[Puppet Users] Re: Could not retrieve catalog from remote server: undefined method `closed?' for nil:NilClass
Thanks James, I installed the patch and got the proper error message "err: Could not retrieve catalog from remote server: hostname was not match with the server certificate". I'm using ruby 1.8.7. It's still weird however that it complains about the hostname as it was working before. Nevertheless, I remade the CA and it's now working so I'm happy. On 8 Jun, 18:46, James Turnbull wrote: > kit wrote: > > If I start ruby in debug mode and puppet in test the error message is > > different: > > ~# /usr/local/bin/ruby --debug /usr/local/sbin/puppetd --server > > puppet.kit.no --rundir /var/run/puppet --test > > Exception `OpenSSL::SSL::SSLError' at /usr/local/lib/ruby/1.8/openssl/ > > ssl.rb:123 - hostname wasnotmatch with theservercertificate > > Exception `NoMethodError' at /usr/local/lib/ruby/1.8/net/http.rb:1060 > > - undefined method `closed?' for nil:NilClass > > err:Couldnotretrievecatalogfromremoteserver: undefined method > > `closed?' for nil:NilClass > > warning:Notusing cache on failedcatalog > > err:Couldnotretrievecatalog; skipping run > > > However if I ommit the --test part in debug mode the certificate error > > goes away and I get the usual error message in the /var/log/message > > (Couldnotretrievecatalogfromremoteserver: undefined method > > `closed?' for nil:NilClass). So now I'm just really confused about the > > whole thing, been fighting with it for half a day. Anyone got some > > insights. Funny thing is that it was working fine until the reboot, > > but no changes were made... > > What Ruby version and platform are you on? This rather annoying message > is often the result of a Ruby 1.8.7 bug that hides the actual problem. > > See: > > http://projects.puppetlabs.com/issues/3101 > > And the patch (in Puppet 0.25.5): > > http://projects.puppetlabs.com/projects/puppet/repository/revisions/a... > > I suspect the underlying message above about a hostname mismatch is your > actual problem - has anything changed there? > > Regards > > James Turnbull -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Could not retrieve catalog from remote server
I'm getting this frustrating error message and can't figure out why. Puppet claims I'm missing a template file: err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not find template 'nagios/nrpe.cfg/MASTER.erb' at /usr/ local/etc/puppet/modules/nrpe/manifests/init.pp:22 on node auth001.mid.no warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run I do know, however, that the template is there: # ll /usr/local/etc/puppet/modules/nrpe/manifests/init.pp -rw-rw-r-- 1 root wheel 1599 30 mar 14:34 /usr/local/etc/puppet/ modules/nrpe/manifests/init.pp # ll /usr/local/etc/puppet/templates/nagios/nrpe.cfg/MASTER.erb -rw-rw-r-- 1 root wheel 7225 26 mar 16:06 templates/nagios/nrpe.cfg/ MASTER.erb And the syntax is also correct: # erb -x -T '-' /usr/local/etc/puppet/modules/nrpe/manifests/init.pp | ruby -c Syntax OK # erb -x -T '-' templates/nagios/nrpe.cfg/MASTER.erb | ruby -c Syntax OK So what is it then that is wrong? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Puppet AIX contributions and small AIX nfs mountpoint snippet
On Tue, Jun 8, 2010 at 8:31 PM, donavan wrote: > > On Jun 8, 2:39 am, Héctor Rivas wrote: > > Is there anybody working extending puppet for AIX? > > How is the best way to share our improvements and colaborate? > > I believe Andrew Forgue did a lot (all?) of the existing AIX work. You > can see an example here http://projects.puppetlabs.com/issues/2864. > > Most of the development work is hosted github.com, as far as I know. > Someone over on http://groups.google.com/group/puppet-dev/ should be > able to point you to a Getting Started type doc. Thank you for your replies. I will start playing a little bit more. I will ask Andrew for his progress. -- Atentamente Héctor Rivas -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: node inheritance, variable scope, and pain.
Robert writes:
> On May 6, 9:56 am, Peter Meier wrote:
>> -BEGIN PGP SIGNED MESSAGE- Hash: SHA1
>>
>> > I suspect we will turn 'node default' into 'class default', then include
>> > that rather than inheriting that, since that does fix the scope issue.
>> this is imho the way to go if you don't want to switch over to an external
>> node tool.
>> For each node I set some variables and then include exactly one class, which
>> might a class similar to your default or a subclass of that one. And then
>> we do all the overriding and setting default variables (if not set in the
>> node) stuff within these (sub-)classes.
>> This works pretty well and doesn't give you overloaded node statements.
>
> That is one possible solution to the problem Daniel describes. I'm having
> similar problems finding a good (and good-looking) solution to group nodes
> and use node inheritance.
[...]
> One solution is indeed to, as you say, put everything a single class or
> subclass, to not use inheritance. I don't like that solution very much,
> because that removes the complete configuration for any node from sight, while
> I've gone through great lengths to make the node-configuration as explicit as
> possible: node default for example, lists each class included class
> seperately.
I elected to use a define, not a class, because that way I can have mandatory
configuration as well as optional configuration, for each node, FWIW.
> In a working environment with 20+ people managing 400+ hosts, you have to be
> as explicit as possible. But without repeating.
*nod* My conclusion, on thinking about the same issue, was that it really
didn't change much when I moved from 'inherits blah' to 'blah { $fqdn: ... }'
in that I was still writing that basic stuff in one place — it just had a
different syntax from inheritance.
(You could even write it exactly where 'node default' was defined if you
want. :)
Daniel
--
✣ Daniel Pittman✉ dan...@rimspace.net☎ +61 401 155 707
♽ made with 100 percent post-consumer electrons
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Storeconfigs connection pool problem
On 9 June 2010 06:09, Jason Koppe wrote: > On Fri, Feb 12, 2010 at 12:28 AM, Joe McDonagh < > joseph.e.mcdon...@gmail.com> wrote: >> >> Daniel Kerwin wrote: >> > Hi list, >> > >> > i just enabled storeconfigs and cannot use puppetrun on more than 5 >> > hosts. When i try 6+ i get the error message: >> > >> > puppetmasterd[16209]: could not obtain a database connection within 5 >> > seconds. The max pool size is currently 5; consider increasing it. >> > >> > My Mysql setup allows a lot more connections (500). Any suggestions? >> >> Do you have the proper rubygem for mysql installed? I think on >> deb/ubuntu it's something like libmysql-ruby1.8. > > > I'm having the same problem with the mysql gem installed and the gem > appears to be in-use > The gem version is a bit of a red herring, so long are using the gem and not Ruby's own connector. As the warning suggests, ActiveRecord's pool option simply needs raising if it's to be put under any strain at all. There is a bug/feature ticket as #2568 [0] which exposes this option to Puppet's configuration. But it's not due to be delivered until 2.6/rowlf. I've been slipstreaming the patch into 0.25 myself because storeconfigs grinds to a halt without it in my environment. Given the simplicity of the diff and that it seems to be affecting a number of people I think it probably warrants being brought forward to 0.25. [0] http://projects.puppetlabs.com/issues/2568 -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Collecting _all_ ssh keys
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi, Am Mi den 9. Jun 2010 um 3:35 schrieb Joe McDonagh: > > But that is exact the point. If I collect the information with > > ssh-keyscan there is a little change that the key is wrong and not the > > one of the machine. Puppet give a nice way to collect the ssh keys of > > all hosts it manage from facter. And it provides also a nice way to > > spread all that collected keys to all machines known-hosts file. > > Unfortunately the key for the key (ehem, I hope you can follow. ;-) is > > the host name so you have to choose which one of each host you want to > > spread to all machines. > > This is one of the cases where 'tags' are really useful. You can tag > something like tag => "for_collection" in the exported resource, then > when you collect the exported resource, you would do Sshkey <<| tag => > "for_collection" |>>. Have to test this out if that work with the existing ssh-hostkey type, thanks for that hint. > > Ps. Disclaimer: This mail is in British English and not in puppet > > English. That means I use terms like "collect" in the British > > meaning and _not_ for the puppet meaning. > > Right but it serves no one including yourself to continue using a > technical term in a technical forum when you really mean some other > concept or principle. Ok, I forgot to add a smile. However, it is really difficult for some which mother thong is not English to distinguish between the technical term used just in on software and the correct English word. So telling the one that "collect" is a technical term in puppet with a completely different meaning than "collect" in English maybe, is not helpful and more confusing. > It seems like exactly what you want is collecting exported resources. > I recommend checking wiki:ExportedResource if what I am saying makes > no sense. Exact. And I still read that sources. With the Sshkey type there is still a implemented solution to collect that keys and export them to all hosts. But that Type only allow to export one of the two hostkeys a host have. And that is the source of my question. Regards Klaus Ethgen - -- Klaus Ethgenhttp://www.ethgen.de/ pub 2048R/D1A4EDE5 2000-02-26 Klaus Ethgen Fingerprint: D7 67 71 C4 99 A6 D4 FE EA 40 30 57 3C 88 26 2B -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iQEVAwUBTA9Xb5+OKpjRpO3lAQpR4Af+ONFCFUNrfhG6La0zrrLYkU7qa2OXprZm 8bGlEZFTYCYvPeNmc3aNBAyz+OK15GZ3ZdOPfHY+dgTOuFTCg8TzmtcZ0C07U5aq WITlW+aoN1SH8Xx+FrpGEbuJlDbfcZB8nkkvRu3r400GifHLLduJ1690M/7BpBv/ 5uELFG15TyeUSx92DuU8tD5S9i4s3oxPYFmLWuunywdNFjiQI36DZl/Ja5X2v9+C Ox+dPjRGQRMwhvh1WN//p+85V+pVbZmCsD73qynMfxnO7G6LhMjy4vBluMFDO0LX VFUzZev/Fd26wGsqyI+7WUfMZhUbBegCt7oPUy3GzOBqaKrsO4ot6A== =wyft -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Could not retrieve catalog from remote server
Nevermind, I found out that I had accidentially overwritten the puppet.conf... Luckily I had a backup and everything is up and running again :) On 9 Jun, 09:32, kit wrote: > I'm getting this frustrating error message and can't figure out why. > Puppet claims I'm missing a template file: > > err: Could not retrieve catalog from remote server: Error 400 on > SERVER: Could not find template 'nagios/nrpe.cfg/MASTER.erb' at /usr/ > local/etc/puppet/modules/nrpe/manifests/init.pp:22 on node > auth001.mid.no > warning: Not using cache on failed catalog > err: Could not retrieve catalog; skipping run > > I do know, however, that the template is there: > # ll /usr/local/etc/puppet/modules/nrpe/manifests/init.pp > -rw-rw-r-- 1 root wheel 1599 30 mar 14:34 /usr/local/etc/puppet/ > modules/nrpe/manifests/init.pp > # ll /usr/local/etc/puppet/templates/nagios/nrpe.cfg/MASTER.erb > -rw-rw-r-- 1 root wheel 7225 26 mar 16:06 templates/nagios/nrpe.cfg/ > MASTER.erb > > And the syntax is also correct: > # erb -x -T '-' /usr/local/etc/puppet/modules/nrpe/manifests/init.pp | > ruby -c > Syntax OK > # erb -x -T '-' templates/nagios/nrpe.cfg/MASTER.erb | ruby -c > Syntax OK > > So what is it then that is wrong? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: [foreman-users] New Foreman release - 0.1-5
