Re: [Puppet Users] Puppetd fails to run, returns error: undefined method fact_merge
Looks like there's a bug filed : http://projects.puppetlabs.com/issues/3234 On Thu, Oct 14, 2010 at 4:59 PM, Phil Plante unhappyro...@gmail.com wrote: Hello, I have puppet setup on 8 nodes with 1 puppetmaster server. So far 7 of the 8 nodes have performed flawlessly, 1 is currently failing with the following error: err: Could not retrieve catalog from remote server: Error 400 on SERVER: undefined method `fact_merge' for nil:NilClass warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run I have tried to completely remove the package and keys from the node master to no avail. Anyone experienced this before? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] alternate hostnames, keys, and certs
On Oct 14, 2010, at 10:23 PM, Don Jackson wrote:
I'd like to extend my use of puppet to manage my desktop/notebook macs.
As others have noted, the hostname of the mobile machines tends to change
frequently, so basing the node name (in my site.pp) and the corresponding
cert and private key names seems to be an issue.
I seem to recall somewhat talking about this at Puppet Camp last week…..
Generally my signing strategy is always to generate new certs and private
keys on the puppetmaster, and install them on the client machine as part of
the initial install (hopefully automated).
Can I generate a cert based on the macaddress of the new machine?
I tried this, and puppetca --generate made the certs and key without
complaining.
Presumably I can install these on my client machine.
If so, would I then run puppetd with a the --fqdn argument, and give the mac
address there?
And what would the name of this machine be in a node specification in the
manifest?
I put
node '00:1f:5b:f8:23:f8' { }
in my manifest, and it was very unhappy.
Any advice about how I can accomplish what I am trying to do?
Thanks,
Don
If it's not too late, I would:
*) Pick something that can be a valid part of a domain name.
*) Put something at the beginning to help keep things simple.
So instead that name it would be this or similar:
macaddress-00-1f-5b-f8-23-f8
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] how can i determinate from one class if another class applied?
On 10/15/2010 09:40 AM, walexey wrote:
Hello everybody!
How can i determinate from one class if another class applied to the
this node?
You can use the defined() function.
if defined(Class[my_class]) {
...
}
YOU SHOULD NOT DO THAT, though. There are problems, because puppet may
include classes in a different order in each run. See the details in
http://docs.puppetlabs.com/references/stable/function.html#defined
If the class you test for belongs to an earlier stage (in 2.6.0+), this
problem may be sidestepped. I'm not sure if that's how that works, though.
HTH,
Felix
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] how can i determinate from one class if another class applied?
On Fri, Oct 15, 2010 at 12:40:57AM -0700, walexey wrote: Hello everybody! How can i determinate from one class if another class applied to the this node? Use the defined() function. -- Bruce What would Edward Woodward do? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: how can i determinate from one class if another class applied?
What you'll probably want is the tagged() function, not defined(). Someone correct me if I am wrong, but defined() is useful for checking if types or classes exist (are known about) but does not check whether a class is DECLARED - there's a difference. Note the documentation sentence This is useful for checking whether a class is defined and only including it if it is. So if you have a master imports a manifest with a class called foo then: if defined(foo) == true (always) if tagged(foo) == true (only if your node has 'include foo') What Felix says about the defined() function I beleive only applies to checking for specific resources, which depends on the specific parse order (and all you have to do is run 'puppetd --noop --test -- evaltrace' to see the parse order changes ALL the time). On Oct 15, 8:40 am, walexey wale...@gmail.com wrote: Hello everybody! How can i determinate from one class if another class applied to the this node? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Autoloading and nested classes
Hi,
I'm transitioning a large-ish manifest from plain files with lots of
import statements to modules.
I used to heavily rely on a pattern like the following
class feature {
...
class specialized inherits feature {
...
class more_special inherits specialized {
...
}
}
}
So on a central location I can include feature, but certain nodes will
want to include feature::specialized and some even include
feature::specialized::more_special.
For the modules transition, I see fit to prepend all classes with their
module name, so if the module is named m_feature, I'll substitute
include feature with include m_feature::feature, which works.
