Re: [Puppet Users] Bind Module
How about the RPM that does this all for you ? Dan On Jun 29, 2010, at 12:12 AM, Steve Neuharth wrote: > Never seen that before. I laughed so hard that I peed a little. thank you for > that. the laughing, not necessarily the peeing. > > On Mon, Jun 28, 2010 at 10:47 PM, Peter Meier wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 06/29/2010 01:27 AM, Douglas Garstang wrote: > > Anyone know where I can find a good chrooted named module for centos? > > Named as chroot is ugly... soft and hard links everywhere... > > http://lmgtfy.com/?q=puppet+module+chroot+named > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.4.10 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAkwpbMwACgkQbwltcAfKi3/5kACfYWKIcIw64Q3HxVNSXGq6Jgxj > LTYAn0+0kSyqfxRV84rdWw1Bj0UhojMA > =0M6S > -END PGP SIGNATURE- > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Ensuring Repo's
I got it.
I had to put require => undef in the package {} sections in yum::client.
Doug.
On Mon, Jun 28, 2010 at 10:32 PM, Douglas Garstang
wrote:
> So... somehow on a previous implementation, I was able to set
> everything up so that all my yum repo's where in place before any
> packages got installed. I'm not exactly sure how I did it due to
> puppet's awful scoping. Now that I am trying to do it again, it ain't
> working.
>
> I put a:
>
> Package {
> provider => yum,
> require => [ Class['yum::client'], Exec["yum-clean-all"] ]
> }
>
> in site.pp, where yum::client installs the repo's, but puppet then
> bitches about cyclic dependancies. Is there a way to do this?
>
> Doug
>
--
Regards,
Douglas Garstang
http://www.linkedin.com/in/garstang
Email: doug.garst...@gmail.com
Cell: +1-805-340-5627
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Ensuring Repo's
So... somehow on a previous implementation, I was able to set
everything up so that all my yum repo's where in place before any
packages got installed. I'm not exactly sure how I did it due to
puppet's awful scoping. Now that I am trying to do it again, it ain't
working.
I put a:
Package {
provider => yum,
require => [ Class['yum::client'], Exec["yum-clean-all"] ]
}
in site.pp, where yum::client installs the repo's, but puppet then
bitches about cyclic dependancies. Is there a way to do this?
Doug
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Bind Module
Never seen that before. I laughed so hard that I peed a little. thank you for that. the laughing, not necessarily the peeing. On Mon, Jun 28, 2010 at 10:47 PM, Peter Meier wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 06/29/2010 01:27 AM, Douglas Garstang wrote: > > Anyone know where I can find a good chrooted named module for centos? > > Named as chroot is ugly... soft and hard links everywhere... > > http://lmgtfy.com/?q=puppet+module+chroot+named > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.4.10 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAkwpbMwACgkQbwltcAfKi3/5kACfYWKIcIw64Q3HxVNSXGq6Jgxj > LTYAn0+0kSyqfxRV84rdWw1Bj0UhojMA > =0M6S > -END PGP SIGNATURE- > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Bind Module
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 06/29/2010 01:27 AM, Douglas Garstang wrote: > Anyone know where I can find a good chrooted named module for centos? > Named as chroot is ugly... soft and hard links everywhere... http://lmgtfy.com/?q=puppet+module+chroot+named -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwpbMwACgkQbwltcAfKi3/5kACfYWKIcIw64Q3HxVNSXGq6Jgxj LTYAn0+0kSyqfxRV84rdWw1Bj0UhojMA =0M6S -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Bind Module
Anyone know where I can find a good chrooted named module for centos? Named as chroot is ugly... soft and hard links everywhere... Doug -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] nagios client check?
I was thinking I'd have to look at the master logs on server, but looks like each host has the state file. So am I correct in assuming that the state.yaml will only get updated/touched on successful run? This is why I was thinking of checking server logs on master to be sure that it completed successfully but maybe not necessary ? Dan On Jun 28, 2010, at 5:34 PM, Todd Zullinger wrote: > Daniel Wittenberg wrote: >> Anyone written a check for nagios to make sure their nodes are >> checking in and updating correctly? I think I'd rather have a >> passive check on the nagios server that just alerts me if something >> hasn't checked in for last 24 hours rather than having antoher >> dashboard to go look at. Anyone tried this? > > There was a thread on this very subject a few weeks back: > > http://groups.google.com/group/puppet-users/browse_thread/thread/ab9cb64b3356cba7 > > :) > > -- > ToddOpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp > ~~ > There's no trick to being a humorist when you have the whole > government working for you. >-- Will Rogers. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] nagios client check?
Daniel Wittenberg wrote: > Anyone written a check for nagios to make sure their nodes are > checking in and updating correctly? I think I'd rather have a > passive check on the nagios server that just alerts me if something > hasn't checked in for last 24 hours rather than having antoher > dashboard to go look at. Anyone tried this? There was a thread on this very subject a few weeks back: http://groups.google.com/group/puppet-users/browse_thread/thread/ab9cb64b3356cba7 :) -- ToddOpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~ There's no trick to being a humorist when you have the whole government working for you. -- Will Rogers. pgpbd77Uw6l1s.pgp Description: PGP signature
Re: [Puppet Users] Variable Scoping = Root Canal
On Mon, Jun 28, 2010 at 9:28 AM, Alan Barrett wrote:
> On Mon, 28 Jun 2010, Douglas Garstang wrote:
>> > node 'node1.fr.xxx.com' {
>> > $facility_name = "sjc"
>> > include ldap::client
>>
>> Not gonna work. It's pointless to define the facility at the node level.
>
> You have to set the facility name somewhere. If not at the node level,
> then where?
Further up the node/class hierarchy where I don't have to duplicate it
for every node.
>
> Also, if you were willing to put "include facility::sjc" at the node
> level, then why is "$facility_name = sjc" any worse?
I'm not prepared to do that.
>
> I am unlikely to help you any further, unless there's a dramatic
> improvement in your attitude, and your ability to adapt examples to your
> own use cases.
Just stating the facts.
Doug.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] nagios client check?
