Re: [Puppet Users] apache service start problem
Hi,
May not be the best solution, but you could keep the ssl.conf file declaration
but it's source could be made harmless, ie, have a file called ssl.conf that
has the httpd directives hashed out.
That way the file can exist but not interfere.
There maybe better ways though.
Cheers,
On 16/03/2011, at 9:40, Tim Dunphy wrote:
> hello list!!
>
> I have developed a custom apache module for my company that setups up
> our own particular config of httpd and php in order to run our sites..
> However, there is one wrinkle. It take two puppet runs to start the
> httpd service with this module and we'd like to get that down to one
> run!
>
> The reason seems to be that we have our own custom ssl vhost conf
> that we use called 001-chrome-ssl.conf. What happens is that apache
> gets installed and plops it's own version of ssl.conf in there, then
> my module puts OUR version of ssl.conf in there and both files glom
> onto 443 thereby preventing the apache service from starting!
>
> The solution I came up with is to tidy the default apache ssl.conf
> file that gets installed by apache. However, on the first puppet run
> it tries to tidy the ssl.conf file which isn't there! then apache
> installs it's ssl.conf and we install our ssl.conf and the two
> disagree with each other.
>
> My attempt to solve this problem was to put a tidy resource right
> before the service resource that starts apache. And then I require
> that tidy resource in the apache service resource itself. However that
> didn't solve the problem. I was wondering if I could have an opinion
> on how to get this puppet run down to one run!
>
>
> class apache {
>
>$packagelist =
> ["httpd.$architecture","httpd-devel.$architecture","webalizer.$architecture","php.$architecture","php-common.$architecture","php-devel.$architecture","php-xmlrpc.$architecture","php-gd.$architecture",
> "php-pear.noarch", "php-pdo.$architecture",
> "php-mcrypt.$architecture", "php-mhash.$architecture",
> "php-mysql.$architecture", "php-cli.$architecture",
> "php-soap.$architecture", "php-xml.$architecture",
> "mod_ssl.$architecture"]
>
>package { $packagelist:
> ensure => "installed"
>}
>
>
>
>
> exec { "create httpd dir":
>command => "/bin/mkdir -p /etc/httpd",
>creates => "/etc/httpd"
>
> }
>
> exec {"create apache module dir":
>command => "/bin/mkdir -p /usr/lib/httpd/modules",
>creates => "/usr/lib/httpd/modules/mod_file_cache.so"
> }
>
> exec { "create apache module link":
> command => "/bin/ln -s /usr/lib/httpd/modules /etc/httpd/modules",
> require => Exec["create apache module dir"],
> creates => "/etc/httpd/modules"
> }
>
> exec { "create apache log dir":
>command => "/bin/mkdir -p /var/log/httpd/logs",
>creates => "/var/log/httpd/logs"
> }
>
>
> exec { "create apache error log":
>command => "/bin/touch /etc/httpd/logs/error_log",
>require => Exec["create apache log dir"],
>creates => "/etc/httpd/logs/error_log"
> }
>
> exec { "create apache log link":
> command => "/bin/ln -s /var/log/httpd/logs /etc/httpd/logs",
> require => Exec["create apache log dir"],
> creates => "/etc/httpd/logs"
>}
>
>
>
>exec { "create apache run dir":
>command => "/bin/mkdir -p /var/run/httpd",
>creates => "/var/run/httpd"
> }
>
>
> exec { "create apache run link":
> command => "/bin/ln -s /var/run/httpd /etc/httpd/run",
> require => Exec["create apache log dir"],
> creates => "/etc/httpd/run"
>}
>
>exec { "create httpd conf dir":
>command => "/bin/mkdir -p /etc/httpd/conf.d",
>creates => "/etc/httpd/conf.d"
>
> }
>
>
> exec { "create httpd vhost conf dir":
>command => "/bin/mkdir -p /etc/httpd/conf",
>creates => "/etc/httpd/conf"
>
> }
>
>
> file { "/etc/php.ini":
> owner => root,
> group => root,
> mode => 440,
> source => "puppet:///apache/php.ini"
> }
>
> file { "/usr/lib/httpd/modules/mod_file_cache.so":
> owner => root,
> group => root,
> mode => 766,
> require => Exec["create apache module dir"],
> source => "puppet:///apache/krome/httpd/modules/mod_file_cache.so"
> }
>
> file {
> "/etc/httpd/conf/httpd.conf":
>owner => root,
>group => root,
>mode => 440,
>require => Exec["create httpd conf dir"],
>source => "puppet:///apache/krome/httpd/conf/httpd.conf"
> }
>
>
> file {
>"/usr/lib/httpd/modules/mod_auth_basic.so":
> owner => root,
> group => root,
> mode => 766,
> source => "puppet:///apache/krome/httpd/modules/mod_auth_basic.so"
> }
>
>
>
> file {
> "/etc/httpd/conf.d/000-ssl.conf":
>owner => root,
>group => root,
>mode => 440,
>require => Exec["create httpd conf dir"],
>source => "puppet:///apache/krome/httpd/conf.d/000-
Re: [Puppet Users] apache service start problem
On 3/15/2011 6:40 PM, Tim Dunphy wrote:
hello list!!
