Re: [Puppet Users] available built-in variables
On Thu, Jun 23, 2011 at 7:46 AM, Patrick patrick.hem...@gmail.com wrote: Is there anywhere that lists the available built-in variables aside from facter and http://docs.puppetlabs.com/guides/faq.html#are-there-variables-available-other-than-those-provided-by-facter ? Pretty sure that's it. You can dump all variables in scope via: notice(inline_template(%= scope.to_hash %)) This isn't perfect, but should give you the subset: (since facter value such as uptime changes, and in agent/master mode this is totally wrong unless it's on the same system) notice(inline_template(%= (scope.to_hash.to_a - Facter.to_hash.to_a).to_yaml %) This obviously will be different if the notice is in a module, a class, a define, $caller_module, $module_name would only be present if the notice is in the appropriate location. I'm referring to variables like $title and $name, which are mentioned by http://docs.puppetlabs.com/guides/language_guide.html#defined-resource-types, but are there any others? Anyhow this is what I got back using puppet apply (trimming some extras): - - clientversion - 2.6.4 (Puppet Enterprise 1.0) - - clientcert - pe-master.localdomain - - title - main - - name - main - - environment - production Thanks, Nan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet 2.6.9 2.7.1 packages for Solaris
For whatever reason I'm using the opensource packages from blastwave. AFAIU these are not to be mixed with opencsw. So I can't use your packages? regards, Andreas Mark Phillips wrote: CSW packages in experimental - http://buildfarm.opencsw.org/experimental.html#markp Both contain Dom Cleal's patched pkgutil[1] provider that supports 'source'[2] for -t alternative repositories. --Mark [1] https://github.com/domcleal/puppet/blob/tickets/master/8011/lib/puppet/provider/package/pkgutil.rb [2] http://projects.puppetlabs.com/issues/8011 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] howto trigger action on another client
Hi, I want to automate installation of GridEngine with puppet. GE comes with some prepared script for automatic installation. Unfortunately this is to be run on the GE master to install the executions host (=clients). (This then will run some commands on the exec host via ssh) So from puppet's perspective if an agent on an execution host notices that GE is not installed but should it has to tell the agent on the GE master to run the install script. Is there an easy (puppet) way to do it? My idea is to have the exec host write its name into a file hosts_to_install on a common NFS and have the master check that file. But maybe there are better ways. Does anybody here has some other GE related recipes? regards, Andreas -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Exported resources for DNS and DHCP
On 06/09/2011 06:46 PM, Daniel Pittman wrote:
On Thu, Jun 9, 2011 at 07:40, Jonathan Gazeley
jonathan.gaze...@bristol.ac.uk wrote:
I haven't used exported resources before, and I'm finding it a little
confusing.
Basically I want Puppet to know which of the servers have the DNS servers
class applied to them, so it can use these servers' IP addresses when it
generates the DHCP config.
This way, if we add or remove DNS servers, the DHCP is automatically
regenerated.
It doesn't sound too hard, but I can't quite see to achieve this. Can anyone
give me a few pointers, please?
Yeah. So, one of the current problems with storeconfigs is that it
only serves to inject resource declarations into another host. You
can't really manage the data itself, so you have to put *something*
physical somewhere to make it work.
When I had similar problems I took one of two approaches:
One, inject textual content into the target file directly, either
using 'file' resources and include statements in the configuration, or
using one of the concatenated file providers, and exporting /
importing a fragment from the DNS server to the DHCP server.
Thanks for your response, very helpful. I've only just got round to
finding time to work on this again. Please can you expand on the two
things you mentioned above - I'm not sure I fully understand.
At the moment we are using Puppet in a fairly noddy way, and I'm keen to
get to grips with its more advanced features.
Many thanks,
Jonathan
If neither of those worked, the other approach I took was painfully
indirect: export a file with the data, import that on the master, then
use the 'generate' function to extract that on the master when I built
the target system.
For example, on the DNS server, create this exported resource:
@@file { /datastore/dns-${fqdn}.data: content = ip =
${ipaddress}\n, tag = 'data' }
Then, on the master import that, and use a little Perl script to read
/datastore/dns-*.data, parse out the IP value, and inject that:
class dhcp {
$dns = generate('/u/l/bin/extract-data', 'dns', 'ip')
# ...and that is the data I need.
}
Regards,
Daniel
--
You received this message because you are subscribed to the Google Groups Puppet
Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet agent problem on Ubuntu
did you tried sudo pupetd --server=myserver --test
it will run puppet onetime as root and verbosely...
2011/6/21 John Nicholson vilvic.j...@gmail.com
I'm in the process of setting up puppet and experiencing some issues.
I'm running Ubuntu 11.04 desktop and server in two seperate VM's. I've
installed puppet master (2.6.4) and puppet (2.6.4). The puppet master
and agent are happily working together.
I'm running the example in the book Pro Puppet. This is the first
example;
Code:
class sudo {
package { sudo:
ensure = present,
}
if $operatingsystem == Ubuntu {
package { sudo-ldap:
ensure = present,
require = Package[sudo],
}
}
file { /etc/sudoers:
owner = root,
group = root,
mode = 0440,
source = puppet://$puppetserver/modules/sudo/etc/sudoers,
require = Package[sudo],
}
}
On the agent I run the following command;
puppet agent --server=myserver --no-daemonize --verbose --onetime
The agent see's the change but I get an error;
info: Caching catalog for agentServer
info: Applying configuration version '123456789'
err: /Stage[main]/Sudo/Package[sudo-ldap]/ensure: change from purged
to present
failed: Execution of '/usr/bin/apt-get -q -y -o DPkg::Options::=--
force-confold
install sudo-ldap' returned 100: E: Could not open lock file /var/lib/
dpkg/lock
- open (13: Permission denied)
E: Unable to lick the administration directory (/var/lib/dpkg/), are
you root?
I don't have another package manager open.
I understand what the problem is. The agent is being run as the
current logged in user and that user doesn't have permission to run
apt-get. Generally to run apt-get i have to do sudo apt-get.
I've thought about modifying the sudoers file and adding nopasswd for
my user (as suggested in other posts) for apt-get but that doesn't
solve the problem since the command in the puppet agent is not run
with sudo.
I understand if I run the puppet agent as a daemon then it runs as
user root which I guess would solve the problem. I'm not sure it's
best to run the agent as a daemon. I might want to control when the
agent pulls the updates from the puppet master (or through cron).
If I run;
sudo puppet agent --server=myserver --no-daemonize --verbose --
onetime
I get a different error;
err: Could not request certificate: Retrieved certificate does not
match private
key; please remove certificate from server and regenerate it with the
current key
I've tried removing the ssl certs from both the puppet master and
agent and run the command again. I get the same problem. When I remove
the sudo from the start of the command the puppet agent is happy with
the cert.
I though about adding my user to the root group as a test. Even when I
do that if I run apt-get update manually a permission denied. I
wondered if this has something to do with the root user being disabled
by default on Ubuntu.
I'm a novice when it comes to these sorts of things. Has anyone got
this working or have any suggestions of how I might solve this issue?
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: How to manage many nodes easily?
What a good solution! Thanks a lot!
2011/6/24 Nan Liu n...@puppetlabs.com
On Thu, Jun 23, 2011 at 7:43 PM, flex frostyn...@gmail.com wrote:
er...that's what we use now, but define and external node cannot use
together, we want to use external node to manage nodes configuration
easily,
so that's why i want to change all the define to class
ENC doesn't support resources, and defines are custom resources,
however we can still support ENC by defining this in an app class:
class app { $software ) {
app::deploy { $software: }
}
define app::deploy {
app:: add { $name:
path = /var/$name
}
}
node some_system {
class { app:
software = ['app1', 'app2', 'app3'],
}
}
ENC support for parametrized class was added in 2.6.5+. If you need to
pass custom parameters to the resource, use a hash or write a wrapper
class for create_resource function to handle any complex usage, and
that function can be backported from 2.7 to 2.6.x.
Thanks,
Nan
2011/6/23 Martin Alfke tux...@gmail.com
On 06/23/2011 11:52 AM, flex wrote:
But i think class is singletons, means when using class you can not
get
more than one copy of the resource, that's the biggest difference
between class and define.
Your example give a duplicate definition error in my environment.
So is this my fault or there another way?
You are right. Using class does not work here. But you can use a define
with parameters and call the define with parameters later on:
define application::add ($appname) {
file { /var/$appname:
ensure = directory,
}
}
node 'node1' {
application::add { app1: appname = app1 }
application::add { app3: appname = app3 }
}
node 'node2' {
application::add { app2: appname = app2 }
application::add { anyname: appname = app4 }
}
When calling the define you just have to make sure that the give name is
uniq.
2011/6/23 Martin Alfke tux...@gmail.com mailto:tux...@gmail.com
On Jun 23, 7:44 am, Martin Alfke tux...@gmail.com
mailto:tux...@gmail.com wrote:
On 06/23/2011 04:35 AM, flex wrote:
These is another question, i have many defines which will
apply
an
application to sepcified path, called as:
application::add { app1: path = /var/app1 }
by this i can apply app1 and app2 in node1, app3 and app4 in
node2, etc.
now, how do i switch this to a class? Need i create a seperate
class for
all the apps although the only difference is the path?
You can make use of parameterized classes:
class application::add($appname) {
path = '/var/${appname}',
...
}
Within your node definition you call the class with desired
parameter:
node 'node1' {
class application::add { appname = 'app1' }
class application::add { appname = 'app3' }
}
The mentioned usage of parameterized classes in node definition is
wrong.
See:
http://docs.puppetlabs.com/guides/language_guide.html#parameterised-classes
node 'node1' {
class { 'application::app': appname = 'app1' }
class { 'application::add': appname = 'app3' }
}
Kind regards,
Martin
2011/6/21 Chris Phillips ch...@untrepid.com
mailto:ch...@untrepid.com mailto:ch...@untrepid.com
mailto:ch...@untrepid.com
I would see a principle whereby nodes should not ever be
defined
within the manifest code at all. To me the manifests
should
be
written to be very generic, and then use ENC's to modify
their
behaviour at a user level. There is still a lot of
inconsistency
within Puppet as to how device specific data can be
obtained
(extlookup is very useful but rides roughshod over other
architectural principles) but I try to stick to keeping
all
manifests generic. I write manifests to manage a package,
then
create a group in dashboard to relate that function to a
business
need and then a node into that group.
