[Puppet Users] Re: Puppet Common Modules: SSH Proposal

[Jeroen van Meeuwen]

Digant C Kasundra wrote:
> That's odd b/c that seems to work for me just fine.  Perhaps it is b/c of 
> namespacing?  I.e. when I define a subclass of ssh called foo, I would 
> actually declare it as ssh::foo.  If I include ssh::foo, puppet looks for 
> foo.pp in the ssh/manifests and if it doesn't find that, it then looks in 
> init.pp in ssh/manifests.  Perhaps I'm not understanding what you aren't able 
> to get work.
> 

It's no big deal it's just something I wasn't able to get to work when I 
looked at it, I'll figure it out some time.

-Jeroen

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Module Standards

[Digant C Kasundra]

- "Kenton Brede" <[EMAIL PROTECTED]> wrote:
> > With a small operation, it is okay.  With something larger, it
> doesn't scale well and it doesn't make good use of module grouping. 
> For instance, when setting up openldap, I want to talk about what I do
> (packages I install, conf files I drop in, etc) all in one place so I
> can see what I do with openldap as a whole more easily.  If it were
> broken out into several places based on OS type, it isn't quite as
> easy to ensure that each OS type is similar.  For instance, on a
> debian box and a redhat box, I can look at classes.txt and see that
> openssh class is applied, so I know that I'm managing openssh on
> debian and redhat boxes, but with the other approach, I wouldn't be
> able to see that without digging into the debian.pp and redhat.pp
> files.
> >
> 
> Hmmm, unless I'm missing something, what you describe is what I'm
> doing.  If I'm wrong please let me know.
> 
> Currently I have two types of modules:
> 
> Modules based on type (file, cron, etc) that are not tied to a
> particular service.  For example, a custom script that goes to host
> foo, or a group such as rhel5.  And modules based on a service
> (apache, iptables, etc), which contain any resources that are needed.
> 
> The only time I have a rhel5.pp class, is if it's as sub-module.  For
> example cron::rhel5.pp, which contains cron jobs for rhel5  servers.
> Or apache::rhel5.pp, which contains rhel5 specifics for that group. 
> I
> don't have a single class rhel5.pp where I try to manage all
> resources, if that's what you thought I did.
> 
> 

That is indeed what I thought you were doing.  Phew.  Yes, what you are doing 
seems logical.  We don't currently break things down into OS.  Instead, our 
apache and apache::foo and whatnot all have internal logic to handle different 
operating systems with case statements.  But what you're doing is something 
I've seen other people doing and it seems pretty good to.  Doesn't quite fit my 
view of how I organize things in my head but that doesn't necessarily make it 
"wrong."



> >> Could you give a couple examples of what you mean by "action type"
> >> and
> >> "functional role?"
> 
> > An action type is like sort of like "what you do to a system."  So,
> things like "install this file" or "install this package."  Functional
> role is things like "manage openldap" or "ensure these users are
> present" which would in turn include actions like installing packages
> or files or setting up user preferences.
> >
> 
> Thanks for the clarification :)
> Kent

No problem!

-- 
Digant C Kasundra <[EMAIL PROTECTED]>
Technical Lead, ITS Unix Systems and Applications, Stanford University

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Puppet Common Modules: SSH Proposal

[Digant C Kasundra]

- "Jeroen van Meeuwen" <[EMAIL PROTECTED]> wrote:

> Digant C Kasundra wrote:
> > There is a lot to digest here but a quick correction on:
> > 
> > # Red Hat / CentOS has puppet-0.24.4 and does not do the import
> magic. It could do the imports, but it requires import statements per
> file (not exactly making the module any more portable). 
> > 
> > I'm not sure what you mean by this as import magic is most certainly
> in place (we use it all the time and we actually don't use the word
> import anywhere).
> > 
> 
> Well, it's in the commentary of the actual module... And not as 
> significant to the proposal as the actual module itself...
> 
> Besides the wiki page can just describe the module as a one file
> source, 
> I find the automagic module imports work, but the subclasses and
> defined 
> types in modules (and/or it's subbclasses) are not automatically
> imported.
> 
> Jeroen van Meeuwen
> -kanarip

That's odd b/c that seems to work for me just fine.  Perhaps it is b/c of 
namespacing?  I.e. when I define a subclass of ssh called foo, I would actually 
declare it as ssh::foo.  If I include ssh::foo, puppet looks for foo.pp in the 
ssh/manifests and if it doesn't find that, it then looks in init.pp in 
ssh/manifests.  Perhaps I'm not understanding what you aren't able to get work.


-- 
Digant C Kasundra <[EMAIL PROTECTED]>
Technical Lead, ITS Unix Systems and Applications, Stanford University

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Puppet Common Modules: SSH Proposal

[Digant C Kasundra]

This is an interesting approach and certainly valid and should work.  I'm not 
sure I would use the virtual resources since one could just as easily define 
those things in the classes they are used in.  Virtual resources are better 
when you wnat to declare something in one place but it could be realized in any 
number of places (making it impossible to be declared in all of those places 
b/c if two such classes were included, you'd have an error)

I think having the OS specific subclasses override the package name instead of 
a large case statement in the initial package declaration is spiffy.  I can 
actually seeing both ways being useful.  Sometimes, I like to see all the 
various ways a package (or  service) might look in one place, so I sometimes 
like to see the case statement approach.  Other times, I like to see specific 
changes that are related to an OS or similar logical grouping to be made in an 
appropriate subclass with the use of overrides.

To answer about use-cases, we have in our ssh module some subclasses that are 
relevent to a particular configuration of ssh server.  For instance, 
ssh::global allows ssh connections from off campus while our regular ssh 
doesn't.  I prefer these as subclasses b/c I like to look at my list of classes 
to glean what kinds of things my server is setup to do (and when I build an 
external node tool, rather than messing with variables and blah blah blah, I'll 
just be adding or dropping classes).


- "Jeroen van Meeuwen" <[EMAIL PROTECTED]> wrote:

> Hi there,
> 
> I'd like to collect some feedback on a conceptual simple Puppet Common
> 
> Module I want to propose;
> 
> http://reductivelabs.com/trac/puppet/wiki/PuppetCommonModules/SSH
> 
> I'm thinking about things like;
> 
> - the way virtual resources are used,
> - the way operating system specific sub-classes are used,
> - use-cases I haven't met (although secondary),
> - simple errors I've made (I whipped this up from the top of my head),
> 
> although the best thing is maybe to jump on the Wiki and correct my
> error,
> - further enhancements in making this a really viable PCM.
> 
> I guess what is not needed (yet) includes (I'm sorry if this sound
> harsh);
> 
> - discussions about the indentation I used
> 
> I can live with any form of indentation, and I guess so can you. I
> *just 
> so happen* to use 4 spaces to a tab.
> 
> - the way I aggregate types into resources
> 
> It to me is a habit / matter of convenience, while I'd like to focus
> the 
> discussion on technical arguments instead.
> 
> - namespacing of modules or classes
> 
> again I can live with *any* namespacing, and it's not about setting
> the 
> defacto standard for all Puppet Common Modules, it's about making a 
> *start* in "code".
> 
> - module or class extensions that everyone uses
> 
> because these often-used extensions should go *in* the module
> (upstream, 
> upstream, upstream is my motto), and such can only be done when there
> is 
> an upstream module to begin with.
> 
> Thanks in advance for review/comments,
> 
> Kind regards,
> 
> Jeroen van Meeuwen
> -kanarip
> 
> 
> 
-- 
Digant C Kasundra <[EMAIL PROTECTED]>
Technical Lead, ITS Unix Systems and Applications, Stanford University

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: shorewall module for puppet

[Graeme Gillies]

Also Just for completeness sake

On the server, this is the /etc/puppet/puppet.conf

[main]
# Where Puppet stores dynamic and growing data.
# The default value is '/var/puppet'.
vardir = /var/lib/puppet