I have developed a custom apache module for my company that setups up
our own particular config of httpd and php in order to run our sites..
However, there is one wrinkle. It take two puppet runs to start the
httpd service with this module and we'd like to get that down to one
run!
The reason seems to be that we have our own custom ssl vhost conf
that we use called 001-chrome-ssl.conf. What happens is that apache
gets installed and plops it's own version of ssl.conf in there, then
my module puts OUR version of ssl.conf in there and both files glom
onto 443 thereby preventing the apache service from starting!
The solution I came up with is to tidy the default apache ssl.conf
file that gets installed by apache. However, on the first puppet run
it tries to tidy the ssl.conf file which isn't there! then apache
installs it's ssl.conf and we install our ssl.conf and the two
disagree with each other.
Rather than abusing the tidy type, try just using a file type with ensure set to
absent:
file { "/etc/httpd/conf.d/ssl.conf":
ensure => absent,
require => Package["httpd.$architecture"]
}
The absent value will cause puppet to just delete the file unconditionally
whenever it finds it, and the require will make sure puppet checks for the files
existence after the httpd package is installed.
On a related note, you could get rid of most or all of those exec types by using
the file type, set to create links or directories. Check out the type reference
page if you're not familiar with those options.
--
Frank Sweetser fs at wpi.edu | For every problem, there is a solution that
WPI Senior Network Engineer | is simple, elegant, and wrong. - HL Mencken
GPG fingerprint = 6174 1257 129E 0D21 D8D4 E8A3 8E39 29E3 E2E8 8CEC
--
You received this message because you are subscribed to the Google Groups "Puppet
Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] apache service start problem
hello list!!
I have developed a custom apache module for my company that setups up
our own particular config of httpd and php in order to run our sites..
However, there is one wrinkle. It take two puppet runs to start the
httpd service with this module and we'd like to get that down to one
run!
The reason seems to be that we have our own custom ssl vhost conf
that we use called 001-chrome-ssl.conf. What happens is that apache
gets installed and plops it's own version of ssl.conf in there, then
my module puts OUR version of ssl.conf in there and both files glom
onto 443 thereby preventing the apache service from starting!
The solution I came up with is to tidy the default apache ssl.conf
file that gets installed by apache. However, on the first puppet run
it tries to tidy the ssl.conf file which isn't there! then apache
installs it's ssl.conf and we install our ssl.conf and the two
disagree with each other.
My attempt to solve this problem was to put a tidy resource right
before the service resource that starts apache. And then I require
that tidy resource in the apache service resource itself. However that
didn't solve the problem. I was wondering if I could have an opinion
on how to get this puppet run down to one run!