Anyone written a check for nagios to make sure their nodes are checking in and updating correctly? I think I'd rather have a passive check on the nagios server that just alerts me if something hasn't checked in for last 24 hours rather than having antoher dashboard to go look at. Anyone tried this? Dan -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppetlabs Apache module - problem/solution/question
Silviu Paragina wrote: >> according to Luke @ puppetcamp Europe this is a problem that should be >> fixed within puppet. So it should be possible to define that package >> cron or apache should be installed and all the cron/a2mod depend on that >> package and puppet shouldn't fail before. >> > I totally agree with this, but shouldn't the apache module work prior to > this happening in puppet? My big big question is if should I submit this > file to James, for the apache module? Looking from a practical viewpoint > augeas usually gets installed with puppet automatically, and cron is > probably already there. But on a new system to have apache already > installed is improbable. Let me discuss this internally a little and see what Luke had planned for the fix - I agree it's an issue. Of interest on the same topic - does anyone have a good way to include/remove modules on non-Debian/Ubuntu Apache installations? Regards James Turnbull -- Puppet Labs - http://www.puppetlabs.com C: 503-734-8571 -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppetlabs Apache module - problem/solution/question
On 28.06.2010 21:16, Peter Meier wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 1. Is this a good ideea? (if not why not?) From other discussions, I know that this is how puppet should behave in general about type providers. 2. Should I open a ticket to add this new file for the apache module? 3. This seems trivial. Why wasn't it done for augeas/cron? Should I open a ticket for those, possibly adding the code? according to Luke @ puppetcamp Europe this is a problem that should be fixed within puppet. So it should be possible to define that package cron or apache should be installed and all the cron/a2mod depend on that package and puppet shouldn't fail before. I totally agree with this, but shouldn't the apache module work prior to this happening in puppet? My big big question is if should I submit this file to James, for the apache module? Looking from a practical viewpoint augeas usually gets installed with puppet automatically, and cron is probably already there. But on a new system to have apache already installed is improbable. Silviu -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Chicken or the egg
Imho you should separate the resources (class/defines) used by the
physical machine from those of the virtual machine.
Example:
You should have a define for the physical machines, that creates the
virtual machine(s). They would probably look like your define
my_vserver, without the property physical host (as the physical host is
determined by where the resource is applied).
Anything that is going to be set up on the virtual machine should get
defined in the virtual machines. Now if there is some application, which
gets installed on the virtual machine, that requires special parameters
on the physical host, you should export this resource(s) with a known
clear tag like exporttophysicalfrom_www_example.com. (sugest: maybe
create a puppet function/define to make it harder for typos to slip in
here). Now, in the define you used on the physical server, you import
all exported resources which are tagged with this string (note that
define should have a virtual hostname parameter)
:-)
Just my 2 cents,
Silviu
On 28.06.2010 17:12, David Darville wrote:
I am trying to use Puppet to handle our Linux Vserver based virtual servers,
including the actual installation of the virtual servers. (If you don't know
how Linux Vserver works, think of a BSD style jail)
The elegant way to configure this, would be to export the configuration
details from the virtual machine configuration, and then collect it on the
physical machine, which then installs/reconfigures the virtual server.
This results in some configuration similar to the following pseudo
configuration:
include my_vserver
node "virtual01.domain.tld" {
$ip = '192.168.0.37'
@@my_vserver { $host:
ensure=> running,
ip=> $ip,
physical_host => "physical01.domain.tld",
}
# Additional configuration
}
node "physical01.domain.tld" {
My_vserver<<| physical_host == $hostname |>>
# Additional configuration
}
I already have a preliminary module, which handles the actual installation
and configuration of the virtual servers. The problem is that it requires
the egg before the chicken, by needing to have the resource exported by the
Puppet instance inside the virtual server, before the virtual server can be
installed.
Does anyone have a good idea on how to solve this problem?
--
David Darville
--
You received this message because you are subscribed to the Google Groups "Puppet
Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppetlabs Apache module - problem/solution/question
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 > 1. Is this a good ideea? (if not why not?) From other discussions, I > know that this is how puppet should behave in general about type providers. > 2. Should I open a ticket to add this new file for the apache module? > 3. This seems trivial. Why wasn't it done for augeas/cron? Should I open > a ticket for those, possibly adding the code? according to Luke @ puppetcamp Europe this is a problem that should be fixed within puppet. So it should be possible to define that package cron or apache should be installed and all the cron/a2mod depend on that package and puppet shouldn't fail before. I'm not sure if somebody already opened a ticket for that (probably for the cron issue). I not go ahead and create one. cheers pete -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwo5xcACgkQbwltcAfKi38AOQCeKrUoETphZsfcTa6k2DQq9RyT 1dkAnj2WgRVbr67HS1Ny0s/hP8zrCDmr =b+A9 -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Seemingly simple question - current status?
On Jun 28, 2010, at 10:31 AM, Luke Kanies wrote: > On Jun 28, 2010, at 6:38 AM, dbs wrote: > >> I have a 3 different puppetmasters running different groups of >> machines (dev, testing, and production). I'd like to very simply say >> "Give me a brief summary of the status of the nodes you manage." >> >> I've been having nightmare dependency problems trying to get things >> like Dashboard running that seem to be able to do this (Ruby, which >> may be an elegant language, is very crunchynew in regards to specific >> versions and stable updates. Frustrating). >> >> What I'd like to see is something like: >> >> $ puppetstatus >> Node etl01.foo.com : Ok (Last contact: 6/28/2010 12:40pm, last update: >> 6/26/2010 11:05am (Module sudoers) >> Node etl02.foo.com : Ok (Last contact: 6/28/2010 11:25am, last update: >> 6/26/2010 11:03am (Module sudoers) >> Node etl03.foo.com : Ok (Last contact: 6/28/2010 12:18pm, last update: >> 6/26/2010 9:05am (Module sudoers) >> Node db02.foo.com: Error (Last contact: 6/28/2010 12:18pm) : Depedency >> not met : MySQL v5.1.20 >> >> Is this possible? I looked at the external nodes methodology, but >> that seems to be a mechanism for just storing node definitions, not >> getting status updates. > > The Puppet Dashboard provides this as long as you hook your reports up to go > to it, plus there are other things like puppetlast and Foreman that can do > similar work. Just a heads up for dbs, puppetlast will tell you when the last run happened. It won't tell you if the run succeeded though. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Puppetlabs Apache module - problem/solution/question
I'm trying out the apache module from puppet labs. Note the a2mod type
in it. Now I have uncovered the classical provider problem with it. If
you require some apache modules enabled and you don't have apache
installed you get the classical no provider for a2mod (in this
particular case) and puppet bails out, without actually doing anything
aside from fact/type sync. Now leaving aside augeas/cron which might be
considered puppet requirements, apache might not be installed on a
system, therefore, it is a requirement for this module to work with
apache installed or not. Adding a fact for "is apache installed" is kind
of cumbersome for this case and my solution was to add a bogus provider.
nona2mod.rb:
Puppet::Type.type(:a2mod).provide(:nona2mod) do
desc "Provider in case there is no a2enmod/a2dismod installed on
the current system."
def create
fail("Apache not yet installed")
end
def destroy
fail("Apache not yet installed")
end
def exists?
mod= "/etc/apache2/mods-enabled/" + resource[:name] + ".load"
File.exists?(mod)
end
end
This works for me, by failing the a2mod resources in case apache in not
installed. Now the questions (hope you get to read till here :) )
1. Is this a good ideea? (if not why not?) From other discussions, I
know that this is how puppet should behave in general about type providers.
