[Puppet Users] err: compile erro
Hi, I am trying to transfer more than 3mb file form puppet server to client, I am error like below err: compile error (erb):1189: Invalid char `\027' in expression Please help. -- * Regards*** * Sumith** * -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] err: compile erro
Hi, Thanks for the reply When I am trying to transfer/update a big file ( more than 3mb ) from server to agent, its copying/updaing only 275kp . Please let me know if any file limit settings in puppet configuration. On Tue, May 24, 2011 at 1:05 PM, Denmat tu2bg...@gmail.com wrote: Hi, It is complaining that you have an illegal character in your ERB file. We will need to see more of your manifest to help any further. Have a look at these links and see if they don't help you first. http://docs.puppetlabs.com/guides/templating.html#syntax-checking http://www.devco.net/pubwiki/Puppet/GettingStarted/5 This is a great site for helping to debug code too: http://www.devco.net/archives/2009/08/19/tips_and_tricks_for_puppet_debugging.php Cheers, Den On 24/05/2011, at 17:01, Sumith Sudhakaran sumit...@gmail.com wrote: Hi, I am trying to transfer more than 3mb file form puppet server to client, I am error like below err: compile error (erb):1189: Invalid char `\027' in expression Please help. -- * Regards*** * Sumith** * -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- * Regards*** * Sumith** * -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] err: compile erro
Hi, It is complaining that you have an illegal character in your ERB file. We will need to see more of your manifest to help any further. Have a look at these links and see if they don't help you first. http://docs.puppetlabs.com/guides/templating.html#syntax-checking http://www.devco.net/pubwiki/Puppet/GettingStarted/5 This is a great site for helping to debug code too: http://www.devco.net/archives/2009/08/19/tips_and_tricks_for_puppet_debugging.php Cheers, Den On 24/05/2011, at 17:01, Sumith Sudhakaran sumit...@gmail.com wrote: Hi, I am trying to transfer more than 3mb file form puppet server to client, I am error like below err: compile error (erb):1189: Invalid char `\027' in expression Please help. -- Regards Sumith -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] err: compile erro
No, there is no file limit that I'm aware of. It uses https to copy the file and on the native webrick server maybe you're hitting some inherent timeout or other. There are some old pre .25 discussions on it. http://groups.google.com/group/puppet-users/browse_thread/thread/7e91404c1673b2b1 Basic conclusion seems to be to use apache if you're going to transfer large files. I uses apache/passenger combination and don't have file transfer issues, but I can't recall if any of the files are larger than 3mb. Cheers, Den On 24/05/2011, at 17:50, Sumith Sudhakaran sumit...@gmail.com wrote: Hi, Thanks for the reply When I am trying to transfer/update a big file ( more than 3mb ) from server to agent, its copying/updaing only 275kp . Please let me know if any file limit settings in puppet configuration. On Tue, May 24, 2011 at 1:05 PM, Denmat tu2bg...@gmail.com wrote: Hi, It is complaining that you have an illegal character in your ERB file. We will need to see more of your manifest to help any further. Have a look at these links and see if they don't help you first. http://docs.puppetlabs.com/guides/templating.html#syntax-checking http://www.devco.net/pubwiki/Puppet/GettingStarted/5 This is a great site for helping to debug code too: http://www.devco.net/archives/2009/08/19/tips_and_tricks_for_puppet_debugging.php Cheers, Den On 24/05/2011, at 17:01, Sumith Sudhakaran sumit...@gmail.com wrote: Hi, I am trying to transfer more than 3mb file form puppet server to client, I am error like below err: compile error (erb):1189: Invalid char `\027' in expression Please help. -- Regards Sumith -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Regards Sumith -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] err: compile erro
But when I am trying to transfer, getting error only err: Could not retrieve catalog from remote server: Error 400 on SERVER: compile error (erb):2385: Invalid char `\217' in expression (erb):2385: Invalid char `\333' in expression (erb):2385: Invalid char `\026' in expression (erb):2385: Invalid char `\210' in expression (erb):2385: Invalid char `\354' in expression This file size is 7Mb. I am able to transfer Kb files without any error. On Tue, May 24, 2011 at 1:49 PM, Denmat tu2bg...@gmail.com wrote: No, there is no file limit that I'm aware of. It uses https to copy the file and on the native webrick server maybe you're hitting some inherent timeout or other. There are some old pre .25 discussions on it. http://groups.google.com/group/puppet-users/browse_thread/thread/7e91404c1673b2b1 Basic conclusion seems to be to use apache if you're going to transfer large files. I uses apache/passenger combination and don't have file transfer issues, but I can't recall if any of the files are larger than 3mb. Cheers, Den On 24/05/2011, at 17:50, Sumith Sudhakaran sumit...@gmail.com sumit...@gmail.com wrote: Hi, Thanks for the reply When I am trying to transfer/update a big file ( more than 3mb ) from server to agent, its copying/updaing only 275kp . Please let me know if any file limit settings in puppet configuration. On Tue, May 24, 2011 at 1:05 PM, Denmat tu2bg...@gmail.comtu2bg...@gmail.com tu2bg...@gmail.com wrote: Hi, It is complaining that you have an illegal character in your ERB file. We will need to see more of your manifest to help any further. Have a look at these links and see if they don't help you first. http://docs.puppetlabs.com/guides/templating.html#syntax-checkinghttp://docs.puppetlabs.com/guides/templating.html#syntax-checking http://docs.puppetlabs.com/guides/templating.html#syntax-checking http://www.devco.net/pubwiki/Puppet/GettingStarted/5http://www.devco.net/pubwiki/Puppet/GettingStarted/5 http://www.devco.net/pubwiki/Puppet/GettingStarted/5 This is a great site for helping to debug code too: http://www.devco.net/archives/2009/08/19/tips_and_tricks_for_puppet_debugging.phphttp://www.devco.net/archives/2009/08/19/tips_and_tricks_for_puppet_debugging.php http://www.devco.net/archives/2009/08/19/tips_and_tricks_for_puppet_debugging.php Cheers, Den On 24/05/2011, at 17:01, Sumith Sudhakaran sumit...@gmail.comsumit...@gmail.com sumit...@gmail.com wrote: Hi, I am trying to transfer more than 3mb file form puppet server to client, I am error like below err: compile error (erb):1189: Invalid char `\027' in expression Please help. -- * Regards*** * Sumith** * -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.compuppet-users@googlegroups.com puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users%2bunsubscr...@googlegroups.compuppet-users+unsubscr...@googlegroups.com puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=enhttp://groups.google.com/group/puppet-users?hl=en http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.compuppet-users@googlegroups.com puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users%2bunsubscr...@googlegroups.compuppet-users+unsubscr...@googlegroups.com puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=enhttp://groups.google.com/group/puppet-users?hl=en http://groups.google.com/group/puppet-users?hl=en. -- * Regards*** * Sumith** * -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- * Regards*** * Sumith** * -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this
Re: [Puppet Users] err: compile erro
Hi, below I am mentioning my manifests file file { /usr/11.pdf: owner = root, group = root, mode = 664, content = template(/usr/11.pdf), } On Tue, May 24, 2011 at 1:05 PM, Denmat tu2bg...@gmail.com wrote: Hi, It is complaining that you have an illegal character in your ERB file. We will need to see more of your manifest to help any further. Have a look at these links and see if they don't help you first. http://docs.puppetlabs.com/guides/templating.html#syntax-checking http://www.devco.net/pubwiki/Puppet/GettingStarted/5 This is a great site for helping to debug code too: http://www.devco.net/archives/2009/08/19/tips_and_tricks_for_puppet_debugging.php Cheers, Den On 24/05/2011, at 17:01, Sumith Sudhakaran sumit...@gmail.com wrote: Hi, I am trying to transfer more than 3mb file form puppet server to client, I am error like below err: compile error (erb):1189: Invalid char `\027' in expression Please help. -- * Regards*** * Sumith** * -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- * Regards*** * Sumith** * -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] err: compile erro