On 21 June 2011 14:48, Martin Willemsma
mwillem...@gmail.com mailto:mwillem...@gmail.com
mailto:mwillem...@gmail.com mailto:mwillem...@gmail.com
wrote:
We use /etc/puppet/node-definitions/*.pp in site.pp
similar to
what Carles is saying.
[node-definitions] is a git repo thats being synced on
both
puppermasters. This happens on every push to origin
We use the
[Puppet Users] Puppet Class is applied but is not executed
Hi all, i' am having a strange problem with a puppet class, basically i wrote a small class, no special content (ensure packed is installed). I applied this class to a linuxbox with puppetclient 2.6.4 installed (and working for the other classes). So the problem if I'am forcing now the client to get the new configuration, it does it very well. No error's even with the debug option. In the /var/lib/puppet directory i take a look at the classes.txt and i find the new class inside. So i try to force en error with the class be doing a modifying the class and adding a parser error. Executing again on the linuxbox the puppet command, nothing happens. I would now expect a error. But it looks like puppet just doesn't executed this class. anyone a idea what i'am missing .. ? thanks Christian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Turn off client autoupdate
By default puppet node connects to server periodically and looks if there is something execute. I'm wondering is it possible to make puppet clients not connect to server themselves? So that it would be possible to update a node only with puppetrun nodename. --- WBR, Sergey -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Turn off client autoupdate
By default puppet node connects to server periodically and looks if there is something execute. I'm wondering is it possible to make puppet clients not connect to server themselves? So that it would be possible to update a node only with puppetrun nodename. --- WBR, Sergey -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet 2.6.9 2.7.1 packages for Solaris
I'm not sure what the deal is with sharing the /opt/csw space these days, so I'm afraid I can't comment on whether it will play ball or not. The dependency list isn't so large, so if you've got CSWruby on your machine you may find it all installs correctly. It's your choice I'm afraid Andreas - give it a go? Regards, --Mark On 24 Jun 2011, at 08:47, Andreas Kuntzagk wrote: For whatever reason I'm using the opensource packages from blastwave. AFAIU these are not to be mixed with opencsw. So I can't use your packages? regards, Andreas Mark Phillips wrote: CSW packages in experimental - http://buildfarm.opencsw.org/experimental.html#markp Both contain Dom Cleal's patched pkgutil[1] provider that supports 'source'[2] for -t alternative repositories. --Mark [1] https://github.com/domcleal/puppet/blob/tickets/master/8011/lib/puppet/provider/package/pkgutil.rb [2] http://projects.puppetlabs.com/issues/8011 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Turn off client autoupdate
Hello! By default puppet node connects to server periodically and looks if there is something execute. I'm wondering is it possible to make puppet clients not connect to server themselves? So that it would be possible to update a node only with puppetrun nodename. --- WBR, Sergey -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] implementing a 1-to-many exported resource only once ?
Hello, I would like to know if there is a (sane) way to allow multiple declarations of the same exported resource to result in only one instance of that resource being instantiated on a given node. Allow me to explain : - Node infra includes class syslog::server. - Definition syslog__naglog allows configuration snippets to be added to the syslog configuration. - Many nodes contain class snmpd. - Class snmpd calls definition syslog__naglog as an exported resource in the form @@syslog_naglog, thus there are multiple declarations for this resource across the ecosystem. - Class syslog::server realizes the exported resource in the forst Syslog__naglog ||. Now this will, predictably, result in a cannot override local resource problem. I could fix this by ensuring that each instantiation has a unique name (via $fqdn or some such), however, that would result in each node adding a configuration snippet to the syslog.conf on node infra, which is not in fact what I'm looking for. I'm looking for a way to say to node infra that since class snmpd is out there, somewhere, regardless of how many times, that one (and only one) configuration line should be added to the local syslog config - and I'd like to be able to do this from the snmpd class. I know that I could do it rather simply from class syslog::server (for example), but I'd like it to be dynamic - I'd like other modules to be able to trigger the addition of a given configuration snippet in the syslog config of node infra. Can this be done ? Is this realistic ? Is there another approach that would be better ? I would greatly appreciate any and all commentary. Thank you. -- Daniel Maher « makin' plans now to live on Mars 'cuz I got Earth on lock. » -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: howto trigger action on another client
jcbollinger wrote: On Jun 24, 3:14 am, Andreas Kuntzagk andreas.kuntz...@mdc-berlin.de wrote: Hi, I want to automate installation of GridEngine with puppet. GE comes with some prepared script for automatic installation. Unfortunately this is to be run on the GE master to install the executions host (=clients). (This then will run some commands on the exec host via ssh) So from puppet's perspective if an agent on an execution host notices that GE is not installed but should it has to tell the agent on the GE master to run the install script. Is there an easy (puppet) way to do it? My idea is to have the exec host write its name into a file hosts_to_install on a common NFS and have the master check that file. But maybe there are better ways. Does anybody here has some other GE related recipes? Exported resources are the Puppet means for one node to provide resources for another. In this case, the execution host could export an Exec resource for the master to collect and apply. Hmm, in the (very short) time I've been working with puppet I have not stumbled across exported resources. Any pointer where I should start reading? The tricky part might be to come up with an 'unless' parameter for it to ensure that the master does not attempt to install the execution host twice. This has the advantage that it does not rely on a shared file or indeed on NFS at all. It does entail a delay between when the execution host's configuration is applied and when GE is actually installed, however. I can live with that delay. The solution I proposed will probably have the same delay - between the puppet run on the exec host and the puppet run on the master. Your idea has merit too. It is certainly possible to use Puppet on the execution hosts to ensure (or not) that some accessible file has a specific line. There is no native resource for this narrow purpose (augeas notwithstanding), but you can find recipes on the PuppetLabs wiki. If you have no other need for exported resources then it may be to your advantage to avoid them. Yeah, I'm aware of addifnosuchline exec's and the like. Thanks, Andreas -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Turn off client autoupdate
Just disable the puppet agent / puppetd (depending on your version) in chkconfig / update-rc.d / etc. Further runs would then be done via ssh, either manually or via a distributed ssh command like ralsh, pdsh, clusterssh, etc. This is what we do at Livemocha; we're actually in the process of switching over to using MCollective to trigger Puppet runs. -- Nathan Clemons http://www.livemocha.com The worlds largest online language learning community On Fri, Jun 24, 2011 at 1:47 AM, Sergey V. Arlashin sergey...@gmail.comwrote: By default puppet node connects to server periodically and looks if there is something execute. I'm wondering is it possible to make puppet clients not connect to server themselves? So that it would be possible to update a node only with puppetrun nodename. --- WBR, Sergey -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] ssh_authorized_key and NIS user
I'm wondering if the User provider has the capability to look up accounts
via NIS. It's been a long time since I've used NIS, however, so I don't know
if this is the problem for sure.
--
Nathan Clemons
http://www.livemocha.com
The worlds largest online language learning community
On Fri, Jun 24, 2011 at 6:41 AM, Andreas Kuntzagk
andreas.kuntz...@mdc-berlin.de wrote:
I'm wondering if my description was not clear enough or nobody knows an
answer to this. Did I stumble across a bug here and should open a ticket?
regards, Andreas
Andreas Kuntzagk wrote:
Hi,
I have this resource definition:
ssh_authorized_key { nagios@login2:
key = [REDACTED]
user= nagios,
type= ssh-dss,
require = Service['nis'],
}
This nagios user comes from NIS, yp.conf and nsswitch.conf are handled by
puppet and configured before the key. I still get an User does not exist.
daemon.log:
...
Jun 17 14:00:57 node016 puppet-agent[1109]:
(/Stage[main]/All/File[/**localhome/nagios/]/ensure)
created
Jun 17 14:12:53 node016 puppet-agent[1109]: (/Stage[main]//Ssh_authorized_
**key[root@node002]/ensure) created
Jun 17 14:15:14 node016 puppet-agent[1109]:
(/Stage[main]//File[/etc/**idmapd.conf]/content)
content changed '{md5}**3e94f238294cc61b047e7ae50115df**fc' to '{md5}**
6d9c69f38eca81ab0f879c2771d5d5**43'
Jun 17 14:15:14 node016 puppet-agent[1109]: (/Stage[main]//Service[idmapd]
**/ensure) ensure changed 'stopped' to 'running'
Jun 17 14:15:14 node016 puppet-agent[1109]: (/Stage[main]//Service[idmapd]
**) Triggered 'refresh' from 1 events
Jun 17 14:15:41 node016 puppet-agent[1109]: (/Stage[main]/All/File[/etc/*
*yp.conf]/ensure) defined content as '{md5}**
9c23d37f431c0788c212d3c0ab8a48**af'
Jun 17 14:15:58 node016 puppet-agent[1109]: (/Stage[main]/All/All::Append_
**if_no_such_line[sudoers_**nagios_smartctl]/Exec[/bin/**echo 'nagios
ALL=(root) NOPASSWD: /usr/sbin/smartctl' '/etc/sudoers']/returns)
executed su
ccessfully
Jun 17 14:17:03 node016 puppet-agent[1109]: (/Stage[main]//Package[nis]/*
*ensure) ensure changed 'purged' to 'latest'
Jun 17 14:17:39 node016 puppet-agent[1109]: (/Stage[main]/All/File[/etc/*
*nsswitch.conf]/content) content changed '{md5}**
295c15c4bdac80e50b37689ef08f35**9c' to '{md5}**
250a1851aec43bcc5f73e8a01b2141**bd'
Jun 17 14:17:43 node016 puppet-agent[1109]: (/Stage[main]/All/Service[nis]
**) Triggered 'refresh' from 4 events
Jun 17 14:17:50 node016 puppet-agent[1109]: (/Stage[main]//Ssh_authorized_
**key[nagios@login2]/ensure) created
Jun 17 14:17:50 node016 puppet-agent[1109]: (/Stage[main]//Ssh_authorized_
**key[nagios@login2]) Could not evaluate: User 'nagios' does not exist
Jun 17 14:18:06 node016 puppet-agent[1109]: (/Whit[last]) Dependency
Ssh_authorized_key[nagios@**login2] has failures: true
...
