Re: [Puppet Users] Re: Nodes graphs
Hello, Le 04/04/11 05:26, donavan a écrit : On Apr 3, 10:10 am, Jean Baptiste FAVRE jean.baptiste.fa...@gmail.com wrote: But I would like to highlight nodes dependenxies as well. Is there any way to get a global node-centric graph ? If yes, how: server-side, client-side, both ? You might want to try this on puppet-dev. As far as I recall there's no network graph representing node interactions. I think this is on the ToDo list. Thanks for you answer, will try on puppet-dev. Regard, JB -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Merge folders
We'd like to make the contents of a folder contain all the files from two different folders on the server. Which folder to merge will be different for different client machines. How can I specify that in a file rule? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Puppet on Redhat 6
Sorry for the somewhat late response. No is was not a direct cut and paste, i left out some personal information and accidentally cut the ending double quote as well. I sent this log as an example. I get the error on any file I want to replace/keep is a certain state. Like a simple module to keep the issue file the way we want: class issue { file { /etc/issue: owner = root, group = root, mode= 644, source = puppet://$puppetmaster/modules/issue/ issue; } ends in a similar way: info: Applying configuration version '1301906526' debug: file_metadata supports formats: b64_zlib_yaml marshal pson raw yaml; using pson debug: /File[/etc/issue.net]/content: Executing 'diff -u /etc/ issue.net /tmp/puppet-file20110404-27227-u2uokh-0' /usr/lib/ruby/site_ruby/1.8/puppet/util.rb:341: [BUG] Segmentation fault ruby 1.8.7 (2010-06-23 patchlevel 299) [x86_64-linux] Aborted (core dumped) It seems like the execution of a system command from within the ruby script fails, but I'm not to good with ruby. The modules are used without problems on systems with SLES11 and CentOS 5.5 - John On Apr 1, 9:36 pm, Frank Sweetser f...@wpi.edu wrote: On 4/1/2011 5:15 AM, JohnW wrote: Hello I have been using puppet for a while now, more or less successfully on SLES 11 and CentOS 5.5 currently I am using puppet 2.6.6 I now am trying it out on redhat 6, and now i run into an problem with even the simplest of modules/classes The error I get is : debug: /Stage[main]/Motd/File[/etc/motd]/content: Executing 'diff -u / etc/motd /tmp/puppet-file20110401-3455-malx7x-0' /usr/lib/ruby/site_ruby/1.8/puppet/util.rb:341: [BUG] Segmentation fault ruby 1.8.7 (2010-06-23 patchlevel 299) [x86_64-linux] my motd module is like this: class motd { $ascii = generate('/bin/sh', '-c', /bin/echo OS: $operatingsystem ) Is this a direct cut and paste? Because if so, you're missing a closing double quote here. -- Frank Sweetser fs at wpi.edu | For every problem, there is a solution that WPI Senior Network Engineer | is simple, elegant, and wrong. - HL Mencken GPG fingerprint = 6174 1257 129E 0D21 D8D4 E8A3 8E39 29E3 E2E8 8CEC -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] puppet client certs dns
On 04/01/2011 08:23 PM, FRLinux wrote: Hello, First off, forgive me if that has been discussed before. Has there been any thought given to using dns records queried from the IP of a host where puppet is installed? Reason I'm asking is we had an issue in which our fqdn got screwed up in /etc/hosts in the form of node.example instead of host.example.com and that led to the server signing the cert for the host (yeah bad, we use auto signing) as node.example which of course was not a valid host declared in sites. This is not a rant, just a question. Thanks for anyone who can shed any light on this. Hi, certification can be painful at times, but I don't see the real problem you had with requesting a signature on a badly named cert? You can always just revoke it on the master and have your client issue a new CSR. Regards, Felix -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: ssh_authorized_keys - not adding keys ... (??)
