Re: [Puppet Users] multiple puppetmasters (w/ Passenger) behind load balancer
If I just leave it with [puppetmasterd] certname = puppet-test01.dev.domain.com ca = falsa it works.. it just breaks after I put in the rest of the options I need to work my way through all the options -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: multiple puppetmasters (w/ Passenger) behind load balancer
I run two 0.25.5 puppetmasters behind an haproxy load balancer with both production and QA puppetmasters on different ports on each host. These resolve to puppet.arces.net and puppet-qa.arces.net on our load balancer and go to host-a and host-b on 8140 for production and 8150 for QA. It all works great. We evolved up to this over the last 3.5 years going from Webrick to Mongrel to some intermediate stuff and finally to passenger. Our puppetmasters are in the same datacenter, so the manifest/module directory is shared via NFS. It sounds exactly like what you're trying to do, except for the NFS part. If you're replicating the contents of var and etc between systems, then it shouldn't matter that it's not NFS. My puppetmasterd block in puppet.conf looks like this: [puppetmasterd] vardir = /var/www/localhost/puppet/var confdir = /var/www/localhost/puppet/etc modulepath = $confdir/modules bucketdir = $vardir/bucket clientbucketdir = $vardir/clientbucket fileserverconfig = $confdir/fileserver.conf ssldir = $vardir/ssl yamldir = $vardir/yaml manifestdir = $confdir/manifests logdest = syslog bindaddress = 127.0.0.1 user = puppet storeconfigs = true dbadapter = mysql dbuser = xx dbname = xxx dbpassword = xx dbserver = xx reports = puppet_dashboard ssl_client_header = SSL_CLIENT_S_DN ssl_client_verify_header = SSL_CLIENT_VERIFY We have a single key/cert for the master named puppet.arces.net (or puppet-qa.arces.net for the QA one). I don't designate a cert name anywhere - I just have a cert generated for the puppetmasters that matches the hostname that the clients use to connect to the load balancer, not a cert name for the hosts themselves. This is shared via the NFS mount, but it could just as easily be on both servers. My suggestion is to get it working behind the F5 with only one node. When you have that working, copy the vardir to the other node and switch your config to use only that node. If it still works, activate both nodes behind the VIP and set your session persistence to bind by clientip so you don't have flipflop behavior between requests from the clients. You should be good to go. Hope that helps. Adrian Goins Arces Network, LLC http://www.arces.net On Feb 10, 10:27 am, CraftyTech hmmed...@gmail.com wrote: If I just leave it with [puppetmasterd] certname = puppet-test01.dev.domain.com ca = falsa it works.. it just breaks after I put in the rest of the options I need to work my way through all the options -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: multiple puppetmasters (w/ Passenger) behind load balancer
Thanks Adrian !! I'll certainly try it out in QA. On the other hand, for those who followed this thread, I've found problem, and corrected it. It turns out, that space after any of the values, would basically break your config. I just edited the file, and removed all extra spaces, and everything is back to normal. I needed to have to going so that I can deploy puppetmasters via a puppet class. Thanks kc7zzv and Adrian. Cheers, Henry -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Stored configs in MySQL
Hi all, I've been looking at using stored configs to generate my Nagios configs. I followed this guide[1] to set up the remote MySQL database for this purpose, like this: [puppetmasterd] storeconfigs = true dbadapter = mysql dbuser = puppet dbpassword = password dbserver = mydb.bris.ac.uk #dbsocket = /var/run/mysqld/mysqld.sock Trouble is, each time a node checks into puppet, a new db handle is opened without the old one being closed. With a few nodes, it doesn't take long before there are tens or hundreds of handles, and the db server won't accept any more. This is Bad, since many other things rely on that database, and when it stops accepting more connections, things break. So, does anyone know how I can make puppet open just one connection and keep it persistently? Thanks, Jonathan [1] http://projects.puppetlabs.com/projects/puppet/wiki/Using_Stored_Configuration -- Jonathan Gazeley Systems Support Specialist ResNet | Wireless VPN Team IT Services University of Bristol -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: puppetmaster 100%cpu usage on 2.6 (not on 0.24)
Hello, I am one of those who have this problem. Some people suggested using Ruby Enterprise. I looked at its installation, it looked a little bit time-consuming, so I did not try that one out. I upgraded to debian squeeze (of course), and the problem persists. Thus I did some tests: 1. got ruby from Ubuntu Meercat: libruby1.81.8.7.299-2 ruby1.8 1.8.7.299-2 ruby1.8-dev 1.8.7.299-2 Same Problem (debian is 1.8.7.302 I think), with ruby from ubuntu lucid (1.8.7.249) the problem is the same. I guess we can rule out debian's ruby here. 2. I reported that after stopping apache, stray master process remain and do 100% cpu. I did an strace on those processes and they do this (whatever that means): $ strace -p 1231 Process 1231 attached - interrupt to quit brk(0xa49a000) = 0xa49a000 brk(0xbf51000) = 0xbf51000 brk(0xda09000) = 0xda09000 brk(0xa49a000) = 0xa49a000 brk(0xbf52000) = 0xbf52000 brk(0xda09000) = 0xda09000 brk(0xa49a000) = 0xa49a000 brk(0xbf52000) = 0xbf52000 brk(0xda09000) = 0xda09000 ^CProcess 1231 detached 3. I have now disabled reports, lets see what happens. Thanks for the effort and have a nice day. udo. On 07.02.2011, at 19:56, Brice Figureau wrote: On 07/02/11 17:23, Ashley Penney wrote: Because I like to live dangerously I upgraded to 2.6.5 and it seems like this has resolved the CPU problem completely for me. Did you upgrade the master or the master and all the nodes? I had a discussion about this issue with Nigel during the week-end, and he said something really interesting I didn't thought about: it might be possible that the reports generated by 2.6.3 were larger than what they were in previous versions. It is then possible that the CPU time taken to unserialize and process those larger reports is the root cause of the high CPU usage. That'd be great if one of the people having the problem could disable reports to see if that's the culprit. And if this is the case, we should at least log how long it takes to process a report on the master. -- Brice Figureau My Blog: http://www.masterzen.fr/ -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- :: udo waechter - r...@zoide.net :: N 52º16'30.5 E 8º3'10.1 :: genuine input for your ears: http://auriculabovinari.de :: your eyes: http://ezag.zoide.net :: your brain: http://zoide.net -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] puppet server not responding