This is Ubuntu 10.04 with puppet 2.6.8
regards, Andreas
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to puppet-users+unsubscribe@**
googlegroups.com puppet-users%2bunsubscr...@googlegroups.com.
For more options, visit this group at http://groups.google.com/**
group/puppet-users?hl=enhttp://groups.google.com/group/puppet-users?hl=en
.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Turn off client autoupdate
And how is it possible to connect to puppet client via ssh? I mean I usually issue puppetrun nodename and then puppetmaster connects to puppet client on the client node. What should I do in case of ssh connect? --- WBR, Sergey On Jun 24, 2011, at 6:10 PM, Nathan Clemons wrote: Just disable the puppet agent / puppetd (depending on your version) in chkconfig / update-rc.d / etc. Further runs would then be done via ssh, either manually or via a distributed ssh command like ralsh, pdsh, clusterssh, etc. This is what we do at Livemocha; we're actually in the process of switching over to using MCollective to trigger Puppet runs. -- Nathan Clemons http://www.livemocha.com The worlds largest online language learning community On Fri, Jun 24, 2011 at 1:47 AM, Sergey V. Arlashin sergey...@gmail.com wrote: By default puppet node connects to server periodically and looks if there is something execute. I'm wondering is it possible to make puppet clients not connect to server themselves? So that it would be possible to update a node only with puppetrun nodename. --- WBR, Sergey -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] IP address evenness as an identifier
For my puppet-managed servers, I want roughly half to use nameserver1 followed by nameserver2, and the other half to use nameserver2 in preference to nameserver1. The most reliable and simplest way I can think of doing this is to look at the last octet of the IP address, test whether it is even or odd, and apply different nameservers accordingly. Two questions: how would this be easily achieved in a manifest, and is there a better way? :) Cheers, Jonathan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: howto trigger action on another client
Daniel Maher wrote: On 06/24/2011 03:39 PM, Andreas Kuntzagk wrote: Exported resources are the Puppet means for one node to provide resources for another. In this case, the execution host could export an Exec resource for the master to collect and apply. Hmm, in the (very short) time I've been working with puppet I have not stumbled across exported resources. Any pointer where I should start reading? Exported resources are great fun. :) http://docs.puppetlabs.com/guides/exported_resources.html http://projects.puppetlabs.com/projects/1/wiki/Using_Stored_Configuration According to these exported resources are somewhat similar to virtual resources. Problem is until now I cannot wrap my brain arount virtual resources so I don't understand the exported resources examples. regards, Andreas -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] ssh_authorized_key and NIS user
Its just using the Ruby Etc library to do the lookup according to
puppet/util/posix.rb. Which won't match NIS accounts. So I'd raise a
feature request if you want this support.
You can work around this by using something like:
$username = bob
ssh_authorized_key { keyfor-${username}:
key = ...,
target = /user/home/dirs/${username}/.ssh/authorized_keys,
}
The issue being you need prior knowledge of path to the key. You can
glean this by producing a fact that uses something like 'getent'
instead of /etc/passwd - but this is less then optimal.
ken.
On Fri, Jun 24, 2011 at 3:13 PM, Nathan Clemons nat...@livemocha.com wrote:
I'm wondering if the User provider has the capability to look up accounts
via NIS. It's been a long time since I've used NIS, however, so I don't know
if this is the problem for sure.
--
Nathan Clemons
http://www.livemocha.com
The worlds largest online language learning community
On Fri, Jun 24, 2011 at 6:41 AM, Andreas Kuntzagk
andreas.kuntz...@mdc-berlin.de wrote:
I'm wondering if my description was not clear enough or nobody knows an
answer to this. Did I stumble across a bug here and should open a ticket?
regards, Andreas
Andreas Kuntzagk wrote:
Hi,
I have this resource definition:
ssh_authorized_key { nagios@login2:
key = [REDACTED]
user = nagios,
type = ssh-dss,
require = Service['nis'],
}
This nagios user comes from NIS, yp.conf and nsswitch.conf are handled by
puppet and configured before the key. I still get an User does not exist.
daemon.log:
...
Jun 17 14:00:57 node016 puppet-agent[1109]:
(/Stage[main]/All/File[/localhome/nagios/]/ensure) created
Jun 17 14:12:53 node016 puppet-agent[1109]:
(/Stage[main]//Ssh_authorized_key[root@node002]/ensure) created
Jun 17 14:15:14 node016 puppet-agent[1109]:
(/Stage[main]//File[/etc/idmapd.conf]/content) content changed
'{md5}3e94f238294cc61b047e7ae50115dffc' to
'{md5}6d9c69f38eca81ab0f879c2771d5d543'
Jun 17 14:15:14 node016 puppet-agent[1109]:
(/Stage[main]//Service[idmapd]/ensure) ensure changed 'stopped' to 'running'
Jun 17 14:15:14 node016 puppet-agent[1109]:
(/Stage[main]//Service[idmapd]) Triggered 'refresh' from 1 events
Jun 17 14:15:41 node016 puppet-agent[1109]:
(/Stage[main]/All/File[/etc/yp.conf]/ensure) defined content as
'{md5}9c23d37f431c0788c212d3c0ab8a48af'
Jun 17 14:15:58 node016 puppet-agent[1109]:
(/Stage[main]/All/All::Append_if_no_such_line[sudoers_nagios_smartctl]/Exec[/bin/echo
'nagios ALL=(root) NOPASSWD: /usr/sbin/smartctl' '/etc/sudoers']/returns)
executed su
ccessfully
Jun 17 14:17:03 node016 puppet-agent[1109]:
(/Stage[main]//Package[nis]/ensure) ensure changed 'purged' to 'latest'
Jun 17 14:17:39 node016 puppet-agent[1109]:
(/Stage[main]/All/File[/etc/nsswitch.conf]/content) content changed
'{md5}295c15c4bdac80e50b37689ef08f359c' to
'{md5}250a1851aec43bcc5f73e8a01b2141bd'
Jun 17 14:17:43 node016 puppet-agent[1109]:
(/Stage[main]/All/Service[nis]) Triggered 'refresh' from 4 events
Jun 17 14:17:50 node016 puppet-agent[1109]:
(/Stage[main]//Ssh_authorized_key[nagios@login2]/ensure) created
Jun 17 14:17:50 node016 puppet-agent[1109]:
(/Stage[main]//Ssh_authorized_key[nagios@login2]) Could not evaluate: User
'nagios' does not exist
Jun 17 14:18:06 node016 puppet-agent[1109]: (/Whit[last]) Dependency
Ssh_authorized_key[nagios@login2] has failures: true
...
This is Ubuntu 10.04 with puppet 2.6.8
regards, Andreas
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: howto trigger action on another client
Another mechanism. You can use mcollective and this resource to
trigger mco calls inside puppet:
https://github.com/ripienaar/puppet-mcollective
The resource acts like an exec ... and can be refreshed and notified.
For example:
file {/tmp/foo1:
# content = foo,
content = inline_template(%= Time.now %),
notify = Mcollective[test1],
}
mcollective {test1:
agent = service,
action = restart,
arguments = {
service = rsyslog,
},
identity_filter = [puppet1],
disctimeout = 3,
timeout = 10,
refreshonly = true,
}
Just make an mcollective plugin for adding new clients on your master
and trigger it this way.
ken.
On Fri, Jun 24, 2011 at 3:18 PM, Andreas Kuntzagk
andreas.kuntz...@mdc-berlin.de wrote:
Daniel Maher wrote:
On 06/24/2011 03:39 PM, Andreas Kuntzagk wrote:
Exported resources are the Puppet means for one node to provide
resources for another. In this case, the execution host could export
an Exec resource for the master to collect and apply.
Hmm, in the (very short) time I've been working with puppet I have not
stumbled across exported resources. Any pointer where I should start
reading?
Exported resources are great fun. :)
http://docs.puppetlabs.com/guides/exported_resources.html
http://projects.puppetlabs.com/projects/1/wiki/Using_Stored_Configuration
According to these exported resources are somewhat similar to virtual
resources. Problem is until now I cannot wrap my brain arount virtual
resources so I don't understand the exported resources examples.
regards, Andreas
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Turn off client autoupdate
I concur. Using mcollective to trigger Puppet is sweet. ken. On Fri, Jun 24, 2011 at 3:31 PM, Daniel Maher dma...@milestonelab.com wrote: On 06/24/2011 04:10 PM, Nathan Clemons wrote: This is what we do at Livemocha; we're actually in the process of switching over to using MCollective to trigger Puppet runs. By way of a vote of confidence, we made the switch to MC-triggered Puppet runs a few months ago and have been very happy with the result. Implementing Puppet Commander[1] in order to manage the trigger events was about as straightforward as it gets ! [1] http://projects.puppetlabs.com/projects/mcollective-plugins/wiki/ToolPuppetcommander -- Daniel Maher « makin' plans now to live on Mars 'cuz I got Earth on lock. » -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] ssh_authorized_key and NIS user
Ken Barber wrote:
Its just using the Ruby Etc library to do the lookup according to
puppet/util/posix.rb. Which won't match NIS accounts. So I'd raise a
feature request if you want this support.
its #8081
You can work around this by using something like:
$username = bob
ssh_authorized_key { keyfor-${username}:
key = ...,
target = /user/home/dirs/${username}/.ssh/authorized_keys,
}
Will look into this.
The issue being you need prior knowledge of path to the key.
For my simple usecase this is not a problem. (At least atm. I don't see one.)
Thanks, Andreas
glean this by producing a fact that uses something like 'getent'
instead of /etc/passwd - but this is less then optimal.
ken.