On 04/02/2011 08:40 PM, Cody Robertson wrote: It looks like the `user` portion is overriding the original resource? I haven't checked if this would work but maybe you can do something along these lines: Ssh_authorized_key | title == test.user.key |{ user = [test.user,studio_app], } Probably not. Afaik, an ssh_authorized_key resource is associated with exactly one user. What you want to do is 1. assign your key to a variable ($testkey = AAAgwiv...) 2. declare two ssh_authorized_key resources that both use that variable as the key parameter. HTH, Felix -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Use puppet to preconfigure gnome gvfs shares
On Apr 2, 8:58 pm, Christian Kauhaus k...@gocept.com wrote: Am 01.04.2011 11:11, schrieb spidernik84: I don't think that Puppet is designed to support this sort of interactive behavior. I'd rather suggest to deploy a custom shell script via Puppet that performs the outlined actions on a user's first login. For example, pam_exec is providing this functionality. Something in /etc/profile (or your login shell's equivalent) would also be feasible. Thank you Christian, this is for sure an interesting option. I'll investigate further. Regards, Nicola -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Merge folders
I'm trying to do this using an array variable and the sourceselect parameter. class parent { $sources = [ '/path/to/first' ] file { '...': ensure = directory, source = $sources, sourceselect = all } } class child { $sources += [ '/path/to/second' ] } But it complains that: Error 400 on SERVER: Puppet::Parser::AST::VarDef failed with error TypeError: can't convert Array into String Is puppet not capable of using an array variable for an array parameter? Do I need to use a special syntax for this? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Merge folders
Ah, it works if the variable is in the outer scope: $sources = [ '/path/to/first' ] class parent { file { '...': ensure = directory, source = $sources, sourceselect = all } } class child { $sources += [ '/path/to/second' ] } -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Merge folders
Correction: this only works if the place that uses the variable (the 'file' resource) comes after the place where the variable is modified. In our case that meant the child looks like this: class child { $sources += [ '/path/to/second' ] include parent } -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] puppet client certs dns
On Mon, Apr 4, 2011 at 9:50 AM, Felix Frank felix.fr...@alumni.tu-berlin.de wrote: certification can be painful at times, but I don't see the real problem you had with requesting a signature on a badly named cert? You can always just revoke it on the master and have your client issue a new CSR. Hello, Thanks for your response, my point was more that if puppet relied on querying the FQDN for the box, it would request the right cert all the time. Cheers, Steph -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] puppet-dashboard
Hello, I have another quick one about puppet dashboard. We are using the Debian one for Squeeze (1.0.4) and as the database has significantly grown, if/when we click on a list of unresponsive nodes to check them, the web interface sits there doing nothing then the puppetmaster process starts timing out for all nodes compiling their catalogs. Has anyone got a workaround for this? Does it involve cleaning the database from time to time? The box is a VM with 3G of allocated RAM, our ibdata1 file is pretty big, reached 8G recently. So what do others do? Cheers, Steph -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Puppet nagios integration problem
Hi all, I'm working on setting up Puppet to write out my Nagios configs. A few weeks back I inserted a few dummy Nagios checks into my Puppet config, and the Nagios configs were written out properly. I've now added loads of Nagios host and service checks like this: @@nagios_service { check_smtp_${hostname}: check_command = check_nrpe!check_smtp, host_name = $fqdn, service_description = SMTP, } and then I collect them like this: Nagios_host || Nagios_service || Nagios_hostextinfo || Nagios_servicedependency || But today I spotted that my Nagios configs in /etc/nagios/ haven't actually been updated for ages. I've prodded at the puppet server and client but I can't see anything wrong with my setup. That said, I don't really know how to debug this. Can anyone offer any pointers? Thanks, Jonathan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] puppet-dashboard
On Mon, 4 Apr 2011 11:33:54 +0100 FRLinux FRLinux wrote: Hello, Hi, I have another quick one about puppet dashboard. We are using the Debian one for Squeeze (1.0.4) and as the database has significantly grown, if/when we click on a list of unresponsive nodes to check them, the web interface sits there doing nothing then the puppetmaster process starts timing out for all nodes compiling their catalogs. Has anyone got a workaround for this? Does it involve cleaning the database from time to time? We added a cron which does: rake RAILS_ENV=production reports:prune upto=1 unit=wk rake RAILS_ENV=production db:raw:optimize from /opt/puppet-dashboard once per week. since then, the server has increased its performance significally and we see no more timeout errors. The box is a VM with 3G of allocated RAM, our ibdata1 file is pretty big, reached 8G recently. So what do others do? Cheers, Steph HTH, Arnau -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] puppet-dashboard
On Apr 4, 2011, at 3:33 AM, FRLinux wrote: Hello, I have another quick one about puppet dashboard. We are using the Debian one for Squeeze (1.0.4) and as the database has significantly grown, if/when we click on a list of unresponsive nodes to check them, the web interface sits there doing nothing then the puppetmaster process starts timing out for all nodes compiling their catalogs. Has anyone got a workaround for this? Does it involve cleaning the database from time to time? The box is a VM with 3G of allocated RAM, our ibdata1 file is pretty big, reached 8G recently. So what do others do? I run: cd /usr/share/puppet-dashboard/ nice -n +1 rake RAILS_ENV=production reports:prune upto=1 unit=mon nice -n +1 rake RAILS_ENV=production db:raw:optimize This removes all entires older than a month, which keeps it small enough for me. My machine is a P4 with 1GB of RAM, and serves 80 nodes. Note that with MySQL, the size of the ibdata1 file won't actually shrink. The explanation is complicated, and can be found using google. If you want to get the space back, an easy way is to wipe the whole database. Put this into your config: [mysqld] innodb_file_per_table=true Then the db:raw:optimize command will actually be able to shrink the DB. Note, that attribute will cause all tables to be stored in separate files. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] puppet-dashboard
On Mon, Apr 4, 2011 at 11:53 AM, Patrick kc7...@gmail.com wrote: Then the db:raw:optimize command will actually be able to shrink the DB. Note, that attribute will cause all tables to be stored in separate files. Nice one, thanks for all the replies, I have a responsive dashboard once again :) Steph -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet nagios integration problem
On Mon, Apr 4, 2011 at 11:37 AM, Jonathan Gazeley jonathan.gaze...@bristol.ac.uk wrote: Can anyone offer any pointers? Go to the one of the clients, then run: puppetd -vt and take a look at the output? Usually a good pointer :) Cheers, Steph -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet nagios integration problem
On 04/04/2011 12:09 PM, FRLinux wrote: On Mon, Apr 4, 2011 at 11:37 AM, Jonathan Gazeley jonathan.gaze...@bristol.ac.uk wrote: Can anyone offer any pointers? Go to the one of the clients, then run: puppetd -vt and take a look at the output? Usually a good pointer :) Cheers, Steph Thanks for your reply. Running with -vt seems to give the same output as --test. Neither output shows any nagios declarations being run, despite the fact that the manifests show that I'm applying @@nagios {} config like I showed in my previous email. These Nagios calls are built-in Puppet functionality, right? Or do I have to install something extra? I'm running puppet 0.25.5 on server and clients. This is being installed on CentOS from the rpmfusion repo, although I'm not massively averse to packaging a newer version if this would help. Cheers, Jonathan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Managing directories, recursively?
