Re: [Puppet Users] Monitor puppet runs on clients with nagios
Brian Gallew wrote: > I've been thinking about this myself, and I've come up with a few > possibilities. > Brian You might want to also have a look at: http://projects.puppetlabs.com/issues/4339 James -- Puppet Labs - http://www.puppetlabs.com C: 503-734-8571 -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Monitor puppet runs on clients with nagios
I've been thinking about this myself, and I've come up with a few possibilities. 1) Leverage the reports on the puppet master. This could be done with a daemon that watched /var/lib/puppet/reports, for instance. 2) Leverage the reports on the puppet clients. Each puppet run could ship the report of the previous puppet run off to nagios via a custom function. It would run behind, though, which is an issue. 3) Leverage Dashboard/Foreman. Both of those have APIs that can be queried to determine host status and get the errors from the report. 4) Leverage puppet's report subsystem: create another report (e.g. "nagios") and have it send Nagios the correct information. Of all the choice here, I like 4 the best, and it's what I'm planning on implementing when I've got a stock of round tuits. Basically, I'll get the report status and use send_nsca to send the results to Nagios. Alternatively, if the rest of the team insists that Nagios should do active polling, then I'll write a check that will query either Foreman or ask the DB directly (which ever is easier). 2010/11/15 Nicolas Szalay > Le jeudi 11 novembre 2010 à 06:09 -0800, Tim a écrit : > > Hi, > > Hello, > > > Anyway what other approaches are there? I'd like to simply see 2 > > things: > > 1) If there were any failures during the puppet run on the client > > 2) When the last puppet run on each client was (ie. if it was more > > than 50 mins ago raise a warning) > > I check point 2 with the help of mcollective and its puppetd agent. See > http://www.rottenbytes.info/?p=387 for more information. > > Regards, > > Nico. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Can't get plugins in modules with environments to work in 2.6
I think I heard somewhere that pluginsync ignores environments. On Nov 17, 2010, at 8:27 PM, John Warburton wrote: > Hi All > > I'm quite prepared to acknowledge I've missed the bleeding obvious here, but > I just can't see. Hence the post > > I am getting the exact same errors as issue 4409 > (http://projects.puppetlabs.com/issues/4409) when trying to use a type in a > module in an environment > > When the type is in /modules/testmodule/lib/puppet/type, I get > this error message: > > err: Puppet::Parser::AST::Resource failed with error ArgumentError: Invalid > resource type logadm at > /tmp/puppet26/environments/prod/modules/testmodule/manifests/init.pp:15 on > node corwadm010.bfm.com > > When I copy it to $libdir/puppet/type on the server - it works, which ignores > the environments :-( > > I have updated http://projects.puppetlabs.com/issues/4409 with my test case - > fresh independent 2.6.3 install - config files, client & server debug output > (from Markus Robert's diagnostic patch) in > http://projects.puppetlabs.com/attachments/1227/issue4409.txt > > I am sure I am missing something - as > http://projects.puppetlabs.com/issues/1175 says it was all fixed for 2.6 > > Thanks for any pointers > > Regards > > John > > References: > http://docs.puppetlabs.com/guides/custom_types.html > http://docs.puppetlabs.com/guides/environment.html > http://docs.puppetlabs.com/guides/plugins_in_modules.html > http://projects.puppetlabs.com/issues/1175 > http://projects.puppetlabs.com/issues/4409 > https://github.com/MarkusQ/puppet/tree/ticket/2.6.x/4409 -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] trying to push a whole directory...
On Nov 17, 2010, at 2:48 PM, Russell Fulton wrote: > > (note to developers: please 'rescue' this error and provide something > meaningful to the user ;) Someone else posted a fix. On the subject of the error itself, this bug is known and fixed in 2.6.x and 0.25.5. If you want more info, look at http://projects.puppetlabs.com/issues/3101 -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Can't get plugins in modules with environments to work in 2.6
Hi All I'm quite prepared to acknowledge I've missed the bleeding obvious here, but I just can't see. Hence the post I am getting the exact same errors as issue 4409 ( http://projects.puppetlabs.com/issues/4409) when trying to use a type in a module in an environment When the type is in /modules/testmodule/lib/puppet/type, I get this error message: err: Puppet::Parser::AST::Resource failed with error ArgumentError: Invalid resource type logadm at /tmp/puppet26/environments/prod/modules/testmodule/manifests/init.pp:15 on node corwadm010.bfm.com When I copy it to $libdir/puppet/type on the server - it works, which ignores the environments :-( I have updated http://projects.puppetlabs.com/issues/4409 with my test case - fresh independent 2.6.3 install - config files, client & server debug output (from Markus Robert's diagnostic patch) in http://projects.puppetlabs.com/attachments/1227/issue4409.txt I am sure I am missing something - as http://projects.puppetlabs.com/issues/1175 says it was all fixed for 2.6 Thanks for any pointers Regards John References: http://docs.puppetlabs.com/guides/custom_types.html http://docs.puppetlabs.com/guides/environment.html http://docs.puppetlabs.com/guides/plugins_in_modules.html http://projects.puppetlabs.com/issues/1175 http://projects.puppetlabs.com/issues/4409 https://github.com/MarkusQ/puppet/tree/ticket/2.6.x/4409 -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Multiple CA / Puppet master environment