Hi, You trying to use a PDF as a template file? I think I've already told you that template won't work as you are telling puppet to use the erb interpreter. content = template(/usr/11.pdf), Try: source = /usr/11.pdf or use a uri to to location of the file. I strongly urge you to read the documentation provided in the various links I've included in my replies. Cheers, Den On 24/05/2011, at 19:02, Sumith Sudhakaran sumit...@gmail.com wrote: Hi, below I am mentioning my manifests file file { /usr/11.pdf: owner = root, group = root, mode = 664, content = template(/usr/11.pdf), } On Tue, May 24, 2011 at 1:05 PM, Denmat tu2bg...@gmail.com wrote: Hi, It is complaining that you have an illegal character in your ERB file. We will need to see more of your manifest to help any further. Have a look at these links and see if they don't help you first. http://docs.puppetlabs.com/guides/templating.html#syntax-checking http://www.devco.net/pubwiki/Puppet/GettingStarted/5 This is a great site for helping to debug code too: http://www.devco.net/archives/2009/08/19/tips_and_tricks_for_puppet_debugging.php Cheers, Den On 24/05/2011, at 17:01, Sumith Sudhakaran sumit...@gmail.com wrote: Hi, I am trying to transfer more than 3mb file form puppet server to client, I am error like below err: compile error (erb):1189: Invalid char `\027' in expression Please help. -- Regards Sumith -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Regards Sumith -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Should puppet manage its own client configs?
On 05/16/2011 09:14 PM, Jonathan Gazeley wrote: We have configured puppet to manage its own puppet.conf on clients, and to ensure that puppetd is running on all hosts. Hi, maybe I'm being dense, but this doesn't address the original issue, does it? If you manage to deploy an utterly broken config, puppet won't be able to get itself back up to speed because it cannot start anymore. Am I missing something here? Cheers, Felix -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Ensure a package is newer than version X
On 05/17/2011 09:37 PM, Doug Warner wrote: On Gentoo we would handle this by putting a mask in place to mask versions 1.7.1, then just ensure = installed on the package. Come to think of it, Debian would do this using apt pinning. There are probably yum/zypper counterparts for the RPM world. Cheers, Felix -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: Ang.: Re: [Puppet Users] Facter with a gem
On 05/18/2011 05:18 PM, Patrick wrote: On May 18, 2011, at 1:20 AM, patant wrote: Good idea! Now I found another problem. Some facts dosent't works when I call them explicit. The facter shows up in the list when I run facter --puppet. But when I call facter --puppet facter name it dosen't give me the value that I got in the list. Returns nothing. facter gives me: -- uptime = 2 days uptime_days = 2 uptime_hours = 49 uptime_seconds = 178750 virtual = physical facter uptime_seconds gives me nothing. I've seen a problem similar to this, and with that problem, the puppet fact works just fine. So I'd test it in puppet and ignore the problem if puppet is fine. IIRC the reason is that the fact doesn't live in a file called factname.rb. Is this the case here? Otherwise I second Patrick's notion: Ignore the commandline weirdness and go ahead. Regards, Felix -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Should puppet manage its own client configs?
On 24/05/11 11:24, Felix Frank wrote: On 05/16/2011 09:14 PM, Jonathan Gazeley wrote: We have configured puppet to manage its own puppet.conf on clients, and to ensure that puppetd is running on all hosts. Hi, maybe I'm being dense, but this doesn't address the original issue, does it? If you manage to deploy an utterly broken config, puppet won't be able to get itself back up to speed because it cannot start anymore. Am I missing something here? No, you are correct. If I deploy a garbage config, it will break the puppet clients. But the benefit is that I can easily deploy a modified puppet config to many clients if we need to add extra config parameters in future. I can mitigate the risk by carefully testing the new puppet.conf on an isolated dev machine. Cheers, Jonathan Cheers, Felix -- Jonathan Gazeley Network Specialist Residential Mobile IT IT Services University of Bristol -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] err: compile erro
source option is giving error like below, err: /Stage[main]/Motd/File[/opt/libisc.a]: Could not evaluate: Error 400 on SERVER: Not authorized to call find on /file_metadata/usr/local/lib/libisc.a Could not retrieve file metadata for puppet://puppetmaster.localdomain/usr/local/lib/libisc.a: Error 400 on SERVER: Not authorized to call find on /file_metadata/usr/local/lib/libisc.a at /etc/puppet/manifests/classes/motd.pp:10 But I am able to transfer Kb file using template option, that's why I followed the same in Mb case also. On Tue, May 24, 2011 at 3:37 PM, Denmat tu2bg...@gmail.com wrote: Hi, You trying to use a PDF as a template file? I think I've already told you that template won't work as you are telling puppet to use the erb interpreter. content = template(/usr/11.pdf), Try: source = /usr/11.pdf or use a uri to to location of the file. I strongly urge you to read the documentation provided in the various links I've included in my replies. Cheers, Den On 24/05/2011, at 19:02, Sumith Sudhakaran sumit...@gmail.com sumit...@gmail.com wrote: Hi, below I am mentioning my manifests file file { /usr/11.pdf: owner = root, group = root, mode = 664, content = template(/usr/11.pdf), } On Tue, May 24, 2011 at 1:05 PM, Denmat tu2bg...@gmail.comtu2bg...@gmail.com tu2bg...@gmail.com wrote: Hi, It is complaining that you have an illegal character in your ERB file. We will need to see more of your manifest to help any further. Have a look at these links and see if they don't help you first. http://docs.puppetlabs.com/guides/templating.html#syntax-checkinghttp://docs.puppetlabs.com/guides/templating.html#syntax-checking http://docs.puppetlabs.com/guides/templating.html#syntax-checking http://www.devco.net/pubwiki/Puppet/GettingStarted/5http://www.devco.net/pubwiki/Puppet/GettingStarted/5 http://www.devco.net/pubwiki/Puppet/GettingStarted/5 This is a great site for helping to debug code too: http://www.devco.net/archives/2009/08/19/tips_and_tricks_for_puppet_debugging.phphttp://www.devco.net/archives/2009/08/19/tips_and_tricks_for_puppet_debugging.php http://www.devco.net/archives/2009/08/19/tips_and_tricks_for_puppet_debugging.php Cheers, Den On 24/05/2011, at 17:01, Sumith Sudhakaran sumit...@gmail.comsumit...@gmail.com sumit...@gmail.com wrote: Hi, I am trying to transfer more than 3mb file form puppet server to client, I am error like below err: compile error (erb):1189: Invalid char `\027' in expression Please help. -- * Regards*** * Sumith** * -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.compuppet-users@googlegroups.com puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users%2bunsubscr...@googlegroups.compuppet-users+unsubscr...@googlegroups.com puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=enhttp://groups.google.com/group/puppet-users?hl=en http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.compuppet-users@googlegroups.com puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users%2bunsubscr...@googlegroups.compuppet-users+unsubscr...@googlegroups.com puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=enhttp://groups.google.com/group/puppet-users?hl=en http://groups.google.com/group/puppet-users?hl=en. -- * Regards*** * Sumith** * -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- * Regards*** * Sumith** * -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit
Re: [Puppet Users] Should puppet manage its own client configs?
