Re: [Puppet Users] apt-get -t lenny-backports
On 12/09/2010 05:13 AM, Patrick wrote: > > On Dec 8, 2010, at 6:38 PM, Daniel Pittman wrote: > >> Sadly, no. I very much missed the feature. We ended up using the apt >> preferences file to implement that behaviour >> >> If I was doing it over I would use a define that added the package >> resource and also used concat to automatically build up the >> preferences entry. >> >> Regards, Daniel. >> > > That's an interestring idea. > > I have one bit of advice about this. Make sure your source file > requires your preferences file. If you don't, it's possible one day to > get very unlucky and have only your source file pushed with nasty results. Also note that starting with Squeeze, Debian ships a version of apt that supports an /etc/apt/preferences.d/. This makes pinning various packages using puppet feasible. Regards, Felix -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] apt-get -t lenny-backports
On Dec 8, 2010, at 6:38 PM, Daniel Pittman wrote: > Sadly, no. I very much missed the feature. We ended up using the apt > preferences file to implement that behaviour > > If I was doing it over I would use a define that added the package resource > and also used concat to automatically build up the preferences entry. > > Regards, Daniel. > That's an interestring idea. I have one bit of advice about this. Make sure your source file requires your preferences file. If you don't, it's possible one day to get very unlucky and have only your source file pushed with nasty results. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] apt-get -t lenny-backports
Sadly, no. I very much missed the feature. We ended up using the apt preferences file to implement that behaviour If I was doing it over I would use a define that added the package resource and also used concat to automatically build up the preferences entry. Regards, Daniel. On 09/12/2010 6:03 AM, "Adrian" wrote: -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Python pip package provider
(Patrick's Homebrew provider lit a fire under me to finish this.) I've written a provider for Python's pip package management frontend. It's (theoretically) the standard for the future, being more capable and less shit than easy_install. https://github.com/rcrowley/puppet-pip As noted in the README, you can actually use it by setting RUBYLIB thus: gem install puppet-pip RUBYLIB="$GEM_HOME/1.8/gems/puppet-pip-0.0.2/lib" puppet apply test.pp It supports ensure => latest now plus specific version numbers. Uninstallation doesn't work properly on Debian/Ubuntu because of a bug in python-setuptools, which I believe will be fixed in Ubuntu Natty Narwhal. Please report issues on GitHub! Rich -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Howto check if augeas is available
On Dec 8, 2010, at 2:32 AM, Hubert Krause wrote: > Hello, > > Am Wednesday 08 December 2010 11:00:11 schrieb Patrick: >> The best answer is usually, "install Augeas when you install Puppet". If >> that's not possible, I know of two options: 1) Custom fact wrapper >> 2) Use a bootstrap enviroment and don't have your client leave it without >> Augeas. > > Do you know a link to an example for such a "Custom fact wrapper?" I saw one once, but I can't find it. What distro are you using? Why not just install Augeas when you install puppet? That's usually much easier. >> Aside from that, your catalog should compile fine without Augeas on the >> client. Are we talking about the server here? > > Hm. I dont know what you mean. If I just do: > > include class_using_augeas > > for all clients, those which don't have augeas installed run into the > error "could not run puppet configuration client: could not find a default > provider for augeas". Ah. Compiling happens on the server. Your catalog did compile, it just isn't usable. > I thought that this is a client error message? My Server does have augeas > installed. > > With my solution above I can switch off manually those classes > like "class_using_augeas". But It looks like that it must be easy to > implement a check for such requirements directly into puppet, maybe with a > fact (as you mentioned above). Thats why I asked this question, because I > dislike my manual solution. > > Best regards, > > Hubert -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Class execution order
Puppet will, by design, apply classes in a random order. To specify the order, you want to use the "require" parameter. exec { "echoone": command => "/bin/echo $var1", } exec { "echotwo": command => "/bin/echo $var2", require => Exec['echoone'], } exec { "echothree": command => "/bin/echo $var3", require => Exec['echotwo'], } Stages are for when you want something to run before (or after) everything else. On Dec 8, 2010, at 4:29 AM, sergey arlashin wrote: > Hi! > I'm trying to make puppet execute classes in a certain order for a > particular node. > So this is my test config: > > class one { >exec { "echoone": > command => "/bin/echo $var1", >} > } > > class two { >exec { "echotwo": > command => "/bin/echo $var2", >} > } > > class three { >exec { "echothree": > command => "/bin/echo $var3", >} > } > > node "client-tpl-puppet.localnet" { >$var1 = "1" >$var2 = "2" >$var3 = "3" >include one, two, three > } > > But when I launch puppet client on the node "client-tpl- > puppet.localnet" I see that all the classes execute in an absolutely > random order. The documentation says I should use stages, but I cannot > figure out how to use them in this particular case. > Could you show an example? > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Feature request: queued triggers