Oh, that's for sharing the puppetmaster SSL keypair between each other, that's all. On Nov 17, 2010 3:53 PM, "Nigel Kersten" wrote: > On Wed, Nov 17, 2010 at 1:29 PM, Scott Smith wrote: >> nfs mount the puppetmaster ssl dir. seperate puppetca (set on clients) play >> with it and you'll figure it out :) > > Why do you need to nfs mount the puppetmaster SSL dir in this case Scott? > > There's no state to be shared if you're operating with a dedicated puppetca. > > > >> >> On Nov 11, 2010 9:18 AM, "luke.bigum" wrote: >>> Hi, >>> >>> Does anyone know if this document is up to date (besides the comment >>> at the top saying it's not): >>> >>> >>> http://projects.puppetlabs.com/projects/1/wiki/Multiple_Certificate_Authorities >>> >>> Or does anyone who has a load balanced multi puppet master with some >>> kind of shared CA confirm that the procedure is accurate? >>> >>> -- >>> You received this message because you are subscribed to the Google Groups >>> "Puppet Users" group. >>> To post to this group, send email to puppet-us...@googlegroups.com. >>> To unsubscribe from this group, send email to >>> puppet-users+unsubscr...@googlegroups.com . >>> For more options, visit this group at >>> http://groups.google.com/group/puppet-users?hl=en. >>> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To post to this group, send email to puppet-us...@googlegroups.com. >> To unsubscribe from this group, send email to >> puppet-users+unsubscr...@googlegroups.com . >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en. >> > > > > -- > Nigel Kersten - Puppet Labs - http://www.puppetlabs.com > > -- > You received this message because you are subscribed to the Google Groups "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com . > For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] trying to push a whole directory...
On Nov 17, 2010, at 2:48 PM, Russell Fulton wrote: >source => '/home/sensors/Rules/raw', This needs to be a puppet:// url which matches up to an appropriate 'mount' in your server's /etc/puppet/fileserver.conf: # fileserver.conf [sensors] path = /home/sensors allow = * # end fileserver.conf # in your manifest file { "/home/snort/Rules/raw": mode=> "750", owner => snort, group => snort, source => 'puppet:///sensors/Rules/raw', recurse => remote, ensure => present; } # end manifest Note I also changed your 'recurse => true' to 'recurse => remote', a sadly under-documented feature which eases recursive copies by recursing the source directory to build a list of files that need checksumming, not the target. (see http://projects.puppetlabs.com/issues/show/1469 for the backstory) - Eric Sorenson - N37 17.255 W121 55.738 - http://twitter.com/ahpook - -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] trying to push a whole directory...
Hi Folks I'm a relative newbie to puppet (been playing about a month)... I am trying to push out a directory containing a bunch of files to a number of machines and thought I could do this using the recurse attribute: file { "/home/snort/Rules/raw": mode=> "750", owner => snort, group => snort, source => '/home/sensors/Rules/raw', recurse => true, ensure => present; } Yeah -- pushing snort rule tarballs to sensors... however this results in: err: /Stage[main]/Snort/File[/home/snort/Rules/raw]: Failed to generate additional resources using 'eval_generate': undefined method `relative_path' for nil:NilClass err: /Stage[main]/Snort/File[/home/snort/Rules/raw]: Failed to retrieve current state of resource: Could not retrieve information from source(s) /home/sensors/Rules/raw at /etc/puppet/modules/snort/manifests/init.pp:32 So am I going about this the wrong way or have I got some detail wrong. (note to developers: please 'rescue' this error and provide something meaningful to the user ;) Russell -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] more errors with pushig out directories
I am having grief with another directory -- almost identical set up as previous message. This time I am getting err: /Stage[main]/Monitor/File[/home/snort/conf/pp]: Failed to generate additional resources using 'eval_generate': Error 400 on SERVER: Not authorized to call search on /file_metadata/monior/pp/dmzo with {:recurselimit=>2, :recurse=>true, :links=>"follow"} err: /Stage[main]/Monitor/File[/home/snort/conf/pp]: Failed to retrieve current state of resource: Error 400 on SERVER: Not authorized to call find on /file_metadata/monior/pp/dmzo Could not retrieve file metadata for puppet:///monior/pp/dmzo: Error 400 on SERVER: Not authorized to call find on /file_metadata/monior/pp/dmzo at /etc/puppet/modules/monitor/manifests/init.pp:38 >From monitor/manifests/init.pp: "/home/snort/conf/pp": owner => 'snort', group => 'snort', source => "puppet:///monior/pp/$master", links => follow, recurse => true, recurselimit =>1, ensure => directory; as can be seen $master is being interpolated as 'dmzo' as it should be. from /etc/puppet: lrwxrwxrwx 1 root root 37 Nov 18 15:02 modules/monitor/files/pp/dmzo - > /home/sensors/Sensors/masters/dmzo/pp [rful...@secpupprd01 puppet]$ ls -l modules/monitor/files/pp/dmzo/ total 92 -rw-rw-r-- 1 sensors sensors 18379 Nov 18 14:52 disable.conf -rw-rw-r-- 1 sensors sensors 0 Nov 18 14:52 dropsid.conf -rw-rw-r-- 1 sensors sensors65 Nov 18 14:52 enabled.conf -rw-rw-r-- 1 sensors sensors 2455 Nov 18 14:52 modified.conf -rw-rw-r-- 1 sensors sensors 2338 Nov 18 14:52 pp.conf -rw-r--r-- 1 sensors sensors 7886 Nov 18 14:52 pulledpork.conf -rw-rw-r-- 1 sensors sensors 8763 Nov 18 14:52 snort.conf -rw-rw-r-- 1 sensors sensors 7864 Nov 18 14:52 test.conf Any idea what is wrong here? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] bootstrapping facts
On Wed, Nov 17, 2010 at 1:05 PM, byron appelt wrote: > I am using a fact inside of a template. The problem I am running into > is that the bootstrap run of puppet fails with the following error: > > err: Could not retrieve catalog from remote server: Error 400 on > SERVER: Failed to parse template base_gateway/ublip_gw.monitrc.erb: > Could not find value for 'gw_init_script_exists' at /etc/puppet-dev/ > manifests/classes/base_gateway/manifests/init.pp:35 > > because the facts do not exist yet. I have worked around this by > placing an if statement around the resource that renders the template > like so: > > if $gw_init_script_exists { > > file { "/etc/monit.d/ublip_gw.monitrc": > content => template("base_gateway/ublip_gw.monitrc.erb"), > } > > } > > > While this works it is not a very elegant solution. Is there a better > way of dealing with this situation? Why doesn't the fact exist yet? Are you delivering a fact via pluginsync, but that fact itself relies upon an executable script that you're delivering with Puppet ? Can you post the fact itself? > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- Nigel Kersten - Puppet Labs - http://www.puppetlabs.com -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Centralised source repository for Puppetforge