Love the speed increase. A couple of initial thoughts, I should probably raise tickets: 1 - Sort by name as default in Hosts section 2 - bring back the yaml link in the Hosts section for a host Matt On 7 June 2010 09:22, Ohad Levy wrote: > I’m happy to announce a new version of Foreman - 0.1-5 > > Highlights are: > > *Web interface* > > Most of the pages have been rewritten, there are many changes: > > Search options > >- Hosts (filter based on facts, based on host groups etc >- Facts (all hosts with fact x or with value y etc) >- Reports (show me all failed reports in the last 3 months etc) >- Audits (per user, per type – e.g. all hosts, per action – e.g. >delete) > > Improved Graphs for dashboard and per host > > Host edit page now has a lot of logic > >- Class selection depends on your chosen environment >- Class selection breaks down into modules, making it easy to navigate >- Inherited classes (via hostgroups), are also visible. >- Unattended settings will only show selection based on the os (e.g. no >debian disk templates will be shown to redhat based os etc). >- Clone existing hosts (instead of choosing all of the options again) > > Perform changes on many hosts at once > >- change a parameter for many hosts >- change host group for many hosts >- change environment for many hosts >- delete many hosts at once > > Import new puppetclasses from the interface > > *Unattended installations* > >- added support for dynamic disk layout >- added kickstart/preseed compatibility with Ubuntu 10.04, RHEL6 beta, >Fedora 13 >- Support for customized kickstart files (e.g. if you use a package >like rpm, you can create your own kickstart which will not be replaced on >next update). >- medias can now be shared with many operating systems (e.g. with >replacing variables for $arch or $version) >- x-rhn-provisioning headers support for booting from other devices >than eth0 > > *Query interface* > >- added verbose mode, which will return all of hosts classes, facts and >external node parameters. >- added query based on a hostgroup > > *Others* > >- Host ownership (via a user or a user group) base infrastructure for >per host authorization (e.g. who can change what) and sending the reports > to >the right people. >- Speed optimization when keeping many reports in the db > > >- Puppetdoc integration > - Foreman can generate puppetdoc (via a rack task, so you can add it > to your repo post commits scripts), and links to the docs via the puppet > classes page. > > >- Improved PRM packaging > - added startup script for foreman (uses webrick) > - moved all config files to /etc/foreman and /etc/sysconfig/foreman > - moved log files to /var/log and added logrotate support > - moved db files state dir > - ... >- Added Debian package support > > >- Fact importer now imports the hardware model information > > > > Full changelog can be found here: http://theforeman.org/versions/show/7 > > New rpms should already be available in Foreman repos, Debian package will > follow shortly. > > -- > You received this message because you are subscribed to the Google Groups > "Foreman users" group. > To post to this group, send email to foreman-us...@googlegroups.com. > To unsubscribe from this group, send email to > foreman-users+unsubscr...@googlegroups.com > . > For more options, visit this group at > http://groups.google.com/group/foreman-users?hl=en. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Passing different facts to external node classifier scripts
On Tue, Jun 8, 2010 at 10:50 AM, Nigel Kersten wrote: > > > > We had a chat about this on the list relatively recently. > > The server actually writes out the client fact data *before* the external > node provider gets invoked, so you can poke into the fact store on the > server, assuming that the facts you want are available at that point. > So, do you mean actually grabbing the data from the server's $VARDIR/yaml/facts/ directory, or by actually referencing Facter variables from the external node classifier script? I'm guessing the former, by your response. I vaguely remember a thread where Nigel was shocked by the order that facter and external nodes were called - but I can't seem to find it yet. I'll dig through the archives to see if I can find this... > > There should be an easier first class method for working this out, but it's > certainly doable now. > > >> -- >> Gary Larizza >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To post to this group, send email to puppet-us...@googlegroups.com. >> To unsubscribe from this group, send email to >> puppet-users+unsubscr...@googlegroups.com >> . >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en. >> > > > > -- > nigel > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > -- Gary Larizza Director of Technology Huron City Schools http://www.huronhs.com 悟 -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Passing different facts to external node classifier scripts
FYI - Found that thread: http://groups.google.com/group/puppet-users/browse_thread/thread/28c7b30874bb792c/dca3587668d50f9e?hl=en&lnk=gst&q=external+nodes#dca3587668d50f9e Sorry that this was a rehashing of it - but I agree that this process should be listed in the docs. I'll look into what needs to be done to checkout the docs source or updating the wiki. On Wed, Jun 9, 2010 at 8:02 AM, Gary Larizza wrote: > > > On Tue, Jun 8, 2010 at 10:50 AM, Nigel Kersten wrote: > >> >> >> >> We had a chat about this on the list relatively recently. >> >> The server actually writes out the client fact data *before* the external >> node provider gets invoked, so you can poke into the fact store on the >> server, assuming that the facts you want are available at that point. >> > > So, do you mean actually grabbing the data from the server's > $VARDIR/yaml/facts/ directory, or by actually referencing Facter variables > from the external node classifier script? I'm guessing the former, by your > response. > > I vaguely remember a thread where Nigel was shocked by the order that > facter and external nodes were called - but I can't seem to find it yet. > I'll dig through the archives to see if I can find this... > > > >> >> There should be an easier first class method for working this out, but >> it's certainly doable now. >> >> >>> -- >>> Gary Larizza >>> >>> -- >>> You received this message because you are subscribed to the Google Groups >>> "Puppet Users" group. >>> To post to this group, send email to puppet-us...@googlegroups.com. >>> To unsubscribe from this group, send email to >>> puppet-users+unsubscr...@googlegroups.com >>> . >>> For more options, visit this group at >>> http://groups.google.com/group/puppet-users?hl=en. >>> >> >> >> >> -- >> nigel >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To post to this group, send email to puppet-us...@googlegroups.com. >> To unsubscribe from this group, send email to >> puppet-users+unsubscr...@googlegroups.com >> . >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en. >> > > > > -- > Gary Larizza > > Director of Technology > Huron City Schools > http://www.huronhs.com > > 悟 > -- Gary Larizza Director of Technology Huron City Schools http://www.huronhs.com 悟 -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Foreman -- Reporting
Hello All, I don't seem to be able to get reports to display on the foreman interface. I copied extras/puppet/foreman/files/foreman-report.rb to / usr/lib/ruby/site_ruby/1.8/puppet/reportsforeman.rb, instead of /usr/ lib/ruby/1.8/puppet/reports/foreman.rb. Config: Centos5.4, Apache/ Passenger, Puppet 0.25.4. The reports are coming from the clients, because I can see them in /var/lib/puppet/reports. I just don't seem to be able to display them on Foreman. Here's my puppet.conf: [main] vardir = /var/lib/puppet logdir = /var/log/puppet rundir = /var/run/puppet reports= log, foreman [puppetmasterd] ssl_client_header = SSL_CLIENT_S_DN ssl_client_verify_header = SSL_CLIENT_VERIFY modulepath = $confdir/modules #reports=log, foreman storeconfigs = true dbadapter = mysql dbuser = app_puppet dbpassword = password dbserver = localhost dbsocket = /sql/mysql/mysql.sock rrddir=/var/lib/puppet/rrd rrdinterval=$runinterval rrdgraph=true [puppetd] classfile = $vardir/classes.txt report = true localconfig = $vardir/localconfig What am I missing here? Thanks, Henry -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Foreman -- Reporting
Correction: I copied the foreman.rb to /usr/lib/ruby/site_ruby/1.8/ puppet/reports/foreman.rb from extras/puppet/foreman/files/foreman- report.rb. The instructions called for the file to be copied to /usr/ lib/ruby/1.8/puppet/reports, but that's not the directory structure that I have. I also made the file executable. Thanks, On Jun 9, 11:09 am, CraftyTech wrote: > Hello All, > > I don't seem to be able to get reports to display on the foreman > interface. I copied extras/puppet/foreman/files/foreman-report.rb to / > usr/lib/ruby/site_ruby/1.8/puppet/reportsforeman.rb, instead of /usr/ > lib/ruby/1.8/puppet/reports/foreman.rb. Config: Centos5.4, Apache/ > Passenger, Puppet 0.25.4. > > The reports are coming from the clients, because I can see them > in /var/lib/puppet/reports. I just don't seem to be able to display > them on Foreman. Here's my puppet.conf: > > [main] > vardir = /var/lib/puppet > logdir = /var/log/puppet > rundir = /var/run/puppet > reports= log, foreman > > [puppetmasterd] > ssl_client_header = SSL_CLIENT_S_DN > ssl_client_verify_header = SSL_CLIENT_VERIFY > modulepath = $confdir/modules > #reports=log, foreman > storeconfigs = true > dbadapter = mysql > dbuser = app_puppet > dbpassword = password > dbserver = localhost > dbsocket = /sql/mysql/mysql.sock > rrddir=/var/lib/puppet/rrd > rrdinterval=$runinterval > rrdgraph=true > > [puppetd] > classfile = $vardir/classes.txt > report = true > localconfig = $vardir/localconfig > > What am I missing here? Thanks, > > Henry -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Foreman -- Reporting
On RHEL, using the rpm packages for foreman and puppet, I had to copy / usr/share/foreman/extras/puppet/foreman/files/foreman-report.rb to / usr/lib/ruby/site_ruby/1.8/puppet/foreman.rb and everything works swimmingly. Also, uncomment #reports=log, foreman in puppetmasterd... it may still work in main, but I put it in the puppetmasterd stanza. Hope that helps you too! --Ryan On Jun 9, 11:13 am, CraftyTech wrote: > Correction: I copied the foreman.rb to /usr/lib/ruby/site_ruby/1.8/ > puppet/reports/foreman.rb from extras/puppet/foreman/files/foreman- > report.rb. The instructions called for the file to be copied to /usr/ > lib/ruby/1.8/puppet/reports, but that's not the directory structure > that I have. I also made the file executable. > > Thanks, > > On Jun 9, 11:09 am, CraftyTech wrote: > > > > > Hello All, > > > I don't seem to be able to get reports to display on the foreman > > interface. I copied extras/puppet/foreman/files/foreman-report.rb to / > > usr/lib/ruby/site_ruby/1.8/puppet/reportsforeman.rb, instead of /usr/ > > lib/ruby/1.8/puppet/reports/foreman.rb. Config: Centos5.4, Apache/ > > Passenger, Puppet 0.25.4. > > > The reports are coming from the clients, because I can see them > > in /var/lib/puppet/reports. I just don't seem to be able to display > > them on Foreman. Here's my puppet.conf: > > > [main] > > vardir = /var/lib/puppet > > logdir = /var/log/puppet > > rundir = /var/run/puppet > > reports= log, foreman > > > [puppetmasterd] > > ssl_client_header = SSL_CLIENT_S_DN > > ssl_client_verify_header = SSL_CLIENT_VERIFY > > modulepath = $confdir/modules > > #reports=log, foreman > > storeconfigs = true > > dbadapter = mysql > > dbuser = app_puppet > > dbpassword = password > > dbserver = localhost > > dbsocket = /sql/mysql/mysql.sock > > rrddir=/var/lib/puppet/rrd > > rrdinterval=$runinterval > > rrdgraph=true > > > [puppetd] > > classfile = $vardir/classes.txt > > report = true > > localconfig = $vardir/localconfig > > > What am I missing here? Thanks, > > > Henry -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Foreman -- Reporting
For what it is worth, to solve a similar problem with dashboard (distributing puppet_dashboard.rb for reporting), I just stuck it in modules/dashboard/lib/puppet_dashboard.rb with puppet.conf: pluginsync=true. Then puppet distributes it automatically into a lib directory and things work nice and happy. On 06/09/2010 10:13 AM, CraftyTech wrote: Correction: I copied the foreman.rb to /usr/lib/ruby/site_ruby/1.8/ puppet/reports/foreman.rb from extras/puppet/foreman/files/foreman- report.rb. The instructions called for the file to be copied to /usr/ lib/ruby/1.8/puppet/reports, but that's not the directory structure that I have. I also made the file executable. Thanks, On Jun 9, 11:09 am, CraftyTech wrote: Hello All, I don't seem to be able to get reports to display on the foreman interface. I copied extras/puppet/foreman/files/foreman-report.rb to / usr/lib/ruby/site_ruby/1.8/puppet/reportsforeman.rb, instead of /usr/ lib/ruby/1.8/puppet/reports/foreman.rb. Config: Centos5.4, Apache/ Passenger, Puppet 0.25.4. The reports are coming from the clients, because I can see them in /var/lib/puppet/reports. I just don't seem to be able to display them on Foreman. Here's my puppet.conf: [main] vardir = /var/lib/puppet logdir = /var/log/puppet rundir = /var/run/puppet reports= log, foreman [puppetmasterd] ssl_client_header = SSL_CLIENT_S_DN ssl_client_verify_header = SSL_CLIENT_VERIFY modulepath = $confdir/modules #reports=log, foreman storeconfigs = true dbadapter = mysql dbuser = app_puppet dbpassword = password dbserver = localhost dbsocket = /sql/mysql/mysql.sock rrddir=/var/lib/puppet/rrd rrdinterval=$runinterval rrdgraph=true [puppetd] classfile = $vardir/classes.txt report = true localconfig = $vardir/localconfig What am I missing here? Thanks, Henry -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Could not retrieve catalog from remote server: certificate verify failed
