[Puppet Users] Velocity '10 discount?
Last year Red^H^H^HPuppet Labs offered a nice discount on Velocity registration. Will that be available again this year? :) -scott -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Small error in Docs: Language Tutorial
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Andrew Punnett wrote: > Hi, > > I think there is a small error in the Language Tutorial on the > PuppetLabs website: > > http://docs.reductivelabs.com/guides/language_tutorial.html > > The paragraph: > > In the above example, nodes which include the unix class will have the > password file’s group set to “wheel”, while nodes including freebsd > would have the password file group ownership left unmodified. > > should read: > > In the above example, nodes which include the unix class will have the > password file’s group set to "root", while nodes including freebsd > would have the password file group ownership left unmodified. > Hi Andrew - you are quite correct. You can easily checkout the Documentation: $ git clone git://github.com/reductivelabs/puppet-docs.git And submit a patch either to the list, Redmine or even to me directly and I'll update. Otherwise let me know and I'll make the change. Thanks James Turnbull -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBS/x/NyFa/lDkFHAyAQJamggA35ltCoba9ZDEil562BvGALZa2il/gc7B YWkbEREtTsqRYLDxAB8RBrXWZkfQIJNtTVuwp2RlaCc12V0QP6g3mQhrVjV1Y8+w R+JLvrcDrd6QzXm+UC4V3Bq3nLYK98Lq9YJkaUhyWW9U30qQbXkmtMX0CsFU/sOV m3UpmAguwIcQJld0OX0qEhV9h7+kX1nEnHQBu5lCsBC8TiOox30A0UVI/ibbYb7u oGwjK3aqiDZCpS5Xv+u7W27NWMfEpeGiS3ZM+zous44hWTMIK+lonRvHxwHbmKPv GlxYKl8qPhEBJDubdVYXlCFe5R9pnqVs9yb07TuHiALKY5gHeo37Iw== =vhKb -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Small error in Docs: Language Tutorial
Hi, I think there is a small error in the Language Tutorial on the PuppetLabs website: http://docs.reductivelabs.com/guides/language_tutorial.html The paragraph: In the above example, nodes which include the unix class will have the password file’s group set to “wheel”, while nodes including freebsd would have the password file group ownership left unmodified. should read: In the above example, nodes which include the unix class will have the password file’s group set to "root", while nodes including freebsd would have the password file group ownership left unmodified. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Toplevel domain and facter
On 05/25/2010 05:29 PM, Klaus Ethgen wrote: > Hello, > > I was stumbling over the fact that I use a (not existing) toplevel > domain in my environment. So I set up the dnsdomainname to print out the > correct domain (without fullstop ('.')). Additional I limited the search > path in resolv.conf to end with a '.'. > > That seems to tangle facter. As I read the code it needs a '.' anywhere > in domainname to work and the fallback to parse /etc/resolv.conf cannot > handle trailing '.'. The last is easy to handle by $1.sub(/\.$/, '') but > the first I do not know how to handle correctly for every case (At least > on debian there seems to be '(none)' if it is not defined correctly.) > > Could that go into upstream code respective how to fix the first case > proper? > > Regards >Klaus Ethgen Did you file a bug? -- Joe McDonagh AIM: YoosingYoonickz IRC: joe-mac on freenode L'ennui est contre-révolutionnaire -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Best-practice way of handling IP addresses
On 05/23/2010 10:08 AM, andreash wrote: > Hi, > > I think the idea with the static DHCP leases is a good one :) But even > then, wouldn't I want to set the DHCP config via puppet, so I would > need to define all the IPs inside puppet? > > Cheers, > > Andreas. > > On 23 Mai, 15:50, Joe McDonagh wrote: >> On 05/22/2010 04:59 PM, andreash wrote: >> >>> Hi, >> >>> thanks for your input. I had already thought about that, but initially >>> wanted to be able to set the ip addresses using puppet. Or is that a >>> bad idea? >> >> Hi, you should probably use DHCP static leases, but in situations where >> you can't, it is possible to create a define that uses an ERB template >> so you can config network interfaces from inside puppet. I do this right >> now with Ubuntu, though I think it would be even easier on RHEL/CentOS. >> >> -- >> Joe McDonagh >> AIM: YoosingYoonickz >> IRC: joe-mac on freenode >> L'ennui est contre-révolutionnaire >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To post to this group, send email to puppet-us...@googlegroups.com. >> To unsubscribe from this group, send email to >> puppet-users+unsubscr...@googlegroups.com. >> For more options, visit this group >> athttp://groups.google.com/group/puppet-users?hl=en. > Yes, you keep the dhcpd.conf in puppet and serve it out via source or as a template via content in a file resource, then notify a dhcpd service definition. The dhcpd.conf is pretty much part of the bootstrap phase, so I don't think you'd want to rely on a stored config export/collect setup to build the file. -- Joe McDonagh AIM: YoosingYoonickz IRC: joe-mac on freenode L'ennui est contre-révolutionnaire -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Puppetrun timeout?