On 05/24/2011 12:29 PM, Jonathan Gazeley wrote: If you manage to deploy an utterly broken config, puppet won't be able to get itself back up to speed because it cannot start anymore. Am I missing something here? No, you are correct. If I deploy a garbage config, it will break the puppet clients. But the benefit is that I can easily deploy a modified puppet config to many clients if we need to add extra config parameters in future. I can mitigate the risk by carefully testing the new puppet.conf on an isolated dev machine. That's an utter relief. I've deployed a mechanism that will deploy a puppet.conf alongside the actual one and notify a script that becomes active after the catalog run proper. It activates the new config, but if puppet is found to not run correctly afterwards, the original config is restored instead. Cheers, Felix -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Ang.: Re: Ang.: Re: [Puppet Users] Facter with a gem
If I remove the extension .rb the facter dosen't work. So that's not the issue. /Patrik -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] changing the default key length and hash
On May 24, 2011, at 1:38 AM, Daniel Pittman wrote: On Fri, May 20, 2011 at 08:23, Nigel Kersten ni...@puppetlabs.com wrote: On Fri, May 20, 2011 at 5:39 AM, Mark Stanislav mark.stanis...@gmail.com wrote: In short, I'm in agreement with you. With the CA which is defaulted to 5 years (not at all surprising) there's no doubt that soon (maybe 2.7 is a good time?) that 2048 key size should be used for at least the CA key, if not default for client key generation as well. Secondly, yes, I don't know why MD5 would be the hashing algorithm of choice in this case either. As I recall last year, most major root CAs went to 2048 last year to not anger the NIST recommendation. We will do this for 2.7.x unless we get major pushback from the community. To replicate what I said in RedMine: For those playing along at home ;) http://projects.puppetlabs.com/issues/6663 I am strongly of the view that we should follow the most restrictive of the current sets of government advice (eg: BSI, NSA/NIST, etc) and advice from the experts in the field. If this requires addressing the question of how to achieve compatibility then we had better solve this, before someone genuinely breaks MD5, or RSA, or whatever in a way that matters to us, and we end up in more serious trouble: having to solve this in zero time, rather than with the relatively luxury of time. There will of course be a trade-off for security versus performance, which is why being reasonable about strength used should be also considered. 2048 bit RSA keys are 'good' until ~2030 at this time (according to NIST). Considering a default CA cert is five years for Puppet, this is a very reasonable way to go. There shouldn't be a compatibility issue to solve unless there's some interesting crypto voodoo occurring in Puppet ;) Larger keys, better hashing (probably by adding them as well as md5, rather than just replacing it, etc.) I really don't know of any reason to implement MD5 at all. It *is* broken and we do have better algorithms to implement. Even if SHA-1 is on its last leg, it's still a step-up. SHA-256 is preferred, though. Again, a great discussion to be having and very forward thinking. -Mark (Oh, and we absolutely have the capabilities to inspect the client version and make intelligent decisions about what we ship in terms of checksums, etc, as part of our compatibility story. As long as the master leads the agent in version we should be fine.) Daniel -- ⎋ Puppet Labs Developer – http://puppetlabs.com ✉ Daniel Pittman dan...@puppetlabs.com ✆ Contact me via gtalk, email, or phone: +1 (877) 575-9775 ♲ Made with 100 percent post-consumer electrons -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Inheritance in parametrized classes
Correct is such a nuanced word. I don't know whether the observed behavior is by design, but I don't find it surprising. I would not have found your expected behavior surprising either, however. You may be able to achieve your desired result like this: class { parent: foo = test } class { child: foo = test } Yes, I finally reached the same conclusion. This is exactly how I fixed it. That is, it is safe to include both a class and one of its subclasses in the same manifest. Do be aware, however, that you should create subclasses *only* to override superclass resource properties. And with parameterized classes, you can achieve an equivalent result via class parameters instead. In this example I wasn't overriding any property but I was doing so in my real case, so inheritance was needed here. If you want a class that declares all the resources of another, plus more, then have one class include the other instead of inheriting it. Except don't do that with parameterized classes: Puppet Labs recommends against it, and there are practical reasons to avoid doing so. That's how I'm doing it when I don't have to override any property. IMHO It's becoming more and more difficult to know what's the correct way to do something since the introduction of the parametrized classes. They are a huge improvement though. Cheers -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] installing puppet client
Hi, how to install puppet client thru puppet master . My requirement is to install puppet client nearly 400 client servers. its difficult to install puppet client in all the servers by apt- get . share u r suggestions . Regards chebrian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] installing puppet client
We have 600 compute nodes, and we face the same issue. Fortunately, all of our nodes (except for 10 dual-homed gateways) are on a private 10.x.x.x network, so once someone is authenticated he or she can rsh around the cluster. So, we used multi-rsh to do the initial work for us. I created a tarball with everything the client needed to get itself up and running: ruby, facter, config file, the works. Then multi-rsh pushed the tarball to the boxes, untarred the file and launched the client. From there is was a matter of signing all the cert requests, then waiting for all the boxes to settle down. I spent a day using our test cluster to get everything working correctly, I even compiled ruby from source. This make upgrading puppet on the clients a breeze. I create a new tarball, and untar it across the cluster, restart the clients, and in a few minutes all 600 nodes are upgraded. Again, this is possible because we use rsh after authentication so multi-rsh just works. ~Charles~ On Tue, May 24, 2011 at 8:55 AM, CHEBRIAN ksd@gmail.com wrote: Hi, how to install puppet client thru puppet master . My requirement is to install puppet client nearly 400 client servers. its difficult to install puppet client in all the servers by apt- get . share u r suggestions . Regards chebrian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] nice real world web server + db server example