class apache {
$packagelist =
["httpd.$architecture","httpd-devel.$architecture","webalizer.$architecture","php.$architecture","php-common.$architecture","php-devel.$architecture","php-xmlrpc.$architecture","php-gd.$architecture",
"php-pear.noarch", "php-pdo.$architecture",
"php-mcrypt.$architecture", "php-mhash.$architecture",
"php-mysql.$architecture", "php-cli.$architecture",
"php-soap.$architecture", "php-xml.$architecture",
"mod_ssl.$architecture"]
package { $packagelist:
ensure => "installed"
}
exec { "create httpd dir":
command => "/bin/mkdir -p /etc/httpd",
creates => "/etc/httpd"
}
exec {"create apache module dir":
command => "/bin/mkdir -p /usr/lib/httpd/modules",
creates => "/usr/lib/httpd/modules/mod_file_cache.so"
}
exec { "create apache module link":
command => "/bin/ln -s /usr/lib/httpd/modules /etc/httpd/modules",
require => Exec["create apache module dir"],
creates => "/etc/httpd/modules"
}
exec { "create apache log dir":
command => "/bin/mkdir -p /var/log/httpd/logs",
creates => "/var/log/httpd/logs"
}
exec { "create apache error log":
command => "/bin/touch /etc/httpd/logs/error_log",
require => Exec["create apache log dir"],
creates => "/etc/httpd/logs/error_log"
}
exec { "create apache log link":
command => "/bin/ln -s /var/log/httpd/logs /etc/httpd/logs",
require => Exec["create apache log dir"],
creates => "/etc/httpd/logs"
}
exec { "create apache run dir":
command => "/bin/mkdir -p /var/run/httpd",
creates => "/var/run/httpd"
}
exec { "create apache run link":
command => "/bin/ln -s /var/run/httpd /etc/httpd/run",
require => Exec["create apache log dir"],
creates => "/etc/httpd/run"
}
exec { "create httpd conf dir":
command => "/bin/mkdir -p /etc/httpd/conf.d",
creates => "/etc/httpd/conf.d"
}
exec { "create httpd vhost conf dir":
command => "/bin/mkdir -p /etc/httpd/conf",
creates => "/etc/httpd/conf"
}
file { "/etc/php.ini":
owner => root,
group => root,
mode => 440,
source => "puppet:///apache/php.ini"
}
file { "/usr/lib/httpd/modules/mod_file_cache.so":
owner => root,
group => root,
mode => 766,
require => Exec["create apache module dir"],
source => "puppet:///apache/krome/httpd/modules/mod_file_cache.so"
}
file {
"/etc/httpd/conf/httpd.conf":
owner => root,
group => root,
mode => 440,
require => Exec["create httpd conf dir"],
source => "puppet:///apache/krome/httpd/conf/httpd.conf"
}
file {
"/usr/lib/httpd/modules/mod_auth_basic.so":
owner => root,
group => root,
mode => 766,
source => "puppet:///apache/krome/httpd/modules/mod_auth_basic.so"
}
file {
"/etc/httpd/conf.d/000-ssl.conf":
owner => root,
group => root,
mode => 440,
require => Exec["create httpd conf dir"],
source => "puppet:///apache/krome/httpd/conf.d/000-ssl.conf"
}
file {
"/etc/httpd/conf.d/001-chrome-ssl.conf":
owner => root,
group => root,
mode => 440,
require => Exec["create httpd conf dir"],
source => "puppet:///apache/krome/httpd/conf.d/001-chrome-ssl.conf"
}
file {
"/etc/httpd/conf.d/002-chrome.conf":
owner => root,
group => root,
mode => 440,
require => Exec["create httpd conf dir"],
source => "puppet:///apache/krome/httpd/conf.d/002-chrome.conf"
}
file {
"/etc/httpd/conf.d/php.conf":
owner => root,
Re: [Puppet Users] How to ignore/skip node definitions with puppetdoc?
On 15/03/11 22:14, windowsrefund wrote: > I've got thousands of node definitions under manifests/nodes and don't > see any way to avoid documenting them when calling puppetdoc. Am I > missing something? To my knowledge it's not possible directly. > puppetdoc --all -m rdoc --modulepath modules --manifestdir manifests > manifests/site.pp > > I've tried commenting out the lines in site.pp that import the node > definitions but puppetdoc appears to find them regardless. If you don't care about the manifests that are in "manifests", you can try: puppetdoc --all -m rdoc --modulepath modules --manifestdir /path/to/emptydir The idea is that puppetdoc will parse only the modules. HTH, -- Brice Figureau My Blog: http://www.masterzen.fr/ -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] How to ignore/skip node definitions with puppetdoc?
