Re: [Puppet Users] Separating puppetmaster file serving and catalogs
On 12/15/2010 07:40 PM, Patrick wrote: On Dec 15, 2010, at 3:09 AM, Felix Frank wrote: On 12/15/2010 12:04 PM, Patrick wrote: I'm looking for a way to run more than one puppetmaster on the same server under passenger. Most of the puppet CPU load is waiting for the catalogs to compile. This also seems to be mostly what takes large amounts of RAM. I have storedconfigs on. I want to be able to move the fileserver to a different pool of puppetmaster processes. Is there an easy way to tell the client, either in the catalog or in the config file, to get the files from a different port than the catalog? Is there a better way to do this? What I really want is for the cheap file requests to stop being blocked by the expensive catalog requests and keep the RAM usage low on the file serving processes. Hi, what springs to mind is a webserver with mod_proxy up front (or in fact, any intelligent reverse proxy), that chooses your actual webserver with respect to request URIs. Fileserver requests do go to a different root directory, yes? Technically, I decided to just pass the catalog requests through instead. Catalog requests are sent to /production/catalog/ so it /should/ be easy to do. Do you have any advice for me before I try separating the proxy into a different (third) VirtualServer? I setup a second server on 8141 and I can send puppet requests to that server just fine too. Then I added these lines in my VirtualHost block: ProxyPass /production/catalog/ https://localhost:8141/production/catalog/ ProxyPassReverse /production/catalog/ https://localhost:8141/production/catalog/ They don't seem to have any effect though. I can see the log entries like this one (I chopped off 3 pages of facts) which shows the URL: Simba.Outer:8140 192.168.2.252 - - [15/Dec/2010:10:21:07 -0800] GET /production/catalog/simba.outer?facts=eNp1 HTTP/1.1 200 95433 - - My config file for the primary virtual server is here: http://pastie.org/1380225 In summery, both servers work, but no redirection is taking place. Hum, I'm not in the habit of using ProxyPass directives. I rather add RewriteRules that include the [P] flag. One stupid idea is to try without trailing slash in the ProxyPass pattern. It may even be necessary to enable mod_rpaf, but it is weird that no proxied request gets logged. Sorry to be of no real help. Felix -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Howto check if augeas is available
Hello Patrick, hello Martijn, thank you both for your sugestions: Am Friday 10 December 2010 21:37:29 schrieb Patrick: On Dec 9, 2010, at 7:14 AM, Martijn Grendelman wrote: On 09-12-10 15:30, Martijn Grendelman wrote: An example: add the following to puppet_path/modules/modulename/lib/facter/augeas_available.rb -- cut here -- require 'facter' Facter.add(augeas_available) do setcode do avail = no Dir.glob(/usr/lib/libaugeas*) { |filename| avail = yes } avail end end -- cut here -- I think this one might be better: https://github.com/camptocamp/puppet-augeas/blob/master/lib/facter/augeasve rsion.rb I think it will check if Augeas and the ruby bindings exist. Both works well. If you modify the glob in Martijns script to: /usr/lib*/libaugeas* it works with Debian and CentOS5 (and RedHat5 of course). The other script works out of the box on both OS. Only One thing made some trouble for me: You have to set executable bits to the fact scripts. May be, this should be documentented in the wiki. Best regards, Hubert -- Hubert Krause Risk Fraud Division INFORM GmbH, Pascalstraße 23, 52076 Aachen, Germany Phone: +49 24 08 - 94 56 5145 E-Mail: hubert.kra...@inform-ac.com, Web: http://www.inform-ac.com INFORM Institut fuer Operations Research und Management GmbH Registered AmtsG Aachen HRB1144 Gfhr. Adrian Weiler signature.asc Description: This is a digitally signed message part.
Re: [Puppet Users] Separating puppetmaster file serving and catalogs
On Wed, 2010-12-15 at 20:15 -0800, Patrick wrote: On Dec 15, 2010, at 1:48 PM, Brice Figureau wrote: On 15/12/10 12:04, Patrick wrote: I'm looking for a way to run more than one puppetmaster on the same server under passenger. Most of the puppet CPU load is waiting for the catalogs to compile. This also seems to be mostly what takes large amounts of RAM. I have storedconfigs on. If you don't need the full storedconfigs, you can use thin_storedconfigs for wy better performance. Thanks. I'm actually doing that, and misspoke in the first post. Is there a better way to do this? What I really want is for the cheap file requests to stop being blocked by the expensive catalog requests and keep the RAM usage low on the file serving processes. You can use what I called file serving offloading: http://www.masterzen.fr/2010/03/21/more-puppet-offloading/ The file offloading is interesting. So if I'm reading that right, that only makes a difference if some of the files are not in sync? Actually yes, because the file content is sent only if the checksum differs (and if you provision many new nodes at the same time, then it can help). One solution would be to offload metadata computation to a native nginx module (it's something easy to do once you know how to code nginx module). My original error was that I didn't set: SSLProxyEngine on Now I'm just getting errors that say all requests are forbidden. I assume this is because the puppetmaster isn't seeing the headers from apache that have the SSL information. You must setup your file serving master exactly like your catalog (or general) master. -- Brice Figureau Follow the latest Puppet Community evolutions on www.planetpuppet.org! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Separating puppetmaster file serving and catalogs
On Dec 16, 2010, at 12:45 AM, Felix Frank wrote: On 12/15/2010 07:40 PM, Patrick wrote: On Dec 15, 2010, at 3:09 AM, Felix Frank wrote: On 12/15/2010 12:04 PM, Patrick wrote: I'm looking for a way to run more than one puppetmaster on the same server under passenger. Most of the puppet CPU load is waiting for the catalogs to compile. This also seems to be mostly what takes large amounts of RAM. I have storedconfigs on. I want to be able to move the fileserver to a different pool of puppetmaster processes. Is there an easy way to tell the client, either in the catalog or in the config file, to get the files from a different port than the catalog? Is there a better way to do this? What I really want is for the cheap file requests to stop being blocked by the expensive catalog requests and keep the RAM usage low on the file serving processes. Hi, what springs to mind is a webserver with mod_proxy up front (or in fact, any intelligent reverse proxy), that chooses your actual webserver with respect to request URIs. Fileserver requests do go to a different root directory, yes? Technically, I decided to just pass the catalog requests through instead. Catalog requests are sent to /production/catalog/ so it /should/ be easy to do. Do you have any advice for me before I try separating the proxy into a different (third) VirtualServer? I setup a second server on 8141 and I can send puppet requests to that server just fine too. Then I added these lines in my VirtualHost block: ProxyPass /production/catalog/ https://localhost:8141/production/catalog/ ProxyPassReverse /production/catalog/ https://localhost:8141/production/catalog/ They don't seem to have any effect though. I can see the log entries like this one (I chopped off 3 pages of facts) which shows the URL: Simba.Outer:8140 192.168.2.252 - - [15/Dec/2010:10:21:07 -0800] GET /production/catalog/simba.outer?facts=eNp1 HTTP/1.1 200 95433 - - My config file for the primary virtual server is here: http://pastie.org/1380225 In summery, both servers work, but no redirection is taking place. Hum, I'm not in the habit of using ProxyPass directives. I rather add RewriteRules that include the [P] flag. One stupid idea is to try without trailing slash in the ProxyPass pattern. It may even be necessary to enable mod_rpaf, but it is weird that no proxied request gets logged. Sorry to be of no real help. Felix -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: puppetmaster 100%cpu usage on 2.6 (not on 0.24)
On Wed, 2010-12-15 at 19:47 -0500, Ashley Penney wrote: Just to reply to this - like I said earlier I can get this problem with 1 node checking in against puppetmaster. All the puppetmasterd processes use maximum CPU. It's not a scaling issue considering serving one node is certainly not going to max out a newish physical server. This looks like a bug to me. Do your manifests use many file sources? And/or recursive file resources? It's possible that those masters are spending their time checksuming files. Like I said earlier in the thread the only real way to know is to use Puppet introspection: http://projects.puppetlabs.com/projects/1/wiki/Puppet_Introspection -- Brice Figureau Follow the latest Puppet Community evolutions on www.planetpuppet.org! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Separating puppetmaster file serving and catalogs
On Dec 16, 2010, at 12:45 AM, Felix Frank wrote: On 12/15/2010 07:40 PM, Patrick wrote: In summery, both servers work, but no redirection is taking place. Hum, I'm not in the habit of using ProxyPass directives. I rather add RewriteRules that include the [P] flag. One stupid idea is to try without trailing slash in the ProxyPass pattern. It may even be necessary to enable mod_rpaf, but it is weird that no proxied request gets logged. Actually, I got that working. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Could not find class