On 12/08, Martijn Grendelman wrote: > I would like to have the possibility to tell Puppet to queue the trigger, > and when the currently running catalog run is finished, process it and do > another run. > > Does this sound like a good idea? I thought so, and proposed a similar feature a while back: http://projects.puppetlabs.com/issues/2763 -j -- Jason Lavoie Ratvarre sbe uver ja...@oasys.net -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet in a virtual environment
You can name it whatever you like. 'puppet' is the default. In your client's puppet.conf files, add the line: server = puppetmaster_hostname under the [agent] section if running version 2.6 and [main] section if running version 0.25. It also doesn't hurt to add this line to your puppetmaster's puppet.conf file under the [master] (2.6) or [puppetmasterd] (0.25): certname = puppetmaster_hostname On Dec 8, 2010, at 4:13 AM, john maclean wrote: > Morning chaps, > > From my understanding the puppet master must have a hostname of > "puppet". Is this correct? I'd like to be able to call this box > whatever I like. I think that I can do that within > /etc/puppet/puppet.conf. > > > > -- > John Maclean > MSc (DIC) > > Enterprise Linux Systems Engineer > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] apt-get -t lenny-backports
Hello everybody, Is there a way when installing a package like this : package { "rubygems": ensure => installed, } to pass -t parameter to apt-get in order to use a specific apt source ? EG : apt-get install -t lenny-backports rubygems Ideally I would not use exec ... I am on a Debian and I want to find a clean way to upgrade rubygems ... Thank you ! -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Puppet in a virtual environment
Morning chaps, >From my understanding the puppet master must have a hostname of "puppet". Is this correct? I'd like to be able to call this box whatever I like. I think that I can do that within /etc/puppet/puppet.conf. -- John Maclean MSc (DIC) Enterprise Linux Systems Engineer -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: facter
I think it is a call from the facter API that let's you define the code to use to get the value for that certain fact you are defining. >From what I know, it let's you use just ruby code. But from that you can call bash code too. For example, you would like a new fact that gives you back your current shell from your ENV. Add a new .rb file under your "module/ $module_name/lib/facter/" directory: Facter.add("shell") do setcode do %x{echo $SHELL} end end the %x is ruby for execute this shell command. Now when you run facter you should you have this new fact called "shell". On Dec 8, 4:50 am, "Baker, Luke" wrote: > I see 'setcode' quite a bit in facter definitions - what does this do / mean? > > --Luke Baker -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Class execution order
Hi! I'm trying to make puppet execute classes in a certain order for a particular node. So this is my test config: class one { exec { "echoone": command => "/bin/echo $var1", } } class two { exec { "echotwo": command => "/bin/echo $var2", } } class three { exec { "echothree": command => "/bin/echo $var3", } } node "client-tpl-puppet.localnet" { $var1 = "1" $var2 = "2" $var3 = "3" include one, two, three } But when I launch puppet client on the node "client-tpl- puppet.localnet" I see that all the classes execute in an absolutely random order. The documentation says I should use stages, but I cannot figure out how to use them in this particular case. Could you show an example? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Rebuild/Swap Puppet master server
I am currently looking into rebuilding my puppet server and possibly switching to new hardware. I am looking for any input that users may have with this process. 1. ) Any one done this before? 2. ) Any gotcha's I need to be aware of? 3. ) Any advice in general ;) -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Certificate verify failed