I've got thousands of node definitions under manifests/nodes and don't see any way to avoid documenting them when calling puppetdoc. Am I missing something? puppetdoc --all -m rdoc --modulepath modules --manifestdir manifests manifests/site.pp I've tried commenting out the lines in site.pp that import the node definitions but puppetdoc appears to find them regardless. Running 0.25.5 here and have looked at the newer version in 2.6.6 but I still don't see the feature I'm looking for. Thanks in advance for any leads -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: error SSL_connect SYSCALL returned=5 errno=0 state=SSLv2/v3 read server hello A
ah, please disregard. It seems I found the problem, there is a firewall that is blocking the port which I found when I tried to check the cert # openssl s_client -connect henson.lab.nbttech.com:8140 CONNECTED(0003) 14010:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188: On Mar 15, 10:59 am, Kash wrote: > Hello folks, > I am getting this error on one of the clients, here's all of the > output. It was working on this client and today it stopped working. I > cleaned the cert for this client puppetmaster by "puppetca --clean > host.domain.com" and I removed the "/var/lib/puppet/ssl" directory so > it would get new certs. But I still keep getting the same error as > below. I have other clients which work just fine. > > I don't even see a request for new cert on the host (puppetca --list) > > # puppetd --test --debug --trace > > debug: Creating default schedules > debug: Failed to load library 'ldap' for feature 'ldap' > debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ > puppet/ssl]: Autorequiring File[/var/lib/puppet] > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/public_keys/cam-dhcp1.lab.nbttech.com.pem]: Autorequiring > File[/var/lib/puppet/ssl/public_keys] > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/certs]: Autorequiring File[/var/lib/puppet/ssl] > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/csr_cam-dhcp1.lab.nbttech.com.pem]: Autorequiring File[/var/ > lib/puppet/ssl] > debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ > puppet/lib]: Autorequiring File[/var/lib/puppet] > debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ > puppet/state]: Autorequiring File[/var/lib/puppet] > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/private]: Autorequiring File[/var/lib/puppet/ssl] > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/private_keys/cam-dhcp1.lab.nbttech.com.pem]: Autorequiring > File[/var/lib/puppet/ssl/private_keys] > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/public_keys]: Autorequiring File[/var/lib/puppet/ssl] > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/private_keys]: Autorequiring File[/var/lib/puppet/ssl] > debug: /Settings[/etc/puppet/puppet.conf]/Settings[puppetd]/File[/etc/ > puppet/puppet.conf]: Autorequiring File[/etc/puppet] > debug: Finishing transaction -607037388 with 0 changes > debug: Calling puppetca.getcert > warning: peer certificate won't be verified in this SSL session > /usr/lib/ruby/1.8/puppet/network/xmlrpc/client.rb:57:in `getcert' > /usr/lib/ruby/1.8/puppet/network/client/ca.rb:26:in `request_cert' > /usr/lib/ruby/1.8/puppet/executables/client/certhandler.rb:38:in > `retrieve_cert' > /usr/lib/ruby/1.8/puppet/executables/client/certhandler.rb:27:in > `read_retrieve' > /usr/sbin/puppetd:347 > err: Could not request certificate: Certificate retrieval failed: > Certificates were not trusted: SSL_connect SYSCALL returned=5 errno=0 > state=SSLv2/v3 read server hello A -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] error SSL_connect SYSCALL returned=5 errno=0 state=SSLv2/v3 read server hello A
