[Puppet Users] Re: puppet +with build support
hi donavan , thanks a lot... i am able to use environment option for build support .. Thanks Sanjiv singh Impetus Infotech (India) On Nov 16, 4:54 am, donavan dona...@desinc.net wrote: On Nov 15, 11:11 am, sanjiv.singh sanjiv.si...@impetus.co.in wrote: 1) Is there any machnism in which we can select puppet modules according to build number..? Look at the support for modulepath with multiple environments[1]. You can set the environment value to any string. So you can use revision numbers or tags [1002, 1003, X, Y] instead of [production, testing, development] for $environment. This way clients can be tied to a 'tag' of modules, while defaulting to 'main' path for unknown or unset environments. 2) Is there any machnism in which we can make puppet modules/ classes argumented , so that it work according to build number ? Parameterized classes[2] may work for you, depending on what you need. You could set the $build_version from a customer Facter fact or from External Node Classifier[3] or LDAP Nodes. 3) Have puppet inbuild support for versioning ? Basically it relies on your puppet master manifest module content to come from the VCS of your choice. For example /etc/puppet/modules would be an work directory of svn://puppet/branches/production/puppet/modules/. You can also track the catalog version based on the output of a script[4]. So you could provide a version based on `svn info /etc/ puppet/`, for example. Be careful that config_version is built on tracking changes to manifest files. It may miss changes in Resources collected from storeconfigs, File resources, template content, etc. specificaly , i am going through critical time, where i need to configure one node with build number X for one development team ... and need to configure second node with build number Y for second testing team. I think this sounds like setting $environment on a per host basis using External Nodes. [1]http://projects.puppetlabs.com/projects/1/wiki/Using_Multiple_Environ... [2]http://docs.puppetlabs.com/guides/language_tutorial.html#parameterise... [3]http://docs.puppetlabs.com/guides/external_nodes.html [4]http://docs.puppetlabs.com/references/latest/configuration.html#confi... -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: puppet +with build support
hi donavan , thanks a lot... i am able to use environment option for build support .. Thanks Sanjiv singh Impetus Infotech (India) On Nov 16, 4:54 am, donavan dona...@desinc.net wrote: On Nov 15, 11:11 am, sanjiv.singh sanjiv.si...@impetus.co.in wrote: 1) Is there any machnism in which we can select puppet modules according to build number..? Look at the support for modulepath with multiple environments[1]. You can set the environment value to any string. So you can use revision numbers or tags [1002, 1003, X, Y] instead of [production, testing, development] for $environment. This way clients can be tied to a 'tag' of modules, while defaulting to 'main' path for unknown or unset environments. 2) Is there any machnism in which we can make puppet modules/ classes argumented , so that it work according to build number ? Parameterized classes[2] may work for you, depending on what you need. You could set the $build_version from a customer Facter fact or from External Node Classifier[3] or LDAP Nodes. 3) Have puppet inbuild support for versioning ? Basically it relies on your puppet master manifest module content to come from the VCS of your choice. For example /etc/puppet/modules would be an work directory of svn://puppet/branches/production/puppet/modules/. You can also track the catalog version based on the output of a script[4]. So you could provide a version based on `svn info /etc/ puppet/`, for example. Be careful that config_version is built on tracking changes to manifest files. It may miss changes in Resources collected from storeconfigs, File resources, template content, etc. specificaly , i am going through critical time, where i need to configure one node with build number X for one development team ... and need to configure second node with build number Y for second testing team. I think this sounds like setting $environment on a per host basis using External Nodes. [1]http://projects.puppetlabs.com/projects/1/wiki/Using_Multiple_Environ... [2]http://docs.puppetlabs.com/guides/language_tutorial.html#parameterise... [3]http://docs.puppetlabs.com/guides/external_nodes.html [4]http://docs.puppetlabs.com/references/latest/configuration.html#confi... -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: puppetrun + notice: Denying unauthenticated .... access to puppetrunner.run
hi Ohad, a lot googling is done and gone through various blogs and documentation.. and made what ever changes U suggested . but still problem not resolved. plz help me to resolve this problem. On Nov 12, 12:17 pm, sanjiv.singh sanjiv.si...@impetus.co.in wrote: hi Ohad, thanks for reply i m using puppet version 0.25.X on both side (client master)... and edited and added following file /etc/puppet/auth.conf on client ... path /run method save allow * , but still problem is not resolved. On Nov 11, 8:23 pm, Ohad Levy ohadl...@gmail.com wrote: if you are using puppet 2.6.x you need to adjust your auth.conf too seehttp://theforeman.org/projects/foreman/wiki/puppetrunforan example Ohad On Thu, Nov 11, 2010 at 5:04 PM, sanjiv.singh sanjiv.si...@impetus.co.inwrote: hi all, i am in trouble with running puppetrun... i m able to run puppetd ... which successfully get configuration from master and made changes on client side and following are senario i m using to run puppetrun there is no issue on port i had opened ports . 8140 : on master 8139 : on client and added following file /etc/puppet/namespaceauth.conf on client.. [puppetrunner] allow * on master : === $ puppetrun --all --debug Triggering dmb-1289455541.puppet.com warning: peer certificate won't be verified in this SSL session Host dmb-1289455541.puppet.com failed: HTTP-Error: 500 Internal Server Error dmb-1289455541.puppet.com finished with exit code 2 on client : === $ puppetd --verbose --no-daemonize --listen --debug .. . . notice: Finished catalog run in 19.93 seconds debug: Using cached certificate for ca debug: Using cached certificate for dmb-1289455541.puppet.com debug: Using cached certificate for ca debug: Using cached certificate_revocation_list for ca notice: Denying unauthenticated client 184-106-208-159.static.cloud- ips.com(184.106.208.159) access to puppetrunner.run a lot googling is done and gone through various blogs and documentation.., i had logined as root on both side (master and client) question : 1) Can any budy tell me what is exactly d problem ? 2) or Is there any extra configuration required with puppetrun? 3) How is puppetmaster is authentication on puppetclient ? U r all pleased to solve this problem. any help wll be appreciated . Thanks Regards : Sanjiv Singh (iLabs ) Impetus Infotech (India) . -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.-Hide quoted text - - Show quoted text - -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: puppetrun + notice: Denying unauthenticated .... access to puppetrunner.run
hi Ohad , here are my namespaceauth.conf configurarion on master : /etc/puppet/namespaceauth.conf [fileserver] allow * [puppetmaster] allow * [puppetrunner] allow * on client : /etc/puppet/namespaceauth.conf [puppetrunner] allow * On Nov 16, 5:15 pm, Ohad Levy ohadl...@gmail.com wrote: Can you paste your namespace config file? try to make sure that your allow line matches to another host fqdn (the one you want to push from). Ohad On Tue, Nov 16, 2010 at 1:20 PM, sanjiv.singh sanjiv.si...@impetus.co.inwrote: hi Ohad, a lot googling is done and gone through various blogs and documentation.. and made what ever changes U suggested . but still problem not resolved. plz help me to resolve this problem. On Nov 12, 12:17 pm, sanjiv.singh sanjiv.si...@impetus.co.in wrote: hi Ohad, thanks for reply i m using puppet version 0.25.X on both side (client master)... and edited and added following file /etc/puppet/auth.conf on client ... path /run method save allow * , but still problem is not resolved. On Nov 11, 8:23 pm, Ohad Levy ohadl...@gmail.com wrote: if you are using puppet 2.6.x you need to adjust your auth.conf too seehttp://theforeman.org/projects/foreman/wiki/puppetrunforanexample Ohad On Thu, Nov 11, 2010 at 5:04 PM, sanjiv.singh sanjiv.si...@impetus.co.inwrote: hi all, i am in trouble with running puppetrun... i m able to run puppetd ... which successfully get configuration from master and made changes on client side and following are senario i m using to run puppetrun there is no issue on port i had opened ports . 8140 : on master 8139 : on client and added following file /etc/puppet/namespaceauth.conf on client.. [puppetrunner] allow * on master : === $ puppetrun --all --debug Triggering dmb-1289455541.puppet.com warning: peer certificate won't be verified in this SSL session Host dmb-1289455541.puppet.com failed: HTTP-Error: 500 Internal Server Error dmb-1289455541.puppet.com finished with exit code 2 on client : === $ puppetd --verbose --no-daemonize --listen --debug .. . . notice: Finished catalog run in 19.93 seconds debug: Using cached certificate for ca debug: Using cached certificate for dmb-1289455541.puppet.com debug: Using cached certificate for ca debug: Using cached certificate_revocation_list for ca notice: Denying unauthenticated client 184-106-208-159.static.cloud- ips.com(184.106.208.159) access to puppetrunner.run a lot googling is done and gone through various blogs and documentation.., i had logined as root on both side (master and client) question : 1) Can any budy tell me what is exactly d problem ? 2) or Is there any extra configuration required with puppetrun? 3) How is puppetmaster is authentication on puppetclient ? U r all pleased to solve this problem. any help wll be appreciated . Thanks Regards : Sanjiv Singh (iLabs ) Impetus Infotech (India) . -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com puppet-users%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.-Hidequoted text - - Show quoted text - -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: puppetrun + notice: Denying unauthenticated .... access to puppetrunner.run