Seeing this on a puppetrun: err: Connection timeout calling puppetrunner.run: execution expired However, the puppetrun on the client completed shortly afterwards, in 124 seconds. Is there a configurable timeout setting somewhere? Doug. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Toplevel domain and facter
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello, I was stumbling over the fact that I use a (not existing) toplevel domain in my environment. So I set up the dnsdomainname to print out the correct domain (without fullstop ('.')). Additional I limited the search path in resolv.conf to end with a '.'. That seems to tangle facter. As I read the code it needs a '.' anywhere in domainname to work and the fallback to parse /etc/resolv.conf cannot handle trailing '.'. The last is easy to handle by $1.sub(/\.$/, '') but the first I do not know how to handle correctly for every case (At least on debian there seems to be '(none)' if it is not defined correctly.) Could that go into upstream code respective how to fix the first case proper? Regards Klaus Ethgen - -- Klaus Ethgenhttp://www.ethgen.de/ pub 2048R/D1A4EDE5 2000-02-26 Klaus Ethgen Fingerprint: D7 67 71 C4 99 A6 D4 FE EA 40 30 57 3C 88 26 2B -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iQEVAwUBS/xBU5+OKpjRpO3lAQpDUgf7B8gw4EqNTZO4HemjLzFRkR6tQqUm/fFm eHvzgjmfktshgxak8vrq0hvU6njC8BG/aloNvDBwdwJYFqn/L9iJRTVouqzp4G0Z pAiRGgFvn/itVuK5tpenuJF7nBtZkDjhDhNxwSCwxfc4l+aFPTSgj50Isor2cieQ iK0RXQH6O00vtvuFL8eWnHwTKD4hd4pCv2XSB4O3tprxZK8y7/NxdD5b/ikcv7VW s3K4iD6iqZozsN9uEEJIh1ZAbLLkmYBEYJOdtElj/pPw2gcdeLnZGF7P/H9vdu00 qU1KA7kyo8u4PuctCTvuBdMrtPHxg5MGt9HGfN1/1rgw7aBaO5IEzA== =Q4PY -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] rug on SLES
how do i get this code to work ? class ntp { case $operatingsystem { Debian: { exec { '/usr/bin/apt-get update': } package { "ntp": ensure => latest } file { "/etc/ntp.conf": source => "puppet:///ntp/ntp.conf.Deb", owner => root, group => ntp, mode=> 640, require => Package["ntp"], } # end File } # end Debian SLES: { package { "xntp": ensure => latest } file { "/etc/ntp.conf": source => "puppet:///ntp/ntp.conf.SLES", owner => root, group => ntp, mode=> 640, require => Package["xntp"], } # end File } # end SLES } # end CASE } log file error is May 25 13:12:31 gf1 puppetd[26425]: (//ntp/Package[xntp]) Failed to retrieve current state of resource: Could not get latest version: Execution of '/usr/bin/rug list-updates' returned 1: No updates are available. May 25 13:12:31 gf1 puppetd[26425]: (//ntp/File[/etc/ntp.conf]) Dependency package[xntp] has 1 failures May 25 13:12:31 gf1 puppetd[26425]: (//ntp/File[/etc/ntp.conf]) Skipping because of failed dependencies TIA -ALF -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Error with resource in puppet cucumber