Hi Guys, Changing the server directive in the puppet conf worked!!! Thanks so much for your help!! Also I sent an email yesterday regarding file sharing to the list. Sorry to be a bother, but I am still struggling with this issue. Does anyone have any advice regarding this? Here is the email I sent for easy reference: - Hi Atha, This is what the basefiles class that I have created looks like now: class basefiles { file { /etc/ldap.conf: source = puppet:///snjh/ldap.conf } file { /etc/haha.txt: source = puppet:///snjh/haha.txt } } I have allowed everything (for the time being) in filersver.conf : # Define a section 'files' # Adapt the allow/deny settings to your needs. Order # for allow/deny does not matter, allow always takes precedence # over deny [snjh] path /etc/puppet/manifests/files/snjh allow * # deny *.evil.example.com # allow 192.168.0.0/24 And this is the error I am currently getting: [root@VIRTCENT03:~] #puppetd --test info: Caching catalog for virtcent03.summitnjhome.com info: Applying configuration version '1297290431' err: //basefiles/File[/etc/haha.txt]: Failed to retrieve current state of resource: Could not retrieve information from source(s) puppet://puppet/snjh/haha.txt at /etc/puppet/manifests/classes/basefiles.pp:10 err: //basefiles/File[/etc/ldap.conf]: Failed to retrieve current state of resource: Could not retrieve information from source(s) puppet://puppet/snjh/ldap.conf at /etc/puppet/manifests/classes/basefiles.pp:6 notice: Finished catalog run in 1.03 seconds thanks for your help! --- thanks again!! I really have gotten amazingly valuable help from this list and I genuinely appreciate your time! Tim On Wed, Feb 9, 2011 at 6:46 PM, Sergey Zhuga sergey.zh...@gmail.com wrote: Hi, I think your client can't resolve puppet server hostname. Try to change 'server' directive in config file or add 'puppet' to /etc/hosts or use '--server' option in command line. Regards. On 10.02.2011 01:26, Tim Dunphy wrote: hello list I am attempting to setup a puppet server in the amazon cloud. When I try to hit the host from the test client using puppetd --test I get this response... [root@mclient ~]# puppetd --test err: Could not retrieve catalog from remote server: getaddrinfo: Name or service not known warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run So I thought what if I try to do a test puppet run on the server itself? Surprisingly I get the same result... [root@mcollective ~]# puppetd --test err: Could not retrieve catalog from remote server: getaddrinfo: Name or service not known warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run I make sure that puppet is installed: [root@mcollective ~]# rpm -qa | grep puppet puppet-server-0.25.5-1.el5 puppet-0.25.5-1.el5 That the service is running: [root@mcollective ~]# service puppetmaster status puppetmasterd (pid 2025) is running... And listening on the correct port: [root@mcollective ~]# lsof -i :8140 COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME puppetmas 2025 puppet 7u IPv4 15187 TCP *:8140 (LISTEN) So why would this puppet server be unable to contact itself?? thanks in advance!! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: puppetmaster 100%cpu usage on 2.6 (not on 0.24)
On Thu, 2011-02-10 at 15:55 +0100, Udo Waechter wrote: Hello, I am one of those who have this problem. Some people suggested using Ruby Enterprise. I looked at its installation, it looked a little bit time-consuming, so I did not try that one out. I upgraded to debian squeeze (of course), and the problem persists. Thus I did some tests: 1. got ruby from Ubuntu Meercat: libruby1.81.8.7.299-2 ruby1.8 1.8.7.299-2 ruby1.8-dev 1.8.7.299-2 Same Problem (debian is 1.8.7.302 I think), with ruby from ubuntu lucid (1.8.7.249) the problem is the same. I guess we can rule out debian's ruby here. 2. I reported that after stopping apache, stray master process remain and do 100% cpu. I did an strace on those processes and they do this (whatever that means): $ strace -p 1231 Process 1231 attached - interrupt to quit brk(0xa49a000) = 0xa49a000 brk(0xbf51000) = 0xbf51000 brk(0xda09000) = 0xda09000 brk(0xa49a000) = 0xa49a000 brk(0xbf52000) = 0xbf52000 brk(0xda09000) = 0xda09000 brk(0xa49a000) = 0xa49a000 brk(0xbf52000) = 0xbf52000 brk(0xda09000) = 0xda09000 ^CProcess 1231 detached This process is allocating memory like crazy :) 3. I have now disabled reports, lets see what happens. Thanks for the effort and have a nice day. udo. Are you still on puppet 2.6.3? Can you upgrade to 2.6.5 to see if that's better as reported by one other user? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] convert yum repos into manifest
hey Michael, Where did you get zypprepo type? Did you write it? Can you post it? On Wed, Feb 09, 2011 at 11:30:25AM +1100, Michael Knox wrote: Try ralsh yumrepo Just discovered that ralsh can even use custom types out of my modules ... cool $ ralsh zypprepo zypprepo { 'repo-oss': type = 'yast2', descr = 'openSUSE-11.3-OSS', baseurl = 'http://download.opensuse.org/distribution/11.3/repo/oss', enabled = '1', autorefresh = '1', path = '/', keeppackages = '0' } On 9/02/11 9:13 AM, Tim Dunphy wrote: hello list!! I remember using a command a while ago that converts all my yum repos into a puppet manifest file. I have tried ralsh /etc/yum.repos.d/ yumrepos.pp but that isn't quite doing it.. can someone please remind me of the way to accomplish this task? [root@virtcent13:~] #ralsh /etc/yum.repos.d /etc/puppet/manifests/yumrepos.pp Could not run: Could not find type /etc/yum.repos.d thanks in advance!! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- -ashley Did you try poking at it with a stick? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Problem with file serving and envrionments.