On Wed, Nov 17, 2010 at 8:30 AM, lisa wrote: > Is there a centralized git (or other SCM) repository for user- > contributed Puppet modules? That is, does Puppetlabs operate a > repository on github or elsewhere so that users can be granted commit > access for specific modules which they contribute? No, but the Forge encourages module authors to specify the source code repository containing their module's source code. This gives module authors complete control over which SCM, hosting service and collaboration model they choose for producing their modules. E.g., if you specify a github repo for your module, others can easily fork it, and submit patches to you using github's pull request system. Is this sufficient for your needs? -igal -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Multiple CA / Puppet master environment
On Wed, Nov 17, 2010 at 1:29 PM, Scott Smith wrote: > nfs mount the puppetmaster ssl dir. seperate puppetca (set on clients) play > with it and you'll figure it out :) Why do you need to nfs mount the puppetmaster SSL dir in this case Scott? There's no state to be shared if you're operating with a dedicated puppetca. > > On Nov 11, 2010 9:18 AM, "luke.bigum" wrote: >> Hi, >> >> Does anyone know if this document is up to date (besides the comment >> at the top saying it's not): >> >> >> http://projects.puppetlabs.com/projects/1/wiki/Multiple_Certificate_Authorities >> >> Or does anyone who has a load balanced multi puppet master with some >> kind of shared CA confirm that the procedure is accurate? >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To post to this group, send email to puppet-us...@googlegroups.com. >> To unsubscribe from this group, send email to >> puppet-users+unsubscr...@googlegroups.com. >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en. >> > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > -- Nigel Kersten - Puppet Labs - http://www.puppetlabs.com -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Sr Unix Admin needed
We are committed to deploying puppet and using it as our main tool for managing all our systems but we are far from having fully deployed it... The person we would hire would be expected to join all our efforts, not just puppet deployment and management, but of course, puppet knowledge and experience would be very highly appreciated. Thanks a lot for your interest and please email me directly if you have further questions. Mohamed. On Wed, Nov 17, 2010 at 5:35 PM, Daniel Pittman wrote: > Mohamed Lrhazi writes: > >> Sorry to use this list for a job ad... >> >> I work for a prestigious University in Washington, DC... and we are >> looking, pretty urgently, for a senior Unix admin to join our team... >> >> Please contact me if you live in the area and are seriously >> interested, and are seriously a Senior Unix person. > > Would we be right in understanding that y'all are fairly heavily invested in > puppet, then, and the person you hired would be working with puppet as a > routine and significant part of the job? > > Daniel > -- > ✣ Daniel Pittman ✉ dan...@rimspace.net ☎ +61 401 155 707 > ♽ made with 100 percent post-consumer electrons > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- -- If not for coffee, I'd have no use for water at all. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Multiple CA / Puppet master environment
On Nov 17, 6:57 am, CraftyTech wrote: > Would there be any issues with stored configs? should I either a) > Point both masters to the same PuppetDB server (MySql), or b) Setup a > two way replication between the masters, and connect them individually > to their respective PuppetDB's.. Storeconfigs with "a bunch" of masters using a single DB server isn't a problem. You'll need to turn on thin storeconfigs eventually. A few hundred nodes with a few hundred resources per node is probably the limit of "thick" storeconfigs. The issue isn't load on the DB server, that's pretty light. The problem with "thick" storeconfigs is all the time the masters spent in ActiveRecord land when compiling catalogs. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Stopping a service before a package upgrade
Mohit Chawla writes: > On Wed, Nov 17, 2010 at 10:50 PM, byron appelt wrote: > >> The package I am trying to update is running under monit, which will start >> it back up if not shut down via monit, which the package itself cannot >> do. Is there a recommended way to handle this sort of situation? Shed bitter tears? I don't actually know of any particularly good way to handle that situation, either inside puppet or outside it, because most systems don't do a good job of supporting non-standard service monitoring. In similar situations I have usually done one of two things: One, ensured that the package update doesn't try and manage service operation at all, pretty much. Which works OK for the stuff we handle with heartbeat. (On Debian that wasn't too bad, because it has good policy support for this stuff and the packages all comply to that. This may not help you, however.) Two, use something like the Perl Server::Starter tools which will happily keep the application running under monit correctly despite the package update, and then post-process the graceful restart. So, um, the best I can offer is that you don't try and shut down the service before or during the upgrade. Perhaps we can help achieve that and, even if it isn't ideal, help solve your practical problem? > A puppet provider for it would be the ideal way. For eg., I use runit. That wouldn't actually help: the package provider and the service provider would need to collude, and Puppet doesn't really support that. > Other way might be to write a bunch of execs and defines for the > job. And/or open a feature request. :) Either of those might work - perhaps someone else at Puppet Labs has a better idea about how this can be managed. Daniel -- ✣ Daniel Pittman✉ dan...@rimspace.net☎ +61 401 155 707 ♽ made with 100 percent post-consumer electrons -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Sr Unix Admin needed