Hello folks, I am getting this error on one of the clients, here's all of the output. It was working on this client and today it stopped working. I cleaned the cert for this client puppetmaster by "puppetca --clean host.domain.com" and I removed the "/var/lib/puppet/ssl" directory so it would get new certs. But I still keep getting the same error as below. I have other clients which work just fine. I don't even see a request for new cert on the host (puppetca --list) # puppetd --test --debug --trace debug: Creating default schedules debug: Failed to load library 'ldap' for feature 'ldap' debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ puppet/ssl]: Autorequiring File[/var/lib/puppet] debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/public_keys/cam-dhcp1.lab.nbttech.com.pem]: Autorequiring File[/var/lib/puppet/ssl/public_keys] debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/certs]: Autorequiring File[/var/lib/puppet/ssl] debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/csr_cam-dhcp1.lab.nbttech.com.pem]: Autorequiring File[/var/ lib/puppet/ssl] debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ puppet/lib]: Autorequiring File[/var/lib/puppet] debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ puppet/state]: Autorequiring File[/var/lib/puppet] debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/private]: Autorequiring File[/var/lib/puppet/ssl] debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/private_keys/cam-dhcp1.lab.nbttech.com.pem]: Autorequiring File[/var/lib/puppet/ssl/private_keys] debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/public_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/private_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: /Settings[/etc/puppet/puppet.conf]/Settings[puppetd]/File[/etc/ puppet/puppet.conf]: Autorequiring File[/etc/puppet] debug: Finishing transaction -607037388 with 0 changes debug: Calling puppetca.getcert warning: peer certificate won't be verified in this SSL session /usr/lib/ruby/1.8/puppet/network/xmlrpc/client.rb:57:in `getcert' /usr/lib/ruby/1.8/puppet/network/client/ca.rb:26:in `request_cert' /usr/lib/ruby/1.8/puppet/executables/client/certhandler.rb:38:in `retrieve_cert' /usr/lib/ruby/1.8/puppet/executables/client/certhandler.rb:27:in `read_retrieve' /usr/sbin/puppetd:347 err: Could not request certificate: Certificate retrieval failed: Certificates were not trusted: SSL_connect SYSCALL returned=5 errno=0 state=SSLv2/v3 read server hello A -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] State of the pkgutil provider?
On 14/03/11 22:52, Jonathan wrote: > Just wondering if anyone knows if work is still being done on this > provider. Yep, best to follow the ticket, that has the latest news and follow puppet-dev for a little bit of discussion: http://projects.puppetlabs.com/issues/4258 It's feeling pretty solid at the moment in my experience. > At present, one is not able to ensure that a particular version is > installed and this is crucial for a job that I need to do. Last > activity on this seems to have been in late 2010. > > I've looked at the provider source and I have the vaguest notion about > how it works but my Ruby is close to nonexistent so I'm not sure that > I'd be able to do much myself, although all indications are that I'm > going to have to try if I want it to happen. That'd be great. > Before embarking on this, though, I'd like to ask a few questions ... > > 1. Is there anyone looking into this at the moment? > 2. Is it even technically feasible? Nobody has been looking at it, it would be great if you and Mark want to and I'd be happy to help. I haven't even seen any examples of pkgutil catalogs with multiple versions, so it'd be good to check it copes properly in its current form too. (Unit tests!) I think it's best to first collect some evidence about the output format of pkgutil with multiple versions and what's possible compared to say yum, then work out how to integrate that into the provider. -- Dominic Cleal Red Hat Consulting m: +44 (0)7818 512168 -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] How to get the result of a command in puppet?
In that case I've got nothing. Sorry. On Mar 15, 2011, at 6:37 AM, duff wrote: > Hi Brian > > The problem isn't the lack of output from the puppet custom function. I have > written some that return results. > I used puts statements in the example to show the absence of result from the > %x[] statement without having to write some convoluted manifest and puppet > output. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] How do you distribute ruby-augeas for ruby-entreprise?