On Fri, Jun 24, 2011 at 3:13 PM, Nathan Clemons nat...@livemocha.com wrote:
I'm wondering if the User provider has the capability to look up accounts
via NIS. It's been a long time since I've used NIS, however, so I don't know
if this is the problem for sure.
--
Nathan Clemons
http://www.livemocha.com
The worlds largest online language learning community
On Fri, Jun 24, 2011 at 6:41 AM, Andreas Kuntzagk
andreas.kuntz...@mdc-berlin.de wrote:
I'm wondering if my description was not clear enough or nobody knows an
answer to this. Did I stumble across a bug here and should open a ticket?
regards, Andreas
Andreas Kuntzagk wrote:
Hi,
I have this resource definition:
ssh_authorized_key { nagios@login2:
key = [REDACTED]
user= nagios,
type= ssh-dss,
require = Service['nis'],
}
This nagios user comes from NIS, yp.conf and nsswitch.conf are handled by
puppet and configured before the key. I still get an User does not exist.
daemon.log:
...
Jun 17 14:00:57 node016 puppet-agent[1109]:
(/Stage[main]/All/File[/localhome/nagios/]/ensure) created
Jun 17 14:12:53 node016 puppet-agent[1109]:
(/Stage[main]//Ssh_authorized_key[root@node002]/ensure) created
Jun 17 14:15:14 node016 puppet-agent[1109]:
(/Stage[main]//File[/etc/idmapd.conf]/content) content changed
'{md5}3e94f238294cc61b047e7ae50115dffc' to
'{md5}6d9c69f38eca81ab0f879c2771d5d543'
Jun 17 14:15:14 node016 puppet-agent[1109]:
(/Stage[main]//Service[idmapd]/ensure) ensure changed 'stopped' to 'running'
Jun 17 14:15:14 node016 puppet-agent[1109]:
(/Stage[main]//Service[idmapd]) Triggered 'refresh' from 1 events
Jun 17 14:15:41 node016 puppet-agent[1109]:
(/Stage[main]/All/File[/etc/yp.conf]/ensure) defined content as
'{md5}9c23d37f431c0788c212d3c0ab8a48af'
Jun 17 14:15:58 node016 puppet-agent[1109]:
(/Stage[main]/All/All::Append_if_no_such_line[sudoers_nagios_smartctl]/Exec[/bin/echo
'nagios ALL=(root) NOPASSWD: /usr/sbin/smartctl' '/etc/sudoers']/returns)
executed su
ccessfully
Jun 17 14:17:03 node016 puppet-agent[1109]:
(/Stage[main]//Package[nis]/ensure) ensure changed 'purged' to 'latest'
Jun 17 14:17:39 node016 puppet-agent[1109]:
(/Stage[main]/All/File[/etc/nsswitch.conf]/content) content changed
'{md5}295c15c4bdac80e50b37689ef08f359c' to
'{md5}250a1851aec43bcc5f73e8a01b2141bd'
Jun 17 14:17:43 node016 puppet-agent[1109]:
(/Stage[main]/All/Service[nis]) Triggered 'refresh' from 4 events
Jun 17 14:17:50 node016 puppet-agent[1109]:
(/Stage[main]//Ssh_authorized_key[nagios@login2]/ensure) created
Jun 17 14:17:50 node016 puppet-agent[1109]:
(/Stage[main]//Ssh_authorized_key[nagios@login2]) Could not evaluate: User
'nagios' does not exist
Jun 17 14:18:06 node016 puppet-agent[1109]: (/Whit[last]) Dependency
Ssh_authorized_key[nagios@login2] has failures: true
...
This is Ubuntu 10.04 with puppet 2.6.8
regards, Andreas
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups Puppet
Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] IP address evenness as an identifier
On Jun 24, 2011, at 7:15 AM, Jonathan Gazeley wrote:
For my puppet-managed servers, I want roughly half to use nameserver1
followed by nameserver2, and the other half to use nameserver2 in preference
to nameserver1.
The most reliable and simplest way I can think of doing this is to look at
the last octet of the IP address, test whether it is even or odd, and apply
different nameservers accordingly.
Two questions: how would this be easily achieved in a manifest, and is there
a better way? :)
I would probably create a custom fact for this
IP_ADDR=192.168.10.21
y=#{IP_ADDR}.split('.')[3].to_i).divmod(2)[1]
puts y
something like...
$resolv.conf_pool = resolv.conf-pool-A
#{IP_ADDR}.split('.')[3].to_i).divmod(2)[1] == 0 ? resolv.conf-pool-A :
resolv.conf-pool-B
and then 'source' the actual resolv.conf file per pool-A or pool-B result
Should be relatively easy to create.
--
Craig White ~~ craig.wh...@ttiltd.com
1.800.869.6908 ~~~ www.ttiassessments.com
Need help communicating between generations at work to achieve your desired
success? Let us help!
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Package pre-requisites prior to file exec
On Jun 23, 2011, at 6:17 PM, Nigel Kersten wrote:
On Thu, Jun 23, 2011 at 4:07 PM, Craig White craig.wh...@ttiltd.com wrote:
class nginx::install {
$prerequisites = [ build-essential, libcurl4-openssl-dev, libssl-dev,
zlib1g-dev ]
case $operatingsystem {
centos, redhat: {
}
debian, ubuntu: {
package { $prerequisites : ensure = installed :
ensure = present {
exec { Installing nginx via passenger:
path= /bin:/usr/bin,
environment = HOME=/root,
command = passenger-install-nginx-module --auto-download
--auto,
user= root,
group = root,
unless = ls -l /opt | grep nginx,
logoutput = on_failure,
}
}
file {/etc/init.d/nginx:
source = puppet:///modules/nginx/nginx-initd,
owner = root,
group = root,
mode= 755,
require = Class[nginx::install],
notify = Class[nginx::service],
}
}
}
}
}
The above has a syntax error on line 7 and the catalog won't build but
essentially I want to 'ensure' that the pre-requsite packages are installed
prior to attempting to execute the command (because if the pre-requisites
aren't there, the command will fail).
That definitely won't compile :)
You should be able to just declare the exec and package(s) resources
separately and define a relationship, like:
exec { Installing nginx via passenger:
path= /bin:/usr/bin,
environment = HOME=/root,
command = passenger-install-nginx-module --auto-download --auto,
user= root,
group = root,
unless = ls -l /opt | grep nginx,
logoutput = on_failure,
require = Package[$prerequisites],
}
That last line should work for you. Otherwise you could define it the
opposite way around:
package { $prerequisites:
ensure = installed,
before = Exec[Installing nginx via passenger],
}
Both those methods should work, but I have a vague memory of the first
method failing in a point release or two.
What version of Puppet are you running? You may have a much clearer
way of expressing the conditional you're using than the somewhat messy
case statement you're using at the moment.
puppet 2.6.8
Your first example would necessitate creating installation class for those
pre-requisite packages which I was hoping to just slide by without doing. In
fact, my way that I did it sort of worked with a little tweaking but it seemed
to try to install nginx before the pre-requisite packages so the first tine
through, it would time out on the command but load the pre-requisite packages
afterwards and then the second time through, it would install via the command
which was messy.
this is where I am at at the moment...
class nginx::install {
case $operatingsystem {
centos, redhat: {
}
debian, ubuntu: {
exec { Installing nginx via passenger:
path= /bin:/usr/bin,
environment = HOME=/root,
command = passenger-install-nginx-module --auto-download
--auto,
user= root,
group = root,
unless = ls -l /opt | grep nginx,
logoutput = on_failure,
require = Class[gems::passenger, nginx::prerequisites]
}
}
}
}
and still the 'require' doesn't seem to be executed prior to evaluating the
'command' to exec - which still gives me issues.
Craig
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Turn off client autoupdate
Under 0.25, we do puppet --onetime --no-daemonize. I'm not sure if that syntax changed in 2.6.x and above. -- Nathan Clemons http://www.livemocha.com The worlds largest online language learning community On Fri, Jun 24, 2011 at 7:14 AM, sergey sergey...@gmail.com wrote: And how is it possible to connect to puppet client via ssh? I mean I usually issue puppetrun nodename and then puppetmaster connects to puppet client on the client node. What should I do in case of ssh connect? --- WBR, Sergey On Jun 24, 2011, at 6:10 PM, Nathan Clemons wrote: Just disable the puppet agent / puppetd (depending on your version) in chkconfig / update-rc.d / etc. Further runs would then be done via ssh, either manually or via a distributed ssh command like ralsh, pdsh, clusterssh, etc. This is what we do at Livemocha; we're actually in the process of switching over to using MCollective to trigger Puppet runs. -- Nathan Clemons http://www.livemocha.com The worlds largest online language learning community On Fri, Jun 24, 2011 at 1:47 AM, Sergey V. Arlashin sergey...@gmail.comwrote: By default puppet node connects to server periodically and looks if there is something execute. I'm wondering is it possible to make puppet clients not connect to server themselves? So that it would be possible to update a node only with puppetrun nodename. --- WBR, Sergey -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Package pre-requisites prior to file exec
Nevermind... under control - thanks for the fish
Craig
On Jun 24, 2011, at 9:26 AM, Craig White wrote:
On Jun 23, 2011, at 6:17 PM, Nigel Kersten wrote:
On Thu, Jun 23, 2011 at 4:07 PM, Craig White craig.wh...@ttiltd.com wrote:
class nginx::install {
$prerequisites = [ build-essential, libcurl4-openssl-dev, libssl-dev,
zlib1g-dev ]
case $operatingsystem {
centos, redhat: {
}
debian, ubuntu: {
package { $prerequisites : ensure = installed :
ensure = present {
exec { Installing nginx via passenger:
path= /bin:/usr/bin,
environment = HOME=/root,
command = passenger-install-nginx-module --auto-download
--auto,
user= root,
group = root,
unless = ls -l /opt | grep nginx,
logoutput = on_failure,
}
}
file {/etc/init.d/nginx:
source = puppet:///modules/nginx/nginx-initd,
owner = root,
group = root,
mode= 755,
require = Class[nginx::install],
notify = Class[nginx::service],
}
}
}
}
}
The above has a syntax error on line 7 and the catalog won't build but
essentially I want to 'ensure' that the pre-requsite packages are installed
prior to attempting to execute the command (because if the pre-requisites
aren't there, the command will fail).
