = true
>
>     # How often RRD should expect data.
>     # This should match how often the hosts report back to the server.
>     # The default value is '$runinterval'.
>     rrdinterval = $runinterval
>
>     # The directory where RRD database files are stored.
>     # Directories for each reporting host will be created under
>     # this directory.
>     # The default value is '$vardir/rrd'.
>     rrddir = $vardir/rrd
>
> $ cat /etc/sysconfig/puppetmaster
> # Location of the main manifest
> #PUPPETMASTER_MANIFEST=/etc/puppet/manifests/site.pp
>
> # Where to log general messages to.
> # Specify syslog to send log messages to the system log.
> #P

[Puppet Users] I managed to break my Cent5 mongrel puppetmaster after upgrading from EPEL .25.5 to 2.6.6

2011-10-13 Thread Mark Christian 
CentOS release 5.7 (Final)
puppet-server-2.6.6-1.el5.noarch
ruby-1.8.5-19.el5_6.1.x86_64
rake, version 0.9.2

The upgrade from 25.5 to 2.6.6 had been working fine.

Not sure if this is relevant: I then attempted to get puppet-dashboard
working using this guide: 
http://docs.puppetlabs.com/guides/installing_dashboard.html
I managed to upgrade rake, but never got this to work: rake
RAILS_ENV=production db:migrate , I then decided to restart the
puppetmaster and now I get this message:

Starting puppetmaster:
Port: 18140/usr/lib/ruby/site_ruby/1.8/puppet/network/http.rb:8:in
`server_class_by_type': Mongrel is not installed on this platform
(ArgumentError)
from /usr/lib/ruby/site_ruby/1.8/puppet/network/server.rb:157:in
`http_server_class_by_type'
from /usr/lib/ruby/site_ruby/1.8/puppet/network/server.rb:137:in
`http_server_class'
from /usr/lib/ruby/site_ruby/1.8/puppet/network/server.rb:58:in
`initialize'
from /usr/lib/ruby/site_ruby/1.8/puppet/application/master.rb:104:in
`new'
from /usr/lib/ruby/site_ruby/1.8/puppet/application/master.rb:104:in
`main'
from /usr/lib/ruby/site_ruby/1.8/puppet/application/master.rb:46:in
`run_command'
from /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:304:in `run'
from /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:410:in
`exit_on_fail'
from /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:304:in `run'
from /usr/sbin/puppetmasterd:4
   [FAILED]

Any help would be most appreciated.  Thanks in advance.

$ cat /etc/puppet/puppet.conf
[main]
# Where Puppet stores dynamic and growing data.
# The default value is '/var/puppet'.
vardir = /var/lib/puppet

# The Puppet log directory.
# The default value is '$vardir/log'.
logdir = /var/log/puppet

# Where Puppet PID files are kept.
# The default value is '$vardir/run'.
rundir = /var/run/puppet

# Where SSL certificates are kept.
# The default value is '$confdir/ssl'.
ssldir = $vardir/ssl

[production]
modulepath=/etc/puppet/modules
manifest=/etc/puppet/manifests/site.pp

[development]
modulepath=/etc/puppet/environments/development/modules
manifest=/etc/puppet/environments/development/manifests/site.pp
trace=true
report=false

[agent]
# The file in which puppetd stores a list of the classes
# associated with the retrieved configuratiion.  Can be loaded in
# the separate ``puppet`` executable using the ``--loadclasses``
# option.
# The default value is '$confdir/classes.txt'.
classfile = $vardir/classes.txt

# Where puppetd caches the local configuration.  An
# extension indicating the cache format is added automatically.
# The default value is '$confdir/localconfig'.
localconfig = $vardir/localconfig

[master]
user = root
storeconfigs = false
dbadapter = mysql
dbuser = puppet
dbpassword =
dbserver = localhost
dbsocket = /var/lib/mysql/mysql.sock

modulepath = $confdir/modules

factsync = true
factpath = $vardir/facts

environments=production,development

# The list of reports to generate.  All reports are looked for
# in puppet/reports/.rb, and multiple report names should be
# comma-separated (whitespace is okay).
# The default value is 'store'.
reports = store, rrdgraph, tagmail
tagmap = /etc/puppet/tagmail.conf