Hey all, Im still new to puppet so I may be doing something wrong. The problem I am having is I have setup multiple environments. Going from one environment. To get started with testing that I copied my manifests directory and modules dirctories into a handful of different directories to setup the environments. The I made the changes to my puppet.conf which is below: [main] vardir = /var/lib/puppet logdir = /var/log/puppet rundir = /var/run/puppet ssldir = $vardir/ssl manifest = /etc/puppet/environments/production/manifests/site.pp modulepath = /etc/puppet/environments/production/modules external_nodes = /etc/puppet/ext_node.sh node_terminus = exec [agent] classfile = $vardir/classes.txt localconfig = $vardir/localconfig [master] environments=production,development,testing,beta,pilot [production] manifest = /etc/puppet/environements/production/manifests/site.pp modulepath = /etc/puppet/environments/production/modules [development] manifest = /etc/puppet/environments/development/manifests/site.pp modulepath = /etc/puppet/environments/development/modules [testing] manifest = /etc/puppet/environments/testing/manifests/site.pp modulepath = /etc/puppet/environments/testing/modules [beta] manifest = /etc/puppet/environments/beta/manifests/site.pp modulepath = /etc/puppet/environments/beta/modules [pilot] manifest = /etc/puppet/environments/pilot/manifests/site.pp modulepath = /etc/puppet/environments/pilot/modules This all works perfectly, until I add a new module to one of the environemtns to push a file out, after which my clients will receive the following message: Feb 10 10:06:31 mynode1 puppet-agent[28932]: (/Stage[main]/Environment/ File[/etc/pupdev]) Could not evaluate: Error 400 on SERVER: Not authorized to call find on /file_metadata/environment/pupdev Could not retrieve file metadata for puppet:///environment/pupdev: Error 400 on SERVER: Not authorized to call find on /file_metadata/environment/ pupdev at /etc/puppet/environments/development/modules/environment/ manifests/init.pp:7 The message on the server is: Feb 10 10:05:02 puppetserver puppet-master[5377]: Not authorized to call find on /file_metadata/environment/pupdev I've seen a few posts mentioning that the fileserver.conf file needs to be updated. I have added allow * to it as suggested in a few other palces but all that does is keeps puppetmaster from restarting. Does anyone have any ideas as to what the problem is? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: returning a hash (json object) from custom function?
Ok, I was mistaken. Returning a hash works. It would be helpful if the ruby exceptions bubbled up to puppet reported the correct line number from the ruby source -- if that is possible. Could you file a bugreport[1], if there isn't yet one? Thanks! Then the chances are high that it will get fixed. ~pete [1] http://projects.puppetlabs.com/projects/puppet -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] duplicate base name error
Hello list! I am getting an error when I run puppetd --test on the client and I could use some pointers on chasing this down: [root@mclient ~]# puppetd --test info: Caching catalog for mclient.acadaca.net info: Applying configuration version '1297357383' err: //centos/Yumrepo[rpmforge]: Failed to retrieve current state of resource: A section with name base already exists notice: Finished catalog run in 1.23 seconds which is odd to me because I've created a very simple manifest that only includes one repo definition and yet the error persists: class centos { yumrepo { 'rpmforge': baseurl = ' http://apt.sw.be/redhat/el5/en/$basearch/rpmforge', enabled = ' 1', gpgcheck = ' 1', gpgkey = ' file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag', descr = ' RHEL $releasever - RPMforge.net - dag', mirrorlist = ' http://apt.sw.be/redhat/el5/en/mirrors-rpmforge', protect = ' 0' } } I've also grepped my manifests directory for the term 'base' and didnt find a duplicate repo definition that included it... thanks in advance! -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] duplicate base name error
On Thu, 10 Feb 2011 12:10:54 -0500 Tim Dunphy wrote: Hello list! Hello, [...] [root@mclient ~]# puppetd --test info: Caching catalog for mclient.acadaca.net info: Applying configuration version '1297357383' err: //centos/Yumrepo[rpmforge]: Failed to retrieve current state of resource: A section with name base already exists notice: Finished catalog run in 1.23 seconds [...] I've also grepped my manifests directory for the term 'base' and didnt find a duplicate repo definition that included it... thee problem is that you have many [main] sections in your repos (grep main /etc/yum.repos.d/*) and puppet doesn't like it (but yum does). thanks in advance! HTH, Arnau -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Complex data structures: working around a parser bug