2. Should I open a ticket to add this new file for the apache module?
3. This seems trivial. Why wasn't it done for augeas/cron? Should I open
a ticket for those, possibly adding the code?
Silviu
--
You received this message because you are subscribed to the Google Groups "Puppet
Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Chicken or the egg
I am trying to use Puppet to handle our Linux Vserver based virtual servers,
including the actual installation of the virtual servers. (If you don't know
how Linux Vserver works, think of a BSD style jail)
The elegant way to configure this, would be to export the configuration
details from the virtual machine configuration, and then collect it on the
physical machine, which then installs/reconfigures the virtual server.
This results in some configuration similar to the following pseudo
configuration:
include my_vserver
node "virtual01.domain.tld" {
$ip = '192.168.0.37'
@@my_vserver { $host:
ensure=> running,
ip=> $ip,
physical_host => "physical01.domain.tld",
}
# Additional configuration
}
node "physical01.domain.tld" {
My_vserver <<| physical_host == $hostname |>>
# Additional configuration
}
I already have a preliminary module, which handles the actual installation
and configuration of the virtual servers. The problem is that it requires
the egg before the chicken, by needing to have the resource exported by the
Puppet instance inside the virtual server, before the virtual server can be
installed.
Does anyone have a good idea on how to solve this problem?
--
David Darville
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Borked Client Cert in 0.25
Hi, had the same problem a few days ago (luckily only in a test environment). It seems that puppetca --clean ... is not enough in this case. For me it was solved be deleting the corresponding cert from /etc/puppet/ssl/certs on the server & the client. Robert On Sun, Jun 27, 2010 at 12:47 PM, Douglas Garstang wrote: On Sun, Jun 27, 2010 at 12:34 PM, Douglas Garstang wrote: Here we go with puppet 0.25 certificate problems again. I had a system where puppet was running fine. I reinstalled it. Running puppet on the client causes this: "Could not request certificate: Retrieved certificate does not match private key; please remove certificate from server and regenerate it with the current key". Fine... so I run 'puppetca --clean kick01.fr.xxx.com' on the server, who responds with: [r...@inst01 puppet]# puppetca --clean kick01.fr.xxx.com kick01.fr.xxx.com notice: Removing file Puppet::SSL::Certificate kick01.fr.xxx.com at '/var/lib/puppet/ssl/ca/signed/kick01.fr.xxx.com.pem' I then rerun puppet on the client and I am getting the same error. I must have done this hundreds of times with 0.24.8. What am I doing wrong now? Doug. *sigh* On the client, I removed the puppet rpm, blew away /var/lib/puppet, and reinstalled the puppet rpm again. Started puppet, it requested a certificate (but it logged nothing on the client about it, even in debug mode), signed it on the server, and I am still getting this on the client. warning: peer certificate won't be verified in this SSL session info: Caching certificate for kick01.fr.xxx.com err: Could not request certificate: Retrieved certificate does not match private key; please remove certificate from server and regenerate it with the current key *sigh* Puppet is on crack. Even when the server isn't running, I STILL get this error! -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Seemingly simple question - current status?
Well you can use the reporting system, dump to YAML and parse, but I would highly suggest waiting until 2.6.0 where the reporting is going from cludgy to elegant. If you need it now, look at: http://projects.puppetlabs.com/projects/puppet/wiki/Reports_And_Reporting Right now supported things are email, syslog, and YAML (aka storage). A script could easily parse the YAML and do what you want, but since it is changing radically (for the better) in 2.6.0 I would avoid any heavy coding. - Tom On Jun 28, 9:38 am, dbs wrote: > I have a 3 different puppetmasters running different groups of > machines (dev, testing, and production). I'd like to very simply say > "Give me a brief summary of the status of the nodes you manage." > > I've been having nightmare dependency problems trying to get things > like Dashboard running that seem to be able to do this (Ruby, which > may be an elegant language, is very crunchynew in regards to specific > versions and stable updates. Frustrating). > > What I'd like to see is something like: > > $ puppetstatus > Node etl01.foo.com : Ok (Last contact: 6/28/2010 12:40pm, last update: > 6/26/2010 11:05am (Module sudoers) > Node etl02.foo.com : Ok (Last contact: 6/28/2010 11:25am, last update: > 6/26/2010 11:03am (Module sudoers) > Node etl03.foo.com : Ok (Last contact: 6/28/2010 12:18pm, last update: > 6/26/2010 9:05am (Module sudoers) > Node db02.foo.com: Error (Last contact: 6/28/2010 12:18pm) : Depedency > not met : MySQL v5.1.20 > > Is this possible? I looked at the external nodes methodology, but > that seems to be a mechanism for just storing node definitions, not > getting status updates. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] variable scoping over and over
On Mon, Jun 28, 2010 at 10:22 AM, Antony Mayi wrote:
> this topic is currently being massively discussed so I just would like to
> share my pain also.
>
> my intention was to have an array of node's roles and each included role
> class would just record into the array its role identificator. then I could
> write simple function has_role and then write various condition with role
> checks. imho this would be awesome however impossible to implement with
> variable scoping.
>
> individual roles would be defined as classes as follows (this is just an
> example demonstrating the varscope issue so don't try to find a workaround
> for this simple case as I am more interested how to implement this whole
> idea):
>
> class root_role {
> $node_roles = []
> }
>
> class role_mysql extends root_role {
> $node_roles += [ "role_mysql" ]
> include mysql
> }
>
> class role_postgres extends root_role {
> $node_roles += [ "role_postgres" ]
> include mysql
> }
>
> class role_basehost {
> if has_role("role_postgres") {
>
>
why cant this logic just go in the role postgres class?
> } else {
>
> }
> }
>
> node lamp {
> include role_postgres
> include role_basehost
> }
>
> obviously this doesn't work. maybe you have now idea to use directly the
> $root_role::node_roles and reference it in all other roles however that
> wouldn't work neither cause the qualified variables from other classes are
> readonly.
>
you could always embed this kind of logic in an external node classifier.
> this is pain, pain and again pain!
> cry with me,
> Antony.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Seemingly simple question - current status?