On Tue, Nov 16, 2010 at 2:31 PM, sanjiv.singh sanjiv.si...@impetus.co.inwrote: hi Ohad , here are my namespaceauth.conf configurarion on master : /etc/puppet/namespaceauth.conf [fileserver] allow * [puppetmaster] allow * [puppetrunner] allow * on client : /etc/puppet/namespaceauth.conf [puppetrunner] allow * try changing this to the fqdn of your master (or wherever you run puppetrun from). Ohad On Nov 16, 5:15 pm, Ohad Levy ohadl...@gmail.com wrote: Can you paste your namespace config file? try to make sure that your allow line matches to another host fqdn (the one you want to push from). Ohad On Tue, Nov 16, 2010 at 1:20 PM, sanjiv.singh sanjiv.si...@impetus.co.inwrote: hi Ohad, a lot googling is done and gone through various blogs and documentation.. and made what ever changes U suggested . but still problem not resolved. plz help me to resolve this problem. On Nov 12, 12:17 pm, sanjiv.singh sanjiv.si...@impetus.co.in wrote: hi Ohad, thanks for reply i m using puppet version 0.25.X on both side (client master)... and edited and added following file /etc/puppet/auth.conf on client ... path /run method save allow * , but still problem is not resolved. On Nov 11, 8:23 pm, Ohad Levy ohadl...@gmail.com wrote: if you are using puppet 2.6.x you need to adjust your auth.conf too seehttp:// theforeman.org/projects/foreman/wiki/puppetrunforanexample Ohad On Thu, Nov 11, 2010 at 5:04 PM, sanjiv.singh sanjiv.si...@impetus.co.inwrote: hi all, i am in trouble with running puppetrun... i m able to run puppetd ... which successfully get configuration from master and made changes on client side and following are senario i m using to run puppetrun there is no issue on port i had opened ports . 8140 : on master 8139 : on client and added following file /etc/puppet/namespaceauth.conf on client.. [puppetrunner] allow * on master : === $ puppetrun --all --debug Triggering dmb-1289455541.puppet.com warning: peer certificate won't be verified in this SSL session Host dmb-1289455541.puppet.com failed: HTTP-Error: 500 Internal Server Error dmb-1289455541.puppet.com finished with exit code 2 on client : === $ puppetd --verbose --no-daemonize --listen --debug .. . . notice: Finished catalog run in 19.93 seconds debug: Using cached certificate for ca debug: Using cached certificate for dmb-1289455541.puppet.com debug: Using cached certificate for ca debug: Using cached certificate_revocation_list for ca notice: Denying unauthenticated client 184-106-208-159.static.cloud- ips.com(184.106.208.159) access to puppetrunner.run a lot googling is done and gone through various blogs and documentation.., i had logined as root on both side (master and client) question : 1) Can any budy tell me what is exactly d problem ? 2) or Is there any extra configuration required with puppetrun? 3) How is puppetmaster is authentication on puppetclient ? U r all pleased to solve this problem. any help wll be appreciated . Thanks Regards : Sanjiv Singh (iLabs ) Impetus Infotech (India) . -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com puppet-users%2bunsubscr...@googlegroups.compuppet-users%252bunsubscr...@googlegroups.com puppet-users%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.-Hidequotedtext - - Show quoted text - -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com puppet-users%2bunsubscr...@googlegroups.compuppet-users%252bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to
[Puppet Users] Re: managing normal users with Puppet
On Nov 15, 8:41 am, Christian berwangerchrist...@googlemail.com wrote: encrypted config:type=booleantrue/encrypted Unfortuniatially i can't find such a flag as a parameter for the puppet 'user' resource. A wider audience will be available to help if you explain what that setting actually means. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Emulating Debians tasksel
On Tue, Nov 16, 2010 at 2:39 AM, tecneeq tecn...@googlemail.com wrote: On 13 Nov., 18:14, Nigel Kersten ni...@puppetlabs.com wrote: I guess tasksel tasks have to be installed with exec then. I was under the impression tasksel was largely being deprecated in favor of meta-packages. What Debian are you on? I never heard something like that. Do you have a source? Once I actually looked it up, I don't have a good reason for thinking that. The Debian wiki doesn't say anything along those lines, but the Ubuntu site says: https://help.ubuntu.com/community/Tasksel This function is similar to that of meta-packages, and, in fact, most of the tasks available from tasksel are also available as meta-packages from the Ubuntu package managers (such as Synaptic Package Manager or KPackageKit). which is possibly where I got the impression from. I'm not sure we can easily shoe-horn tasks into the existing apt provider, unless we looked at tasks if a given package isn't found (are there any namespace collisions between tasks and packages?), but I reckon it's feasible to write a package provider that only used tasks. There aren't any namespace conflicts. Is this by design? Can we rely upon there never being any namespace conflicts here? Would you find it acceptable to have to specify a tasksel provider when doing what you're trying to do? e.g. package { gnome-desktop: provider = tasksel, ensure = installed, } I would find that solution very acceptable indeed :). Any chance a change like that would make it into Debian squeeze before release? Probably not, although because this is a new provider (that none of us have actually written yet :) ), you could easily distribute it with pluginsync to your clients. -- Nigel Kersten - Puppet Labs - http://www.puppetlabs.com -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Same Service in Different Classes
On Mon, Nov 15, 2010 at 10:00 PM, Eric Sorenson eric.soren...@me.com wrote: On Nov 15, 2010, at 9:53 PM, Daniel Pittman wrote: Otherwise, we use code review before committing to the central repository to help reduce the risk of issues - now *two* operations people need to be ignorant of class C for the issue to pop up. Hi Daniel - it's a bit off-topic from the original question but would you mind explaining how your code review works in more detail? I'm curious about both the technology and people process involved. To me, supporting many authors is one of the most difficult problems scaling puppet. It's really hard to strike a balance between, on one hand, safeguarding the stability of production puppet config and, on the other hand, enabling people to get work done without a big, slow, complicated process. After spending a couple of years working on this in my last job, I came to the conclusion that you need a rich library of pre-commit hooks to stop code review being slow and manual. If you automate away all the minor niggles like whether a manifest actually parses or not, people get to actually review code at an interesting level, which means they'll do it faster, and they have less to check for. We set up some tooling that also made checking commits easier, where you could launch ad hoc puppetmasters out of your VCS repository and set them to serve code other people had sent out for review. This made a big difference. It meant that if someone sent out a commit that was meant to achieve certain functionality, other people on the team could actually test that it did what it was meant to do. As Daniel said, once you've set things up so that all code changes can be traced back to a reviewer and an author, a lot of problems will simply go away, as people will do the right thing. You only need to get named and shamed in a couple of service outage postmortems for behavior to change :) - Eric Sorenson - N37 17.255 W121 55.738 - http://twitter.com/ahpook - -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Nigel Kersten - Puppet Labs - http://www.puppetlabs.com -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] facter (ruby) question
Hi all, I have a small facter script which gives me the outcome of a subnet: Facter.add(lokatie) do setcode do %x{facter ipaddress | awk -F. '{print $2}'}.chomp end end This script gives me either 84 or 85 as result. What I really want is to label 84 as 'AAA' and 85 as 'BBB' (so facter gives either AAA or BBB as a result), but I can't seem to make it work :-( Can anyone push me in the right direction? Regards, Dennis -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Controlling Package Version
Hi Folks, I am fairly new to using Puppet, but am trying to use it to control production servers running: - CentOS 5.5 - Puppet 2.6.3 - Yum 3.2.22 We would like to specify that certain versions of packages be loaded on a system. Our requirement is to have fixed versions of all critical packages upon which our applications depend. We do not want any surprises due to unplanned updates to the latest and greatest release of a critical software dependency. We are using manifests with a package resource like: package { mysql: ensure = 5.0.77-4.el5_5.3, } The problem we run into is that when one server is loaded the manifest and puppet works like a charm. If some time passes and a later version of a package is available in the yum repository and we attempt to load another server using the same puppet catalog; then puppet will complain that it is unable to load the specified version in the manifest, because it found a later version via yum (e.g. mysql-5.0.77-4.el5_5.4). The error message is shown below: err: /Stage[base]/Centos-server-pack/Package[mysql]/ensure: change from 5.0.77-4.el5_5.4 to 5.0.77-4.el5_5.3 failed: Could not update: Failed to update to version 5.0.77-4.el5_5.3, got version 5.0.77-4.el5_5.4 instead at /etc/puppet/modules/centos-base-pkg/ manifests/init.pp:288 Has anyone else run into this problem or have an suggestions? Thanks in advance for your advice. Andy -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Using custom facts in Puppet
