[Puppet Users] Cascaded conditionals possible ?

[Marcello de Sousa]

I've been trying to use a resolv_conf recipe to setup the DNS servers based
on $domain and $location (a custom fact).
So I cascade the 2 conditionals, but it's not working. Is it supposed to
work ? Or should I look for an alternative ?
--
resolv_conf { "location_based_resolv":
domainname  => "$domain",
searchpath  => [$domain],
# Here is the cascaded conditional. If I'm in "domain1" I want to test 3
different locations.
nameservers => $domain ? {
   "domain1.local" => $location ? {
"Default-First-Site-Name" =>  ['10.2.38.10','10.128.38.21'],
"HeadOffice"  =>
['10.128.36.20','10.128.36.11'],
default   =>  ['10.128.36.10','10.2.36.21'],
  }
   "domain2.local" =>  ['10.128.36.20','10.128.36.10'],
   default =>  ['10.128.36.10','10.2.36.20'],
 }
}
--
## If I test only one level it works:
#nameservers => $location ? {
#   "Default-First-Site-Name" =>  ['10.2.38.10','10.128.38.21'],
#   "HeadOffice"  =>
['10.128.36.20','10.128.36.11'],
#   default   =>  ['10.128.36.10','10.2.36.21'],
# }
--

Am I missing something ? Or should I do it differently ?

Cheers,
Marcello



-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Can I get a list of affected hosts of a class change?

[number4]

Hello puppet-users,

Long-time listener, first-time caller ;) I was wondering if anyone has
a
good way to find all the classes and/or hosts that are affected by a
change
in a given module.

So, say I have a module named ssh. It is inherited/included by a
number of other
classes. If I make a change to the ssh module, how can I get a list of
all
the classes and/or hosts in my environment that will be affected
before I
commit my changes?

I am aware of the classes.txt file on the client, but I am looking for
something on the server (puppetmaster) side so I have one place to
determine
all affected hosts.

Is there some "best practice" I can follow to make this possible? Or
is
there anything that can be run to obtain this information?

Any guidance or recommendation is appreciated.

---
 _| | |\/|
---

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] NET/Network HSM support

[yurkao]

does puppet supports HSM/NetHMS?

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] problems with puppet and nagios

[Matthew Delves]

Hey folks,
I seem to be having a problem with puppet and nagios in that it is writing 50+ 
copies of the host definition for each host to the target file. Is this a known 
problem?

Currently the server is running 0.25.4 and the client is running 0.25.2.

Thanks,
Matt Delves

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Israeli Puppet meetup?

[Moty]

Count me in too


On Feb 10, 9:42 am, Ohad Levy  wrote:
> Hey Guys,
>
> Wondering if anyone here is from Israel, I'll be visiting Israel next week
> and would love to have a good puppet talk
>
> cheers,
> Ohad

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Israeli Puppet meetup?

[Oded]

I'm in !


On Feb 10, 9:42 am, Ohad Levy  wrote:
> Hey Guys,
>
> Wondering if anyone here is from Israel, I'll be visiting Israel next week
> and would love to have a good puppet talk
>
> cheers,
> Ohad

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] My first type/provider - does nothing...

[Daniel Kerwin]

Hi list,

i tried to write my first type and provider that should create logical
volumes. Seems like i'm missing something as i get nothing when i use
it: No errors and no logical volume :-(

type/logicalvolume.rb:
=

Puppet::Type.newtype(:logicalvolume) do
@doc = "Manage logical volumes"

ensurable

newparam(:lvname) do
desc "The logcal volume's name"

validate do |value|
unless value =~ /^[a-z0-9]+/
raise ArgumentError , "%s is not a valid lv name" %
value
end
end

isnamevar

end

newparam(:size) do
desc "The size in M or G"

validate do |value|
unless value =~ /^[0-9]+[MG]/
raise ArgumentError , "%s is not a valid lv size" %
value
end
end
end

newparam(:vg) do
desc "The volumevg to create the volume in"

validate do |value|
unless value =~ /^[a-z0-9]+/
raise ArgumentError , "%s is not a valid lv name" %
value
end
end
end
end

provider/logicalvolume/logicalvolume.rb
===

Puppet::Type.type(:logicalvolume).provide(:logicalvolume) do
desc "LogicalVolume management"

commands :lvcreate => "lvcreate"

def create
lvcreate "-L", resource[:size], "-n", resource[:name],
resource[:vg]
end

def destroy
return true
end

def exists?
return nil
end
end

Test class Bozo
=

class bozo {

logicalvolume { "test01lv":
size => "100M",
vg   => "datavg",
#provider => "logicalvolume",
}

file { "/tmp/lvtest":
content => "aaa",
}
}

The file is created and no notice about the volume. I checken my type
and provider and it seems to be ok:

ruby -rpuppet type/logicalvolume.rb
ruby -rpuppet provider/logicalvolume/logicalvolume.rb

It's my first try and it may be obvious to you but i just don't get
it.