# The Puppet log directory.
# The default value is '$vardir/log'.
logdir = /var/log/puppet

# Where Puppet PID files are kept.
# The default value is '$vardir/run'.
rundir = /var/run/puppet

# Where SSL certificates are kept.
# The default value is '$confdir/ssl'.
ssldir = $vardir/ssl

[puppetd]
# The file in which puppetd stores a list of the classes
# associated with the retrieved configuratiion.  Can be loaded in
# the separate ``puppet`` executable using the ``--loadclasses``
# option.
# The default value is '$confdir/classes.txt'.
classfile = $vardir/classes.txt

# Where puppetd caches the local configuration.  An
# extension indicating the cache format is added automatically.
# The default value is '$confdir/localconfig'.
localconfig = $vardir/localconfig

[puppetmasterd]
# Where puppet looks for its modules
modulepath = /var/lib/puppet/modules

And on the client side this is their /etc/puppet/puppet.conf

[main]
# Where Puppet stores dynamic and growing data.
# The default value is '/var/puppet'.
vardir = /var/lib/puppet

# The Puppet log directory.
# The default value is '$vardir/log'.
logdir = /var/log/puppet

# Where Puppet PID files are kept.
# The default value is '$vardir/run'.
rundir = /var/run/puppet

# Where SSL certificates are kept.
# The default value is '$confdir/ssl'.
ssldir = $vardir/ssl

ignorecache = true
#factsync = true
#pluginsync = true

[puppetd]
# The file in which puppetd stores a list of the classes
# associated with the retrieved configuratiion.  Can be loaded in
# the separate ``puppet`` executable using the ``--loadclasses``
# option.
# The default value is '$confdir/classes.txt'.
classfile = $vardir/classes.txt

# Where puppetd caches the local configuration.  An
# extension indicating the cache format is added automatically.
# The default value is '$confdir/localconfig'.
localconfig = $vardir/localconfig

Cheers,

Graeme

On Oct 1, 8:47 am, Graeme Gillies <[EMAIL PROTECTED]> wrote:
> Hi Pete,
>
> Thanks for your help, I really appreciate it.
>
> > this module is originally based on DavidS' 
> > Module:http://git.black.co.at/?p=module-shorewallandas I'm one of the 
> > authors
> > of the version in of your repo I try to answer.
> > (As I see currently the repo box isn't avaiable, an alternative source
> > for the module would be 
> > here:http://github.com/duritong/puppet-shorewall/tree/master)
>
> Yep I originally tried using the source for both the common module and
> the shorewall module available athttp://git.black.co.at/?p=module-shorewall
> andhttp://git.black.co.at/?p=module-commonand they gave me the same
> problem. I tried the source 
> fromhttps://git.puppet.immerda.ch/?p=module-shorewall
> simply because it looked like it had been updated more recently and I
> thought the problem may have been fixed
>
> > hmm this sounds like there is a problem in the basic setup of the
> > module. you need to use the common module
> > (http://github.com/duritong/puppet-common/tree/masterorhttp://git.blac...) 
> > for this module. are u using
> > that one? Because this exec should be created through the concatenated
> > file definition.
> > the alias is created 
> > in:http://github.com/duritong/puppet-common/tree/master/manifests/define...
> > on line 68. so it sounds like it's not coming to this point.
>
> That would make sense, but I am indeed using the common module :(
>
> > btw: are you importing the common module in something like modules.pp in
> > your manifests folder, like it is described in the common readme.
>
> Yep. In the file /etc/puppet/manifests/modules.pp I am importing the
> common module
>
> > i normally use notices so I see them in the puppetmasterd, but you don't
> > need to run it in debug or trace mode.
>
> cheers I will give that a try
>
> Just to give some more detail about my environment to aid in
> troubleshooting, I am using the following version of puppet RPMS
>
> puppet-server-0.24.5-1.el5
> puppet-0.24.5-1.el5
>
> fromhttp://people.redhat.com/dlutter/yum/
>
> Both client and server are CentOS 5.2
>
> The contents of my /etc/puppet/manifests/site.pp is as follows
>
> import "nodes.pp"
> import "modules.pp"
> import "classes/*.pp"
>
> $puppetserver = "server.example.com"
> $server = "server.example.com"
>
> The contents of my /etc/puppet/manifests/nodes.pp is as follows
>
> node "v6default" {
>
>     include v6shorewall
>     # include v6ntp::client
>
> }
>
> node "build1.vision6.com.au" inherits v6default {
>
> }
>
> And the contents of my /etc/puppet/manifests/modules.pp is as follows
>
> import "common"
> import "shorewall"
>
> Finally the contents of 

[Puppet Users] Re: shorewall module for puppet

[Graeme Gillies]

Hi Pete,

Thanks for your help, I really appreciate it.

> this module is originally based on DavidS' 
> Module:http://git.black.co.at/?p=module-shorewalland as I'm one of the authors
> of the version in of your repo I try to answer.
> (As I see currently the repo box isn't avaiable, an alternative source
> for the module would be 
> here:http://github.com/duritong/puppet-shorewall/tree/master)

Yep I originally tried using the source for both the common module and
the shorewall module available at http://git.black.co.at/?p=module-shorewall
and http://git.black.co.at/?p=module-common and they gave me the same
problem. I tried the source from 
https://git.puppet.immerda.ch/?p=module-shorewall
simply because it looked like it had been updated more recently and I
thought the problem may have been fixed

> hmm this sounds like there is a problem in the basic setup of the
> module. you need to use the common module
> (http://github.com/duritong/puppet-common/tree/masterorhttp://git.black.co.at/?p=module-common)
>  for this module. are u using
> that one? Because this exec should be created through the concatenated
> file definition.
> the alias is created 
> in:http://github.com/duritong/puppet-common/tree/master/manifests/define...
> on line 68. so it sounds like it's not coming to this point.

That would make sense, but I am indeed using the common module :(

> btw: are you importing the common module in something like modules.pp in
> your manifests folder, like it is described in the common readme.

Yep. In the file /etc/puppet/manifests/modules.pp I am importing the
common module

> i normally use notices so I see them in the puppetmasterd, but you don't
> need to run it in debug or trace mode.

cheers I will give that a try

Just to give some more detail about my environment to aid in
troubleshooting, I am using the following version of puppet RPMS

puppet-server-0.24.5-1.el5
puppet-0.24.5-1.el5

from http://people.redhat.com/dlutter/yum/

Both client and server are CentOS 5.2

The contents of my /etc/puppet/manifests/site.pp is as follows

import "nodes.pp"
import "modules.pp"
import "classes/*.pp"

$puppetserver = "server.example.com"
$server = "server.example.com"

The contents of my /etc/puppet/manifests/nodes.pp is as follows

node "v6default" {

include v6shorewall
# include v6ntp::client

}

node "build1.vision6.com.au" inherits v6default {

}

And the contents of my /etc/puppet/manifests/modules.pp is as follows

import "common"
import "shorewall"

Finally the contents of my /etc/puppet/manifests/classes/
v6shorewall.pp is

class v6shorewall {
## base interface
shorewall::interface {
'eth0': zone => 'loc';
}
}

The most annoying thing about this error is that there should be no
problem with it seeing the exec_ procedure needed, though I did notice
in the puppetmasterd debug output that it outputs the following

info: Autoloaded module shorewall

But never mentions autoloading the common module. Perhaps this is
related to the problem?

Thanks for all the help,

Graeme

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: What's wrong?

[Paul Lathrop]

On Tue, Sep 30, 2008 at 2:19 PM, dd-b <[EMAIL PROTECTED]> wrote:
> I've managed to get up as far as 0.24.4 via EPEL, after being told it
> actually should work (I can never really tell whether anybody has
> actually used packages out of a repository before).

0.24.4 is a good, solid version. It has a few bugs, but they are
pretty esoteric, and shouldn't bite you if you are just starting.