On 16/12/10 01:48, Dmytro Bablinyuk wrote: Hi Everybody, I am sure that I am missing something very obvious, I have installed rsync package git clone https://github.com/camptocamp/puppet-rsyncd.git rsync The path r...@puppet-master:/etc/puppet/modules/rsync/manifests/classes# ls -l total 4 -rw-r--r-- 1 root root 1078 2010-12-16 09:54 rsyncd.pp The manifest file package { [rsync, xinetd]: ensure = present } service { xinetd: ensure = running } include rsyncd rsyncd::export { etc: path = /etc, chroot = true, gid = staff, allow = [172.16.50.4, 172.16.41.10], } I have error on the client r...@puppet-client-ubuntu:~# puppetd --test info: Retrieving plugin err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not find class rsyncd at /etc/puppet/manifests/site.pp: 33 on node puppet-client-ubuntu.harbour warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run How do I specify path to the rsyncd class? The include rsyncd line causes Puppet to look for /etc/puppet/modules/rsyncd/manifests/init.pp which you don't have. Try renaming the rsync checkout folder to rsyncd. Dan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Could not find class
That github link doesn't work for me so don't know the internals of this module, but if the module is called rsync, as indicated by this module path: /etc/puppet/modules/rsync/, then any sub classes of that should be in the rsync namespace... Are you sure it's not supposed to be rsync::rsyncd? A base class called 'rsyncd' would mean there'd be a module etc/puppet/ modules/rsync/rsyncd/, not a rsyncd.pp under the rsync module... What you've shown of this module's structure looks quite strange to me. On Dec 16, 1:48 am, Dmytro Bablinyuk bablin...@gmail.com wrote: Hi Everybody, I am sure that I am missing something very obvious, I have installed rsync package git clonehttps://github.com/camptocamp/puppet-rsyncd.gitrsync The path r...@puppet-master:/etc/puppet/modules/rsync/manifests/classes# ls -l total 4 -rw-r--r-- 1 root root 1078 2010-12-16 09:54 rsyncd.pp The manifest file package { [rsync, xinetd]: ensure = present } service { xinetd: ensure = running } include rsyncd rsyncd::export { etc: path = /etc, chroot = true, gid = staff, allow = [172.16.50.4, 172.16.41.10], } I have error on the client r...@puppet-client-ubuntu:~# puppetd --test info: Retrieving plugin err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not find class rsyncd at /etc/puppet/manifests/site.pp: 33 on node puppet-client-ubuntu.harbour warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run How do I specify path to the rsyncd class? Thank you Dmytro -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Could not find class
Dmytro, I'm a git noob :) I've had a look at the module now. I wouldn't say it's designed that well and I think a few people on this list would agree. To fix your problem I think you'll have to include rsync first, which will then import classes/*.pp, which will then allow Puppet to find the rsyncd class. This is a bad design as rsyncd should really be it's own module or a subclass rather than relying on including a class that actually does nothing but import other .pp files. When thinking about the rsync software itself, the module could be designed better. You can't have just an rsync client with this module (ie: just Package[rsync]), you only get an rsync server. That means if you wanted to Puppetify an rsync client you'd need another module/ class, which would then leave to multiple declaration problems if a node is a client AND a server as both would try declare Package[rsync]. A better idea would be something like this: class rsync installs rsync software class rsync::rsyncd include rsync (for the software) turns on rsyncd, contains a define to setup rsyncd exports And the actual module structure would look like this, which requires zero import statements: modules/rsync/init.pp - contains class rsync modules/rsync/rsyncd.pp - contains class rsync::rsyncd Lastly, I personally don't like the name of the define rsyncd::export as the double colon kind of denotes they are parent and child classes, but that's just me. Anyway, if you really want to use this module you could try include rsync before include rsyncd. You will have to remove your own declaration of Package[rsync] as this is already done in the rsyncd module and will cause a multiple declaration error. My recommendation is to write a better module yourself, you'll learn more that way :) Hope this helps, -Luke On Dec 16, 9:58 am, luke.bigum luke.bi...@fasthosts.co.uk wrote: That github link doesn't work for me so don't know the internals of this module, but if the module is called rsync, as indicated by this module path: /etc/puppet/modules/rsync/, then any sub classes of that should be in the rsync namespace... Are you sure it's not supposed to be rsync::rsyncd? A base class called 'rsyncd' would mean there'd be a module etc/puppet/ modules/rsync/rsyncd/, not a rsyncd.pp under the rsync module... What you've shown of this module's structure looks quite strange to me. On Dec 16, 1:48 am, Dmytro Bablinyuk bablin...@gmail.com wrote: Hi Everybody, I am sure that I am missing something very obvious, I have installed rsync package git clonehttps://github.com/camptocamp/puppet-rsyncd.gitrsync The path r...@puppet-master:/etc/puppet/modules/rsync/manifests/classes# ls -l total 4 -rw-r--r-- 1 root root 1078 2010-12-16 09:54 rsyncd.pp The manifest file package { [rsync, xinetd]: ensure = present } service { xinetd: ensure = running } include rsyncd rsyncd::export { etc: path = /etc, chroot = true, gid = staff, allow = [172.16.50.4, 172.16.41.10], } I have error on the client r...@puppet-client-ubuntu:~# puppetd --test info: Retrieving plugin err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not find class rsyncd at /etc/puppet/manifests/site.pp: 33 on node puppet-client-ubuntu.harbour warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run How do I specify path to the rsyncd class? Thank you Dmytro -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] puppetmaster 100%cpu usage on 2.6 (not on 0.24)
I have same issuer with running puppentmaster and puppted in same host. When I updated ruby to 1.8.7 enterprise It resolve problem for me. Leonid S. Batizhevsky On Tue, Dec 14, 2010 at 11:24, Chris iwouldratherbesleeping...@gmail.com wrote: Hi I recently upgraded my puppet masters (and clients) from 0.24.8 to 2.6.4 Previously, my most busy puppet master would hover around about 0.9 load average, after the upgrade, its load hovers around 5 I am running passenger and mysql based stored configs. Checking my running processes, ruby (puppetmasterd) shoots up to 99% cpu load and stays there for a few seconds before dropping again. Often there are 4 of these running simultaneously, pegging each core at 99% cpu. It seems that there has been a serious performance regression between 0.24 and 2.6 for my configuration I hop the following can help work out where... I ran puppetmasterd through a profiler to find the root cause of this (http://boojum.homelinux.org/profile.svg). The main problem appears to be in /usr/lib/ruby/site_ruby/1.8/puppet/parser/ast/resource.rb, in the evaluate function. I added a few timing commands around various sections of that function to find the following breakdown of times spent inside it, and the two most intensive calls are --- paramobjects = parameters.collect { |param| param.safeevaluate(scope) } --- and --- resource_titles.flatten.collect { |resource_title| exceptwrap :type = Puppet::ParseError do resource = Puppet::Parser::Resource.new( fully_qualified_type, resource_title, :parameters = paramobjects, :file = self.file, :line = self.line, :exported = self.exported, :virtual = virt, :source = scope.source, :scope = scope, :strict = true ) if resource.resource_type.is_a? Puppet::Resource::Type resource.resource_type.instantiate_resource(scope, resource) end scope.compiler.add_resource(scope, resource) scope.compiler.evaluate_classes([resource_title],scope,false) if fully_qualified_type == 'class' resource end }.reject { |resource| resource.nil? } --- Unfortunately, that is about the limit of my current ruby skills. What else can be looked at to speed 2.6 back up to the performance of 0.24? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] function_file error
i've inherited a system managed by Puppet and have upgraded puppet from 0.24.4 to 2.6.4. I upgraded facter as well; in both instances i used the latest versions. There are a few issue, the most major of which atm seems to be this: undefined method `function_file' for #Puppet::Parser::Scope: 0x7f7b32ee3540 NOne of the files have been altered. Anyone have any ideas? Thanks Martin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] how to us a var in define as $namevar
Hi, I have this code: define software_mount ($vo_name) { [...] device = server:/$vo_name, [...] } And I'd like to use $vo_name a type name, so I could use it like: software_mount { ['vo_name1' , 'vo_name2', ..., 'vo_nameN' ] } or even: software_mount { ['vo_name1' , 'vo_name2', ..., 'vo_nameN' ] : vo_name = $namevar } I've been playing with $namevar inside the define, but all my tries fail (I have a collection of errros and has no sense to post all of them). Anyone could give a hand on this? TIA, Arnau -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] how to us a var in define as $namevar