On Jun 28, 2010, at 6:38 AM, dbs wrote: I have a 3 different puppetmasters running different groups of machines (dev, testing, and production). I'd like to very simply say "Give me a brief summary of the status of the nodes you manage." I've been having nightmare dependency problems trying to get things like Dashboard running that seem to be able to do this (Ruby, which may be an elegant language, is very crunchynew in regards to specific versions and stable updates. Frustrating). What I'd like to see is something like: $ puppetstatus Node etl01.foo.com : Ok (Last contact: 6/28/2010 12:40pm, last update: 6/26/2010 11:05am (Module sudoers) Node etl02.foo.com : Ok (Last contact: 6/28/2010 11:25am, last update: 6/26/2010 11:03am (Module sudoers) Node etl03.foo.com : Ok (Last contact: 6/28/2010 12:18pm, last update: 6/26/2010 9:05am (Module sudoers) Node db02.foo.com: Error (Last contact: 6/28/2010 12:18pm) : Depedency not met : MySQL v5.1.20 Is this possible? I looked at the external nodes methodology, but that seems to be a mechanism for just storing node definitions, not getting status updates. The Puppet Dashboard provides this as long as you hook your reports up to go to it, plus there are other things like puppetlast and Foreman that can do similar work. -- The cure for writer's cramp is writer's block. -- Inigo DeLeon - Luke Kanies -|- http://puppetlabs.com -|- +1(615)594-8199 -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] variable scoping over and over
Wow, this really makes Puppet look like a programming language, which it isn't.
Have you considered creating classes for each of the roles and then classes
that include those roles and then assigning one of those classes to each node?
We have hundreds of combinations here but that's how we do it and it works fine.
So in your example, your node lamp could just include postgres instead of a
role_postgres and then rely on some other class to do the right thing. It
seems like an inversion of the hierarchy, which is fun in programming but not
in modeling.
But yes, if you insist on doing it this way, it will be painful. :)
- "Antony Mayi" wrote:
> this topic is currently being massively discussed so I just would like
> to share my pain also.
>
>
> my intention was to have an array of node's roles and each included
> role class would just record into the array its role identificator.
> then I could write simple function has_role and then write various
> condition with role checks. imho this would be awesome however
> impossible to implement with variable scoping.
>
>
> individual roles would be defined as classes as follows (this is just
> an example demonstrating the varscope issue so don't try to find a
> workaround for this simple case as I am more interested how to
> implement this whole idea):
>
>
> class root_role {
> $node_roles = []
> }
>
>
> class role_mysql extends root_role {
>
> $node_roles += [ "role_mysql" ]
> include mysql
> }
>
>
>
>
> class role_postgres extends root_role {
> $node_roles += [ "role_postgres" ]
> include mysql
> }
>
>
> class role_basehost {
> if has_role("role_postgres") {
>
> } else {
>
> }
> }
>
>
> node lamp {
> include role_postgres
> include role_basehost
> }
>
>
> obviously this doesn't work. maybe you have now idea to use directly
> the $root_role::node_roles and reference it in all other roles however
> that wouldn't work neither cause the qualified variables from other
> classes are readonly.
>
>
> this is pain, pain and again pain!
> cry with me,
> Antony.
>
>
>
> --
> You received this message because you are subscribed to the Google
> Groups "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
--
Digant C Kasundra
Infrastructure Systems Software Developer, ITS:IDG, Stanford University
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] variable scoping over and over
this topic is currently being massively discussed so I just would like to share
my pain also.
my intention was to have an array of node's roles and each included role class
would just record into the array its role identificator. then I could write
simple function has_role and then write various condition with role checks.
imho this would be awesome however impossible to implement with variable
scoping.
individual roles would be defined as classes as follows (this is just an
example demonstrating the varscope issue so don't try to find a workaround for
this simple case as I am more interested how to implement this whole idea):
class root_role {
$node_roles = []
}
class role_mysql extends root_role {
$node_roles += [ "role_mysql" ]
include mysql
}
class role_postgres extends root_role {
$node_roles += [ "role_postgres" ]
include mysql
}
class role_basehost {
if has_role("role_postgres") {
} else {
}
}
node lamp {
include role_postgres
include role_basehost
}
obviously this doesn't work. maybe you have now idea to use directly the
$root_role::node_roles and reference it in all other roles however that
wouldn't work neither cause the qualified variables from other classes are
readonly.
this is pain, pain and again pain!
cry with me,
Antony.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] "onlyif" for resource type "file"
Thanks a lot guys. I will explore both roads. Mohamed. On Mon, Jun 28, 2010 at 12:30 PM, Patrick Mohr wrote: > > On Jun 28, 2010, at 9:09 AM, David Schmitt wrote: > >> On 6/28/2010 5:33 PM, Mohamed Lrhazi wrote: However, I *strongly* urge you to tell us what you problem is >>> >>> I have a bunch of files that were deployed via kickstart and manual >>> provisioning procedures that I am "translating" to Puppet... >> >> My condolences. >> >>> This one file, /etc/ldap.conf, is deployed from kickstart, but then >>> later, a manual run of a script by an admin, as part of later >>> provisioning step, updates ldap.conf with bind password... I need >>> /etc/ldap.conf deployed right after initial install, and maintained... >>> but don't want the bindpassword overwritten once it has been updated, >>> the password is unique to each host What would be the right way to >>> maintain such a file? >> >> Maintain the lists of passwords on the master and provision them using >> extlookup and a template. You can still provision a basic ldap.conf on >> kickstart, but as soon as puppet kicks in, you'll be in total and perpetual >> control of the file. > > My solution is simpler and easier to implement, but this solution will > probably be much easier to deal with in the long run. With David's solution, > you won't need to have the admin set the password using the script. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- " Logic merely sanctions the conquests of the intuition." Jacques Hadamard -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Variable Scoping = Root Canal
This actually looks like a prime candidate for a custom written fact so
that you don't have to faff about like this all over the place.
On 28/06/2010 17:28, Alan Barrett wrote:
> On Mon, 28 Jun 2010, Douglas Garstang wrote:
>>>node 'node1.fr.xxx.com' {
>>>$facility_name = "sjc"
>>>include ldap::client
>> Not gonna work. It's pointless to define the facility at the node level.
> You have to set the facility name somewhere. If not at the node level,
> then where?
>
> Also, if you were willing to put "include facility::sjc" at the node
> level, then why is "$facility_name = sjc" any worse?
>
> I am unlikely to help you any further, unless there's a dramatic
> improvement in your attitude, and your ability to adapt examples to your
> own use cases.
>
> --apb (Alan Barrett)
>
--
Trevor Hemsley
Infrastructure Engineer
.
* C A L Y P S O
* Brighton, UK
OFFICE +44 (0) 1273 666 350
FAX +44 (0) 1273 666 351
.
www.calypso.com
This electronic-mail might contain confidential information intended
only for the use by the entity named. If the reader of this message is
not the intended recipient, the reader is hereby notified that any
dissemination, distribution or copying is strictly prohibited.