I was hoping for one magic command, like : /opt/ruby-enterprise/bin/gem rebuild-gem --no-rdoc --no-ri /tmp/ruby-augeas-0.3.0.gem I guess I have to learn and do it myself. thanks a lot for the tips and refs. Mohamed. On Tue, Mar 15, 2011 at 11:23 AM, Naresh V wrote: > On 15 March 2011 20:38, Mohamed Lrhazi wrote: >> We are using ruby-entreprise, instead of redhat's default ruby I >> was trying to deploy the needed gem using: >> >> /opt/ruby-enterprise/bin/gem install --no-rdoc --no-ri >> /tmp/ruby-augeas-0.3.0.gem >> >> But found out this would require gcc to be installed! >> >> How can I preb-build this gem to remove the need for gcc on the nodes? > > Why not build REE-specific rubygem-$GEM RPMs? > > You could use gem2rpm to create spec files and update 'ruby', 'gem' > with '/opt/ruby-enterprise/bin/ruby', '/opt/ruby-enterprise/bin/gem' > in the spec file (or even make a default gem2rpm template with that) > (customise as much as you want) and build your RPMs. > > (relevant: > http://zeusville.wordpress.com/2010/11/05/gem2rpm-and-development-deps/ > ) > > > -Naresh V. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] "schedule is a metaparam; this value will inherit to all contained resources" ?
On Tue, Mar 15, 2011 at 6:14 AM, Martijn Grendelman wrote:
> Hi,
>
> I have a type named apt::package, that installs packages on Debian base
> systems. By default, it sets the schedule to something I defined, to
> prevent package updates from happening outside maintenance hours.
>
> Now, in a specific class, I do this:
>
> # This is normally a manual puppet run, so ignore the maintenance window
> Apt::Package {
> schedule => "common::schedule::always",
> }
>
> This results in the following text being written to the log:
>
> "puppet-master[30601]: schedule is a metaparam; this value will inherit to
> all contained resources"
>
> This message doesn't give many results in Google, so I wonder:
>
> What exactly does that mean?
It means that if you have any other resources *inside* the
Apt::Package definition, they will also inherit the schedule parameter
you're passing in.
> Does it do something unexpected (I expect the default to apply to any
> apt::package defined in that specific class, and nothing else)?
> Why is it necessary to log this, if nothing is wrong?
It's warning you that it will automatically inherit the schedule
metaparameter because this may not be what you expected to happen.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] How do you distribute ruby-augeas for ruby-entreprise?
On 15 March 2011 20:38, Mohamed Lrhazi wrote: > We are using ruby-entreprise, instead of redhat's default ruby I > was trying to deploy the needed gem using: > > /opt/ruby-enterprise/bin/gem install --no-rdoc --no-ri > /tmp/ruby-augeas-0.3.0.gem > > But found out this would require gcc to be installed! > > How can I preb-build this gem to remove the need for gcc on the nodes? Why not build REE-specific rubygem-$GEM RPMs? You could use gem2rpm to create spec files and update 'ruby', 'gem' with '/opt/ruby-enterprise/bin/ruby', '/opt/ruby-enterprise/bin/gem' in the spec file (or even make a default gem2rpm template with that) (customise as much as you want) and build your RPMs. (relevant: http://zeusville.wordpress.com/2010/11/05/gem2rpm-and-development-deps/ ) -Naresh V. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] grub config
Am 15.03.2011 03:25, schrieb David Kavanagh:
> Has anyone come up with a preferred method of messing with grub? I need to
> install a hypervisor (like xen or kvm) and modify the grub.conf to make the
> machine boot from the new kernel.
> I might mess with Augeas. What do the experts say?
We use Puppet to bring a short shell script to every machine which scans
for available kernels and writes a grub.conf to reflect these. This is
modelled after the Debian approach, albeit much simpler because some
parameters in grub.conf are known to the infrastructure and can thus
statically inserted by Puppet.
Our script for Gentoo looks like this (feel free to use and adapt):