Thanks,

Daniel

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Behaviour overloading through inheritance

[robert.gstoehl]

Hey there,

I'd like to migrate some of our solaris hardening mechanisms from sst
(jass) to puppet. One part of the work involves disabling services in
a secure base class while letting the administrator override specific
services through sepcialized classes (kind of a secure - by default -
mechanism).

In puppet language:

class solaris {

}

class lamp_services inherits solaris {

}

class mailservices inherits solaris {

}

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: naming inherited classes vs namespace children.

[Nigel Kersten]

On Mon, Feb 15, 2010 at 5:58 AM, jcbollinger  wrote:
>
>
> On Feb 13, 6:53 pm, Nigel Kersten  wrote:
>> Do other people have a consistent naming system for distinguishing
>> between sub-classes that are simply namespace children versus those
>> that actually inherit from another class?
>
> I do not have such a system to offer, in part because I have never
> conceived a need for one.  Your setup is much more complicated than
> mine, I think, so you surely have needs that I do not, but are you
> certain this is one of them?  In other words, what problem do you
> solve by encoding that distinction into class names?

Not having to delve into a given class to work out how it behaves.

I have a lot of part-time Puppet manifest maintainers. They don't do
it regularly, and I've tried to keep a short leash on a lot of the
more complicated Puppet features for this reason.

It's by no means necessary. It's just bothering me, so I thought I'd
see whether anyone else has an elegant solution... :)

>
>
> John
>
> --
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to 
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.
>
>



-- 
nigel

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: naming inherited classes vs namespace children.

[jcbollinger]

On Feb 13, 6:53 pm, Nigel Kersten  wrote:
> Do other people have a consistent naming system for distinguishing
> between sub-classes that are simply namespace children versus those
> that actually inherit from another class?

I do not have such a system to offer, in part because I have never
conceived a need for one.  Your setup is much more complicated than
mine, I think, so you surely have needs that I do not, but are you
certain this is one of them?  In other words, what problem do you
solve by encoding that distinction into class names?


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: satellite sites management

[R.I.Pienaar]

- "Dan Bode"  wrote:

>> sure, but it just shows why global variables have been abandoned by
>> all but the most sucky devs and languages, puppet has some way to go
>> to make this easy for us to do the right thing :)
> 
> 
> I wish I had a better response for this point ;) Except I will say
> that something feels natural about injecting parameters into a puppet
> run (maybe thats what other global variable supporters would say).

I don't think it's the end of the world too right now, but puppet needs a lot 
of work to get to the point where we can really start sharing modules as a 
group.  This is one of them and the work is ongoing so thats encouraging


> there's no such tool - at least not in public domain, again I agree
> with you but it would take ages to write a fully flexible node tool,
> foreman and dashboard both suffer from a lot of assumption about how
> the authors/designers thinks architectures should work that doesn't
> translate well to all cases.
> 
> The Dashboard is supposed to be this tool.
> Can you be specific about what you think those limitations are?

I need another look at it, it's been a while and I forget the specifics of what 
it was.

> > Wouldnt there be cases where you have to change every line of puppet
> > code that uses the extlookup tool if the properties that determine
> the
> > lookup change?
> 
> not that I can think of.
> 
> 
> when I say properties, I mean, its no longer determined by DC, but by
> some other fact.

that's fine - you have one place where you configure the lookup ordering - in 
site.pp in the global scope - and if you want to change you change the config 
not the extlookup calls.