* P * /*/ Please consider the environment before printing this e-mail /*/
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] "onlyif" for resource type "file"
On Jun 28, 2010, at 9:09 AM, David Schmitt wrote: > On 6/28/2010 5:33 PM, Mohamed Lrhazi wrote: >>> However, I *strongly* urge you to tell us what you problem is >> >> I have a bunch of files that were deployed via kickstart and manual >> provisioning procedures that I am "translating" to Puppet... > > My condolences. > >> This one file, /etc/ldap.conf, is deployed from kickstart, but then >> later, a manual run of a script by an admin, as part of later >> provisioning step, updates ldap.conf with bind password... I need >> /etc/ldap.conf deployed right after initial install, and maintained... >> but don't want the bindpassword overwritten once it has been updated, >> the password is unique to each host What would be the right way to >> maintain such a file? > > Maintain the lists of passwords on the master and provision them using > extlookup and a template. You can still provision a basic ldap.conf on > kickstart, but as soon as puppet kicks in, you'll be in total and perpetual > control of the file. My solution is simpler and easier to implement, but this solution will probably be much easier to deal with in the long run. With David's solution, you won't need to have the admin set the password using the script. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Variable Scoping = Root Canal
On Mon, 28 Jun 2010, Douglas Garstang wrote:
> >node 'node1.fr.xxx.com' {
> >$facility_name = "sjc"
> >include ldap::client
>
> Not gonna work. It's pointless to define the facility at the node level.
You have to set the facility name somewhere. If not at the node level,
then where?
Also, if you were willing to put "include facility::sjc" at the node
level, then why is "$facility_name = sjc" any worse?
I am unlikely to help you any further, unless there's a dramatic
improvement in your attitude, and your ability to adapt examples to your
own use cases.
--apb (Alan Barrett)
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] "onlyif" for resource type "file"
On Jun 28, 2010, at 8:33 AM, Mohamed Lrhazi wrote:
> Thanks a lot Daniel.
>
>> However, I *strongly* urge you to tell us what you problem is
>
> Right, am newbie here, so am sure am doing a lot of things wrong, or
> thinking about them from a wrong way
>
> I have a bunch of files that were deployed via kickstart and manual
> provisioning procedures that I am "translating" to Puppet...
>
> This one file, /etc/ldap.conf, is deployed from kickstart, but then
> later, a manual run of a script by an admin, as part of later
> provisioning step, updates ldap.conf with bind password... I need
> /etc/ldap.conf deployed right after initial install, and maintained...
> but don't want the bindpassword overwritten once it has been updated,
> the password is unique to each host What would be the right way to
> maintain such a file?
You might want to look into Augeas. That would allow you to manage some
settings in the file, but not all the settings. This way you can change any
settings you want even after the password is set.
Here's an example.
augeas { "set_ldap_settings":
#If your ldap.conf is directly in etc, you'll need to change the next
line
context => "/files/etc/ldap/ldap.conf",
changes => [
"set SIZELIMIT 11",
"set BASE dc=exaple,dc=com",
"set URI 'ldap://ldap.exaple.com
ldap://ldap-master.exaple.com:666'"
},
}
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] "onlyif" for resource type "file"
On 6/28/2010 5:33 PM, Mohamed Lrhazi wrote: However, I *strongly* urge you to tell us what you problem is I have a bunch of files that were deployed via kickstart and manual provisioning procedures that I am "translating" to Puppet... My condolences. This one file, /etc/ldap.conf, is deployed from kickstart, but then later, a manual run of a script by an admin, as part of later provisioning step, updates ldap.conf with bind password... I need /etc/ldap.conf deployed right after initial install, and maintained... but don't want the bindpassword overwritten once it has been updated, the password is unique to each host What would be the right way to maintain such a file? Maintain the lists of passwords on the master and provision them using extlookup and a template. You can still provision a basic ldap.conf on kickstart, but as soon as puppet kicks in, you'll be in total and perpetual control of the file. Best Regards, David -- dasz.at OG Tel: +43 (0)664 2602670 Web: http://dasz.at Klosterneuburg UID: ATU64260999 FB-Nr.: FN 309285 g FB-Gericht: LG Korneuburg -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Variable Scoping = Root Canal
On Mon, Jun 28, 2010 at 4:07 AM, Alan Barrett wrote:
> On Sun, 27 Jun 2010, Douglas Garstang wrote:
>> node 'node1.fr.xxx.com' {
>> include facility::sjc
>> include ldap::client
>> }
>>
>> In this example, variables defined in facility::sjc are not visible in
>> ldap::client (in this case, it would be the IP address of the local
>> LDAP server).
>
> I'd probably use extlookup(), but you could try something like this
> (untested):
>
> node 'node1.fr.xxx.com' {
> $facility_name = "sjc"
> include ldap::client
Not gonna work. It's pointless to define the facility at the node level.
Doug.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] "onlyif" for resource type "file"
Thanks a lot Daniel. > However, I *strongly* urge you to tell us what you problem is Right, am newbie here, so am sure am doing a lot of things wrong, or thinking about them from a wrong way I have a bunch of files that were deployed via kickstart and manual provisioning procedures that I am "translating" to Puppet... This one file, /etc/ldap.conf, is deployed from kickstart, but then later, a manual run of a script by an admin, as part of later provisioning step, updates ldap.conf with bind password... I need /etc/ldap.conf deployed right after initial install, and maintained... but don't want the bindpassword overwritten once it has been updated, the password is unique to each host What would be the right way to maintain such a file? Thanks a lot. Mohamed. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Seemingly simple question - current status?
I have a 3 different puppetmasters running different groups of machines (dev, testing, and production). I'd like to very simply say "Give me a brief summary of the status of the nodes you manage." I've been having nightmare dependency problems trying to get things like Dashboard running that seem to be able to do this (Ruby, which may be an elegant language, is very crunchynew in regards to specific versions and stable updates. Frustrating). What I'd like to see is something like: $ puppetstatus Node etl01.foo.com : Ok (Last contact: 6/28/2010 12:40pm, last update: 6/26/2010 11:05am (Module sudoers) Node etl02.foo.com : Ok (Last contact: 6/28/2010 11:25am, last update: 6/26/2010 11:03am (Module sudoers) Node etl03.foo.com : Ok (Last contact: 6/28/2010 12:18pm, last update: 6/26/2010 9:05am (Module sudoers) Node db02.foo.com: Error (Last contact: 6/28/2010 12:18pm) : Depedency not met : MySQL v5.1.20 Is this possible? I looked at the external nodes methodology, but that seems to be a mechanism for just storing node definitions, not getting status updates. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] "onlyif" for resource type "file"
On Mon, 28 Jun 2010, Mohamed Lrhazi wrote:
> file { "/etc/ldap.conf":
> owner => root,
> group => nscd,
> mode=> 640,
> content => template("gu_auth/ldap.conf.rb"),
> onlyifnot => "grep -E '^PUPPET ME NOT' '/etc/ldap.conf'",
> }
"onlyif" doesn't work on file resources, but see bug #651.
