Re: [Puppet Users] Generate "Compiled catalog"/yaml for a node?

[Yushu Yao]

Thanks Folks for the answers.

Before I go into this direction, I just want to make sure one thing from the
developers:

Is this a feature that you think will stay inside puppet? (in 3.0, 4.0, etc)

Or has there been any discussion to remove this feature?

Feel safer if I know this feature will stay long. Thanks

-Yushu


+-+
| Yushu Yao
| Ph:1-510-486-4690
|
| Lawrence Berkeley National Lab
| 1 Cyclotron Road
| Berkeley CA 94720 - USA
+-+




On Fri, May 6, 2011 at 2:48 PM, Daniel Pittman wrote:

> On Fri, May 6, 2011 at 14:43, Yushu Yao  wrote:
>
> >> 1) You can generate the catalog using "puppet master --verbose --compile
> >> computer.name.domain_name"
> >> 2) Anything that uses "puppet:///whatever" won't work, unless the client
> >> can connect to the master.
> >
> > Does this mean the file templates will not work as well?
>
> They work fine; so does file 'content'; just 'source' doesn't work
> without communication to the master.
>
> You might also want to look at moonshine and shadow puppet, both built
> atop Puppet:
> https://github.com/railsmachine/moonshine/wiki/shadow-puppet-overview-and-examples
>
> Regards,
>Daniel
> --
> ⎋ Puppet Labs Developer – http://puppetlabs.com
> ✉ Daniel Pittman 
> ✆ Contact me via gtalk, email, or phone: +1 (877) 575-9775
> ♲ Made with 100 percent post-consumer electrons
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: issue with exported resources and subscribe

[Nathan]

>
> To get this sort of thing right, you need to think in terms of
> Puppet's logical model of the managed system, as opposed to in terms
> of the observable result of Puppet's work.  In particular, as far as
> Puppet is concerned, managing file /etc/hosts via a File resource is
> logically distinct from managing entries in that file via Host
> resources.  File["/etc/hosts"] will trigger subscribers if it itself
> needs to apply any changes, but it doesn't know anything about Host
> resources.  Indeed, it is possible that on some systems, Host
> resources do not physically manifest in that file.
>
> In your all-local example, File["/etc/hosts"] manages the content of
> the /etc/hosts file (source => ...), so it triggers Service["dnsmasq"]
> when that content changes.  In your exported-resource example, File["/
> etc/hosts"] manages only the existence, ownership, and mode of the
> file -- not its contents -- so it only notifies subscribers if one of
> those things is changed.
>
> You need Service["dnsmasq"] to subscribe to all the Host resources,
> or, as Greg suggested, you need the Host entries to notify the
> Service.
>
> John

John, Greg,

Thanks for the tips, once I forced the hosts resources to notify the
service all is working as intended, thanks!

Nathan

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Generate "Compiled catalog"/yaml for a node?

[Daniel Pittman]

On Fri, May 6, 2011 at 14:43, Yushu Yao  wrote:

>> 1) You can generate the catalog using "puppet master --verbose --compile
>> computer.name.domain_name"
>> 2) Anything that uses "puppet:///whatever" won't work, unless the client
>> can connect to the master.
>
> Does this mean the file templates will not work as well?

They work fine; so does file 'content'; just 'source' doesn't work
without communication to the master.

You might also want to look at moonshine and shadow puppet, both built
atop Puppet: 
https://github.com/railsmachine/moonshine/wiki/shadow-puppet-overview-and-examples

Regards,
Daniel
-- 
⎋ Puppet Labs Developer – http://puppetlabs.com
✉ Daniel Pittman 
✆ Contact me via gtalk, email, or phone: +1 (877) 575-9775
♲ Made with 100 percent post-consumer electrons

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Generate "Compiled catalog"/yaml for a node?

[Yushu Yao]

Thanks.



> 1) You can generate the catalog using "puppet master --verbose --compile
> computer.name.domain_name"
> 2) Anything that uses "puppet:///whatever" won't work, unless the client
> can connect to the master.
>
Does this mean the file templates will not work as well?

Thanks.


>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Generate "Compiled catalog"/yaml for a node?