hello, I am trying to add a custum fact to my puppet module. I wrote and tested the facter script and it functions as I want it to. I am following the instructions to synchronise the facts/plugins as written in Adding_Facts and plugins_in_modules from the documentation, as in: put factscript in /etc/puppet/modules/module/lib/facter add these lines to puppet.conf: [main] pluginsync = true factpath = $vardir/lib/facter when I do a puppetd run on my client, where I want to use the module with my homemade fact, I see the sync taking place, but that is all I see happening. The facts i want to use in the module stay empty, undefined actually. sidenote: if in my current directory there exists a directory facter, where my factscript has been added, then, when starting puppetd -t from there, the facts are added, which would mean, that the factscript works. It just seems, that Puppet doesn't use the directory to where the script has been synced, despite the entry in puppet.conf Right now i am at a loss, since i cannot see what I'm doing wrong Does anyone have any experience with this? thanx in advance. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Controlling Package Version
Hi Andy, That looks like the mysql RPM with version 5.0.77-4.el5_5.3 no longer exists in your Yum repository and it's been replaced by 5.0.77-4.el5_5.4. If you want fine grained control of your RPMs with Puppet you'll also need to manage your own Yum repo and make sure you control what goes in, but more importantly what gets removed. Are you removing old files from your repo or are you using someone elses Yum mirror? If I look in my own local copy of a CentOS 5.5 mirror I see both versions: centos55/updates/x86_64/RPMS/mysql-5.0.77-4.el5_5.3.x86_64.rpm centos55/updates/x86_64/RPMS/mysql-5.0.77-4.el5_5.4.i386.rpm centos55/updates/x86_64/RPMS/mysql-5.0.77-4.el5_5.3.i386.rpm centos55/updates/x86_64/RPMS/mysql-5.0.77-4.el5_5.4.x86_64.rpm On Nov 16, 4:46 am, Andy andy@gmail.com wrote: Hi Folks, I am fairly new to using Puppet, but am trying to use it to control production servers running: - CentOS 5.5 - Puppet 2.6.3 - Yum 3.2.22 We would like to specify that certain versions of packages be loaded on a system. Our requirement is to have fixed versions of all critical packages upon which our applications depend. We do not want any surprises due to unplanned updates to the latest and greatest release of a critical software dependency. We are using manifests with a package resource like: package { mysql: ensure = 5.0.77-4.el5_5.3, } The problem we run into is that when one server is loaded the manifest and puppet works like a charm. If some time passes and a later version of a package is available in the yum repository and we attempt to load another server using the same puppet catalog; then puppet will complain that it is unable to load the specified version in the manifest, because it found a later version via yum (e.g. mysql-5.0.77-4.el5_5.4). The error message is shown below: err: /Stage[base]/Centos-server-pack/Package[mysql]/ensure: change from 5.0.77-4.el5_5.4 to 5.0.77-4.el5_5.3 failed: Could not update: Failed to update to version 5.0.77-4.el5_5.3, got version 5.0.77-4.el5_5.4 instead at /etc/puppet/modules/centos-base-pkg/ manifests/init.pp:288 Has anyone else run into this problem or have an suggestions? Thanks in advance for your advice. Andy -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Failed to generate additional resources using 'eval_generate': wrong header line format
I verified that the gem wasn't corrupted and I've narrowed the problem down to the following REST operation: GET /production/file_metadatas/plugins?ignore=---+%0A++-+.svn%0A++- +CVS%0A++-+.gitrecurse=truelinks=managechecksum_type=md5 when it runs, I get: expected next name, value pair in object at '} '!closed any ideas? On Nov 12, 12:48 pm, Steve Neuharth steve.neuha...@gmail.com wrote: OK, I unmerged and re-emerged the package and I get the same message. I also verified that all remnants of the ruby puppet stuff was gone from site_ruby before I reinstalled. I'm fairly certain that it's not my manifests as this error seems to occur in the phase where puppet is gathering it's plugins and I tried running puppetd on a server with no node defs, no classes, etc... same thing I'll cc: the package maintainer. Maybe he's seen it before. Maybe the gem athttp://distfiles.gentoo.org/distfiles/puppet-2.6.2.gemis bad? On Nov 12, 11:57 am, Steve Neuharth steve.neuha...@gmail.com wrote: jeez, sorry... gentoo. This is on gentoo, not ubuntu, so I used portage. I suppose I could try to scrub my puppetmaster of everything puppet related and reinstall... definitely not the ideal solution. I'll look through the ruby libs and see if I can find any dupes first. thanks James. On Nov 12, 10:06 am, James Turnbull ja...@puppetlabs.com wrote: Steve Neuharth wrote: I've upgraded to puppet v2.6.2 on ubuntu (clients and server) and now I get this error messages related to pluginsync: How did you upgrade? I've seen this when files from previous versions hung around on the master/client too. Regards James -- Puppet Labs -http://www.puppetlabs.com C: 503-734-8571 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] facter (ruby) question
Hi Dennis, On Tue, Nov 16, 2010 at 7:28 AM, Dennis vdM cybernijn...@gmail.com wrote: Hi all, I have a small facter script which gives me the outcome of a subnet: Facter.add(lokatie) do setcode do %x{facter ipaddress | awk -F. '{print $2}'}.chomp end end This script gives me either 84 or 85 as result. What I really want is to label 84 as 'AAA' and 85 as 'BBB' (so facter gives either AAA or BBB as a result), but I can't seem to make it work :-( is 84,85 the full list of numbers that need to be translated? if you know all of the values you want to translate, you could do something like: conversions = { '84' = 'AAA', '85' = 'BBB' } Facter.add(lokatie) do setcode do subnet = %x{facter ipaddress | awk -F. '{print $2}'}.chomp conversions[subnet] end end Can anyone push me in the right direction? Regards, Dennis -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Controlling Package Version
Hi Luke, Thanks for the reply. I was wondering about the underlying repositories. When I did a yum list all mysql I only show the latest release. I am using the standard repos and mirrors for CentOS base, epel, extras, updates, addons, and rpmforge. Assuming I get the repository issue worked out, can I expect to hold the mysql version at the older release using puppet? We do this until we have verified the applications against the newer release before upgrading in production. Also, do you typically create your own mirrors of the repositories to control the repository contents? Thanks again for your help! Andy On Nov 16, 11:28 am, luke.bigum luke.bi...@fasthosts.co.uk wrote: Hi Andy, That looks like the mysql RPM with version 5.0.77-4.el5_5.3 no longer exists in your Yum repository and it's been replaced by 5.0.77-4.el5_5.4. If you want fine grained control of your RPMs with Puppet you'll also need to manage your own Yum repo and make sure you control what goes in, but more importantly what gets removed. Are you removing old files from your repo or are you using someone elses Yum mirror? If I look in my own local copy of a CentOS 5.5 mirror I see both versions: centos55/updates/x86_64/RPMS/mysql-5.0.77-4.el5_5.3.x86_64.rpm centos55/updates/x86_64/RPMS/mysql-5.0.77-4.el5_5.4.i386.rpm centos55/updates/x86_64/RPMS/mysql-5.0.77-4.el5_5.3.i386.rpm centos55/updates/x86_64/RPMS/mysql-5.0.77-4.el5_5.4.x86_64.rpm On Nov 16, 4:46 am, Andy andy@gmail.com wrote: Hi Folks, I am fairly new to using Puppet, but am trying to use it to control production servers running: - CentOS 5.5 - Puppet 2.6.3 - Yum 3.2.22 We would like to specify that certain versions of packages be loaded on a system. Our requirement is to have fixed versions of all critical packages upon which our applications depend. We do not want any surprises due to unplanned updates to the latest and greatest release of a critical software dependency. We are using manifests with a package resource like: package { mysql: ensure = 5.0.77-4.el5_5.3, } The problem we run into is that when one server is loaded the manifest and puppet works like a charm. If some time passes and a later version of a package is available in the yum repository and we attempt to load another server using the same puppet catalog; then puppet will complain that it is unable to load the specified version in the manifest, because it found a later version via yum (e.g. mysql-5.0.77-4.el5_5.4). The error message is shown below: err: /Stage[base]/Centos-server-pack/Package[mysql]/ensure: change from 5.0.77-4.el5_5.4 to 5.0.77-4.el5_5.3 failed: Could not update: Failed to update to version 5.0.77-4.el5_5.3, got version 5.0.77-4.el5_5.4 instead at /etc/puppet/modules/centos-base-pkg/ manifests/init.pp:288 Has anyone else run into this problem or have an suggestions? Thanks in advance for your advice. Andy -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Using custom facts in Puppet
On Tue, 2010-11-16 at 07:33 -0800, JWBoerma wrote: Right now i am at a loss, since i cannot see what I'm doing wrong Does anyone have any experience with this? thanx in advance. Can you send the output from the following command: puppetd --test --verbose --no-daemonize And also the source code of your custom fact? Thanks, Matt -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: facter (ruby) question
Thanks Dan! The conversions action does exactly what I want. :-) On 16 nov, 18:02, Dan Bode d...@puppetlabs.com wrote: Hi Dennis, On Tue, Nov 16, 2010 at 7:28 AM, Dennis vdM cybernijn...@gmail.com wrote: Hi all, I have a small facter script which gives me the outcome of a subnet: Facter.add(lokatie) do setcode do %x{facter ipaddress | awk -F. '{print $2}'}.chomp end end This script gives me either 84 or 85 as result. What I really want is to label 84 as 'AAA' and 85 as 'BBB' (so facter gives either AAA or BBB as a result), but I can't seem to make it work :-( is 84,85 the full list of numbers that need to be translated? if you know all of the values you want to translate, you could do something like: conversions = { '84' = 'AAA', '85' = 'BBB' } Facter.add(lokatie) do setcode do subnet = %x{facter ipaddress | awk -F. '{print $2}'}.chomp conversions[subnet] end end Can anyone push me in the right direction? Regards, Dennis -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.- Tekst uit oorspronkelijk bericht niet weergeven - - Tekst uit oorspronkelijk bericht weergeven -- Tekst uit oorspronkelijk bericht niet weergeven - - Tekst uit oorspronkelijk bericht weergeven - -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Can't do a nested define. What are my options?