For now, you can fake it like this:
file { "/etc/ldap.conf.puppet":
owner => root,
group => nscd,
mode=> 640,
content => template("gu_auth/ldap.conf.rb"),
}
exec { "update /etc/ldap.conf":
command => "cp /etc/ldap.conf.puppet /etc/ldap.conf",
unless => "grep -E '^PUPPET ME NOT' /etc/ldap.conf",
}
--apb (Alan Barrett)
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] "onlyif" for resource type "file"
Mohamed Lrhazi writes:
> How do I deploy a file, but then stop deploying it when it has been changed
> in a certain way?
Don't do that. That way lies madness. You will have machines that are
randomly in and out of the pool of managed files all over the place, with no
way to audit or manage that.
Instead, only include the "file" define on machines where you do want to
manage the content, or do something like this:
file { "/etc/ldap.conf.puppet": ... }
exec { "/bin/ln -s /etc/ldap.conf.puppet /etc/ldap.conf":
creates => "/etc/ldap.conf"
}
That way you will only put the puppet file in place (by creating the symlink)
until something exists in that location. Refining this (eg: dealing with
pre-existing files) is easy enough to extend it to.
However, I *strongly* urge you to tell us what you problem is — because you
are clearly wanting to do this to solve some problem, and there might be a
much better way to do what you want.
Regards,
Daniel
--
✣ Daniel Pittman✉ dan...@rimspace.net☎ +61 401 155 707
♽ made with 100 percent post-consumer electrons
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] "onlyif" for resource type "file"
Hello,
How do I deploy a file, but then stop deploying it when it has been
changed in a certain way?
Something like:
file { "/etc/ldap.conf":
owner => root,
group => nscd,
mode=> 640,
content => template("gu_auth/ldap.conf.rb"),
onlyifnot => "grep -E '^PUPPET ME NOT' '/etc/ldap.conf'",
}
Thanks a lot.
Mohamed.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] deprecation warning for "file" in modules
On 6/28/2010 12:25 PM, Cedric Jeanneret wrote: Hello, Since we upgraded to 0.25.4, we have this kind of warning: DEPRECATION NOTICE: Files found in modules without specifying 'modules' in file path will be deprecated in the next major release. Please fix module '' when no 0.24.x clients are present The message is easy to understand, but I'm unable to find which "file" instance has an error... Does it come from "source => '...'" or from "template()" ? we have some files which don't have any source nor content set - only there to manage permissions. Is it a problem ? This comes from files that have a source => 'puppet:///modulename/path/' set. After you have upgraded all 0.24 clients, you can change this to 'puppet:///modules/modulename/path/' as described in the warning. Best Regards, David -- dasz.at OG Tel: +43 (0)664 2602670 Web: http://dasz.at Klosterneuburg UID: ATU64260999 FB-Nr.: FN 309285 g FB-Gericht: LG Korneuburg -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Variable Scoping = Root Canal
On Sun, 27 Jun 2010, Douglas Garstang wrote:
> node 'node1.fr.xxx.com' {
> include facility::sjc
> include ldap::client
> }
>
> In this example, variables defined in facility::sjc are not visible in
> ldap::client (in this case, it would be the IP address of the local
> LDAP server).
I'd probably use extlookup(), but you could try something like this
(untested):
node 'node1.fr.xxx.com' {
$facility_name = "sjc"
include ldap::client
}
class facility {
$ldapserver = undef # this gets overridden in facility::sjc
}
class facility::myfacility {
include "facility::${facility_name}"
}
class facility::sjc extends facility {
$facility::ldapserver = "1.2.3.4"
}
class ldap_client {
include facility::myfacility
... do something with $facility::ldapserver
}
> Another approach is to do everything with node inheritance
Common opinion seems to be that node inheritance should be avoided.
--apb (Alan Barrett)
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Error 400 : could not find template
> Just out of curiosity, have you got your $templatedir variable set in
> your puppet.conf ?
>
> templatedir = /etc/puppet/manifests/templates
That was the fault indeed!
This file was not in git, otherwise I had seen it stupid fault...
If you ever visit Belgium, I'll pay you one of our famous special beers ;-)
>
>>
>>
>>
>> On Mon, Jun 28, 2010 at 10:28, Patrick Mohr wrote:
>>> Where are your templates?
>>> /etc/puppet/templates
>>> or
>>> /etc/puppet/modules/module-name/templates (I may have a typo in the
>>> path.)
>>>
>>> Also, what's the full path to puppet.conf.erb?
>>>
>>> On Jun 28, 2010, at 1:04 AM, Pieter Baele wrote:
>>>
Hello,
I did make a stupid fault: not commiting changes to version control :-(
After the installation of puppet-dashboard, I added a recipe to add
report = true to puppet config files on clients.
Now all Puppet clients don't update because of an error...
What can be the various reasons for an '400' error??
I guess it has something to do with rights.
Jun 28 09:52:36 pm puppetmasterd[22709]: Could not find template
'etc/motd.erb' at /etc/puppet/manifests/classes/motd.pp:6 on node
pm..
Jun 28 09:52:36 pm puppetd[23432]: Could not retrieve catalog from
remote server: Error 400 on SERVER: Could not find template
'etc/motd.erb' at /etc/puppet/manifests/classes/motd.pp:6 on node
pm..
Jun 28 09:46:17 tsta puppetd[31413]: Could not retrieve catalog from
remote server: Error 400 on SERVER: Could not find template
'etc/motd.erb' at /etc/puppet/manifests/classes/motd.pp:6 on node
tsta.