> If there's something the community thinks is a good stable package
> build of current puppet versions in RPM for various rpm-based systems,
> maybe it could be mentioned in  wiki/DownloadingPuppet>?  What's there now is EPEL (which did
> eventually work for me, and has me more current than what Centos
> 4.6/4.6 contain), and "David Lutterkort also maintains a yum
> repository of Puppet RPMS. ... Packages from that repository should be
> considered experimental and used mostly for testing." I don't mind
> using EPEL and wouldn't mind using a community build that the
> community thought well of, but the warnings on that mean I can't
> really afford, professionally, to have anything go wrong if I'm using
> it :-(.

When it comes to RedHat and derivatives, I can't give you a good
answer; I hope the community can. On the whole, I can tell you that,
at Digg, we roll our own package from the latest "stable" release.
Right now, that's 0.24.5. This method has worked quite well for us so
far, with the caveat that our *production* Puppet installation is
still small.

YMMV.

--Paul

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: something wrong with puppet client or Server

[Vipul Ramani]

WOW thanks MIKE ,


Sorry then i did not read properly ... but anyways thanks for all ...
For super sonic faster response 

On Sep 30, 3:14 pm, Mike Renfro <[EMAIL PROTECTED]> wrote:
> On 9/30/2008 5:02 PM, Vipul Ramani wrote:
>
> > thanks for answer !!! that awesome .. But i have never seen  " unless
> >  ==> " in documentation or recipe .. so  ...
>
> http://reductivelabs.com/trac/puppet/wiki/TypeReference#exechas it. And
> it also has:
>
>    It is critical that all commands executed using this mechanism can be
>    run multiple times without harm, i.e., they are idempotent. One useful
>    way to create idempotent commands is to use the checks like creates to
>    avoid running the command unless some condition is met.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: something wrong with puppet client or Server

[Mike Renfro]

On 9/30/2008 5:02 PM, Vipul Ramani wrote:

> thanks for answer !!! that awesome .. But i have never seen  " unless
>  ==> " in documentation or recipe .. so  ...

http://reductivelabs.com/trac/puppet/wiki/TypeReference#exec has it. And
it also has:

   It is critical that all commands executed using this mechanism can be
   run multiple times without harm, i.e., they are idempotent. One useful
   way to create idempotent commands is to use the checks like creates to
   avoid running the command unless some condition is met.

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: something wrong with puppet client or Server

[Vipul Ramani]

WOW

make sense !!!

thanks for answer !!! that awesome .. But i have never seen  " unless
==> " in documentation or recipe .. so  ...

let me try ...

On Sep 30, 2:52 pm, "AJ Christensen" <[EMAIL PROTECTED]> wrote:
> Best. Non-idempotent. Exec. Ever.
> unless => "/bin/grep 'my line' /etc/vfstab" in your exec{}.
>
> Regards,
>
> AJ
>
> 2008/10/1 Andrew Shafer <[EMAIL PROTECTED]>
>
> > Exec is not going to be idempotent unless you add the logic.
>
> > You told Puppet to run that script every time, which adds the line.
>
> > On Tue, Sep 30, 2008 at 3:46 PM, Peter Meier <[EMAIL PROTECTED]>wrote:
>
> >> Hi
>
> >> > I dont understand if once it is already added line in /etc/fstab why
> >> > it is adding every time
>
> >> because you have never defined how it knows then it's added.
> >> this is the expected behaviour of puppet.
>
> >> greets pete
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] something wrong with puppet client or Server

[Vipul Ramani]

Hi All,

I have running puppet client and server on solaris 10 x86.

Now days some of puppet client behaviors is something weird !!! or May
be i am missing something...

for ex.

I created class to add one line in /etc/vfstab . but  puppet client
did it successfully 1st time ...But .. After few days ,  i saw there
are same line has been added more than 250 times..  [ see same line is
added so many times ]

I dont understand if once it is already added line in /etc/fstab why
it is adding every time

--logadd.pp--
class  logadd {

   file { "/tmp/logadd.sh":
 ensure => present,
 mode   => 755,
 owner  => root,
 group  => sys,
source => "puppet://test1t/files/common//logadd.sh"
}

exec { "sh /tmp/logadd.sh":
path => "/usr/bin:/sbin:/bin:/usr/sbin"

}
}

--

bash-3.2# cat logadd.sh
mkdir /mnt/logadd
echo 'zfs22x:/test/logadd -  /mnt/logaddnfs
-   yes intr,vers=3' >> /etc/vfstab
mountall


#cat /etc/vfstab


---removed / boot/ 
zfs22x:/test/logadd -  /mnt/logaddnfs -
yes intr,vers=3
zfs22x:/test/logadd -  /mnt/logaddnfs -
yes intr,vers=3
zfs22x:/test/logadd -  /mnt/logaddnfs -
yes intr,vers=3
zfs22x:/test/logadd -  /mnt/logaddnfs -
yes intr,vers=3
zfs22x:/test/logadd -  /mnt/logaddnfs -
yes intr,vers=3
zfs22x:/test/logadd -  /mnt/logaddnfs -
yes intr,vers=3
zfs22x:/test/logadd -  /mnt/logaddnfs -
yes intr,vers=3
zfs22x:/test/logadd -  /mnt/logaddnfs -
yes intr,vers=3
zfs22x:/test/logadd -  /mnt/logaddnfs -
yes intr,vers=3
zfs22x:/test/logadd -  /mnt/logaddnfs -
yes intr,vers=3
zfs22x:/test/logadd -  /mnt/logaddnfs -
yes intr,vers=3
zfs22x:/test/logadd -  /mnt/logaddnfs -
yes intr,vers=3