I'm trying to create a directory structure from 2 arrays. First array is the outter, second is the inner. For each outter, I'd like to loop through each inner. Below is sort of what I'm trying to do. In the real world, the $sys_name and $mounts vars will be parsed from yaml and will be dynamic. In the example I've created static arrays for simplicity. Please don't critique the code. I know it won't work and is the wrong way to do it. I just want to give an idea of what I'm trying to do. $sys_name = ['sys1', 'sys2', 'sys3', 'sys4'] $mounts = ['home', 'var', 'usr', 'duck', 'goose'] File { owner = 'root', group = 'root', mode = '0755', ensure = directory } define outter () { file { /mnt/$sys_name: } define inner () { file {$mount_base/$mounts:} } inner { $mounts } } outter { $sys_name: } So basically create directories from a dynamic array inside directories created from a dynamic array. Any way to do this in a simple way? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Can't do a nested define. What are my options?
Hi Andrew, On Tue, Nov 16, 2010 at 9:33 AM, hudsterboy andrewmor...@yahoo.com wrote: I'm trying to create a directory structure from 2 arrays. First array is the outter, second is the inner. For each outter, I'd like to loop through each inner. Below is sort of what I'm trying to do. In the real world, the $sys_name and $mounts vars will be parsed from yaml and will be dynamic. In the example I've created static arrays for simplicity. Please don't critique the code. I know it won't work and is the wrong way to do it. I just want to give an idea of what I'm trying to do. $sys_name = ['sys1', 'sys2', 'sys3', 'sys4'] $mounts = ['home', 'var', 'usr', 'duck', 'goose'] File { owner = 'root', group = 'root', mode = '0755', ensure = directory } define outter () { file { /mnt/$sys_name: } define inner () { file {$mount_base/$mounts:} } inner { $mounts } } outter { $sys_name: } Looping/iteration is somewhat difficult using Puppet's DSL. Perhaps you should consider writing this manifest using the new Ruby DSL (available in 2.6.x) . I recently wrote a blog about it (which I believe is the most up to date documentation not counting the commit message): http://www.puppetlabs.com/blog/ruby-dsl/ its fairly bleeding edge, so feel free to ask questions. -Dan So basically create directories from a dynamic array inside directories created from a dynamic array. Any way to do this in a simple way? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] puppetrun + per host configuration push
hi all , i had configured puppet with LDAP i.e. node information for stored in LDAP.. i want to triger puppetrun for pushing configuration for a perticular host. rather than $ puppetrun --all (which triggers all nodes) or $ puppet --class classname ( triggers all nodes ,which include this class). as i know when we use following : $ puppetrun --host host_name it will look for node entry in puppet class , not in Ldap.. but ,in my development environment , this functionality criticallly required . , i want to trigger only perticuler host through puppetrun. how can I achieve this functionality ? guide me to right direction thanks: Sanjiv Singh (iLabs) Impetus Infotech (India). -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] n00b question - Does puppet monitor continuously ?
Does something in the puppetmaster run the puppet modules/manifests periodically ? Or do I have to set up a cron job or something like that ? Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] n00b question - Does puppet monitor continuously ?
Ygor wrote: Does something in the puppetmaster run the puppet modules/manifests periodically ? Or do I have to set up a cron job or something like that ? Thanks. The puppetd / puppet agent daemon on the client runs every 30 minutes by default. You can configure this period using the runinterval configuration option. You can also run via cron if you prefer. Regards James Turnbull -- Puppet Labs - http://www.puppetlabs.com C: 503-734-8571 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Passenger cannot load Rack
I am getting the following error in my Apache error log when trying to run my puppetmaster as a rack app with Passenger: *** Exception LoadError in PhusionPassenger::Rack::ApplicationSpawner (no such file to load -- rack) (process 32373): Apache will start up without error, but as soon as a puppet client connects, the error is thrown. Passenger is dying at a require 'rack' statement in the rack application spawner code. In older versions of Passenger, I noticed this require statement included rack at the very top of application_spawner.rb. Just before the require statement it added a passenger-distributed rack to the ruby lib. In later versions of passenger, the require statement appears farther down application_spawner.rb in some function and does not add any vendor'ed rack path to the rubylib, and it cannot find Rack. Sorry if that's a bit of detail, but I'm about to pull my hair out over this. Why can't Passenger find Rack? The gems I have installed: *** LOCAL GEMS *** daemon_controller (0.2.5) fastthread (1.0.7) file-tail (1.0.5) git (1.2.5) god (0.11.0) passenger (2.2.15) rack (1.1.0) rake (0.8.7) spruz (0.2.0) stomp (1.1.6) By the way, I am on RHEL5 and am using Ruby 1.8.5 (I know it is old) I have tried this with many versions of Passenger and all of the more recent versions cannot find Rack. As I said, the older versions didn't have this problem but there was something else up with them (I confess I no longer remember what it was). I figure most Puppet users are using the later versions without the issue I'm having, so I might as well work it out and use the most vetted versions of gems that I can. There must be something I am not understanding about how Gems work or RUBYLIB or something. Anyone got any ideas? Thanks in advance! -Kent -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Using custom facts in Puppet
On 11/16/2010 09:33 AM, JWBoerma wrote: hello, I am trying to add a custum fact to my puppet module. I wrote and tested the facter script and it functions as I want it to. I've got the same issue, trying to distribute a custom fact. I'd like to return the version of Plesk Panel running on the client. So I wrote and tested a little fact: # cat plesk_version.rb require 'facter' Facter.add(plesk_version) do setcode do %x{cat /usr/local/psa/version}.chomp end end r...@test10:~/lib/ruby/facter# facter finds this on the client and it returns what I'm looking for. I want to put this on the server and distribute it. My puppet clients and puppetmaster server are 0.25.4. On the puppetmaster I edited /etc/puppet/puppet.conf: [main] logdir=/var/log/puppet vardir=/var/lib/puppet ssldir=/var/lib/puppet/ssl rundir=/var/run/puppet factpath=$vardir/lib/facter pluginpath=$vardir/lib/facter pluginsync=true [puppetmasterd] #templatedir=/var/lib/puppet/templates factsync=true factpath=$vardir/facts and also fileserver.conf: # cat /etc/puppet/fileserver.conf [files] path /var/lib/puppet/files allow * [plugins] path /var/lib/puppet/facts allow * I put my fact file (plesk_version.rb) in the /var/lib/puppet/facts directory. I also put a copy in the /var/lib/puppet/plugins directory. On my client, I ran the puppetd with this command: # /usr/sbin/puppetd --no-daemonize --verbose --onetime --pluginsync I got this: info: Retrieving plugin err: /File[/var/lib/puppet/lib]: Failed to retrieve current state of resource: Could not retrieve information from source(s) puppet://xxx.x.net/plugins notice: /File[/var/lib/puppet/lib/facter]: Dependency file[/var/lib/puppet/lib] has 1 failures warning: /File[/var/lib/puppet/lib/facter]: Skipping because of failed dependencies This seems to have changed some in 0.25.4, and googleing around has not helped. May I have a pointer to the correct process? Thanks, Ed Greenberg -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Using custom facts in Puppet
Replying to my own post: When run with --test and without --pluginsync, my puppetd returns this: info: Caching catalog for test10.newhostingaccount.net info: Applying configuration version '1289933909' notice: Finished catalog run in 1.42 seconds -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Can one definition require another definition?
Hi Experts, I am in a situation that need one definition to require another (to enforce execution order). E.g. define a(x,y,z) { do task 1 } define b(u,v,w) { so task 2 } To use them: Below won't make sure task 1 is executed before task 2 (or does it?): a { inst_a: x=x, ... } b { inst_b: u=u, ... } What I am doing now is to wrap them with classes, since definition can require a class: class cls_a { a { inst_a: x=x, ... } } b { inst_b: u=u, ... *require=Class[cls_a], *} *The question is: Won't it help if Puppet support require=Definition[inst_a] directly?* Or am I missing some important issues? Thanks a lot! -Yushu -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Can one definition require another definition?
On Tue, Nov 16, 2010 at 11:21 AM, Yushu Yao y...@lbl.gov wrote: Hi Experts, I am in a situation that need one definition to require another (to enforce execution order). E.g. define a(x,y,z) { do task 1 } define b(u,v,w) { so task 2 } To use them: Below won't make sure task 1 is executed before task 2 (or does it?): The question is: Won't it help if Puppet support require=Definition[inst_a] directly? Yes it supports it. a { inst_a: x=x, ... } b { inst_b: u=u, ... require=A[inst_a], } Just capitalize the first letter: define foo:bar ... require = Foo:Bar[..] Thanks, Nan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Can one definition require another definition?