On Thu, Dec 16, 2010 at 7:10 AM, Arnau Bria arnaub...@pic.es wrote: Hi, I have this code: define software_mount ($vo_name) { [...] device = server:/$vo_name, [...] } And I'd like to use $vo_name a type name, so I could use it like: software_mount { ['vo_name1' , 'vo_name2', ..., 'vo_nameN' ] } or even: software_mount { ['vo_name1' , 'vo_name2', ..., 'vo_nameN' ] : vo_name = $namevar } I've been playing with $namevar inside the define, but all my tries fail (I have a collection of errros and has no sense to post all of them). Anyone could give a hand on this? If you want to use the resource title, simply use $title or $name within the define. define software_mount { notify { $name: } } software_mount { [foo, bar]: } Thanks, Nan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Separating puppetmaster file serving and catalogs
On Dec 15, 10:03 pm, Patrick kc7...@gmail.com wrote: On Dec 15, 2010, at 6:08 AM, jcbollinger wrote: On Dec 15, 5:04 am, Patrick kc7...@gmail.com wrote: I'm looking for a way to run more than one puppetmaster on the same server under passenger. Most of the puppet CPU load is waiting for the catalogs to compile. This also seems to be mostly what takes large amounts of RAM. I have storedconfigs on. I want to be able to move the fileserver to a different pool of puppetmaster processes. Is there an easy way to tell the client, either in the catalog or in the config file, to get the files from a different port than the catalog? You can write source = puppet://alternative_server/... instead of source = puppet:/// If alternative_server resolves to the same physical machine then apache can direct it to a different virtual host. (And if it resolves to a different physical machine then no worries on that level.) I'm not sure, however, whether you can run separate copies of Passenger in different vhosts. (But if not, then it would be a desirable feature.) This is a backup plan, but I would like to do this automatically without needing to change the manifests. If you want Apache to distinguish file requests from catalog requests, and based on that distinction to direct each type of request to a different vhost, then mod_rewrite is probably your best bet. Possibly mod_proxy would help. Is there a better way to do this? What I really want is for the cheap file requests to stop being blocked by the expensive catalog requests and keep the RAM usage low on the file serving processes. I don't know whether it's better, but since you're serving through Apache anyway, you could serve your files directly via http. That has implications on where you put said files on disk and on both client and file system security management, but it ought to be very fast, and it will scale as Apache itself does. Is there a good way to do this without breaking subscription and notify? Why do you suppose it would break subscription and notification? I'm not sure it wouldn't, but it's by no means obvious to me that it would. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: function_file error
Sorted; had old rb files in /usr/lib/ruby/1.8/puppet.New files were in /usr/local/lib/site_ruby/1.8/puppet. renamed first to something else and bingo it works. On Dec 16, 1:43 pm, boddiesdrinker martin.s...@gmail.com wrote: i've inherited a system managed by Puppet and have upgraded puppet from 0.24.4 to 2.6.4. I upgraded facter as well; in both instances i used the latest versions. There are a few issue, the most major of which atm seems to be this: undefined method `function_file' for #Puppet::Parser::Scope: 0x7f7b32ee3540 NOne of the files have been altered. Anyone have any ideas? Thanks Martin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] file: ensure = present, purge = true
Hello All, I'm not sure what I'm missing here, but when defining a file resource, to use as my yum repo, I can't seem to be able to purge other files in the directory. For instance, I just want to have base.repo under /etc/yum.repos.d/, so I'm using: file { /etc/yum.repos.d/base.repo: owner = root, group = root, mode = 0644, purge = true, recurse = true, force = true, replace = true, content = template(yum/base.repo.erb) } The code creates the file, but fails to purge the rest of the data in that dir. Can anyone see what I'm missing here? Thanks, -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] how to us a var in define as $namevar
On Thu, 16 Dec 2010 07:29:18 -0700 Nan Liu wrote: If you want to use the resource title, simply use $title or $name within the define. yes it has more sense .. Thanks, Nan Thanks, Arnau -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] source /etc/profile
On 15 December 2010 18:01, Adrian Tofan tofan.adr...@gmail.com wrote: Here is what I managed to do: I was forced to replace package {buildr:ensure=installed} with : $java_home = /usr/lib/jvm/java-1.5.0-sun exec { install_buildr: command = echo 'export JAVA_HOME=$java_home;gem install -y buildr'|/bin/bash, path = /usr/local/bin:/usr/bin:/usr/sbin:/bin, require = Package[sun-java5-jdk], unless = gem list buildr|grep buildr } 1. it may be possible to initialize $java_home from /etc/profile but I guess that is not that important If you're going to specifically execute bash, it might be cleaner to spawn it as a login shell and actually get the profile sourcing (the INVOCATION section of the bash man page). There's also the environment parameter for the exec resource as well, which means you specifically set up the environment and not have do the bash trick. Finally, I've been using the gem query command to report on installed gems: define install-gem ($version = '') { exec { gem $name $version: path = ${thirdparty::cwd}/jruby-1.5.5/bin:/bin:/usr/bin, environment = GEM_HOME=$path, command = jruby -S gem install $name --version $version --install-dir $path --config-file $cfg, unless = jruby -S gem query -i --name-matches $name --version $version --config-file $cfg, require = [ Class[jruby], File[$path], File[$cfg] ], } } It's nice because it returns success/failure and so doesn't require the grep. 2. I am not sure how it will handle errors as the commands are piped to bash Bash will return the exit status of the last command: [x01...@addict rpmbuild]$ echo true; false | bash [x01...@addict rpmbuild]$ echo $? 1 [x01...@addict rpmbuild]$ echo false; true | bash [x01...@addict rpmbuild]$ echo $? 0 Thank you all for the suggestions. -- Jonathan Barber jonathan.bar...@gmail.com -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: source /etc/profile
On 15 December 2010 13:08, Adrian Tofan tofan.adr...@gmail.com wrote: Thank you for an interesting idea , Hi Adrian, I'm not sure but I imagine by just trying to 'source' the profile within the current puppet runtime the scope will be lost as it would be called within an exec? Obviously if you are not worried about running puppet multiple times you might be able to source it in your 'prerun_command' script I didn't manage to convince puppet to source the profile... I've tried to add in [agent] section prerun_command=/root/somecommand but the command was not executed and I didn't see any log about it. According to the source (0.25.5), prerun commands are executed in child processes, so when the child exits, their environment is lost. Regards -- Jonathan Barber jonathan.bar...@gmail.com -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: function_file error
Spoke too soon. If i run puppetd like this: sudo puppetd --test --noop -v i get the error: err: Failed to parse template postfix/relayhost.erb: undefined method `function_file' for #Puppet::Parser::Scope:0x7fc135e5b0e8 at /etc/ puppet/testing/modules/postfix/manifests/init.pp:114 on node ip-10-250-14-118.ec2.internal Help. Thanks again Martin On Dec 16, 3:25 pm, boddiesdrinker martin.s...@gmail.com wrote: Sorted; had old rb files in /usr/lib/ruby/1.8/puppet.New files were in /usr/local/lib/site_ruby/1.8/puppet. renamed first to something else and bingo it works. On Dec 16, 1:43 pm, boddiesdrinker martin.s...@gmail.com wrote: i've inherited a system managed by Puppet and have upgraded puppet from 0.24.4 to 2.6.4. I upgraded facter as well; in both instances i used the latest versions. There are a few issue, the most major of which atm seems to be this: undefined method `function_file' for #Puppet::Parser::Scope: 0x7f7b32ee3540 NOne of the files have been altered. Anyone have any ideas? Thanks Martin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: file: ensure = present, purge = true
I'm using puppet 0.25.5 On Dec 16, 10:26 am, CraftyTech hmmed...@gmail.com wrote: Hello All, I'm not sure what I'm missing here, but when defining a file resource, to use as my yum repo, I can't seem to be able to purge other files in the directory. For instance, I just want to have base.repo under /etc/yum.repos.d/, so I'm using: file { /etc/yum.repos.d/base.repo: owner = root, group = root, mode = 0644, purge = true, recurse = true, force = true, replace = true, content = template(yum/base.repo.erb) } The code creates the file, but fails to purge the rest of the data in that dir. Can anyone see what I'm missing here? Thanks, -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Separating puppetmaster file serving and catalogs