Mohamed Lrhazi writes: > Sorry to use this list for a job ad... > > I work for a prestigious University in Washington, DC... and we are > looking, pretty urgently, for a senior Unix admin to join our team... > > Please contact me if you live in the area and are seriously > interested, and are seriously a Senior Unix person. Would we be right in understanding that y'all are fairly heavily invested in puppet, then, and the person you hired would be working with puppet as a routine and significant part of the job? Daniel -- ✣ Daniel Pittman✉ dan...@rimspace.net☎ +61 401 155 707 ♽ made with 100 percent post-consumer electrons -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Multiple CA / Puppet master environment
I rsync my ssl dir from CNAMES puppet-ca.example.com to puppet-ca2.example.com every 5 mins All clients configuration is set up such that ca_server = puppet-ca.example.com If puppet-ca goes down, I swing the pppet-ca CNAME to the puppet-ca2 server Note that to make this work I use the same single cert for all puppet servers and use certdnsnames to include puppet-ca & puppet-ca2 and every CNAME for every puppet server in the organisation As for storedconfigs - I'm not there yet, but thought I'd have MySQL point to the one server. All the warnings about queuing and the like has pushed the priority down for me John On 18 November 2010 08:29, Scott Smith wrote: > nfs mount the puppetmaster ssl dir. seperate puppetca (set on clients) play > with it and you'll figure it out :) > On Nov 11, 2010 9:18 AM, "luke.bigum" wrote: > > Hi, > > > > Does anyone know if this document is up to date (besides the comment > > at the top saying it's not): > > > > > http://projects.puppetlabs.com/projects/1/wiki/Multiple_Certificate_Authorities > > > > Or does anyone who has a load balanced multi puppet master with some > > kind of shared CA confirm that the procedure is accurate? > > > > -- > > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > > To post to this group, send email to puppet-us...@googlegroups.com. > > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com > . > > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > -- John Warburton Ph: 0417 299 600 Email: jwarbur...@gmail.com -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Multiple CA / Puppet master environment
nfs mount the puppetmaster ssl dir. seperate puppetca (set on clients) play with it and you'll figure it out :) On Nov 11, 2010 9:18 AM, "luke.bigum" wrote: > Hi, > > Does anyone know if this document is up to date (besides the comment > at the top saying it's not): > > http://projects.puppetlabs.com/projects/1/wiki/Multiple_Certificate_Authorities > > Or does anyone who has a load balanced multi puppet master with some > kind of shared CA confirm that the procedure is accurate? > > -- > You received this message because you are subscribed to the Google Groups "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com . > For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Multiple CA / Puppet master environment
Does anyone use multiple puppetmasters with storedconfigs? On Nov 17, 8:57 am, CraftyTech wrote: > Would there be any issues with stored configs? should I either a) > Point both masters to the same PuppetDB server (MySql), or b) Setup a > two way replication between the masters, and connect them individually > to their respective PuppetDB's.. > > Thanks, > > On Nov 15, 1:13 am, DaveQB wrote: > > > > > > > > > I too have been after this for some time. I will take a read of this. > > > Thanks so much for taking the time to write this up Dan. > > > Thanks! > > > On Nov 12, 8:26 pm, "luke.bigum" wrote: > > > > Excellent, thanks for that Dan I'll take a look. > > > > On Nov 11, 5:42 pm, Dan Bode wrote: > > > > > Hi, > > > > > On Thu, Nov 11, 2010 at 9:17 AM, luke.bigum > > > > wrote: > > > > > > Hi, > > > > > > Does anyone know if this document is up to date (besides the comment > > > > > at the top saying it's not): > > > > > >http://projects.puppetlabs.com/projects/1/wiki/Multiple_Certificate_A... > > > > > > Or does anyone who has a load balanced multi puppet master with some > > > > > kind of shared CA confirm that the procedure is accurate? > > > > > I would not follow this document unless you need to use chained CAs > > > > (which > > > > is a huge pain to get working), if you just need some instructions for > > > > configuringmultiplepuppetmasters to share a single CA, I have written > > > > some > > > > instructions here: > > > > >http://bodepd.com/wordpress/?p=7 > > > > > -Dan > > > > > > -- > > > > > You received this message because you are subscribed to the Google > > > > > Groups > > > > > "Puppet Users" group. > > > > > To post to this group, send email to puppet-us...@googlegroups.com. > > > > > To unsubscribe from this group, send email to > > > > > puppet-users+unsubscr...@googlegroups.com > > > > groups.com> > > > > > . > > > > > For more options, visit this group at > > > > >http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] bootstrapping facts
I am using a fact inside of a template. The problem I am running into is that the bootstrap run of puppet fails with the following error: err: Could not retrieve catalog from remote server: Error 400 on SERVER: Failed to parse template base_gateway/ublip_gw.monitrc.erb: Could not find value for 'gw_init_script_exists' at /etc/puppet-dev/ manifests/classes/base_gateway/manifests/init.pp:35 because the facts do not exist yet. I have worked around this by placing an if statement around the resource that renders the template like so: if $gw_init_script_exists { file { "/etc/monit.d/ublip_gw.monitrc": content => template("base_gateway/ublip_gw.monitrc.erb"), } } While this works it is not a very elegant solution. Is there a better way of dealing with this situation? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] centos add user failed