On 11/16/2010 11:21 AM, Yushu Yao wrote: Hi Experts, *The question is: Won't it help if Puppet support require=Definition[inst_a] directly?* Or am I missing some important issues? Defines are macros. The macro itself doesn't exist in the catalog; only the generated resources do. -- Russell A Jackson r...@csub.edu Network Analyst California State University, Bakersfield -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Can one definition require another definition?
On 11/16/2010 11:33 AM, Nan Liu wrote: On Tue, Nov 16, 2010 at 11:21 AM, Yushu Yaoy...@lbl.gov wrote: Hi Experts, I am in a situation that need one definition to require another (to enforce execution order). E.g. define a(x,y,z) { do task 1 } define b(u,v,w) { so task 2 } To use them: Below won't make sure task 1 is executed before task 2 (or does it?): The question is: Won't it help if Puppet support require=Definition[inst_a] directly? Yes it supports it. a { inst_a: x=x, ... } b { inst_b: u=u, ... require=A[inst_a], } Just capitalize the first letter: define foo:bar ... require = Foo:Bar[..] I stand corrected. It does work. I've always thought of defines as macros, but apparently they are objects themselves. I'm still confused why they don't appear in my catalogs. Would nesting them inside of classes have anything to do with that? -- Russell A Jackson r...@csub.edu Network Analyst California State University, Bakersfield -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: n00b question - Does puppet monitor continuously ?
I use Puppet to watch and maintain the configuration of my systems to meet the requirements of automated Configuration Management. I use Monit to watch my more time-critical parts of the system; usually services which I want to make sure are running. Monit usually runs in a 1 minute cycle and has a simple configuration. If you need to watch more intently, look at inotify which watches for file access, changes or other operations on the file system. Looking at your question; the puppet client runs as a process and checks in with the puppetmaster based on the interval defined. I have Monit running to make sure that if for any reason puppet process dies, it will be restarted immediately. On Nov 16, 1:25 pm, James Turnbull ja...@puppetlabs.com wrote: Ygor wrote: Does something in the puppetmaster run the puppet modules/manifests periodically ? Or do I have to set up a cron job or something like that ? Thanks. The puppetd / puppet agent daemon on the client runs every 30 minutes by default. You can configure this period using the runinterval configuration option. You can also run via cron if you prefer. Regards James Turnbull -- Puppet Labs -http://www.puppetlabs.com C: 503-734-8571 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Could not retrieve catalog (403) and 500
Hi, I just recently upgraded my puppetmaster and clients from 0.25.3 to 2.6.3.rc3. Everything worked fine for a while. Now, none of my clients are able to retrieve their catalog. Here is some [hopefully] relevant information: $ puppetd --server fc-pupm01 --verbose --waitforcert 60 -- environment=fcprod --test err: Could not retrieve catalog from remote server: Error 403 on SERVER: Forbidden request: fc-pupm01(172.26.101.160 access to /catalog/ fc-pupm01 [find] at line 93 warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run err: Could not send report: Error 500 on SERVER: !DOCTYPE HTML PUBLIC -//IETF//DTD HTML 2.0//EN htmlhead title500 Internal Server Error/title /headbody h1Internal Server Error/h1 pThe server encountered an internal error or misconfiguration and was unable to complete your request./p pPlease contact the server administrator, r...@localhost and inform them of the time the error occurred, and anything you might have done that may have caused the error./p pMore information about this error may be available in the server error log./p hr addressApache/2.2.3 (CentOS) Server at fc-pupm01 Port 8140/address /body/html .. and Apache's error log: [Tue Nov 16 15:18:34 2010] [error] [client 172.26.101.51] (104)Connection reset by peer: ap_content_length_filter: apr_bucket_read() ailed [ pid=11148 file=ext/apache2/Hooks.cpp:566 time=2010-11-16 15:18:42.256 ]: Unexpected error in mod_passenger: An error occured while sending the request body to the request handler: Broken pipe (32) Backtrace: in 'virtual void Passenger::Application::Session::sendBodyBlock(const char*, unsigned int)' (Application.h:159) in 'int Hooks::handleRequest(request_rec*)' (Hooks.cpp:491) Other things behind passenger (Foreman) continue to work properly. Running Passenger 2.2.2. Does anyone have any ideas what may have caused this, and how to fix it? Thanks, Josh -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Could not retrieve catalog (403) and 500
On Nov 16, 4:26 pm, Josh joshba...@gmail.com wrote: Hi, I just recently upgraded my puppetmaster and clients from 0.25.3 to 2.6.3.rc3. Everything worked fine for a while. Now, none of my clients are able to retrieve their catalog. Here is some [hopefully] relevant information: Some more info: The client is CentOS5/x86_64: *** LOCAL GEMS *** fastthread (1.0.7) mysql (2.8.1) passenger (2.2.2) rack (1.0.1, 0.4.0) rake (0.8.7, 0.8.3) sqlite3-ruby (1.2.4) -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Could not retrieve catalog (403) and 500
Ok, looks like this may be fixed. I added allow * to the puppetmaster's auth.conf. I guess this is something that changed between 0.25.3 and 2.6.3, and I missed it while reading the release notes. Josh On Nov 16, 4:45 pm, Josh joshba...@gmail.com wrote: On Nov 16, 4:26 pm, Josh joshba...@gmail.com wrote: Hi, I just recently upgraded my puppetmaster and clients from 0.25.3 to 2.6.3.rc3. Everything worked fine for a while. Now, none of my clients are able to retrieve their catalog. Here is some [hopefully] relevant information: Some more info: The client is CentOS5/x86_64: *** LOCAL GEMS *** fastthread (1.0.7) mysql (2.8.1) passenger (2.2.2) rack (1.0.1, 0.4.0) rake (0.8.7, 0.8.3) sqlite3-ruby (1.2.4) -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Controlling Package Version
On Nov 16, 11:03 am, Andy andy@gmail.com wrote: Also, do you typically create your own mirrors of the repositories to control the repository contents? I don't know about Luke, but I do. That provides not only control over the repository contents, but also (for me) much better performance, as my queries and package retrievals do not have to leave my internal network. I also get better availability because the repository has fewer clients, and if it ever goes down I can fix it. Moreover, you then have the option to rely on your local repository instead of Puppet for control of package versions. That is, maintain in your repository only those software versions you want to use, and let your Package resources all simply specify the latest version. No more tweaking manifests when you qualify a new package version! Cheers, John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Controlling Package Version
Using latest and controlling the repositories yourself is best practice I believe. On Nov 16, 2010 2:16 PM, jcbollinger john.bollin...@stjude.org wrote: On Nov 16, 11:03 am, Andy andy@gmail.com wrote: Also, do you typically create your own mirrors of the repositories to control the repository contents? I don't know about Luke, but I do. That provides not only control over the repository contents, but also (for me) much better performance, as my queries and package retrievals do not have to leave my internal network. I also get better availability because the repository has fewer clients, and if it ever goes down I can fix it. Moreover, you then have the option to rely on your local repository instead of Puppet for control of package versions. That is, maintain in your repository only those software versions you want to use, and let your Package resources all simply specify the latest version. No more tweaking manifests when you qualify a new package version! Cheers, John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Can't do a nested define. What are my options?
Thanks Dan, Unfortunately, I don't think we're going to 2.6 any time soon in our environment. I was hoping there was something simpler and I was just being dumb. Good news is, maybe I'm not so dumb! lol. I'm looking at using a custom function a co-worker wrote that might help. If it works well, I'll ask him to post it up here. I can see that it might be useful. Drew On Nov 16, 12:45 pm, Dan Bode d...@puppetlabs.com wrote: Hi Andrew, On Tue, Nov 16, 2010 at 9:33 AM, hudsterboy andrewmor...@yahoo.com wrote: I'm trying to create a directory structure from 2 arrays. First array is the outter, second is the inner. For each outter, I'd like to loop through each inner. Below is sort of what I'm trying to do. In the real world, the $sys_name and $mounts vars will be parsed from yaml and will be dynamic. In the example I've created static arrays for simplicity. Please don't critique the code. I know it won't work and is the wrong way to do it. I just want to give an idea of what I'm trying to do. $sys_name = ['sys1', 'sys2', 'sys3', 'sys4'] $mounts = ['home', 'var', 'usr', 'duck', 'goose'] File { owner = 'root', group = 'root', mode = '0755', ensure = directory } define outter () { file { /mnt/$sys_name: } define inner () { file {$mount_base/$mounts:} } inner { $mounts } } outter { $sys_name: } Looping/iteration is somewhat difficult using Puppet's DSL. Perhaps you should consider writing this manifest using the new Ruby DSL (available in 2.6.x) . I recently wrote a blog about it (which I believe is the most up to date documentation not counting the commit message): http://www.puppetlabs.com/blog/ruby-dsl/ its fairly bleeding edge, so feel free to ask questions. -Dan So basically create directories from a dynamic array inside directories created from a dynamic array. Any way to do this in a simple way? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Plugin dependencies
Hi, I'm attempting to move from 0.24.x to 2.6.x :) trying to fix all those parts that have changed, and found that the use of plugins we are doing is probably not the best approach hoping you can help me with comments regarding this use case. In our working 0.24.x environment we had to make use of plugins to add an attribute in the package.rb, something like: *newparam(:ignoredeps)* Then on the rpm.rb a flag to add --nodeps was added. * flags = []* * if @resource[:ignoredeps]* * flags --nodeps* * end* * flags -e* * rpm flags, nvr* All this because we needed to remove some packages without its dependencies. We distributed it with the pluginsync enabled in our puppet.conf, and works as expected. What I don't like at all is that we have to export all the providers that make use of the package.rb type, all this just for a small change like this, since my experience with ruby is close to nothing I would like to know if it would be possible to integrate such change without the need of importing all the providers, or any alternative solution to my use case. This is a simplified version of a class we are using, on which we need to remove packages without its dependencies: class ssh { $ssh_pkgs_in = $use_lpk ? { true = [openssh-lpk, openssh-lpk-clients, openssh-lpk-server], false = [openssh, openssh-clients, openssh-server], } $ssh_pkgs_out = $use_lpk ? { true = [openssh, openssh-clients, openssh-server], false = [openssh-lpk, openssh-lpk-clients, openssh-lpk-server], } package { $ssh_pkgs_in: ensure = latest, notify = Service[sshd], require = Package[$ssh_pkgs_out]; $ssh_pkgs_out: ensure = absent, *ignoredeps* = true; } } The node definition then looks something like: node puppet.example.com { $use_lpk = true include ssh } Thanks. -- Tony http://blog.tonyskapunk.net -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Stopping a service before a package upgrade
byron appelt byron.app...@gmail.com writes: Is there a way to shutdown a running service before a package is upgraded? This seems like a pretty basic thing to do, but I can't figure it out. Nope. On most platforms this is handled by the package itself, rather than by an external tool, since it would otherwise fail when a regular administrator tried to perform the update. Regards, Daniel -- ✣ Daniel Pittman✉ dan...@rimspace.net☎ +61 401 155 707 ♽ made with 100 percent post-consumer electrons -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] ANNOUNCE: Puppet 2.6.3 released!