On 12/16/2010 10:28 AM, Patrick wrote: On Dec 16, 2010, at 1:04 AM, Brice Figureau wrote: My original error was that I didn't set: SSLProxyEngine on Now I'm just getting errors that say all requests are forbidden. I assume this is because the puppetmaster isn't seeing the headers from apache that have the SSL information. You must setup your file serving master exactly like your catalog (or general) master. I did. The problem is that I don't know enough about apache so I'm doing something wrong. I think this is the problem: The first layer is stripping out the client's certificate. Then the second layer is stripping out the success headers leaving the puppetmaster with not authentication information. The real problem is that I don't know how to tell Apache to send on the request and don't touch anything. Tough call. There is no such thing as a transparent SSL proxy afaik, because without decrypting requests, the proxy cannot make any header based decisions. This may well be a dead end then. Is it possible to have the fileserving subset of puppetmasters running without any SSL support? That's throwing security out of the windows of course, so the proxy should be able to determine (say, by IP rule?) what clients are allowed and which aren't. If such an approach is at all possible, the complete implementation would include giving the proxy the means to recognize valid client certificates. Even if this should work - is it work all that hassle? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Separating puppetmaster file serving and catalogs
Is it possible to have the fileserving subset of puppetmasters running without any SSL support? That's throwing security out of the windows of course, so the proxy should be able to determine (say, by IP rule?) what clients are allowed and which aren't. This seems like a job for a new file provider. If memory serves, this is more involved than just adding a provider because of something about files not working like other resource types. Bueller? I think it'd be very valuable to be able to pick file providers that grabbed file content from arbitrary HTTP servers, from tarballs, from stdout of an arbitrary command, etc. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Separating puppetmaster file serving and catalogs
On 12/16/2010 05:06 PM, Richard Crowley wrote: Is it possible to have the fileserving subset of puppetmasters running without any SSL support? That's throwing security out of the windows of course, so the proxy should be able to determine (say, by IP rule?) what clients are allowed and which aren't. This seems like a job for a new file provider. If memory serves, this is more involved than just adding a provider because of something about files not working like other resource types. Bueller? I think it'd be very valuable to be able to pick file providers that grabbed file content from arbitrary HTTP servers, from tarballs, from stdout of an arbitrary command, etc. Ah, misunderstanding. The client does use SSL. It is terminated at the HTTP proxy (that runs on the master host). The trick is to make the puppetmaster swallow up unencrypted (and thus unauthenticated) traffic from the proxy. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Autorequiring and dependency problem
On Dec 15, 4:27 pm, Jay N. the.s...@gmail.com wrote: Hi, I have a dependency problem in my configuration. I have thoses 2 objects. file { /etc/puppet/files: ... } file { /etc/puppet: ... require = File[/etc/puppet/files], } I thought I would have no problem with that but /etc/puppet is autorequired by /etc/puppet/files, which means a dependency cycle. So my first question is, is there a way to avoid that unwanted autorequiring? Let me explain my choice : I first change the owner of /etc/puppet/ files for someone else than root being able to write. Then I commit my svn configuration into /etc/puppet/files ( I do like that because root doesn't have the right to checkout, only some users does ), and in the end I update my puppet configuration ( with the /etc/puppet object ) using the checkouted files. Maybe there's a better way to do it. As I interpret what you wrote, you are giving Puppet conflicting definitions for the properties of /etc/puppet/files and its contents: one set of definitions in resource File[/etc/puppet/files] and a different set indirectly via recursion from File[/etc/puppet]. This is not the Puppet Way, and you are likely to continue to have problems as long as you're fighting Puppet. Each managed resource's properties should be defined exactly once. Whenever you think I first [...]. Then I [...], you are trying to use a Puppet configuration as a script, and that will mainly get you into trouble. To master Puppet you must let go of the script engine mentality. Puppet provides resource depenencies are all about state (just like the rest of the DSL). For example, directory /etc/puppet/ files cannot exist unless /etc/puppet exists and is a directory, therefore the former depends on the latter, whether you model it explicitly or not. The Puppet agent does use that information to choose an acceptable order to apply resources, but if you focus on that detail then you are missing the point. To put it an entirely different way, never try to model transient state in your Puppet configuration. It goes against the tao of Puppet. [...] The weird thing I realized is that if I change my exec to : exec { Dirty way: command = chgrp grpsvn /etc/puppet/files, path = /usr/bin:/usr/sbin, unless = cd /etc; ls -la puppet/files | head -2 | grep grpsvn, } then I don't have any more the autorequire and the configuration is working just fine. Puppet is only a program. If you try hard enough, you can usually trick it. Doing so is rarely a good idea. Is it normal that puppet parses the unless parameter ( and maybe others ) to find autorequirements? Yes. Isn't it too much autorequirements? No. You have several alternatives that should achieve the end result you want, while being more in line with Puppet's model: 1) Give root svn access 2) Make the files (permanently) writable by some non-root user, and perform the svn update as that user. The user can be a system user such as puppet. Do not twiddle ownership or permissions back and forth. 3) Find or create an svn resource type to add to Puppet that will handle the twiddling for you. 4) Move all the ownership and permission twiddling into your checkout script (i.e. remove the two File resources with which you are currently trying to do the twiddling). That will make the overall operation atomic from Puppet's perspective, which is a good thing. 5) If you only want to manage your puppetmaster in this particular way (which seems possible given the specific resources involved) then it may be more reasonable to do it manually. That will also give you the opportunity to temporarily shut down puppetmasterd while you do so, to avoid clients getting an inconsistent view of the files if they happen to request them while the update is in progress. You could schedule that with cron if you can accommodate puppetmasterd not coming back up in the event that the script errors out. Good luck, John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Issue upgrading to 2.6.3
Hi all, I seem to be having an odd issue since upgrading from 0.25.4 to 2.6.3 with a template based external file resource. On the clients that define the resource I get the following error: err: Could not retrieve catalog from remote server: Error 400 on SERVER: Failed to parse template backup/backuppc.host.pl: undefined method ach' for :undef:Symbol at manifest that contains the exported resource This worked fine before. Any ideas? Stu -- From the prompt of Stu Teasdale Ah, sweet Springtime, when a young man lightly turns his fancy over! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: function_file error
The template file has this code: relay = scope.function_file([/etc/puppet/secrets/smtp/ + name + / relay]).chomp Could it be the form of the file function which has changed? On Dec 16, 3:45 pm, boddiesdrinker martin.s...@gmail.com wrote: Spoke too soon. If i run puppetd like this: sudo puppetd --test --noop -v i get the error: err: Failed to parse template postfix/relayhost.erb: undefined method `function_file' for #Puppet::Parser::Scope:0x7fc135e5b0e8 at /etc/ puppet/testing/modules/postfix/manifests/init.pp:114 on node ip-10-250-14-118.ec2.internal Help. Thanks again Martin On Dec 16, 3:25 pm, boddiesdrinker martin.s...@gmail.com wrote: Sorted; had old rb files in /usr/lib/ruby/1.8/puppet.New files were in /usr/local/lib/site_ruby/1.8/puppet. renamed first to something else and bingo it works. On Dec 16, 1:43 pm, boddiesdrinker martin.s...@gmail.com wrote: i've inherited a system managed by Puppet and have upgraded puppet from 0.24.4 to 2.6.4. I upgraded facter as well; in both instances i used the latest versions. There are a few issue, the most major of which atm seems to be this: undefined method `function_file' for #Puppet::Parser::Scope: 0x7f7b32ee3540 NOne of the files have been altered. Anyone have any ideas? Thanks Martin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Template Samples
where can i get some template samples that use the function_ references? Many Thanks Martin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] What am I doing wrong?