[Patrick]

On May 6, 2011, at 1:59 PM, Yushu Yao wrote:

> Hi Experts,
> 
> I remember we had this discussion before, but could find it. 
> 
> Can I run a command to generate a "Compiled catalog" for a specific node (on 
> the master node)? And apply this on the client node? What are the limitations 
> for doing this?
> 
> Basically we have special handling for the webserver/CA part of puppet.
> 
> Thank you very much!
> 
> -Yushu


1) You can generate the catalog using "puppet master --verbose --compile 
computer.name.domain_name"
2) Anything that uses "puppet:///whatever" won't work, unless the client can 
connect to the master.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Generate "Compiled catalog"/yaml for a node?

[Nan Liu]

On Fri, May 6, 2011 at 8:59 PM, Yushu Yao  wrote:
> Hi Experts,
>
> I remember we had this discussion before, but could find it.
>
> Can I run a command to generate a "Compiled catalog" for a specific node (on
> the master node)? And apply this on the client node? What are the
> limitations for doing this?

Compiling the catalog is straightfoward. The tricky issues are syncing
facts, and uploading facts from agent to master, and you need to have
means to distribute files out of band to the agent without it
requesting via https from the master. (local mount nfs, rsync to
local, probably some other creative ways I haven't thought of.)

Past threads:
https://groups.google.com/group/puppet-users/browse_thread/thread/871d3e6f7dde759e/b63bdb45eaa71db6?lnk=gst&q=catalog+dmz#b63bdb45eaa71db6

Thanks,

Nan

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Generate "Compiled catalog"/yaml for a node?

[Yushu Yao]

Hi Experts,

I remember we had this discussion before, but could find it.

Can I run a command to generate a "Compiled catalog" for a specific node (on
the master node)? And apply this on the client node? What are the
limitations for doing this?

Basically we have special handling for the webserver/CA part of puppet.

Thank you very much!

-Yushu

+-+
| Yushu Yao
| Ph:1-510-486-4690
|
| Lawrence Berkeley National Lab
| Mailstop 50B-6222
| 1 Cyclotron Road
| Berkeley CA 94720-8147 - USA
+-+

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] undefined method `[]' for nil:NilClass

[Daniel Pittman]

On Fri, May 6, 2011 at 13:05, Jamie  wrote:
> I am getting this error on all my hosts, I can't tell that it's
> causing a problem, everything seems to be working fine.
>
> Fri May 06 12:52:16 -0700 2011 /Stage[main]//
> Resources[ssh_authorized_key] (err): Failed to generate additional
> resources using 'generate': undefined method `[]' for nil:NilClass

Hrm.  That is an internal bug in puppet: we are treating a nil value
as an array, which is really not optimal.  If you post a bug report
including the output of a puppet run reproducing that with the
'--debug' and '--trace' options that would be swell.

Daniel
-- 
⎋ Puppet Labs Developer – http://puppetlabs.com
✉ Daniel Pittman 
✆ Contact me via gtalk, email, or phone: +1 (877) 575-9775
♲ Made with 100 percent post-consumer electrons

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] undefined method `[]' for nil:NilClass

[Jamie]

I am getting this error on all my hosts, I can't tell that it's
causing a problem, everything seems to be working fine.

Fri May 06 12:52:16 -0700 2011 /Stage[main]//
Resources[ssh_authorized_key] (err): Failed to generate additional
resources using 'generate': undefined method `[]' for nil:NilClass

We are using user and group purging for all uids/gids above 0.  I also
have purging enabled for ssh public keys but have not tested whether
it works.

This is (probably) the relevant code

--> sshkeys.pp (truncated class)

class user::sshkeys {
   @ssh_authorized_key { 'jamie@localhost':
ensure => 'present',
user   => 'jamie',
type   => 'dsa',
key=> '',
}
}

--> init.pp (truncated class)

class user::sysadmin inherits user::defs_people {
realize(
Group['tech'],
User['jamie'],
Group['jamie'],
Ssh_authorized_key['jamie@localhost'],
   )
}

--> people.pp (truncated class)
class user::defs_people {
include user::sshkeys
@user { 'jamie':
ensure => 'present',
uid=> '785',
gid=> '785',
managehome => 'true',
home   => '/home/jamie',
shell  => '/bin/bash',
comment=> 'Jamie is cool',
password   => '',
}

@group { 'jamie':
ensure => 'present',
gid=> '785',
}
}

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Puppet 2.7.0RC2 released

[Daniel Pittman]

G'day.