What won't work are the nested classes (e.g. include
m_feature::feature::specialized).
Is there a way I can maintain this naming scheme when using modules and
autoloading? (I guess dumping everything in init.pp would work, but I'd
prefer not to have to resort to that.)
TIA,
Felix
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] First boot with Puppet
On Thursday 14 Oct 2010 23:49:11 Michal Ludvig wrote: On 10/15/2010 08:36 AM, Arnau Bria wrote: On Thu, 14 Oct 2010 23:47:16 +1300 Michal Ludvig wrote 1) kickstart installs the system, including puppet from our local repo 2) after reboot I have to login and set the hostname and IP kickstart is able to configure your network / hostname. Why don't you use that feature? Because we've got a common kickstart for all installs, not a per-host kickstart. It only installs the very core system and the rest is brought in and configured by puppet. We're moving to cobbler, Looks like cobbler is the prefered method here. I'll give it a try. Thanks for all the responses! You can also use Cobbler for ext-lookups and therefore assign classes and modules to systems from the cobbler web interface. It works really well! :) Matt. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: how can i determinate from one class if another class applied?
On Fri, Oct 15, 2010 at 01:04:29AM -0700, luke.bigum wrote: Someone correct me if I am wrong, but defined() is useful for checking if types or classes exist (are known about) but does not check whether a class is DECLARED - there's a difference. Note the documentation sentence This is useful for checking whether a class is defined and only including it if it is. You're not wrong. That said, I'd actually advice the OP against trying this kind of thing. Generally, I find specific class dependencies are something to avoid. The only place I tolerate them is in role classes, which is where I usually set up any dependencies between modules that are required, and there I don't need to use defined() or tagged() to check them, because I know precisely which classes have been included. Every time you add a dependency to a specific class, you cause problems for the person who finds a need to creat a new class that inherits from it. That person will often be you and kicking yourself is not rewarding. Looking at my manifests and modules, the *only* places I have a dependency on a named class is in my site::role classes and in the samba::packages class where the named classes are internal to the samba module and contain collections of packages (and their dependencies) relevant to specific versions of Samba. -- Bruce Explota!: miles de lemmings no pueden estar equivocados. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] stages examples/advices
Hi all,
I'm really interested in new metaparameter stage.
I've been studying Ryan's example:
http://www.personal.psu.edu/ryc108/blogs/puppetmaster/2010/10/automating-shibboleth-idp-builds-using-stages.html
and I was able to define and use stages in my catalogue.
But now I'd like to improve my knowledge of this parameter and I have
some questions about it:
1.-) Stage vs require Class. May we say that stages are groups of class
requires? So a simple/basic example:
class A {
require class B
}
class B{
require class C
}
Is like defining :
Stage[pre] - Stage[main] - Stage[post]
class { A: stage = pre }
class { B: stage = main }
class { C: stage = post }
2.-) Metaparameter use. In Ryan's example seems that stage is added
to class when defining the node. But may I add stage directly when
defining the class? if yes, how? (I have not been able to find the
correct syntax... :-( ).
Is this correct?
class A {
stage = pre
file { ...
}
service { ...
}
}
3.-) Stage order.
I had an old syntax order definiton which worked fine:
class orden {
-stage { 'repos':
-before = Stage['main'];
-'os':
-require = Stage['repos'];
-'basic':
-require = Stage['os'];
-'gLite':
-require = Stage['basic'];
-'post':
-require = Stage['gLite'];
-}
but when applying new syntax:
Stage[pre] - Stage[main] - Stage[post]
class orden {
Stage['repos'] - Stage['os'] - Stage['main'] - Stage['gLite'] -
Stage['post']
}
puppet complains:
Could not find stage repos specified by Class[Sl5_computing_repos] ...
am I forgetting something in my definiton?
TIA,
Arnau
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] stages examples/advices
On Fri, Oct 15, 2010 at 12:19:36PM +0200, Arnau Bria wrote:
1.-) Stage vs require Class. May we say that stages are groups of class
requires? So a simple/basic example:
class A {
require class B
}
class B{
require class C
}
Is like defining :
Stage[pre] - Stage[main] - Stage[post]
class { A: stage = pre }
class { B: stage = main }
class { C: stage = post }
Is it the same? I haven't investigated stages, but I don't think it
would be. In your first example, Class B will not be evaluated if any
resource in class A fails. Is this true in the second example? I
actually hope not; if it is true, stages have to be used very carefully
indeed.