Hi Nan Thanks for your response. I tried that. But it says that everything is okay. I get "verify return 1" instead of saying why there is a verification error On Dec 8, 10:54 am, Nan Liu wrote: > On Wed, Dec 8, 2010 at 6:20 AM, Kikanny wrote: > > So there is something wrong with the date of the certificate. When I > > do "openssl x509 -text -in -noout /etc/puppet/ssl/certs/client.pem | > > grep -A2 Validity", I get: > > > Validity > > Not Before: Dec 7 14:08:10 2010 GMT > > Not After : Dec 6 14:08:10 2015 GMT > > > However, the current date of the client is Dec 8 which is well within > > the valid range. The date is also the same as master server. But when > > I change the date of the client to Dec 9, everything works fine and I > > don't get that certificate verify failed error anymore. This is > > baffling! Any idea how to fix this? Thanks! > > Let's use openssl to debug this and see if we can get a better error > message indicating why the cert is rejected. In the command below > replace the certs and ca to the appropriate path on your system: > > openssl s_client -host puppet -port 8140 -cert > /var/lib/puppet/ssl/certs/puppet.training.pem -key > /var/lib/puppet/ssl/private_keys/puppet.training.pem -CAfile > /var/lib/puppet/ssl/certs/ca.pem > > A successful connection: > CONNECTED(0003) > depth=1 /CN=puppet.training > verify return:1 > depth=0 /CN=puppet.training > verify return:1 > ... > > Here, I intentionally set the system time to 2009 and the error > message show why the cert was rejected. > CONNECTED(0003) > depth=1 /CN=puppet.training > verify error:num=9:certificate is not yet valid > notBefore=Sep 20 08:01:21 2010 GMT > verify return:0 > > Hope this helps. Thanks, > > Nan -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] [puppet-users] apt and gem package with the same name
Was this resolved? I'm using 2.6.4 and still can't declare packages with the same package name: package { legacy_chunk: name => 'facter', provider => 'rpm', ensure => absent, } package { gem_chunk: name => 'facter', provider => 'gem', ensure => latest } Thank you. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Certificate verify failed
On Wed, Dec 8, 2010 at 6:20 AM, Kikanny wrote: > So there is something wrong with the date of the certificate. When I > do "openssl x509 -text -in -noout /etc/puppet/ssl/certs/client.pem | > grep -A2 Validity", I get: > > Validity > Not Before: Dec 7 14:08:10 2010 GMT > Not After : Dec 6 14:08:10 2015 GMT > > However, the current date of the client is Dec 8 which is well within > the valid range. The date is also the same as master server. But when > I change the date of the client to Dec 9, everything works fine and I > don't get that certificate verify failed error anymore. This is > baffling! Any idea how to fix this? Thanks! Let's use openssl to debug this and see if we can get a better error message indicating why the cert is rejected. In the command below replace the certs and ca to the appropriate path on your system: openssl s_client -host puppet -port 8140 -cert /var/lib/puppet/ssl/certs/puppet.training.pem -key /var/lib/puppet/ssl/private_keys/puppet.training.pem -CAfile /var/lib/puppet/ssl/certs/ca.pem A successful connection: CONNECTED(0003) depth=1 /CN=puppet.training verify return:1 depth=0 /CN=puppet.training verify return:1 ... Here, I intentionally set the system time to 2009 and the error message show why the cert was rejected. CONNECTED(0003) depth=1 /CN=puppet.training verify error:num=9:certificate is not yet valid notBefore=Sep 20 08:01:21 2010 GMT verify return:0 Hope this helps. Thanks, Nan -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Managing a "complex" directory structure
Hello, sorry it took me so long to reply. Thank you for the answer. That has helped me a lot and I think I'm on the correct path now. It is just a lot more verbose than I had hoped :) > A custom function that expands the array would be a bit more > universal, but you can still do this with puppet define resource type > with no ruby code: > > define hadoop::mount { > file { "/mnt/${name}/hadoop": > ensure => directory, > owner => "root", > group => "hadoop", > require => Package["hadoop-0.20"] > ; > } > } > > hadoop::mount { > ["disk1", "disk2", "disk3"]: > } This in combination with virtual resources seems to work[1]. It is pretty complicated and unintuitive though as I can't require + realize a virtual resource at the same time[2] so I have to add placebo definitions that realize the resources so I can require them and subscribe to them. I'm still in the process of converting everything to virtual resources so it doesn't work at the moment but I'll see tomorrow if I can get it working. Can slim it down afterwards if I find better ways to do stuff. > The difference between the system can be written as a custom fact, a > variable set at top scope when defining the nodes, or use parametrized > class (available in 2.6). > > class demo ($disk) { > case $disk { > "2" : { # add resource specific for 2 disk } > "6" : { # add resource specific for 6 disk } > } > # common for all system using class demo > } > > node server1 { > class { "demo": disk => 2 } > } > > node server2 { > class { "demo": disk => 6 } > } That looks interesting. I've read about those new parameterized classes but skipped them for now. Thanks for the hint. I'll take a look at it later when I got the basics working again. Cheers, Lars [1] https://github.com/lfrancke/gbif-puppet/blob/master/modules/hadoop/manifests/init.pp#L22-66 [2] https://github.com/lfrancke/gbif-puppet/blob/master/modules/hadoop/manifests/namenode.pp#L19-24 -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Feature request: queued triggers