>> These are facts about a node, it should be on the node and it has a
>> lot of use being on the node (see how mcollective does discovery for
>> example). though that said, nothing prevents you from just writing a
>> list of classifier provided facts onto the node to achieve the same.
> 
> 
> thats an interesting point. How are you handle those facts? Do you
> keep a description of the location of machines on the local
> filesystem? Or is ipaddress enough to create these facts?

it varies, these are some of my facts:

country = dynamic
location = dynamic by way of a nasty case statement on ips
environment = saved on the box in a text file 
dom0 (fqdn of my dom0) = put there during kickstart
customer = saved on the box in a text file, easy to do in ks too

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Israeli Puppet meetup?

[yurkao]

yes i am :) where do you plan to stay?

On Feb 10, 9:42 am, Ohad Levy  wrote:
> Hey Guys,
>
> Wondering if anyone here is from Israel, I'll be visiting Israel next week
> and would love to have a good puppet talk
>
> cheers,
> Ohad

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Puppet-master and puppetCA

[yurkao]

i've read the 
http://reductivelabs.com/trac/puppet/wiki/MultipleCertificateAuthorities
and not quite sure if i've understood it correctly.

i want to implement the following: puppet-front should only validate
certificates from it's clients, however if new client connects to it:
a) puppet-front must redirect signing request to puppetCA
b) puppetCA signs a request and returns certificate to puppet-front
c) puppet-front returns it to requested client.

if i've understood correctly, i should do the following:
1) install puppetCA as usual and configure puppetd.conf:
ca=true
2) install puppet-front and configure puppetd.conf:
ca=false
ca_server = PuppetCA.FQDN
3) install puppet on client.

please correct me if i've missed something
thanks,yurii

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] How can I set up multiple puppetmasterd?

[Nobuchika Tanaka]

Hi all.

I have a question how to setup that one pupppetd host connects with
more than two puppetmasterd host.

[Environment]
Puppetmasterd
 -version : 0.25.3
 -OS  : Solaris10 10/09

Puppetd
 -version : same as Puppetmasterd
 -OS  : same as Puppetmasterd

[The reason I need this setup]
I'm running three puppetmasterd with same manifest file on each
distant site.
Usually each administrator runs puppetrun cmd to setup puppetd host on
his site.
But sometimes administrator want to setup up host on other sites.
(ex.If administrator on other site is absent.)
So I want to know how to setup this.

[What I want to Know]
Q1.Do Puppet supports this setup?
Q2.If Q1 is ture, how can I setup this?

Nobuchika Tanaka.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] custom function load

[Frederik Wagner]

Hi Dan,

sorry I have to correct myself. I don't know why I did not have it
working before or why I didnt get it, but now it seems to work:

As far as I understand _all_ the providers/types/facts/functions in
the  $modulepath//lib/ directories of _all_ modules are
loaded, ndepended whether the modules are used or not. Therefore it
does work with the module named 'custom', so the name is irrelevant.

Only one open question remains: in which order are the
$modulepath//lib/ directories loaded? If I imagine having
identically called files in different modules? Which one will be the
winner? Is is load alphanumerically sorted?

Thanks anyway and bye,
Frederik

On Mon, Feb 15, 2010 at 5:48 AM, Dan Bode  wrote:
> Hi Frederik,
>
> On Fri, Feb 12, 2010 at 4:13 AM, Frederik Wagner 
> wrote:
>>
>> Hi again,
>>
>> reading the documentation about custom function distribution
>> , I don't
>> understand the following:
>>
>> Normally custom per module facts, types, providers and functions are
>> distributed to the puppet hosts when they are in a the modules lib/
>> directory, like
>> /etc/puppet/modules//lib/{facter,puppet}.
>>
>> This is also true form custom general facts, types and providers when
>> they are a 'custom'-module directory: /etc/puppet/modules/custom/lib/.
>> But this does not hold for general custom functions!
>
> what is this assumption based on?
>
>>
>> Now my question is:
>> Why are general functions _not_ distributed by this mechanism, when I
>> put hem in /etc/puppet/modules/custom/lib/puppet/parser/functions/,
>
> they are distributed, 'custom' here is just the name of the module.
>
>>
>> but per module functions are?
>> Is there a way to distribute these functions?
>>
>>
>> Thanks and bye,
>> Frederik
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To post to this group, send email to puppet-us...@googlegroups.com.
>> To unsubscribe from this group, send email to
>> puppet-users+unsubscr...@googlegroups.com.
>> For more options, visit this group at
>> http://groups.google.com/group/puppet-users?hl=en.
>>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.