This is the class to serve the puppet.conf file:
class puppet {
$puppet_config_dir = "/etc/puppet/"
$puppet_conf = "$puppet_config_dir/puppet.conf"
user {
"puppet":
ensure => present;
}
file {
$puppet_config_dir:
ensure => directory,
owner => root,
group => root,
mode => 0755;
$puppet_conf:
owner => root,
group => root,
mode => 0644,
content => template("etc/puppet/puppet.conf.erb");
}
service {
"puppet":
ensure => running,
enable => true;
}
}
Met vriendelijke groeten,
Pieter Baele
www.pieterb.be
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Error 400 : could not find template
On Mon, Jun 28, 2010 at 9:42 AM, Pieter Baele wrote:
> These are in /etc/puppet/manifests/templates
>
> |-- classes
> | |-- motd.pp
> | |-- puppet.pp
> |-- nodes
> | |-- default.pp
> |-- site.pp
> `-- templates
> `-- etc
> |-- motd.erb
> |-- puppet
> | `-- puppet.conf.erb
>
> Met vriendelijke groeten,
> Pieter Baele
> www.pieterb.be
Just out of curiosity, have you got your $templatedir variable set in
your puppet.conf ?
templatedir = /etc/puppet/manifests/templates
>
>
>
> On Mon, Jun 28, 2010 at 10:28, Patrick Mohr wrote:
>> Where are your templates?
>> /etc/puppet/templates
>> or
>> /etc/puppet/modules/module-name/templates (I may have a typo in the
>> path.)
>>
>> Also, what's the full path to puppet.conf.erb?
>>
>> On Jun 28, 2010, at 1:04 AM, Pieter Baele wrote:
>>
>>> Hello,
>>>
>>> I did make a stupid fault: not commiting changes to version control :-(
>>> After the installation of puppet-dashboard, I added a recipe to add
>>> report = true to puppet config files on clients.
>>>
>>> Now all Puppet clients don't update because of an error...
>>> What can be the various reasons for an '400' error??
>>> I guess it has something to do with rights.
>>>
>>> Jun 28 09:52:36 pm puppetmasterd[22709]: Could not find template
>>> 'etc/motd.erb' at /etc/puppet/manifests/classes/motd.pp:6 on node
>>> pm..
>>> Jun 28 09:52:36 pm puppetd[23432]: Could not retrieve catalog from
>>> remote server: Error 400 on SERVER: Could not find template
>>> 'etc/motd.erb' at /etc/puppet/manifests/classes/motd.pp:6 on node
>>> pm..
>>>
>>> Jun 28 09:46:17 tsta puppetd[31413]: Could not retrieve catalog from
>>> remote server: Error 400 on SERVER: Could not find template
>>> 'etc/motd.erb' at /etc/puppet/manifests/classes/motd.pp:6 on node
>>> tsta.
>>>
>>>
>>>
>>> This is the class to serve the puppet.conf file:
>>>
>>> class puppet {
>>> $puppet_config_dir = "/etc/puppet/"
>>> $puppet_conf = "$puppet_config_dir/puppet.conf"
>>>
>>> user {
>>> "puppet":
>>> ensure => present;
>>> }
>>>
>>> file {
>>> $puppet_config_dir:
>>> ensure => directory,
>>> owner => root,
>>> group => root,
>>> mode => 0755;
>>>
>>> $puppet_conf:
>>> owner => root,
>>> group => root,
>>> mode => 0644,
>>> content => template("etc/puppet/puppet.conf.erb");
>>> }
>>>
>>> service {
>>> "puppet":
>>> ensure => running,
>>> enable => true;
>>> }
>>> }
>>>
>>>
>>>
>>> Met vriendelijke groeten,
>>> Pieter Baele
>>> www.pieterb.be
>>>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] deprecation warning for "file" in modules
Hello, Since we upgraded to 0.25.4, we have this kind of warning: DEPRECATION NOTICE: Files found in modules without specifying 'modules' in file path will be deprecated in the next major release. Please fix module '' when no 0.24.x clients are present The message is easy to understand, but I'm unable to find which "file" instance has an error... Does it come from "source => '...'" or from "template()" ? we have some files which don't have any source nor content set - only there to manage permissions. Is it a problem ? Thank you in advance. Best regards, C. Jeanneret -- Cédric Jeanneret | System Administrator 021 619 10 32| Camptocamp SA cedric.jeanne...@camptocamp.com | PSE-A / EPFL signature.asc Description: PGP signature
Re: [Puppet Users] Error 400 : could not find template
These are in /etc/puppet/manifests/templates
|-- classes
| |-- motd.pp
| |-- puppet.pp
|-- nodes
| |-- default.pp
|-- site.pp
`-- templates
`-- etc
|-- motd.erb
|-- puppet
| `-- puppet.conf.erb
Met vriendelijke groeten,
Pieter Baele
www.pieterb.be
On Mon, Jun 28, 2010 at 10:28, Patrick Mohr wrote:
> Where are your templates?
> /etc/puppet/templates
> or
> /etc/puppet/modules/module-name/templates (I may have a typo in the
> path.)
>
> Also, what's the full path to puppet.conf.erb?
>
> On Jun 28, 2010, at 1:04 AM, Pieter Baele wrote:
>
>> Hello,
>>
>> I did make a stupid fault: not commiting changes to version control :-(
>> After the installation of puppet-dashboard, I added a recipe to add
>> report = true to puppet config files on clients.
>>
>> Now all Puppet clients don't update because of an error...
>> What can be the various reasons for an '400' error??
>> I guess it has something to do with rights.
>>
>> Jun 28 09:52:36 pm puppetmasterd[22709]: Could not find template
>> 'etc/motd.erb' at /etc/puppet/manifests/classes/motd.pp:6 on node
>> pm..
>> Jun 28 09:52:36 pm puppetd[23432]: Could not retrieve catalog from
>> remote server: Error 400 on SERVER: Could not find template
>> 'etc/motd.erb' at /etc/puppet/manifests/classes/motd.pp:6 on node
>> pm..
>>
>> Jun 28 09:46:17 tsta puppetd[31413]: Could not retrieve catalog from
>> remote server: Error 400 on SERVER: Could not find template
>> 'etc/motd.erb' at /etc/puppet/manifests/classes/motd.pp:6 on node
>> tsta.
>>
>>
>>
>> This is the class to serve the puppet.conf file:
>>
>> class puppet {
>> $puppet_config_dir = "/etc/puppet/"
>> $puppet_conf = "$puppet_config_dir/puppet.conf"
>>
>> user {
>> "puppet":
>> ensure => present;
>> }
>>
>> file {
>> $puppet_config_dir:
>> ensure => directory,
>> owner => root,
>> group => root,
>> mode => 0755;
>>
>> $puppet_conf:
>> owner => root,
>> group => root,
>> mode => 0644,
>> content => template("etc/puppet/puppet.conf.erb");
>> }
>>
>> service {
>> "puppet":
>> ensure => running,
>> enable => true;
>> }
>> }
>>
>>
>>
>> Met vriendelijke groeten,
>> Pieter Baele
>> www.pieterb.be
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To post to this group, send email to puppet-us...@googlegroups.com.
>> To unsubscribe from this group, send email to
>> puppet-users+unsubscr...@googlegroups.com.