--
Bruce
What would Edward Woodward do?
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] variable modules per client
On 10/14/2010 05:06 AM, Nigel Kersten wrote:
On Wed, Oct 13, 2010 at 10:56 AM, EAMiller thn...@gmail.com wrote:
Hi all - new to puppet - and have gotten as far as configuring a
staging server with two of our web apps through puppet.
Now we plan to have developer workstations get dev environments
through puppet. We have ~8 developers and ~5 web apps we develop. Not
every developer works on every project.
From my limited experience with puppet I plan to:
1. Ask each developer what their workstation is called, and which
apps they work on
2. Create a stanza in node.pp along the lines of:
node devstation-bob inherits default {
include appB;
include abbE;
}
This is fine for my purposes - but I wonder if there's a better way -
I can't imagine scaling the up too far.
Write a custom fact that reads a simple data source like a text file
that the developers can write to like:
(tested briefly, may have bugs)
webapps_conf = /etc/webapps.conf
if File.readable?(webapps_conf)
f = File.open(webapps_conf, 'r')
f.readlines.each do |line|
webapp = line.chomp
Facter.add(webapp_#{webapp}_enabled) do
setcode do
true
end
end
end
f.close
end
and then you'll have a data source the developers can control that
specifies what apps they work on, and you can do conditional work in
your manifests based upon these values.
if $webapp_bar_enabled == true {
include webapps::bar
}
Hi,
custom facts sure are elegant, but isn't this problem exactly what
extlookup has been conceived for?
This is an actual question I'm asking since i've not yet managed to
properly acquaint myself with the concept.
Regards,
Felix
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] stages examples/advices
On Fri, Oct 15, 2010 at 4:46 PM, Bruce Richardson itsbr...@workshy.orgwrote:
On Fri, Oct 15, 2010 at 12:19:36PM +0200, Arnau Bria wrote:
1.-) Stage vs require Class. May we say that stages are groups of class
requires? So a simple/basic example:
class A {
require class B
}
class B{
require class C
}
Is like defining :
Stage[pre] - Stage[main] - Stage[post]
class { A: stage = pre }
class { B: stage = main }
class { C: stage = post }
Is it the same? I haven't investigated stages, but I don't think it
would be. In your first example, Class B will not be evaluated if any
resource in class A fails. Is this true in the second example? I
actually hope not; if it is true, stages have to be used very carefully
indeed.
--
Bruce
What would Edward Woodward do?
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com
.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Also, apart from what Bruce mentioned, as a simple example, if you want to
update your repositories, say through apt-get update, then using stages is
more easier than figuring out the appropriate class require or include
statements (you can find a solution like this though in the mailing lists,
probably better than using stages, I haven't investigated). So, you can have
a module be executed before the main stage, which just does apt-get update.
Doing something similar through require class statements would be
cumbersome IMO.
My guess is that using both, stages and generic concepts according to the
requirement makes sense.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] templating woes....
Am 15.10.2010 00:42, schrieb Jacob Helwig: % nagios_conf_dirs.each do |dir| -% cfg_dir=%= dir % % end -% I would rather prefer the for notation in templates, since it is easier to read when interspersed with other text: | % for dir in nagios_conf_dirs -% | cfg_dir=%= dir % | % end -% Regards, Christian -- Dipl.-Inf. Christian Kauhaus · k...@gocept.com · systems administration gocept gmbh co. kg · forsterstraße 29 · 06112 halle (saale) · germany http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1 Zope and Plone consulting and development -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: ANNOUNCE: Puppet 2.6.2 released!