Hi guys, I'm trying to setup my first puppet installation and I'm running into problems. I've got the puppetmaster running on a fresh install of Centos 5.4. The puppet client is also on another Centos 5.4 server. Once I've signed the client certificate on the puppetmaster, the client seems to break. See below for the debug output from the client. Any clue as to what I'm doing wrong? Thanks. $sudo /usr/sbin/puppetd --verbose --server puppetmaster.dennisinteractive.co.uk --debug --no-daemonize --waitforcert 60 debug: Failed to load library 'selinux' for feature 'selinux' debug: Failed to load library 'shadow' for feature 'libshadow' debug: Puppet::Type::User::ProviderLdap: true value when expecting false debug: Puppet::Type::User::ProviderUser_role_add: file roleadd does not exist debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dscl does not exist debug: Puppet::Type::User::ProviderPw: file pw does not exist debug: Failed to load library 'ldap' for feature 'ldap' debug: /File[/var/lib/puppet/ssl/certs]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/etc/puppet/puppet.conf]: Autorequiring File[/etc/puppet] debug: /File[/var/lib/puppet/ssl/private_keys/hydra.pem]: Autorequiring File[/var/lib/puppet/ssl/private_keys] debug: /File[/var/lib/puppet/ssl]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl/private_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/state/graphs]: Autorequiring File[/var/lib/puppet/state] debug: /File[/var/lib/puppet/clientbucket]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl/certificate_requests]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/client_yaml]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl/certs/ca.pem]: Autorequiring File[/var/lib/puppet/ssl/certs] debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl/private]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl/public_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl/public_keys/hydra.pem]: Autorequiring File[/var/lib/puppet/ssl/public_keys] debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/puppet] debug: Finishing transaction -606528468 with 0 changes debug: /File[/var/lib/puppet/ssl/public_keys/hydra.pem]: Autorequiring File[/var/lib/puppet/ssl/public_keys] debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl/public_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl/private]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl/private_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl/certificate_requests]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl/private_keys/hydra.pem]: Autorequiring File[/var/lib/puppet/ssl/private_keys] debug: /File[/var/lib/puppet/ssl/certs]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl/certs/ca.pem]: Autorequiring File[/var/lib/puppet/ssl/certs] debug: Finishing transaction -606778168 with 0 changes debug: Using cached certificate for ca warning: peer certificate won't be verified in this SSL session debug: Using cached certificate_request for hydra debug: Using cached certificate for ca warning: peer certificate won't be verified in this SSL session debug: Using cached certificate for ca warning: peer certificate won't be verified in this SSL session debug: Using cached certificate for ca warning: peer certificate won't be verified in this SSL session notice: Did not receive certificate debug: Using cached certificate for ca warning: peer certificate won't be verified in this SSL session notice: Did not receive certificate debug: Using cached certificate for ca warning: peer certificate won't be verified in this SSL session info: Caching certificate for hydra notice: Starting Puppet client version 0.25.5 debug: Finishing transaction -606936378 with 0 changes debug: Using cached certificate for ca debug: Using cached certificate for hydra info: Caching certificate_revocation_list for ca debug: catalog supports formats: b64_zlib_yaml marshal pson raw yaml; using pson err: Could not retrieve catalog from remote server: certificate verify failed notice: Using cached catalog err: Could not retrieve catalog; skipping run -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.co
[Puppet Users] Re: using modules from the forge (variable setting)
On Jun 8, 3:57 pm, Rudy Gevaert wrote: > Dear all, > > I'm fairly new to puppet, so please excuse this newbie question. > > I was wondering how I can override a certain variable in a module I > downloaded from the forge. > > By example. I downloaded and installed the puppetlabs-collectd > module. In collectd::params there is a variable that sets the > collectd server. > > Due to variable scope I can't override it in my node defintion (or I > must be doing something wrong). I can change the params.pp file. But > is that the best way? > > I would expect this not to be the right way, as when I update the > module I'll have to change that again manually. > > Thanks for taking the time to read/respond! I would not consider this a newbie question. There are lots of potential approaches to building resuable modules, but the community does not appear to have settled on one. See, for instance http://www.puppetmanaged.org/documentation/Puppet_Common_Modules.html http://www.example42.com/puppet/howto.php http://plathrop.tertiusfamily.net/blog/2008/04/18/creating-puppet-modules/ http://serialized.net/2009/07/puppet-module-patterns/ Thus, the approach for customizing each module you download from the forge will vary. They will each take different amounts of work to merge updated releases with your customizations. In the case of the module you're talking about, I think the intended approach is for you to modify params.pp. All the best, Brian Pitts -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Could not retrieve catalog from remote server: certificate verify failed
Hi guys, I'm trying to setup my first puppet installation and I'm running into problems. I've got the puppetmaster running on a fresh install of Centos 5.4. The puppet client is also on another Centos 5.4 server. Once I've signed the client certificate on the puppetmaster, the client seems to break. See below for the debug output from the client. Any clue as to what I'm doing wrong? Thanks. $sudo /usr/sbin/puppetd --verbose --server puppetmaster.dennisinteractive.co.uk --debug --no-daemonize --waitforcert 60 debug: Failed to load library 'selinux' for feature 'selinux' debug: Failed to load library 'shadow' for feature 'libshadow' debug: Puppet::Type::User::ProviderLdap: true value when expecting false debug: Puppet::Type::User::ProviderUser_role_add: file roleadd does not exist debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dscl does not exist debug: Puppet::Type::User::ProviderPw: file pw does not exist debug: Failed to load library 'ldap' for feature 'ldap' debug: /File[/var/lib/puppet/ssl/certs]: Autorequiring File[/var/lib/ puppet/ssl] debug: /File[/etc/puppet/puppet.conf]: Autorequiring File[/etc/puppet] debug: /File[/var/lib/puppet/ssl/private_keys/hydra.pem]: Autorequiring File[/var/lib/puppet/ssl/private_keys] debug: /File[/var/lib/puppet/ssl]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl/private_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/state/graphs]: Autorequiring File[/var/lib/puppet/state] debug: /File[/var/lib/puppet/clientbucket]: Autorequiring File[/var/ lib/puppet] debug: /File[/var/lib/puppet/ssl/certificate_requests]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/client_yaml]: Autorequiring File[/var/lib/ puppet] debug: /File[/var/lib/puppet/ssl/certs/ca.pem]: Autorequiring File[/var/lib/puppet/ssl/certs] debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/ puppet] debug: /File[/var/lib/puppet/ssl/private]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl/public_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl/public_keys/hydra.pem]: Autorequiring File[/var/lib/puppet/ssl/public_keys] debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/ puppet] debug: Finishing transaction -606528468 with 0 changes debug: /File[/var/lib/puppet/ssl/public_keys/hydra.pem]: Autorequiring File[/var/lib/puppet/ssl/public_keys] debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/ puppet] debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/ puppet] debug: /File[/var/lib/puppet/ssl]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl/public_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl/private]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl/private_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl/certificate_requests]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl/private_keys/hydra.pem]: Autorequiring File[/var/lib/puppet/ssl/private_keys] debug: /File[/var/lib/puppet/ssl/certs]: Autorequiring File[/var/lib/ puppet/ssl] debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl/certs/ca.pem]: Autorequiring File[/var/lib/puppet/ssl/certs] debug: Finishing transaction -606778168 with 0 changes debug: Using cached certificate for ca warning: peer certificate won't be verified in this SSL session debug: Using cached certificate_request for hydra debug: Using cached certificate for ca warning: peer certificate won't be verified in this SSL session debug: Using cached certificate for ca warning: peer certificate won't be verified in this SSL session debug: Using cached certificate for ca warning: peer certificate won't be verified in this SSL session notice: Did not receive certificate debug: Using cached certificate for ca warning: peer certificate won't be verified in this SSL session notice: Did not receive certificate debug: Using cached certificate for ca warning: peer certificate won't be verified in this SSL session info: Caching certificate for hydra notice: Starting Puppet client version 0.25.5 debug: Finishing transaction -606936378 with 0 changes debug: Using cached certificate for ca debug: Using cached certificate for hydra info: Caching certificate_revocation_list for ca debug: catalog supports formats: b64_zlib_yaml marshal pson raw yaml; using pson err: Could not retrieve catalog from remote server: certificate verify failed notice: Using cached catalog err: Could not retrieve catalog; skipping run -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googleg
Re: [Puppet Users] Could not retrieve catalog from remote server: certificate verify failed
Sorry for the double post. Thought the first didnt send. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: puppetqd and remote mysql server
I have about a dozen sites with puppet masters in each. They are geographically located with some slow network links between them. The setup I was evaluating is to have a centralized stored config server running mysql with all of my remote masters sending their locations data back to the central server. Now on my fast links remote connectivity is OK if I just point a master right to the database (eliminate puppetqd, etc), albeit still slower then if I were to have it local but I was hoping I could use a stomp+puppetqd to handle caching and asyncronously update my central mysql database. In my tests this seems to work however it looks like puppetdq is using sqllite to keep a cached copy. If I have 100 servers and I am doing a mass update during maintenance window I am seeing timeouts once we hit 5-6 servers which is likely sqllite. Perhaps this solution is not the most viable right now? I am OK with running a local mysql instance instead of sqllite if it is supported but I would like to get all of my stored config data in one location (using facter data, reporting is of great value to us). This would be useful as we can plugin foreman on top of that database for a central dashboard instead of having dozens of dashboards for each location. -Chris On Tue, Jun 8, 2010 at 2:40 PM, donavan wrote: > > On Jun 7, 1:00 pm, Christopher Johnston wrote: > > Think I found the issue from an strace, the rubygems-sqlit3 rpm was > > missing.. still curious on where the logs end up for it though. The fact > > that its using sqllite also doesn't help as I think I am running into > > locking issues if I try to run a cross environment update. > > > Chris, were you using sqlite or mysql as the backend store when you > had issues? > > Evaluating remote sites with central storeconfigs is on the todo list > for me. Currently have it working just peachy with mysql, straight > storeconfig no puppetqd. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Could not retrieve catalog from remote server: certificate verify failed