We are proud to announce that Puppet 2.7.0RC2 is now available.

Notable Features and Bug Fixes:

pkgutil provider

We have improved pkgutil provider support, resolving #4258

Faces

We have made substantial usability improvements to the faces,
including documentation accessible through the puppet help subcommand:

puppet help  [action]

There have also been a substantial number of issues resolved in faces,
bringing them closer to our vision. Their usability should be
significantly better.

Default ACL improvements

We have adjusted the default ACL in the puppet master to allow a node
to query configuration information about itself from the internal or
external node classifier.


This RC is focused, as all our RC releases are, on getting the
committed features to the standard of quality we aspire to.

Regards,
Daniel, for the engineering team.
-- 
⎋ Puppet Labs Developer – http://puppetlabs.com
✉ Daniel Pittman 
✆ Contact me via gtalk, email, or phone: +1 (877) 575-9775
♲ Made with 100 percent post-consumer electrons

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: ERB advice

[vagn scott]

On 04/15/2011 03:05 PM, Rob McBroom wrote:

On Apr 15, 2011, at 2:58 PM, Ramin K wrote:

   

I use the IP address to generate a 32bit integer for the server_id for
my Mysql configs.

server_id =<%= ipaddress.split('.').inject(0) {|total,value| (total
<<  8 ) + value.to_i} %>

Would something like that work in your case?
 

Well, it has to be 999 or less, and the IPs differ enough between them that I 
couldn’t just assume the last one or two octets will make it unique. I’ll 
probably just use a combination of environment and the integer present in the 
hostname.

Thanks.

   
You need a lookup table plus code that errors out if you try to add too 
many entries.

There is no good way to do this mapping without keeping state somewhere.

--
vagn

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Puppet Dashboard Questions

[Christopher Lee]

Hello,

I am playing with Puppet Dashboard and I have a few questions.

First, as we start using puppet we are planning on running puppet agent from
cron or via mcollective runs in --noop mode every few hours as an
audit function.  If anything is changed we would like to have it show up in
Puppet Dashboard so we can alarm on it and then manually find out why it was
changed before reverting back.  I noticed dashboard only reports "green"
good run, no errors or "yellow" changes where made.  If I run in noop it
returns green because no changes where made but I would like to see it tell
me changes needed to be made but where not.  Does this make since?  Is there
away to get this functionality?

Second, we have two data centers and two puppet masters.  I would like to
run one dashboard.  I can see from reporting this not to be a big deal but
if I start using dashboard as an external node provider will I have issues.
 Looking at the settings.yml file for dashboard the setting seem to be very
specific to one master.  Am I going to start running into issue trying to
use one dashboard with two puppetmaster (more more in the future).

-chrisl

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Over-riding changes in modules and classes

[Sean Carolan]

> You can just create a new class that inherits your previous class
> and then overwrites the File[] you declared before and use that
> only on the new machines.

Will this also work with an augeas entry with a changes [] section?

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Over-riding changes in modules and classes

[Nico -telmich- Schottelius]

Sean Carolan [Fri, May 06, 2011 at 10:12:00AM -0500]:
> Hello puppet gurus, maybe one of you can help with this.  We have a
> bunch of servers that are managed by puppet, but would like to make a
> single, small change to a text file only on newly built machines.
> This text file is controlled by a module that is referenced in several
> places in our current configuration files.
> 
> So the question would be, is there a straightforward way to have this
> new config put in place *only* on newly built machines, but not on all
> the previously existing ones?  I'm thinking that perhaps there's a way
> to over-ride the config put in place by the existing module without
> having to copy all of our profiles, etc.

You can just create a new class that inherits your previous class
and then overwrites the File[] you declared before and use that
only on the new machines.