Chuck wrote: I have migrated my EL5 servers from 0.25.5 to 2.6.2 and have no issues now. I did have some issues with 2.6.1 which are now fixed. I would like to see 2.6.2 in the official EPEL repository. Thanks for the feedback Chuck! Were any changes to your config or manifests required (aside from changes to silence deprecation warnings)? -- ToddOpenPGP - KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~ Many a person seems to think it isn't enough for the government to guarantee him the pursuit of happiness. He insists it also run interference for him. -- Anonymous pgpGJSpDBVBNZ.pgp Description: PGP signature
Re: [Puppet Users] Re: [Puppet-dev] ANNOUNCE: Puppet 2.6.2 released!
Ben wrote: I did a server and all client upgrade to your 2.6.1 package from your 0.25.5 package without any problems w/ your packaging. Install, init scripts, etc all work fine. And now the upgrade to 2.6.2 looks good after 5 whole minutes. Server: CentOS 5.5 Clients: CentOS 5.x, RHEL 5.x, Fedora 8 and 13. My only issues were some syntax in my manifests that 2.6.1 didn't like, but 0.25.5 silently ignored and a significant increase in compile times. Thanks Ben! Were the changes to your manifests required to get puppet to run at all or just do silence new or deprecation warnings? -- ToddOpenPGP - KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~ Excess on occasion is exhilarating. It prevents moderation from acquiring the deadening effect of a habit. -- W. Somerset Maugham pgpckXAR9YnRP.pgp Description: PGP signature
[Puppet Users] Re: how can i determinate from one class if another class applied?
I have following problem:
defined class ldap-client, which install and configure ldap on _all_
nodes. there is file[/etc/nsswitch.conf]. it add 'ldap' to
nsswitch.conf
defined class winbind, which install and configure winbind on _some_
nodes. and it need also to change nsswitch.conf, adding 'winbind'
there.
i can't imaging something better than add
if tagged(winbind) {
$winbind = 'winbind'
} else {
$winbind = ''
}
in ldap-client class
and add
passwd: files %= winbind % ldap
to nsswithch.conf template.
can you show me the right way?
btw, my solution don't work. tagged(winbind) in ldap-client return
always false, but winbind class runs ok.
On 15 окт, 13:40, Bruce Richardson itsbr...@workshy.org wrote:
On Fri, Oct 15, 2010 at 01:04:29AM -0700, luke.bigum wrote:
Someone correct me if I am wrong, but defined() is useful for checking
if types or classes exist (are known about) but does not check
whether a class is DECLARED - there's a difference. Note the
documentation sentence This is useful for checking whether a class is
defined and only including it if it is.
You're not wrong. That said, I'd actually advice the OP against trying
this kind of thing. Generally, I find specific class dependencies are
something to avoid. The only place I tolerate them is in role
classes, which is where I usually set up any dependencies between
modules that are required, and there I don't need to use defined() or
tagged() to check them, because I know precisely which classes have been
included.
Every time you add a dependency to a specific class, you cause problems
for the person who finds a need to creat a new class that inherits from
it. That person will often be you and kicking yourself is not
rewarding. Looking at my manifests and modules, the *only* places I
have a dependency on a named class is in my site::role classes and in
the samba::packages class where the named classes are internal to the
samba module and contain collections of packages (and their
dependencies) relevant to specific versions of Samba.
--
Bruce
Explota!: miles de lemmings no pueden estar equivocados.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: ANNOUNCE: Puppet 2.6.3 - Release Candidate 1 available!