Hi, I know there is forge.puppetlabs and example42. I'm looking for a real world example that someone uses (and has open sourced) of setting up a config for a website (web server + db server). Is there anything? Something that uses the latest version, and follows best practices. Thanks allot! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Variable interpolation challenge
Thanks Nan, until they make a function out of that I'll keep the template in my cheat sheet. On Mon, May 23, 2011 at 4:53 PM, Nan Liu n...@puppetlabs.com wrote: On Mon, May 23, 2011 at 3:51 PM, Aaron Grewell aaron.grew...@gmail.com wrote: I'm having a problem with variable interpolation that I haven't found a good solution to. I want to use a variable as part of the name of a fact, but the interpolation doesn't work as expected. I've allowed for passing the mac address into my define() but if it's not provided I want to look it up via facter. if $macaddress_${name} { $final_hwaddr = $macaddress_${name} } I want Puppet to look up the value of macaddress_eth0 or whatever, but instead it returns the value of $name. How can I get the appropriate value? Should be a function instead of inline_template: $myvar = macaddress_${name} $hwaddr = inline_template(%= scope.lookupvar(myvar) %) Nan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Template conditionals
Yup, that works. FYI there's a bug in the docs. The example shown here: http://docs.puppetlabs.com/guides/templating.html#undefined-variables Looks like so: % if has_variable?(myvar) then % myvar has %= myvar % value % end % On Mon, May 23, 2011 at 4:59 PM, Nan Liu n...@puppetlabs.com wrote: On Mon, May 23, 2011 at 4:09 PM, Aaron Grewell aaron.grew...@gmail.com wrote: I've got a conditional statement that isn't working the way I expect. I've created a define() for building network interfaces, but two of the entries (master slave) are only appropriate for bonded interfaces. I would like them to be completely excluded from regular interfaces. This seems easy enough according to the docs, set master slave to 'undef' and use the 'if has_variable' syntax in the template. It doesn't work though. I also tried using 'if variable != undef' but this also does not work. Interestingly the results of the two are exactly the same. I'm clearly missing something. How do I get the template to skip these lines? The results end up looking like this: ### This file is being managed by Puppet ### DO NOT EDIT DEVICE=eth0 BOOTPROTO=none ONBOOT=yes IPADDR=192.168.1.1 NETMASK=255.255.255.0 HWADDR=eth0 MASTER=undef SLAVE=undef The define is built like so: define network_interface ( $bootproto, $onboot, $ipaddr = undef, $netmask = undef, $hwaddr = undef, $master = undef, $slave = undef ){ SNIP } And the template looks like: ### This file is being managed by Puppet ### DO NOT EDIT DEVICE=%= name % BOOTPROTO=%= bootproto % ONBOOT=%= onboot % % if ipaddr != undef -% IPADDR=%= ipaddr % % end -% % if netmask != undef -% NETMASK=%= netmask % % end -% % if final_hwaddr != undef -% HWADDR=%= final_hwaddr % % end -% % if master != undef -% MASTER=%= master % % end -% % if slave != undef -% SLAVE=%= slave % % end -% Or I also tried: ### This file is being managed by Puppet ### DO NOT EDIT DEVICE=%= name % BOOTPROTO=%= bootproto % ONBOOT=%= onboot % % if has_variable?(ipaddr) then -% IPADDR=%= ipaddr % % end -% % if has_variable?(netmask) then -% NETMASK=%= netmask % % end -% % if has_variable?(final_hwaddr) then -% HWADDR=%= final_hwaddr % % end -% % if has_variable?(master) then -% MASTER=%= master % % end -% % if has_variable?(slave) then -% SLAVE=%= slave % % end -% Don't quote it, has_variable?(slave). Nan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] problem with rack versions and puppet-dashboard
I get this error can't activate rack (~ 1.0.1), already activated rack-1.2.2 It appears that puppet-dashboard uses rack 1.0.1 but passenger 3.0.7 needs to use rack1.2.2 Is there a way around this or make dashboard use rack 1.2.2? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] problem with rack versions and puppet-dashboard
On Tue, 24 May 2011 10:40:03 -0500, you said: I get this error can't activate rack (~ 1.0.1), already activated rack-1.2.2 It appears that puppet-dashboard uses rack 1.0.1 but passenger 3.0.7 needs to use rack1.2.2 Is there a way around this or make dashboard use rack 1.2.2? Don't know if it's the supported way to do it, but I simply removed the embedded version of rack that ships with puppet-dashboard: cd path-to-dashboard git clone git://github.com/puppetlabs/puppet-dashboard.git rm -r vendor/gems/rack-1.0.1 sed -i -e 's,~ 1.0.1,~ 1.2.2,' vendor/rails/actionpack/lib/action_controller.rb cp my-config-path/config.ru . sudo service httpd start (or however you start apache/nginx). Is there a recommended way to resolve this conflict? ~David Klann signature.asc Description: PGP signature
Re: [Puppet Users] Template conditionals
Argh, I'll have to take that back. The docs are right, the quotes are in fact necessary. Without them has_variable will always return false. Here's the rub: If a variable is never declared then has_variable returns false. If it's set to 'undef' then it returns true. That wouldn't be so bad if you could use the comparison operators to check for 'undef' but you can't. I worked around it by using the string value none as my class default value so that the != operator would work in the template. The problem with that is that it breaks the 'if $variable { do stuff }' construct which is so widely used. IMHO the current functionality should either be changed or specifically called out in the templating docs so users aren't caught by surprise. On Tue, May 24, 2011 at 8:30 AM, Aaron Grewell aaron.grew...@gmail.comwrote: Yup, that works. FYI there's a bug in the docs. The example shown here: http://docs.puppetlabs.com/guides/templating.html#undefined-variables Looks like so: % if has_variable?(myvar) then % myvar has %= myvar % value % end % On Mon, May 23, 2011 at 4:59 PM, Nan Liu n...@puppetlabs.com wrote: On Mon, May 23, 2011 at 4:09 PM, Aaron Grewell aaron.grew...@gmail.com wrote: I've got a conditional statement that isn't working the way I expect. I've created a define() for building network interfaces, but two of the entries (master slave) are only appropriate for bonded interfaces. I would like them to be completely excluded from regular interfaces. This seems easy enough according to the docs, set master slave to 'undef' and use the 'if has_variable' syntax in the template. It doesn't work though. I also tried using 'if variable != undef' but this also does not work. Interestingly the results of the two are exactly the same. I'm clearly missing something. How do I get the template to skip these lines? The results end up looking like this: ### This file is being managed by Puppet ### DO NOT EDIT DEVICE=eth0 BOOTPROTO=none ONBOOT=yes IPADDR=192.168.1.1 NETMASK=255.255.255.0 HWADDR=eth0 MASTER=undef SLAVE=undef The define is built like so: define network_interface ( $bootproto, $onboot, $ipaddr = undef, $netmask = undef, $hwaddr = undef, $master = undef, $slave = undef ){ SNIP } And the template looks like: ### This file is being managed by Puppet ### DO NOT EDIT DEVICE=%= name % BOOTPROTO=%= bootproto % ONBOOT=%= onboot % % if ipaddr != undef -% IPADDR=%= ipaddr % % end -% % if netmask != undef -% NETMASK=%= netmask % % end -% % if final_hwaddr != undef -% HWADDR=%= final_hwaddr % % end -% % if master != undef -% MASTER=%= master % % end -% % if slave != undef -% SLAVE=%= slave % % end -% Or I also tried: ### This file is being managed by Puppet ### DO NOT EDIT DEVICE=%= name % BOOTPROTO=%= bootproto % ONBOOT=%= onboot % % if has_variable?