# Whether RRD information should be graphed.
rrdgraph = true

# How often RRD should expect data.
# This should match how often the hosts report back to the server.
# The default value is '$runinterval'.
rrdinterval = $runinterval

# The directory where RRD database files are stored.
# Directories for each reporting host will be created under
# this directory.
# The default value is '$vardir/rrd'.
rrddir = $vardir/rrd

$ cat /etc/sysconfig/puppetmaster
# Location of the main manifest
#PUPPETMASTER_MANIFEST=/etc/puppet/manifests/site.pp

# Where to log general messages to.
# Specify syslog to send log messages to the system log.
#PUPPETMASTER_LOG=syslog

# You may specify an alternate port or an array of ports on which
# puppetmaster should listen. Default is: 8140
# If you specify more than one port, the puppetmaster ist
automatically
# started with the servertype set to mongrel. This might be
interesting
# if you'd like to run your puppetmaster in a loadbalanced cluster.
# Please note: this won't setup nor start any loadbalancer.
# If you'd like to run puppetmaster with mongrel as servertype but
only
# on one (specified) port, you have to add --servertype=mongrel to
# PUPPETMASTER_EXTRA_OPTS.
# Default: Empty (Puppetmaster isn't started with mongrel, nor on a
# specific port)
#
# Please note: Due to reduced options in the rc-functions lib in RHEL/
Centos
# versions prior to 5, this feature won't work. Fedora versions >= 8
are
# known to work.
#PUPPETMASTER_PORTS=""
# Puppetmaster on a di

Re: [Puppet Users] Re: Strange Could not find dependency error

2011-08-11 Thread Christian Kauhaus 
Am 10.08.2011 22:24, schrieb piavlo:
> Does anyone have clear logical explanation why nagios::client &
> nagios::server
> have no dep problems but nagios-client & nagios-server does?

"-" is no legal character in identifier names. Unfortunately, the error
messages are not very helpful in such a case.

Regards

Christian

-- 
Dipl.-Inf. Christian Kauhaus <>< · k...@gocept.com · systems administration
gocept gmbh & co. kg · forsterstraße 29 · 06112 halle (saale) · germany
http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1
Zope and Plone consulting and development

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Puppet Class is applied but is not executed

2011-06-24 Thread christian huber 
Hi all,

i' am having a strange problem with a puppet class, basically i wrote
a small class, no special content (ensure packed is installed). I
applied this class to a linuxbox with puppetclient 2.6.4 installed
(and working for the other classes).

So the problem if I'am forcing now the client to get the new
configuration, it does it very well. No error's even with the debug
option. In the /var/lib/puppet directory i take a look at the
classes.txt and i find the new class inside.

So i try to force en error with the class be doing a modifying the
class and adding a parser error. Executing again on the linuxbox the
puppet command, nothing happens. I would now expect a error. But it
looks like puppet just doesn't executed this class.

anyone a idea what i'am missing .. ?

thanks
Christian

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Could not find a default provider for package

2011-06-20 Thread Christian Kauhaus 
Am 19.06.2011 03:24, schrieb d0ugb:
> Need some help here. I am using puppet to mange some Gentoo boxes, and
> when working with packages I keep getting the following error:
> Could not find a default provider for package

I suspect that the portage package provider need 'eix' to function. Is eix
installed?

Regards

Christian

-- 
Dipl.-Inf. Christian Kauhaus <>< · k...@gocept.com · systems administration
gocept gmbh & co. kg · forsterstraße 29 · 06112 halle (saale) · germany
http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1
Zope and Plone consulting and development

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Cannot dry run puppet on the puppetmaster

2011-05-08 Thread Christian Kauhaus 
Am 08.05.2011 05:12, schrieb treydock:
> Here's the output using debug option.
> [...]
> debug: catalog supports formats: b64_zlib_yaml dot marshal pson raw
> yaml; using pson
> err: Could not retrieve catalog from remote server: execution expired
> warning: Not using cache on failed catalog
> err: Could not retrieve catalog; skipping run

There's not much to see here. It would probably more informative to start
the server with the --debug flag and see what is going on there.