Hi, I'm getting the following error when trying to run a feature in puppet: === cucumber-puppet modules/smtp-external/smtp-external.feature Feature: smtp-external In order to allow our customers to send email As a user I want to send email to people outside of namesco Scenario: Build the server # modules/smtp-external/smtp-external.feature:6 testing external-stmp Given that I need to test a "external-stmp" server# steps/vhost.rb:2 When I build a "external-smtp" server # steps/vhost.rb:6 Then the "external-smtp" server should be provisioned # steps/vhost.rb:11 undefined method `resource' for nil:NilClass (NoMethodError) ./steps/puppet.rb:58:in `/^there should be a resource "([^ \"]*)"$/' modules/smtp-external/smtp-external.feature:9:in `Then the "external-smtp" server should be provisioned' And I should be able to connect to port "25" # steps/vhost.rb:21 Failing Scenarios: cucumber modules/smtp-external/smtp-external.feature:6 # Scenario: Build the server 1 scenario (1 failed) 4 steps (1 failed, 1 skipped, 2 passed) 0m0.344s The feature is as follows: === Feature: smtp-external In order to allow our customers to send email As a user I want to send email to people outside of namesco Scenario: Build the server Given that I need to test a "external-stmp" server When I build a "external-smtp" server Then the "external-smtp" server should be provisioned And I should be able to connect to port "25" === and the (not quite complete yet!) steps for vhosts are as follows: === conn = Libvirt::open("qemu:///system") Given /^that I need to test a "([^\"]*)" server$/ do |servertype| puts "testing #{servertype}" end When /^I build a "([^\"]*)" server$/ do | serverVMType | conn.create_domain_linux(File.read("/etc/libvirt/qemu/" + serverVMType + ".xml")) dom = conn.lookup_domain_by_name(serverVMType) end Then /^the "([^\"]*)" server should be provisioned$/ do |serverVMType| dom = conn.lookup_domain_by_name(serverVMType) if dom.info.state == 1 steps %Q{ Then package "exim" should be "present" } end end Then /^I should be able to connect to port "([^\"]*)"$/ do |portNum| end == Can anyone help with this please? I promise a blog post on Cobbler/Puppet/Cucumber integration once it's all fixed and running! :) Matt -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Looking for Puppet consultant in Boston, MA area
I just wanted to throw this out there again, we're still looking for a local contractor to work on this project. If you know of anyone in the Boston area please let them know. A few other notes about the job. - we use Cobbler for OS provisioning and custom CentOS repository, so integration would be great - experience packaging RPM's a plus - experience using Puppet in the Amazon Cloud also a plus -matt On Fri, May 21, 2010 at 10:47 AM, Matt Shields wrote: > Are there any Puppet consultants in the Boston, MA area? We're looking to > hire someone for a short-term contract to convert our existing network. > > Basic stats: > - All servers to be converted are CentOS 5 > - about 300 servers (real and vm) > - about 25-30 unique server types (web, db, etc) > - 4 different branches (dev, qa, staging, production) each branch is almost > identical > - dev, qa and staging are nothing like the production servers, plan is to > build production branches and use the scripts to rebuild dev, qa and staging > to match production > > More of the project specific details can be discussed by contacting me > directly. When you contact me, please send me where you're located, your > hourly rate and your experience with Puppet. > > Contact me directly at mshie...@namemedia.com > > -matt > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Using Puppet via a proxy.