Update - After the client tries to connect, I found this in the puppetmaster WEBrick log: [2010-06-09 17:52:10] DEBUG accept: 10.1.1.70:49980 [2010-06-09 17:52:10] ERROR OpenSSL::SSL::SSLError: sslv3 alert bad certificate /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:44:in `accept' /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:44:in `listen' /usr/lib/ruby/1.8/webrick/server.rb:173:in `call' /usr/lib/ruby/1.8/webrick/server.rb:173:in `start_thread' /usr/lib/ruby/1.8/webrick/server.rb:162:in `start' /usr/lib/ruby/1.8/webrick/server.rb:162:in `start_thread' /usr/lib/ruby/1.8/webrick/server.rb:95:in `start' /usr/lib/ruby/1.8/webrick/server.rb:92:in `each' /usr/lib/ruby/1.8/webrick/server.rb:92:in `start' /usr/lib/ruby/1.8/webrick/server.rb:23:in `start' /usr/lib/ruby/1.8/webrick/server.rb:82:in `start' /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:42:in `listen' /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:41:in `initialize' /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:41:in `new' /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:41:in `listen' /usr/lib/ruby/1.8/thread.rb:135:in `synchronize' /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:38:in `listen' /usr/lib/ruby/site_ruby/1.8/puppet/network/server.rb:131:in `listen' /usr/lib/ruby/site_ruby/1.8/puppet/network/server.rb:146:in `start' /usr/lib/ruby/site_ruby/1.8/puppet/daemon.rb:128:in `start' /usr/lib/ruby/site_ruby/1.8/puppet/application/puppetmasterd.rb:122:in `main' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:226:in `send' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:226:in `run_command' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:217:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:306:in `exit_on_fail' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:217:in `run' /usr/sbin/puppetmasterd:66 [2010-06-09 17:52:10] DEBUG close: 10.1.1.70:49980 On Wed, Jun 9, 2010 at 4:27 PM, Matt Keating wrote: > Hi guys, > > I'm trying to setup my first puppet installation and I'm running into > problems. > > I've got the puppetmaster running on a fresh install of Centos 5.4. > The puppet client is also on another Centos 5.4 server. > Once I've signed the client certificate on the puppetmaster, the > client seems to break. See below for the debug output from the client. > > Any clue as to what I'm doing wrong? > > Thanks. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: puppetqd and remote mysql server
I evaluated this scenario a couple of years ago (before puppetq), and it was never a feasible solution due to a. latency (e.g. everything is much slower), b. if wan goes down, your master wont work. One of the reasons that I've developed Foreman, is to overcome this problem, the way I do it is: - I keep one central database, but don't use it directly with puppet, rather import the data i need (e.g. for facts see the import_facts script in foreman extras dir) - I query the database using puppet functions (e.g. using foreman query interface) - providing similar functionality to export / collection with storeconfig. in order to avoid the single point of failure, my function caches the output locally, so if the db (foreman) is not reachable, it uses the last known cache. in any case, sqlite will never really work with many processes trying to lock the file (it is a file after all), so you should really evaluate it with some other db engine. hope this helps, Ohad On Wed, Jun 9, 2010 at 11:50 PM, Christopher Johnston wrote: > I have about a dozen sites with puppet masters in each. They are > geographically located with some slow network links between them. The setup > I was evaluating is to have a centralized stored config server running mysql > with all of my remote masters sending their locations data back to the > central server. Now on my fast links remote connectivity is OK if I just > point a master right to the database (eliminate puppetqd, etc), albeit still > slower then if I were to have it local but I was hoping I could use a > stomp+puppetqd to handle caching and asyncronously update my central mysql > database. In my tests this seems to work however it looks like puppetdq is > using sqllite to keep a cached copy. If I have 100 servers and I am doing a > mass update during maintenance window I am seeing timeouts once we hit 5-6 > servers which is likely sqllite. > > Perhaps this solution is not the most viable right now? I am OK with > running a local mysql instance instead of sqllite if it is supported but I > would like to get all of my stored config data in one location (using facter > data, reporting is of great value to us). This would be useful as we can > plugin foreman on top of that database for a central dashboard instead of > having dozens of dashboards for each location. > > -Chris > > > On Tue, Jun 8, 2010 at 2:40 PM, donavan wrote: > >> >> On Jun 7, 1:00 pm, Christopher Johnston wrote: >> > Think I found the issue from an strace, the rubygems-sqlit3 rpm was >> > missing.. still curious on where the logs end up for it though. The >> fact >> > that its using sqllite also doesn't help as I think I am running into >> > locking issues if I try to run a cross environment update. >> >> >> Chris, were you using sqlite or mysql as the backend store when you >> had issues? >> >> Evaluating remote sites with central storeconfigs is on the todo list >> for me. Currently have it working just peachy with mysql, straight >> storeconfig no puppetqd. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To post to this group, send email to puppet-us...@googlegroups.com. >> To unsubscribe from this group, send email to >> puppet-users+unsubscr...@googlegroups.com >> . >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en. >> >> > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: puppetqd and remote mysql server
I don't want to use sqllite... puppetqd doesn't leave me much of a choice since it will default to it even if you tell it to use mysql as your storedconfig DB since thats needed for the centraldb. Ultimately I think puppetqd needs support for keeping a cached copy of various database flavors (mysql, sqllite, etc). If mysql was supported for puppetqd then my remote masters would always have a local cached copy of their stored configs for the servers they manage and we would be able to eliminate the locking issue. They can then asyncronously replicate the data back to the central DB. # enables storedconfig support, supposed to speed things up storeconfigs = true dbadapter = mysql dbuser = puppet dbpassword = puppet dbserver = centraldb dbsocket = /var/run/mysqld/mysqld.sock # use queuing queue_type = stomp queue_source = stomp://localhost:61613 async_storeconfigs = true On Wed, Jun 9, 2010 at 11:57 AM, Ohad Levy wrote: > I evaluated this scenario a couple of years ago (before puppetq), and it > was never a feasible solution due to a. latency (e.g. everything is much > slower), b. if wan goes down, your master wont work. > > One of the reasons that I've developed Foreman, is to overcome this > problem, the way I do it is: > - I keep one central database, but don't use it directly with puppet, > rather import the data i need (e.g. for facts see the import_facts script in > foreman extras dir) > - I query the database using puppet functions (e.g. using foreman query > interface) - providing similar functionality to export / collection with > storeconfig. > > in order to avoid the single point of failure, my function caches the > output locally, so if the db (foreman) is not reachable, it uses the last > known cache. > in any case, sqlite will never really work with many processes trying to > lock the file (it is a file after all), so you should really evaluate it > with some other db engine. > > hope this helps, > Ohad > > On Wed, Jun 9, 2010 at 11:50 PM, Christopher Johnston > wrote: > >> I have about a dozen sites with puppet masters in each. They are >> geographically located with some slow network links between them. The setup >> I was evaluating is to have a centralized stored config server running mysql >> with all of my remote masters sending their locations data back to the >> central server. Now on my fast links remote connectivity is OK if I just >> point a master right to the database (eliminate puppetqd, etc), albeit still >> slower then if I were to have it local but I was hoping I could use a >> stomp+puppetqd to handle caching and asyncronously update my central mysql >> database. In my tests this seems to work however it looks like puppetdq is >> using sqllite to keep a cached copy. If I have 100 servers and I am doing a >> mass update during maintenance window I am seeing timeouts once we hit 5-6 >> servers which is likely sqllite. >> >> Perhaps this solution is not the most viable right now? I am OK with >> running a local mysql instance instead of sqllite if it is supported but I >> would like to get all of my stored config data in one location (using facter >> data, reporting is of great value to us). This would be useful as we can >> plugin foreman on top of that database for a central dashboard instead of >> having dozens of dashboards for each location. >> >> -Chris >> >> >> On Tue, Jun 8, 2010 at 2:40 PM, donavan wrote: >> >>> >>> On Jun 7, 1:00 pm, Christopher Johnston wrote: >>> > Think I found the issue from an strace, the rubygems-sqlit3 rpm was >>> > missing.. still curious on where the logs end up for it though. The >>> fact >>> > that its using sqllite also doesn't help as I think I am running into >>> > locking issues if I try to run a cross environment update. >>> >>> >>> Chris, were you using sqlite or mysql as the backend store when you >>> had issues? >>> >>> Evaluating remote sites with central storeconfigs is on the todo list >>> for me. Currently have it working just peachy with mysql, straight >>> storeconfig no puppetqd. >>> >>> -- >>> You received this message because you are subscribed to the Google Groups >>> "Puppet Users" group. >>> To post to this group, send email to puppet-us...@googlegroups.com. >>> To unsubscribe from this group, send email to >>> puppet-users+unsubscr...@googlegroups.com >>> . >>> For more options, visit this group at >>> http://groups.google.com/group/puppet-users?hl=en. >>> >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To post to this group, send email to puppet-us...@googlegroups.com. >> To unsubscribe from this group, send email to >> puppet-users+unsubscr...@googlegroups.com >> . >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en. >> > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com
[Puppet Users] Re: Could not retrieve catalog from remote server: certificate verify failed
Solved - God I had SELinux sometimes. On Wed, Jun 9, 2010 at 4:57 PM, Matt Keating wrote: > Update - After the client tries to connect, I found this in the > puppetmaster WEBrick log: > > [2010-06-09 17:52:10] DEBUG accept: 10.1.1.70:49980 > [2010-06-09 17:52:10] ERROR OpenSSL::SSL::SSLError: sslv3 alert bad > certificate > /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:44:in > `accept' > /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:44:in > `listen' > /usr/lib/ruby/1.8/webrick/server.rb:173:in `call' > /usr/lib/ruby/1.8/webrick/server.rb:173:in `start_thread' > /usr/lib/ruby/1.8/webrick/server.rb:162:in `start' > /usr/lib/ruby/1.8/webrick/server.rb:162:in `start_thread' > /usr/lib/ruby/1.8/webrick/server.rb:95:in `start' > /usr/lib/ruby/1.8/webrick/server.rb:92:in `each' > /usr/lib/ruby/1.8/webrick/server.rb:92:in `start' > /usr/lib/ruby/1.8/webrick/server.rb:23:in `start' > /usr/lib/ruby/1.8/webrick/server.rb:82:in `start' > /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:42:in > `listen' > /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:41:in > `initialize' > /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:41:in `new' > /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:41:in > `listen' > /usr/lib/ruby/1.8/thread.rb:135:in `synchronize' > /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:38:in > `listen' > /usr/lib/ruby/site_ruby/1.8/puppet/network/server.rb:131:in `listen' > /usr/lib/ruby/site_ruby/1.8/puppet/network/server.rb:146:in `start' > /usr/lib/ruby/site_ruby/1.8/puppet/daemon.rb:128:in `start' > /usr/lib/ruby/site_ruby/1.8/puppet/application/puppetmasterd.rb:122:in > `main' > /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:226:in `send' > /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:226:in `run_command' > /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:217:in `run' > /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:306:in `exit_on_fail' > /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:217:in `run' > /usr/sbin/puppetmasterd:66 > [2010-06-09 17:52:10] DEBUG close: 10.1.1.70:49980 > > > On Wed, Jun 9, 2010 at 4:27 PM, Matt Keating wrote: >> Hi guys, >> >> I'm trying to setup my first puppet installation and I'm running into >> problems. >> >> I've got the puppetmaster running on a fresh install of Centos 5.4. >> The puppet client is also on another Centos 5.4 server. >> Once I've signed the client certificate on the puppetmaster, the >> client seems to break. See below for the debug output from the client. >> >> Any clue as to what I'm doing wrong? >> >> Thanks. >> > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Input sought on changing default vardir on OS X.