That definitely won't compile :)
You should be able to just declare the exec and package(s) resources
separately and define a relationship, like:
exec { Installing nginx via passenger:
path= /bin:/usr/bin,
environment = HOME=/root,
command = passenger-install-nginx-module --auto-download --auto,
user= root,
group = root,
unless = ls -l /opt | grep nginx,
logoutput = on_failure,
require = Package[$prerequisites],
}
That last line should work for you. Otherwise you could define it the
opposite way around:
package { $prerequisites:
ensure = installed,
before = Exec[Installing nginx via passenger],
}
Both those methods should work, but I have a vague memory of the first
method failing in a point release or two.
What version of Puppet are you running? You may have a much clearer
way of expressing the conditional you're using than the somewhat messy
case statement you're using at the moment.
puppet 2.6.8
Your first example would necessitate creating installation class for those
pre-requisite packages which I was hoping to just slide by without doing. In
fact, my way that I did it sort of worked with a little tweaking but it
seemed to try to install nginx before the pre-requisite packages so the first
tine through, it would time out on the command but load the pre-requisite
packages afterwards and then the second time through, it would install via
the command which was messy.
this is where I am at at the moment...
class nginx::install {
case $operatingsystem {
centos, redhat: {
}
debian, ubuntu: {
exec { Installing nginx via passenger:
path= /bin:/usr/bin,
environment = HOME=/root,
command = passenger-install-nginx-module --auto-download
--auto,
user= root,
group = root,
unless = ls -l /opt | grep nginx,
logoutput = on_failure,
require = Class[gems::passenger, nginx::prerequisites]
}
}
}
}
and still the 'require' doesn't seem to be executed prior to evaluating the
'command' to exec - which still gives me issues.
Craig
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Package pre-requisites prior to file exec
On Fri, Jun 24, 2011 at 10:38 AM, Craig White craig.wh...@ttiltd.com wrote: Nevermind... under control - thanks for the fish Heh. Great timing, I was just typing up a reply. Craig, I'd appreciate it if we could try and work out what led you down the wrong path in terms of syntax so we can try to make sure it doesn't happen for other people learning Puppet in the future. I'd be more than happy to have an off-list chat if needed. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: New Puppet report processors...
Ok, here's the report processor to send events to Zenoss, based off
James' Zendesk module.
https://github.com/donjohnson/puppet-zenoss
-Don
Release Engineer / Toolsmith, VerticalResponse
On Wed, Jun 8, 2011 at 6:09 PM, Don auder...@gmail.com wrote:
Thanks for the help off-list, James.
here's the stub I'm using to check if the log is error-ful, inside of
process():
def process
failure = false
#iterate through each log object and look for failures
self.logs.each do |log|
if log.level.to_s == 'err' || 'alert' || 'emerg' || 'crit'
failure = true
end
end
if failure
Puppet.debug Creating Zenoss event for failed run on #{self.host}.
###
This definitely costs a few more cycles than with 2.6.5+.
I'll publish the rest of the Zenoss processor on github tomorrow or Friday.
-Don
On Wed, Jun 8, 2011 at 5:23 PM, James Turnbull ja...@puppetlabs.com wrote:
Don wrote:
I'm running 2.6.4 on the master client. pluginsync is true on both,
and reports = zenoss only on the master for this test.
Why is self.status not working in this case?
The issue is that status is only available in the V2 report format in
Puppet 2.6.5 and onwards. Before this you need to check for err tags
to find failed runs.
Regards
James Turnbull
--
James Turnbull
Puppet Labs
1-503-734-8571
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Turn off client autoupdate
On Jun 24, 9:14 am, sergey sergey...@gmail.com wrote: And how is it possible to connect to puppet client via ssh? I mean I usually issue puppetrun nodename and then puppetmaster connects to puppet client on the client node. What should I do in case of ssh connect? One does not connect to the puppet client *software*; rather, one connectes to the puppet client *machine*. The software (puppetd or puppet agent, depending on the version) is after all not running as a daemon. Once connected, you execute a command such as puppet agent -- onetime --no-daemonize. If you wish to use it, command-line ssh clients typically provide a means to specify a command to run on the remote machine instead of a login shell (e.g. puppet agent [...]); this is convenient for scripting. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Turn off client autoupdate
Thank you! --- WBR, Sergey On Jun 24, 2011, at 10:29 PM, jcbollinger wrote: you wish to use it, command-line ssh clients typically provide a means to specify a command to run on the remote machine instead of a login shell (e.g. puppet agent [...]); this is convenient for scripting. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Package pre-requisites prior to file exec
On Jun 24, 2011, at 10:42 AM, Nigel Kersten wrote: On Fri, Jun 24, 2011 at 10:38 AM, Craig White craig.wh...@ttiltd.com wrote: Nevermind... under control - thanks for the fish Heh. Great timing, I was just typing up a reply. Craig, I'd appreciate it if we could try and work out what led you down the wrong path in terms of syntax so we can try to make sure it doesn't happen for other people learning Puppet in the future. I'd be more than happy to have an off-list chat if needed. I don't think anything is wrong with the documentation - I probably bit off a very complicated use case before I had my understanding up to speed. This has taught me much though. I am trying to make apache co-exist with nginx which is difficult enough (managing ports, virtual host conf) but we are also using gems for things like nginx which add to the complexity. I suspect that some may be interested in what I finally work out (and I'm maybe another 4-6 hours away from completing this). What I didn't realize was that in my process of flailing for answers, I failed to preserve an intermediate configuration that semi-worked and so I reverted to the file that I posted to the list yesterday which failed to account for ruby being in /usr/local (ruby-enterprise) and so I was getting failures because it couldn't find the command. This was clearly my issue and it had me going for a while. Anyway, I've only been at this since Monday and I am quite pleased. I have managed to add some custom 'facts', get some pretty complicated chaining of package installations, work through some reasonably sophisticated templates so that things like apache nginx config files, sysv initscripts, virtual hosts are all delivered with a high enough level of flexibility for mods, rewrite rules, etc. for each vhost. Thanks again Craig -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: IP address evenness as an identifier
On Jun 24, 9:15 am, Jonathan Gazeley jonathan.gaze...@bristol.ac.uk wrote: For my puppet-managed servers, I want roughly half to use nameserver1 followed by nameserver2, and the other half to use nameserver2 in preference to nameserver1. The most reliable and simplest way I can think of doing this is to look at the last octet of the IP address, test whether it is even or odd, and apply different nameservers accordingly. Two questions: how would this be easily achieved in a manifest, and is there a better way? :) If your name resolver supports it then you could put options rotate into every /etc/resolv.conf (or add 'rotate' to the existing options) so that all hosts alternate which name server they query first. If that works for you at all then it should do a better job of spreading out the name service load than would tweaking the name server listing order on some of your machines. It's also a lot easier to code in your manifests. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: New Puppet report processors...
I'm psyched... I think I have my boss almost ready to implement Zenoss and
still only see small benefits to using Dashboard.
Craig
On Jun 24, 2011, at 10:53 AM, Don wrote:
Ok, here's the report processor to send events to Zenoss, based off
James' Zendesk module.
https://github.com/donjohnson/puppet-zenoss
-Don
Release Engineer / Toolsmith, VerticalResponse
On Wed, Jun 8, 2011 at 6:09 PM, Don auder...@gmail.com wrote:
Thanks for the help off-list, James.
here's the stub I'm using to check if the log is error-ful, inside of
process():
def process
failure = false
#iterate through each log object and look for failures
self.logs.each do |log|
if log.level.to_s == 'err' || 'alert' || 'emerg' || 'crit'
failure = true
end
end
if failure
Puppet.debug Creating Zenoss event for failed run on #{self.host}.
###
This definitely costs a few more cycles than with 2.6.5+.
I'll publish the rest of the Zenoss processor on github tomorrow or Friday.
-Don
On Wed, Jun 8, 2011 at 5:23 PM, James Turnbull ja...@puppetlabs.com wrote:
Don wrote:
I'm running 2.6.4 on the master client. pluginsync is true on both,
and reports = zenoss only on the master for this test.
Why is self.status not working in this case?
The issue is that status is only available in the V2 report format in
Puppet 2.6.5 and onwards. Before this you need to check for err tags
to find failed runs.
Regards
James Turnbull
--
James Turnbull
Puppet Labs
1-503-734-8571
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
Craig White ~~ craig.wh...@ttiltd.com
1.800.869.6908 ~~~ www.ttiassessments.com
Need help communicating between generations at work to achieve your desired
success? Let us help!
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Turn off client autoupdate
On Fri, 24 Jun 2011 01:47:56 -0700, Sergey V. Arlashin wrote: By default puppet node connects to server periodically and looks if there is something execute. I'm wondering is it possible to make puppet clients not connect to server themselves? So that it would be possible to update a node only with puppetrun nodename. --- WBR, Sergey You'd probably be interested in #4411[1] and #3313[2]. Specifically, it looks like the way you should be able to do this is by specifying listen=true and client=false, but there appears to be a bug with the agent that makes client=false not actually work, but (--no-client on the command line does work). :-/ [1] http://projects.puppetlabs.com/issues/4411 [2] http://projects.puppetlabs.com/issues/3313 -- Jacob Helwig signature.asc Description: Digital signature
[Puppet Users] Enable yum repositories as needed
Hi All,
I'm new to puppet and I'm having some difficulty enabling and disabling yum
repositories on an as needed basis and I was wondering if you all might be able
to provide me with some assistance. I've been able to get puppet to configure
a yum repository, I'm going to use EPEL as an example here but I'd like it for
all, by creating a class called epel.pp containing
class epel {
yumrepo { epel: descr = Extra Packages for Enterprise Linux \$releasever
- \$basearch, baseurl =
http://mirror.its.sfu.ca/mirror/CentOS-Third-Party/epel/\$releasever/\$basearch;,
gpgcheck = 1, gpgkey =
http://mirror.its.sfu.ca/mirror/CentOS-Third-Party/epel/RPM-GPG-KEY-EPEL;,
enabled=0 }
}
and it does create and populate the /etc/yum.repos.d/epel.repo file with this
information. Now I want to be able to install ganglia-gmond automatically from
this repository but I can't figure out how to enable and disable the repo
afterwards? Can anyone please provide an example of how something like this
may be accomplished?