Hi All, There is no direct connection between the hosts I am managing and the Puppetmaster. I have added the "http_proxy_host" option to the "[main]" section of the Puppet config file (/etc/puppet/puppet.conf) on the machine to be managed. The proxy server is squid and I had to add the Puppet port to the "Safe_ports" ACL list and also allow usage of the "CONNECT" method for that port. However, when I attempt to use puppetd to attempt to connect for the first time I get the following error: err: Could not call puppetca.getcert: # err: Could not request certificate: Certificate retrieval failed: 404 "Not Found" The proxy is allowing the request through but I don't understand why the Puppetmaster suddenly gives this error. When a machine connects directly to the puppetmaster then things work. Any hints will be much appreciated. Cheers, Fred. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Unexpected dependency cycle
Hi Ben, On Mon, May 24, 2010 at 5:03 PM, Ben Beuchler wrote: > The class below is designed to ensure that a fifo exists that will be > written to by Apache and read from by syslog-ng. I've attached the > relevant chunk of the dependency graph. It's obvious to me why > Exec[access_log_pipe] is a parent node of > File[/var/spool/apache2/access_log_pipe], but I don't understand why > there is any relationship at all between > File[/var/spool/apache2/access_log_pipe] and Exec[cleanup_alp]. I > assume there's an implied relationship created somehow, Can you open a ticket? It looks like it might be a bug. I had a peek at the code and it looks like onlyif/unless autorequire any strings that have a slash in them as files. reqs += line.scan(%r{(#{File::SEPARATOR}\S+)}) I ran some tests, and saw a slightly different behavior. I could recreate with the following code: $alp = "/tmp/one" exec { "test1": command => "/bin/rm ${alp}", unless => "/bin/test ${alp}", } exec { "test2": command => "/bin/touch ${alp}", unless => "/bin/test ${alp}", require => Exec["test1"], } file { "$alp": ensure => present, mode => 0770, require => Exec["test2"] } but not with: $alp = "/tmp/one" exec { "test1": command => "/bin/rm ${alp}", unless => "/bin/test ${alp}", } file { "$alp": ensure => present, mode => 0770, require => Exec["test1"] } > but I don't > see where. How can I restructure this relationship to avoid the > cycle? > > Thanks! > > -Ben > > class syslog-ng::weblogger inherits syslog-ng { >$alp = "/var/spool/apache2/access_log_pipe" > >file { "/var/spool/apache2": >ensure => directory, >owner => www-data, >group => www-data >} > >File["/etc/syslog-ng/syslog-ng.conf"] { >require => File[ "$alp" ] >} > >## TODO: Write a FIFO resource. > ># If apache started first and created $alp as a normal file, delete ># it. >exec { "cleanup_alp": >command => "/bin/rm ${alp}", >unless => "/usr/bin/test -p ${alp}", >} > ># If the FIFO doesn't exist, create it. >exec { "access_log_pipe": >command => "/usr/bin/mkfifo ${alp}", >unless => "/usr/bin/test -p ${alp}", >require => Exec["cleanup_alp"], >} > ># Ensure permissions are correct on the pipe. >file { "$alp": >ensure => present, >owner => www-data, >group => www-data, >mode => 0770, >require => Exec["access_log_pipe"] >} > } > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: customizing an existing type & provider, or creating a new set
On May 25, 2010, at 2:47 AM, Thomas Bellman wrote: > On 2010-05-24 22:32, Hercynium wrote: > >> Can do. What's the preferable approach on this list? Posting to >> pastebin/gist, or directly in-message? > > Inline in the message, please. Having to surf to a webpage to view > the information sucks, especially if you read mail offline. It's also bad if someone's looking in the archives and the file's gone. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: customizing an existing type & provider, or creating a new set
On 2010-05-24 22:32, Hercynium wrote: Can do. What's the preferable approach on this list? Posting to pastebin/gist, or directly in-message? Inline in the message, please. Having to surf to a webpage to view the information sucks, especially if you read mail offline. /Bellman -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Puppetcamp
