[Puppet Users] Re: external node trouble
Looks like I spoke too soon, Puppet will use the default YAML in standard ruby and I did get my external nodes to work with that other array format. I wasn't familiar with that representation of arrays in yaml so the difference stuck out to me. What version of Puppet are you using? In your puppet.conf you should have (unless you have an old version of Puppet): external_nodes = your script's full path node_terminus = exec Based on the message, I suspect you may not have node_terminus set to exec. Make sure that is set and for experiments sake that you can YAML.load the output from your script. If you still get that message, it's time to get forensic... :/ On Sun, Sep 28, 2008 at 10:12 PM, AJ Christensen [EMAIL PROTECTED] wrote: Sorry, forgot to chuck this in there: irb(main):003:0 classes = [ baseserver, stg2server ] = [baseserver, stg2server] irb(main):004:0 yaml_obj = YAML::dump(classes) = --- \n- baseserver\n- stg2server\n irb(main):005:0 ruby_obj = YAML::load(yaml_obj) = [baseserver, stg2server] irb(main):006:0 classes == ruby_obj = true 2008/9/29 AJ Christensen [EMAIL PROTECTED] [EMAIL PROTECTED] /tmp$ irb -ryaml irb(main):001:0 classes = [ baseserver, stg2server ] = [baseserver, stg2server] irb(main):002:0 puts classes.to_yaml --- - baseserver - stg2server = nil AFAIK, Puppet uses YAML.load / YAML.dump for object manipulation. claseses: [baseserver, stg2server] is not a valid yaml array representation? 2008/9/29 Daniel Pittman [EMAIL PROTECTED] Andrew Shafer [EMAIL PROTECTED] writes: On Tue, Sep 23, 2008 at 12:01 PM, heise [EMAIL PROTECTED] wrote: I'm trying to get puppet to function with external nodes, i've got a script that spits out yaml in the following for my test case classes: [baseserver, stg2server] , from this i get the error of couldn not retrieve catalog: could not find default node or by name with 'heise- laptop' on node heise-laptop is there something i'm missing in my yaml , is there something more my external node classifer needs to return other than the yaml and an exit code of 0 ? The yaml output is not formated properly for puppet. It should look more like this: classes: - baseserver - stg2server http://reductivelabs.com/trac/puppet/wiki/ExternalNodes Does puppet have a hand-rolled YAML parser incompatible with the specification? Those two reflect *exactly* the same content: the key 'classes' associated with an array of two values. There should be absolutely *zero* different between the in-memory representations of those two YAML declarations. Regards, Daniel --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Request for Puppet Lightning Talk at FSCONS 2008 in Gothenburg, Sweden
Hi Stian On Sep 28, 2008, at 16:14 , julipan wrote: I'm involved in the organizing of FSCONS 2008, a conference on Free Software and Free Culture that takes place in Gothenburg, Sweden on October 24-26. We received a request for a presentation of the Puppet project and wondered whether anyone on this list would like to deliver a 10-20 minute Lightning Talk on the subject. Send us an email at [EMAIL PROTECTED] if you are interested. For more information on the conference, please visit our website at http://fscons.org I'm doing a Lightning talk at the OpenSource Days conference on the 3rd and 4th of October, in Copenhagen. I could repeat that talk if you'd like, or prepare a more technical one, if it's necessary. As far as I know, I'm free on the dates you're mentioning, and Gothenburg is not that far away from Copenhagen... :-) You can read the synopsis for the talk I'm doing this weekend, on http://www.opensourcedays.org/2008/agenda/lightning.shtml -- Med venlig hilsen/Best regards Juri Rischel Jensen Fab:IT ApS Vesterbrogade 50 DK-1620 København Tlf: +45 70 202 407 www.fab-it.dk --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Request for Puppet Lightning Talk at FSCONS 2008 in Gothenburg, Sweden