Regards

Christian

-- 
Dipl.-Inf. Christian Kauhaus <>< · k...@gocept.com · systems administration
gocept gmbh & co. kg · forsterstraße 29 · 06112 halle (saale) · germany
http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1
Zope and Plone consulting and development

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] help with template and has_variable?

2011-05-02 Thread Christian Kauhaus 
Am 02.05.2011 15:41, schrieb Arnau Bria:
> so, any ideawhy is ruby doing it? 

Identifiers beginning with uppercase letters denote constants in Ruby. The
most visible example for this rule are class names. Class names are
constants that point to their respective class objects.

Regards

Christian

-- 
Dipl.-Inf. Christian Kauhaus <>< · k...@gocept.com · systems administration
gocept gmbh & co. kg · forsterstraße 29 · 06112 halle (saale) · germany
http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1
Zope and Plone consulting and development

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppetmaster best practice for multiple zones

2011-04-19 Thread Christian Kauhaus 
Am 19.04.2011 18:13, schrieb James Bailey:
> I am bit stuck however for how best I can managed the remaining two
> zones.  Do create another two puppetmasters and configure them to use
> the existing storeconfigs DB I am currently using.  Or do I have two
> additional standalone puppetmasters?  If do the later how will I be
> able to unify my view of the three zones?

I'd prefer one puppetmaster for everything. If the puppetmaster needs to
reachable from everywhere, it belongs into the production zone.

Regards

Christian

-- 
Dipl.-Inf. Christian Kauhaus <>< · k...@gocept.com · systems administration
gocept gmbh & co. kg · forsterstraße 29 · 06112 halle (saale) · germany
http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1
Zope and Plone consulting and development

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Multiple file path for single module in the fileserver.conf

2011-04-13 Thread Christian 
Yeah i have two repositories with different kind of configuration
which are managed under different responsiblity. But from the logical
point of view they belonging to the same module.

There could be a kind of priorisation that the in case of a clash only
the file from the first file location should be taken.

Is there an interest on a change request?

As a workaround i probably will simply create two separated modules.


On 13 Apr., 16:01, Felix Frank 
wrote:
> On 04/12/2011 04:44 PM, Christian wrote:
>
> > Is it possible to have multiple file paths defined for a single module
> > in the fileserver.conf?
>
> > For example
>
> > [files]
> >   path /first/path/files
> >   path /second/path/files
> >   allow *
>
> What's this supposed to do?
>
> You probably want to be able to serve files from each tree. But what if
> both trees contain files with identical names?
>
> Regards,
> Felix

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Multiple file path for single module in the fileserver.conf

2011-04-12 Thread Christian 
Is it possible to have multiple file paths defined for a single module
in the fileserver.conf?

For example

[files]
  path /first/path/files
  path /second/path/files
  allow *

[modules]
  allow *

[plugins]
  allow *


The here described configuration did not work as i tried it already.
Any idea if this is possible.

Thanks a lot

Christian

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Use puppet to preconfigure gnome gvfs shares

2011-04-02 Thread Christian Kauhaus 

Am 01.04.2011 11:11, schrieb spidernik84:

1. puppet detects the logged in username and sets this as a variable
2. puppet outputs a customized .gtk-bookmarks file with the network
paths inside, in this format 
smb://domain.com;john...@url.of.the.server/home$/johndoe
Johndoe share
3. puppet saves this file as /home/johndoe/.gtk-bookmarks


I don't think that Puppet is designed to support this sort of interactive 
behavior. I'd rather suggest to deploy a custom shell script via Puppet that 
performs the outlined actions on a user's first login. For example, pam_exec 
is providing this functionality. Something in /etc/profile (or your login 
shell's equivalent) would also be feasible.


Regards

Christian

--
Dipl.-Inf. Christian Kauhaus <>< · k...@gocept.com · systems administration
gocept gmbh & co. kg · forsterstraße 29 · 06112 halle (saale) · germany
http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1
Zope and Plone consulting and development

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Use puppet to preconfigure gnome gvfs shares

2011-03-31 Thread Christian Kauhaus 

Am 31.03.2011 15:19, schrieb spidernik84:

Here's the problem: how to instruct puppet to generate a customized
file with the interpreted  variable, and how to tell puppet
to place this file in /home/?
Ideally, the file should be created only at first login to avoid
existing bookmarks to be overwritten...