On Wed, Dec 8, 2010 at 3:10 PM, Martijn Grendelman wrote: > Hi, > > We have several situations where it is desireable to do catalog runs on > demand. We have 'puppetrun' for that, but it can -and does- happen, that a > catalog run is already in progress when we trigger a run by hand. In that > case, the triggered run is skipped. > > I would like to have the possibility to tell Puppet to queue the trigger, > and when the currently running catalog run is finished, process it and do > another run. > > Does this sound like a good idea? > > Best regards, > Martijn. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > It exists and it is called puppetcommander, part of MCollective. http://docs.puppetlabs.com/mcollective/ Stefan. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Certificate verify failed
So there is something wrong with the date of the certificate. When I do "openssl x509 -text -in -noout /etc/puppet/ssl/certs/client.pem | grep -A2 Validity", I get: Validity Not Before: Dec 7 14:08:10 2010 GMT Not After : Dec 6 14:08:10 2015 GMT However, the current date of the client is Dec 8 which is well within the valid range. The date is also the same as master server. But when I change the date of the client to Dec 9, everything works fine and I don't get that certificate verify failed error anymore. This is baffling! Any idea how to fix this? Thanks! On Dec 6, 6:00 pm, Stefan Schulte wrote: > On Mon, Dec 06, 2010 at 12:13:37PM -0800, Kikanny wrote: > > Whenever I try to connect to the master from the client, I get the > > following error: > > > Could not retrieve catalog from remote server: SSL_connect returned=1 > > errno=0 state=SSLv3 read server certificate B: certificate verify > > failed > > I can think of the following reasons: > * Client generated a new certificate after your master signed one. > * When you connect a new client it retrieves the masters certificate. > When you connect again, the certificate will be checked. If you > rebuild your puppetmaster, your client will not trust its new > certificate. > * You revoked your client's certificate > * You revoked the certificate of your master > > If this is your first attempt to use puppet, try a fresh restart: > * remove /etc/puppet/ssl and/or /var/lib/puppet/ssl on master and client > * puppet cert --list --all should be empty on master > * run puppet master --no-daemonize --verbose on master > * run puppet agent --server masters_hostname --test --waitforcert 15 on > client > * run puppet cert --list and puppet cert --sign on master > > If that does not work, you can check the subject of the certificates > because I think they have to match the hostname. You can do that with > "puppet cert --list" and "puppet cert --print " and on the client > "openssl x509 -text -in /var/lib/puppet/ssl/certs/ca.pem" should work > > -Stefan > > application_pgp-signature_part > < 1KViewDownload -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Certificate verify failed
On 12/06/2010 09:13 PM, Kikanny wrote: > Whenever I try to connect to the master from the client, I get the > following error: > > Could not retrieve catalog from remote server: SSL_connect returned=1 > errno=0 state=SSLv3 read server certificate B: certificate verify > failed > > I tried google and most of the results say the problem is due the > difference in clock between the server and client. However, my server > and client have the same date and time. Here are extra details about > my setup. > > Server: > hostname - puppetmaster > domainname - does not have a domain > fqdn - puppetmaster > > Client: > hostname - puppetclient > domainname - localdomain > fqdn - puppetclient.localdomain > > I have puppetclient and its ip address in the master's /etc/hosts > file. I also have puppetmaster and its ip address in the client's /etc/ > hosts file. I use "puppetd --debug --server puppetmaster" on the > client to connect to the server. The first time it connects, it > requests a certificate from the server. I then use puppetca to sign > the certificate on the master. I get the error after doing that step. > I'm completely clueless. I've tried all sorts of permutations and > cannot get it to work. I guess somewhere, my certificates are getting > screwed up or could it also be because my server does not have a > domain name? But that is one of the requirements. Any help would be > appreciated! Thanks! > I remember similar nightmares. Have you tried certname options on the client node? I.e., puppetd --test --certname= or adding it to puppet.conf? Otherwise, try openssl s_client and connect to the puppetmaster port to see the server certificate. Diff against your cached cert, see if the names are correct etc. HTH, Felix -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Feature request: queued triggers
Hi, We have several situations where it is desireable to do catalog runs on demand. We have 'puppetrun' for that, but it can -and does- happen, that a catalog run is already in progress when we trigger a run by hand. In that case, the triggered run is skipped. I would like to have the possibility to tell Puppet to queue the trigger, and when the currently running catalog run is finished, process it and do another run. Does this sound like a good idea? Best regards, Martijn. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] class name size