A few days ago another user posted an issue with complex hashes[1]; it looks like a parser bug, and a bug report was opened[2]. I seem to be having a similar problem, but I haven't been able to make the same workaround function. This is the data structure I'd like to be using, but puppet doesn't like the array nested inside a hash: $dev_numbers = { 'null' = { 'freebsd' = [ 0, 6 ], 'ubuntu'= [ 1, 3 ], }, 'random' = { 'freebsd' = [ 0, 12 ], 'ubuntu'= [ 1, 8 ], }, 'zero' = { 'freebsd' = [ 0, 7 ], 'ubuntu'= [ 1, 5 ], }, } --parseonly produces an error when checking this one err: Could not parse for environment production: Syntax error at '='; expected '}' The alternative is to replace the array with a hash, like this: $dev_numbers = { 'null' = { 'freebsd' = { 'major' = 0, 'minor' = 6 }, 'ubuntu'= { 'major' = 1, 'minor' = 3 }, }, 'random' = { 'freebsd' = { 'major' = 0, 'minor' = 12 }, 'ubuntu'= { 'major' = 1, 'minor' = 8 }, }, 'zero' = { 'freebsd' = { 'major' = 0, 'minor' = 7 }, 'ubuntu'= { 'major' = 1, 'minor' = 5 }, }, } Puppet lets me define this data structure, but I can't find a way to access it. If I use this: $major = $dev_numbers[$type][$operatingsystem]['major'] $minor = $dev_numbers[$type][$operatingsystem]['minor'] then --parseonly gives me a syntax error: err: Could not parse for environment production: Syntax error at '['; expected ']' If I use the alternative proposed to the OP, which looks like this: $device = $dev_numbers[$type][$operatingsystem] $major = $device['major'] $minor = $device['minor'] then --parseonly passes everything, but when puppet actually tries to build the catalog for the client it fails and logs this error: device is not an hash or array when accessing it with major at... Does anyone have any other suggestions for how to work around this problem with the parser? Thanks in advance! Matt [1] http://groups.google.com/group/puppet-users/browse_thread/thread/8840c275ca677cd9/58d7adea821fc49f [2] http://projects.puppetlabs.com/issues/6269 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] duplicate base name error
hmmm well my /etc/yum.repos.d directory on the server I am having a problem with is pretty much an rsync of another server that has both yum and puppetd --test working correctly. working server: [root@VIRTCENT04:~] #puppetd --test info: Caching catalog for virtcent04.summitnjhome.com info: Applying configuration version '1297298959' err: //basefiles/File[/etc/haha.txt]: Failed to retrieve current state of resource: Could not retrieve information from source(s) puppet://puppet/snjh/haha.txt at /etc/puppet/manifests/classes/basefiles.pp:10 notice: //baseapps/Package[nmap]/ensure: created notice: //centos/Yumrepo[contrib]/baseurl: defined 'baseurl' as 'http://mirror.centos.org/centos/$releasever/contrib/$basearch/' notice: //centos/Yumrepo[contrib]/enabled: enabled changed '0' to '1' notice: //centos/Yumrepo[base]/baseurl: defined 'baseurl' as 'http://mirror.centos.org/centos/$releasever/os/$basearch/' notice: //centos/Yumrepo[centosplus]/mirrorlist: mirrorlist changed 'http://mirrorlist.centos.org/?release=$releaseverarch=$basearchrepo=centosplus' to 'http://mirrorlist.centos.org/?release=$releaseverarch=\$basearchrepo=centosplus' notice: //centos/Yumrepo[centosplus]/baseurl: defined 'baseurl' as 'http://mirror.centos.org/centos/$releasever/centosplus/$basearch/' notice: //centos/Yumrepo[centosplus]/enabled: enabled changed '0' to '1' notice: //centos/Yumrepo[extras]/baseurl: defined 'baseurl' as 'http://mirror.centos.org/centos/$releasever/extras/\$basearch/' notice: //centos/Yumrepo[extras]/enabled: defined 'enabled' as '1' notice: //centos/Yumrepo[updates]/baseurl: defined 'baseurl' as 'http://mirror.centos.org/centos/$releasever/updates/$basearch/' notice: //centos/Yumrepo[addons]/baseurl: defined 'baseurl' as 'http://mirror.centos.org/centos/$releasever/addons/$basearch/' err: //basefiles/File[/etc/ldap.conf]: Failed to retrieve current state of resource: Could not retrieve information from source(s) puppet://puppet/snjh/ldap.conf at /etc/puppet/manifests/classes/basefiles.pp:6 notice: //Group[named]/ensure: created notice: //Group[ntp]/ensure: created notice: Finished catalog run in 49.12 seconds non working server: [root@mclient ~]# puppetd --test info: Caching catalog for mclient.acadaca.net info: Applying configuration version '1297357383' err: //centos/Yumrepo[rpmforge]: Failed to retrieve current state of resource: A section with name base already exists err: //baseapps/Package[keychain]/ensure: change from absent to present failed: Could not find package keychain notice: Finished catalog run in 3.43 seconds and here I am defining 'working/non-working' according to the yumrepo configurations I have setup in the respective manifests. I have recursively grepped my yum.repos.d directory for the term 'main' and turned up nothing. yum works on both machines... I am enclosing a file that was produced with the following script: for i in *; do cat $i repos.txt; echo repos.txt; done I am enclosing both (clearly marked) in case anybody has any advice... also the manifests that include the yumrepo resources were both produced with the command ralsh yumrepo /etc/puppet/manifests/os/centos.pp with the centos class added after the ralsh dump has completed. thanks again! On Thu, Feb 10, 2011 at 12:18 PM, Arnau Bria arnaub...@pic.es wrote: On Thu, 10 Feb 2011 12:10:54 -0500 Tim Dunphy wrote: Hello list! Hello, [...] [root@mclient ~]# puppetd --test info: Caching catalog for mclient.acadaca.net info: Applying configuration version '1297357383' err: //centos/Yumrepo[rpmforge]: Failed to retrieve current state of resource: A section with name base already exists notice: Finished catalog run in 1.23 seconds [...] I've also grepped my manifests directory for the term 'base' and didnt find a duplicate repo definition that included it... thee problem is that you have many [main] sections in your repos (grep main /etc/yum.repos.d/*) and puppet doesn't like it (but yum does). thanks in advance! HTH, Arnau -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. [CentALT] name=CentALT Packages for Enterprise Linux 5 - $basearch baseurl=http://centos.alt.ru/repository/centos/5/$basearch/ enabled=1 gpgcheck=0 # CentOS-Base.repo # # The mirror system uses the