We're back with a new release: 2.6.3. This release addresses some issues in the 2.6.2 release. 2.6.3 is a maintenance release in the 2.6.x branch and it contains only bug fixes and no new features. It should be considered the stable release for 2.6.x. The release is available for download at: http://puppetlabs.com/downloads/puppet/puppet-2.6.3.tar.gz Please note that the release of Puppet is signed with the Puppet Labs key. See the Verifying Puppet Download section at http://projects.puppetlabs.com/projects/puppet/wiki/Downloading_Puppet Report feedback via the Puppet Labs Redmine site: http://projects.puppetlabs.com Please select an affected version of 2.6.3. CHANGELOG since 2.6.2 184733c [#5322] (#5322) Remove spec file that adds little value and causes failures 178c2a6 Fix test failures that fixing #4726 exposed. 74b6c09 (#4726) Fix RRD legacy support 8662056 Fix for #4279 -- mount detection on HP-UX fbb096a Fix for #5055 -- adding to_sym to Puppet::Node::Environment b2ff6a5 Fix for #5298 -- Collections need to do type lookup 1ce00dc Step towards [5298] -- cleanup indentation, etc. in AST::Collection 722608b Fixed #5287 - Schedule documentation is incorrect c8b6fb5 Fixed #5296 - test warnings messages d221c05 (#5297) Fix schedule tests that were missing stubs for Time.now f2fd0d1 Fix for #5273 -- user resource constantly resetting password age 544dcf8 Fix #5289 -- Bad copy/paste changes message on test failure b15231d Fix for #4299 -- Don't require which ea435a4 Fix #5020 - Prefer finding node name from REST uri over certname a097b93 Fix for #4894 -- retry tests if port is in use ee61b4e Fix for #4955 -- Race condition memory leak in Puppet::Util f57425d Fix #4921 - race condition in Parser Functions creation 9604f1c Fix #5252 - line number mis-attribution during parsing cc5224c Maint. fix for test broken by 00eedac5 5f7d0fb Fix for #2568 -- Add a dbconnections option to set AR pool size ba4d22b Maint. Removing code for which no CLA has been signed 4a3d5d7 Reimplementation of functionality removed by prior commit 235d641 Refactor for CLA 9ba0c8a Fix #4923 - close process race when truncating existing file cb16d3d Puppet-load: better and safer error reporting 1d26742 Fix #5023 - puppet-load multiple nodes support 00eedac capture stderr from exec resources 4cbceab (#4573) FreeBSD service provider now supports versions 7 and 8 06c8748 Fix #3808 - puppetdoc should use --force-update only if RDoc supports it 6e6712b [#4813] Remove dead code from puppet/rails/host.rb 956296a Fix #4911 - Do not generate doc for standard RDoc parser generated object 4fa24bb Fix #5127 - error when accessing array elements abb8c66 (#5242) Fix schedule specs that fail near daylight savings ec667fd Kludge for #5206 -- port of fix for #3536 to yaml 9a3b584 (#5062) Add envpuppet helper script to ext/ aad7008 [#5225] Fix spec failure that depended on time change 21db472 (#5233) Randomize tmp dir paths 244213c Updated CHANGELOG for 2.6.3rc2 76ac1f8 Fixed #5112 - Launchd Service broke in 2.6.2 with OS X 10.4 Clients. 776ea2a Fixed #5137 - Removed no longer required TOC references 31118fe Kludge for #5048 -- serialization compatibility with 0.25.x 65ef24e (#4534/#4778) -- Normalize parameterized classes 3b53bfc Fix for #5022 -- Escaped newlines should be elided e3fc5b9 Updated CHANGELOG and version for 2.6.3rc1 3c56705 Fix for #4832 -- Making PSON handle arbitrary binary data e232770 Minimal fix for #4975 -- only call chage when managing password age rules a090e86 Fix for #4963 -- Use correct commands for password expiry on solaris Regards James Turnbull -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Filebucket log messages include file content
On Mon, Nov 15, 2010 at 7:38 AM, Chris chrisma...@gmail.com wrote: So; on to the question: Can I stop 0.24 clients from printing out file contents when taking to a 2.6 master ? It's a bit of a security issue when the files contain passwords or other sensitive information - especially if it happens to get emailed out, or pushed onto the network via syslog. Check and see if show_diff is true: # puppetd --configprint show_diff false If so, set it to false in puppet.conf under the puppetd section. Thanks, Nan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] refreshonly not triggering exec
Hi all, new to puppet so excuse my noobiness :) I've got a puppet type to manage iptables rules (https://github.com/ camptocamp/puppet-iptables) running in my development environment. The module works great for the most part; rules are calculated and applied in the right order. The problem is, it never seems to trigger a save. I've got this in my iptables class manifest, per the documents: Iptables { before = Exec[save iptables rules], notify = Exec[save iptables rules], } exec { save iptables rules: command = /etc/init.d/iptables save, refreshonly = true, } and the notifies seem to get created correctly: # puppetd --environment=development --debug --test --server=puppet | grep subscribes debug: /Iptables[03 icmp -- time-exceeded]/notify: subscribes to Exec[save iptables rules] debug: /Iptables[02 ssh -- colo]/notify: subscribes to Exec[save iptables rules] debug: //rhel/Service[ntpd]/subscribe: subscribes to File[/etc/ ntp.conf] debug: /Iptables[01 safe -- loopback]/notify: subscribes to Exec[save iptables rules] debug: //rhel/Service[sshd]/subscribe: subscribes to File[/etc/ssh/ sshd_config] debug: /File[/etc/my.cnf]/notify: subscribes to Service[mysql] debug: /Iptables[03 icmp -- source-quench]/notify: subscribes to Exec[save iptables rules] debug: /Iptables[03 icmp -- echo-request]/notify: subscribes to Exec[save iptables rules] debug: //rhel/Service[snmpd]/subscribe: subscribes to File[/etc/snmp] debug: /Iptables[01 safe -- output]/notify: subscribes to Exec[save iptables rules] debug: /Iptables[02 ssh -- internal]/notify: subscribes to Exec[save iptables rules] debug: /Iptables[04 test]/notify: subscribes to Exec[save iptables rules] debug: /Iptables[00 related -- input]/notify: subscribes to Exec[save iptables rules] debug: /Iptables[00 related -- output]/notify: subscribes to Exec[save iptables rules] but no matter what rules I change, the exec never gets triggered. I tested the notify for Service[mysql] by deleting the /etc/my.cnf file and it gets triggered and executed just fine. Any ideas? Thanks in advance for any help! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Passenger cannot load Rack