The problem is not very clear to me. Do you just try to manage a file with a 
variable in it's path name?


Given that the target username is already present as a variable in the 
manifest, you'd just write:


file {
  "/home/${username}/path/to/file":
content => template("path/to/template")
}

given that the template makes use of the $username variable too. If you need 
the same procedure for more than one user, wrap the whole thing into a define. 
Add 'replace => false' to make this a one-shot operation.


Did I get the problem right? Did I miss something?

Regards

Christian

--
Dipl.-Inf. Christian Kauhaus <>< · k...@gocept.com · systems administration
gocept gmbh & co. kg · forsterstraße 29 · 06112 halle (saale) · germany
http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1
Zope and Plone consulting and development

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] RFC: Splitting up the file{} type functionality.

2011-03-23 Thread Christian Kauhaus 
Am 22.03.2011 23:52, schrieb Nigel Kersten:
> If you're enabling recursive copies for Directories, then you're also
> supporting the 'source' property, and you're also supporting the
> "links => {follow, manage, ignore}" parameter and recurse and
> recurselimit

I see your point.

As an alternative, extracting the recursive directory copy facility is
definitely a step in the right direction. I'm not sure if the symlink
feature should be extracted too. It should at least get a different
parameter name, though. The overloaded 'ensure' is confusing.

Regards

Christian

-- 
Dipl.-Inf. Christian Kauhaus <>< · k...@gocept.com · systems administration
gocept gmbh & co. kg · forsterstraße 29 · 06112 halle (saale) · germany
http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1
Zope and Plone consulting and development

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] RFC: Splitting up the file{} type functionality.

2011-03-22 Thread Christian Kauhaus 

Am 22.03.2011 02:53, schrieb Nigel Kersten:

The intersection of files and directories isn't that big a deal, but
we could split out directories too if we wanted.


From the user's perspective, it's more like the other way round. We should 
not let implementation issues guide the design of the manifest language. Files 
and directories are different concepts, but symlinks to either files or 
directories are handled mostly transparently.


I would rather suggest a File and a Directory type. Both types should share 
basic attributes like owner/mode etc and both should support symlinks. Each 
one has unique attributes: files should support source/content, while 
directories should support the recursive copy feature.


Regards

Christian

--
Dipl.-Inf. Christian Kauhaus <>< · k...@gocept.com · systems administration
gocept gmbh & co. kg · forsterstraße 29 · 06112 halle (saale) · germany
http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1
Zope and Plone consulting and development

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] RFC: Refactoring the mount provider.

2011-03-18 Thread Christian Kauhaus 
Am 17.03.2011 18:40, schrieb Nigel Kersten:
> TL;DR The mount provider has used a mish-mash of checking fstab and
> actual mount state to determine state. A possible solution we're
> looking at is splitting into two types, one that manages /etc/fstab
> (or /etc/filesystem on other OSes), and one that manages actual mount
> state.

+1

Regards

Christian

-- 
Dipl.-Inf. Christian Kauhaus <>< · k...@gocept.com · systems administration
gocept gmbh & co. kg · forsterstraße 29 · 06112 halle (saale) · germany
http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1
Zope and Plone consulting and development

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] grub config

2011-03-15 Thread Christian Kauhaus 
Am 15.03.2011 03:25, schrieb David Kavanagh:
> Has anyone come up with a preferred method of messing with grub? I need to
> install a hypervisor (like xen or kvm) and modify the grub.conf to make the
> machine boot from the new kernel.
> I might mess with Augeas. What do the experts say?

We use Puppet to bring a short shell script to every machine which scans
for available kernels and writes a grub.conf to reflect these. This is
modelled after the Debian approach, albeit much simpler because some
parameters in grub.conf are known to the infrastructure and can thus
statically inserted by Puppet.