0.25.5 changed the default vardir from /var/puppet to /var/lib/puppet and it's caused the odd issue we have to fix in the Mac pkg preflights. After re-reading 'man hier' I'm tempted to change the default on OS X to: /var/db/puppet instead. /var/ multi-purpose log, temporary, transient, and spool files ... db/misc. automatically generated system-specific database files Thoughts? -- nigel -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Foreman -- Reporting
My issue is basically, that I'm running foreman under passenger, and this config seems to break reporting. Yesterday,I was using webbrick and it was working fine, with the URL of foreman.rb pointing to http://host:3000. Today with passenger, I'm trying to point it to either http://host or https://host. Neither way has worked so far. Again, the reports are coming in, I'm just not able to display them under foreman. Thanks, On Jun 9, 11:14 am, "Jonathan A. Booth" wrote: > For what it is worth, to solve a similar problem with dashboard > (distributing puppet_dashboard.rb for reporting), I just stuck it in > modules/dashboard/lib/puppet_dashboard.rb with puppet.conf: > pluginsync=true. Then puppet distributes it automatically into a lib > directory and things work nice and happy. > > On 06/09/2010 10:13 AM, CraftyTech wrote: > > > Correction: I copied the foreman.rb to /usr/lib/ruby/site_ruby/1.8/ > > puppet/reports/foreman.rb from extras/puppet/foreman/files/foreman- > > report.rb. The instructions called for the file to be copied to /usr/ > > lib/ruby/1.8/puppet/reports, but that's not the directory structure > > that I have. I also made the file executable. > > > Thanks, > > > On Jun 9, 11:09 am, CraftyTech wrote: > >> Hello All, > > >> I don't seem to be able to get reports to display on the foreman > >> interface. I copied extras/puppet/foreman/files/foreman-report.rb to / > >> usr/lib/ruby/site_ruby/1.8/puppet/reportsforeman.rb, instead of /usr/ > >> lib/ruby/1.8/puppet/reports/foreman.rb. Config: Centos5.4, Apache/ > >> Passenger, Puppet 0.25.4. > > >> The reports are coming from the clients, because I can see them > >> in /var/lib/puppet/reports. I just don't seem to be able to display > >> them on Foreman. Here's my puppet.conf: > > >> [main] > >> vardir = /var/lib/puppet > >> logdir = /var/log/puppet > >> rundir = /var/run/puppet > >> reports= log, foreman > > >> [puppetmasterd] > >> ssl_client_header = SSL_CLIENT_S_DN > >> ssl_client_verify_header = SSL_CLIENT_VERIFY > >> modulepath = $confdir/modules > >> #reports=log, foreman > >> storeconfigs = true > >> dbadapter = mysql > >> dbuser = app_puppet > >> dbpassword = password > >> dbserver = localhost > >> dbsocket = /sql/mysql/mysql.sock > >> rrddir=/var/lib/puppet/rrd > >> rrdinterval=$runinterval > >> rrdgraph=true > > >> [puppetd] > >> classfile = $vardir/classes.txt > >> report = true > >> localconfig = $vardir/localconfig > > >> What am I missing here? Thanks, > > >> Henry -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] gentoo duplicate package names...
hi guys, I'm a newbie so please be gentle. ;)
I'm running puppet on gentoo with the modules from example42. They
seem to work well but I'm running into a problem with the way gentoo
does certain packages. Redhat and other distros seem to bundle the
mysql or openssh packages in mysql-client and mysql-server or openssh-
clients openssh-server.
so, when I try to use these modules, it fails because gentoo only has
one package for both clients and servers: mysql or openssh.
I tried to gentooify the module like this:
class puppet::master inherits puppet {
# We need rails for storeconfigs
include rails
package {
puppet-server:
name => $operatingsystem ? {
default => "puppet-server",
gentoo => "puppet",
},
alias => puppetmasterd,
ensure => present;
but, of course, the puppet package is already defined in the 'puppet'
class
what is a newbie to do? I looked in the puppet users archive but
didn't find any answers, maybe I'm not searching on the right thing.(?)
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Input sought on changing default vardir on OS X.
Hello Nigel, /var/db/puppet sounds good for the default location.. a little background: We have a central services team, and many field teams that directly support our customers. We've been looking into separating the $vardir based on team (central or field). We're still in the "thinking about it" stage, so we haven't fully implemented it yet. We have currently defined our central services $vardir as /var/lanl/puppet. Regards, -Roy On 6/9/10 12:49 PM, Nigel Kersten wrote: 0.25.5 changed the default vardir from /var/puppet to /var/lib/puppet and it's caused the odd issue we have to fix in the Mac pkg preflights. After re-reading 'man hier' I'm tempted to change the default on OS X to: /var/db/puppet instead. /var/ multi-purpose log, temporary, transient, and spool files ... db/misc. automatically generated system-specific database files Thoughts? -- nigel -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Foreman -- Reporting
With reports=log,foreman you'll see them under /var/lib/puppet/reports even if they aren't actually getting to foreman itself. Executability of foreman.rb won't factor in this working or not. The code in foreman.rb is probably connecting directly to foreman on http://(local?)host:3000. You may need to modify that file to connect to http://host:80 or via https. Alternately you could just have passenger listen to said port (localhost:3000). Note I don't strictly know that's true of Foreman. I'm guessing, based on my experiences with dashboard and passenger. On 06/09/2010 01:52 PM, CraftyTech wrote: My issue is basically, that I'm running foreman under passenger, and this config seems to break reporting. Yesterday,I was using webbrick and it was working fine, with the URL of foreman.rb pointing to http://host:3000. Today with passenger, I'm trying to point it to either http://host or https://host. Neither way has worked so far. Again, the reports are coming in, I'm just not able to display them under foreman. Thanks, On Jun 9, 11:14 am, "Jonathan A. Booth" wrote: For what it is worth, to solve a similar problem with dashboard (distributing puppet_dashboard.rb for reporting), I just stuck it in modules/dashboard/lib/puppet_dashboard.rb with puppet.conf: pluginsync=true. Then puppet distributes it automatically into a lib directory and things work nice and happy. On 06/09/2010 10:13 AM, CraftyTech wrote: Correction: I copied the foreman.rb to /usr/lib/ruby/site_ruby/1.8/ puppet/reports/foreman.rb from extras/puppet/foreman/files/foreman- report.rb. The instructions called for the file to be copied to /usr/ lib/ruby/1.8/puppet/reports, but that's not the directory structure that I have. I also made the file executable. Thanks, On Jun 9, 11:09 am, CraftyTechwrote: Hello All, I don't seem to be able to get reports to display on the foreman interface. I copied extras/puppet/foreman/files/foreman-report.rb to / usr/lib/ruby/site_ruby/1.8/puppet/reportsforeman.rb, instead of /usr/ lib/ruby/1.8/puppet/reports/foreman.rb. Config: Centos5.4, Apache/ Passenger, Puppet 0.25.4. The reports are coming from the clients, because I can see them in /var/lib/puppet/reports. I just don't seem to be able to display them on Foreman. Here's my puppet.conf: [main] vardir = /var/lib/puppet logdir = /var/log/puppet rundir = /var/run/puppet reports= log, foreman [puppetmasterd] ssl_client_header = SSL_CLIENT_S_DN ssl_client_verify_header = SSL_CLIENT_VERIFY modulepath = $confdir/modules #reports=log, foreman storeconfigs = true dbadapter = mysql dbuser = app_puppet dbpassword = password dbserver = localhost dbsocket = /sql/mysql/mysql.sock rrddir=/var/lib/puppet/rrd rrdinterval=$runinterval rrdgraph=true [puppetd] classfile = $vardir/classes.txt report = true localconfig = $vardir/localconfig What am I missing here? Thanks, Henry -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Foreman -- Reporting
What does your apache conf look like for foreman and the reports? On Wed, Jun 9, 2010 at 9:09 AM, CraftyTech wrote: > Hello All, > > I don't seem to be able to get reports to display on the foreman > interface. I copied extras/puppet/foreman/files/foreman-report.rb to / > usr/lib/ruby/site_ruby/1.8/puppet/reportsforeman.rb, instead of /usr/ > lib/ruby/1.8/puppet/reports/foreman.rb. Config: Centos5.4, Apache/ > Passenger, Puppet 0.25.4. > > The reports are coming from the clients, because I can see them > in /var/lib/puppet/reports. I just don't seem to be able to display > them on Foreman. Here's my puppet.conf: > > [main] >vardir = /var/lib/puppet >logdir = /var/log/puppet >rundir = /var/run/puppet >reports= log, foreman > > [puppetmasterd] >ssl_client_header = SSL_CLIENT_S_DN >ssl_client_verify_header = SSL_CLIENT_VERIFY >modulepath = $confdir/modules >#reports=log, foreman >storeconfigs = true >dbadapter = mysql >dbuser = app_puppet >dbpassword = password >dbserver = localhost >dbsocket = /sql/mysql/mysql.sock >rrddir=/var/lib/puppet/rrd >rrdinterval=$runinterval >rrdgraph=true > > [puppetd] >classfile = $vardir/classes.txt >report = true >localconfig = $vardir/localconfig > > What am I missing here? Thanks, > > Henry > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Storeconfigs connection pool problem
Queuing support from ActiveMQ doesn't even make a difference for me -- I thought the purpose of adding the queuing support was to queue the data in puppetqd's memory and let that flush out to the database when it could. I'm still seeing this error from the puppetmaster (not puppetqd). err: could not obtain a database connection within 5 seconds. The max pool size is currently 5; consider increasing it. Am I misunderstanding how puppetmasterd+puppetqd is supposed to function? On Wed, Jun 9, 2010 at 3:51 AM, Dan Carley wrote: > On 9 June 2010 06:09, Jason Koppe wrote: > >> On Fri, Feb 12, 2010 at 12:28 AM, Joe McDonagh < >> joseph.e.mcdon...@gmail.com> wrote: >> >>> Daniel Kerwin wrote: >>> >>> > Hi list, >>> > >>> > i just enabled storeconfigs and cannot use puppetrun on more than 5 >>> > hosts. When i try 6+ i get the error message: >>> > >>> > puppetmasterd[16209]: could not obtain a database connection within 5 >>> > seconds. The max pool size is currently 5; consider increasing it. >>> > >>> > My Mysql setup allows a lot more connections (500). Any suggestions? >>> >>> Do you have the proper rubygem for mysql installed? I think on >>> deb/ubuntu it's something like libmysql-ruby1.8. >>> >> >> I'm having the same problem with the mysql gem installed and the gem >> appears to be in-use >> > > The gem version is a bit of a red herring, so long are using the gem and > not Ruby's own connector. As the warning suggests, ActiveRecord's pool > option simply needs raising if it's to be put under any strain at all. There > is a bug/feature ticket as #2568 [0] which exposes this option to Puppet's > configuration. But it's not due to be delivered until 2.6/rowlf. > > I've been slipstreaming the patch into 0.25 myself because storeconfigs > grinds to a halt without it in my environment. Given the simplicity of the > diff and that it seems to be affecting a number of people I think it > probably warrants being brought forward to 0.25. > > [0] http://projects.puppetlabs.com/issues/2568 > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > -- Jason Koppe jason.robert.ko...@gmail.com Cell (210) 445-8242 -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Foreman -- Reporting
/etc/httpd/conf.d/foreman.conf:
ServerName hostnameXYZ
ServerAlias foreman
RailsAutoDetect On
DocumentRoot /var/www/html
RailsBaseURI /foreman
# Use puppet certificates for SSL
SSLEngine on
SSLCertificateFile /var/lib/puppet/ssl/certs/
hpjs01.isn.instinet.com.pem
SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/
hpjs01.isn.instinet.com.pem
SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCACertificateFile/var/lib/puppet/ssl/ca/ca_crt.pem
SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
SSLVerifyClient optional
SSLVerifyDepth 3
SSLOptions +StdEnvVars
/usr/lib/ruby/site_ruby/1.8/puppet/reports/foreman.rb:
# copy this file to your report dir - e.g. /usr/lib/ruby/1.8/puppet/
reports/
# add this report in your puppetmaster reports - e.g, in your
puppet.conf add:
# reports=log, foreman # (or any other reports you want)
# URL of your Foreman installation
$foreman_url="https://hostnameXYZ/foreman";
require 'puppet'
require 'net/http'
require 'uri'
Puppet::Reports.register_report(:foreman) do
Puppet.settings.use(:reporting)
desc "Sends reports directly to Foreman"
def process
begin
uri = URI.parse($foreman_url)
http = Net::HTTP.new(uri.host, uri.port)
if uri.scheme == 'https' then
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
end
req = Net::HTTP::Post.new("/reports/create?format=yml")
req.set_form_data({'report' => to_yaml})
response = http.request(req)
rescue Exception => e
raise Puppet::Error, "Could not send report to Foreman at
#{$foreman_url}/reports/create?format=yml: #{e}"
end
end
end
~
/etc/puppet/puppet.conf:
[main]
vardir = /var/lib/puppet
logdir = /var/log/puppet
rundir = /var/run/puppet
reports= log,foreman,store
pluginsync = true
[puppetmasterd]
ssl_client_header = SSL_CLIENT_S_DN
ssl_client_verify_header = SSL_CLIENT_VERIFY
modulepath = $confdir/modules
reportdir = /var/lib/puppet/reports
storeconfigs = true
dbadapter = mysql
dbuser = app_puppet
dbpassword = CoNf1Gpupp3T
dbserver = localhost
dbsocket = /sql/mysql/mysql.sock
rrddir=/var/lib/puppet/rrd
rrdinterval=$runinterval
rrdgraph=true
[puppetd]
classfile = $vardir/classes.txt
report = true
localconfig = $vardir/localconfig
*
The reports come in fine under /var/lib/puppet/reports. The only
piece that's not working is the reports on foreman. Any suggestions?