Resolved. I had installed Rack 1.1.0 with gem (gem install -v 1.1.0 rack). I just uninstalled the gem and installed Red Hat package rubygem-rack (which happens to install ver 1.1.0) and I'm golden. On Nov 16, 11:04 am, Kent kentmshu...@gmail.com wrote: I am getting the following error in my Apache error log when trying to run my puppetmaster as a rack app with Passenger: *** Exception LoadError in PhusionPassenger::Rack::ApplicationSpawner (no such file to load -- rack) (process 32373): Apache will start up without error, but as soon as a puppet client connects, the error is thrown. Passenger is dying at a require 'rack' statement in the rack application spawner code. In older versions of Passenger, I noticed this require statement included rack at the very top of application_spawner.rb. Just before the require statement it added a passenger-distributed rack to the ruby lib. In later versions of passenger, the require statement appears farther down application_spawner.rb in some function and does not add any vendor'ed rack path to the rubylib, and it cannot find Rack. Sorry if that's a bit of detail, but I'm about to pull my hair out over this. Why can't Passenger find Rack? The gems I have installed: *** LOCAL GEMS *** daemon_controller (0.2.5) fastthread (1.0.7) file-tail (1.0.5) git (1.2.5) god (0.11.0) passenger (2.2.15) rack (1.1.0) rake (0.8.7) spruz (0.2.0) stomp (1.1.6) By the way, I am on RHEL5 and am using Ruby 1.8.5 (I know it is old) I have tried this with many versions of Passenger and all of the more recent versions cannot find Rack. As I said, the older versions didn't have this problem but there was something else up with them (I confess I no longer remember what it was). I figure most Puppet users are using the later versions without the issue I'm having, so I might as well work it out and use the most vetted versions of gems that I can. There must be something I am not understanding about how Gems work or RUBYLIB or something. Anyone got any ideas? Thanks in advance! -Kent -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Passenger cannot load Rack
Kent, How did you install rubygems? Could it be rack is in ~/.gems and not in the system site ruby directory? Also, there are well tested RPM packages for rubygems, passenger, rack and fastthread for EL 5 which available at http://yum.puppetlabs.com/prosvc/ These RPM's may help you out since they're sure to put everything in the system ruby 1.8.5 site_ruby library path. Hope this helps. If you're still having trouble, please post your apache vhost config file and config.ru you're using as well as how you've installed puppet (RPM, gem or source, etc...) -- Jeff McCune - (+1-503-208-4484) On Nov 16, 2010, at 11:04 AM, Kent kentmshu...@gmail.com wrote: I am getting the following error in my Apache error log when trying to run my puppetmaster as a rack app with Passenger: *** Exception LoadError in PhusionPassenger::Rack::ApplicationSpawner (no such file to load -- rack) (process 32373): Apache will start up without error, but as soon as a puppet client connects, the error is thrown. Passenger is dying at a require 'rack' statement in the rack application spawner code. In older versions of Passenger, I noticed this require statement included rack at the very top of application_spawner.rb. Just before the require statement it added a passenger-distributed rack to the ruby lib. In later versions of passenger, the require statement appears farther down application_spawner.rb in some function and does not add any vendor'ed rack path to the rubylib, and it cannot find Rack. Sorry if that's a bit of detail, but I'm about to pull my hair out over this. Why can't Passenger find Rack? The gems I have installed: *** LOCAL GEMS *** daemon_controller (0.2.5) fastthread (1.0.7) file-tail (1.0.5) git (1.2.5) god (0.11.0) passenger (2.2.15) rack (1.1.0) rake (0.8.7) spruz (0.2.0) stomp (1.1.6) By the way, I am on RHEL5 and am using Ruby 1.8.5 (I know it is old) I have tried this with many versions of Passenger and all of the more recent versions cannot find Rack. As I said, the older versions didn't have this problem but there was something else up with them (I confess I no longer remember what it was). I figure most Puppet users are using the later versions without the issue I'm having, so I might as well work it out and use the most vetted versions of gems that I can. There must be something I am not understanding about how Gems work or RUBYLIB or something. Anyone got any ideas? Thanks in advance! -Kent -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] puppetrun + per host configuration push
hi all , i had configured puppet with LDAP i.e. node information for stored in LDAP.. i want to triger puppetrun for pushing configuration for a perticular host. rather than $ puppetrun --all (which triggers all nodes) or $ puppet --class classname ( triggers all nodes ,which include this class). as i know when we use following : $ puppetrun --host host_name it will look for node entry in puppet class , not in Ldap.. but ,in my development environment , this functionality criticallly required . , i want to trigger only perticuler host through puppetrun. how can I achieve this functionality ? guide me to right direction thanks: Sanjiv Singh (iLabs) Impetus Infotech (India). -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Can one definition require another definition?
On Nov 16, 2010, at 12:15 PM, Russell Jackson r...@csub.edu wrote: I stand corrected. It does work. I've always thought of defines as macros, but apparently they are objects themselves. I'm still confused why they don't appear in my catalogs. Would nesting them inside of classes have anything to do with that? What actually happens in the catalog is that a relationship is established with every resource in the collection created by the defined resource type. The trend seems to be moving in the direction of making defined resource types more like native types in the catalog, but I don't have easy access to the tickets on my phone. The same thing happens when establishing a relationship to a class. In the catalog this is actually a relationship to all resources in the collection of resources created by the class. Hope this helps, -Jeff -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Can one definition require another definition?
defines are neither macros nor objects, they are resources On Nov 16, 2010 12:16 PM, Russell Jackson r...@csub.edu wrote: On 11/16/2010 11:33 AM, Nan Liu wrote: On Tue, Nov 16, 2010 at 11:21 AM, Yushu Yaoy...@lbl.gov wrote: Hi Experts, I am in a situation that need one definition to require another (to enforce execution order). E.g. define a(x,y,z) { do task 1 } define b(u,v,w) { so task 2 } To use them: Below won't make sure task 1 is executed before task 2 (or does it?): The question is: Won't it help if Puppet support require=Definition[inst_a] directly? Yes it supports it. a { inst_a: x=x, ... } b { inst_b: u=u, ... require=A[inst_a], } Just capitalize the first letter: define foo:bar ... require = Foo:Bar[..] I stand corrected. It does work. I've always thought of defines as macros, but apparently they are objects themselves. I'm still confused why they don't appear in my catalogs. Would nesting them inside of classes have anything to do with that? -- Russell A Jackson r...@csub.edu Network Analyst California State University, Bakersfield -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] puppetrun + per host configuration push
sanjiv.singh sanjiv.si...@impetus.co.in writes: i had configured puppet with LDAP i.e. node information for stored in LDAP.. [...] $ puppet --class classname ( triggers all nodes ,which include this class). as i know when we use following : $ puppetrun --host host_name it will look for node entry in puppet class , not in Ldap.. but ,in my development environment , this functionality criticallly required . , i want to trigger only perticuler host through puppetrun. how can I achieve this functionality ? You want mcollective, and the puppet plugin for that, which is the best current mechanism for achieving this. Regards, Daniel -- ✣ Daniel Pittman✉ dan...@rimspace.net☎ +61 401 155 707 ♽ made with 100 percent post-consumer electrons -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] ANNOUNCE: Puppet 2.6.3 released!