(ipaddr) then -% IPADDR=%= ipaddr % % end -% % if has_variable?(netmask) then -% NETMASK=%= netmask % % end -% % if has_variable?(final_hwaddr) then -% HWADDR=%= final_hwaddr % % end -% % if has_variable?(master) then -% MASTER=%= master % % end -% % if has_variable?(slave) then -% SLAVE=%= slave % % end -% Don't quote it, has_variable?(slave). Nan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Applying Catalogs
Hi Experts, I need to use puppet to define multiple service sets (e.g. a proxy server, a web server and a gmond). And don't know which of the following two approaches is better. (For dependency reason I have to apply the above 3 service sets in 3 separate steps, and webserver need proxy, and gmond need webserver, for example) approach 1). I can generate compiled catalog for separate service sets, i.e. use different nodes.pp with puppet master --compile and generate proxy.yaml, webserver.yaml and gmond.yaml. Then on the client I do puppet apply --apply proxy.yaml, then webserver.yaml, then gmond.yaml in three steps. approach 2). I can generate compiled catalog for proxy.yaml, then proxy+webserver.yaml, then proxy+webserver+gmond.yaml. Then apply these three catalogs in three steps. Which way do you suggest? (Hope I was clear enough in the question :-) Thanks -Yushu +-+ | Yushu Yao | Ph:1-510-486-4690 | | Lawrence Berkeley National Lab | 1 Cyclotron Road | Berkeley CA 94720 - USA +-+ -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] changing the default key length and hash
On Tue, May 24, 2011 at 06:36, Mark Stanislav mark.stanis...@gmail.com wrote: On May 24, 2011, at 1:38 AM, Daniel Pittman wrote: On Fri, May 20, 2011 at 08:23, Nigel Kersten ni...@puppetlabs.com wrote: On Fri, May 20, 2011 at 5:39 AM, Mark Stanislav mark.stanis...@gmail.com wrote: […] Larger keys, better hashing (probably by adding them as well as md5, rather than just replacing it, etc.) I really don't know of any reason to implement MD5 at all. It *is* broken and we do have better algorithms to implement. Even if SHA-1 is on its last leg, it's still a step-up. SHA-256 is preferred, though. Ah. We have a policy of supporting at least two major versions back, and would generally prefer not to have to go and patch all the 2.6 and 2.7 releases out there when 2.8 moves to a more secure hash. (...or 0.25 and 2.6 when 2.7 adds it. ;) So, it isn't a requirement for any reason other than our desire not to make more work for ourselves than we need to; it would also be good to get into a mode where we are good at changing the hash; SHA derivatives won't last forever either. Regards, Daniel -- ⎋ Puppet Labs Developer – http://puppetlabs.com ✉ Daniel Pittman dan...@puppetlabs.com ✆ Contact me via gtalk, email, or phone: +1 (877) 575-9775 ♲ Made with 100 percent post-consumer electrons -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Applying Catalogs
Thanks Patrick! On Tue, May 24, 2011 at 10:28 AM, Patrick kc7...@gmail.com wrote: On May 24, 2011, at 10:03 AM, Yushu Yao wrote: (For dependency reason I have to apply the above 3 service sets in 3 separate steps, and webserver need proxy, and gmond need webserver, for example) So, why can't you just create three classes, one for each service. Then have each class require the one before it so the dependencies happen in the right order? Because I have inter-node dependency. I.e. webserver might depend on mysql server that's on another node (puppet client), while mysql server at the same time need proxy server. Sorry if I'm being too confusing :-) -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] changing the default key length and hash
On May 24, 2011, at 1:50 PM, Daniel Pittman wrote: On Tue, May 24, 2011 at 06:36, Mark Stanislav mark.stanis...@gmail.com wrote: On May 24, 2011, at 1:38 AM, Daniel Pittman wrote: On Fri, May 20, 2011 at 08:23, Nigel Kersten ni...@puppetlabs.com wrote: On Fri, May 20, 2011 at 5:39 AM, Mark Stanislav mark.stanis...@gmail.com wrote: […] Larger keys, better hashing (probably by adding them as well as md5, rather than just replacing it, etc.) I really don't know of any reason to implement MD5 at all. It *is* broken and we do have better algorithms to implement. Even if SHA-1 is on its last leg, it's still a step-up. SHA-256 is preferred, though. Ah. We have a policy of supporting at least two major versions back, and would generally prefer not to have to go and patch all the 2.6 and 2.7 releases out there when 2.8 moves to a more secure hash. (...or 0.25 and 2.6 when 2.7 adds it. ;) I don't think there should be a compat issue with regard to certificates as that would be relevant to SSL libraries which should have fully supported those algorithms for years. I could also be entirely wrong so feel free to let me know as I'm speaking from a basic crypto perspective and not with respect to Puppet directly. So, it isn't a requirement for any reason other than our desire not to make more work for ourselves than we need to; it would also be good to get into a mode where we are good at changing the hash; SHA derivatives won't last forever either. NIST is working on the AHS candidates still and the timeline pushes it out until 2013 to likely 'implement' it as a new standard (at least formally). SHA 256/384/512 are going to be plenty sustainable for this time period and the foreseeable future. -Mark Regards, Daniel -- ⎋ Puppet Labs Developer – http://puppetlabs.com ✉ Daniel Pittman dan...@puppetlabs.com ✆ Contact me via gtalk, email, or phone: +1 (877) 575-9775 ♲ Made with 100 percent post-consumer electrons -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] ruby 1.9.2 rpms for testing
Hello... I noticed from the list that puppet is not ready for ruby 1.9.2 yet. I'm working at a ruby shop so I gave a shot at building ruby 1.9.2 rpms with supporting gems for RHEL/CentOS. I have ruby-1.9.2 rpms that replace the vendor rpms and ruby192 rpms that install in parallel with the vendor rpms. Is anyone interested in using these rpms to get puppet working with 1.9.2 and/or other ruby code? -- Christopher McCrory To the optimist, the glass is half full. To the pessimist, the glass is half empty. To the engineer, the glass is twice as big as it needs to be. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] nice real world web server + db server example