thanks in adv 

Regards
Vipul Ramani

~~~ FrEE Ur M1nd 

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: something wrong with puppet client or Server

[AJ Christensen]

Best. Non-idempotent. Exec. Ever.
unless => "/bin/grep 'my line' /etc/vfstab" in your exec{}.

Regards,

AJ

2008/10/1 Andrew Shafer <[EMAIL PROTECTED]>

> Exec is not going to be idempotent unless you add the logic.
>
> You told Puppet to run that script every time, which adds the line.
>
>
> On Tue, Sep 30, 2008 at 3:46 PM, Peter Meier <[EMAIL PROTECTED]>wrote:
>
>>
>> Hi
>>
>> > I dont understand if once it is already added line in /etc/fstab why
>> > it is adding every time
>>
>> because you have never defined how it knows then it's added.
>> this is the expected behaviour of puppet.
>>
>> greets pete
>>
>>
>>
>
> >
>

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: something wrong with puppet client or Server

[Andrew Shafer]

Exec is not going to be idempotent unless you add the logic.

You told Puppet to run that script every time, which adds the line.

On Tue, Sep 30, 2008 at 3:46 PM, Peter Meier <[EMAIL PROTECTED]> wrote:

>
> Hi
>
> > I dont understand if once it is already added line in /etc/fstab why
> > it is adding every time
>
> because you have never defined how it knows then it's added.
> this is the expected behaviour of puppet.
>
> greets pete
>
> >
>

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: something wrong with puppet client or Server

[Peter Meier]

Hi

> I dont understand if once it is already added line in /etc/fstab why
> it is adding every time

because you have never defined how it knows then it's added.
this is the expected behaviour of puppet.

greets pete

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: What's wrong?

[dd-b]

On Sep 30, 3:53 pm, "Paul Lathrop" <[EMAIL PROTECTED]> wrote:
> Yeah, we all generally agree that sticking to your distribution's
> packages where possible is a best practice.
>
> In the case of Puppet; not so much. Puppet is a fast-moving target.
> You will find, though, that prominent community members maintain
> packages which, while "unofficial" from a distro POV, are incredibly
> stable and well put-together.
>
> Also, roll-your-own is actually a good option for Puppet.
>
> In any case, that version of Puppet is not only old, it is essentially
> unsupported as well, so... make the decision that is appropriate to
> your needs.

I've managed to get up as far as 0.24.4 via EPEL, after being told it
actually should work (I can never really tell whether anybody has
actually used packages out of a repository before).

EPEL itself is unofficial from a distro point of view; I'm willing to
jump ship a certain amount, but I do like it to *work* when I do
that :-).

If there's something the community thinks is a good stable package
build of current puppet versions in RPM for various rpm-based systems,
maybe it could be mentioned in ?  What's there now is EPEL (which did
eventually work for me, and has me more current than what Centos
4.6/4.6 contain), and "David Lutterkort also maintains a yum
repository of Puppet RPMS. ... Packages from that repository should be
considered experimental and used mostly for testing." I don't mind
using EPEL and wouldn't mind using a community build that the
community thought well of, but the warnings on that mean I can't
really afford, professionally, to have anything go wrong if I'm using
it :-(.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: What's wrong?

[dd-b]

On Sep 30, 3:36 pm, Peter Meier <[EMAIL PROTECTED]> wrote:
> Hi
>
> > What version of puppet are you using?
>
>  Sorry, it's puppet-0.22.4-1.el4.rf (from rpmforge).  On centos 4.6.
>
> >> as Paul mentioned, this version is heavily outdated. Best would be if
> >> you would update to the latest version.
>
> > I shopped around a bit, and found the EPEL repository, which *should*
> > have stuff I can just drop into my 4.6, and which has a 0.24.4 version
> > of puppet. Unfortunately attempting to install it errors out on
> > missing dependencies, like needing glibc_2.4 (Centos 4.6 and 4.7 have
> > glibc_2.3, it looks like). And the updated glibc version isn't in
> > EPEL, either.  Other things have errors as well.  So that doesn't look
> > like a workable approach.
>
> you're using epel4? this shouldn't have glibc_2.4 as 
> dependency.http://download.fedora.redhat.com/pub/epel/4/i386/repoview/puppet.html

Yes, epel 4.

Hmmm; looking more closely, that particular dependency error wasn't
from puppet; the one from puppet was ruby(abi) = 1.8 (for both facter
and puppet). But if I have the EPEL repository installed I'll get
hosed on other stuff next time I update.

Aha!  The problem goes away if I use epel-release-4-9 instead of epel-
release-4-6.  maybe those release numbers are just for epel, and don't
relate to Centos 4.6 and some hypothetical future version.

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: What's wrong?

[dd-b]

On Sep 30, 1:45 pm, Peter Meier <[EMAIL PROTECTED]> wrote:

> >>> What version of puppet are you using?

> >> Sorry, it's puppet-0.22.4-1.el4.rf (from rpmforge).  On centos 4.6.

> as Paul mentioned, this version is heavily outdated. Best would be if
> you would update to the latest version.

I shopped around a bit, and found the EPEL repository, which *should*
have stuff I can just drop into my 4.6, and which has a 0.24.4 version
of puppet. Unfortunately attempting to install it errors out on
missing dependencies, like needing glibc_2.4 (Centos 4.6 and 4.7 have
glibc_2.3, it looks like). And the updated glibc version isn't in
EPEL, either.  Other things have errors as well.  So that doesn't look
like a workable approach.

The other repository listed in the wiki is carefully flagged as for
testing use only, which would be fine for now but I hope to get past
that and start really using it fairly soon, so it's not a medium-term
solution at all.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: What's wrong?

[Paul Lathrop]

Yeah, we all generally agree that sticking to your distribution's
packages where possible is a best practice.

In the case of Puppet; not so much. Puppet is a fast-moving target.
You will find, though, that prominent community members maintain
packages which, while "unofficial" from a distro POV, are incredibly
stable and well put-together.

Also, roll-your-own is actually a good option for Puppet.

In any case, that version of Puppet is not only old, it is essentially
unsupported as well, so... make the decision that is appropriate to
your needs.

Regards,
Paul

On Tue, Sep 30, 2008 at 11:52 AM, dd-b <[EMAIL PROTECTED]> wrote:
>
>
>
> On Sep 30, 1:45 pm, Peter Meier <[EMAIL PROTECTED]> wrote:
>
>> as Paul mentioned, this version is heavily outdated. Best would be if
>> you would update to the latest version.
>
> It's the latest version available for Centos 4.6.  I could try to
> install a Centos 5 rpm, but in general that fails in dependency hell
> and library version conflicts.  Or I could resort to raw brute
> source.  Generally I find that distributions perform a major service
> by keeping builds in sync, and they have people with a LOT more time
> than I do to track individual products and make sure they're shipping
> compatible versions.  I say this as a former newsadmin who built INN
> from scratch regularly :-).
>
> >
>

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: What's wrong?

[Peter Meier]

Hi

> What version of puppet are you using?
> 
 Sorry, it's puppet-0.22.4-1.el4.rf (from rpmforge).  On centos 4.6.
> 
>> as Paul mentioned, this version is heavily outdated. Best would be if
>> you would update to the latest version.
> 
> I shopped around a bit, and found the EPEL repository, which *should*
> have stuff I can just drop into my 4.6, and which has a 0.24.4 version
> of puppet. Unfortunately attempting to install it errors out on
> missing dependencies, like needing glibc_2.4 (Centos 4.6 and 4.7 have
> glibc_2.3, it looks like). And the updated glibc version isn't in
> EPEL, either.  Other things have errors as well.  So that doesn't look
> like a workable approach.

you're using epel4? this shouldn't have glibc_2.4 as dependency.
http://download.fedora.redhat.com/pub/epel/4/i386/repoview/puppet.html

> The other repository listed in the wiki is carefully flagged as for
> testing use only, which would be fine for now but I hope to get past
> that and start really using it fairly soon, so it's not a medium-term
> solution at all.

I would build your own package. It's quite straight forward in
installing the srpm and then rpmbuild -ba
/usr/src/REDHAT/SPECS/puppet.spec with this way you'll get a package
build for centos 4 :)

greets pete

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] question about reports

[Nicolas Arias]

when a node tries to send a report it drops the following error:

err: Reporting failed: undefined method `graph' for
#


on the server i have:

reports = rrdgraph,store
reportdir   = /var/www/puppetreports
rrddir  = /var/www/html/rrd
rrdinterval = $runinterval
rrdgraph= true


on the client i have:

[puppetd]
# The file in which puppetd stores a list of the classes
# associated with the retrieved configuratiion.  Can be loaded in
# the separate ``puppet`` executable using the ``--loadclasses``
# option.
# The default value is '$confdir/classes.txt'.
classfile = $vardir/classes.txt
report = true
rrdgraph = true
# Where puppetd caches the local configuration.  An
# extension indicating the cache format is added automatically.
# The default value is '$confdir/localconfig'.
localconfig = $vardir/localconfig



I had installed RubyRRDtool on the server and the client.

Centos 4 and 5.


Any clue?

-- 
---> Dive to Live, Live to Dive <---

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: What's wrong?

[dd-b]

On Sep 30, 1:45 pm, Peter Meier <[EMAIL PROTECTED]> wrote:

> as Paul mentioned, this version is heavily outdated. Best would be if
> you would update to the latest version.

It's the latest version available for Centos 4.6.  I could try to
install a Centos 5 rpm, but in general that fails in dependency hell
and library version conflicts.  Or I could resort to raw brute
source.  Generally I find that distributions perform a major service
by keeping builds in sync, and they have people with a LOT more time
than I do to track individual products and make sure they're shipping
compatible versions.  I say this as a former newsadmin who built INN
from scratch regularly :-).

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: What's wrong?

[Peter Meier]

Hi

> Yeah, I suspect that version does *not* support the option in
> question. That's OLD stuff :-)
> 
> --Paul
> 
> On Tue, Sep 30, 2008 at 11:26 AM, dd-b <[EMAIL PROTECTED]> wrote:
>>
>>
>> On Sep 30, 1:18 pm, "Paul Lathrop" <[EMAIL PROTECTED]> wrote:
>>> What version of puppet are you using?
>> Sorry, it's puppet-0.22.4-1.el4.rf (from rpmforge).  On centos 4.6.

as Paul mentioned, this version is heavily outdated. Best would be if
you would update to the latest version.

greets pete


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Puppet clients stop talking to the puppetmaster server

[Paul Lathrop]

Have you restarted puppetmasterd? Often when I see changes not
propagating to clients, it turns out there was a syntax error which
stopped the puppetmaster from reloading changes.

Try restarting puppetmasterd and watch the logs.

--Paul

On Mon, Sep 29, 2008 at 7:29 PM, josh <[EMAIL PROTECTED]> wrote:
>
> The clients still check in every 30 minutes or so, but aren't
> downloading the new classes from the server, and they wil still be
> trying to download non-existant classes.  I'm pushing out an upgrade
> of facter from 1.3.8 to 1.5.2, as of right now 500 out of 700 hosts
> have the new facter version, the other 200 or so need to have puppetd
> restarted.  I can enable debug mode in the logs and see if that helps
> with the troubleshooting.
>
> i.e.:
>
> Sep 29 21:58:49  puppetd[17414]: [ID 702911 daemon.notice]
> Starting catalog run
> Sep 29 21:58:55  puppetd[17414]: [ID 702911 daemon.warning] (//
> Node[default]/dhcp_server/File[/export/home/jrivel/dhcp-server.tar]/
> ensure) No specified sources exist
> Sep 29 21:58:55  puppetd[17414]: [ID 702911 daemon.warning] (//
> Node[default]/dhcp_server/File[/export/home/jrivel/dhcp-server.tar]/
> ensure) No specified sources exist
> Sep 29 21:58:55  puppetd[17414]: [ID 702911 daemon.warning] (//
> Node[default]/dhcp_server/File[/export/home/jrivel/dhcp-server.tar]/
> source) No specified sources exist
> Sep 29 21:59:01  puppetd[17414]: [ID 702911 daemon.notice]
> Finished catalog run in 12.23 seconds
>
>
>
> On Sep 29, 5:56 pm, "Andrew Shafer" <[EMAIL PROTECTED]> wrote:
>> What do the logs look like on the clients that stop connecting?
>>
>> That's where I'd expect to see something, not on the master.
>>
>> On Mon, Sep 29, 2008 at 11:14 AM, josh <[EMAIL PROTECTED]> wrote:
>>
>> > Here's the scenario,
>>
>> > We have roughly 700 OpenSolaris hosts running puppet-0.24.4,
>> > facter-1.3.8, and ruby 1.8.6.
>> > Puppetmaster server is running OpenSolaris, puppet-0.24.5,
>> > facter-1.5.2, and ruby 1.8.6.
>> > I'm running 4 puppetmasterd instances with mongrel fronted by apache
>> > in load balancer mode.
>>
>> > It seems that quite a few (roughly a third) of the boxes stop checking
>> > in to the puppetmaster server, or just stop downloading/creating the
>> > new classes file from the puppetmaster server.  If I ssh into each
>> > box, stop puppetd and restart it, it downloads the new /var/puppet/
>> > state/classes.txt and everything is good again.
>>
>> > All of the clients are identical, same OS versions, same patch levels,
>> > same puppet.conf, etc.
>>
>> > I am not seeing anything in the logs on the puppetmaster server
>> > (either in the apache logs or puppetmasterd logs) that is indicative
>> > of an issue.
>>
>> > Any thoughts?
>>
>> > Thanks,
>> > Josh
> >
>

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Simplest setup not working

[Paul Lathrop]

There is a FAQ on the website which addresses this error message; I
suspect you'd have less trouble if you upgraded to a more recent
version of Puppet.

--Paul

On Tue, Sep 30, 2008 at 8:42 AM, dd-b <[EMAIL PROTECTED]> wrote:
>
>
>
> On Sep 30, 9:55 am, Ed Greenberg <[EMAIL PROTECTED]> wrote:
>
>> I think this might be a time sync problem. Please check that the time
>> matches on the puppetmaster and the client.
>
> Thanks, but no.  All the systems involved are running NTP, and the
> actual times on them match very closely.
>
> >
>

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: What's wrong?

[Paul Lathrop]

Yeah, I suspect that version does *not* support the option in
question. That's OLD stuff :-)

--Paul

On Tue, Sep 30, 2008 at 11:26 AM, dd-b <[EMAIL PROTECTED]> wrote:
>
>
>
> On Sep 30, 1:18 pm, "Paul Lathrop" <[EMAIL PROTECTED]> wrote:
>> What version of puppet are you using?
>
> Sorry, it's puppet-0.22.4-1.el4.rf (from rpmforge).  On centos 4.6.
>
> >
>

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: What's wrong?

[dd-b]

On Sep 30, 1:18 pm, "Paul Lathrop" <[EMAIL PROTECTED]> wrote:
> What version of puppet are you using?

Sorry, it's puppet-0.22.4-1.el4.rf (from rpmforge).  On centos 4.6.

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: What's wrong?

[Paul Lathrop]

What version of puppet are you using?

--Paul

On Tue, Sep 30, 2008 at 11:15 AM, dd-b <[EMAIL PROTECTED]> wrote:
>
> From puppetmaster.log:
>
> Tue Sep 30 11:38:35 CDT 2008 Puppet (warning): Discarded unknown
> configuration parameter :certdnsnames
>
> But from  ConfigurationReference>:
>
> certdnsnames
>
> The DNS names on the Server certificate as a colon-separated list. If
> it's anything other than an empty string, it will be used as an alias
> in the created certificate. By default, only the server gets an alias
> set up, and only for 'puppet'.
>
> And from my config file:
>
>certdnsnames = prcapp00.xxemployerxx.local
>
> The misplaced space in the error message confuses things, I think,
> especially in combination with the option for a colon-separated list
> for the value.
> >
>

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] What's wrong?

[dd-b]

>From puppetmaster.log:

Tue Sep 30 11:38:35 CDT 2008 Puppet (warning): Discarded unknown
configuration parameter :certdnsnames

But from :

certdnsnames

The DNS names on the Server certificate as a colon-separated list. If
it's anything other than an empty string, it will be used as an alias
in the created certificate. By default, only the server gets an alias
set up, and only for 'puppet'.

And from my config file:

certdnsnames = prcapp00.xxemployerxx.local

The misplaced space in the error message confuses things, I think,
especially in combination with the option for a colon-separated list
for the value.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Confirming: London meet up, Weds 1st Oct 7pm.

[Teyo Tyree]

Hey,

The Green Man bar seems to be the spot. It is just a few blocks up from 
training facility.  The training should be concluded around 5PM.  I will 
walk over after we have concluded for the day, and I am sure several of 
the class members will join us.  Won't be a late night for me, but I 
wouldn't begrudge anyone a pint and I am sure I can hold out till after 
7:00PM.

Cheers,
Teyo

wrote:
>
> Sorry to re-post this, but considering I was about to cross post to 
> -dev I thought it best to get it on its own thread.
>
> If anyone is keen to meet up in London tomorrow, whilst the training 
> course is in town, I'll be sitting drinking a pint or three of cider 
> at The Green Man:
>> http://www.fancyapint.com/pubs/pub847.html
>