On Mon, Sep 29, 2008 at 4:40 AM, Juri Rischel Jensen [EMAIL PROTECTED] wrote: Hi Stian On Sep 28, 2008, at 16:14 , julipan wrote: I'm involved in the organizing of FSCONS 2008, a conference on Free Software and Free Culture that takes place in Gothenburg, Sweden on October 24-26. We received a request for a presentation of the Puppet project and wondered whether anyone on this list would like to deliver a 10-20 minute Lightning Talk on the subject. Send us an email at [EMAIL PROTECTED] if you are interested. For more information on the conference, please visit our website at http://fscons.org I'm doing a Lightning talk at the OpenSource Days conference on the 3rd and 4th of October, in Copenhagen. I could repeat that talk if you'd like, or prepare a more technical one, if it's necessary. As far as I know, I'm free on the dates you're mentioning, and Gothenburg is not that far away from Copenhagen... :-) You can read the synopsis for the talk I'm doing this weekend, on http://www.opensourcedays.org/2008/agenda/lightning.shtml That's funny. I'm doing a Puppet talk at Open Source Days too :) http://www.opensourcedays.org/2008/agenda/sessions/NigelKersten.shtml?keepThis=trueTB_iframe=trueheight=500width=700 that's hilarious. We should chat before hand Juri -- Nigel Kersten Systems Administrator Tech Lead - MacOps --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Request for Puppet Lightning Talk at FSCONS 2008 in Gothenburg, Sweden
On Mon, Sep 29, 2008 at 6:14 AM, Stian Rødven Eide [EMAIL PROTECTED] wrote: Hi Juri, Martin and Nigel, Thank you for your interest. I'm glad to hear there are so many of you spreading the Puppet word. Although we'd love to have you all at our conference, we can only afford to have one of you as a speaker. Would you perhaps like to discuss among yourselves on who will do a lightning talk for FSCONS? Heh. I didn't actually mean to sound like I was volunteering for FSCONS, just pointing out Juri and I were both talking at Open Source Days :) I wouldn't be able to make it for FSCONS sorry. Great to see the Puppet buzz :) all the best, /Stian On Mon, 2008-09-29 at 13:40 +0200, Juri Rischel Jensen wrote: Hi Stian I'm doing a Lightning talk at the OpenSource Days conference on the 3rd and 4th of October, in Copenhagen. I could repeat that talk if you'd like, or prepare a more technical one, if it's necessary. As far as I know, I'm free on the dates you're mentioning, and Gothenburg is not that far away from Copenhagen... :-) You can read the synopsis for the talk I'm doing this weekend, on http://www.opensourcedays.org/2008/agenda/lightning.shtml -- Nigel Kersten Systems Administrator Tech Lead - MacOps --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] test, please disregard
I'm having problems with google groups -- Marcin Owsiany [EMAIL PROTECTED] http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 Every program in development at MIT expands until it can read mail. -- Unknown --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] test 2, please disregard
I'm having problems with google groups -- Marcin Owsiany [EMAIL PROTECTED] http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 Every program in development at MIT expands until it can read mail. -- Unknown --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Pulling Strings with Puppet
James, I'm really bothered by the fact that the 'ebook' contains DRM. In fact, I can't even access my purchased copy because I forgot my pass phrase. I really wish you would have taken a stand against this DRM when working on this project. Best, Adam On Sep 28, 11:56 pm, James Turnbull [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 A number of you have asked me what's the best way to buy the Puppet book that maximises returns to me (and shucks aren't you all nice... :) ). With this in mind I've set-up an Amazon Referral link for the book: http://www.amazon.com/gp/product/1590599780?ie=UTF8tag=puppet0e-20l... If you use this link I get a referral fee that I can then spend on books at Amazon. :) If you don't fancy buying from Amazon then obviously the title is available via e-book from Apress at: http://www.apress.com/book/view/1590599780 Now back to our scheduled programming... Thanks James Turnbull - -- Author of: * Pulling Strings with Puppet (http://www.amazon.com/gp/product/1590599780/) * Pro Nagios 2.0 (http://www.amazon.com/gp/product/1590596099/) * Hardening Linux (http://www.amazon.com/gp/product/159059/) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) Comment: Using GnuPG with Mozilla -http://enigmail.mozdev.org iD8DBQFI4FH39hTGvAxC30ARAhO2AKDBz/pWtCsmP9N4Bw67IcIHGCtHTACeLGAs 5aYEtGhaS99KS9TrN+cHbmc= =ItER -END PGP SIGNATURE- --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] how to define variables in module scope ?