Hello I need some help with a problem I cant figure out. I tried to look for the same problem in the puppet forums but I couldn't find anything. I have created a custom Type and a custom Provider but I keep getting the same error not matter what I do. So any help will very appreciated. My Type is called 'servicemanager' My Provider is called 'hostmanager' Please see attachment for these files. And my manifest file looks like: servicemanager{ some_name: artifact= some_name, action = stopped, release = $releases_file, provider= hostmanager; } But I keep getting the following error message: err: /Stage[main]/some_name/Servicemanager[some_name]: Could not evaluate: No ability to determine if servicemanager exists OR err: Could not run Puppet configuration client: No ability to determine if servicemanager exists I even tried adding a def exists? function in hostmanager.rb and that didnt help. BTW.. I have pluginsync = true on both client and the master in puppet.conf. Also my Type servicemanager.rb is in /etc/puppet/modules/custom/lib/puppet/type, and my Provider hostmanager.rb is in /etc/puppet/modules/custom/lib/puppet/provider/servicemanager Thanks Umair -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. hostmanager.rb Description: Binary data servicemanager.rb Description: Binary data
Re: [Puppet Users] What am I doing wrong?
On Thu, Dec 16, 2010 at 01:45:17PM -0600, Umair Ghani wrote: Hello [...] But I keep getting the following error message: err: /Stage[main]/some_name/Servicemanager[some_name]: Could not evaluate: No ability to determine if servicemanager exists OR err: Could not run Puppet configuration client: No ability to determine if servicemanager exists I even tried adding a def exists? function in hostmanager.rb and that didnt help. Puppet handles states not actions. So if you want to define that a service is running, puppet must have the ability to query if it's running already. my comments (your problem is #3 and #4) 1. you use one property for two things. What if you want to say that your service is installed and running? 2. restarted is not really a state. But you can define that your restart method should get called upon refresh (look in service.rb how such a refresh method can be defined) 3. you said ensurable. That's just a shortcut to say that you have an ensure property which handles absent and present. This means that your type (or preferable the provider) must have three functions: - exists? to retrieve the current state - create to create your type if it does not exist while it should - destroy to delete your type if it does exists while it should not If an ensure property doesnt make any sense for your type dont say ensurable 4. Your action property doesnt have any retrieve method so puppet cannot check if this property is in sync or not. Because I guess a servicemanager resource can be installed AND running, you should split that at least in two properties. Then you have to define a retrieve method. The default (defined in property.rb) is to just call provider.propertyname so just add a method called »action« in hostmanager.rb. That method must return a valid value (:stopped or :running). 5. If you define commands :hostmanager = '...' you get a hostmanager method for free so you can just say: hostmanager '-s', @resource[:name], '-r', @resource[:release], '--install' If you want to have the command as a string #{:hostmanager} just converts the symbol hostmanager to a string (which is hostmanager). I think what you wanted to say is #{command(:hostmanager)} which will give you /usr/local/bin/hostmanager.py Hope that helps. -Stefan pgpo5ORZfXZfy.pgp Description: PGP signature
Re: [Puppet Users] Separating puppetmaster file serving and catalogs
On Dec 16, 2010, at 7:55 AM, Felix Frank wrote: On 12/16/2010 10:28 AM, Patrick wrote: On Dec 16, 2010, at 1:04 AM, Brice Figureau wrote: My original error was that I didn't set: SSLProxyEngine on Now I'm just getting errors that say all requests are forbidden. I assume this is because the puppetmaster isn't seeing the headers from apache that have the SSL information. You must setup your file serving master exactly like your catalog (or general) master. I did. The problem is that I don't know enough about apache so I'm doing something wrong. I think this is the problem: The first layer is stripping out the client's certificate. Then the second layer is stripping out the success headers leaving the puppetmaster with not authentication information. The real problem is that I don't know how to tell Apache to send on the request and don't touch anything. Tough call. There is no such thing as a transparent SSL proxy afaik, because without decrypting requests, the proxy cannot make any header based decisions. This may well be a dead end then. Ah. See below for a different idea then. If such an approach is at all possible, the complete implementation would include giving the proxy the means to recognize valid client certificates. The proxy can and is recognizing valid certificates. The problem is passing that information on to the puppetmaster because I really don't know how to do that. I also don't know exactly which headers the puppetmaster uses. I'm thinking that if I do this, I need to remove the SSL from the file server VirtualHost and just pass the information directly through. Even if this should work - is it work all that hassle? This is a much better question. I'm going to work on it a little more though. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: n00b questions - verbosity of config????
Hi Felix, Thanks for this - I am liking it. define remotefile($path, $module, $owner = root, $group = root, $mode = 0644, $ensure = present) { file { $name: ensure = $ensure, mode= $mode, owner = $owner, group = $group, source = puppet:///modules/$module/$path, } } I tweaked it a bit: define remotefile( $owner = root, $group = root, $mode = 0644, $ensure = present) { file { $name: ensure = $ensure, mode= $mode, owner = $owner, group = $group, source = puppet:///files/$name, } } and class syslog { remotefile { /tmp/etc/syslog-ng/syslog-ng.conf: } } which is what I call concise (/tmp intentional). This compells me to elaborate a bit more. The problem with the above is that you cannot have a remotefile that doesn't care about the mode (i.e., let puppet accept whatever mode it finds on the client machine). If you just speicfy remotefile { /etc/motd: module = all } the mode will be forced to 0644, which may not be what you want in edge cases. This is the pattern we use for this problem: define remotefile($mode = ) { Sorry - I don;t understand this - is this pure ruby or puppet language? if $mode != { File { mode = $mode } } If it were ruby, I might have expected File:Stat or whatever - but I can't find any docs on the puppet site describing File. any chance of a quick explanation please? I sort of see what the intent is - but not how it actually works. file { $name: source = puppet:///.../$name } } Actually, our remotefile has similar support for about *all* parameters that file supports, except that owner and group indeed default to root (you would not want to not set those explicitly). Also note that the path parameter is optional in our implementation. Normally the URL uses $name, so if you need to override that behaviour, you can fall back to specifying the path. This is handled by if-else logic in the define. Cheers, Felix Many thanks, Tim BTW I am looking next to try a define something to do nodes.pp so I can declare A inherits B and have it set up some magic that the remotefile function can use inherently. Back with more on this if I get something working or get stuck... -- Tim Watts Personal Email -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] exec prior to changes
Hello All, Is there a way to execute an exec prior making a change from a different resource type? For instance: Is there a way that I can do exec { /code/backup.sh}, prior to doing file { /etc/whatever: ensure = present, content = Template[puppet:///whatever]}. Neither subscribe nor notify will do the trick, as I'd like to execute the script only if there's a change about to take place, and I want to a backup of the file first. Thanks, -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet-dev] Re: [Puppet Users] What am I doing wrong?