On Apr 1, 9:17 am, Arnau Bria arnaub...@pic.es wrote: Apart from that, didn't know about file { [ /usr/local/nagios, /usr/local/nagios/libexec ]: which automagically creates file dependency. so I declared it in two diff files. Clarification: that syntax introduces one property list that applies to all the files named in the array. It is not special with respect to file dependencies, however. Puppet will automagically create dependencies between declared files wherever one is the parent directory of the other, regardless of where each is declared or the syntax of the declarations. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Puppet on Redhat 6
On Apr 4, 3:45 am, JohnW boerma@gmail.com wrote: info: Applying configuration version '1301906526' debug: file_metadata supports formats: b64_zlib_yaml marshal pson raw yaml; using pson debug: /File[/etc/issue.net]/content: Executing 'diff -u /etc/ issue.net /tmp/puppet-file20110404-27227-u2uokh-0' /usr/lib/ruby/site_ruby/1.8/puppet/util.rb:341: [BUG] Segmentation fault ruby 1.8.7 (2010-06-23 patchlevel 299) [x86_64-linux] Aborted (core dumped) It seems like the execution of a system command from within the ruby script fails, but I'm not to good with ruby. A segmentation fault in a Ruby program likely signals a problem in the Ruby runtime, not the program. Does the Ruby you are using ship with RHEL 6? If it was built with a different toolchain or against a different version of the system libraries than RHEL 6 provides, then you might see any number of odd behaviors, segmentation faults among them. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: manage /etc/passwd and /etc/group
Okey, thank you for this information, so augeas cannot handle this type of requests. cu stefanero On 1 Apr., 17:26, Adam Heinz a...@metricwise.net wrote: Small copy/paste error: augtool print /files/etc/group/foo Saved 1 file(s) Was actually: augtool save Saved 1 file(s) -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Nodes graphs
On Apr 3, 12:10 pm, Jean Baptiste FAVRE jean.baptiste.fa...@gmail.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello, Working further with puppet, I need to be able to graph both nodes and class dependencies to be able to diagnose issues and/or redundancies. Currently, activating graph allows me to get ressources/dependencies graphs per client. But I would like to highlight nodes dependenxies as well. Is there any way to get a global node-centric graph ? If yes, how: server-side, client-side, both ? I strongly recommend that you approach this problem in a different way: flatten your node graph. Deep node inheritance hierarchies are likely to cause you pain, largely because nodes sets do not typically admit a single, definitive taxonomy. I recommend at most two levels, including the level of your default node, if any. Your Puppet manifest development will be more productively directed, and as a bonus, with a flat node hierarchy you have little need for a node graph. I observe also that you don't need dynamic graphing of node dependencies anyway, because all the inheritance tree is declared statically, and does not vary by node. Nevertheless, you should be able to use the resource graph to flag which node declaration(s) are being evaluated: node N_default{ include C_a; include C_b; notify { node N_default: message = I am an N_default } } node N_mynode inherits N_default { include C_c; notify { node N_mynode: message = I am an N_mynode } } This will produce messages in the client logs (possibly useful for debugging), but more importantly, it should introduce top-level, node- type-specific resources into your resource graph. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: if statement: 'true' from left operand of 'in' expression is not a string
On Apr 3, 8:29 pm, Ben Hughes b...@puppetlabs.com wrote: On Fri, Apr 01, 2011 at 11:19:16AM +0200, Jan wrote: Any ideas? What am I missing? If you quote the true/falses, it works. In the style guide, they're being used as variables for setting options of a type: hasstatus = $trueorfalsevar. However, if you want to evaluate them, they need to be quoted I'm afraid. $installplugins = 'true' if ! ($installplugins in [ 'true', 'false' ]) { fail(nrpe installplugins parameter must be true or false) } if $installplugins == 'true' { notice( I work, hurrah ) } Curious. From the message, I would guess that this would (also) work: if ! ($installplugins in [ true, false ]) { fail(nrpe installplugins parameter must be true or false) } (Since it's the *left* side of the in operator that Puppet complains about not being a string.) Of course, it's quite inconsistent that if one assigns bareword true to a variable, one cannot subsequently compare that variable against the same value, or against an array that (appears to) contain that value. I call bug, and I recommend filing a ticket. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Puppet on Redhat 6