Cheers,

Nico

-- 
PGP key: 7ED9 F7D3 6B10 81D7 0EC5  5C09 D7DC C8E4 3187 7DF0

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Over-riding changes in modules and classes

[Sean Carolan]

Hello puppet gurus, maybe one of you can help with this.  We have a
bunch of servers that are managed by puppet, but would like to make a
single, small change to a text file only on newly built machines.
This text file is controlled by a module that is referenced in several
places in our current configuration files.

So the question would be, is there a straightforward way to have this
new config put in place *only* on newly built machines, but not on all
the previously existing ones?  I'm thinking that perhaps there's a way
to over-ride the config put in place by the existing module without
having to copy all of our profiles, etc.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: issue with exported resources and subscribe

[jcbollinger]

On May 5, 1:00 am, Nathan  wrote:
> Hello list,
>
> I have a situation where if I have a hosts file generated by exported
> resources it does not trigger a service restart unlike if it was
> subscribing on a file that gets copied over via puppet. An example
> would explain it better.
>
> it should be noted that exported resources work fine.
>
> class dnsmasq {
>   file { "/etc/hosts":
>         owner   => "root",
>         group   => "root",
>         mode    => "644",
>         source  => "puppet:///modules/dnsmasq/hosts",
>   }
>
>   ...
>
>   service { dnsmasq:
>         ensure     => running,
>         enable     => true,
>         pattern    => "dnsmasq",
>         subscribe  => File["/etc/dnsmasq.conf","/etc/dnsmasq-
> local.conf","/etc/hosts"],
>         hasrestart => true,
>     }
>
> So with the above if i change the file on the master then it will push
> out to all hosts that include the dnsmasq class and restart the
> dnsmasq service, all is good.
>
> How ever if I generate the data using exported resources nothing
> happens
>
> Below doesn't work
>
> class dnsmasq {
>   Host<<| tag == "all_hosts" |>>
>
>   service { dnsmasq:
>         ensure     => running,
>         enable     => true,
>         pattern    => "dnsmasq",
>         subscribe  => File["/etc/dnsmasq.conf","/etc/dnsmasq-
> local.conf","/etc/hosts"],
>         hasrestart => true,
>     }
>
> }
>
> // seperate class with /etc/hosts defined
> class hosts {
>   file { "/etc/hosts":
>     owner   => "root",
>     group   => "root",
>     mode    => "644",
>   }
>
>   host { 'localhost':
>     ip => '127.0.0.1',
>     host_aliases => 'localhost.localdomain',
>   }
>   ... a few default hosts...
>
> }
>
> So my issue is that on all machines the hosts files are managed fine,
> however on my internal dns servers that collect all the IPs of all
> machines in the network whilst collecting the hosts files fine, the
> dnsmasq service is never restarted, meaning i need to log into each
> machine and manually restart dnsmasq to pick up the changes after a
> new host is added to the system.
>
> Any ideas?


Yes.

To get this sort of thing right, you need to think in terms of
Puppet's logical model of the managed system, as opposed to in terms
of the observable result of Puppet's work.  In particular, as far as
Puppet is concerned, managing file /etc/hosts via a File resource is
logically distinct from managing entries in that file via Host
resources.  File["/etc/hosts"] will trigger subscribers if it itself
needs to apply any changes, but it doesn't know anything about Host
resources.  Indeed, it is possible that on some systems, Host
resources do not physically manifest in that file.

In your all-local example, File["/etc/hosts"] manages the content of
the /etc/hosts file (source => ...), so it triggers Service["dnsmasq"]
when that content changes.  In your exported-resource example, File["/
etc/hosts"] manages only the existence, ownership, and mode of the
file -- not its contents -- so it only notifies subscribers if one of
those things is changed.

You need Service["dnsmasq"] to subscribe to all the Host resources,
or, as Greg suggested, you need the Host entries to notify the
Service.