On Mon, 2010-05-17 at 01:27 -0700, Al @ Lab42 wrote: > About the PuppetCamp, it would be nice, as "consolidated tradition", > to arrange a meetup at least the evening of 26th of May for who is > already at Ghent. > Any reccomendation from belgian natives about pubs or places good for > the gathering? > > Al > Meetup will be at at Keizershof (Vrijdagmarkt 47, Gent) around 19h. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Best-practice way of handling IP addresses
DWIM writes: > On May 22, 8:42 pm, Benoit Cattié wrote: >> >> You can get the ipadress with facter (and use it in your puppet classes, >> templates ...) > > That was what I also had in mind first when I needed to specify a > host's IP address as bind address in some xinetd spawned server's > config file. > > However, how do you pick the proper IP address if you have to deal > with multihomed hosts like I have with most of our hosts? Hah! You don't, because those facts were written to match the vague relationship that distributions express (one IP per "device") rather than the reality of the relationships. [...] > $ /sbin/ip a s eth2|grep inet\ > inet 10.25.139.12/24 brd 10.25.139.255 scope global eth2 > inet 10.25.139.15/24 brd 10.25.139.255 scope global secondary eth2:1 NB: That tagging of that second address as 'eth2:1' is not necessary, and many of our servers have secondary addresses without any of the alias mess attached. Just sayin' [...] > But probably there are better solutions, especially those that Puppet or > Ruby experts would apply, and which as a Puppet newbie I am likewise eager > to hear about. I would strongly suggest you are going about this the wrong way: if you have a multi-homed host, and you need to bind the service to a specific IP address, you have a *good* reason for doing that. So, specify to your service which address it should be bound to, rather than trying to do something magical about it all. Tell the system which IP you need the service to be listening on. Otherwise, if you don't actually have a good reason, or know which IP it should be bound to, why are you trying to bind it to an IP anyhow? Daniel -- ✣ Daniel Pittman✉ dan...@rimspace.net☎ +61 401 155 707 ♽ made with 100 percent post-consumer electrons -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Best-practice way of handling IP addresses
On May 22, 8:42 pm, Benoit Cattié wrote: > Hi, > > You can get the ipadress with facter (and use it in your puppet classes, > templates ...) That was what I also had in mind first when I needed to specify a host's IP address as bind address in some xinetd spawned server's config file. However, how do you pick the proper IP address if you have to deal with multihomed hosts like I have with most of our hosts? This is for example what facter spits out on one such multihomed host of ours: $ facter|grep ipaddress ipaddress => 192.168.1.12 ipaddress_bond0 => 192.168.1.12 ipaddress_eth0 => 10.25.218.220 ipaddress_eth2 => 10.25.139.12 ipaddress_eth2_1 => 10.25.139.15 One would assume that the "variable" $ipaddress is the host's "real" IP, especially as it's also the one bound to the only bonded NIC. But here it's actually the one bound to eth2 $ dig $(hostname -f) A +short 10.25.139.12 $ /sbin/ip a s eth2|grep inet\ inet 10.25.139.12/24 brd 10.25.139.255 scope global eth2 inet 10.25.139.15/24 brd 10.25.139.255 scope global secondary eth2:1 So I thought that I could let this dilemma best be sorted out by the host's resolver, and by applying some of my Perl knowledge to Ruby (of which in turn I so far almost know nothing about) thought that some ERB markup like this within a Puppet template might help (at least in the irb shell it seems to work): <% require 'socket' -%> <% bind_ip = Socket.gethostbyname(Socket.gethostname) [-1].unpack('C4').join('.') -%> But probably there are better solutions, especially those that Puppet or Ruby experts would apply, and which as a Puppet newbie I am likewise eager to hear about. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.