--
James A. Peltier
IT Services - Research Computing Group
Simon Fraser University - Burnaby Campus
Phone : 778-782-6573
Fax : 778-782-3045
E-Mail : jpelt...@sfu.ca
Website : http://www.sfu.ca/itservices
http://blogs.sfu.ca/people/jpeltier
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: ssh_authorized_key and NIS user
On Jun 24, 9:13 am, Nathan Clemons nat...@livemocha.com wrote:
I'm wondering if the User provider has the capability to look up accounts
via NIS. It's been a long time since I've used NIS, however, so I don't know
if this is the problem for sure.
The default provider for RedHat / Fedora / CentOS does not recognize
NIS users. I don't know about other providers, but I suspect that
most don't recognize them. I use a custom provider here that assumes
the compat scheme for specifying NIS users in /etc/passwd. If
you're using NIS the other (default) way then no User provider can
manage NIS users because there is no local representation to manage.
With that said, it's not obvious that any User provider is involved at
all. A provider would come into the mix if you were managing the
nagios user itself, but it doesn't look like you're doing that.
Perhaps since user 'nagios' is unmanaged, however, Ssh_authorized_key
is using the default User provider to check for its existence. That's
not exactly right, but I can't think of anything better.
If it is a provider issue and you're using NIS in the default manner,
then you could perhaps write a simple(-ish) povider that enumerates
existing users without any ability to modify them or create new ones.
You would then add this to your manifest:
user { nagios:
provider = nisuser,
ensure = present,
before = Ssh_authorized_key [ nagios@login2 ]
}
That's a significant amount of work, however, especially given that it
is not clear whether it would actually solve the problem. But if
you've been itching to try creating a custom provider then here's an
excuse.
John
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] could not find dependency Class
err: Could not run Puppet configuration client: Could not find dependency
Class[Nginx::Install] for File[/opt/nginx/nginx.conf] at
/etc/puppet/modules/nginx/manifests/configure.pp:24
perhaps this is because this is coming not from a class but from a define...
# pwd /etc/puppet/modules/nginx/manifests
# cat init.pp
class nginx {
include nginx::install, nginx::service, nginx::prerequisites
}
# cat configure.pp
define nginx::configure(
$ip=*,
$port=80,
$ssl=false,
$ssl_certificate=cert.pem,
$ssl_certificate_key=cert.key,
$ssl_session_timeout=5m,
$ssl_protocols=SSLv2 SSLv3 TLSv1,
$ssl_ciphers=ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP,
$ssl_prefer_server_ciphers=on,
$template_conf='nginx/nginx.conf.erb')
{
case $operatingsystem {
centos, redhat: {
}
debian, ubuntu: {
file {/opt/nginx/nginx.conf:
content = template($template_conf),
owner = root,
group = root,
mode= 644,
require = Class[nginx::install],
notify = Class[nginx::service],
}
}
}
}
and it errors on 'require' and on 'notify' Class...
do I have to somehow declare this to be a class in order to reference another
class?
--
Craig White ~~ craig.wh...@ttiltd.com
1.800.869.6908 ~~~ www.ttiassessments.com
Need help communicating between generations at work to achieve your desired
success? Let us help!
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Turn off client autoupdate
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Thank you! This is what I was looking for :) --no-client DOES work. P.S. I should have read man puppetd before sending this message. :) On Jun 24, 2011, at 10:39 PM, Jacob Helwig wrote: On Fri, 24 Jun 2011 01:47:56 -0700, Sergey V. Arlashin wrote: By default puppet node connects to server periodically and looks if there is something execute. I'm wondering is it possible to make puppet clients not connect to server themselves? So that it would be possible to update a node only with puppetrun nodename. --- WBR, Sergey You'd probably be interested in #4411[1] and #3313[2]. Specifically, it looks like the way you should be able to do this is by specifying listen=true and client=false, but there appears to be a bug with the agent that makes client=false not actually work, but (--no-client on the command line does work). :-/ [1] http://projects.puppetlabs.com/issues/4411 [2] http://projects.puppetlabs.com/issues/3313 -- Jacob Helwig -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iQEcBAEBAgAGBQJOBOMiAAoJEPQ905NMSvKrpLsIAMD/sUsdJDCOW9L0WGXKjLFz BQ9OFmReZx2MSDtXpgzhioOsJ0lMBeTlQ0RWEv5oEtz7senIwbWSyW9hGzHgpujW nm0ZLk7bURW7Fn0z8zVw7ueS70RnMgq0MTeLNSQBZk/dCjBDxu72HSg2O9jAxW8x z49AZVT9TWNjSMIaihF4V5GpbxdAKRb7iqbbNEJAYHRiGodgwjwJywQl8JWRBTg3 1dLzlAr24bzxusApMMNf+7aYPgYQSzyp2jfIpgx3HEp0D3tO3Wv4dmYqUf8YFWG7 Q+uYjnq+PiYeSNxTF2w/F9D5XU5wEbgnnV0r5TrLws5KsKrl4VZ3q4JEmPh0Zzg= =nyL2 -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Enable yum repositories as needed
On Jun 24, 2011, at 11:48 AM, James A. Peltier wrote:
Hi All,
I'm new to puppet and I'm having some difficulty enabling and disabling yum
repositories on an as needed basis and I was wondering if you all might be
able to provide me with some assistance. I've been able to get puppet to
configure a yum repository, I'm going to use EPEL as an example here but I'd
like it for all, by creating a class called epel.pp containing
class epel {
yumrepo { epel: descr = Extra Packages for Enterprise Linux \$releasever
- \$basearch, baseurl =
http://mirror.its.sfu.ca/mirror/CentOS-Third-Party/epel/\$releasever/\$basearch;,
gpgcheck = 1, gpgkey =
http://mirror.its.sfu.ca/mirror/CentOS-Third-Party/epel/RPM-GPG-KEY-EPEL;,
enabled=0 }
}
and it does create and populate the /etc/yum.repos.d/epel.repo file with this
information. Now I want to be able to install ganglia-gmond automatically
from this repository but I can't figure out how to enable and disable the
repo afterwards? Can anyone please provide an example of how something like
this may be accomplished?
I've been at this for less than a week and primarily concentrating on ubuntu,
not RHEL/CentOS so take this with a grain of salt
You have to be careful when installing packages from another repo but
generally, you just keep the EPEL repo disabled and instead of using the
built-in package command, you would want to 'exec' something like...
exec('/usr/bin/yum --enablerepo=epel install -y ganglia-gmond') and I would
also note that you have to ensure that the rpm-gpg key is installed for the
epel repo BEFORE that command is executed - I believe you already provided the
gpg-key URL to us.
something like this should work (adapt for rpm/yum and note that rpm stores
keys in /etc/pki/rpm-gpg)...
class apt {
package { apt:
ensure = installed,
}
file{/etc/apt/sources.list:
ensure = present,
owner = root,
group = root,
mode= 0444,
content = template(apt/sources.list.erb),
require = Package[apt],
}
exec{/usr/bin/apt-get update:
refreshonly = true,
subscribe = File[/etc/apt/sources.list],
require = File[/etc/apt/sources.list],
}
# MongoDB Key
apt::key { 7F0CEB10:
keyid = 7F0CEB10,
ensure = present,
}
}
define apt::key($keyid, $ensure, $keyserver = keyserver.ubuntu.com) {
case $ensure {
present: {
exec { Import $keyid to apt keystore:
path= /bin:/usr/bin,
environment = HOME=/root,
command = gpg --keyserver $keyserver --recv-keys $keyid gpg
--export --armor $keyid | apt-key add -,
user= root,
group = root,
unless = apt-key list | grep $keyid,
logoutput = on_failure,
}
}
absent: {
exec { Remove $keyid from apt keystore:
path= /bin:/usr/bin,
environment = HOME=/root,
command = apt-key del $keyid,
user= root,
group = root,
onlyif = apt-key list | grep $keyid,
}
}
default: {
fail Invalid 'ensure' value '$ensure' for apt::key
}
}
}
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Enable yum repositories as needed
There's an open bug concerning this very issue, in regards to being able to
specify which repos to use when installing an rpm using the package
resource.
http://projects.puppetlabs.com/issues/2247
--
Nathan Clemons
http://www.livemocha.com
The worlds largest online language learning community
On Fri, Jun 24, 2011 at 12:27 PM, Craig White craig.wh...@ttiltd.comwrote:
On Jun 24, 2011, at 11:48 AM, James A. Peltier wrote:
Hi All,
I'm new to puppet and I'm having some difficulty enabling and disabling
yum repositories on an as needed basis and I was wondering if you all might
be able to provide me with some assistance. I've been able to get puppet to
configure a yum repository, I'm going to use EPEL as an example here but I'd
like it for all, by creating a class called epel.pp containing
class epel {
yumrepo { epel: descr = Extra Packages for Enterprise Linux
\$releasever - \$basearch, baseurl =
http://mirror.its.sfu.ca/mirror/CentOS-Third-Party/epel/\$releasever/\$basearch;,
gpgcheck = 1, gpgkey =
http://mirror.its.sfu.ca/mirror/CentOS-Third-Party/epel/RPM-GPG-KEY-EPEL;,
enabled=0 }
}
and it does create and populate the /etc/yum.repos.d/epel.repo file with
this information. Now I want to be able to install ganglia-gmond
automatically from this repository but I can't figure out how to enable and
disable the repo afterwards? Can anyone please provide an example of how
something like this may be accomplished?