On 12/06/2010 01:12 AM, Chris C wrote: > Hi folks, > Is anyone noticing an issue with the length of a class name? If I call > the class syslogng the class fails. If I call the class slng the class > works. Strangely a class named all_hosts works. I remember a weird occurence when a class was outright ignored. When I had lost sanity after some hours of debugging, I renamed it and it worked. Puppet is picky where names are concerned ;-( -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Class and inheritance
On 12/05/2010 07:23 PM, cyrus wrote: > I have the following setup > > http://pastebin.com/bWANRpsP > > And was wondering if anyone could comment on whether my philosophy is > correct. The issue I am having is this. 99% of my systems need to be > configured identically. However every now and then there is a system > that needs a slight tweak. > > As an example, all systems need to have syslog configured. The syslog > class that is included in base simply ensures syslog is installed, > running and pushes out a configuration file. That works for 99% of my > systems but as there is a system every now and then that needs a > slightly different syslog.conf file. How can I build in the logic to > the syslog class so that I can specify different configuration files > farther down the chain if need be? This structure doesn't make much sense. Inherit a class if you need some tweak to the way it behaves, and only then. In your example, you could have class syslog_enable_tcp inherits syslog { # I'm making this up, mkay? ;-) File["/etc/syslog.conf"] { ... } } with the appropriately changed config file. Then your base class include syslog, but on those special machines you mentioned, you include syslog_enable_tcp as well (farther down the chain, as you say). Inherit class base only if any resources defined in it directly (there probably are none) must be different on selected systems. Those systems then include the descendant. Cheers, Felix -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] iteration question
On 12/03/2010 09:48 PM, Don Jackson wrote: > > So here is a scenario: > > I have a directory: > > ./foo > ./foo/file1 > ./foo/file2 > ./foo/file3 > … > ./foo/fileN > > I populate this directory on a configured machine via a recursive file > resource. > > What I would like to do is create a symlink from the parent directory to each > filen in the foo subdirectory? > > Is there some easy way to get puppet to do that? > > Basically I would like to iterate thru > > ln -s ./foo/filen ./filen > > Short of writing a shell script, downloading it, and Exec'ing it? You should be able to come up with a shell one liner and exec that directly. That's what I'd do, if I was desperate to not include the filenames in the manifest at all. Now, if I was free to have an array of filenames in the manifest, I could do something more elegant using a define... HTH, Felix -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Add file size/md5 validation
On 08-12-10 11:19, Leonko wrote: > Hello, > Anybody know how I can make checking file for verify for size/md5sum > and if it not equal my value rewrite it from server. > There may vriant than simple: file { /my/file: ensure => present, > checksum => true,source => "puppet:///files/file"} > ? Isn't that what Puppet does by default, compare the checksum of the file on the client to the one on the server, and if they differ, transfer the file? >From http://docs.puppetlabs.com/references/latest/type.html#file: checksum The default checksum parameter, if checksums are enabled, is md5. Valid values are md5, md5lite, timestamp, mtime, time, none. source Copy a file over the current file. Uses checksum to determine when a file should be copied Regards, Martijn. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Howto check if augeas is available
Hello, Am Wednesday 08 December 2010 11:00:11 schrieb Patrick: > The best answer is usually, "install Augeas when you install Puppet". If > that's not possible, I know of two options: 1) Custom fact wrapper > 2) Use a bootstrap enviroment and don't have your client leave it without > Augeas. Do you know a link to an example for such a "Custom fact wrapper?" > Aside from that, your catalog should compile fine without Augeas on the > client. Are we talking about the server here? Hm. I dont know what you mean. If I just do: include class_using_augeas for all clients, those which don't have augeas installed run into the error "could not run puppet configuration client: could not find a default provider for augeas". I thought that this is a client error message? My Server does have augeas installed. With my solution above I can switch off manually those classes like "class_using_augeas". But It looks like that it must be easy to implement a check for such requirements directly into puppet, maybe with a fact (as you mentioned above). Thats why I asked this question, because I dislike my manual solution. Best regards, Hubert signature.asc Description: This is a digitally signed message part.