On Wed, Nov 17, 2010 at 4:00 AM, Leonko wrote: > Hello, I have problem with creating user under centos: > > part of my class: > > user {jboss: > ensure => present, > home => "$jboss_home", > shell => "/bin/bash", > groups => jboss, > } If it's the primary group use gid instead of groups. user {jboss: ensure => present, home=> "$jboss_home", shell => "/bin/bash", gid => jboss, } Thanks, Nan -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Is anyone using SSL with Dashboard?
On Nov 17, 2010, at 9:42 AM, Kent wrote: > I would like to use SSL with Dashboard as a means of controlling > access. I've got my Dashboard vhost working with client authentication > and a user with the right certificate can view the dashboard. > However, my puppetmaster cannot post reports to Dashboard any longer > because it cannot speak SSL to the Dashboard server. I doubt > puppetmaster has support for posting reports over SSL, but maybe I am > mistaken. Would running 2 copies of dashboard work? One on 127.0.0.1 that is not SSL and one on a public interface that is or is the local interface not private? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Stopping a service before a package upgrade
Hi, On Wed, Nov 17, 2010 at 10:50 PM, byron appelt wrote: > The package I am trying to update is running under monit, which will > start it back up if not shut down via monit, which the package itself > cannot do. Is there a recommended way to handle this sort of > situation? > A puppet provider for it would be the ideal way. For eg., I use runit. Other way might be to write a bunch of execs and defines for the job. And/or open a feature request. :) -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Is anyone using SSL with Dashboard?
I would like to use SSL with Dashboard as a means of controlling access. I've got my Dashboard vhost working with client authentication and a user with the right certificate can view the dashboard. However, my puppetmaster cannot post reports to Dashboard any longer because it cannot speak SSL to the Dashboard server. I doubt puppetmaster has support for posting reports over SSL, but maybe I am mistaken. Has anyone else tried using SSL with Dashboard? Is there another, more preferred way to add access control to Dashboard? (even if there is, I doubt the puppetmaster can be made to use whatever credentials necessary to authenticate and post reports) Thanks all, Kent -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Stopping a service before a package upgrade
The package I am trying to update is running under monit, which will start it back up if not shut down via monit, which the package itself cannot do. Is there a recommended way to handle this sort of situation? -Byron On Nov 16, 5:35 pm, Daniel Pittman wrote: > byron appelt writes: > > Is there a way to shutdown a running service before a package is upgraded? > > This seems like a pretty basic thing to do, but I can't figure it out. > > Nope. On most platforms this is handled by the package itself, rather than by > an external tool, since it would otherwise fail when a regular administrator > tried to perform the update. > > Regards, > Daniel > -- > ✣ Daniel Pittman ✉ dan...@rimspace.net ☎ +61 401 155 707 > ♽ made with 100 percent post-consumer electrons -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Centralised source repository for Puppetforge
Is there a centralized git (or other SCM) repository for user- contributed Puppet modules? That is, does Puppetlabs operate a repository on github or elsewhere so that users can be granted commit access for specific modules which they contribute? I should think not given the number of discrete repositories and lack of any such notice on the Puppetforge website. Thanks, -lisa -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Sr Unix Admin needed
Sorry to use this list for a job ad... I work for a prestigious University in Washington, DC... and we are looking, pretty urgently, for a senior Unix admin to join our team... Please contact me if you live in the area and are seriously interested, and are seriously a Senior Unix person. Mohamed. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Controlling Package Version
To All, Thanks so much for the input. We have plans on mirroring the repositories that we need to control the production package versions and another mirror for testing/development that will contain upstream versions. The usage of the "ensure => latest" parameter makes sense to us in this context. Thanks again, Andy On Nov 16, 5:26 pm, Nigel Kersten wrote: > Using "latest" and controlling the repositories yourself is best practice I > believe. > On Nov 16, 2010 2:16 PM, "jcbollinger" wrote: > > > > > On Nov 16, 11:03 am, Andy wrote: > >> Also, do you typically create your own mirrors of the repositories to > >> control the repository contents? > > > I don't know about Luke, but I do. That provides not only control > > over the repository contents, but also (for me) much better > > performance, as my queries and package retrievals do not have to leave > > my internal network. I also get better availability because the > > repository has fewer clients, and if it ever goes down I can fix it. > > > Moreover, you then have the option to rely on your local repository > > instead of Puppet for control of package versions. That is, maintain > > in your repository only those software versions you want to use, and > > let your Package resources all simply specify the "latest" version. > > No more tweaking manifests when you qualify a new package version! > > > Cheers, > > > John > > > -- > > You received this message because you are subscribed to the Google Groups > > "Puppet Users" group.> To post to this group, send email to > puppet-us...@googlegroups.com. > > To unsubscribe from this group, send email to > > puppet-users+unsubscr...@googlegroups.com > .> For more options, visit this group at > > http://groups.google.com/group/puppet-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Lexical Scope: How does it work?