>> For more options, visit this group at
>> http://groups.google.com/group/puppet-users?hl=en.
>>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Error 400 : could not find template
Where are your templates?
/etc/puppet/templates
or
/etc/puppet/modules/module-name/templates (I may have a typo in the
path.)
Also, what's the full path to puppet.conf.erb?
On Jun 28, 2010, at 1:04 AM, Pieter Baele wrote:
> Hello,
>
> I did make a stupid fault: not commiting changes to version control :-(
> After the installation of puppet-dashboard, I added a recipe to add
> report = true to puppet config files on clients.
>
> Now all Puppet clients don't update because of an error...
> What can be the various reasons for an '400' error??
> I guess it has something to do with rights.
>
> Jun 28 09:52:36 pm puppetmasterd[22709]: Could not find template
> 'etc/motd.erb' at /etc/puppet/manifests/classes/motd.pp:6 on node
> pm..
> Jun 28 09:52:36 pm puppetd[23432]: Could not retrieve catalog from
> remote server: Error 400 on SERVER: Could not find template
> 'etc/motd.erb' at /etc/puppet/manifests/classes/motd.pp:6 on node
> pm..
>
> Jun 28 09:46:17 tsta puppetd[31413]: Could not retrieve catalog from
> remote server: Error 400 on SERVER: Could not find template
> 'etc/motd.erb' at /etc/puppet/manifests/classes/motd.pp:6 on node
> tsta.
>
>
>
> This is the class to serve the puppet.conf file:
>
> class puppet {
>$puppet_config_dir = "/etc/puppet/"
>$puppet_conf= "$puppet_config_dir/puppet.conf"
>
>user {
>"puppet":
>ensure => present;
>}
>
>file {
>$puppet_config_dir:
>ensure => directory,
>owner => root,
>group => root,
>mode=> 0755;
>
>$puppet_conf:
>owner => root,
>group => root,
>mode=> 0644,
>content => template("etc/puppet/puppet.conf.erb");
>}
>
>service {
>"puppet":
>ensure => running,
>enable => true;
>}
> }
>
>
>
> Met vriendelijke groeten,
> Pieter Baele
> www.pieterb.be
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] change management workflow for puppet configs
Hi Eric, thanks for starting this interesting thread! On 6/25/2010 1:02 AM, Eric Sorenson wrote: - Describe revision control setup subversion server with a branch named 'test' and a branch named 'prod'. all puppetmasters live on the prod branch - $moduledir is a working-copy checkout of svn, and one puppetmaster in each env has a second server running on :8141 that lives on the test branch. prod branch commits should only be 'svn merge's of commits in test but this isn't enforced by technological control. Post-commit hook sends out mail with the diff to everyone on the team. Is there a specific reason you're not using real environments? - What are you doing to improve/change the setup? Pre-commit hook to do syntax checking on files to refuse commits on blatant errors Contemplating a post-commit push to 'svn up' the puppetmasters but not sure if this is really a good idea Guess that depends on the quality of your checkins. Need some auditing between the branches to see what changes are not yet merged or if prod has somehow diverged (non-merge changes on the branch) Maybe one/handful of clients per class of host ought to live pointed at the test server. This would also reduce the danger of automatically svn ups. How are you handling "breaking" changes which shall be done in maintenance windows and/or "rolling upgrades"? Best Regards, David -- dasz.at OG Tel: +43 (0)664 2602670 Web: http://dasz.at Klosterneuburg UID: ATU64260999 FB-Nr.: FN 309285 g FB-Gericht: LG Korneuburg -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] do X if package Y is installed?
On 6/25/2010 12:03 AM, Bill Weiss wrote:
My problem is, in this case, there are machines that need X but not
Y, Y but not X, X and Y, or neither. I can obviously write all of
those cases out separately, but that means duplication of code for
setting up the parts of X and Y that aren't dependant.
Custom facts are probably the best way for me to do this, but I'd
love to hear that there's a simpler way.
If you can decide in your node source (site.pp or external) which
components are needed, this is very easy:
node a { include X }
node b { include Y }
node c { include X,Y }
node d { }
If you **cannot** decide in your node source, you're probably doing
something wrong[1] and need to explain your problem better.
Best Regards, David
[1] I know, converting legacy systems is a pain, but IMHO you're still
better off doing a manual survey and nailing it down instead of trying
to make automatic decisions that'll backfire down the road.
--
dasz.at OG Tel: +43 (0)664 2602670 Web: http://dasz.at
Klosterneuburg UID: ATU64260999
FB-Nr.: FN 309285 g FB-Gericht: LG Korneuburg
--
You received this message because you are subscribed to the Google Groups "Puppet
Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Error 400 : could not find template
Hello,
I did make a stupid fault: not commiting changes to version control :-(
After the installation of puppet-dashboard, I added a recipe to add
report = true to puppet config files on clients.
Now all Puppet clients don't update because of an error...
What can be the various reasons for an '400' error??
I guess it has something to do with rights.
Jun 28 09:52:36 pm puppetmasterd[22709]: Could not find template
'etc/motd.erb' at /etc/puppet/manifests/classes/motd.pp:6 on node
pm..
Jun 28 09:52:36 pm puppetd[23432]: Could not retrieve catalog from
remote server: Error 400 on SERVER: Could not find template
'etc/motd.erb' at /etc/puppet/manifests/classes/motd.pp:6 on node
pm..
Jun 28 09:46:17 tsta puppetd[31413]: Could not retrieve catalog from
remote server: Error 400 on SERVER: Could not find template
'etc/motd.erb' at /etc/puppet/manifests/classes/motd.pp:6 on node
tsta.
This is the class to serve the puppet.conf file:
class puppet {
$puppet_config_dir = "/etc/puppet/"
$puppet_conf= "$puppet_config_dir/puppet.conf"
user {
"puppet":
ensure => present;
}
file {
$puppet_config_dir:
ensure => directory,
owner => root,
group => root,
mode=> 0755;
$puppet_conf:
owner => root,
group => root,
mode=> 0644,
content => template("etc/puppet/puppet.conf.erb");
}
service {
"puppet":
ensure => running,
enable => true;
}
}
Met vriendelijke groeten,
Pieter Baele
www.pieterb.be
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] handling notify/subscribe in defines
Hi all,
Is it possible to handle notify in a define?
as in:
##
define special_file($content) {
file {$name:
content => $content,
ensure => file
}
}
special_file { "/blahfile":
content => "blahblah"
}
package { "blah":
notify => SpecialFile["/blahfile"]
}
##
Now, I want to do something special (for example touch it) in
special_file if it gets notified.
How can I do this?
Thanks,
Mathijs
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