[Puppet Users] Add file size/md5 validation
Hello, Anybody know how I can make checking file for verify for size/md5sum and if it not equal my value rewrite it from server. There may vriant than simple: file { /my/file: ensure => present, checksum => true,source => "puppet:///files/file"} ? Thanks -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Howto check if augeas is available
On Dec 8, 2010, at 1:22 AM, Hubert Krause wrote: > Hello List, > > I have a Problem with classes wich uses augeas. if augeas is not installed, > The complete catalog will not compile. So I can not install augeas with a > different class. I have to switch off all classes wich uses augeas, until > augeas is installed. I solved this Problem by introducing the variable > $augeas_avail and do a test in my templates with: > > if $augeas_avail == 'true' { > include class_using_augeas > } > > If there are new machines, I have to put $augeas_avail manually to 'false', > wait until augeas is installed on every machine and after that set > $augeas_avail to 'true' for running the class_using_augeas. > > I would like to use something like: > > if defined(augeas) { ... > > To automate augeas detection. Is this somehow possible? or what about a fact > to determine if augeas is available or not in standart puppet? My > Clientversion is 0.25.4. > Answering your question directly: The best answer is usually, "install Augeas when you install Puppet". If that's not possible, I know of two options: 1) Custom fact wrapper 2) Use a bootstrap enviroment and don't have your client leave it without Augeas. Aside from that, your catalog should compile fine without Augeas on the client. Are we talking about the server here? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: centos add user failed
Thank you! Thank you! I did not knew what is important. On Nov 19, 9:28 pm, Felix Frank wrote: > On 11/17/2010 07:01 PM, Nan Liu wrote: > > > On Wed, Nov 17, 2010 at 4:00 AM, Leonko wrote: > >> Hello, I have problem with creating user under centos: > > >> part of my class: > > >> user {jboss: > >> ensure => present, > >> home => "$jboss_home", > >> shell => "/bin/bash", > >> groups => jboss, > >> } > > > If it's the primary group use gid instead of groups. > > ...or "group" rather than "groups" (plural!). > > groups = -G (and takes an array) > group = -g > > Cheers, > Felix -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: centos add user failed
Thank you. It real help for me/ now I use user { $username: ensure => present, home=> "$home/$username", shell => "/bin/bash", gid => $username, groups => ['wheel','users'], comment => "$uname", password => "$hash"; } Sorry for late reply. On Nov 17, 9:01 pm, Nan Liu wrote: > On Wed, Nov 17, 2010 at 4:00 AM, Leonko wrote: > > Hello, I have problem with creating user under centos: > > > part of my class: > > > user {jboss: > > ensure => present, > > home => "$jboss_home", > > shell => "/bin/bash", > > groups => jboss, > > } > > If it's the primary group use gid instead of groups. > > user {jboss: > ensure => present, > home => "$jboss_home", > shell => "/bin/bash", > gid => jboss, > } > > Thanks, > > Nan -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Howto check if augeas is available
Hello List, I have a Problem with classes wich uses augeas. if augeas is not installed, The complete catalog will not compile. So I can not install augeas with a different class. I have to switch off all classes wich uses augeas, until augeas is installed. I solved this Problem by introducing the variable $augeas_avail and do a test in my templates with: if $augeas_avail == 'true' { include class_using_augeas } If there are new machines, I have to put $augeas_avail manually to 'false', wait until augeas is installed on every machine and after that set $augeas_avail to 'true' for running the class_using_augeas. I would like to use something like: if defined(augeas) { ... To automate augeas detection. Is this somehow possible? or what about a fact to determine if augeas is available or not in standart puppet? My Clientversion is 0.25.4. Best regards, Hubert signature.asc Description: This is a digitally signed message part.