Hello, I have a bunch of variables that are used in several classes and definitions, all part of the same module. As these variables are defined automatically based on system facts, I would like to avoid having to declare them in each node that uses classes or definitions from my module. Where would be the best place to put these variables ? I tried in module/manifests/init.pp as well as in an external file imported from within classes/definitions files but none work as I would have expected. Thanks for any hint ! Marc --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] certificate strategy for workstations
Hi, I am wondering how people are handling certificates for workstations whose names commonly change. I am using Puppet to manage Mac workstations. When they initially come on network, they haven't been named, dynamic dns has not updated and they have the potential to have name conflicts. I wind up with different cert requests for the same machine. If I use autosign, the names will be completely wrong. What I'd like to do is probably create the cert request on the client side using the en0 macaddress of the machine or something unique rather than the current fqdn of the host. I realize that I could do this on the server, but that requires out of band distribution of the cert to the client right? Thanks, Kyle --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Puppet clients stop talking to the puppetmaster server
Here's the scenario, We have roughly 700 OpenSolaris hosts running puppet-0.24.4, facter-1.3.8, and ruby 1.8.6. Puppetmaster server is running OpenSolaris, puppet-0.24.5, facter-1.5.2, and ruby 1.8.6. I'm running 4 puppetmasterd instances with mongrel fronted by apache in load balancer mode. It seems that quite a few (roughly a third) of the boxes stop checking in to the puppetmaster server, or just stop downloading/creating the new classes file from the puppetmaster server. If I ssh into each box, stop puppetd and restart it, it downloads the new /var/puppet/ state/classes.txt and everything is good again. All of the clients are identical, same OS versions, same patch levels, same puppet.conf, etc. I am not seeing anything in the logs on the puppetmaster server (either in the apache logs or puppetmasterd logs) that is indicative of an issue. Any thoughts? Thanks, Josh --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Module Standards
- Al @ Lab42 [EMAIL PROTECTED] wrote: Hi Digant, what's the best place to comment/discuss what is written in: http://www.reductivelabs.com/trac/puppet/wiki/ModuleStandards ? I'd like to take part in the discussion about the module standards but I don't think the wiki is the right places to submit ideas/remarks. So for the moment I write here. I think this is the right place to discuss that. For example I find point 5 in the Modules Standards section, a bit over engineered and not well manageable in the log term: I don't find the necessity to introduce a new variable for every package and service name (and pathname for almost each file served, so in some cases you should define a lot of variables for a module). I would handle the operating systems differences where is necessary with a relevant switch, like here: class sendmail { package { sendmail: name = $operatingsystem ? { default = sendmail, }, ensure = present; sendmail-cf: name = $operatingsystem ? { default = sendmail-cf, }, ensure = present, } service { sendmail: name = $operatingsystem ? { default = sendmail, }, ensure = running, enable = true, hasrestart = true, hasstatus = true, require = Package[sendmail], } file { sendmail.cf: mode = 644, owner = root, group = root, require = Package[sendmail], ensure = present, path = $operatingsystem ?{ default = /etc/mail/sendmail.cf, }, } } I think the original proposal was due to legibility. In any case, this is just an example (and, in this case, a solution or another I guess it's mostly a matter of personal taste). Another point quite critical, according to me, is the standardization of modules that need to manage objects provided by other modules. An example could be a module for a software like mailcanner or amavis or whatever: they should handle configuration files and other objects of different other programs (for example an MTA like postfix, mail filters like spamassassin and clamav and so on). How can this be handled in a modular standard way (the mantainer of mailscanner module is not necessarily the postfix mantainer)? I've thought about different scenarios but they all require some tweaks that can be more or less acceptable (for example a conflict with other modules). This is where overrides would come in. The amavis module would have classes that inherit and override the MTA classes. But how to do so in a manner such that the MTA in use can be anything and that the amavis module doesn't need to know about the MTA specifics is a challenge and one that isn't quite clear how best to handle. Right now, in our case, we just craft everything specific to the MTA that we use (postfix) so we would not be able to swap out to sendmail by simply changing the package name in one manifest: we would need to make additional changes b/c config files are different, etc. -- Digant C Kasundra [EMAIL PROTECTED] Technical Lead, ITS Unix Systems and Applications, Stanford University --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: how to define variables in module scope ?