Re: [Puppet Users] duplicate base name error
Hi, not main but [base] you have only one [base] section in your working conf and twon on broken one. Try changin one base to something else. Cheers, Arnau -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Stored configs in MySQL
Trouble is, each time a node checks into puppet, a new db handle is opened without the old one being closed. With a few nodes, it doesn't take long before there are tens or hundreds of handles, and the db server won't accept any more. I've just run into this issue as well with the following db* configuration: dbadapter = mysql dbname = puppet dbuser = puppet dbpassword = password dbserver = localhost This is Bad, since many other things rely on that database, and when it stops accepting more connections, things break. In our case it ran up against the ulimit, not MySQL's connection limit. Same result: 400 errors being returned to the client: nfo: Retrieving plugin err: /File[/var/lib/puppet/lib]: Failed to generate additional resources using 'eval_generate': Error 400 on SERVER: Too many open files - /etc/puppet/modules err: /File[/var/lib/puppet/lib]: Could not evaluate: Error 400 on SERVER: Too many open files - /etc/puppet/modules Could not retrieve file metadata for puppet://puppet/plugins: Error 400 on SERVER: Too many open files - /etc/puppet/modules err: Could not retrieve catalog from remote server: Error 400 on SERVER: Can't create UNIX socket (24) warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run For now, we've upped the ulimit -n but that's obviously a temporary solution at best. Restarting the Puppet master when it hits the limit feels pretty broken. Suggestions? Other debug info I should include? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Problem with file serving and envrionments.
one more thing to note. If I turn off all the evironments, restart puppetmaster and then everything works fine; and just one more clairification it's only new modules being created that have the problem. On Feb 10, 10:23 am, trey85stang trey85st...@gmail.com wrote: Hey all, Im still new to puppet so I may be doing something wrong. The problem I am having is I have setup multiple environments. Going from one environment. To get started with testing that I copied my manifests directory and modules dirctories into a handful of different directories to setup the environments. The I made the changes to my puppet.conf which is below: [main] vardir = /var/lib/puppet logdir = /var/log/puppet rundir = /var/run/puppet ssldir = $vardir/ssl manifest = /etc/puppet/environments/production/manifests/site.pp modulepath = /etc/puppet/environments/production/modules external_nodes = /etc/puppet/ext_node.sh node_terminus = exec [agent] classfile = $vardir/classes.txt localconfig = $vardir/localconfig [master] environments=production,development,testing,beta,pilot [production] manifest = /etc/puppet/environements/production/manifests/site.pp modulepath = /etc/puppet/environments/production/modules [development] manifest = /etc/puppet/environments/development/manifests/site.pp modulepath = /etc/puppet/environments/development/modules [testing] manifest = /etc/puppet/environments/testing/manifests/site.pp modulepath = /etc/puppet/environments/testing/modules [beta] manifest = /etc/puppet/environments/beta/manifests/site.pp modulepath = /etc/puppet/environments/beta/modules [pilot] manifest = /etc/puppet/environments/pilot/manifests/site.pp modulepath = /etc/puppet/environments/pilot/modules This all works perfectly, until I add a new module to one of the environemtns to push a file out, after which my clients will receive the following message: Feb 10 10:06:31 mynode1 puppet-agent[28932]: (/Stage[main]/Environment/ File[/etc/pupdev]) Could not evaluate: Error 400 on SERVER: Not authorized to call find on /file_metadata/environment/pupdev Could not retrieve file metadata for puppet:///environment/pupdev: Error 400 on SERVER: Not authorized to call find on /file_metadata/environment/ pupdev at /etc/puppet/environments/development/modules/environment/ manifests/init.pp:7 The message on the server is: Feb 10 10:05:02 puppetserver puppet-master[5377]: Not authorized to call find on /file_metadata/environment/pupdev I've seen a few posts mentioning that the fileserver.conf file needs to be updated. I have added allow * to it as suggested in a few other palces but all that does is keeps puppetmaster from restarting. Does anyone have any ideas as to what the problem is? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Stored configs in MySQL
Sounds like you're running the wrong version of the mysql rubygem. If memory serves, this was a known issue. -- Joe McDonagh AIM: YoosingYoonickz IRC: joe-mac on freenode L'ennui est contre-révolutionnaire -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Testing custom function and puupet LoadError
I am using ruby-enterprise, installed under: /opt/ruby-enterprise, when I try to run ruby interpreter I get error about loading puppet: # ruby -rpuppet netbackup_servers.rb ruby: no such file to load -- puppet (LoadError) What do I need to set RUBYLIB env var to? I tried this: export RUBYLIB=$RUBYLIB:/opt/ruby-enterprise/lib/ruby/ export RUBYLIB=$RUBYLIB:/opt/ruby-enterprise/lib/ruby/1.8/ export RUBYLIB=$RUBYLIB:/opt/ruby-enterprise/lib/ruby/gems/1.8/gems/puppet-2.6.3 Thanks a lot. Mohamed. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Stored configs in MySQL