YES ...that helped alot...I got it working now.. Thank you very much Umair On Thu, Dec 16, 2010 at 3:03 PM, Stefan Schulte stefan.schu...@taunusstein.net wrote: On Thu, Dec 16, 2010 at 01:45:17PM -0600, Umair Ghani wrote: Hello [...] But I keep getting the following error message: err: /Stage[main]/some_name/Servicemanager[some_name]: Could not evaluate: No ability to determine if servicemanager exists OR err: Could not run Puppet configuration client: No ability to determine if servicemanager exists I even tried adding a def exists? function in hostmanager.rb and that didnt help. Puppet handles states not actions. So if you want to define that a service is running, puppet must have the ability to query if it's running already. my comments (your problem is #3 and #4) 1. you use one property for two things. What if you want to say that your service is installed and running? 2. restarted is not really a state. But you can define that your restart method should get called upon refresh (look in service.rb how such a refresh method can be defined) 3. you said ensurable. That's just a shortcut to say that you have an ensure property which handles absent and present. This means that your type (or preferable the provider) must have three functions: - exists? to retrieve the current state - create to create your type if it does not exist while it should - destroy to delete your type if it does exists while it should not If an ensure property doesnt make any sense for your type dont say ensurable 4. Your action property doesnt have any retrieve method so puppet cannot check if this property is in sync or not. Because I guess a servicemanager resource can be installed AND running, you should split that at least in two properties. Then you have to define a retrieve method. The default (defined in property.rb) is to just call provider.propertyname so just add a method called »action« in hostmanager.rb. That method must return a valid value (:stopped or :running). 5. If you define commands :hostmanager = '...' you get a hostmanager method for free so you can just say: hostmanager '-s', @resource[:name], '-r', @resource[:release], '--install' If you want to have the command as a string #{:hostmanager} just converts the symbol hostmanager to a string (which is hostmanager). I think what you wanted to say is #{command(:hostmanager)} which will give you /usr/local/bin/hostmanager.py Hope that helps. -Stefan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] file: ensure = present, purge = true
On Fri, Dec 17, 2010 at 02:26, CraftyTech hmmed...@gmail.com wrote: I'm not sure what I'm missing here, but when defining a file resource, to use as my yum repo, I can't seem to be able to purge other files in the directory. When you specify recurse and purge to a file resource you need to do that on a *directory*, not a file within the directory. So, in your case you would need to give /etc/yum.repos.d as: file { /etc/yum.repos.d: ensure = directory, recurse = true, purge = true, source = ... } Then you have two choices: First, you can point the source for that statement to a puppet:// URL that is a directory containing, for example, the 'base.repo' file that you want installed, and nothing else. Puppet will then ensure that is all that ends up in that directory. Second, you can point it to an empty directory, then have extra, separate file statements like the one you did in your question - without the recurse and purge options - that define the individual files. Finally, you can actually combine both of those: if you explicitly manage a file it will override the default that the recurse/purge combination create, so you can have a base directory copied in place and everything except what puppet manages automatically removed. Regards, Daniel -- ✣ Daniel Pittman ✉ dan...@rimspace.net ☎ +61 401 155 707 ♽ made with 100 percent post-consumer electrons -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: exec prior to changes
Answered my own question. Basically you'd need to use: refreshonly = true. Thanks, -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: storeconfig / mysql
I have the same issue with Passenger. This is preventing me from using Storeconfigs all together. On Dec 14, 12:47 pm, donavan dona...@desinc.net wrote: On Dec 12, 11:17 pm, walexey wale...@gmail.com wrote: Puppet (err): Could not retrieve catalog from remote server: Error 400 on SERVER: Mysql::Error: MySQL server has gone away how can i fix it? wbr, alw Would you happen to be running the puppet master(s) in mongrel? Yes, it runs with mongrel wbr, alw It's anecdotal, but we had these same spurious disconnects. Mongrel, not the activerecord/mysql handler, seemed to be periodically closing an open mysql connection. When AR went to reuse the existing pooled connection it would get a RST from the server. Never tracked down exactly why, but it completely stopped with a change to Passenger. I'd suggest giving Passenger a try, though I do think it's a poor answer. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Could not find class
Thank you very much! It's working now. Indeed when I have some spare time I may attempt to write another module. Dmytro On Dec 16, 9:39 pm, luke.bigum luke.bi...@fasthosts.co.uk wrote: Dmytro, I'm a git noob :) I've had a look at the module now. I wouldn't say it's designed that well and I think a few people on this list would agree. To fix your problem I think you'll have to include rsync first, which will then import classes/*.pp, which will then allow Puppet to find the rsyncd class. This is a bad design as rsyncd should really be it's own module or a subclass rather than relying on including a class that actually does nothing but import other .pp files. When thinking about the rsync software itself, the module could be designed better. You can't have just an rsync client with this module (ie: just Package[rsync]), you only get an rsync server. That means if you wanted to Puppetify an rsync client you'd need another module/ class, which would then leave to multiple declaration problems if a node is a client AND a server as both would try declare Package[rsync]. A better idea would be something like this: class rsync installs rsync software class rsync::rsyncd include rsync (for the software) turns on rsyncd, contains a define to setup rsyncd exports And the actual module structure would look like this, which requires zero import statements: modules/rsync/init.pp - contains class rsync modules/rsync/rsyncd.pp - contains class rsync::rsyncd Lastly, I personally don't like the name of the define rsyncd::export as the double colon kind of denotes they are parent and child classes, but that's just me. Anyway, if you really want to use this module you could try include rsync before include rsyncd. You will have to remove your own declaration of Package[rsync] as this is already done in the rsyncd module and will cause a multiple declaration error. My recommendation is to write a better module yourself, you'll learn more that way :) Hope this helps, -Luke On Dec 16, 9:58 am, luke.bigum luke.bi...@fasthosts.co.uk wrote: That github link doesn't work for me so don't know the internals of this module, but if the module is called rsync, as indicated by this module path: /etc/puppet/modules/rsync/, then any sub classes of that should be in the rsync namespace... Are you sure it's not supposed to be rsync::rsyncd? A base class called 'rsyncd' would mean there'd be a module etc/puppet/ modules/rsync/rsyncd/, not a rsyncd.pp under the rsync module... What you've shown of this module's structure looks quite strange to me. On Dec 16, 1:48 am, Dmytro Bablinyuk bablin...@gmail.com wrote: Hi Everybody, I am sure that I am missing something very obvious, I have installed rsync package git clonehttps://github.com/camptocamp/puppet-rsyncd.gitrsync The path r...@puppet-master:/etc/puppet/modules/rsync/manifests/classes# ls -l total 4 -rw-r--r-- 1 root root 1078 2010-12-16 09:54 rsyncd.pp The manifest file package { [rsync, xinetd]: ensure = present } service { xinetd: ensure = running } include rsyncd rsyncd::export { etc: path = /etc, chroot = true, gid = staff, allow = [172.16.50.4, 172.16.41.10], } I have error on the client r...@puppet-client-ubuntu:~# puppetd --test info: Retrieving plugin err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not find class rsyncd at /etc/puppet/manifests/site.pp: 33 on node puppet-client-ubuntu.harbour warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run How do I specify path to the rsyncd class? Thank you Dmytro -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Exec resource doc appears outdated
Hoping someone can shed some light on this. In the Puppet resource type doc at http://docs.puppetlabs.com/references/stable/type.html#exec it says this about exec: It is worth noting that exec is special, in that it is not currently considered an error to have multiple exec instances with the same name. This was done purely because it had to be this way in order to get certain functionality, but it complicates things. In particular, you will not be able to use exec instances that share their commands with other instances as a dependency, since Puppet has no way of knowing which instance you mean. However, trying this in Puppet 2.6.2 results in a duplicate definition error, similar to the other resource types. I see in the 0.24.2 release notes at http://projects.puppetlabs.com/projects/puppet/wiki/Release_Notes#Types+and+Providers: Exec resources must now have unique names, although the commands can still be duplicated. This is easily accomplished by just specifying a unique name with whatever (unique or otherwise) command you need. It sounds like the 'specialness' of Exec has long been removed from Puppet. Has anyone else ran into this? Are the docs indeed outdated? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Help with Puppet install on OS X Server