Thanks,
Henry
On Jun 9, 4:02 pm, Jacob Hunt wrote:
> What does your apache conf look like for foreman and the reports?
>
> On Wed, Jun 9, 2010 at 9:09 AM, CraftyTech wrote:
> > Hello All,
>
> > I don't seem to be able to get reports to display on the foreman
> > interface. I copied extras/puppet/foreman/files/foreman-report.rb to /
> > usr/lib/ruby/site_ruby/1.8/puppet/reportsforeman.rb, instead of /usr/
> > lib/ruby/1.8/puppet/reports/foreman.rb. Config: Centos5.4, Apache/
> > Passenger, Puppet 0.25.4.
>
> > The reports are coming from the clients, because I can see them
> > in /var/lib/puppet/reports. I just don't seem to be able to display
> > them on Foreman. Here's my puppet.conf:
>
> > [main]
> > vardir = /var/lib/puppet
> > logdir = /var/log/puppet
> > rundir = /var/run/puppet
> > reports= log, foreman
>
> > [puppetmasterd]
> > ssl_client_header = SSL_CLIENT_S_DN
> > ssl_client_verify_header = SSL_CLIENT_VERIFY
> > modulepath = $confdir/modules
> > #reports=log, foreman
> > storeconfigs = true
> > dbadapter = mysql
> > dbuser = app_puppet
> > dbpassword = password
> > dbserver = localhost
> > dbsocket = /sql/mysql/mysql.sock
> > rrddir=/var/lib/puppet/rrd
> > rrdinterval=$runinterval
> > rrdgraph=true
>
> > [puppetd]
> > classfile = $vardir/classes.txt
> > report = true
> > localconfig = $vardir/localconfig
>
> > What am I missing here? Thanks,
>
> > Henry
>
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Puppet Users" group.
> > To post to this group, send email to puppet-us...@googlegroups.com.
> > To unsubscribe from this group, send email to
> > puppet-users+unsubscr...@googlegroups.com
> > .
> > For more options, visit this group at
> >http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Foreman -- Reporting
/etc/httpd/conf.d/foreman.conf:
ServerName hostnameXYZ
ServerAlias foreman
RailsAutoDetect On
DocumentRoot /var/www/html
RailsBaseURI /foreman
# Use puppet certificates for SSL
SSLEngine on
SSLCertificateFile /var/lib/puppet/ssl/certs/
hpjs01.isn.instinet.com.pem
SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/
hpjs01.isn.instinet.com.pem
SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCACertificateFile/var/lib/puppet/ssl/ca/ca_crt.pem
SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
SSLVerifyClient optional
SSLVerifyDepth 3
SSLOptions +StdEnvVars
/usr/lib/ruby/site_ruby/1.8/puppet/reports/foreman.rb:
# copy this file to your report dir - e.g. /usr/lib/ruby/1.8/puppet/
reports/
# add this report in your puppetmaster reports - e.g, in your
puppet.conf add:
# reports=log, foreman # (or any other reports you want)
# URL of your Foreman installation
$foreman_url="https://hostnameXYZ/foreman";
require 'puppet'
require 'net/http'
require 'uri'
Puppet::Reports.register_report(:foreman) do
Puppet.settings.use(:reporting)
desc "Sends reports directly to Foreman"
def process
begin
uri = URI.parse($foreman_url)
http = Net::HTTP.new(uri.host, uri.port)
if uri.scheme == 'https' then
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
end
req = Net::HTTP::Post.new("/reports/create?format=yml")
req.set_form_data({'report' => to_yaml})
response = http.request(req)
rescue Exception => e
raise Puppet::Error, "Could not send report to Foreman at
#{$foreman_url}/reports/create?format=yml: #{e}"
end
end
end
~
/etc/puppet/puppet.conf:
[main]
vardir = /var/lib/puppet
logdir = /var/log/puppet
rundir = /var/run/puppet
reports= log,foreman,store
pluginsync = true
[puppetmasterd]
ssl_client_header = SSL_CLIENT_S_DN
ssl_client_verify_header = SSL_CLIENT_VERIFY
modulepath = $confdir/modules
reportdir = /var/lib/puppet/reports
storeconfigs = true
dbadapter = mysql
dbuser = puppet
dbpassword = password
dbserver = localhost
dbsocket = /sql/mysql/mysql.sock
rrddir=/var/lib/puppet/rrd
rrdinterval=$runinterval
rrdgraph=true
[puppetd]
classfile = $vardir/classes.txt
report = true
localconfig = $vardir/localconfig
*
The reports come in fine under /var/lib/puppet/reports. The only
piece that's not working is the reports on foreman. Any suggestions?
Thanks,
Henry
On Jun 9, 4:02 pm, Jacob Hunt wrote:
- Hide quoted text -
- Show quoted text -
On Jun 9, 4:02 pm, Jacob Hunt wrote:
> What does your apache conf look like for foreman and the reports?
>
> On Wed, Jun 9, 2010 at 9:09 AM, CraftyTech wrote:
> > Hello All,
>
> > I don't seem to be able to get reports to display on the foreman
> > interface. I copied extras/puppet/foreman/files/foreman-report.rb to /
> > usr/lib/ruby/site_ruby/1.8/puppet/reportsforeman.rb, instead of /usr/
> > lib/ruby/1.8/puppet/reports/foreman.rb. Config: Centos5.4, Apache/
> > Passenger, Puppet 0.25.4.
>
> > The reports are coming from the clients, because I can see them
> > in /var/lib/puppet/reports. I just don't seem to be able to display
> > them on Foreman. Here's my puppet.conf:
>
> > [main]
> > vardir = /var/lib/puppet
> > logdir = /var/log/puppet
> > rundir = /var/run/puppet
> > reports= log, foreman
>
> > [puppetmasterd]
> > ssl_client_header = SSL_CLIENT_S_DN
> > ssl_client_verify_header = SSL_CLIENT_VERIFY
> > modulepath = $confdir/modules
> > #reports=log, foreman
> > storeconfigs = true
> > dbadapter = mysql
> > dbuser = app_puppet
> > dbpassword = password
> > dbserver = localhost
> > dbsocket = /sql/mysql/mysql.sock
> > rrddir=/var/lib/puppet/rrd
> > rrdinterval=$runinterval
> > rrdgraph=true
>
> > [puppetd]
> > classfile = $vardir/classes.txt
> > report = true
> > localconfig = $vardir/localconfig
>
> > What am I missing here? Thanks,
>
> > Henry
>
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Puppet Users" group.
> > To post to this group, send email to puppet-us...@googlegroups.com.
> > To unsubscribe from this group, send email to
> > puppet-users+unsubscr...@googlegroups.com
> > .
> > For more options, visit this group at
> >http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Foreman -- Reporting
/etc/httpd/conf.d/foreman.conf:
ServerName hostnameXYZ
ServerAlias foreman
RailsAutoDetect On
DocumentRoot /var/www/html
RailsBaseURI /foreman
# Use puppet certificates for SSL
SSLEngine on
SSLCertificateFile /var/lib/puppet/ssl/certs/
hostnameXYZ.pem
SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/
hostnameXYZ.pem
SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCACertificateFile/var/lib/puppet/ssl/ca/ca_crt.pem
SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
SSLVerifyClient optional
SSLVerifyDepth 3
SSLOptions +StdEnvVars
/usr/lib/ruby/site_ruby/1.8/puppet/reports/foreman.rb:
# copy this file to your report dir - e.g. /usr/lib/ruby/1.8/puppet/
reports/
# add this report in your puppetmaster reports - e.g, in your
puppet.conf add:
# reports=log, foreman # (or any other reports you want)
# URL of your Foreman installation
$foreman_url="https://hostnameXYZ/foreman";
require 'puppet'
require 'net/http'
require 'uri'
Puppet::Reports.register_report(:foreman) do
Puppet.settings.use(:reporting)
desc "Sends reports directly to Foreman"
def process
begin
uri = URI.parse($foreman_url)
http = Net::HTTP.new(uri.host, uri.port)
if uri.scheme == 'https' then
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
end
req = Net::HTTP::Post.new("/reports/create?format=yml")
req.set_form_data({'report' => to_yaml})
response = http.request(req)
rescue Exception => e
raise Puppet::Error, "Could not send report to Foreman at
#{$foreman_url}/reports/create?format=yml: #{e}"
end
end
end
~
/etc/puppet/puppet.conf:
[main]
vardir = /var/lib/puppet
logdir = /var/log/puppet
rundir = /var/run/puppet
reports= log,foreman,store
pluginsync = true
[puppetmasterd]
ssl_client_header = SSL_CLIENT_S_DN
ssl_client_verify_header = SSL_CLIENT_VERIFY
modulepath = $confdir/modules
reportdir = /var/lib/puppet/reports
storeconfigs = true
dbadapter = mysql
dbuser = puppet
dbpassword = password
dbserver = localhost
dbsocket = /sql/mysql/mysql.sock
rrddir=/var/lib/puppet/rrd
rrdinterval=$runinterval
rrdgraph=true
[puppetd]
classfile = $vardir/classes.txt
report = true
localconfig = $vardir/localconfig
*
The reports come in fine under /var/lib/puppet/reports. The only
piece that's not working is the reports on foreman. Any suggestions?
Thanks,
Henry
On Jun 9, 4:02 pm, Jacob Hunt wrote:
> What does your apache conf look like for foreman and the reports?
>
> On Wed, Jun 9, 2010 at 9:09 AM, CraftyTech wrote:
> > Hello All,
>
> > I don't seem to be able to get reports to display on the foreman
> > interface. I copied extras/puppet/foreman/files/foreman-report.rb to /
> > usr/lib/ruby/site_ruby/1.8/puppet/reportsforeman.rb, instead of /usr/
> > lib/ruby/1.8/puppet/reports/foreman.rb. Config: Centos5.4, Apache/
> > Passenger, Puppet 0.25.4.
>
> > The reports are coming from the clients, because I can see them
> > in /var/lib/puppet/reports. I just don't seem to be able to display
> > them on Foreman. Here's my puppet.conf:
>
> > [main]
> > vardir = /var/lib/puppet
> > logdir = /var/log/puppet
> > rundir = /var/run/puppet
> > reports= log, foreman
>
> > [puppetmasterd]
> > ssl_client_header = SSL_CLIENT_S_DN
> > ssl_client_verify_header = SSL_CLIENT_VERIFY
> > modulepath = $confdir/modules
> > #reports=log, foreman
> > storeconfigs = true
> > dbadapter = mysql
> > dbuser = app_puppet
> > dbpassword = password
> > dbserver = localhost
> > dbsocket = /sql/mysql/mysql.sock
> > rrddir=/var/lib/puppet/rrd
> > rrdinterval=$runinterval
> > rrdgraph=true
>
> > [puppetd]
> > classfile = $vardir/classes.txt
> > report = true
> > localconfig = $vardir/localconfig
>
> > What am I missing here? Thanks,
>
> > Henry
>
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Puppet Users" group.
> > To post to this group, send email to puppet-us...@googlegroups.com.
> > To unsubscribe from this group, send email to
> > puppet-users+unsubscr...@googlegroups.com
> > .