---
#!/bin/bash
# Generate GRUB config from contents of /boot.
# Managed by Puppet: do not edit this file directly. It will be overwritten!
set -e
ROOT="<%= grub_root %>"
OPTS="root=<%= part_root %> dolvm console=ttyS1,57600 console=tty0"
# fail is there are no kernels found in /boot - it is probably not mounted
ls /boot/kernel* >/dev/null 2>&1
cat >/boot/grub/grub.conf <<__EOT__
default 0
fallback 1
timeout 5
title Gentoo GNU/Linux
root ${ROOT}
kernel /boot/kernel ${OPTS}
title Gentoo GNU/Linux (old)
root ${ROOT}
kernel /boot/kernel.old ${OPTS}
__EOT__
for kernel in /boot/kernel-genkernel-*; do
vers=${kernel#/boot/kernel-genkernel-}
cat >>/boot/grub/grub.conf <<__EOT__
title ${vers}
root ${ROOT}
kernel ${kernel} ${OPTS}
__EOT__
done
grub --batch < · k...@gocept.com · systems administration
gocept gmbh & co. kg · forsterstraße 29 · 06112 halle (saale) · germany
http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1
Zope and Plone consulting and development
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Proposal: "strict" mode for manifests
Am 08.03.2011 23:37, schrieb Robin Bowes: > I'd really like puppet to blow-up at this stage and tell me that I've > used an variable without defining it first. Those familiar with perl > will recognise this as "use strict;". I would greatly appreciate such a feature. Is there already a ticket to vote? Regards Christian -- Dipl.-Inf. Christian Kauhaus <>< · k...@gocept.com · systems administration gocept gmbh & co. kg · forsterstraße 29 · 06112 halle (saale) · germany http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1 Zope and Plone consulting and development -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] How do you distribute ruby-augeas for ruby-entreprise?
We are using ruby-entreprise, instead of redhat's default ruby I was trying to deploy the needed gem using: /opt/ruby-enterprise/bin/gem install --no-rdoc --no-ri /tmp/ruby-augeas-0.3.0.gem But found out this would require gcc to be installed! How can I preb-build this gem to remove the need for gcc on the nodes? is there an option of the gem command to generate a distributable form? Thanks a lot. Mohamed. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] grub config
On 03/15/2011 03:25 AM, David Kavanagh wrote: > Has anyone come up with a preferred method of messing with grub? I need > to install a hypervisor (like xen or kvm) and modify the grub.conf to > make the machine boot from the new kernel. > I might mess with Augeas. What do the experts say? Hi, don't ever modify grub.cfg, neither with nor without puppet. It's not meant for that. What I do is use puppet to mess with the powerful scriptlets in /etc/grub.d (e.g., I rename them to have xen before non-xen kernels and roll my own modified version of the xen finding scriptlet to correctly detect my xen config). HTH, Felix -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] How to get the result of a command in puppet?
Hi Brian
The problem isn't the lack of output from the puppet custom function. I have
written some that return results.
I used puts statements in the example to show the absence of result from the
%x[] statement without having to write some convoluted manifest and puppet
output.
The %x[] statement runs and returns a result if executed on the command line
using
> ruby myfile.rb
cmd = "/usr/bin/svn ls http://url_of_my_repositorys_tags |
/usr/bin/tail -1"
puts cmd
puts %x[ #{cmd} ]
outputs:
my_tag_name/
Any ideas why the same command would stop running once wrapped in puppet?
If I run it using system(), I get "True" as the result, but that's not what
I want
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] "schedule is a metaparam; this value will inherit to all contained resources" ?
Hi,
I have a type named apt::package, that installs packages on Debian base
systems. By default, it sets the schedule to something I defined, to
prevent package updates from happening outside maintenance hours.
Now, in a specific class, I do this:
# This is normally a manual puppet run, so ignore the maintenance window
Apt::Package {
schedule => "common::schedule::always",
}
This results in the following text being written to the log:
"puppet-master[30601]: schedule is a metaparam; this value will inherit to
all contained resources"
This message doesn't give many results in Google, so I wonder:
What exactly does that mean?
Does it do something unexpected (I expect the default to apply to any
apt::package defined in that specific class, and nothing else)?
Why is it necessary to log this, if nothing is wrong?
Best regards,
Martijn.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] could not find class
Thanks. This is what I thought and I tried moving that class to a
module named groups to no avail. I'll revisit to see what I did wrong.
On Mar 15, 2011, at 4:48, Martijn Grendelman wrote:
> On 14-03-11 22:31, Brandon Metcalf wrote:
>> I'm using the module https://github.com/sansnoc/puppet/tree/master/users
>> but running into a problem where puppet can't find a class. In /etc/
>> puppet/manifests/nodes.pp I have
>>
>> node basenode {
>> include hosts
>> include groups::namidev
>> include users::people
>> include users::namidev
>> }
>> node 'util1.foo.com' inherits basenode {
>> }
>>
>> In /etc/puppet/modules/users/manifests/init.pp I have
>>
>> class groups::namidev {
>> @group { "namidev": ensure => present, gid => "2001", }
>> }
>> class users::namidev {
>> Useraccount <| pgroup == namidev |>
>> }
>>
>> users::namidev is located fine, but not groups::namidev. What am I
>> doing wrong?