Hi all... finally getting around to trying Puppet, I'm excited to get started, but I'm stuck on install. My server a 3-month old Xserve with 6GB of RAM. Didn't configure any other services for it yet, and I tried installing puppet and facter 3 different ways (because I thought the missing rrd directory could've been an install glitch). First I tried downloading from puppetlabs.com and using 'ruby install'. Second, I tried the packages for OS X (linked to from Puppet's site). Third I tried 'gem install'. After install, I create a file called site.pp at /etc/puppet/manifests with the following. I change this file to puppet user and group permissions. file { /etc/passwd: owner = root, group = bin, mode = 644, } Then I start puppet using: sudo puppetmasterd --verbose --debug --no-daemonize The end of the output shows: err: /File[/var/lib/puppet/rrd]/ensure: change from absent to directory failed: Could not set 'directory on ensure: Permission denied - /var/lib/puppet/rrd debug: Finishing transaction 2165906120 Could not run: Got 1 failure(s) while initializing: change from absent to directory failed: Could not set 'directory on ensure: Permission denied - /var/lib/puppet/rrd I have no rrd directory... here is what I have. server:~ admin$ ls -al /var/lib/puppet/ total 0 drwxr-xr-x 11 rootwheel 374 Dec 16 14:31 . drwxr-xr-x 4 rootwheel 136 Dec 16 14:31 .. drwxr-x--- 2 puppet puppet 68 Dec 16 14:31 bucket drwxr-xr-x 2 rootwheel68 Dec 16 14:31 facts drwxr-xr-x 2 rootwheel68 Dec 16 14:31 lib drwxr-x--- 3 puppet puppet 102 Dec 16 14:31 log drwxr-x--- 2 puppet puppet 68 Dec 16 14:31 reports drwxrwxrwt 3 rootwheel 102 Dec 16 14:31 run drwxr-x--- 2 puppet puppet 68 Dec 16 14:31 server_data drwxr-xr-t 2 rootwheel68 Dec 16 14:31 state drwxr-x--- 2 puppet puppet 68 Dec 16 14:31 yaml From here I've tried creating the rrd directory and applying user and group permissions to puppet, but it just hangs with the following output when rerunning the aforementioned puppetmasterd command. notice: Starting Puppet master version 2.6.4 debug: No file server configuration file; autocreating modules mount with default permissions debug: No file server configuration file; autocreating plugins mount with default permissions debug: Finishing transaction 2165520200 What am I missing? Thanks for the help... I can't wait to start using Puppet! -Brian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Help with Puppet install on OS X Server
On Thu, Dec 16, 2010 at 2:40 PM, Brian LaShomb blash...@gmail.com wrote: Hi all... finally getting around to trying Puppet, I'm excited to get started, but I'm stuck on install. My server a 3-month old Xserve with 6GB of RAM. Didn't configure any other services for it yet, and I tried installing puppet and facter 3 different ways (because I thought the missing rrd directory could've been an install glitch). First I tried downloading from puppetlabs.com and using 'ruby install'. Second, I tried the packages for OS X (linked to from Puppet's site). Third I tried 'gem install'. After install, I create a file called site.pp at /etc/puppet/manifests with the following. I change this file to puppet user and group permissions. file { /etc/passwd: owner = root, group = bin, mode = 644, } Then I start puppet using: sudo puppetmasterd --verbose --debug --no-daemonize The end of the output shows: err: /File[/var/lib/puppet/rrd]/ensure: change from absent to directory failed: Could not set 'directory on ensure: Permission denied - /var/lib/puppet/rrd debug: Finishing transaction 2165906120 Could not run: Got 1 failure(s) while initializing: change from absent to directory failed: Could not set 'directory on ensure: Permission denied - /var/lib/puppet/rrd I have no rrd directory... here is what I have. server:~ admin$ ls -al /var/lib/puppet/ total 0 drwxr-xr-x 11 root wheel 374 Dec 16 14:31 . drwxr-xr-x 4 root wheel 136 Dec 16 14:31 .. drwxr-x--- 2 puppet puppet 68 Dec 16 14:31 bucket drwxr-xr-x 2 root wheel 68 Dec 16 14:31 facts drwxr-xr-x 2 root wheel 68 Dec 16 14:31 lib drwxr-x--- 3 puppet puppet 102 Dec 16 14:31 log drwxr-x--- 2 puppet puppet 68 Dec 16 14:31 reports drwxrwxrwt 3 root wheel 102 Dec 16 14:31 run drwxr-x--- 2 puppet puppet 68 Dec 16 14:31 server_data drwxr-xr-t 2 root wheel 68 Dec 16 14:31 state drwxr-x--- 2 puppet puppet 68 Dec 16 14:31 yaml From here I've tried creating the rrd directory and applying user and group permissions to puppet, but it just hangs with the following output when rerunning the aforementioned puppetmasterd command. notice: Starting Puppet master version 2.6.4 debug: No file server configuration file; autocreating modules mount with default permissions debug: No file server configuration file; autocreating plugins mount with default permissions debug: Finishing transaction 2165520200 What am I missing? Thanks for the help... I can't wait to start using Puppet! I'm not sure if conf/osx/createpackage.sh is still up to date. You can try that or if you use macports, it's fast way to get started by simply running port install puppet. https://sites.google.com/a/explanatorygap.net/puppet/ http://trac.macports.org/browser/trunk/dports/sysutils/puppet/Portfile Thanks, Nan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Separating puppetmaster file serving and catalogs
On Dec 16, 1:23 pm, Patrick kc7...@gmail.com wrote: If such an approach is at all possible, the complete implementation would include giving the proxy the means to recognize valid client certificates. The proxy can and is recognizing valid certificates. The problem is passing that information on to the puppetmaster because I really don't know how to do that. I also don't know exactly which headers the puppetmaster uses. I'm thinking that if I do this, I need to remove the SSL from the file server VirtualHost and just pass the information directly through. Even if this should work - is it work all that hassle? This is a much better question. I'm going to work on it a little more though. Have you see the mongrel docs[1]? It's a very similar setup as far as passing the SSL environment. I believe there are also public docs about using hardware (f5, etc) load balancers. I know that type of configuration works as well. http://projects.puppetlabs.com/projects/1/wiki/Using_Mongrel -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] puppetmaster 100%cpu usage on 2.6 (not on 0.24)
On Thu, Dec 16, 2010 at 4:49 AM, Leonid Batizhevsky the.leo...@gmail.com wrote: I have same issuer with running puppentmaster and puppted in same host. When I updated ruby to 1.8.7 enterprise It resolve problem for me. Leonid S. Batizhevsky For the sake of the archives, what version did you upgrade *from* Leonid ? On Tue, Dec 14, 2010 at 11:24, Chris iwouldratherbesleeping...@gmail.com wrote: Hi I recently upgraded my puppet masters (and clients) from 0.24.8 to 2.6.4 Previously, my most busy puppet master would hover around about 0.9 load average, after the upgrade, its load hovers around 5 I am running passenger and mysql based stored configs. Checking my running processes, ruby (puppetmasterd) shoots up to 99% cpu load and stays there for a few seconds before dropping again. Often there are 4 of these running simultaneously, pegging each core at 99% cpu. It seems that there has been a serious performance regression between 0.24 and 2.6 for my configuration I hop the following can help work out where... I ran puppetmasterd through a profiler to find the root cause of this (http://boojum.homelinux.org/profile.svg). The main problem appears to be in /usr/lib/ruby/site_ruby/1.8/puppet/parser/ast/resource.rb, in the evaluate function. I added a few timing commands around various sections of that function to find the following breakdown of times spent inside it, and the two most intensive calls are --- paramobjects = parameters.collect { |param| param.safeevaluate(scope) } --- and --- resource_titles.flatten.collect { |resource_title| exceptwrap :type = Puppet::ParseError do resource = Puppet::Parser::Resource.new( fully_qualified_type, resource_title, :parameters = paramobjects, :file = self.file, :line = self.line, :exported = self.exported, :virtual = virt, :source = scope.source, :scope = scope, :strict = true ) if resource.resource_type.is_a? Puppet::Resource::Type resource.resource_type.instantiate_resource(scope, resource) end scope.compiler.add_resource(scope, resource) scope.compiler.evaluate_classes([resource_title],scope,false) if fully_qualified_type == 'class' resource end }.reject { |resource| resource.nil? } --- Unfortunately, that is about the limit of my current ruby skills. What else can be looked at to speed 2.6 back up to the performance of 0.24? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Nigel Kersten - Puppet Labs - http://www.puppetlabs.com -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: function_file error
On Dec 16, 10:48 am, boddiesdrinker martin.s...@gmail.com wrote: The template file has this code: relay = scope.function_file([/etc/puppet/secrets/smtp/ + name + / relay]).chomp Could it be the form of the file function which has changed? According to the docs[1][2] it looks the same. The error you posted sounds like the puppet master can't find the function/file.rb. It should be somwhere in the path like ruby/site_ruby/1.8/puppet/parser/ functions/file.rb. On the master does this manifest work for you with 'puppet apply': $content = file(/etc/motd) notify { $content: } [1] http://docs.puppetlabs.com/references/0.24.5/function.html#file [2] http://docs.puppetlabs.com/references/2.6.3/function.html#file -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] New Employee Announcement -- Daniel Pittman joins Puppet Labs.
Happy to announce that Daniel Pittman has joined Puppet Labs as a member of the development team. He will be working remotely until he moves to Portland from Australia in early January. Daniel is a long time contributor to the Puppet project and brings over 12 years of experience as both a developer and systems administrator. Daniel had most recently been working as the Infrastructure Manager for Strategic Data where he used Puppet to build a highly scalable and available infrastructure. We are excited to add Daniel's deep domain knowledge to the Puppet Labs development team. Cheers, Teyo -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: New Employee Announcement -- Daniel Pittman joins Puppet Labs.