On Tue, 16 Nov 2010 16:11:17 -0800, James Turnbull wrote: We're back with a new release: 2.6.3. This release addresses some issues in the 2.6.2 release. 2.6.3 is a maintenance release in the 2.6.x branch and it contains only bug fixes and no new features. It should be considered the stable release for 2.6.x. The release is available for download at: http://puppetlabs.com/downloads/puppet/puppet-2.6.3.tar.gz Please note that the release of Puppet is signed with the Puppet Labs key. See the Verifying Puppet Download section at http://projects.puppetlabs.com/projects/puppet/wiki/Downloading_Puppet Report feedback via the Puppet Labs Redmine site: http://projects.puppetlabs.com Please select an affected version of 2.6.3. CHANGELOG since 2.6.2 184733c [#5322] (#5322) Remove spec file that adds little value and causes failures 178c2a6 Fix test failures that fixing #4726 exposed. 74b6c09 (#4726) Fix RRD legacy support 8662056 Fix for #4279 -- mount detection on HP-UX fbb096a Fix for #5055 -- adding to_sym to Puppet::Node::Environment b2ff6a5 Fix for #5298 -- Collections need to do type lookup 1ce00dc Step towards [5298] -- cleanup indentation, etc. in AST::Collection 722608b Fixed #5287 - Schedule documentation is incorrect c8b6fb5 Fixed #5296 - test warnings messages d221c05 (#5297) Fix schedule tests that were missing stubs for Time.now f2fd0d1 Fix for #5273 -- user resource constantly resetting password age 544dcf8 Fix #5289 -- Bad copy/paste changes message on test failure b15231d Fix for #4299 -- Don't require which ea435a4 Fix #5020 - Prefer finding node name from REST uri over certname a097b93 Fix for #4894 -- retry tests if port is in use ee61b4e Fix for #4955 -- Race condition memory leak in Puppet::Util f57425d Fix #4921 - race condition in Parser Functions creation 9604f1c Fix #5252 - line number mis-attribution during parsing cc5224c Maint. fix for test broken by 00eedac5 5f7d0fb Fix for #2568 -- Add a dbconnections option to set AR pool size ba4d22b Maint. Removing code for which no CLA has been signed 4a3d5d7 Reimplementation of functionality removed by prior commit 235d641 Refactor for CLA 9ba0c8a Fix #4923 - close process race when truncating existing file cb16d3d Puppet-load: better and safer error reporting 1d26742 Fix #5023 - puppet-load multiple nodes support 00eedac capture stderr from exec resources 4cbceab (#4573) FreeBSD service provider now supports versions 7 and 8 06c8748 Fix #3808 - puppetdoc should use --force-update only if RDoc supports it 6e6712b [#4813] Remove dead code from puppet/rails/host.rb 956296a Fix #4911 - Do not generate doc for standard RDoc parser generated object 4fa24bb Fix #5127 - error when accessing array elements abb8c66 (#5242) Fix schedule specs that fail near daylight savings ec667fd Kludge for #5206 -- port of fix for #3536 to yaml 9a3b584 (#5062) Add envpuppet helper script to ext/ aad7008 [#5225] Fix spec failure that depended on time change 21db472 (#5233) Randomize tmp dir paths 244213c Updated CHANGELOG for 2.6.3rc2 76ac1f8 Fixed #5112 - Launchd Service broke in 2.6.2 with OS X 10.4 Clients. 776ea2a Fixed #5137 - Removed no longer required TOC references 31118fe Kludge for #5048 -- serialization compatibility with 0.25.x 65ef24e (#4534/#4778) -- Normalize parameterized classes 3b53bfc Fix for #5022 -- Escaped newlines should be elided e3fc5b9 Updated CHANGELOG and version for 2.6.3rc1 3c56705 Fix for #4832 -- Making PSON handle arbitrary binary data e232770 Minimal fix for #4975 -- only call chage when managing password age rules a090e86 Fix for #4963 -- Use correct commands for password expiry on solaris Regards James Turnbull If you use the Git repository you'll want to check your copy of the 2.6.3 tag. It appears that a bad tag managed to make it out into the wild at some point. If you see: % git show 2.6.3 tag 2.6.3 Tagger: James Turnbull ja...@lovedthanlost.net Date: Tue Oct 19 18:34:35 2010 2.6.3 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAABAgAGBQJMvkcvAAoJEBBUt6JL1uwwQmsP/3pL6+SYp1++VIWff1E98r3m nCYLwdVHZzQQB7/g36IdZzWvG4dU0/RE/8lbb7II2u3zS9eKdB9GQe/v4vXsQiSu v+s8jdP6pIB9/IHgmoFzDckcgCww6mfRHL0shBERWZ2LaNejdGvLJiVyvDYFLmAR AUfN/YOXKgnSnqTsXP4QgFoEQBMK0OUXYdSm9ocD8/dceal5UoVOdtj2EWFJ+dFE IZDEMGRRztIU23XtuUyIqa21v8Q5OnpTcAoyqDA07X/prcz1K9pGKYy1VWEQV5Sc ClDVWzv3c9m3d62bhVgiq7zXd46TpfqGfMdcpCmHtxwf1mAOMeYT2YO+RbT5nBfI 3qHHKOQx8+DSZBQhjdCb5zjVYa2haJw3oUA++6reHID0heNfGjwJrAM2NqDiLo1a 6g9Y5O+iqxukaAGYamDgQntloaY4TrcoFu4ygs0EvmYMtZnc6dZxaiFpay540zHr j0CYPOQiXi27fVTScUdbH8bR7qDu36HxPHA7IcqVklu+Fdlo2Q0g17PMQyZVKE81 y8Vm4KEVPUgv6hBYrgNZVjihiVZ9cVOFXd+GP6K/Juq2LG2kFgZbCEouoNZ2gjTP uw2MphAPdHhhHLfWyp64Vf27Hg7ey9M5Pc1oVbedo3swuweNaoZfcdRNeoxvtOVa k25ENw5kCnMxslvPBf6Q =rzt2 -END PGP
[Puppet Users] Re: ANNOUNCE: Puppet 2.6.3 released!
James Turnbull wrote: We're back with a new release: 2.6.3. This release addresses some issues in the 2.6.2 release. For those using Fedora or RHEL/CentOS, I've updated the yum repos at: http://tmz.fedorapeople.org/repo/puppet/ Packages for EL 4 - 6 and Fedora 12 - 14 are available for testing. Add the puppet.repo file from either the epel or fedora directories to /etc/yum.repos.d to enable. If you find problems with the packaging, please let me know. If you find other bugs, please file them in redmine: http://projects.puppetlabs.com/projects/puppet/issues I'm particularly interested in anyone updating from 0.25.x to 2.6.x and whether you run into regressions or other issues that would make this an unsuitable update to push into the stable Fedora and EPEL repositories. -- ToddOpenPGP - KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~ The direct use of physical force is so poor a solution to the problem of limited resources that it is commonly employed only by small children and great nations. -- David Friedman pgpii7ACyzeC8.pgp Description: PGP signature
[Puppet Users] Re: puppetrun + notice: Denying unauthenticated .... access to puppetrunner.run
hi Ohad , i am showing U client log, which may help U in tracing out exact problem . /var/log/puppet/http.log [2010-11-16 16:02:47] INFO WEBrick::HTTPServer#start: pid=2757 port=8139 [2010-11-16 16:02:54] DEBUG accept: 184.106.208.159:42821 [2010-11-16 16:02:54] DEBUG Puppet::Network::XMLRPC::WEBrickServlet is invoked. [2010-11-16 16:02:54] ERROR XMLRPC::FaultException: Host 184-106-208-159.static.cloud-ips.com(184.106.208.159) not authorized to call puppetrunner.run /usr/lib/ruby/site_ruby/1.8/puppet/network/xmlrpc/processor.rb:42:in `process' /usr/lib/ruby/site_ruby/1.8/puppet/network/xmlrpc/webrick_servlet.rb: 68:in `service' /usr/lib/ruby/1.8/webrick/httpserver.rb:104:in `service' /usr/lib/ruby/1.8/webrick/httpserver.rb:65:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb: 45:in `listen' /usr/lib/ruby/1.8/webrick/server.rb:173:in `call' /usr/lib/ruby/1.8/webrick/server.rb:173:in `start_thread' /usr/lib/ruby/1.8/webrick/server.rb:162:in `start' /usr/lib/ruby/1.8/webrick/server.rb:162:in `start_thread' /usr/lib/ruby/1.8/webrick/server.rb:95:in `start' /usr/lib/ruby/1.8/webrick/server.rb:92:in `each' /usr/lib/ruby/1.8/webrick/server.rb:92:in `start' /usr/lib/ruby/1.8/webrick/server.rb:23:in `start' /usr/lib/ruby/1.8/webrick/server.rb:82:in `start' /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:42:in `listen' /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:41:in `initialize' /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:41:in `new' /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:41:in `listen' /usr/lib/ruby/1.8/thread.rb:135:in `synchronize' /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:38:in `listen' /usr/lib/ruby/site_ruby/1.8/puppet/network/server.rb:131:in `listen' /usr/lib/ruby/site_ruby/1.8/puppet/network/server.rb:146:in `start' /usr/lib/ruby/site_ruby/1.8/puppet/daemon.rb:128:in `start' /usr/lib/ruby/site_ruby/1.8/puppet/application/puppetd.rb:116:in `main' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:226:in `send' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:226:in `run_command' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:217:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:306:in `exit_on_fail' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:217:in `run' /usr/sbin/puppetd:160 [2010-11-16 16:02:54] 184-106-208-159.static.cloud-ips.com - - [16/Nov/ 2010:16:02:54 UTC] POST /RPC2 HTTP/1.1 500 415 thanks ; Sanjiv Singh(iLabs) Impetus Infotech(India). On Nov 16, 6:07 pm, Ohad Levy ohadl...@gmail.com wrote: On Tue, Nov 16, 2010 at 2:31 PM, sanjiv.singh sanjiv.si...@impetus.co.inwrote: hi Ohad , here are my namespaceauth.conf configurarion on master : /etc/puppet/namespaceauth.conf [fileserver] allow * [puppetmaster] allow * [puppetrunner] allow * on client : /etc/puppet/namespaceauth.conf [puppetrunner] allow * try changing this to the fqdn of your master (or wherever you run puppetrun from). Ohad On Nov 16, 5:15 pm, Ohad Levy ohadl...@gmail.com wrote: Can you paste your namespace config file? try to make sure that your allow line matches to another host fqdn (the one you want to push from). Ohad On Tue, Nov 16, 2010 at 1:20 PM, sanjiv.singh sanjiv.si...@impetus.co.inwrote: hi Ohad, a lot googling is done and gone through various blogs and documentation.. and made what ever changes U suggested . but still problem not resolved. plz help me to resolve this problem. On Nov 12, 12:17 pm, sanjiv.singh sanjiv.si...@impetus.co.in wrote: hi Ohad, thanks for reply i m using puppet version 0.25.X on both side (client master)... and edited and added following file /etc/puppet/auth.conf on client ... path /run method save allow * , but still problem is not resolved. On Nov 11, 8:23 pm, Ohad Levy ohadl...@gmail.com wrote: if you are using puppet 2.6.x you need to adjust your auth.conf too seehttp:// theforeman.org/projects/foreman/wiki/puppetrunforanexample Ohad On Thu, Nov 11, 2010 at 5:04 PM, sanjiv.singh sanjiv.si...@impetus.co.inwrote: hi all, i am in trouble with running puppetrun... i m able to run puppetd ... which successfully get configuration from master and made changes on client side and following are senario i m using to run puppetrun there is no issue on port i had opened ports . 8140 : on master 8139 : on client and added following file /etc/puppet/namespaceauth.conf on client.. [puppetrunner] allow * on master : === $ puppetrun --all --debug Triggering dmb-1289455541.puppet.com warning: peer