I've been at this for less than a week and primarily concentrating on
ubuntu, not RHEL/CentOS so take this with a grain of salt
You have to be careful when installing packages from another repo but
generally, you just keep the EPEL repo disabled and instead of using the
built-in package command, you would want to 'exec' something like...
exec('/usr/bin/yum --enablerepo=epel install -y ganglia-gmond') and I would
also note that you have to ensure that the rpm-gpg key is installed for the
epel repo BEFORE that command is executed - I believe you already provided
the gpg-key URL to us.
something like this should work (adapt for rpm/yum and note that rpm stores
keys in /etc/pki/rpm-gpg)...
class apt {
package { apt:
ensure = installed,
}
file{/etc/apt/sources.list:
ensure = present,
owner = root,
group = root,
mode= 0444,
content = template(apt/sources.list.erb),
require = Package[apt],
}
exec{/usr/bin/apt-get update:
refreshonly = true,
subscribe = File[/etc/apt/sources.list],
require = File[/etc/apt/sources.list],
}
# MongoDB Key
apt::key { 7F0CEB10:
keyid = 7F0CEB10,
ensure = present,
}
}
define apt::key($keyid, $ensure, $keyserver = keyserver.ubuntu.com) {
case $ensure {
present: {
exec { Import $keyid to apt keystore:
path= /bin:/usr/bin,
environment = HOME=/root,
command = gpg --keyserver $keyserver --recv-keys $keyid gpg
--export --armor $keyid | apt-key add -,
user= root,
group = root,
unless = apt-key list | grep $keyid,
logoutput = on_failure,
}
}
absent: {
exec { Remove $keyid from apt keystore:
path= /bin:/usr/bin,
environment = HOME=/root,
command = apt-key del $keyid,
user= root,
group = root,
onlyif = apt-key list | grep $keyid,
}
}
default: {
fail Invalid 'ensure' value '$ensure' for apt::key
}
}
}
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: howto trigger action on another client
On Jun 24, 9:18 am, Andreas Kuntzagk andreas.kuntz...@mdc-berlin.de
wrote:
Daniel Maher wrote:
On 06/24/2011 03:39 PM, Andreas Kuntzagk wrote:
Exported resources are the Puppet means for one node to provide
resources for another. In this case, the execution host could export
an Exec resource for the master to collect and apply.
Hmm, in the (very short) time I've been working with puppet I have not
stumbled across exported resources. Any pointer where I should start
reading?
Exported resources are great fun. :)
http://docs.puppetlabs.com/guides/exported_resources.html
http://projects.puppetlabs.com/projects/1/wiki/Using_Stored_Configura...
According to these exported resources are somewhat similar to virtual
resources.
Problem is until now I cannot wrap my brain arount virtual resources so I
don't
understand the exported resources examples.
Exported resources are an extended version of virtual resources. It
took me a while to catch on to virtual resources, too, but once I got
it I realized how useful they are. I'll attempt to explain:
Normal resource declarations have two key aspects. First, they
describe a resource, and second, by their presence in a manifest they
indicate that that resource should be managed. For example,
user { john:
ensure = absent
}
describes a User resource whose username is john, and if it is
present in a node's manifest then that tells Puppet that the matching
user should be managed on that node -- in this case, User john must be
ensured absent from the node.
Virtual resources separate those key aspects. They allow a resource
to be declared (described) without specifying whether that resource
should be managed. For example,
@user { john:
ensure = absent
}
describes a User resource whose username is john, but by itself it
does not direct the Puppet agent to do anything about that user.
Elsewhere in the manifest, however, that user can be realized to
indicate to Puppet that yes, User [john] should indeed be managed
(in this example, poor john would then again be ensured absent).
Virtual resources that are not realized for a particular node have no
effect on that node.
There are at least two ways in which this is useful:
1) If there are resources that must be managed only on some nodes,
then it can be clean and convenient to declare them virtually, all in
one place, for all nodes, and then realize just the needed ones on
each node. This is a good alternative to bracketing each resource
with a complicated conditional statement.
2) Although resources, including virtual ones, can only be *declared*
once, virtual resources can be *realized* any number of times. For
instance, if you had several different classes that wanted to drop
files in /etc/cron.d/, then they might all want to ensure that that
directory is present. They can't all declare it, else the
declarations would collide. One possibility would be to declare it
virtually, and let all the classes realize it. (Another would be to
declare it concretely in a separate class, and have the other classes
each include that class.)
Exported resources are much like virtual ones. The main difference is
that exported resources can be collected by any node, not just the
node that declares them. For example, suppose you want all your nodes
to be listed in each other's /etc/hosts file. Each node knows its own
name and IP address (suppose for simplicity that it has only one), but
it doesn't a priori know the others'. You can do this:
# Export a Host resource describing this node:
@@host { $fqdn:
ip = $ipaddress,
host_aliases = $hostname,
ensure = present
}
# Collect all nodes' exported Host resources
# (including this node's)
Host | |
One of the major drawbacks of exported resources is that they require
persistent storage. Puppet uses a database for that, which is a bit
heavy. That's one reason why exported resources may not be worth the
trouble if this is your only use for them.
John
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Package pre-requisites prior to file exec
On Fri, Jun 24, 2011 at 11:33 AM, Craig White craig.wh...@ttiltd.com wrote: Anyway, I've only been at this since Monday and I am quite pleased. I have managed to add some custom 'facts', get some pretty complicated chaining of package installations, work through some reasonably sophisticated templates so that things like apache nginx config files, sysv initscripts, virtual hosts are all delivered with a high enough level of flexibility for mods, rewrite rules, etc. for each vhost. That's really quite awesome progress for a couple of days work Craig. Well done! Glad to hear the docs weren't a big problem, but it does feel like there's something here that could maybe have been called out in a more obvious manner in the docs. -- Nigel Kersten Product, Puppet Labs @nigelkersten -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: implementing a 1-to-many exported resource only once ?
On Jun 24, 7:53 am, Daniel Maher dma...@milestonelab.com wrote: Hello, I would like to know if there is a (sane) way to allow multiple declarations of the same exported resource to result in only one instance of that resource being instantiated on a given node. No. In fact, it is not sane for multiple nodes to export the same resource in the first place. Allow me to explain : - Node infra includes class syslog::server. - Definition syslog__naglog allows configuration snippets to be added to the syslog configuration. - Many nodes contain class snmpd. - Class snmpd calls definition syslog__naglog as an exported resource in the form @@syslog_naglog, thus there are multiple declarations for this resource across the ecosystem. - Class syslog::server realizes the exported resource in the forst Syslog__naglog ||. Now this will, predictably, result in a cannot override local resource problem. I could fix this by ensuring that each instantiation has a unique name (via $fqdn or some such), however, that would result in each node adding a configuration snippet to the syslog.conf on node infra, which is not in fact what I'm looking for. I'm looking for a way to say to node infra that since class snmpd is out there, somewhere, regardless of how many times, that one (and only one) configuration line should be added to the local syslog config - and I'd like to be able to do this from the snmpd class. I'm confused here. If all the exports of syslog_naglog are the same, then why do you need to export it at all? There can't be anything node-specific in it (else the exports wouldn't be the same), so any node that wants it should be able to declare it for itself. Alternatively, if the exported resources do have node-specific bits in them, then how do you suppose Puppet would know which one to collect? I know that I could do it rather simply from class syslog::server (for example), but I'd like it to be dynamic - I'd like other modules to be able to trigger the addition of a given configuration snippet in the syslog config of node infra. Other modules or other nodes? Can this be done ? Is this realistic ? Is there another approach that would be better ? I would greatly appreciate any and all commentary. Would it be an issue for node infra to have Syslog_naglog when in fact no nodes have class snmpd? If not, then skip all the exported resource stuff and just have infra declare Syslog_naglog locally. If so, then consider what would happen if all the nodes that once had class snmpd were removed from service. Syslog_naglog might no longer be exported (if you clean the storeconfig database), but unless you've been very clever, the corresponding line will remain in infra's syslog configuration, only unmanaged. (How to avoid that is left as an exercise for the reader.) If you're not being clever enough to get rid of the syslog line dynamically in the event that all the snmpd servers go away, then it's silly to struggle over inserting it dynamically only when there are snmpd servers around. There's a point where elegance -- if that's what it is -- must give way to pragmatism. I bet you've already spent more time on the problem than a solution would ever have saved you. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: error with puppet
On Jun 24, 3:30 am, Neelam ajender.nee...@gmail.com wrote: err: Could not retrieve catalog from remote server: hostname was not match with the server certificate warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run my hostnames are correct i can ping one from another using the hostname which i set in /etc/host how do i resolve this The certificate your server presented to authenticate itself to the client bore a different name than the one the client used to contact the server. For instance, your client may have contacted it as puppet.superawesome.com, but the certificate it presented was issued to master.superawesome.com. The easiest thing to do would be to contact the server via the name used in its certificate. You can test this via puppet agent --onetime --no-daemonize --server=master's cert name Having determined that it works, update your client's /etc/puppet/ puppet.conf by setting server=master's cert name John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Puppet Class is applied but is not executed
On Jun 24, 7:33 am, christian huber christian.hu...@triphase.ch wrote: Hi all, i' am having a strange problem with a puppet class, basically i wrote a small class, no special content (ensure packed is installed). I applied this class to a linuxbox with puppetclient 2.6.4 installed (and working for the other classes). So the problem if I'am forcing now the client to get the new configuration, it does it very well. No error's even with the debug option. In the /var/lib/puppet directory i take a look at the classes.txt and i find the new class inside. So i try to force en error with the class be doing a modifying the class and adding a parser error. Executing again on the linuxbox the puppet command, nothing happens. I would now expect a error. But it looks like puppet just doesn't executed this class. anyone a idea what i'am missing .. ? You might be missing a message that Puppet is applying a cached catalog because the master failed to compile a new one; that's normally what happens when there is a syntax error in a node's manifests. We're missing all details of Puppet's output, whether to the console or to the system logs. Also the contents of the manifests involved and the command you used to run Puppet. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Turn off client autoupdate
Hi, You're looking for something like this. http://docs.puppetlabs.com/mcollective/index.html On 24/06/2011, at 8:07, sergey sergey...@gmail.com wrote: By default puppet node connects to server periodically and looks if there is something execute. I'm wondering is it possible to make puppet clients not connect to server themselves? So that it would be possible to update a node only with puppetrun nodename. --- WBR, Sergey -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Custom facts - chicken or the egg
Perhaps my logic isn't that good here and I shouldn't be using a custom fact at
all but what I am trying to do is ascertain which version of the passenger gem
is actually installed because I need to reference it in various places in
apache nginx configuration (the specific location of the passenger binary).
but my erb fails because the fact $passenger_version hasn't been created yet.
so I tried...
file {/etc/apache2/mods-enabled/passenger.load:
... snip ...
require = Facter[datacenter],
}
and in /etc/puppet/modules/custom/lib/facter/datacenter.rb I have
Facter.add(datacenter) do
setcode do
datacenter = unknown
# Get current ip address from Facter's own database
ipaddr = Facter.value(:ipaddress)
... snip ...
datacenter
end
end
#
# Provide an additional 'passenger_version' fact
# to use in apache nginx modules
#
Facter.add(passenger_version) do
setcode do
passenger_version = unknown
exec('/usr/local/bin/passenger --version /tmp/passenger_version')
passenger_version = File.open('/tmp/passenger_version',
:readline).chomp.split(' ').last
passenger_version
end
end
but it never seems to add the 'passenger_version' fact
1. How can I make sure that the fact is ascertained before the template file is
parsed?