[Puppet Users] Re: Hudson, manitest and the hostname fact
On Nov 22, 3:06 am, Ramon van Alteren wrote: > Hi All, > > We're trying to get a hudson build working for our puppet modules by using > manitest. > > So far we've had good progress but right now we're stumped. > We have a set of manifest/template combinations where the > manifest code uses the hostname fact to pick a specific template tied to a > particular hostname. > > Not the nicest code.. > > However when running manitest with a yaml file from one of the target > servers the manifest fails because the hostname fact is still set to the > hostname of our hudson machine. > It appears that the hostname fact is not replaced by the manitest code, but > we can't figure out why not. > The fqdn fact is set correctly, we verified that the hostname fact is > present in the yaml file, it is. > > This is the manitest snippet that takes care of overriding the facts based > on the yaml: > > node = YAML.load_file options[:node] > > # export all parameters as facter env - overriding our real system values > # this also works for external nodes parameters > puts "Setting up facts:" if options[:debug] > node.parameters.each do |k,v| > begin > if v.is_a?Array > if v.empty? > puts "! converting empty array to empty variable" if > options[:debug] > ENV["facter_#{k}"]='EMPTY' > else > puts "! converting array to joined string" if options[:debug] > ENV["facter_#{k}"]=v.join(", ") > end > else > ENV["facter_#{k}"]=v > end > puts "%s=>'%s'" % [k,ENV["facter_#{k}"]] if options[:debug] > rescue > warn "! failed to set fact #{k} => '#{v}'" if options[:debug] > end > end > > We put some additional code in there to deal with array based facts, which > cause the manitest run to fail. > > Is there anyone who can shed some light on this or knows the issue ? > > We're working with puppet-2.6 and the latest trunk version of manitest. > > Any clues would be appreciated. > > Ramon Ramon, did you ever make progress on this? On your test host is the local puppet.conf parameter node_name set to 'cert'? I may be out of date, but I recall the default values of the 'hostname' 'fqdn' & 'domain' puppet variables would be sourced from the CN of the local cert. The puppet variable 'hostname' is a bit different than the others. I think it's assigned using ||= internally, so your facter fact may not override the existing internal value. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] puppet homebrew package provider
Hi list, for those interested: I've created a homebrew package provider for puppet. You can get it from https://github.com/jedi4ever/puppet-homebrew enjoy :) Patrick P.S. You need a newer version of puppet as it uses the new module structure -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Developing functions
On 12/01/2010 04:04 PM, Trevor Hemsley wrote: > On 01/12/2010 14:53, Martijn Grendelman wrote: >> Hi Trevor, >>> More likely just adding >>> >>> usecacheonfailure = false >>> >>> to the [puppetd] stanza in /etc/puppet/puppet.conf will help. >> I am yet unfamiliar with that option, but just as a remark, there was >> really no 'failure' involved here, it was just that enhancements to my >> code weren't picked up, and Puppet was running an older incantation of my >> function. > > I have often made a 'simple' change to one of my manifests that results > in a syntax error. Without that option, puppet helpfully ignores the > error and presents the older version of the manifest to you resulting in > exactly the symptoms you are complaining about. I don't believe this is accurate. On syntax error, the puppetmaster cannot compose a catalogue. Puppetd will per default use its cached catalogue then. This happens on the client node, the master is unaware of this. When running puppetd --test, nousecacheonfailure is implied. Again, settings that apply to puppetd are *not* going to have an impact on puppetmaster behaviour. The original problem sounds like a bug to me. Regards, Felix -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.