On Tue, May 24, 2011 at 10:13 AM, S Ahmed sahmed1...@gmail.com wrote: I know there is forge.puppetlabs and example42. I'm looking for a real world example that someone uses (and has open sourced) of setting up a config for a website (web server + db server). Is there anything? Something that uses the latest version, and follows best practices. https://github.com/wesabe/puppet-apache2 https://github.com/duritong/puppet-mysql Just taking a guess at your web and db servers, but GitHub has a ton of useful puppet modules. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] changing the default key length and hash
On Tue, May 24, 2011 at 11:02, Mark Stanislav mark.stanis...@gmail.com wrote: On May 24, 2011, at 1:50 PM, Daniel Pittman wrote: On Tue, May 24, 2011 at 06:36, Mark Stanislav mark.stanis...@gmail.com wrote: On May 24, 2011, at 1:38 AM, Daniel Pittman wrote: On Fri, May 20, 2011 at 08:23, Nigel Kersten ni...@puppetlabs.com wrote: On Fri, May 20, 2011 at 5:39 AM, Mark Stanislav mark.stanis...@gmail.com wrote: […] Larger keys, better hashing (probably by adding them as well as md5, rather than just replacing it, etc.) I really don't know of any reason to implement MD5 at all. It *is* broken and we do have better algorithms to implement. Even if SHA-1 is on its last leg, it's still a step-up. SHA-256 is preferred, though. Ah. We have a policy of supporting at least two major versions back, and would generally prefer not to have to go and patch all the 2.6 and 2.7 releases out there when 2.8 moves to a more secure hash. (...or 0.25 and 2.6 when 2.7 adds it. ;) I don't think there should be a compat issue with regard to certificates as that would be relevant to SSL libraries which should have fully supported those algorithms for years. I could also be entirely wrong so feel free to let me know as I'm speaking from a basic crypto perspective and not with respect to Puppet directly. Ah. I was thinking in the broader scope of getting us away from insecure hashes elsewhere in the product. From a strictly certificate POV, indeed, it should be just fine. Daniel -- ⎋ Puppet Labs Developer – http://puppetlabs.com ✉ Daniel Pittman dan...@puppetlabs.com ✆ Contact me via gtalk, email, or phone: +1 (877) 575-9775 ♲ Made with 100 percent post-consumer electrons -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: custom facter does not show up on client
I enable pluginsyn. But still not working. I am attaching the message here: Retrieving plugin May 24 15:46:22 puppetclient1 puppet-agent[23314]: (/File[/var/lib/ puppet/lib]) Failed to generate additional resources using 'eval_generate': Connection refused - connect(2) May 24 15:46:22 puppetclient1 puppet-agent[23314]: (/File[/var/lib/ puppet/lib]) Could not evaluate: Connection refused - connect(2) Could not retrieve file metadata for puppet://puppetmaster1/plugins: Conn ection refused - connect(2) May 24 15:46:23 puppetclient1 puppet-agent[23314]: Could not retrieve catalog from remote server: Connection refused - connect(2) May 24 15:46:23 puppetclient1 puppet-agent[23314]: Not using cache on failed catalog May 24 15:46:23 puppetclient1 puppet-agent[23314]: Could not retrieve catalog; skipping run May 24 15:46:23 puppetclient1 puppet-agent[23314]: Could not send report: Connection refused - connect(2) I can not figure out what is wrong. Help!! -Haiyan On May 23, 5:26 pm, Nan Liu n...@puppetlabs.com wrote: On Mon, May 23, 2011 at 2:06 PM, hyzhang hyzh...@jcvi.org wrote: Hi, I wrote acustomfactercalled active_interface and put in /etc/puppet/ modules/networking/lib/facterdirectory. Then I did export RUBYLIB=/etc/puppet/modules/networking/lib on puppet master. On puppet master, it works. facteractive_interface eth0 But on client, it did not even seem to try to pull it from master. The log does not show any event related. Do I miss something? Enable pluginsync option on the the client puppet.conf, and test on the client with the commandfacter-p. HTH, Nan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: custom facter does not show up on client
Hi, Can you confirm you can connect to the puppetmaster from the client? Also on the command line on the client you have to specify --server servername. To verify puppet master to client connectivity try: openssl s_client -connect servername:8140 Cheers, Den On 25/05/2011, at 5:53, hyzhang hyzh...@jcvi.org wrote: I enable pluginsyn. But still not working. I am attaching the message here: Retrieving plugin May 24 15:46:22 puppetclient1 puppet-agent[23314]: (/File[/var/lib/ puppet/lib]) Failed to generate additional resources using 'eval_generate': Connection refused - connect(2) May 24 15:46:22 puppetclient1 puppet-agent[23314]: (/File[/var/lib/ puppet/lib]) Could not evaluate: Connection refused - connect(2) Could not retrieve file metadata for puppet://puppetmaster1/plugins: Conn ection refused - connect(2) May 24 15:46:23 puppetclient1 puppet-agent[23314]: Could not retrieve catalog from remote server: Connection refused - connect(2) May 24 15:46:23 puppetclient1 puppet-agent[23314]: Not using cache on failed catalog May 24 15:46:23 puppetclient1 puppet-agent[23314]: Could not retrieve catalog; skipping run May 24 15:46:23 puppetclient1 puppet-agent[23314]: Could not send report: Connection refused - connect(2) I can not figure out what is wrong. Help!! -Haiyan On May 23, 5:26 pm, Nan Liu n...@puppetlabs.com wrote: On Mon, May 23, 2011 at 2:06 PM, hyzhang hyzh...@jcvi.org wrote: Hi, I wrote acustomfactercalled active_interface and put in /etc/puppet/ modules/networking/lib/facterdirectory. Then I did export RUBYLIB=/etc/puppet/modules/networking/lib on puppet master. On puppet master, it works. facteractive_interface eth0 But on client, it did not even seem to try to pull it from master. The log does not show any event related. Do I miss something? Enable pluginsync option on the the client puppet.conf, and test on the client with the commandfacter-p. HTH, Nan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Does the puppet module tool work with ruby1.9.2?
I need some sort of login to post this bug there, one which I do not have. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] ruby 1.9.2 rpms for testing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi I noticed from the list that puppet is not ready for ruby 1.9.2 yet. I'm working at a ruby shop so I gave a shot at building ruby 1.9.2 rpms with supporting gems for RHEL/CentOS. I have ruby-1.9.2 rpms that replace the vendor rpms and ruby192 rpms that install in parallel with the vendor rpms. Is anyone interested in using these rpms to get puppet working with 1.9.2 and/or other ruby code? definitely! This would probably also support early adopters. Maybe you could publish the spec files somewhere? Like on github? Awesome! Thanks! ~pete -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk3cImkACgkQbwltcAfKi3+gsgCeLJXMmZe7EOI10uXyDaj/VEc8 dcMAmgIkai1CQIRY7FG4XaJgI4nI3ncT =TsFu -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Does the puppet module tool work with ruby1.9.2?