> Here's how to get there from the training centre:
>
> http://maps.google.com/maps?daddr=36+Riding+House+St,+Westminster,+London+W1W,+UK&geocode=&dirflg=&saddr=Conway+Mews,+London+W1T+6AA&f=d&sll=51.519959,-0.138896&sspn=0.00705,0.017295&ie=UTF8&z=17
>  
>
>
> I can be there around 7pm, have to do some datacentre work whilst i'm 
> in London. If anyone can get there sooner, holler.
>
> Cheers,
>
> Mike
>


-- 

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Module Standards

[Kenton Brede]

On Mon, Sep 29, 2008 at 1:30 PM, Digant C Kasundra <[EMAIL PROTECTED]> wrote:
>
>
> - "Kenton Brede" <[EMAIL PROTECTED]> wrote:
>
>> My question is, what's wrong with this setup?  I ask this realizing
>> the smallness of our
>> operation makes me a little myopic.
>
> With a small operation, it is okay.  With something larger, it doesn't scale 
> well and it doesn't make good use of module grouping.  For instance, when 
> setting up openldap, I want to talk about what I do (packages I install, conf 
> files I drop in, etc) all in one place so I can see what I do with openldap 
> as a whole more easily.  If it were broken out into several places based on 
> OS type, it isn't quite as easy to ensure that each OS type is similar.  For 
> instance, on a debian box and a redhat box, I can look at classes.txt and see 
> that openssh class is applied, so I know that I'm managing openssh on debian 
> and redhat boxes, but with the other approach, I wouldn't be able to see that 
> without digging into the debian.pp and redhat.pp files.
>

Hmmm, unless I'm missing something, what you describe is what I'm
doing.  If I'm wrong please let me know.

Currently I have two types of modules:

Modules based on type (file, cron, etc) that are not tied to a
particular service.  For example, a custom script that goes to host
foo, or a group such as rhel5.  And modules based on a service
(apache, iptables, etc), which contain any resources that are needed.

The only time I have a rhel5.pp class, is if it's as sub-module.  For
example cron::rhel5.pp, which contains cron jobs for rhel5  servers.
Or apache::rhel5.pp, which contains rhel5 specifics for that group.  I
don't have a single class rhel5.pp where I try to manage all
resources, if that's what you thought I did.



>> Could you give a couple examples of what you mean by "action type"
>> and
>> "functional role?"

> An action type is like sort of like "what you do to a system."  So, things 
> like "install this file" or "install this package."  Functional role is 
> things like "manage openldap" or "ensure these users are present" which would 
> in turn include actions like installing packages or files or setting up user 
> preferences.
>

Thanks for the clarification :)
Kent

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Changing server name

[dd-b]

My server has ended up with a certificate for the public name of the
system it's on; and that name isn't accessible internally.  So clients
try to connect to the internal name, and then find that the
certificate doesn't match.

So, presumably there is some way to destroy the old certificate, and
to specify in the config file what name the server should go by.
Short of uninstalling all the software, deleting all the directories,
and starting over (after I've found how to specify the server name).

I see that in the rpmforge install, /etc/puppetc/puppetca.conf and
puppetmarterd.conf are symbolic links to puppetd.conf, and that the
file has [puppet] and [puppetd] sections.

What sections are read by what programs?  I've got services called
"puppet" and "puppetmaster" in /etc/init.d, and rpms called puppet and
puppet-server.  And NO MAN PAGES!  Usually that's where I can find
what exact config files there are for each thing, and what the config
file syntax is, but that information seems much harder to come by for
puppet.

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: London meet up, Weds 1st Oct 7pm.

[AndyH]

On Sep 30, 2:12 pm, Paul Nasrat <[EMAIL PROTECTED]> wrote:
> > I can be there around 7pm, have to do some datacentre work whilst i'm
> > in London. If anyone can get there sooner, holler.
>
> I'll be there from a bit earlier (probably 18:00), and try to have  
> some obvious puppet indicator with me and try and grab a table.

I will aim to be there around 18:30 but am traveling from Oxford so
can't be sure of the time.

Andy
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Simplest setups not working

[dd-b]

On Sep 29, 11:26 pm, Teyo Tyree <[EMAIL PROTECTED]> wrote:

> David Dyer-Bennet wrote:
> > Puppet is kicking my ass.  Maybe I'm having a stupid day.
>
> Don't worry it kicks my ass everyday, but I am training, and one day
> I'll take it down I swear.

I'm having hopes; but more for the long run than anything
immediate :-).

> > It's probably relevant to mention that the client is behind NAT on a
> > private LAN (it's part of a cluster behind LVS in NAT mode).  The client
> > system can connect out to other services on the same host as the puppet
> > server, but if it's depending on picking up server broadcasts or anything,
> > that's not going to fly.
>
> No worries here puppetd is by default pull only.  Just needs to be able
> to contact puppetmasterd and pull down its catalog.

Good.  Thanks for confirming it!

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Simplest setup not working

[dd-b]

On Sep 30, 9:55 am, Ed Greenberg <[EMAIL PROTECTED]> wrote:

> I think this might be a time sync problem. Please check that the time
> matches on the puppetmaster and the client.

Thanks, but no.  All the systems involved are running NTP, and the
actual times on them match very closely.

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: External/internal nodes

[Luke Kanies]

On Sep 27, 2008, at 3:01 PM, Eric Moore wrote:

>
> Luke Kanies <[EMAIL PROTECTED]> writes:
>
>> On Sep 26, 2008, at 4:11 PM, Eric Moore wrote:
>>
>>> When does the internal node definition get used, i.e. under what
>>> circumstances?  What do the internal nodes do in combination with  
>>> the
>>> external tool, and under what circumstances?
>>
>>
>> The internal and external node systems are essentially parallel ways
>> of configuring nodes.  If you have any nodes defined in the language,
>> then Puppet will similarly fail if a given client doesn't match an
>> internal node definition.
>>
>> And the two systems are entirely orthogonal -- they can do similar
>> work, but they work with entirely separate mechanisms and they  
>> neither
>> conflict nor work together.
>
> So if there's information in the external and internal systems...
> Which one gets used?  Or?

Both.

>
>> Yes, it's confusing, but the previous model -- where you couldn't use
>> them together -- was apparently even more confusing.
>>
>> It's pretty easy, really:  If you use a given node system, every
>> client must have an entry in that node system.  You should probably
>> stick to just one of them.
>
> Well, we're trying to switch from one to the other, and was hoping to
> not have to fully populate the external tool all at once and use it
> everywhere.


Then add support for a default node.

-- 
Reality is that which, when you stop believing in it, doesn't go
away. -- Philip K. Dick, "How to Build a Universe"
-
Luke Kanies | http://reductivelabs.com | http://madstop.com


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Pulling Strings with Puppet

[James Turnbull]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Evan Hisey wrote:
> Um, the ebook does not use DRM technology. It uses just an old fashion
> password protection scheme. This is a reasonable, if some what
> annoying copyright management that still lets you share the ebook just
> like a normal book.
> 

Evan

I assumed Adam meant the "password" copyright protection as "poor man's
DRM".  But yes you are correct - technically that isn't DRM.

Regards

James Turnbull

- --
Author of:
* Pulling Strings with Puppet
(http://www.amazon.com/gp/product/1590599780/)
* Pro Nagios 2.0
(http://www.amazon.com/gp/product/1590596099/)
* Hardening Linux
(http://www.amazon.com/gp/product/159059/)

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFI4kDO9hTGvAxC30ARAq72AJ9tzqUom9ovCNmrUi5qUeK0rd1n4ACg0mlJ
3DRl73ycHK+Z56hmWURARAE=
=BybS
-END PGP SIGNATURE-

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Pulling Strings with Puppet

[Evan Hisey]

Um, the ebook does not use DRM technology. It uses just an old fashion
password protection scheme. This is a reasonable, if some what
annoying copyright management that still lets you share the ebook just
like a normal book.

Evan

On Tue, Sep 30, 2008 at 8:54 AM, windowsrefund <[EMAIL PROTECTED]> wrote:
>
> James,
>
> I'm glad to hear you are against DRM and are planning to oppose it
> going forward. As for my copy, I was able to access it again.
>
> All the best,
> Adam Kosmin
>