OK, the problem just got a little stranger. my previous puppetruns were done on RHEL6 installed on a kvm, with a kvm host installed with SLES11sp1 I now installed a physical host with RHEL6, using the same resources, and on that system the same puppetruns run without error. I tried both aforementioned motd and issue modules. This would imply it would be more a problem with virtualisation, then with puppet/ruby. It would mean, I have to report this elsewhere (not sure where yet) @ jcbolllinger: the Ruby that was used, is shipped with RHEL6 On Apr 4, 3:02 pm, jcbollinger john.bollin...@stjude.org wrote: On Apr 4, 3:45 am, JohnW boerma@gmail.com wrote: info: Applying configuration version '1301906526' debug: file_metadata supports formats: b64_zlib_yaml marshal pson raw yaml; using pson debug: /File[/etc/issue.net]/content: Executing 'diff -u /etc/ issue.net /tmp/puppet-file20110404-27227-u2uokh-0' /usr/lib/ruby/site_ruby/1.8/puppet/util.rb:341: [BUG] Segmentation fault ruby 1.8.7 (2010-06-23 patchlevel 299) [x86_64-linux] Aborted (core dumped) It seems like the execution of a system command from within the ruby script fails, but I'm not to good with ruby. A segmentation fault in a Ruby program likely signals a problem in the Ruby runtime, not the program. Does the Ruby you are using ship with RHEL 6? If it was built with a different toolchain or against a different version of the system libraries than RHEL 6 provides, then you might see any number of odd behaviors, segmentation faults among them. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] puppet fails to retrieve catalog
Hi, I've got a problem where clients apparently randomly lose the ability to retrieve catalogs. This is what I end up seeing in the log: puppet-agent[26510]: Starting Puppet client version 2.6.6 puppet-agent[26510]: Could not retrieve catalog from remote server: puppet-agent[26510]: Using cached catalog puppet-agent[26510]: Could not retrieve catalog; skipping run Notice that no actual reason is given which makes finding the cause difficult. This also happened with 0.25.5 and I upgraded both the server and one client hoping that this would fix things or at least provide a proper error message but that didn't work. Strangely enough when I run tcpdump -i eth0 port 8140 on the client in order to see if the client manages to communicate with the server this apparently fixes the problem and the client can retrieve catalogs again. Any ideas on how the fix this problem? Regards, Dennis -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] puppet-dashboard
On Apr 4, 2011, at 4:03 AM, FRLinux wrote: On Mon, Apr 4, 2011 at 11:53 AM, Patrick kc7...@gmail.com wrote: Then the db:raw:optimize command will actually be able to shrink the DB. Note, that attribute will cause all tables to be stored in separate files. Nice one, thanks for all the replies, I have a responsive dashboard once again :) Steph Patrick ~ We're aware of some performance problems in Dashboard and are keen to fix them. How much data do you have? How many nodes? How many unresponsive? What's your update interval? At what point does it start to fall over? Thank you! r -- Randall Hansen • Director of User Experience • rand...@puppetlabs.com -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Merge folders
As I said, the sourceselect = all parameter is necessary to make puppet merge the listed sources rather than selecting one of them. I take your point that variables are a fragile way of specifying. I'll try refactoring it based on class parameters, but the list of sources isn't the same length for the different nodes so it'll still have to be an array; and it will need to add that array to a list of default sources shared by all instances (that I'd rather not repeat for every one). -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] puppet-dashboard
On Apr 4, 2011, at 8:26 AM, Randall Hansen wrote: On Apr 4, 2011, at 4:03 AM, FRLinux wrote: On Mon, Apr 4, 2011 at 11:53 AM, Patrick kc7...@gmail.com wrote: Then the db:raw:optimize command will actually be able to shrink the DB. Note, that attribute will cause all tables to be stored in separate files. Nice one, thanks for all the replies, I have a responsive dashboard once again :) Steph Patrick ~ We're aware of some performance problems in Dashboard and are keen to fix them. How much data do you have? How many nodes? How many unresponsive? What's your update interval? At what point does it start to fall over? I'm using Passenger for the puppetmaster+storedconfigs and for dashbaord. processor0 = Intel(R) Celeron(R) CPU 2.53GHz I've currently got 77147 reports I've got about 80 hosts. runinterval = 1800 I found that upgrading to dashboard 1.0.4 gave me huge performance gains. I found that turning on a 24MB query cache in mysqld gave me some moderate performance gains too. I assume this is because the results for the sidebar are cached, but this is mostly baseless speculation. The load time on the first page is usually around 2-2.5 seconds. Any page after that takes around 1.5 seconds to load the first time, and about 0.7 seconds if called again soon. I don't know what soon is except that it can be longer than 5 seconds, and doesn't apply a day later. The query cache might mean some data is out of date. I don't know how mysql works, but I don't need realtime updates. Just reports on the last week. I always found that using Webrick was often painfully slow. I'm guessing that this is because I either got suck behind a puppetmaster uploading its report, or that I wasn't able to load all the little files (images, etc.) very fast. I am using RubyEE. My reports.ibd is 908MB. Anything else that would help? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] ANNOUNCE: Puppet Dashbard 1.1.0 Final!