On Tue, 24 May 2011 14:12:50 -0700, Kevin Beckford wrote: I need some sort of login to post this bug there, one which I do not have. The bug tracker does require an account to file issues, but registering an account is free, and (relatively) simple. I created a bug report from your initial email[1]. If you have any additional details you think might help please add them (though you'll still need to register an account to do so). [1] http://projects.puppetlabs.com/issues/7648 Thanks for taking the time to send us the output you were getting with Ruby 1.9. -- Jacob Helwig signature.asc Description: Digital signature
Re: [Puppet Users] Re: Puppetmaster leaving files open with too many files open error
treydock wrote: What is the current issue number? The only one I could find that mentions the same problem is this , http://projects.puppetlabs.com/issues/7203. https://bugzilla.redhat.com/show_bug.cgi?id=572722 and http://projects.puppetlabs.com/issues/3693 are both relevant here. I'd love to see a fix in either the rails activerecord component or in puppet. Seeing that older puppet versions worked with the rails stack in EPEL, it seems like it should be possible to make that work again with some changes to puppet. -- ToddOpenPGP - KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~ It is strangely absurd to suppose that a million human beings collected together are not under the same moral laws which bind them separately. -- Thomas Jefferson pgpz0HtzL8gSz.pgp Description: PGP signature
Re: [Puppet Users] Re: Puppetmaster leaving files open with too many files open error
http://projects.puppetlabs.com/issues/3238 is the issue I was thinking of, but 3693 is probably a duplicate of that. These bugs have been open a really long time. Outside of lowering the MySQL timeout value, are there any workarounds for this problem? I can't really understand how Zynga can be managing as many hosts via Puppet as they do without being affected by a bug like this, unless they're not using stored configs (which would surprise me). -- Nathan Clemons http://www.livemocha.com The worlds largest online language learning community On Tue, May 24, 2011 at 2:42 PM, Todd Zullinger t...@pobox.com wrote: treydock wrote: What is the current issue number? The only one I could find that mentions the same problem is this , http://projects.puppetlabs.com/issues/7203. https://bugzilla.redhat.com/show_bug.cgi?id=572722 and http://projects.puppetlabs.com/issues/3693 are both relevant here. I'd love to see a fix in either the rails activerecord component or in puppet. Seeing that older puppet versions worked with the rails stack in EPEL, it seems like it should be possible to make that work again with some changes to puppet. -- ToddOpenPGP - KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~ It is strangely absurd to suppose that a million human beings collected together are not under the same moral laws which bind them separately. -- Thomas Jefferson -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Applying Catalogs
On May 24, 12:56 pm, Yushu Yao y...@lbl.gov wrote: Thanks Patrick! On Tue, May 24, 2011 at 10:28 AM, Patrick kc7...@gmail.com wrote: On May 24, 2011, at 10:03 AM, Yushu Yao wrote: (For dependency reason I have to apply the above 3 service sets in 3 separate steps, and webserver need proxy, and gmond need webserver, for example) So, why can't you just create three classes, one for each service. Then have each class require the one before it so the dependencies happen in the right order? Because I have inter-node dependency. I.e. webserver might depend on mysql server that's on another node (puppet client), while mysql server at the same time need proxy server. Sorry if I'm being too confusing :-) Do not confuse functional dependency with configuration dependency. Only the latter need affect your Puppet manifests. For example, although your webserver may not function correctly until your mysql server is configured and running, you can probably apply the configuration it's going to need whether the mysql server is up and configured or not. Dependencies matter to Puppet exactly to the extent that they affect whether and how configurations can be applied to particular nodes. More often than not, your manifests don't need to do anything special about inter-node dependencies (beyond specifying each node's individual configuration). John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Applying Catalogs
Thanks John, My case is a little bit different. Because my webserver might need the IP address of the mysql node, and before mysql node is deployed and configured, it's IP address is not known. -Yushu +-+ | Yushu Yao | Ph:1-510-486-4690 | | Lawrence Berkeley National Lab | 1 Cyclotron Road | Berkeley CA 94720 - USA +-+ On Tue, May 24, 2011 at 3:09 PM, jcbollinger john.bollin...@stjude.orgwrote: On May 24, 12:56 pm, Yushu Yao y...@lbl.gov wrote: Thanks Patrick! On Tue, May 24, 2011 at 10:28 AM, Patrick kc7...@gmail.com wrote: On May 24, 2011, at 10:03 AM, Yushu Yao wrote: (For dependency reason I have to apply the above 3 service sets in 3 separate steps, and webserver need proxy, and gmond need webserver, for example) So, why can't you just create three classes, one for each service. Then have each class require the one before it so the dependencies happen in the right order? Because I have inter-node dependency. I.e. webserver might depend on mysql server that's on another node (puppet client), while mysql server at the same time need proxy server. Sorry if I'm being too confusing :-) Do not confuse functional dependency with configuration dependency. Only the latter need affect your Puppet manifests. For example, although your webserver may not function correctly until your mysql server is configured and running, you can probably apply the configuration it's going to need whether the mysql server is up and configured or not. Dependencies matter to Puppet exactly to the extent that they affect whether and how configurations can be applied to particular nodes. More often than not, your manifests don't need to do anything special about inter-node dependencies (beyond specifying each node's individual configuration). John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Applying Catalogs
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Yushu, My case is a little bit different. Because my webserver might need the IP address of the mysql node, and before mysql node is deployed and configured, it's IP address is not known. you should probably look into exported resources and export the IP of the mysql server to all your webnodes. If that's a feasible approach. Otherwise it is still unclear why you want different catalogs for each service. ~pete -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk3cMIEACgkQbwltcAfKi39YEwCcDfBNZ3ZIFrq1qSrwicTd8u0u xa8AnR8+EqQkndo8cue+qwTWgUiP7TM/ =4tiU -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: installing puppet client
On May 24, 8:55 am, CHEBRIAN ksd@gmail.com wrote: Hi, how to install puppet client thru puppet master . It is via the puppet client (or the local puppet executable) that Puppet applies changes to a system. If the client is not present on a given node then nothing the master can do will change that. My requirement is to install puppet client nearly 400 client servers. its difficult to install puppet client in all the servers by apt- get . share u r suggestions . The problem is one of scale? I mean, if you only had 10 servers to worry about, then would you still be posing the question? If you already have some method (inferior to Puppet, or you wouldn't be here) of helping to automate the management of your servers, then apply that to the task. If not, then you may be able to script up a solution based on ssh/rsh and a list of server names. Otherwise, I'm not sure what you're hoping to hear -- I mean, would you be *happy* to find that an external program could install random software on your servers without prior setup and authorization? John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] PC EU feedback: exported resource syntax is too magical, hard to read
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 If you really want to simplify people's life, make those extra attributes become metaparameters (but please keep the old syntax): user { luke: ensure = present, virtual = [boolean] } That would even allow us to parametrize virtuality/exportability with the help of an expression (ie selectors, functions, boolean expressions ...) awesome! +1 ~pete -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk3cM2YACgkQbwltcAfKi38nlACfQZ7M5Lc9UoLruDr99VmEG21o vKAAoIeR39sgLeQO90Uu5qGRyVpWFyhc =nJQx -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] installing puppet client
On 24 May 2011 23:55, CHEBRIAN ksd@gmail.com wrote: how to install puppet client thru puppet master . My requirement is to install puppet client nearly 400 client servers. its difficult to install puppet client in all the servers by apt- get . As others have said, a for loop ssh if you have root trust to your 400 servers As an FYI, we have 5.5K servers, and the way we are installing puppet is doing a server rebuild (with puppet) - so the puppet client is installed at jumpstart/kickstart time As you can imaging, it will be time consuming. I think you might just have to accept the initial hit of work for the puppet goodness that will follow Regards John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] installing puppet client