On Thursday, February 10, 2011 at 11:20 AM, Joe McDonagh wrote: Sounds like you're running the wrong version of the mysql rubygem. If memory serves, this was a known issue. We're on 2.7.3 packaged by CentOS. http://projects.puppetlabs.com/issues/3238 seems to indicate the problem exists even with 2.8.1 (latest gem). -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: puppetmaster 100%cpu usage on 2.6 (not on 0.24)
On Feb 10, 2011, at 6:55 AM, Udo Waechter wrote: Hello, I am one of those who have this problem. Some people suggested using Ruby Enterprise. I looked at its installation, it looked a little bit time-consuming, so I did not try that one out. Well, I find it takes about 30 min at the most, saves on RAM, and causes puppet it use a little more CPU. Here's what I did. This method requires a compiler. You can also do everything up to (but not including) step 5 without affecting puppet. It's also easy to reverse. 1) Changed /usr/share/puppet/rack/puppetmasterd/config.ru to use an absolute path to the folder. Need this line: $:.unshift('/usr/lib/ruby/1.8/') 2) Install the dependencies for the compile: package { libssl-dev: ensure = present } package { libsqlite3-dev: ensure = present } package { 'libmysql++-dev': ensure = present } package { 'libpq-dev': ensure = present } package { 'apache2-prefork-dev': ensure = present } package { 'libapr1-dev': ensure = present } package { 'libaprutil1-dev': ensure = present } 3) Installed RubyEE from their universal package. 4) Added a passengerEE mod to /etc/apache/mods-avaliable/ /etc/apache2/mods-avaliable/passengeree.load: LoadModule passenger_module /opt/ruby-enterprise-1.8.7-2010.02/lib/ruby/gems/1.8/gems/passenger-2.2.15/ext/apache2/mod_passenger.so PassengerRoot /opt/ruby-enterprise-1.8.7-2010.02/lib/ruby/gems/1.8/gems/passenger-2.2.15 PassengerRuby /opt/ruby-enterprise-1.8.7-2010.02/bin/ruby 5) Disable the old passenger and enable the new one a2dismod passenger a2enmod passengeree service apache2 restart If things don't work do this to enable your old passenger: a2enmod passenger a2dismod passengeree service apache2 restart -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] exec: creates overrides onlyif?
The docs are vague on how the two interact.. but it seems to me that 'creates' will override 'onlyif' in an exec clause. i.e. if the file named by 'creates' exists, then 'onlyif' is ignored. Is someone able to confirm that? Thanks! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] puppet server not responding
On Feb 10, 2011, at 7:13 AM, Tim Dunphy wrote: Hi Guys, Changing the server directive in the puppet conf worked!!! Thanks so much for your help!! Also I sent an email yesterday regarding file sharing to the list. Sorry to be a bother, but I am still struggling with this issue. Does anyone have any advice regarding this? Here is the email I sent for easy reference: - Hi Atha, This is what the basefiles class that I have created looks like now: class basefiles { file { /etc/ldap.conf: source = puppet:///snjh/ldap.conf } file { /etc/haha.txt: source = puppet:///snjh/haha.txt } } I have allowed everything (for the time being) in filersver.conf : # Define a section 'files' # Adapt the allow/deny settings to your needs. Order # for allow/deny does not matter, allow always takes precedence # over deny [snjh] path /etc/puppet/manifests/files/snjh allow * # deny *.evil.example.com # allow 192.168.0.0/24 This is really not the recommended way. My advice is to put that config back the way it was, and then do it as a module instead. So, put you file at /etc/puppet/modules/somename/files/ldap.conf Then use this as your URL: puppet:///modules/somename/ldap.conf This should just work. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] facter to display all active networks
Facter will display the values associated with network_* specific settings. Shouldn't there be a way to display all connected (active) networks in one command?For example: # facter networks 192.168.1.2 10.0.1.1 10.10.23.0 I could then formulate a conditional based on the available networks. Of course, one could fairly argue that if I didn't know what networks were available, then I should be using puppet to configure those anyway :-) My usage scenario includes this: For NFS we generally mount over a back-end, point-to-point network; however, there are times where some machines will only have the front-end network available and therefore we will just NFS-mount over that instead.I thought it might be useful to use a conditional for this that would *prefer* the back-end network, but use the front-end otherwise. Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] convert yum repos into manifest