On Wed, Nov 17, 2010 at 4:27 AM, Nick Moffitt wrote: > Let me start by saying that I am a fan of lexical scoping as a way of > increasing confidence in your execution models. I am hoping to move > from the now thoroughly debunked "wackyscope" model that used to plague > many programming languages over to proper lexical scoping in my puppet > configs. I'm just having trouble finding documentation of how this > works for puppet. > > I understand that a lexically-scoped puppet config would need to use > parameterized classes. What I'm not clear on is how facts would be > scoped. Are they some top-level that needs to be passed into nodes? > Are they present in a node's scope? What if it inherits? Do I need to > pass these facts in as parameters as well? (I hope so). > > The only documentation I can find at all for lexical scoping in puppet > is in puppet.conf(5): > > lexical +++ > > Whether to use lexical scoping (vs. dynamic). > > · Default: false > > That's a bit thin. I assume this is only needed on the master, of > course. > This doesn't actually do anything... yet. With the addition of parametrized classes, however, lexical scoping should be possible in the future. Although dynamic scoping does exist, its possible to not take advantage of it by passing all variables through parametrized classes, or specifically referring to variables at top scope with the fully qualified namespace $::operatingsystem. Resource defaults, unfortunately, do not allow a way to work around dynamic scoping though... > > -- > "These people program the way Victorians dress. > It takes two hours and three assistants to put on > your clothes, and you have to change before dinner. > But everything is modular."-- Miles Nordin, on PAM > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: pkgutil package provider (solaris)
On Nov 16, 3:52 pm, Peter Bonivart wrote: > I have it checked into SVN so it will be in v2.3 but I haven't set a > release date for it yet. Is it a showstopper for you? In that case I > could roll a v2.2.1 for you with this. Not for me personally. We will take this importunity to upgrade our pkgutils on all the machines (not asap, but hopefully 'soon'). > > An other issue that we need to tackle is which version(s) of pkgutil > > will we support with the puppet provider? > > I really think you should use the --single option (as used in Maciej's > provider) for comparison due to performance reasons and that was in > v1.9, released roug Yes indeed. That is the minimum minimorum. However because of the bug you just fixed, I think we could support the pkgutil provider starting from v2.3. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Multiple CA / Puppet master environment
Would there be any issues with stored configs? should I either a) Point both masters to the same PuppetDB server (MySql), or b) Setup a two way replication between the masters, and connect them individually to their respective PuppetDB's.. Thanks, On Nov 15, 1:13 am, DaveQB wrote: > I too have been after this for some time. I will take a read of this. > > Thanks so much for taking the time to write this up Dan. > > Thanks! > > On Nov 12, 8:26 pm, "luke.bigum" wrote: > > > > > > > > > Excellent, thanks for that Dan I'll take a look. > > > On Nov 11, 5:42 pm, Dan Bode wrote: > > > > Hi, > > > > On Thu, Nov 11, 2010 at 9:17 AM, luke.bigum > > > wrote: > > > > > Hi, > > > > > Does anyone know if this document is up to date (besides the comment > > > > at the top saying it's not): > > > > >http://projects.puppetlabs.com/projects/1/wiki/Multiple_Certificate_A... > > > > > Or does anyone who has a load balanced multi puppet master with some > > > > kind of shared CA confirm that the procedure is accurate? > > > > I would not follow this document unless you need to use chained CAs (which > > > is a huge pain to get working), if you just need some instructions for > > > configuringmultiplepuppetmasters to share a single CA, I have written some > > > instructions here: > > > >http://bodepd.com/wordpress/?p=7 > > > > -Dan > > > > > -- > > > > You received this message because you are subscribed to the Google > > > > Groups > > > > "Puppet Users" group. > > > > To post to this group, send email to puppet-us...@googlegroups.com. > > > > To unsubscribe from this group, send email to > > > > puppet-users+unsubscr...@googlegroups.com > > > groups.com> > > > > . > > > > For more options, visit this group at > > > >http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: No changes being applied to clients 2.6.3rc3