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: virtualized resource collections

[jcbollinger]

On May 5, 12:34 am, tu2bg...@gmail.com wrote:
> Hi all,
>
> I'm trying to figure out how to automatically configure my nodes with  
> amanda backup client.
>
> What I want to achieve is that the server have an entry created in the  
> /etc/amanda/(Daily|Weekly|Monthly)/disklist.conf file on the server.
>
> The disklist.conf file lists entries like so:
> nodename partition alias {
> a
> bunch
> of
> vars}
>
> anothernodename partition alias {
> a
> bunch
> of
> vars
>
> }
>
> I want that to come from a 'role' class assignment - ie, a webserver has  
> the webserver role and has a backup template.
>
> I was hoping to use a define like so:
> define amanda::client::takebackup ($type, $period, $compress = undef) {
> # take the hostname from the name var.
> $myhost = $name
>
> @@file { "/etc/amanda/$period/disklist.conf":
> ensure => present,
> owner => "amandabackup",
> group => "disk",
> mode => 0600,
> content => template("amanda/$period/$type.erb"),
> tag => amandabackupdisklist,
>
> }
> } #end define
>
> And activate the resource like so:
> devel_buildserver.pp:
> class roles::devel_buildserver {
> include amanda::client
> amanada::client::takebackup { $fqdn:
> type => "dev_build",
> period => "Daily",
> compress => false,
>
> }
> } #end class
>
> The erb is like so:
> dev_build.erb:
> # This is a puppet controlled disklist file for dev_build
> <%= myhost %> "/" "/" {
> zmc_unix_base
> encrypt none
> <% if has_variable?("compress") then -%>
> compress client best
> <% else -%>
> compress none
> <% end -%>
> estimate calcsize server
> property "zmc_type" "unix"
> property "zmc_disklist" "Daily"
> property "zmc_version" "3"
> property "zmc_extended_attributes" "gtar"
> property "zmc_amanda_app" "gtar"
> property "zmc_show_advanced" "on"
> property "creation_time" "2011-04-19 23:38:01"
> property "zmc_occ" "33438030906"
> property "last_modified_time" "2011-04-20 18:56:43"
> exclude "/proc,/srv,/sys"
> property "zmc_amcheck_date" "20110420185643"
> zmc_gtar_app
>
> }
>
> Then in the server class I wanted to realize the resource like so:
> class amanda::server {
> ...
> some other stuff
> ...
> File <<| tag == 'amandabackupdisklist' |>>
>
> }
>
> This is not working. The file is not being realized on the server node. I  
> don't think the way I've gone about it will ever work though the way I  
> first thought - hence this call for help... :)
>
> How can I get this to work? What has got me especially worried is the  
> appending of node data to the disklist.conf file - how to do that?


A serious flaw in the approach you described is that you have all your
amanda clients exporting the *same* few resources (/etc/amanda/$period/
disklist.conf).  I do not know whether that's related to the resources
not being collected on the server, but the best you could hope for
that way is that only one of the clients' versions of each file is
applied.

What you need is for each client to export a separate resource for the
server to collect.  In other words, each client's piece of the overall
amanda configuration needs to be its own resource, with a globally
unique name and a physical manifestation separate from all the
others'.

For example, if amanda's config file syntax has some sort of "include"
statement, then make each client's piece of the configuration go into
its own file (maintain uniquess by including the host name in the file
name) and have the main config file include them all.  Ideal in this
case would be if the amanda "include" statement supports globbing, but
if necessary, it would be possible to template the file to contain all
the needed per-file "include" statements.

If amanda is not so helpful, then you need to come up with a resource
that represents one piece of a file (remember that each piece still
needs a globally-unique name).  There might be something like this in
the Forge, but I'm not sure.  You could perhaps use Augeas resources
for this purpose, or maybe you could write a defined type that
achieves it.  As a last resort, there is always the option of a Ruby
custom type.


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] augeas slooow

[Dominic Cleal]

On 05/05/11 15:43, Patrick wrote:
> 
> On May 5, 2011, at 6:28 AM, Jennings, Jared L CTR USAF AFMC 46 SK/CCI wrote:
> 
>> Hi, Aaron.
>>
>> Aaron (quoting letter@):
>>> To avoid that, I added 'lens' and 'incl' parameters to the puppet type
>>> a while ago. If you set these, Augeas will only read a specific file,
>>> avoiding most of the unnecessary overhead.
>>> ... everything will be lightning fast, even without
>>> connection caching."
>>
>> Me:
>>> I know I can avoid [Augeas populating its whole tree] by specifying 
>>> the lens and incl parameters in my augeas resources, but I like the
>>> clarity I get by not doing that, and want to preserve it.
>>
>> The reason I brought the issue up is that I wanted to know why Augeas
>> connections are not cached. I think they should be, but someone on this
>> list may have tried to make that change, failed, and gained wisdom.