> On Sep 30, 8:45 am, "Robert Foreman" <[EMAIL PROTECTED]> wrote:
>> I believe the pass phrase is simply the email address you ordered the ebook
>> with. That's what it is on mine.
>>
>> On Mon, Sep 29, 2008 at 9:07 PM, James Turnbull <[EMAIL PROTECTED]>wrote:
>>
>>
>>
>> > -BEGIN PGP SIGNED MESSAGE-
>> > Hash: SHA1
>>
>> > windowsrefund wrote:
>> > > James,
>>
>> > > I'm really bothered by the fact that the 'ebook' contains DRM. In
>> > > fact, I can't even access my purchased copy because I forgot my pass
>> > > phrase. I really wish you would have taken a stand against this DRM
>> > > when working on this project.
>>
>> > Adam
>>
>> > How Apress choose to sell the book is something I don't overly influence
>> > - - as is the case with many authors and their publishers.
>>
>> > Personally I oppose DRM - as you would expect from my roles as a member
>> > of the Linux Australia council, on the committee of Linux Users Victoria
>> > and fairly active in the FOSS community generally.  But in this case the
>> > matter of how Apress license their e-books was out of my hands.
>>
>> > In the event Apress do a second edition I will take that up with them
>> > again.
>>
>> > With regard to your forgotten pass phrase Apress are generally happy to
>> > recover the lost phrase or failing that I will provide you with another
>> > copy of the book personally.
>>
>> > Regards
>>
>> > James Turnbull
>>
>> > - --
>> > Author of:
>> > * Pulling Strings with Puppet
>> > (http://www.amazon.com/gp/product/1590599780/)
>> > * Pro Nagios 2.0
>> > (http://www.amazon.com/gp/product/1590596099/)
>> > * Hardening Linux
>> > (http://www.amazon.com/gp/product/159059/)
>>
>> > -BEGIN PGP SIGNATURE-
>> > Version: GnuPG v1.4.7 (Darwin)
>> > Comment: Using GnuPG with Mozilla -http://enigmail.mozdev.org
>>
>> > iD8DBQFI4XvK9hTGvAxC30ARAiIuAJ0aqQc3g2cb6NHGYl9mbd4rRXhiUACeP8Rr
>> > Gv8qpsPrWK09jJG3bmWVnSg=
>> > =kjJo
>> > -END PGP SIGNATURE-
> >
>

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Simplest setup not working

[Ed Greenberg]

dd-b wrote:
> On Sep 29, 4:44 pm, "Dave Nash" <[EMAIL PROTECTED]> wrote:
>   
>> "puppetd --server=YOUR PUPPET MASTER" should get you rolling.  I believe by
>> default puppet looks for a server named puppet in the DNS search path.
>> 
>
> Okay, that solved the problem of not finding the server.  Thanks!
>
> But didn't get me much further; I'm still not getting configuration
> data to the client.
>
> [EMAIL PROTECTED] ~]$ sudo puppetd --verbose --server=prcapp00
> warning: peer certificate won't be verified in this SSL session
> notice: Did not receive certificate
> [ In between here I used puppetca on the server to sign the
> certificate ]
> notice: Got signed certificate
> notice: Starting Puppet client version 0.22.4
> err: Could not retrieve configuration: Certificates were not trusted:
> hostname not match with the server certificate
> err: Could not run Puppet::Network::Client::Master: Cannot connect to
> server and there is no cached configuration
>   
I think this might be a time sync problem. Please check that the time 
matches on the puppetmaster and the client.

When I was first experimenting with Puppet, I saw this, and curing the 
time issues resolved the problem.


Ed Greenberg

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Simplest setup not working

[dd-b]

On Sep 29, 4:44 pm, "Dave Nash" <[EMAIL PROTECTED]> wrote:
> "puppetd --server=YOUR PUPPET MASTER" should get you rolling.  I believe by
> default puppet looks for a server named puppet in the DNS search path.

Okay, that solved the problem of not finding the server.  Thanks!

But didn't get me much further; I'm still not getting configuration
data to the client.

[EMAIL PROTECTED] ~]$ sudo puppetd --verbose --server=prcapp00
warning: peer certificate won't be verified in this SSL session
notice: Did not receive certificate
[ In between here I used puppetca on the server to sign the
certificate ]
notice: Got signed certificate
notice: Starting Puppet client version 0.22.4
err: Could not retrieve configuration: Certificates were not trusted:
hostname not match with the server certificate
err: Could not run Puppet::Network::Client::Master: Cannot connect to
server and there is no cached configuration

I can't even tell for sure from this message which end had a problem
with certificates, and I don't know what hostname it tried to check
against which certificate.   Reverse DNS on the client IP does get
back the client name.

Is puppet heavily intertwined with DNS?  Like most people in
commercial environments, I don't really have control over what DNS is
doing with the names.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Simplest setup not working

[dd-b]

On Sep 29, 4:44 pm, "Dave Nash" <[EMAIL PROTECTED]> wrote:
> "puppetd --server=YOUR PUPPET MASTER" should get you rolling.  I believe by
> default puppet looks for a server named puppet in the DNS search path.

Okay, that solved the problem of not finding the server.  Thanks!

But didn't get me much further; I'm still not getting configuration
data to the client.

[EMAIL PROTECTED] ~]$ sudo puppetd --verbose --server=prcapp00
warning: peer certificate won't be verified in this SSL session
notice: Did not receive certificate
[ In between here I used puppetca on the server to sign the
certificate ]
notice: Got signed certificate
notice: Starting Puppet client version 0.22.4
err: Could not retrieve configuration: Certificates were not trusted:
hostname not match with the server certificate
err: Could not run Puppet::Network::Client::Master: Cannot connect to
server and there is no cached configuration

I can't even tell for sure from this message which end had a problem
with certificates, and I don't know what hostname it tried to check
against which certificate.   Reverse DNS on the client IP does get
back the client name.

Is puppet heavily intertwined with DNS?  Like most people in
commercial environments, I don't really have control over what DNS is
doing with the names.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Simplest setup not working

[dd-b]

On Sep 29, 4:44 pm, "Dave Nash" <[EMAIL PROTECTED]> wrote:
> "puppetd --server=YOUR PUPPET MASTER" should get you rolling.  I believe by
> default puppet looks for a server named puppet in the DNS search path.

Okay, that solved the problem of not finding the server.  Thanks!

But didn't get me much further; I'm still not getting configuration
data to the client.

[EMAIL PROTECTED] ~]$ sudo puppetd --verbose --server=prcapp00
warning: peer certificate won't be verified in this SSL session
notice: Did not receive certificate
[ In between here I used puppetca on the server to sign the
certificate ]
notice: Got signed certificate
notice: Starting Puppet client version 0.22.4
err: Could not retrieve configuration: Certificates were not trusted:
hostname not match with the server certificate
err: Could not run Puppet::Network::Client::Master: Cannot connect to
server and there is no cached configuration

I can't even tell for sure from this message which end had a problem
with certificates, and I don't know what hostname it tried to check
against which certificate.   Reverse DNS on the client IP does get
back the client name.

Is puppet heavily intertwined with DNS?  Like most people in
commercial environments, I don't really have control over what DNS is
doing with the names.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Pulling Strings with Puppet

[windowsrefund]

James,

I'm glad to hear you are against DRM and are planning to oppose it
going forward. As for my copy, I was able to access it again.

All the best,
Adam Kosmin

On Sep 30, 8:45 am, "Robert Foreman" <[EMAIL PROTECTED]> wrote:
> I believe the pass phrase is simply the email address you ordered the ebook
> with. That's what it is on mine.
>
> On Mon, Sep 29, 2008 at 9:07 PM, James Turnbull <[EMAIL PROTECTED]>wrote:
>
>
>
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA1
>
> > windowsrefund wrote:
> > > James,
>
> > > I'm really bothered by the fact that the 'ebook' contains DRM. In
> > > fact, I can't even access my purchased copy because I forgot my pass
> > > phrase. I really wish you would have taken a stand against this DRM
> > > when working on this project.
>
> > Adam
>
> > How Apress choose to sell the book is something I don't overly influence
> > - - as is the case with many authors and their publishers.
>
> > Personally I oppose DRM - as you would expect from my roles as a member
> > of the Linux Australia council, on the committee of Linux Users Victoria
> > and fairly active in the FOSS community generally.  But in this case the
> > matter of how Apress license their e-books was out of my hands.
>
> > In the event Apress do a second edition I will take that up with them
> > again.
>
> > With regard to your forgotten pass phrase Apress are generally happy to