Debug output: r...@fc-pupm01:/etc/puppet$ puppetd --server fc-pupm01 --verbose -- waitforcert 60 --environment=fcprod --debug --test debug: Puppet::Type::User::ProviderPw: file pw does not exist debug: Puppet::Type::User::ProviderUser_role_add: file roledel does not exist debug: Puppet::Type::User::ProviderLdap: true value when expecting false debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/ dscl does not exist debug: Puppet::Type::File::ProviderMicrosoft_windows: feature microsoft_windows is missing debug: Failed to load library 'ldap' for feature 'ldap' debug: /File[/var/run/puppet/agent.pid]: Autorequiring File[/var/run/ puppet] debug: /File[/var/lib/puppet/ssl/public_keys]: Autorequiring File[/var/ lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/ puppet] debug: /File[/var/lib/puppet/client_yaml]: Autorequiring File[/var/lib/ puppet] debug: /File[/var/lib/puppet/ssl/private]: Autorequiring File[/var/lib/ puppet/ssl] debug: /File[/var/lib/puppet/state/graphs]: Autorequiring File[/var/ lib/puppet/state] debug: /File[/var/lib/puppet/ssl/certs/ca.pem]: Autorequiring File[/ var/lib/puppet/ssl/certs] debug: /File[/var/lib/puppet/ssl/private_keys/fc-pupm01 .pem]: Autorequiring File[/var/lib/puppet/ssl/private_keys] debug: /File[/var/lib/puppet/ssl/private_keys]: Autorequiring File[/ var/lib/puppet/ssl] debug: /File[/etc/puppet/namespaceauth.conf]: Autorequiring File[/etc/ puppet] debug: /File[/var/lib/puppet/ssl/certificate_requests]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl/certs/fc-pupm01 .pem]: Autorequiring File[/var/lib/puppet/ssl/certs] debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/ puppet] debug: /File[/var/lib/puppet/ssl/public_keys/fc-pupm01 .pem]: Autorequiring File[/var/lib/puppet/ssl/public_keys] debug: /File[/var/lib/puppet/classes.txt]: Autorequiring File[/var/lib/ puppet] debug: /File[/var/log/puppet/http.log]: Autorequiring File[/var/log/ puppet] debug: /File[/var/lib/puppet/ssl/crl.pem]: Autorequiring File[/var/lib/ puppet/ssl] debug: /File[/var/lib/puppet/state/state.yaml]: Autorequiring File[/ var/lib/puppet/state] debug: /File[/var/lib/puppet/client_data]: Autorequiring File[/var/lib/ puppet] debug: /File[/var/lib/puppet/clientbucket]: Autorequiring File[/var/ lib/puppet] debug: /File[/var/lib/puppet/ssl/certs]: Autorequiring File[/var/lib/ puppet/ssl] debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet] debug: /File[/etc/puppet/puppet.conf]: Autorequiring File[/etc/puppet] debug: Finishing transaction -607215358 debug: /File[/var/lib/puppet/ssl/certificate_requests]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/ puppet] debug: /File[/var/lib/puppet/ssl/private_keys]: Autorequiring File[/ var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl/certs/fc-pupm01 .pem]: Autorequiring File[/var/lib/puppet/ssl/certs] debug: /File[/var/lib/puppet/ssl/certs/ca.pem]: Autorequiring File[/ var/lib/puppet/ssl/certs] debug: /File[/etc/puppet/namespaceauth.conf]: Autorequiring File[/etc/ puppet] debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet] debug: /File[/var/log/puppet/http.log]: Autorequiring File[/var/log/ puppet] debug: /File[/var/lib/puppet/ssl/private_keys/fc-pupm01 .pem]: Autorequiring File[/var/lib/puppet/ssl/private_keys] debug: /File[/var/lib/puppet/ssl/certs]: Autorequiring File[/var/lib/ puppet/ssl] debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/ puppet] debug: /File[/var/lib/puppet/ssl/private]: Autorequiring File[/var/lib/ puppet/ssl] debug: /File[/var/lib/puppet/ssl/public_keys]: Autorequiring File[/var/ lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl/public_keys/fc-pupm01 .pem]: Autorequiring File[/var/lib/puppet/ssl/public_keys] debug: /File[/var/lib/puppet/ssl/crl.pem]: Autorequiring File[/var/lib/ puppet/ssl] debug: Finishing transaction -607974978 debug: Using cached certificate for ca debug: Using cached certificate for fc-pupm01 debug: Finishing transaction -608188968 debug: Loaded state in 0.01 seconds debug: Using cached certificate for ca debug: Using cached certificate for fc-pupm01 debug: Using cached certificate_revocation_list for ca debug: catalog supports formats: b64_zlib_yaml dot marshal pson raw yaml; using pson info: Caching catalog for fc-pupm01 debug: Creating default schedules debug: Loaded state in 0.01 seconds info: Applying configuration version '1290001620' debug: Finishing transaction -606104788 debug: Storing state debug: Stored state in 0.13 seconds notice: Finished catalog run in 0.15 seconds debug: Using cached certificate for ca debug: Using cached certificate for fc-pupm01 debug: Using cached certificate_revocation_list for ca debug: Value of 'preferred_serialization_format' (pson) is invalid for r
[Puppet Users] No changes being applied to clients 2.6.3rc3