I've yet to try, but it's a tricky request as it's mean having ways to
ensure the tree is in a sane state each time.

> I can tell you one reason why.  One of the most expensive parts of starting 
> Augeas is scanning the whole filesystem (or at least all auto-included files, 
> of which there are a lot) and making that into a tree.  It would need to 
> rescan every file before processing each resource.  I think modern versions 
> do this by checking the mtime of every file, which is expensive, though 
> better than parsing all from scratch.
> 
> Still, I would make a random guess that caching the connections might 
> actually be slower than using noautoinclude.

Indeed, I came to the same conclusion.  The way I've proposed doing this
(as implemented in the patch for #7285) is to use noautoload, then strip
out those files that don't match the context - if it's supplied.  You
still need the autoinclude as you need to know both the lens and the
file, you can't just specify the file.

-- 
Dominic Cleal
Red Hat Consulting
m: +44 (0)7818 512168

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: issue with exported resources and subscribe

[Greg Sutcliffe]

Hi,

In my exported resource manifests, if using code like:

  File <<| tag == "nagios::target"  |>> { notify => Service["nagios3"] }

Does that work for you?

Cheers,
Greg

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] scheduling package installs - ignore schedule if not installed

[Martin Willemsma]

Hi Steven,

Do you mind sharing how you manage this with us here or in some sort of a
blog post?

Martin


2011/5/6 Steven Acres 

> On Thu, Apr 28, 2011 at 3:36 AM, Felix Frank <
> felix.fr...@alumni.tu-berlin.de> wrote:
>
>> On 04/23/2011 04:01 AM, Steven Acres wrote:
>> > On Fri, Apr 22, 2011 at 2:34 PM, trey85stang > > > wrote:
>> >
>> > Is there a way to override a schedule for a package if the package
>> is
>> > not installed?
>> >
>> > class packages {
>> >  schedule { installs:
>> >range   => "2-4",
>> >period  => daily,
>> >repeat  => 1,
>> >  }
>> >  package { openssh:
>> >ensure   => latest,
>> >schedule => installs,
>> >  }
>> > }
>> >
>> > I dont want to check if openssh is the latest package everytime
>> puppet
>> > runs;  but I do want it installed if it is not already installed
>> > regardless of the schedule.
>> >
>> > Anyway to do this?
>> >
>> >
>> > Hi,
>> >
>> > Sure, there are many ways to achieve this. You would be better off
>> > defining which packages should be present on which nodes in another
>> > class. Then use an include in the node(s) definition (or whatever method
>> > you have defined for your architecture structure).
>> >
>> > BTW, if you're using yum and you would like to keep pkgs. updated, you
>> > may want to look into yum-cron.
>>
>> Hi,
>>
>> I don't agree. Telling puppet to "install at all times but update only
>> on a specific schedule" is not trivial if at all possible.
>>
>> Doing the upgrades outside the package provider may indeed be a sensible
>> workaround.
>>
>> Cheers,
>> Felix
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To post to this group, send email to puppet-users@googlegroups.com.
>> To unsubscribe from this group, send email to
>> puppet-users+unsubscr...@googlegroups.com.
>> For more options, visit this group at
>> http://groups.google.com/group/puppet-users?hl=en.
>>
>> Hi all,
>
> Easy as could be .. simple conditionals and cron, at  if we're in the
> 'old' days .. but since we now have the 'magic' of pkg. managers ... we
> manage this effortlessly now. Not only does this free time to catch up on
> BOFH ... it also ties into DR, auditing and compliance (i.e. PCI-DSS) which
> need to be included and documented in our architectural process/design. The
> most time is and should be spent on that  design and the rest is primarily
> fine-tuning.
>
>
>
> --
> Cheers,
>
> Steven
> ---
> Steven Acres
> UNIX/Linux System Administrator
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>



-- 
Met vriendelijke groet,

Martin Willemsma

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.