> > recover the lost phrase or failing that I will provide you with another
> > copy of the book personally.
>
> > Regards
>
> > James Turnbull
>
> > - --
> > Author of:
> > * Pulling Strings with Puppet
> > (http://www.amazon.com/gp/product/1590599780/)
> > * Pro Nagios 2.0
> > (http://www.amazon.com/gp/product/1590596099/)
> > * Hardening Linux
> > (http://www.amazon.com/gp/product/159059/)
>
> > -BEGIN PGP SIGNATURE-
> > Version: GnuPG v1.4.7 (Darwin)
> > Comment: Using GnuPG with Mozilla -http://enigmail.mozdev.org
>
> > iD8DBQFI4XvK9hTGvAxC30ARAiIuAJ0aqQc3g2cb6NHGYl9mbd4rRXhiUACeP8Rr
> > Gv8qpsPrWK09jJG3bmWVnSg=
> > =kjJo
> > -END PGP SIGNATURE-
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: shorewall module for puppet

[Peter Meier]

Hi

> I am currently trying to roll out puppet across our company as a means
> of managing the configuration for all our systems. I am really keen to
> get it into production use, but I have hit a bit of a brick wall with
> a particular problem. We use shorewall to manage all system level
> firewalls and I have been trying to use the shorewall module from
> https://git.puppet.immerda.ch/?p=module-shorewall and it keeps giving
> me errors similar to

this module is originally based on DavidS' Module:
http://git.black.co.at/?p=module-shorewall and as I'm one of the authors
of the version in of your repo I try to answer.
(As I see currently the repo box isn't avaiable, an alternative source
for the module would be here:
http://github.com/duritong/puppet-shorewall/tree/master )

anyway to your problem:

> warning: Configuration could not be instantiated: Could not find
> dependent Exec[concat_/var/lib/puppet/modules/shorewall/interfaces.d]
> for File[/var/lib/puppet/modules/shorewall/interfaces.d/100-eth0] at /
> var/lib/puppet/modules/shorewall/manifests/init.pp:66

hmm this sounds like there is a problem in the basic setup of the
module. you need to use the common module
(http://github.com/duritong/puppet-common/tree/master or
http://git.black.co.at/?p=module-common) for this module. are u using
that one? Because this exec should be created through the concatenated
file definition.
the alias is created in:
http://github.com/duritong/puppet-common/tree/master/manifests/defines/concatenated_file.pp
on line 68. so it sounds like it's not coming to this point.

btw: are you importing the common module in something like modules.pp in
your manifests folder, like it is described in the common readme.

> Which is incredibly frustrating. I read the thread that was on this
> list a few months ago in relation to this problem but it didn't have
> any real solution posted.

i'm using it now in 2 locations without any problems. however maybe
there is something burried somewhere. so I would be as well happy to
find out the problem.

> I have been trying to put a whole bunch of debug messages in the
> shorewall module (to find out what is going on) but even using the
> command
>
> puppetmasterd --verbose --debug --no-daemonize --trace
> 
> None of these messages seem to get displayed. This issue unfortunately
> is a bit of a showstopper so I am keen to get it resolved. I have been
> looking at it for the past few days but from what I can tell, both the
> shorewall module and the common module it users seem to look fine.
> 
> Is there some way of being able to put even more debugging output on
> the puppetd or puppetmasterd side?

i normally use notices so I see them in the puppetmasterd, but you don't
need to run it in debug or trace mode.

greets pete

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: [Puppet-dev] London meet up, Weds 1st Oct 7pm.

[Paul Nasrat]

>
>
> I can be there around 7pm, have to do some datacentre work whilst i'm
> in London. If anyone can get there sooner, holler.

I'll be there from a bit earlier (probably 18:00), and try to have  
some obvious puppet indicator with me and try and grab a table.


Paul

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] London meet up, Weds 1st Oct 7pm.

[Mike Pountney]

Sorry to re-post this, but considering I was about to cross post to - 
dev I thought it best to get it on its own thread.

If anyone is keen to meet up in London tomorrow, whilst the training  
course is in town, I'll be sitting drinking a pint or three of cider  
at The Green Man:
> http://www.fancyapint.com/pubs/pub847.html

Here's how to get there from the training centre:

http://maps.google.com/maps?daddr=36+Riding+House+St,+Westminster,+London+W1W,+UK&geocode=&dirflg=&saddr=Conway+Mews,+London+W1T+6AA&f=d&sll=51.519959,-0.138896&sspn=0.00705,0.017295&ie=UTF8&z=17

I can be there around 7pm, have to do some datacentre work whilst i'm  
in London. If anyone can get there sooner, holler.

Cheers,

Mike


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] shorewall module for puppet

[Graeme Gillies]

Hi,

I am currently trying to roll out puppet across our company as a means
of managing the configuration for all our systems. I am really keen to
get it into production use, but I have hit a bit of a brick wall with
a particular problem. We use shorewall to manage all system level
firewalls and I have been trying to use the shorewall module from
https://git.puppet.immerda.ch/?p=module-shorewall and it keeps giving
me errors similar to

warning: Configuration could not be instantiated: Could not find
dependent Exec[concat_/var/lib/puppet/modules/shorewall/interfaces.d]
for File[/var/lib/puppet/modules/shorewall/interfaces.d/100-eth0] at /
var/lib/puppet/modules/shorewall/manifests/init.pp:66

Which is incredibly frustrating. I read the thread that was on this
list a few months ago in relation to this problem but it didn't have
any real solution posted.

I have been trying to put a whole bunch of debug messages in the
shorewall module (to find out what is going on) but even using the
command

puppetmasterd --verbose --debug --no-daemonize --trace

None of these messages seem to get displayed. This issue unfortunately
is a bit of a showstopper so I am keen to get it resolved. I have been
looking at it for the past few days but from what I can tell, both the
shorewall module and the common module it users seem to look fine.

Is there some way of being able to put even more debugging output on
the puppetd or puppetmasterd side?

Thanks in advance,

Graeme

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Pulling Strings with Puppet

[Robert Foreman]

I believe the pass phrase is simply the email address you ordered the ebook
with. That's what it is on mine.

On Mon, Sep 29, 2008 at 9:07 PM, James Turnbull <[EMAIL PROTECTED]>wrote:

>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> windowsrefund wrote:
> > James,
> >
> > I'm really bothered by the fact that the 'ebook' contains DRM. In
> > fact, I can't even access my purchased copy because I forgot my pass
> > phrase. I really wish you would have taken a stand against this DRM
> > when working on this project.
>
> Adam
>
> How Apress choose to sell the book is something I don't overly influence
> - - as is the case with many authors and their publishers.
>
> Personally I oppose DRM - as you would expect from my roles as a member
> of the Linux Australia council, on the committee of Linux Users Victoria
> and fairly active in the FOSS community generally.  But in this case the
> matter of how Apress license their e-books was out of my hands.
>
> In the event Apress do a second edition I will take that up with them
> again.
>
> With regard to your forgotten pass phrase Apress are generally happy to
> recover the lost phrase or failing that I will provide you with another
> copy of the book personally.
>
> Regards
>
> James Turnbull
>
> - --
> Author of:
> * Pulling Strings with Puppet
> (http://www.amazon.com/gp/product/1590599780/)
> * Pro Nagios 2.0
> (http://www.amazon.com/gp/product/1590596099/)
> * Hardening Linux
> (http://www.amazon.com/gp/product/159059/)
>
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.7 (Darwin)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFI4XvK9hTGvAxC30ARAiIuAJ0aqQc3g2cb6NHGYl9mbd4rRXhiUACeP8Rr
> Gv8qpsPrWK09jJG3bmWVnSg=
> =kjJo
> -END PGP SIGNATURE-
>
> >
>

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: London Training Sept 29th - Oct 3rd

[Mike Pountney]

Anyone still keen to meet up in London?

If so, considering the closeness to the training venue, let's meet here:
> http://www.fancyapint.com/pubs/pub847.html

...  it specialises in Cider too. Yeehaw.

Handy map stuff:

http://maps.google.com/maps?daddr=36+Riding+House+St,+Westminster,+London+W1W,+UK&geocode=&dirflg=&saddr=Conway+Mews,+London+W1T+6AA&f=d&sll=51.519959,-0.138896&sspn=0.00705,0.017295&ie=UTF8&z=17

I can be there around 7pm, have to do some datacentre work whilst i'm  
in London.

Cheers,

Mike



--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---