James Turnbull wrote: All too quickly we're back with a maintenance release: 2.6.3. This release addresses some issues in the 2.6.2 release. For those using Fedora or RHEL/CentOS, I've updated the yum repos at: http://tmz.fedorapeople.org/repo/puppet/ Packages for EL 4 - 6 and Fedora 12 - 14 are available for testing. Add the puppet.repo file from either the epel or fedora directories to /etc/yum.repos.d to enable. If you find problems with the packaging, please let me know. If you find other bugs, please file them in redmine: http://projects.puppetlabs.com/projects/puppet/issues I'm particularly interested in anyone updating from 0.25.x to 2.6.x and whether you run into regressions or other issues that would make this an unsuitable update to push into the stable Fedora and EPEL repositories. -- ToddOpenPGP - KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~ I personally think we developed language because of our deep need to complain. -- Lily Tomlin pgpoDnWnNLVlv.pgp Description: PGP signature
Re: [Puppet Users] First boot with Puppet
Steven VanDevender wrote: I'm not our local Cobbler/Kickstart expert, but the guy who created our Cobbler installation even figured out how to script a new host's initial registration with the puppetmaster (I believe the key idea is that there is a command-locked ssh identity key that allows the host to get in to the puppetmaster and issue the right puppetca command). I'd have to do some digging to look up the specifics. I handle this in my environment by generate the new host key on the puppetmaster and packaging that into an rpm, which gets installed in the kickstart along with puppet. That way an initial puppet run can happen during install. Doesn't exactly scale, unless you automate the key generation though, like you mentioned doing. -- ToddOpenPGP - KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~ There are severe limits to the good that the government can do for the economy, but there are almost no limits to the harm it can do. -- Milton Friedman. Nobel laureate pgpjSQTb3suHT.pgp Description: PGP signature
Re: [Puppet Users] Re: how can i determinate from one class if another class applied?
On Fri, Oct 15, 2010 at 07:06:52AM -0700, walexey wrote:
i can't imaging something better than add
if tagged(winbind) {
$winbind = 'winbind'
} else {
$winbind = ''
}
in ldap-client class
and add
passwd: files %= winbind % ldap
to nsswithch.conf template.
can you show me the right way?
There is more than one way to do this.
A simple way would be to use a variable to indicate whether you want
winbind integration. Then anything that needs to know whether winbind
is active can just check the variable - including the piece of code
where you decide whether nor not to include the winbind class/module.
The canonical Puppet way of dealing with it is to write a custom
resource to manage nsswitch.conf. How good are your ruby skills?
I have found a way to abuse virtual define-based resources so that you
can effectively write your own custom resources in the Puppet DSL,
rather than using Ruby, which I consider to be overkill for a case as
simple as this. I will write it up when I have a moment, this weekend.
Meanwhile, if you aren't great at Ruby, I suggest the simple method I
described first.
node host.on.which.I.want.winbind.active {
$winbind_integration = true
include site::role::server
}
class site::role::server {
if $winbind_integration {
include samba::winbind
}
}
nsswitch.conf.erb
passwd: files % if winbind_integration == true %winbind% end % ldap
nsswitch.conf.erb
It's not the most elegant solution (not the last bit, anyway) but it
works and if you can't trust yourself to set the right variables in the
correct hosts, who can you trust?
--
Bruce
Bitterly it mathinketh me, that I spent mine wholle lyf in the lists
against the ignorant. -- Roger Bacon, Doctor Mirabilis
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] variable modules per client
On Fri, Oct 15, 2010 at 5:05 AM, Felix Frank
felix.fr...@alumni.tu-berlin.de wrote:
On 10/14/2010 05:06 AM, Nigel Kersten wrote:
On Wed, Oct 13, 2010 at 10:56 AM, EAMiller thn...@gmail.com wrote:
Hi all - new to puppet - and have gotten as far as configuring a
staging server with two of our web apps through puppet.
Now we plan to have developer workstations get dev environments
through puppet. We have ~8 developers and ~5 web apps we develop. Not
every developer works on every project.
From my limited experience with puppet I plan to:
1. Ask each developer what their workstation is called, and which
apps they work on
2. Create a stanza in node.pp along the lines of:
node devstation-bob inherits default {
include appB;
include abbE;
}
This is fine for my purposes - but I wonder if there's a better way -
I can't imagine scaling the up too far.
Write a custom fact that reads a simple data source like a text file
that the developers can write to like:
(tested briefly, may have bugs)
webapps_conf = /etc/webapps.conf
if File.readable?(webapps_conf)
f = File.open(webapps_conf, 'r')
f.readlines.each do |line|
webapp = line.chomp
Facter.add(webapp_#{webapp}_enabled) do
setcode do
true
end
end
end
f.close
end
and then you'll have a data source the developers can control that
specifies what apps they work on, and you can do conditional work in
your manifests based upon these values.
if $webapp_bar_enabled == true {
include webapps::bar
}
Hi,
custom facts sure are elegant, but isn't this problem exactly what
extlookup has been conceived for?