This release addresses a large number of issues and adds lots of new functionality, including: * Inventory Service Lookup - The node view page will now retrieve and display the node's facts from the inventory service. - There is a Custom Query page which will search the inventory service for nodes meeting particular conditions. Preliminary documentation for this feature will be available at: https://github.com/puppetlabs/puppet-docs/blob/master/source/guides/inventory_service.markdown Finalized documentation will be available in the near future on the main documentation site: http://docs.puppetlabs.com * Settings - Many settings may now be specified in config/settings.yml. Copy the config/settings.yml.example (which provides fallback defaults) to get started. - Changing a setting will currently require a server restart to take effect. * Inspect Report Handling - Dashboard can now consume and display inspect reports. * Filebucket integration - Dashboard can now display file contents and diffs from a specified Puppet filebucket. * Lots of UI and speed improvements * Better support for reports - Now supports 2.6 reports and inspect reports * Preliminary support for user-made plugins * Improved Class/Group/Parameter dependency reporting and handling * Log rotation *IMPORTANT* Things to note about the 1.1.0 release of Dashboard: 1. Reports will need to be converted to a new schematized format when upgrading (#5459). Rather than just storing reports as serialized YAML in the database as is currently done in v1.0.4, they are now in a set of tables that allows them to be queried more easily and faster. This conversion can be a slow process if you have a long history of reports, so it's not done as part of `rake db:migrate`. Instead, there is a rake task (#5535) that will do the conversion for you, converting newer reports first and able to be resumed if it's interrupted just by rerunning it. `rake reports:schematize` Also worth noting is the `rake reports:prune` task that can prune older reports that you don't care about, which will make this conversion much faster. Run the rake task without arguments to see documentation for how to specify how far back to prune. 2. The new inventory service portion of Dashboard only works if you're running the newest version of Puppet (2.6.7 which is releasing today). This release is available for download at: http://puppetlabs.com/downloads/dashboard/puppet-dashboard-1.1.0.tar.gz See the Verifying Puppet Download section at: http://projects.puppetlabs.com/projects/puppet/wiki/Downloading_Puppet#Verifying+Puppet+Downloads Please report feedback via the Puppet Labs Redmine site, using an affected version of 1.1.0: http://projects.puppetlabs.com/projects/dashboard/ v1.1.0 Changelog e786ea3 Updated CHANGELOG for 1.1.0rc3 2d4d3da Updated VERSION for 1.1.0rc3 29969d7 Updated CHANGELOG for 1.1.0rc2 af1a006 (#6835) Handle malformed facts from Puppet 2.6.7 storedconfigs 520a02d Update CHANGELOG and version for 1.1.0rc1 3817aa5 maint: Add missing CHANGELOG entries for 1.0.3 to 1.0.4 1fcfc01 (#6736) Provide Mutex, avoid an error. 95f97fb maint: Move inventory section lower on the node page 8629962 (#4403) Do timezone arithmetic outside of the DB in the Status model 614655c Remove dead code from Status model 849f2de Validate the user supplied daily_run_history_length 118962b (#6656) Inventory service is no longer experimental. 90e0624 (#6601) Inventory search uses the new inventory URL fb55499 (#5711) Change license from GPLv3 to GPLv2 68b335e (#5234) Source of silk icons attributed, per author's license d3d1528 Maint: Moved logic for identifying inspect reports into a callback. c2fe255 Maint: removed bogus comments from _report.html.haml 81b8a04 Maint: Moved elements of the report show view into callbacks. 2b91838 Maint: Moved elements of the node show view into callbacks. cc95431 Maint: Forbid uninstalled plugins from adding themselves to hooks. 169d275 Maint: Add plug-in install and uninstall rake tasks d4d0b00 Maint: removed db/schema.rb 5f6614d Maint: Removed some private methods in the report model that are part of baseline functionality. db663a5 Maint: remove code that belongs in the baseline module. 5be1f0f maint: Added log dir to version control 93857f0 Maint: Add puppet plugins to .gitignore 1197e8a Bug fix: renamed each_hook and find_first_hook to *_callback cbfde3d Remove some forgotten baseline code 2b4f9eb Add some basic hooks for use by future Dashboard plug-ins. c9ff13e Add a registry for creating hooks and callbacks. a40e6c9 Oops: Remove report baseline functionality fd7f799 Rename baseline-diff-report CSS classes and IDs to be expandable-list 161e0da (#6090) Improved auto-selection of specific baseline. 035aa17 (#6072) Moved baseline inspection link underneath Recent Inspections
[Puppet Users] ssh_authorized_key and the .ssh directory
I've been working with a file of virtual users that I want to realize on certain hosts. For one of these, I need an authorized_keys file. After experimenting with the resource ssh_authorized_key, I thought I could create a dependency relationship like this: Ssh_authorized_key | title == nagios | - Group | title == nagios | - User | title == nagios | which doesn't work. The logic being that there's no sense in manifesting the ssh_authorized_key unless the dependencies of the group and user are present. What am I doing wrong? I can realize the ssh_authorized_key separately, but it stands on its own and will likely fail if the aforementioned dependencies disappear. I also noticed that it creates the .ssh directory owned by username and group root -- but I don't see a directive to manage that. Can someone clarify how to best accomplish this? Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Should @user with managehome also track the actual home directory?