Hi Ashley, Not a problem I've added a release to Puppet Forge ... http://forge.puppetlabs.com/mikeknox/zypprepo It's derived from the yumrepo type in Puppet core (0.25.5). It hasn't been updated it for 2.6.x yet, works fine, but I noticed some warnings about 'audit' when I tried ralsh on it. On 11/02/11 2:27 AM, Ashley Gould wrote: hey Michael, Where did you get zypprepo type? Did you write it? Can you post it? On Wed, Feb 09, 2011 at 11:30:25AM +1100, Michael Knox wrote: Try ralsh yumrepo Just discovered that ralsh can even use custom types out of my modules ... cool $ ralsh zypprepo zypprepo { 'repo-oss': type = 'yast2', descr = 'openSUSE-11.3-OSS', baseurl = 'http://download.opensuse.org/distribution/11.3/repo/oss', enabled = '1', autorefresh = '1', path = '/', keeppackages = '0' } On 9/02/11 9:13 AM, Tim Dunphy wrote: hello list!! I remember using a command a while ago that converts all my yum repos into a puppet manifest file. I have tried ralsh /etc/yum.repos.d/ yumrepos.pp but that isn't quite doing it.. can someone please remind me of the way to accomplish this task? [root@virtcent13:~] #ralsh /etc/yum.repos.d /etc/puppet/manifests/yumrepos.pp Could not run: Could not find type /etc/yum.repos.d thanks in advance!! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Unable to use facts
I'm seeing some odd failures on my newly installed Puppet master. The manifest being served seems to be unable to use the client's facts. For the sake of troubleshooting, I've reduced the details down to a single file resource in manifests/site.pp file { /tmp/puppet.wtf: ensure = present, content = inline_template(The operatingsystem fact is %= operatingsystem %), } Running puppetd on a client results in: info: Retrieving plugin err: Could not retrieve catalog from remote server: Error 400 on SERVER: Failed to parse inline template: Could not find value for 'operatingsystem' at /etc/puppet.wtf/manifests/site.pp:5 on node 10.250.250.6 For giggles, I've also attempted to use: content = The operatingsystem fact is $operatingsystem, Which results in /tmp/puppet.wtf being written as: The operatingsystem is The facter binary runs fine on every client I've tested with. I'm confident my manifests are sane as serving them up via webrick on the same server produces the expected results. Therefore, it seems reasonable to suspect something in the area of nginx/passenger That said, here are some specifics about the environment opensolaris 2009.06 snv_111b puppet 0.25.4 (gem) facter 1.5.8 (gem) passenger 3.0.2 nginx 0.8.54 passenger module was compiled into nginx with --extra-configure-flags=--without-http_uwsgi_module \ --without-http_scgi_module \ --without-http_rewrite_module \ --conf-path=/opt/nginx/etc/nginx.conf \ --error-log-path=/var/log/nginx/error.log \ --http-log-path=/var/log/nginx/access.log \ --pid-path=/var/run/nginx.pid \ --with-http_ssl_module nginx server: http { passenger_root /opt/csw/lib/ruby/gems/1.8/gems/ passenger-3.0.2; passenger_ruby /opt/csw/bin/ruby; default_type application/octet-stream; include /opt/nginx/etc/mime.types; include /opt/nginx/sites/*; access_log /var/log/nginx/access.log; sendfile on; keepalive_timeout 65; tcp_nodelay on; gzip on; server_tokens off; } server { server_name puppet; listen 8142 default ssl; passenger_enabled on; root /opt/nginx/html/puppet-wtf/public; ssl_certificate /etc/puppet/ssl/certs/puppet.pem; ssl_certificate_key /etc/puppet/ssl/private_keys/puppet.pem; ssl_crl /etc/puppet/ssl/ca/ca_crl.pem; ssl_client_certificate /etc/puppet/ssl/certs/ca.pem; ssl_protocols SSLv3 TLSv1; ssl_ciphers HIGH:+MEDIUM; ssl_prefer_server_ciphers on; ssl_verify_client optional; ssl_verify_depth 1; ssl_session_cache shared:SSL:8m; ssl_session_timeout 5m; } config.ru is owned by the puppet user and contains: $0 = puppetmasterd require 'rubygems' require 'puppet' ARGV --rack ARGV --debug ARGV --trace ARGV --confdir=/etc/puppet.wtf ARGV --vardir=/var/puppet.wtf ARGV --ssldir=/etc/puppet/ssl ARGV --logdest=/tmp/puppetmasterd-wtf.log require 'puppet/application/puppetmasterd' run Puppet::Application[:puppetmasterd].run puppet clients used to generate the error posted above were run with -- test --masterport=8142 Please feel free to let me know if additional details are needed. Best, Adam -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] array of arrays in manifests?
I defined a var like so: $myarray = [ [a,b],[c,d] ] Then in a template I tried something like: % myarray.each do |element| -% %= element[0] % % end -% It does not result in what I expect It seems as if myarray was flattened. are multi-dimensional arrays supported? Thanks, Mohamed. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: array of arrays in manifests?
Please ignore... was describing the wrong array... this var works as expected. On Thu, Feb 10, 2011 at 4:44 PM, Mohamed Lrhazi lrh...@gmail.com wrote: I defined a var like so: $myarray = [ [a,b],[c,d] ] Then in a template I tried something like: % myarray.each do |element| -% %= element[0] % % end -% It does not result in what I expect It seems as if myarray was flattened. are multi-dimensional arrays supported? Thanks, Mohamed. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: facter to display all active networks
On Feb 10, 3:59 pm, Forrie for...@gmail.com wrote: Facter will display the values associated with network_* specific settings. Shouldn't there be a way to display all connected (active) networks in one command? For example: # facter networks 192.168.1.2 10.0.1.1 10.10.23.0 Sounds like it would be simple enough to write a custom fact to do this. My approach would probably involve returning an array of existing facts that match ^network_ I'd probably want to take it a bit further though and return CIDR formatted networks by combining the returned value of each corresponding netmask_ fact. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: array of arrays in manifests?