This is an actual question I'm asking since i've not yet managed to
properly acquaint myself with the concept.
Not necessarily. This is about providing local controls so machine
owners can manipulate behavior, rather than a central authoritative
store.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] puppet-lvm and volume group issues
Trying to setup a volume group with puppet lvm and this:-
volume_group { my_vg:
ensure = present,
physical_volumes = /dev/sdb /dev/sdc /dev/sdd,
require = [ Physical_volume[/dev/sdb],
Physical_volume[/dev/sdc],
Physical_volume[/dev/sdd]
]
}
Fails with this in the debug output:-
debug: volume_group provider lvm: Executing '/usr/sbin/vgcreate my_vg /
dev/sdb /dev/sdc /dev/sdd'
/usr/lib/ruby/site_ruby/1.8/puppet/provider.rb:133:in `vgcreate'
/usr/lib/ruby/site_ruby/1.8/puppet/provider.rb:140:in `vgcreate'
err: //myvg::setup/myvg::disks/Volume_group[my_vg]/ensure: change from
absent to present failed: Execution of '/usr/sbin/vgcreate my_vg /dev/
sdb /dev/sdc /dev/sdd' returned 1280: File descriptor 8 (/tmp/puppet.
15759.0) leaked on vgcreate invocation. Parent PID 15759: /usr/bin/
ruby
If I do it with a single physical volume it's fine, and if I run the
command from the command line it's fine also.
Any ideas ?
Thanks
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Autoloading and nested classes
Hi,
If you nest classes like that then you probably do have to dump
everything in init.pp
If however you split the classes and define each in a separate file
with the name class.pp in the manifests directory of the module, you
will be able to include m_feature::specialized.
No problem with the inheritance - I do pretty much the same thing.
Bill
On Oct 15, 10:05 am, Felix Frank felix.fr...@alumni.tu-berlin.de
wrote:
Hi,
I'm transitioning a large-ish manifest from plain files with lots of
import statements to modules.
I used to heavily rely on a pattern like the following
class feature {
...
class specialized inherits feature {
...
class more_special inherits specialized {
...
}
}
}
So on a central location I can include feature, but certain nodes will
want to include feature::specialized and some even include
feature::specialized::more_special.
For the modules transition, I see fit to prepend all classes with their
module name, so if the module is named m_feature, I'll substitute
include feature with include m_feature::feature, which works.
What won't work are the nested classes (e.g. include
m_feature::feature::specialized).
Is there a way I can maintain this naming scheme when using modules and
autoloading? (I guess dumping everything in init.pp would work, but I'd
prefer not to have to resort to that.)
TIA,
Felix
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: [Puppet-dev] ANNOUNCE: Puppet 2.6.2 released!
On Oct 15, 2010, at 7:05 AM, Todd Zullinger wrote: Ben wrote: I did a server and all client upgrade to your 2.6.1 package from your 0.25.5 package without any problems w/ your packaging. Install, init scripts, etc all work fine. And now the upgrade to 2.6.2 looks good after 5 whole minutes. Server: CentOS 5.5 Clients: CentOS 5.x, RHEL 5.x, Fedora 8 and 13. My only issues were some syntax in my manifests that 2.6.1 didn't like, but 0.25.5 silently ignored and a significant increase in compile times. Thanks Ben! Were the changes to your manifests required to get puppet to run at all or just do silence new or deprecation warnings? I heard something in IRC that made me think that /etc/puppet/namespaceauth.conf doesn't deprecate gracefully. I've never gotten around to testing it though. Specifically, in puppet.conf, you can still use the old section names, but I had heard that the old setion names don't work in namespaceauth.conf. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] alternate hostnames, keys, and certs
On Thu, Oct 14, 2010 at 10:23 PM, Don Jackson
puppet-us...@clark-communications.com wrote:
I'd like to extend my use of puppet to manage my desktop/notebook macs.
As others have noted, the hostname of the mobile machines tends to change
frequently, so basing the node name (in my site.pp) and the corresponding
cert and private key names seems to be an issue.
I seem to recall somewhat talking about this at Puppet Camp last week…..