>
> Your module is called 'users', so the classes in it should be named
> users::something to be found by the autoloading mechanism. groups::namidev
> doesn't work, it would only be found in a module named 'groups'.
>
> Best regards,
> Martijn.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Proposal: "strict" mode for manifests
> I''d wonder where you change the option though. In the environment level
> options on the master? Also, I'm thinking you'd also need a syntax that
> reverses it for looking at facts that might not exist for something like this:
> non_strict("cpuid")
> to replace the expression:
> $cpuid
> if you don't know if the fact exists. This might happen if the host's copy
> of factor hasn't been changed in a while and you don't want puppet to fail to
> compile the catalog that will update factor.
This is a very good point. It's not rare to even rely on some facts
usually not being present.
I'm not a fan of the suggested syntax, though. This escape should be
meant to be used for facts only (or are we liking dynamic scoping
again?) and thus maybe there should be a fact() function of somesuch.
On the other hand, it's certainly desirable to keep using the good old
$factname syntax. As this thread started off with a perl reference, why
wouldn't we want a 'use variables $varname ...' syntax that declares
variables as known without initializing them?
Cheers,
Felix
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: configsync requires 2nd puppet run for plugin loading to work
On Mon, Mar 14, 2011 at 3:27 PM, Mikael Fridh wrote: > First run of puppet performs a configsync and an attempt to load the > downloaded plugins, the provider fails to be found by puppet in this > first run, another re-run of puppet is needed for the provider to > work, see debug output below. > > Is this a bug or am I missing something you think? Following up myself here since I found the bug: https://projects.puppetlabs.com/issues/3561 https://projects.puppetlabs.com/issues/3136 https://projects.puppetlabs.com/issues/4416 -- Mikael Fridh -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] could not find class
On 14-03-11 22:31, Brandon Metcalf wrote:
> I'm using the module https://github.com/sansnoc/puppet/tree/master/users
> but running into a problem where puppet can't find a class. In /etc/
> puppet/manifests/nodes.pp I have
>
> node basenode {
>include hosts
>include groups::namidev
>include users::people
>include users::namidev
> }
> node 'util1.foo.com' inherits basenode {
> }
>
> In /etc/puppet/modules/users/manifests/init.pp I have
>
> class groups::namidev {
> @group { "namidev": ensure => present, gid => "2001", }
> }
> class users::namidev {
> Useraccount <| pgroup == namidev |>
> }
>
> users::namidev is located fine, but not groups::namidev. What am I
> doing wrong?
Your module is called 'users', so the classes in it should be named
users::something to be found by the autoloading mechanism. groups::namidev
doesn't work, it would only be found in a module named 'groups'.
Best regards,
Martijn.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] State of the pkgutil provider?
On 14 Mar 2011, at 22:52, Jonathan wrote: > Hi all, > > Just wondering if anyone knows if work is still being done on this > provider. > > At present, one is not able to ensure that a particular version is > installed and this is crucial for a job that I need to do. Last > activity on this seems to have been in late 2010. Hi Jonathan, I've just released 2.6.6 for OpenCSW and it includes pkgutil.rb as it stood last week - https://github.com/gw42/puppet/blob/tickets%2Fmaster%2F4258-dev/lib/puppet/provider/package/pkgutil.rb It appears Juerg Walz is maintaining this at the moment. I haven't tried the latest pkgutil provider, so I couldn't tell you if it supports versions. I'll be attempting to look at it later today. Sorry if that's not a tremendous amount of use. Regards, --Mark -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Proposal: "strict" mode for manifests
This is a huge +1 from me On Mon, Mar 14, 2011 at 9:41 PM, Kevin Beckford wrote: > This certainly explains a lot. A very good idea, IMO. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