On my test system, I noticed that (with virtual users) if you remove / home/username, puppet doesn't realize there is a problem, as the resource doesn't track the home directory. When you userdel then it notices and creates everything as it should be. In a virtual user configuration, what's the best way to ensure that the home directory is also present, in addition to the /etc/passwd entries (or, dependent on each other)? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet on Redhat 6
On Mon, Apr 04, 2011 at 09:34:10AM -0500, Jennings, Jared L CTR USAF AFMC 46 SK/CCI wrote: my motd module is like this: class motd { $ascii = generate('/bin/sh', '-c', /bin/echo OS: $operatingsystem ) Not an answer to your problem, but isnt this the same as $ascii = OS: ${operatingsystem} -Stefan I believe the function is evaluated on the server, whereas the fact is evaluated on the client Truth, but since /bin/echo OS: $operatingsystem is in double quotes, wouldn't puppet just substitute $operatingsystem with the client fact. e.g. I run the agent on Solaris and on the server I now execute '/bin/sh', '-c', '/bin/echo OS: Solaris' And that seems a bit to complicated for me. -Stefan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. pgp5Kn8yzALwR.pgp Description: PGP signature
RE: [Puppet Users] Puppet on Redhat 6
/bin/echo OS: $operatingsystem You are right, Stefan! I didn't pay attention at all to the command being executed. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] ssh_authorized_key and the .ssh directory
Overrides like this work for me: User | title == $title | { password = '*LK*', shell = /bin/false } You could try: Ssh_authorized_key | title == nagios | { require = [ Group[nagios], User[nagios], ], } However, I showed this syntax to Jeff McCune and he said something to the effect of, Huh, *that's* interesting. So, you know... your mileage may vary. :) -Jim On Mon, Apr 4, 2011 at 12:52 PM, Forrie for...@gmail.com wrote: I've been working with a file of virtual users that I want to realize on certain hosts. For one of these, I need an authorized_keys file. After experimenting with the resource ssh_authorized_key, I thought I could create a dependency relationship like this: Ssh_authorized_key | title == nagios | - Group | title == nagios | - User | title == nagios | which doesn't work. The logic being that there's no sense in manifesting the ssh_authorized_key unless the dependencies of the group and user are present. What am I doing wrong? I can realize the ssh_authorized_key separately, but it stands on its own and will likely fail if the aforementioned dependencies disappear. I also noticed that it creates the .ssh directory owned by username and group root -- but I don't see a directive to manage that. Can someone clarify how to best accomplish this? Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: ssh_authorized_keys - not adding keys ... (??)
On Mon, Apr 4, 2011 at 1:54 AM, Felix Frank felix.fr...@alumni.tu-berlin.de wrote: On 04/02/2011 08:40 PM, Cody Robertson wrote: It looks like the `user` portion is overriding the original resource? I haven't checked if this would work but maybe you can do something along these lines: Ssh_authorized_key | title == test.user.key |{ user = [test.user,studio_app], } Probably not. Afaik, an ssh_authorized_key resource is associated with exactly one user. What you want to do is 1. assign your key to a variable ($testkey = AAAgwiv...) 2. declare two ssh_authorized_key resources that both use that variable as the key parameter. HTH, Felix Thanks Felix, that worked! Its interesting that ssh_authorized_keys behaves this way. I would have thought that having a single key in multiple user's authorized_key files would have been a use case (albeit a bit unusual)... -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: RFC: Splitting up the file{} type functionality.