Generally my signing strategy is always to generate new certs and private
keys on the puppetmaster, and install them on the client machine as part of
the initial install (hopefully automated).
Can I generate a cert based on the macaddress of the new machine?
You're better off using UUIDs in my opinion.
man uuidgen
I tried this, and puppetca --generate made the certs and key without
complaining.
Presumably I can install these on my client machine.
If so, would I then run puppetd with a the --fqdn argument, and give the mac
address there?
no, you want to use 'certname', not fqdn.
And what would the name of this machine be in a node specification in the
manifest?
I put
node '00:1f:5b:f8:23:f8' { }
in my manifest, and it was very unhappy.
Any advice about how I can accomplish what I am trying to do?
Thanks,
Don
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
nigel
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] alternate hostnames, keys, and certs
On Fri, Oct 15, 2010 at 11:57 AM, Nigel Kersten nig...@google.com wrote:
On Thu, Oct 14, 2010 at 10:23 PM, Don Jackson
puppet-us...@clark-communications.com wrote:
I'd like to extend my use of puppet to manage my desktop/notebook macs.
As others have noted, the hostname of the mobile machines tends to change
frequently, so basing the node name (in my site.pp) and the corresponding
cert and private key names seems to be an issue.
I seem to recall somewhat talking about this at Puppet Camp last week…..
Generally my signing strategy is always to generate new certs and private
keys on the puppetmaster, and install them on the client machine as part of
the initial install (hopefully automated).
Can I generate a cert based on the macaddress of the new machine?
You're better off using UUIDs in my opinion.
man uuidgen
I should have also mentioned that for Mac clients, there's a system
hardware UUID that persists across reinstalls, and that may be useful.
system_profiler SPHardwareDataType
or
facter sp_platform_uuid
This is the same UUID used to composite ByHost preferences on OS X,
and any recent vintage Mac should have it.
I tried this, and puppetca --generate made the certs and key without
complaining.
Presumably I can install these on my client machine.
If so, would I then run puppetd with a the --fqdn argument, and give the mac
address there?
no, you want to use 'certname', not fqdn.
And what would the name of this machine be in a node specification in the
manifest?
I put
node '00:1f:5b:f8:23:f8' { }
in my manifest, and it was very unhappy.
Any advice about how I can accomplish what I am trying to do?
Thanks,
Don
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
nigel
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Dashboard and passenger under /dashboard path
I'm currently running a dashboard as a separate process and have a proxy in apache with authentication to access as http://puppet.ourhost.com/dashboard/ I have to start the dashboard with -P /dashboard option to make it work. I'm wondering how to achieve this with passenger. The config I found in ext/passanger seems to run the dashboard under the root of the virtual host. -- Radek -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Professional Services Engineers at Puppet Labs
Hi all Puppet Labs is expanding again and we're hiring Professional Services staff. We're looking for two senior Professional Services Engineers with Puppet and configuration management experience highly desirable. You can read about the roles at: http://puppetlabs.jobscore.com/jobs/puppetlabs/professional-services-engineer/cFchPSZeyr35ZSeJe4bk1X Feel free to email or call in any questions to me directly! Regards James Turnbull -- Puppet Labs - http://www.puppetlabs.com C: 503-734-8571 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: ANNOUNCE: Puppet 2.6.2 released!
No changes were needed in my configurations. Other than the expected deprecation warnings. On Oct 15, 9:02 am, Todd Zullinger t...@pobox.com wrote: Chuck wrote: I have migrated my EL5 servers from 0.25.5 to 2.6.2 and have no issues now. I did have some issues with 2.6.1 which are now fixed. I would like to see 2.6.2 in the official EPEL repository. Thanks for the feedback Chuck! Were any changes to your config or manifests required (aside from changes to silence deprecation warnings)? -- Todd OpenPGP - KeyID: 0xBEAF0CE3 | URL:www.pobox.com/~tmz/pgp ~~ Many a person seems to think it isn't enough for the government to guarantee him the pursuit of happiness. He insists it also run interference for him. -- Anonymous application_pgp-signature_part 1KViewDownload -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