Hello, Am 29.09.2008 um 18:40 schrieb Marc Fournier: I have a bunch of variables that are used in several classes and definitions, all part of the same module. As these variables are defined automatically based on system facts, I would like to avoid having to declare them in each node that uses classes or definitions from my module. Where would be the best place to put these variables ? I tried in module/manifests/init.pp as well as in an external file imported from within classes/definitions files but none work as I would have expected. That's a discussion I had several weeks ago on IRC, but I can't remember with whom. IIRC, it basically makes a difference wheter the module is autoloaded or imported. My tests so far have shown that module-scope variables, i.e. e.g. such ones defined at the beginning of init.pp, get included if you import the module, but not if some class in the module is autoloaded. I think we had concluded that it would be nice to have module-scope variables in autoloaded classes and definitions, but had not followed the thought or the tests any further. I hope this answers some of your questions, and we can find a solution that suits everyone. Greetings, Felix Schäfer --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Pushing data into a CMDB (especially Remedy)
- Ohad Levy [EMAIL PROTECTED] wrote: Hi, I'm interested, I've already done some basic work on the puppet side. In our setup we decided not to use storeconfig (due to technical limitations of having too many puppet masters in different locations), therefor, we have re implemented many of facts importing and collecting. I would assume it should not be a big deal to push the data forward to remedy CMDB. Cheers, Ohad Can you talk a little more about what this is. How are you importing and collecting these facts. I'd love to try out this solution here and see how it performs. -- Digant C Kasundra [EMAIL PROTECTED] Technical Lead, ITS Unix Systems and Applications, Stanford University --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: certificate strategy for workstations
On Sep 29, 2008, at 1:06 PM, Nigel Kersten wrote: On Mon, Sep 29, 2008 at 8:56 AM, Crawford Kyle [EMAIL PROTECTED] wrote: Hi, I am wondering how people are handling certificates for workstations whose names commonly change. I am using Puppet to manage Mac workstations. When they initially come on network, they haven't been named, dynamic dns has not updated and they have the potential to have name conflicts. I wind up with different cert requests for the same machine. If I use autosign, the names will be completely wrong. What I'd like to do is probably create the cert request on the client side using the en0 macaddress of the machine or something unique rather than the current fqdn of the host. I realize that I could do this on the server, but that requires out of band distribution of the cert to the client right? Thanks, Kyle, we use a UUID for all our clients for this exact problem. Our puppet installation creates puppet.conf with the output of uuidgen | tr [A-Z] [a-z] instead so that's the certname that's requested by the client. You could easily make it something related to the en0 MAC if you wanted. Ah certname in puppet.conf. Excellent. Thanks Nigel, Kyle --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Puppet clients stop talking to the puppetmaster server
I believe the problem is on the client. Debugging logs there would be the place I'd start. On Mon, Sep 29, 2008 at 8:29 PM, josh [EMAIL PROTECTED] wrote: The clients still check in every 30 minutes or so, but aren't downloading the new classes from the server, and they wil still be trying to download non-existant classes. I'm pushing out an upgrade of facter from 1.3.8 to 1.5.2, as of right now 500 out of 700 hosts have the new facter version, the other 200 or so need to have puppetd restarted. I can enable debug mode in the logs and see if that helps with the troubleshooting. i.e.: Sep 29 21:58:49 puppetd[17414]: [ID 702911 daemon.notice] Starting catalog run Sep 29 21:58:55 puppetd[17414]: [ID 702911 daemon.warning] (// Node[default]/dhcp_server/File[/export/home/jrivel/dhcp-server.tar]/ ensure) No specified sources exist Sep 29 21:58:55 puppetd[17414]: [ID 702911 daemon.warning] (// Node[default]/dhcp_server/File[/export/home/jrivel/dhcp-server.tar]/ ensure) No specified sources exist Sep 29 21:58:55 puppetd[17414]: [ID 702911 daemon.warning] (// Node[default]/dhcp_server/File[/export/home/jrivel/dhcp-server.tar]/ source) No specified sources exist Sep 29 21:59:01 puppetd[17414]: [ID 702911 daemon.notice] Finished catalog run in 12.23 seconds On Sep 29, 5:56 pm, Andrew Shafer [EMAIL PROTECTED] wrote: What do the logs look like on the clients that stop connecting? That's where I'd expect to see something, not on the master. On Mon, Sep 29, 2008 at 11:14 AM, josh [EMAIL PROTECTED] wrote: Here's the scenario, We have roughly 700 OpenSolaris hosts running puppet-0.24.4, facter-1.3.8, and ruby 1.8.6. Puppetmaster server is running OpenSolaris, puppet-0.24.5, facter-1.5.2, and ruby 1.8.6. I'm running 4 puppetmasterd instances with mongrel fronted by apache in load balancer mode. It seems that quite a few (roughly a third) of the boxes stop checking in to the puppetmaster server, or just stop downloading/creating the new classes file from the puppetmaster server. If I ssh into each box, stop puppetd and restart it, it downloads the new /var/puppet/ state/classes.txt and everything is good again. All of the clients are identical, same OS versions, same patch levels, same puppet.conf, etc. I am not seeing anything in the logs on the puppetmaster server (either in the apache logs or puppetmasterd logs) that is indicative of an issue. Any thoughts? Thanks, Josh --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---