Am 31.03.2011 16:56, schrieb jcbollinger: 3. Sockets, FIFOs, devices, whatnot [...] Indeed. And here, too, you might want to work in symlinks to these objects, especially if symlinks managed by the regular file type (2 above) indeed require their target to be a regular file.. Yes, of course. 4. Recursive Tree Copy The recursive tree copy has always been a bit weird. Don't get me wrong, but in puppet you're usually explicit: To ensure the presence of a set of files you'd explicitly list each file in your manifest. Obviously the right thing for a recusive tree copy would be to do exactly that: explicitly list every file and directory in your manifest. If that could be done at compile-time all was well. What we need for that is: - function to list all files/directories/sockets/whatever inside a tree - a method to loop over that list and generate the corresponding set of resources And that's similar to my resource generator idea, so +1 overall. People seem to agree that recursive tree copying is a different sort of beast from the file and directory management that the File type otherwise does. More open to debate, however, is whether that feature should be split out into its own *type*, distinct from whatever type manages directories without recursion. I think not. Either it should be implemented as some other kind of thing (not resource type) as suggested here, or it should be a sub- type of a Directory type (if resource sub-typing were introduced). Some other kind of thing might leverage the existing Puppet framework (i.e. functions, hashes, etc.) to a greater or lesser extent, but it would be nice to avoid making the feature significantly harder to describe in a manifest than it is now. Yep. Idea: instead of functions producing hashes, new iterative statements in Puppet DSL, etc., what about a function that *accepts* a hash as an argument, where the keys match the recursion-related properties of the current File type, and which introduces the appropriate resources into the target node's catalog? For example: recursive_tree({ root = /path/to/base/dir, source_root = path/relative/to/modules/file/dir, recurse_limit = 2, owner = some_user, group = some_group, mode = 0644, links = manage, ensure = present, purge = false }) Taking a hash as an argument would provide for syntax similar to the that of the File type, would more or less provide keyword arguments, would support omitting properties. In other words, it would yield most of the syntax and usage advantages of doing recursive copying via the File type. I was thinking about something like foreach in the DSL, so you could simply write something like the following: foreach($path in recursive_file_list( 'puppet:///path/in/my/module', '/path/to/base/dir', 2) ) { if $path[type] == 'File' { /* explicit setting of parameters */ file { $path[title]: source = $path[source], owner = $path[owner], mode= 0664, } } else if $path[type] == 'Directory' { /* implicitly taking all parameters from $path */ directory { $path } } else if $path[type] == 'Device' { /* combining both */ device { $path } Device[$path[title]] { requires= File[/sbin/MAKEDEV] } } } where recursive_file_list($puppet_uri, $client_path, $recursion) yields an array of hashes. This allows for all kind of neat tricks as you can now generate resources based on something that's returned from a function. Additionally this can be done *before* we start to interpret any types and resources defined as it is essentially doable by some kind of preprocessor. The Problem I see with your variant is that the resources are created by your function. This unneccisarily constrains flexibility. My variant allows you to do something like the following: foreach(dir in only_dirs(recursive_file_list(...))) { ... } Using recursive_file_list() yields an array of hashes which only_dirs() can then filter to only contain directories. Or maybe a function force_mode() that takes the minimum permission bits which is then simply ANDed with the bits read from the filesystem. last but not least the not harder to understand than what we do right now-example: $tree = recursive_file_list(...) foreach(dir in only_dirs($tree)) { directory { $dir } } foreach(file in only_files($tree)) { file { $file } } I know this still looks complicated and is the *one* thing that would be simpler with the old variant where the File-type does everything: foreach(file in recursive_file_list(...)) { file { $file } } However, the upper one definitely wins once you
Re: [Puppet Users] puppet-dashboard
On Mon, Apr 4, 2011 at 4:26 PM, Randall Hansen rand...@puppetlabs.com wrote: We're aware of some performance problems in Dashboard and are keen to fix them. How much data do you have? How many nodes? How many unresponsive? What's your update interval? At what point does it start to fall over? Hello! As Patrick, upgraded to 1.0.4 a few months back and loved it, much faster and better. I had some performance issue lately where i could get to the front page but no longer look at any report/non reporting node. The server would then be stuck and would start timing out client nodes. I can remove the cron and take a look at it week after week until the point where it fails again. I'll see if i can restore the mysql server from backups (should be a few days old) then will mimic the behavior again if that helps. Have 80 nodes reporting which is not much. Wiped out the whole DB when upgraded to 1.0.4, Think it was back in the beginning of November so it is same to assume that we've been logging since. Only 10 nodes were added in the last month (March). Any other info I can provide, i can take a look tomorrow at work so let me know :) Cheers, Steph -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] duplicate entries in classes.txt
I am not sure why I am getting duplicate entries in my classes.txt file under /var/lib/puppet. I am using puppet 2.6.4 version. I am also using foreman as my external node classifer. This is on the client: bash#more classes.txt ad2ldap base_services baseapps sudo tier3_keys settings ad2ldap baseapps sudo Classes according to the node classifier from the puppet master server: bash# /etc/foreman/external_node.rb pong.mydomain.corp --- parameters: puppetmaster: puppetprod classes: - ad2ldap - base_services - baseapps - sudo - tier3_keys environment: production Any idea why the two examples are not equal? Corey -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Catalog changes not picked up immediately
Hi there, when I do changes to my Puppet catalog files it takes some time between these changes are picked up by the clients, even in manual mode. That makes testing with puppetd --test quite hard because it can often be up to a couple of minutes for the changes be served out. Can I somehow flush the puppet master cache or from the client force the reload of actual current files to speed things up? Thanks! Michal -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: manage /etc/passwd and /etc/group
On 4 April 2011 23:20, stefanero stefan...@gmail.com wrote: Okey, thank you for this information, so augeas cannot handle this type of requests. I noted this a few years ago, and so did a simple line append. ( http://projects.puppetlabs.com/projects/1/wiki/Simple_Text_Patterns) You may want to file a feature request with the Augeas people to get it to understand netgroups in the password file John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Passenger complains /etc/puppet/ssl doesn't exist.