Hi, I'm having a problem where no changes are getting applied to any of my puppet clients since upgrading from 0.25.3 to 2.6.3rc3. I'm using Passenger 2.2.2 and Ruby 1.8.7. I don't see any errors in Apache's logs nor Puppet's logs. The below is an output of when I try a a manual run from one of the clients: $ puppetd --server fc-pupm01 --verbose --waitforcert 60 -- environment=fcprod --test info: Caching catalog for fc-pupm01 info: Applying configuration version '129730' notice: Finished catalog run in 0.15 seconds Logs on the puppetmaster: Nov 17 07:40:02 fc-pupm01 puppet-master[19310]: Compiled catalog for fc-pupm01 in environment fcprod in 0.02 seconds Nov 17 07:40:02 fc-pupm01 puppet-agent[19567]: Caching catalog for fc- pupm01 Nov 17 07:40:02 fc-pupm01 puppet-agent[19567]: Applying configuration version '129730' Nov 17 07:40:02 fc-pupm01 puppet-agent[19567]: Finished catalog run in 0.15 seconds So, the logs are reporting that everything was successful, yet nothing is actually getting applied. Where can I begin to troubleshoot this issue? Thanks in advance! Josh -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: centos add user failed
Sorry. Problem realy only in Upper -G. By-hand with -g work fine! On 17 ноя, 15:00, Leonko wrote: > Hello, I have problem with creating user under centos: > > part of my class: > > user {jboss: > ensure => present, > home => "$jboss_home", > shell => "/bin/bash", > groups => jboss, > } > and in log I see: > > err change from absent to present failed: Could not create user > jboss: Execution of '/usr/sbin/useradd -d /opt/jboss -G jboss -s /bin/ > bash -M jboss' returned 9: useradd: group jboss exists - if you want > to add this user to that group, use -g. > > I understand reason of problem. Flag "-M" should not be before > username. But I did not understand how I can fix it. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Lexical Scope: How does it work?
Let me start by saying that I am a fan of lexical scoping as a way of increasing confidence in your execution models. I am hoping to move from the now thoroughly debunked "wackyscope" model that used to plague many programming languages over to proper lexical scoping in my puppet configs. I'm just having trouble finding documentation of how this works for puppet. I understand that a lexically-scoped puppet config would need to use parameterized classes. What I'm not clear on is how facts would be scoped. Are they some top-level that needs to be passed into nodes? Are they present in a node's scope? What if it inherits? Do I need to pass these facts in as parameters as well? (I hope so). The only documentation I can find at all for lexical scoping in puppet is in puppet.conf(5): lexical +++ Whether to use lexical scoping (vs. dynamic). · Default: false That's a bit thin. I assume this is only needed on the master, of course. -- "These people program the way Victorians dress. It takes two hours and three assistants to put on your clothes, and you have to change before dinner. But everything is modular."-- Miles Nordin, on PAM -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] centos add user failed
Hello, I have problem with creating user under centos: part of my class: user {jboss: ensure => present, home=> "$jboss_home", shell => "/bin/bash", groups => jboss, } and in log I see: err change from absent to present failed: Could not create user jboss: Execution of '/usr/sbin/useradd -d /opt/jboss -G jboss -s /bin/ bash -M jboss' returned 9: useradd: group jboss exists - if you want to add this user to that group, use -g. I understand reason of problem. Flag "-M" should not be before username. But I did not understand how I can fix it. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Filebucket log messages include file content
Hi Nan, On Wed, Nov 17, 2010 at 12:12 AM, Nan Liu wrote: > On Mon, Nov 15, 2010 at 7:38 AM, Chris wrote: > > So; on to the question: Can I stop 0.24 clients from printing out file > > contents when taking to a 2.6 master ? It's a bit of a security issue > > when the files contain passwords or other sensitive information - > > especially if it happens to get emailed out, or pushed onto the > > network via syslog. > > Check and see if show_diff is true: > > # puppetd --configprint show_diff > false > > If so, set it to false in puppet.conf under the puppetd section. > > Nope; set to false for me $ /opt/csw/bin/puppetd --configprint show_diff false Thanks! Chris -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Using custom facts in Puppet
On Nov 16, 6:06 pm, Matthew Macdonald-Wallace wrote: > On Tue, 2010-11-16 at 07:33 -0800, JWBoerma wrote: > > Right now i am at a loss, since i cannot see what I'm doing wrong > > Does anyone have any experience with this? > > > thanx in advance. > > Can you send the output from the following command: > > puppetd --test --verbose --no-daemonize > > And also the source code of your custom fact? > > Thanks, > > Matt What a good night's rest can accomplish. I went to gather the information you asked for, when I noticed that somehow an old version was present in my module and was not presenting the right answers. I never checked before, whether it was the right version, hence the problems I was having. After replacing the factscript with the right one, everything worked like a charm. thanx for the response and sorry for the, in hindsight, unnecessary question. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.