Our script for Gentoo looks like this (feel free to use and adapt):

---

#!/bin/bash
# Generate GRUB config from contents of /boot.
# Managed by Puppet: do not edit this file directly. It will be overwritten!
set -e

ROOT="<%= grub_root %>"
OPTS="root=<%= part_root %> dolvm console=ttyS1,57600 console=tty0"

# fail is there are no kernels found in /boot - it is probably not mounted
ls /boot/kernel* >/dev/null 2>&1

cat >/boot/grub/grub.conf <<__EOT__
default 0
fallback 1
timeout 5

title Gentoo GNU/Linux
root ${ROOT}
kernel /boot/kernel ${OPTS}

title Gentoo GNU/Linux (old)
root ${ROOT}
kernel /boot/kernel.old ${OPTS}
__EOT__

for kernel in /boot/kernel-genkernel-*; do
vers=${kernel#/boot/kernel-genkernel-}
cat >>/boot/grub/grub.conf <<__EOT__

title ${vers}
root ${ROOT}
kernel ${kernel} ${OPTS}
__EOT__
done

grub --batch < · k...@gocept.com · systems administration
gocept gmbh & co. kg · forsterstraße 29 · 06112 halle (saale) · germany
http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1
Zope and Plone consulting and development

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Proposal: "strict" mode for manifests

2011-03-15 Thread Christian Kauhaus 
Am 08.03.2011 23:37, schrieb Robin Bowes:
> I'd really like puppet to blow-up at this stage and tell me that I've
> used an variable without defining it first. Those familiar with perl
> will recognise this as "use strict;".

I would greatly appreciate such a feature.

Is there already a ticket to vote?

Regards

Christian

-- 
Dipl.-Inf. Christian Kauhaus <>< · k...@gocept.com · systems administration
gocept gmbh & co. kg · forsterstraße 29 · 06112 halle (saale) · germany
http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1
Zope and Plone consulting and development

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: puppet dashboard group and class

2010-12-14 Thread Christian 
Hi Nicolas,

i had exactly the same problem when i start using puppet dashboard
some months ago. There is no documentation about it on the page and i
would say that the names 'Classes' and 'Groups' are used unlucky. It
turns out that classes acutally are the puppet modules (why the hell
they dont use the same expression in puppet dashboard like in the rest
puppet) and groups can be used to model a kind of inheritance. If you
use classes and groups you have to use puppet dashboard as an external
node classifier means you are not using node.pp anymore. The modeling
which module belongs to which node will be done then in puppet
dashboard. Your class name have of course be exactly the same name as
the module name you have in your folder structure in the puppet module
folder.

Hope that helps a bit

Christian



On 15 Dez., 02:17, Nicolas Aizier 
wrote:
> Hi everyone,
>
> I'm actually kind of new in puppet but I'm doing good in progressing.
> I have read lot of docs and how to to understand the whole behaviour
> of puppet.
> Installed a puppet master server, deployed 15 clients to test it on
> some of our testing servers.
> Written modules to get exactly what we want, and then installed puppet
> dashboard which work really fine.
>
> My question might sound a bit noobish but I'm stuck on that point and
> I really don't like to don't understand every part of a tool.
> What is the use of adding "groups" and "class" in the dashboard ?
> It seems that the dashboard don't see your class from the modules (saw
> that it will be corrected soon), but what is the point to creating
> class in the GUI ? Can you do anything with that ? and if yes will
> that not spread the config through dashboard + puppet config files,
> it'll be messy to maintain 
> Same question with the groups, I understand that you can assign class
> to groups so it's easyer to add a server in a global behavior but it
> only uses class from dashboard . And is there a way to create such
> group in puppet config files (if yes I didn't manage to find it ...) ?
>
> Thx a lot for your time and to all the puppet users !

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: managing normal users with Puppet

2010-11-15 Thread Christian 
In this context i have a question.

I migrate an autoyast settings into Puppet modules. Originally users
are created in the autoyast file for SLES9.

Following setting i have for one of my user.

true

Unfortuniatially i can't find such a flag as a parameter for the
puppet 'user' resource.

Christian

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Puppetrun reports certificates were not trusted

2010-10-19 Thread Christian 
Actually that problem were solved by simply rebooting all machines.
After a restart suddenly it worked for all of them.

>From time to time i experience however that single nodes produces
following errors even if i havent run puppetrun very short before that
run:

"Host  is already running
finished with exit code 3"

If i run puppetrun a second time than the same node does not report
problems anymore.
Does anybody know what is the background of that problem?

Christian

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

  1   2   >