Sorry am confused... it's end of day This does seem to flatten my array: $myarray = [ [a,b],[c,d] ] While this does not: $myarray1=[a,b] $myarray2=[c,d] $myarray = [ $myarray1,$myarray2 ] Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Unwanted whitespace generated by template
I have this in a template: ===cut here= # Allow ICMP traffic -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT % if netbackup_master_servers % % netbackup_master_servers.each do |master_server| -% # Allow communication with NetBackup master server %= master_server[0] % -A RH-Firewall-1-INPUT -p tcp -m tcp -s %= master_server[1] % --dport 13724 -j ACCEPT ===cut here= One extra line containing a single white space is added, after the one already there. iptables fails to load because of this... Is it the if tag that generated the line? how do I avoid that? Thanks a lot. Mohamed. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Unwanted whitespace generated by template
On 10 February 2011 22:15, Mohamed Lrhazi lrh...@gmail.com wrote: I have this in a template: ===cut here= # Allow ICMP traffic -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT % if netbackup_master_servers % % netbackup_master_servers.each do |master_server| -% # Allow communication with NetBackup master server %= master_server[0] % -A RH-Firewall-1-INPUT -p tcp -m tcp -s %= master_server[1] % --dport 13724 -j ACCEPT ===cut here= One extra line containing a single white space is added, after the one already there. iptables fails to load because of this... Is it the if tag that generated the line? how do I avoid that? Thanks a lot. Mohamed. Terminating with -% rather than % will stop the trailing whitespace. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Unwanted whitespace generated by template
On Thu, Feb 10, 2011 at 2:15 PM, Mohamed Lrhazi lrh...@gmail.com wrote: I have this in a template: ===cut here= # Allow ICMP traffic -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT % if netbackup_master_servers % Suppress the new line with a -% % if netbackup_master_servers -% Thanks, Nan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Unwanted whitespace generated by template
Thanks a lot. Turns out I also had an actual whitespace after the if tag !! On Thu, Feb 10, 2011 at 5:19 PM, Nan Liu n...@puppetlabs.com wrote: On Thu, Feb 10, 2011 at 2:15 PM, Mohamed Lrhazi lrh...@gmail.com wrote: I have this in a template: ===cut here= # Allow ICMP traffic -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT % if netbackup_master_servers % Suppress the new line with a -% % if netbackup_master_servers -% Thanks, Nan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: facter to display all active networks
You could probably get away with using template or an inline template. On Feb 10, 5:00 pm, windowsrefund windowsref...@gmail.com wrote: On Feb 10, 3:59 pm, Forrie for...@gmail.com wrote: Facter will display the values associated with network_* specific settings. Shouldn't there be a way to display all connected (active) networks in one command? For example: # facter networks 192.168.1.2 10.0.1.1 10.10.23.0 Sounds like it would be simple enough to write a custom fact to do this. My approach would probably involve returning an array of existing facts that match ^network_ I'd probably want to take it a bit further though and return CIDR formatted networks by combining the returned value of each corresponding netmask_ fact. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] dot in file path
I wish to have puppet copy a file to /etc/cron.hourly/ on target machines, however when puppetmaster attempts to build the catalog it complains about a syntax error in both nodes.pp as well as in the manifest init.pp for this class. I have experimented with various quotings as well as escaping the dot character with no success. Can anyone shed light on a solution? puppetmaster 2.6.2 on Debian Wheezy 6.0 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] dot in file path
dragonfly said: I wish to have puppet copy a file to /etc/cron.hourly/ on target machines, however when puppetmaster attempts to build the catalog it complains about a syntax error in both nodes.pp as well as in the manifest init.pp for this class. I have experimented with various quotings as well as escaping the dot character with no success. Can anyone shed light on a solution? puppetmaster 2.6.2 on Debian Wheezy 6.0 Hello :) There is no problem to put dots in a path: file { /etc/cron.hourly/walk_the_dog: source = puppet:///modules/dogwalker/walk_the_dog.cron, } Maybe you could show the actual code and syntax error? -- Rohan McGovern Quality Engineer Qt Development Frameworks, Nokia -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: puppetmaster 100%cpu usage on 2.6 (not on 0.24)
On 8 February 2011 06:15, Ashley Penney apen...@gmail.com wrote: I just upgraded the master, I was too lazy to do the nodes yet. On Mon, Feb 7, 2011 at 1:56 PM, Brice Figureau brice-pup...@daysofwonder.com wrote: On 07/02/11 17:23, Ashley Penney wrote: Because I like to live dangerously I upgraded to 2.6.5 and it seems like this has resolved the CPU problem completely for me. Did you upgrade the master or the master and all the nodes? Was that upgrade to 2.6.5rc2? Seems there has been a nice patch to speed up large HTTP POST PUTs. Since 2.6.x reports can be large (I have some approaching 1 Mb), this might be where the problem may have been https://projects.puppetlabs.com/projects/puppet/wiki/Release_Notes#2.6.5 https://projects.puppetlabs.com/issues/6257 John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] host classification based on hostnames
On Wed, Feb 9, 2011 at 3:06 AM, Nigel Kersten ni...@puppetlabs.com wrote: This is actually my favorite way of doing things. A single default node that includes a single module base which then decides which other modules to include. This does work best if you distribute custom facts that provide more abstracted semantics about roles though. Otherwise you end up with spaghetti Puppet code like you've started with above :) Say you distribute a custom fact role, it then becomes as simple as: class base { if $role == foo { include foo } } This is really helpful. It allows extra flexibility and still keeps things compartmentalized. Thanks, Joe -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Unable to use facts
On a client, does facter show the fact: # facter | grep operatingsystem On Thu, Feb 10, 2011 at 4:37 PM, windowsrefund windowsref...@gmail.com wrote: operatingsystem -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet in the DMZ
On Feb 10, 2011, at 10:25 PM, John Warburton wrote: Curse GW Bush and his 'Axis of Evil' - my google searches are contaminated with hits to Korea, and other such fun... Does anyone have any experiences with puppet in the DMZ they can share? At my puppet master training (Hi Hunter), it was mentioned some people compile their catalogs inside, then ship them out to servers in the DMZ to be applied. I understand that fine, but we use facts quite a bit to get state information, so the traditional part of the client server/model where facts are shipped back from the client to the puppet server is missing. How do people get around the common rule that DMZ servers should not initiate network connections back to the internal network? Should we have a puppet server in the DMZ? Just in case you didn't think of these already: If you do ship out catalogs manually, you can't use the puppet:///modules/module... style file serving. Everything done with content should still work. Next keep in mind that for Package to work, you need to be able to see the package repository. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.