All, I just tried to get Passenger up and running, based on on the docs at: http://projects.puppetlabs.com/projects/1/wiki/Using_Passenger I am seeing this in my Apache error_log whenever a client tries to connect: Could not prepare for execution: Got 2 failure(s) while initializing: change from absent to directory failed: Could not set 'directory on ensure: Permission denied - /etc/puppet/ssl; change from absent to directory failed: Could not set 'directory on ensure: Permission denied - /etc/puppet/manifests However, I have no references to my ssl dir being /etc/puppet/ssl. In fact, I have it explicitly set in [main] (and [puppetmaster] AND [agent] because the documentation is not clear on this), to /var/lib/puppet.ssl. Why is passenger trying to use /etc/puppet/ssl? My problem is identical to this... http://comments.gmane.org/gmane.comp.sysutils.puppet.user/28067 Doug -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Passenger complains /etc/puppet/ssl doesn't exist.
Actually... this may be the cause... my puppet.conf is in a non standard location, and when running puppetmaster, I'm setting --confdir=/etc/puppet/common in /etc/init.d/puppetserver. How can I set this for passenger? Doug. On Mon, Apr 4, 2011 at 10:00 PM, Douglas Garstang doug.garst...@gmail.comwrote: All, I just tried to get Passenger up and running, based on on the docs at: http://projects.puppetlabs.com/projects/1/wiki/Using_Passenger I am seeing this in my Apache error_log whenever a client tries to connect: Could not prepare for execution: Got 2 failure(s) while initializing: change from absent to directory failed: Could not set 'directory on ensure: Permission denied - /etc/puppet/ssl; change from absent to directory failed: Could not set 'directory on ensure: Permission denied - /etc/puppet/manifests However, I have no references to my ssl dir being /etc/puppet/ssl. In fact, I have it explicitly set in [main] (and [puppetmaster] AND [agent] because the documentation is not clear on this), to /var/lib/puppet.ssl. Why is passenger trying to use /etc/puppet/ssl? My problem is identical to this... http://comments.gmane.org/gmane.comp.sysutils.puppet.user/28067 Doug -- Regards, Douglas Garstang http://www.linkedin.com/in/garstang Email: doug.garst...@gmail.com Cell: +1-805-340-5627 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Passenger complains /etc/puppet/ssl doesn't exist.
On 04/05/2011 07:17 AM, Douglas Garstang wrote: Actually... this may be the cause... my puppet.conf is in a non standard location, and when running puppetmaster, I'm setting --confdir=/etc/puppet/common in /etc/init.d/puppetserver. How can I set this for passenger? put this in your config.ru: ARGV --confdir=/etc/puppet/common Doug. On Mon, Apr 4, 2011 at 10:00 PM, Douglas Garstang doug.garst...@gmail.com mailto:doug.garst...@gmail.com wrote: All, I just tried to get Passenger up and running, based on on the docs at: http://projects.puppetlabs.com/projects/1/wiki/Using_Passenger I am seeing this in my Apache error_log whenever a client tries to connect: Could not prepare for execution: Got 2 failure(s) while initializing: change from absent to directory failed: Could not set 'directory on ensure: Permission denied - /etc/puppet/ssl; change from absent to directory failed: Could not set 'directory on ensure: Permission denied - /etc/puppet/manifests However, I have no references to my ssl dir being /etc/puppet/ssl. In fact, I have it explicitly set in [main] (and [puppetmaster] AND [agent] because the documentation is not clear on this), to /var/lib/puppet.ssl. Why is passenger trying to use /etc/puppet/ssl? My problem is identical to this... http://comments.gmane.org/gmane.comp.sysutils.puppet.user/28067 Doug -- Regards, Douglas Garstang http://www.linkedin.com/in/garstang Email: doug.garst...@gmail.com mailto:doug.garst...@gmail.com Cell: +1-805-340-5627 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Passenger complains /etc/puppet/ssl doesn't exist.
On Mon, Apr 4, 2011 at 10:25 PM, Martin Alfke tux...@gmail.com wrote: On 04/05/2011 07:17 AM, Douglas Garstang wrote: Actually... this may be the cause... my puppet.conf is in a non standard location, and when running puppetmaster, I'm setting --confdir=/etc/puppet/common in /etc/init.d/puppetserver. How can I set this for passenger? put this in your config.ru: ARGV --confdir=/etc/puppet/common Awesome. That did it. Thanks Martin! Doug. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.