Yeah, a for loop with ssh is probably your best bet to get moving with puppet initially. Longer term you may want to consider pairing Puppet with something like Marionette, but configuring Marionette is easier once you have Puppet in place... it's a bit of chicken and egg. Ideally you pick some tools to manage your servers before you grow to that size, but if not, then you need to spend some time installing tools to manage that level of servers. The piper must be paid. Here at Livemocha we have some 100+ servers and using Puppet and Marionette has been invaluable. We do some administration with a python script that replaced our for ssh loop, but a large part of the heavy lifting is done via Puppet. Since we don't run Puppet in daemon mode, most of the time we use the script is to kick off a Puppet run manually, which we're migrating to using Marionette for (but sometimes it's nice to see all of the output, even if it takes longer without parallelization). -- Nathan Clemons http://www.livemocha.com The worlds largest online language learning community On Tue, May 24, 2011 at 4:03 PM, John Warburton jwarbur...@gmail.comwrote: On 24 May 2011 23:55, CHEBRIAN ksd@gmail.com wrote: how to install puppet client thru puppet master . My requirement is to install puppet client nearly 400 client servers. its difficult to install puppet client in all the servers by apt- get . As others have said, a for loop ssh if you have root trust to your 400 servers As an FYI, we have 5.5K servers, and the way we are installing puppet is doing a server rebuild (with puppet) - so the puppet client is installed at jumpstart/kickstart time As you can imaging, it will be time consuming. I think you might just have to accept the initial hit of work for the puppet goodness that will follow Regards John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Puppetmaster leaving files open with too many files open error
Nathan Clemons wrote: http://projects.puppetlabs.com/issues/3238 is the issue I was thinking of, but 3693 is probably a duplicate of that. These bugs have been open a really long time. Outside of lowering the MySQL timeout value, are there any workarounds for this problem? I can't really understand how Zynga can be managing as many hosts via Puppet as they do without being affected by a bug like this, unless they're not using stored configs (which would surprise me). Sadly, I don't know of any decent workarounds. I ended up rolling a rails-2.3.5 for EL-5 in the production instances I wanted to use storedconfigs. I would love to see a workaround or a patch for either the activerecord or puppet packages. I know that either way this can be fixed will get into EPEL shortly, as it's a very annoying bug that was introduced with the update from 0.24 to 0.25. -- ToddOpenPGP - KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~ I figure that if God actually does exist, He's big enough to understand an honest difference of opinion. -- Isaac Asimov pgpUKhQvrpn2A.pgp Description: PGP signature
Re: [Puppet Users] PC EU feedback: unpack array variables in string interpolation
What should this do? $array = [ one, two ] $greeting = [ hello, howdy ] @file { host_$array$greeting } or this? $array = [ one, two ] @file { $array_blah } seems like we would need delimiters host_${array}_${greeting} and some form of expansion control. Should it expand zipper-wise or combinatorially? Probably all of that belongs in functions, not in the resource or string syntax. -- vagn On 05/20/2011 04:15 PM, Randall Hansen wrote: http://projects.puppetlabs.com/issues/7598 If your goal is this (pseudo-code): @file { host_one } @file { host_two } You should be able to say this: $array = [ one, two ] @file { host_$array } Instead of this: @file { host_one, host_two } Please comment on the ticket or reply here, whichever you prefer. Thanks! r P.S. This is in response to feedback from my Improving the Puppet DSL session at Puppet Camp EU, 2011. This ticket isn't a promise we will take action, but we could very much like comment and discussion from you good people. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Puppetmaster leaving files open with too many files open error
I don't know how helpful this would be but for now I think I found a workaround of sorts for my small environment. I commented out the following in my puppet.conf... facts_terminus = inventory_active_record dbadapter = mysql dbname = puppet_inv dbuser = puppet_inv dbpassword = cabb0ac9ed925867f93587ccfb147ebf15dec8a3 dbserver = localhost dbsocket = /var/lib/mysql/mysql.sock I got rid of all that and after 2 days of puppetmaster running I only see a few entries when doing lsof | grep puppetmas rather than 100s. I'm also not doing stored configs but I think those lines above were still the problem as it was puppet interfacing with MySQL. What potential benefit would be lost from not using MySQL for facts_terminus ? - Trey On May 24, 7:17 pm, Todd Zullinger t...@pobox.com wrote: Nathan Clemons wrote: http://projects.puppetlabs.com/issues/3238is the issue I was thinking of, but 3693 is probably a duplicate of that. These bugs have been open a really long time. Outside of lowering the MySQL timeout value, are there any workarounds for this problem? I can't really understand how Zynga can be managing as many hosts via Puppet as they do without being affected by a bug like this, unless they're not using stored configs (which would surprise me). Sadly, I don't know of any decent workarounds. I ended up rolling a rails-2.3.5 for EL-5 in the production instances I wanted to use storedconfigs. I would love to see a workaround or a patch for either the activerecord or puppet packages. I know that either way this can be fixed will get into EPEL shortly, as it's a very annoying bug that was introduced with the update from 0.24 to 0.25. -- Todd OpenPGP - KeyID: 0xBEAF0CE3 | URL:www.pobox.com/~tmz/pgp ~~ I figure that if God actually does exist, He's big enough to understand an honest difference of opinion. -- Isaac Asimov application_pgp-signature_part 1KViewDownload -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Cross-module dependencies
I have a similar problem I can't seem to solve...here's what I'm trying to do. I have two modules, backuppc_client and sudo. Right now I have a node variable that I assign to each node that is used in the sudo module's template to add the necessary entry. For example ---manifests/node.pp node 'client1' { $backuppc_sudocmd = backupuser ALL=NOPASSWD: /usr/bin/rsync include baseclass include backuppc_client::base } ---modules/sudo/templates/sudoers.erb has... % if has_variable?(backuppc_sudocmd) then % %= backuppc_sudocmd % % end % Is there a way for the sudo module to find out or be aware if a client has the include backuppc_client in their definition? Basically I'd like the backuppc_client module's to alter the contents of sudoers file which I can't imagine how to do as sudoers is defined by the sudo module which is part of baseclass and applied to all systems. Thanks - Trey On May 23, 10:11 am, Nigel Kersten ni...@puppetlabs.com wrote: On Sun, May 22, 2011 at 11:06 PM, Matthew Macdonald-Wallace li...@truthisfreedom.org.uk wrote: Hi all, I've got modules for NGINX and PHP-FPM which are working fine, the issue I'm running into is that quite often NGinx will start before php-fpm is even installed. I'm wondering if there's a way in the nginx module to Require the PHP-FPM service is started as a dependency of the nginx service, something like the following: There's also the 'require' function which does an include and sets up Class - Class relationships. class nginx { service { 'nginx': require = Service['php-fpm::php-fpm'], running = true; } } Is this possible in puppet 0.25 on CentOS? Thanks in advance, Matt -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Nigel Kersten Product, Puppet Labs @nigelkersten -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Cross-module dependencies
On May 24, 2011, at 7:58 PM, treydock wrote: I have a similar problem I can't seem to solve...here's what I'm trying to do. I have two modules, backuppc_client and sudo. Right now I have a node variable that I assign to each node that is used in the sudo module's template to add the necessary entry. For example ---manifests/node.pp node 'client1' { $backuppc_sudocmd = backupuser ALL=NOPASSWD: /usr/bin/rsync include baseclass include backuppc_client::base } ---modules/sudo/templates/sudoers.erb has... % if has_variable?(backuppc_sudocmd) then % %= backuppc_sudocmd % % end % Is there a way for the sudo module to find out or be aware if a client has the include backuppc_client in their definition? Basically I'd like the backuppc_client module's to alter the contents of sudoers file which I can't imagine how to do as sudoers is defined by the sudo module which is part of baseclass and applied to all systems. First, do you have a /etc/sudoers.d/ directory? That would make things much easier. If not, you might want to look into puppet_concat which allows you to build fragments that can be templated to build your file. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.