> > For more options, visit this group at
> >http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Foreman -- Reporting
Looks like my config, except I added the following to see my reports
Alias /report /var/lib/puppet/rrd/
PassengerEnabled off
Options Indexes
Order deny,allow
Allow from all
On Wed, Jun 9, 2010 at 2:15 PM, CraftyTech wrote:
> /etc/httpd/conf.d/foreman.conf:
>
> ServerName hostnameXYZ
> ServerAlias foreman
>
> RailsAutoDetect On
> DocumentRoot /var/www/html
> RailsBaseURI /foreman
>
> # Use puppet certificates for SSL
> SSLEngine on
> SSLCertificateFile /var/lib/puppet/ssl/certs/
> hpjs01.isn.instinet.com.pem
> SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/
> hpjs01.isn.instinet.com.pem
> SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
> SSLCACertificateFile/var/lib/puppet/ssl/ca/ca_crt.pem
> SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
> SSLVerifyClient optional
> SSLVerifyDepth 3
> SSLOptions +StdEnvVars
>
>
>
> /usr/lib/ruby/site_ruby/1.8/puppet/reports/foreman.rb:
> # copy this file to your report dir - e.g. /usr/lib/ruby/1.8/puppet/
> reports/
> # add this report in your puppetmaster reports - e.g, in your
> puppet.conf add:
> # reports=log, foreman # (or any other reports you want)
>
> # URL of your Foreman installation
> $foreman_url="https://hostnameXYZ/foreman";
>
> require 'puppet'
> require 'net/http'
> require 'uri'
>
> Puppet::Reports.register_report(:foreman) do
>Puppet.settings.use(:reporting)
>desc "Sends reports directly to Foreman"
>
>def process
> begin
>uri = URI.parse($foreman_url)
>http = Net::HTTP.new(uri.host, uri.port)
>if uri.scheme == 'https' then
> http.use_ssl = true
> http.verify_mode = OpenSSL::SSL::VERIFY_NONE
>end
>req = Net::HTTP::Post.new("/reports/create?format=yml")
>req.set_form_data({'report' => to_yaml})
>response = http.request(req)
> rescue Exception => e
>raise Puppet::Error, "Could not send report to Foreman at
> #{$foreman_url}/reports/create?format=yml: #{e}"
> end
>end
> end
> ~
>
>
> /etc/puppet/puppet.conf:
> [main]
>vardir = /var/lib/puppet
>logdir = /var/log/puppet
>rundir = /var/run/puppet
> reports= log,foreman,store
>pluginsync = true
>
> [puppetmasterd]
>ssl_client_header = SSL_CLIENT_S_DN
>ssl_client_verify_header = SSL_CLIENT_VERIFY
>modulepath = $confdir/modules
> reportdir = /var/lib/puppet/reports
> storeconfigs = true
>dbadapter = mysql
>dbuser = app_puppet
> dbpassword = CoNf1Gpupp3T
> dbserver = localhost
>dbsocket = /sql/mysql/mysql.sock
>rrddir=/var/lib/puppet/rrd
>rrdinterval=$runinterval
>rrdgraph=true
>
> [puppetd]
>classfile = $vardir/classes.txt
>report = true
>localconfig = $vardir/localconfig
> *
> The reports come in fine under /var/lib/puppet/reports. The only
> piece that's not working is the reports on foreman. Any suggestions?
>
> Thanks,
>
> Henry
>
>
> On Jun 9, 4:02 pm, Jacob Hunt wrote:
> > What does your apache conf look like for foreman and the reports?
> >
> > On Wed, Jun 9, 2010 at 9:09 AM, CraftyTech wrote:
> > > Hello All,
> >
> > > I don't seem to be able to get reports to display on the foreman
> > > interface. I copied extras/puppet/foreman/files/foreman-report.rb to /
> > > usr/lib/ruby/site_ruby/1.8/puppet/reportsforeman.rb, instead of /usr/
> > > lib/ruby/1.8/puppet/reports/foreman.rb. Config: Centos5.4, Apache/
> > > Passenger, Puppet 0.25.4.
> >
> > > The reports are coming from the clients, because I can see them
> > > in /var/lib/puppet/reports. I just don't seem to be able to display
> > > them on Foreman. Here's my puppet.conf:
> >
> > > [main]
> > >vardir = /var/lib/puppet
> > >logdir = /var/log/puppet
> > >rundir = /var/run/puppet
> > >reports= log, foreman
> >
> > > [puppetmasterd]
> > >ssl_client_header = SSL_CLIENT_S_DN
> > >ssl_client_verify_header = SSL_CLIENT_VERIFY
> > >modulepath = $confdir/modules
> > >#reports=log, foreman
> > >storeconfigs = true
> > >dbadapter = mysql
> > >dbuser = app_puppet
> > >dbpassword = password
> > >dbserver = localhost
> > >dbsocket = /sql/mysql/mysql.sock
> > >rrddir=/var/lib/puppet/rrd
> > >rrdinterval=$runinterval
> > >rrdgraph=true
> >
> > > [puppetd]
> > >classfile = $vardir/classes.txt
> > >report = true
> > >localconfig = $vardir/localconfig
> >
> > > What am I missing here? Thanks,
> >
> > > Henry
> >
> > > --
> > > You received this message because you are subscribed to the Google
> Groups
> > > "Puppet Users" group.
> > > To post to this group, send email to puppet-us...@googlegroups.com.
> > > To unsubscribe from this group, send email to
> > > puppet-users+unsubscr...@googlegroups.com
>
> >
> > > .
> > > For more options, visit this group at
> > >http://groups.google.com/group/puppet-users?hl=en.
>
> --
> You received this message because yo
[Puppet Users] Re: Foreman -- Reporting
What happens if you have foreman listen say on port 3000 with
passenger and have ssl disabled?
On Jun 9, 3:29 pm, CraftyTech wrote:
> /etc/httpd/conf.d/foreman.conf:
>
> ServerName hostnameXYZ
> ServerAlias foreman
>
> RailsAutoDetect On
> DocumentRoot /var/www/html
> RailsBaseURI /foreman
>
> # Use puppet certi ficates for SSL
> SSLEngine on
> SSLCertificateFile /var/lib/puppet/ssl/certs/
> hostnameXYZ.pem
> SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/
> hostnameXYZ.pem
> SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
> SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
> SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
> SSLVerifyClient optional
> SSLVerifyDepth 3
> SSLOptions +StdEnvVars
>
>
>
> /usr/lib/ruby/site_ruby/1.8/puppet/reports/foreman.rb:
> # copy this file to your report dir - e.g. /usr/lib/ruby/1.8/puppet/
> reports/
> # add this report in your puppetmaster reports - e.g, in your
> puppet.conf add:
> # reports=log, foreman # (or any other reports you want)
>
> # URL of your Foreman installation
> $foreman_url="https://hostnameXYZ/foreman";
>
> require 'puppet'
> require 'net/http'
> require 'uri'
>
> Puppet::Reports.register_report(:foreman) do
> Puppet.settings.use(:reporting)
> desc "Sends reports directly to Foreman"
>
> def process
> begin
> uri = URI.parse($foreman_url)
> http = Net::HTTP.new(uri.host, uri.port)
> if uri.scheme == 'https' then
> http.use_ssl = true
> http.verify_mode = OpenSSL::SSL::VERIFY_NONE
> end
> req = Net::HTTP::Post.new("/reports/create?format=yml")
> req.set_form_data({'report' => to_yaml})
> response = http.request(req)
> rescue Exception => e
> raise Puppet::Error, "Could not send report to Foreman at
> #{$foreman_url}/reports/create?format=yml: #{e}"
> end
> end
> end
> ~
>
> /etc/puppet/puppet.conf:
> [main]
> vardir = /var/lib/puppet
> logdir = /var/log/puppet
> rundir = /var/run/puppet
> reports= log,foreman,store
> pluginsync = true
>
> [puppetmasterd]
> ssl_client_header = SSL_CLIENT_S_DN
> ssl_client_verify_header = SSL_CLIENT_VERIFY
> modulepath = $confdir/modules
> reportdir = /var/lib/puppet/reports
> storeconfigs = true
> dbadapter = mysql
> dbuser = puppet
> dbpassword = password
> dbserver = localhost
> dbsocket = /sql/mysql/mysql.sock
> rrddir=/var/lib/puppet/rrd
> rrdinterval=$runinterval
> rrdgraph=true
>
> [puppetd]
> classfile = $vardir/classes.txt
> report = true
> localconfig = $vardir/localconfig
> *
> The reports come in fine under /var/lib/puppet/reports. The only
> piece that's not working is the reports on foreman. Any suggestions?
>
> Thanks,
>
> Henry
>
> On Jun 9, 4:02 pm, Jacob Hunt wrote:
>
> > What does your apache conf look like for foreman and the reports?
>
> > On Wed, Jun 9, 2010 at 9:09 AM, CraftyTech wrote:
> > > Hello All,
>
> > > I don't seem to be able to get reports to display on the foreman
> > > interface. I copied extras/puppet/foreman/files/foreman-report.rb to /
> > > usr/lib/ruby/site_ruby/1.8/puppet/reportsforeman.rb, instead of /usr/
> > > lib/ruby/1.8/puppet/reports/foreman.rb. Config: Centos5.4, Apache/
> > > Passenger, Puppet 0.25.4.
>
> > > The reports are coming from the clients, because I can see them
> > > in /var/lib/puppet/reports. I just don't seem to be able to display
> > > them on Foreman. Here's my puppet.conf:
>
> > > [main]
> > > vardir = /var/lib/puppet
> > > logdir = /var/log/puppet
> > > rundir = /var/run/puppet
> > > reports= log, foreman
>
> > > [puppetmasterd]
> > > ssl_client_header = SSL_CLIENT_S_DN
> > > ssl_client_verify_header = SSL_CLIENT_VERIFY
> > > modulepath = $confdir/modules
> > > #reports=log, foreman
> > > storeconfigs = true
> > > dbadapter = mysql
> > > dbuser = app_puppet
> > > dbpassword = password
> > > dbserver = localhost
> > > dbsocket = /sql/mysql/mysql.sock
> > > rrddir=/var/lib/puppet/rrd
> > > rrdinterval=$runinterval
> > > rrdgraph=true
>
> > > [puppetd]
> > > classfile = $vardir/classes.txt
> > > report = true
> > > localconfig = $vardir/localconfig
>
> > > What am I missing here? Thanks,
>
> > > Henry
>
> > > --
> > > You received this message because you are subscribed to the Google Groups
> > > "Puppet Users" group.
> > > To post to this group, send email to puppet-us...@googlegroups.com.
> > > To unsubscribe from this group, send email to
> > > puppet-users+unsubscr...@googlegroups.com
> > > .
> > > For more options, visit this group at
> > >http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To uns
[Puppet Users] Gitoroius Puppet Module
Anyone here have a module who install Gitorious ate Centos 5.4? If yes can send me the module? -- Marley Bacelar Project Fedora Ambassador VCP, VSP. VTSP., ITILF, IBM 000-076, IBM 000-330, IBM 000-331 marleybace...@gmail.com -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Input sought on changing default vardir on OS X.
Nigel, We're trained to check /var/db for pkgdmg trigger files anyways - I've got no problem with it. I'll need to make sure my external nodes script can find the $vardir/yaml/facts store, but other than that I don't have a problem with its change. I suspect many may not notice - at least initially :) -Gary On Wed, Jun 9, 2010 at 3:12 PM, Roy Nielsen wrote: > Hello Nigel, > > /var/db/puppet sounds good for the default location.. > > a little background: We have a central services team, and many field teams > that directly support our customers. > > We've been looking into separating the $vardir based on team (central or > field). We're still in the "thinking about it" stage, so we haven't fully > implemented it yet. We have currently defined our central services $vardir > as /var/lanl/puppet. > > Regards, > -Roy > > > On 6/9/10 12:49 PM, Nigel Kersten wrote: > >> 0.25.5 changed the default vardir from /var/puppet to /var/lib/puppet >> and it's caused the odd issue we have to fix in the Mac pkg >> preflights. >> >> After re-reading 'man hier' I'm tempted to change the default on OS X to: >> >> /var/db/puppet >> >> instead. >> >> >> /var/ multi-purpose log, temporary, transient, and spool >> files >>... >>db/misc. automatically generated >> system-specific database files >> >> >> Thoughts? >> >> -- >> nigel >> >> >> > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- Gary Larizza Director of Technology Huron City Schools http://www.huronhs.com 悟 -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Input sought on changing default vardir on OS X.