On Thu, Dec 16, 2010 at 4:22 PM, Teyo Tyree t...@puppetlabs.com wrote: Happy to announce that Daniel Pittman has joined Puppet Labs as a member of the development team. He will be working remotely until he moves to Portland from Australia in early January. Daniel is a long time contributor to the Puppet project and brings over 12 years of experience as both a developer and systems administrator. Daniel had most recently been working as the Infrastructure Manager for Strategic Data where he used Puppet to build a highly scalable and available infrastructure. We are excited to add Daniel's deep domain knowledge to the Puppet Labs development team. Cheers, Teyo We are also very excited to increase the Australian Mafia contingent at Puppet Labs. (something needs to make me feel better about Australia given the sorry goings on in the Ashes[1], [2] :( ) [1] - http://en.wikipedia.org/wiki/The_Ashes [2] - http://www.espncricinfo.com/the-ashes-2010-11/content/current/story/492800.html -- Nigel Kersten - Puppet Labs - http://www.puppetlabs.com -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: New Employee Announcement -- Daniel Pittman joins Puppet Labs.
On Thu, Dec 16, 2010 at 5:22 PM, Teyo Tyree t...@puppetlabs.com wrote: Happy to announce that Daniel Pittman has joined Puppet Labs as a member of the development team. He will be working remotely until he moves to Portland from Australia in early January. Daniel is a long time contributor to the Puppet project and brings over 12 years of experience as both a developer and systems administrator. Daniel had most recently been working as the Infrastructure Manager for Strategic Data where he used Puppet to build a highly scalable and available infrastructure. We are excited to add Daniel's deep domain knowledge to the Puppet Labs development team. Since Puppet Labs seems to be poaching quite a few Australians, can we have a round of: Aussie, Aussie, Aussie, Oi, Oi OI. Cheers, Nan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: n00b questions - verbosity of config????
On Thu, Dec 16, 2010 at 2:57 PM, Tim Watts t...@dionic.net wrote: Hi Felix, Thanks for this - I am liking it. define remotefile($path, $module, $owner = root, $group = root, $mode = 0644, $ensure = present) { file { $name: ensure = $ensure, mode = $mode, owner = $owner, group = $group, source = puppet:///modules/$module/$path, } } I tweaked it a bit: define remotefile( $owner = root, $group = root, $mode = 0644, $ensure = present) { file { $name: ensure = $ensure, mode = $mode, owner = $owner, group = $group, source = puppet:///files/$name, } } and class syslog { remotefile { /tmp/etc/syslog-ng/syslog-ng.conf: } } which is what I call concise (/tmp intentional). This compells me to elaborate a bit more. The problem with the above is that you cannot have a remotefile that doesn't care about the mode (i.e., let puppet accept whatever mode it finds on the client machine). If you just speicfy remotefile { /etc/motd: module = all } the mode will be forced to 0644, which may not be what you want in edge cases. This is the pattern we use for this problem: define remotefile($mode = ) { Sorry - I don;t understand this - is this pure ruby or puppet language? Just to indicate it's an optional parameter, since default behavior is handled as seen below. if $mode != { File { mode = $mode } } If it were ruby, I might have expected File:Stat or whatever - but I can't find any docs on the puppet site describing File. Resource defaults, definitely a clever use: http://docs.puppetlabs.com/guides/language_tutorial.html#resource-defaults any chance of a quick explanation please? I sort of see what the intent is - but not how it actually works. file { $name: source = puppet:///.../$name } } Actually, our remotefile has similar support for about *all* parameters that file supports, except that owner and group indeed default to root (you would not want to not set those explicitly). Also note that the path parameter is optional in our implementation. Normally the URL uses $name, so if you need to override that behaviour, you can fall back to specifying the path. This is handled by if-else logic in the define. Cheers, Felix Many thanks, Tim BTW I am looking next to try a define something to do nodes.pp so I can declare A inherits B and have it set up some magic that the remotefile function can use inherently. Back with more on this if I get something working or get stuck... -- Tim Watts Personal Email -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: function_file error
On Dec 16, 10:48 am, boddiesdrinker martin.s...@gmail.com wrote: The template file has this code: relay = scope.function_file([/etc/puppet/secrets/smtp/ + name + / relay]).chomp Could it be the form of the file function which has changed? I've just opened an issue that you may be hitting in 2.6[1]. Does the puppet master appear to hang before you get the 'undefined method' error? If you have debug you might see output like this: debug: Scope(Node[foo.domain.tld]): Retrieving template test.erb debug: template[/tmp/puppet/templates/test.erb]: Bound template variables for /tmp/puppet/templates/test.erb in 0.00 seconds err: Failed to parse template test.erb: undefined method `function_fqdn_rand' for #Puppet::Parser::Scope:0x2b37140ced30 at / tmp/puppet/manifests/site.pp:43 on node foo.domain.tld If so I believe it may be the same problem .Try using the first workaround in the ticket, it's a trivial fix for the issue. You'll need to make sure that the function is called in the manifest before you parse the template though. Putting something like '$workaround = file(/etc/puppet/secrets/smtp/relay)' in site.pp should do it. [1] http://projects.puppetlabs.com/issues/5587 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Template Samples
On Dec 16, 10:51 am, boddiesdrinker martin.s...@gmail.com wrote: where can i get some template samples that use the function_ references? Many Thanks Martin I replied in the other thread. I think you're hitting a bug. But this is a working template that calls a core function: % value = scope.function_fqdn_rand(['10']) -% %= The random fqdn value is #{value} % And a more complex example that prints a list of lines suitable for / etc/hosts: %# returns a list of other puppet client fqdns % % nodes = scope.function_list_nodes( [{:classes = 'puppet::client'}, fqdn] ) -% % nodes.each do |fqdn| -% %# lookup ipaddress and hostname of another client % % ipaddr = scope.function_list_fact([fqdn, 'ipaddress']) -% % hostname = scope.function_list_fact([fqdn, 'hostname']) -% %= #{ipaddr} #{fqdn} # {hostname} % % end -% -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: function_file error
Donovan, yes it does. for quite a long time. it echos that its bound variables on the erb then sites there. the client times out and then eventually puppetmaster comes back with the error. Thanks, Martin On Fri, Dec 17, 2010 at 6:29 AM, donavan dona...@desinc.net wrote: On Dec 16, 10:48 am, boddiesdrinker martin.s...@gmail.com wrote: The template file has this code: relay = scope.function_file([/etc/puppet/secrets/smtp/ + name + / relay]).chomp Could it be the form of the file function which has changed? I've just opened an issue that you may be hitting in 2.6[1]. Does the puppet master appear to hang before you get the 'undefined method' error? If you have debug you might see output like this: debug: Scope(Node[foo.domain.tld]): Retrieving template test.erb debug: template[/tmp/puppet/templates/test.erb]: Bound template variables for /tmp/puppet/templates/test.erb in 0.00 seconds err: Failed to parse template test.erb: undefined method `function_fqdn_rand' for #Puppet::Parser::Scope:0x2b37140ced30 at / tmp/puppet/manifests/site.pp:43 on node foo.domain.tld If so I believe it may be the same problem .Try using the first workaround in the ticket, it's a trivial fix for the issue. You'll need to make sure that the function is called in the manifest before you parse the template though. Putting something like '$workaround = file(/etc/puppet/secrets/smtp/relay)' in site.pp should do it. [1] http://projects.puppetlabs.com/issues/5587 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- If we moved in next door, your lawn would die Lemmy, Motorhead -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Template Samples
Donovan, thanks for that. i\ downgraded my puppet server last night, but i'll get a test system up running, thanks again martin On Fri, Dec 17, 2010 at 6:38 AM, donavan dona...@desinc.net wrote: On Dec 16, 10:51 am, boddiesdrinker martin.s...@gmail.com wrote: where can i get some template samples that use the function_ references? Many Thanks Martin I replied in the other thread. I think you're hitting a bug. But this is a working template that calls a core function: % value = scope.function_fqdn_rand(['10']) -% %= The random fqdn value is #{value} % And a more complex example that prints a list of lines suitable for / etc/hosts: %# returns a list of other puppet client fqdns % % nodes = scope.function_list_nodes( [{:classes = 'puppet::client'}, fqdn] ) -% % nodes.each do |fqdn| -% %# lookup ipaddress and hostname of another client % % ipaddr = scope.function_list_fact([fqdn, 'ipaddress']) -% % hostname = scope.function_list_fact([fqdn, 'hostname']) -% %= #{ipaddr} #{fqdn} # {hostname} % % end -% -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- If we moved in next door, your lawn would die Lemmy, Motorhead -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.