On Wed, Jun 9, 2010 at 6:15 PM, Gary Larizza wrote: > Nigel, > We're trained to check /var/db for pkgdmg trigger files anyways - I've got > no problem with it. I'll need to make sure my external nodes script can > find the $vardir/yaml/facts store, but other than that I don't have a > problem with its change. I suspect many may not notice - at least initially > :) So this kind of raises another question then... Should we move the pkgdmg location? > -Gary > > On Wed, Jun 9, 2010 at 3:12 PM, Roy Nielsen wrote: >> >> Hello Nigel, >> >> /var/db/puppet sounds good for the default location.. >> >> a little background: We have a central services team, and many field teams >> that directly support our customers. >> >> We've been looking into separating the $vardir based on team (central or >> field). We're still in the "thinking about it" stage, so we haven't fully >> implemented it yet. We have currently defined our central services $vardir >> as /var/lanl/puppet. >> >> Regards, >> -Roy >> >> On 6/9/10 12:49 PM, Nigel Kersten wrote: >>> >>> 0.25.5 changed the default vardir from /var/puppet to /var/lib/puppet >>> and it's caused the odd issue we have to fix in the Mac pkg >>> preflights. >>> >>> After re-reading 'man hier' I'm tempted to change the default on OS X to: >>> >>> /var/db/puppet >>> >>> instead. >>> >>> >>> /var/ multi-purpose log, temporary, transient, and spool >>> files >>> ... >>> db/ misc. automatically generated >>> system-specific database files >>> >>> >>> Thoughts? >>> >>> -- >>> nigel >>> >>> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To post to this group, send email to puppet-us...@googlegroups.com. >> To unsubscribe from this group, send email to >> puppet-users+unsubscr...@googlegroups.com. >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en. >> > > > > -- > Gary Larizza > > Director of Technology > Huron City Schools > http://www.huronhs.com > > 悟 > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > -- nigel -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Input sought on changing default vardir on OS X.
On Wed, Jun 9, 2010 at 9:17 PM, Nigel Kersten wrote: > On Wed, Jun 9, 2010 at 6:15 PM, Gary Larizza wrote: > > Nigel, > > We're trained to check /var/db for pkgdmg trigger files anyways - I've > got > > no problem with it. I'll need to make sure my external nodes script can > > find the $vardir/yaml/facts store, but other than that I don't have a > > problem with its change. I suspect many may not notice - at least > initially > > :) > > So this kind of raises another question then... > > Should we move the pkgdmg location? > > > If we do - would there be a mechanism to automatically migrate those .puppet files to the new directory (in the update package). I know it's easily scripted, but think about upgrading and then pkgdmg looking to the new location, not finding the files, and pulling down all those packages again. That's my only concern (off the top of my head). Short of that - I let pkgdmg handle those files, so I don't really care where they're located (so long as I can find them). > > -Gary > > > > On Wed, Jun 9, 2010 at 3:12 PM, Roy Nielsen wrote: > >> > >> Hello Nigel, > >> > >> /var/db/puppet sounds good for the default location.. > >> > >> a little background: We have a central services team, and many field > teams > >> that directly support our customers. > >> > >> We've been looking into separating the $vardir based on team (central or > >> field). We're still in the "thinking about it" stage, so we haven't > fully > >> implemented it yet. We have currently defined our central services > $vardir > >> as /var/lanl/puppet. > >> > >> Regards, > >> -Roy > >> > >> On 6/9/10 12:49 PM, Nigel Kersten wrote: > >>> > >>> 0.25.5 changed the default vardir from /var/puppet to /var/lib/puppet > >>> and it's caused the odd issue we have to fix in the Mac pkg > >>> preflights. > >>> > >>> After re-reading 'man hier' I'm tempted to change the default on OS X > to: > >>> > >>> /var/db/puppet > >>> > >>> instead. > >>> > >>> > >>> /var/ multi-purpose log, temporary, transient, and spool > >>> files > >>>... > >>>db/misc. automatically generated > >>> system-specific database files > >>> > >>> > >>> Thoughts? > >>> > >>> -- > >>> nigel > >>> > >>> > >> > >> -- > >> You received this message because you are subscribed to the Google > Groups > >> "Puppet Users" group. > >> To post to this group, send email to puppet-us...@googlegroups.com. > >> To unsubscribe from this group, send email to > >> puppet-users+unsubscr...@googlegroups.com > . > >> For more options, visit this group at > >> http://groups.google.com/group/puppet-users?hl=en. > >> > > > > > > > > -- > > Gary Larizza > > > > Director of Technology > > Huron City Schools > > http://www.huronhs.com > > > > 悟 > > > > -- > > You received this message because you are subscribed to the Google Groups > > "Puppet Users" group. > > To post to this group, send email to puppet-us...@googlegroups.com. > > To unsubscribe from this group, send email to > > puppet-users+unsubscr...@googlegroups.com > . > > For more options, visit this group at > > http://groups.google.com/group/puppet-users?hl=en. > > > > > > -- > nigel > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- Gary Larizza Director of Technology Huron City Schools http://www.huronhs.com 悟 -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Input sought on changing default vardir on OS X.
On Wed, Jun 9, 2010 at 6:22 PM, Gary Larizza wrote: > > > On Wed, Jun 9, 2010 at 9:17 PM, Nigel Kersten wrote: >> >> On Wed, Jun 9, 2010 at 6:15 PM, Gary Larizza wrote: >> > Nigel, >> > We're trained to check /var/db for pkgdmg trigger files anyways - I've >> > got >> > no problem with it. I'll need to make sure my external nodes script can >> > find the $vardir/yaml/facts store, but other than that I don't have a >> > problem with its change. I suspect many may not notice - at least >> > initially >> > :) >> >> So this kind of raises another question then... >> >> Should we move the pkgdmg location? >> >> > > If we do - would there be a mechanism to automatically migrate those .puppet > files to the new directory (in the update package). I know it's easily > scripted, but think about upgrading and then pkgdmg looking to the new > location, not finding the files, and pulling down all those packages again. > That's my only concern (off the top of my head). Short of that - I let > pkgdmg handle those files, so I don't really care where they're located (so > long as I can find them). Yeah that's horrendous. I wouldn't even think about doing it unless the preflight script moved them all from the current location to the new one. > > >> >> > -Gary >> > >> > On Wed, Jun 9, 2010 at 3:12 PM, Roy Nielsen wrote: >> >> >> >> Hello Nigel, >> >> >> >> /var/db/puppet sounds good for the default location.. >> >> >> >> a little background: We have a central services team, and many field >> >> teams >> >> that directly support our customers. >> >> >> >> We've been looking into separating the $vardir based on team (central >> >> or >> >> field). We're still in the "thinking about it" stage, so we haven't >> >> fully >> >> implemented it yet. We have currently defined our central services >> >> $vardir >> >> as /var/lanl/puppet. >> >> >> >> Regards, >> >> -Roy >> >> >> >> On 6/9/10 12:49 PM, Nigel Kersten wrote: >> >>> >> >>> 0.25.5 changed the default vardir from /var/puppet to /var/lib/puppet >> >>> and it's caused the odd issue we have to fix in the Mac pkg >> >>> preflights. >> >>> >> >>> After re-reading 'man hier' I'm tempted to change the default on OS X >> >>> to: >> >>> >> >>> /var/db/puppet >> >>> >> >>> instead. >> >>> >> >>> >> >>> /var/ multi-purpose log, temporary, transient, and spool >> >>> files >> >>> ... >> >>> db/ misc. automatically generated >> >>> system-specific database files >> >>> >> >>> >> >>> Thoughts? >> >>> >> >>> -- >> >>> nigel >> >>> >> >>> >> >> >> >> -- >> >> You received this message because you are subscribed to the Google >> >> Groups >> >> "Puppet Users" group. >> >> To post to this group, send email to puppet-us...@googlegroups.com. >> >> To unsubscribe from this group, send email to >> >> puppet-users+unsubscr...@googlegroups.com. >> >> For more options, visit this group at >> >> http://groups.google.com/group/puppet-users?hl=en. >> >> >> > >> > >> > >> > -- >> > Gary Larizza >> > >> > Director of Technology >> > Huron City Schools >> > http://www.huronhs.com >> > >> > 悟 >> > >> > -- >> > You received this message because you are subscribed to the Google >> > Groups >> > "Puppet Users" group. >> > To post to this group, send email to puppet-us...@googlegroups.com. >> > To unsubscribe from this group, send email to >> > puppet-users+unsubscr...@googlegroups.com. >> > For more options, visit this group at >> > http://groups.google.com/group/puppet-users?hl=en. >> > >> >> >> >> -- >> nigel >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To post to this group, send email to puppet-us...@googlegroups.com. >> To unsubscribe from this group, send email to >> puppet-users+unsubscr...@googlegroups.com. >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en. >> > > > > -- > Gary Larizza > > Director of Technology > Huron City Schools > http://www.huronhs.com > > 悟 > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > -- nigel -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Nginx/Mongrel Could not retrieve catalog from remote server: Error 403 on SERVER
wiki is right, I forgot this: ssl_client_header = HTTP_X_SSL_SUBJECT On 6月9日, 上午10时21分, Jomo wrote: > It works for me too, thank you. > It should be added to the wiki. > > btw, my nginx is 0.8.29. > > On 6月9日, 上午12时01分, Dan Carley wrote: > > > On 8 June 2010 10:06, Jomo wrote: > > > > It works well when I use webrick. The config of nginx is from puppet > > > wiki, some logs is below, what's wrong? > > > I suspect that it relates to the use of HTTP headers and Puppet not knowing > > who the client is from it's certificate. > > > The wiki documentation assumes that you're launching puppetmasterd with the > > argument `--ssl_client_header=HTTP_X_SSL_SUBJECT`. It does so in order to > > maintain configuration compatibility with Pound. But personally, I don't use > > Pound and prefer to keep Puppet as vanilla as possible. The following > > (exclusive) `proxy_set_header` directives work fine under for me: > > > proxy_set_headerHost$host; > > proxy_set_headerX-Real-IP $remote_addr; > > proxy_set_headerX-Forwarded-For $proxy_add_x_forwarded_for; > > proxy_set_headerX-Client_DN $ssl_client_s_dn; > > proxy_set_headerX-Client-Verify $ssl_client_verify; > > > You don't mention what version of Nginx you're using. They'll need adjusting > > suitably for <0.8.x -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Redmine Ticket Creation and Updates via email
Hi all We've just finished enabling ticket creation and updates via email. You can now send an email to tick...@puppetlabs.com to create a ticket. You must have a Redmine account to do this and your From address must match the address on your Redmine account. Any attachments added to the email will be applied to the ticket. By default, issues are added to the Puppet project but you can override this by specifying the Project option in the email body: Project: facter (Or dashboard, module-site (Forge), puppet-docs) Redmine tries to use the plain text part of the email to fill the description of the issue. If a HTML-only email is received, HTML tags are removed from its body. You can also reply to a Redmine ticket notification email and the relevant ticket will be updated. This is new functionality for us and I anticipate some teething problems - if you have issues please email me directly. IMPORTANT NOTE - the new source/emission email address for tickets is tick...@puppetlabs.com. If you have filters or rules that use the old address (redm...@puppetlabs.com) then you will need to change them! Thanks James Turnbull -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