2. If I am setting up a new system, passenger won't be installed until some
point in the declarative process and at that point, how would I ensure that the
fact is ascertained?
Thanks
--
Craig White ~~ craig.wh...@ttiltd.com
1.800.869.6908 ~~~ www.ttiassessments.com
Need help communicating between generations at work to achieve your desired
success? Let us help!
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Different users within same exec
I have the following exec in my manifest :
exec { some_exec:
path = [ /bin,/usr/bin,/usr/local/bin ],
command = EXECUTE COMMAND 1,
onlyif = EXECUTE COMMAND 2,
logoutput = on_failure
}
I want that the COMMAND 1 should be executed by USER 1 and
COMMAND 2 should be executed by USER 2. Is there a way to do it ?
I tried giving the users parameter, but that seems to apply to both
the commands.
Thanks in advance,
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Custom facts - chicken or the egg
Hi,
What I do is a little different for zmanda.
I have a fact that looks for a local release file that contains the version
number installed. If that file doesn't exist then it returns 0.0.0.
The version file is created after the successful install.
I thought the gem provider was anyway? Can't you pass the version in the
package declaration?
Cheers,
Den
On 25/06/2011, at 8:12, Craig White craig.wh...@ttiltd.com wrote:
Perhaps my logic isn't that good here and I shouldn't be using a custom fact
at all but what I am trying to do is ascertain which version of the passenger
gem is actually installed because I need to reference it in various places in
apache nginx configuration (the specific location of the passenger binary).
but my erb fails because the fact $passenger_version hasn't been created yet.
so I tried...
file {/etc/apache2/mods-enabled/passenger.load:
... snip ...
require = Facter[datacenter],
}
and in /etc/puppet/modules/custom/lib/facter/datacenter.rb I have
Facter.add(datacenter) do
setcode do
datacenter = unknown
# Get current ip address from Facter's own database
ipaddr = Facter.value(:ipaddress)
... snip ...
datacenter
end
end
#
# Provide an additional 'passenger_version' fact
# to use in apache nginx modules
#
Facter.add(passenger_version) do
setcode do
passenger_version = unknown
exec('/usr/local/bin/passenger --version /tmp/passenger_version')
passenger_version = File.open('/tmp/passenger_version',
:readline).chomp.split(' ').last
passenger_version
end
end
but it never seems to add the 'passenger_version' fact
1. How can I make sure that the fact is ascertained before the template file
is parsed?
2. If I am setting up a new system, passenger won't be installed until some
point in the declarative process and at that point, how would I ensure that
the fact is ascertained?
Thanks
--
Craig White ~~ craig.wh...@ttiltd.com
1.800.869.6908 ~~~ www.ttiassessments.com
Need help communicating between generations at work to achieve your desired
success? Let us help!
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Different users within same exec
Use su -c cmd user?
--
Nathan Clemons
http://www.livemocha.com
The worlds largest online language learning community
On Fri, Jun 24, 2011 at 3:06 PM, ssk1287 kulkarni.swar...@gmail.com wrote:
I have the following exec in my manifest :
exec { some_exec:
path = [ /bin,/usr/bin,/usr/local/bin ],
command = EXECUTE COMMAND 1,
onlyif = EXECUTE COMMAND 2,
logoutput = on_failure
}
I want that the COMMAND 1 should be executed by USER 1 and
COMMAND 2 should be executed by USER 2. Is there a way to do it ?
I tried giving the users parameter, but that seems to apply to both
the commands.
Thanks in advance,
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Custom facts - chicken or the egg
On Jun 24, 2011, at 3:40 PM, Denmat wrote: Hi, What I do is a little different for zmanda. I have a fact that looks for a local release file that contains the version number installed. If that file doesn't exist then it returns 0.0.0. The version file is created after the successful install. I thought the gem provider was anyway? Can't you pass the version in the package declaration? - getting the version isn't exactly the problem and yes, the version is in the package installation set - which I plan to revisit later because it seems that when it comes to gem packages, 'ensure = latest' didn't seem to work but I didn't want to waste time on that. My issues seem to be... 1. I want to require = /etc/puppet/modules/custom/lib/facter/$SOME_CUSTOM_FACT is actually executed and the fact is established before a particular package is installed/configured. I can't seem to find the proper syntax for requiring that fact first - before the attempted installation. 2. It seems that the custom/lib/facter directory is a bit squirrelly in that it gags on the automatic backup files created by emacs (FILENAME.rb~) and if I create a resource that depends upon a fact, the resource installation fails and the fact is never established when I was sort of expecting facter to run at the outset of any agent activity. Craig -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Setting requirements using collection -vs- before/require meta-parameters
Hello,
Could someone explain why a relationship implemented with a collection
is honored by Puppet, but a 'before' or 'require' meta-parameter fails
for the example below.
--- THIS WORKS --
Nfs::Client | | - Class['myclass']
class { 'myclass': }
nfs::client { '/share':}
-- DEPENDENCY IS NOT HONORED BY PUPPET HERE -
class{'myclass': require = Nfs::Client['/share'] }
nfs::client{'/share':}
The nfs share must be mounted before packages can be installed in
Class['myclass']. Defining this relationship using 'before' or
'require' meta-parameters did not succeed: In the bottom example,
Puppet would attempt to install packages contained in the class even
though the nfs share was not mounted.
I realize that the top example is applying the relationship to all
'nfs::client' defined types (which is fine). But why should this
method work while the explicit 'before' or 'require' approach fail?
Jon
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] need help with name parameter
Thanks Stefan. A bug (originally a doc bug) and subsequent discussion
at Puppetlabs is documented here:
https://projects.puppetlabs.com/issues/8096
ken.
On Thu, Jun 23, 2011 at 6:11 PM, Stefan Schulte
stefan.schu...@taunusstein.net wrote:
On Wed, Jun 22, 2011 at 08:37:25PM +0100, Ken Barber wrote:
So it would appear the parameter 'name' acts as namevar for file and
exec at least ... its not defined in the type for these explicitly -
it seems implicit. This seems historical and I haven't seen it used
before (at least I've never used it myself). Does anyone know the
history behind this?
The following:
@key_attribute_parameters ||= (
params = @parameters.find_all { |param|
param.isnamevar? or param.name == :name
}
)
I guess this was added because not all types define a namevar. If you
have no parameter marked as the namevar, :name is your namevar.
Is defined in puppet/type.rb :-). Not sure if we have this behavior
documented - or if its up for deprecation :-).
I guess the more interesting bits are:
def self.validattr?(name)
name = symbolize(name)
return true if name == :name
@validattrs ||= {}
unless @validattrs.include?(name)
@validattrs[name] = !!(self.validproperty?(name) or
self.validparameter?(name) or self.metaparam?(name))
end
@validattrs[name]
end
So name is always considered a valid parameter. In fact name can always
be used to reference the namevar parameter:
def [](name)
name = attr_alias(name)
fail(Invalid parameter #{name}(#{name.inspect})) unless
self.class.validattr?(name)
if name == :name nv = name_var
name = nv
end
if obj = @parameters[name]
# Note that if this is a property, then the value is the should
value,
# not the current value.
obj.value
else
return nil
end
end
At the moment some parts of puppet depend on this behaviour because puppet
often uses the value of the name parameter to identify a resource. If we
remove the current name translation magic, referencing a resource by the
name parameter will obviously not work for resources that dont have a
name parameter.
Hopefully this will be resolved in the future (always query a resource
by uniqueness_key and dont rely on a name parameter at all).
For further reading:
problems with composite namevars because of the current way to query a
resource
* http://projects.puppetlabs.com/issues/5605
* http://projects.puppetlabs.com/issues/7629
Experimental patch on puppet-dev by Dan Bode
* http://groups.google.com/group/puppet-dev/msg/7295ee43e76c02fd
-Stefan
ken.
On Wed, Jun 22, 2011 at 6:40 PM, Henrik Lindberg
henrik.lindb...@cloudsmith.com wrote:
Hi,
A bit of help is needed with this geppetto issue:
https://github.com/cloudsmith/geppetto/issues/87
It is about the parameter name in relation to file.
Appreciate feedback.
Regards
- henrik
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Puppet Class is applied but is not executed
I agree it is almost certainly a syntax error. Do this on your class: puppet --parseonly class name this will do a quick sanity check. If you want to do more you can also run puppet with nodeamonize mode and debug to see what's wrong.. but I have a feeling that syntax checking will solve it. -Original Message- From: jcbollinger Sent: Friday, June 24, 2011 3:06 PM To: Puppet Users Subject: [Puppet Users] Re: Puppet Class is applied but is not executed On Jun 24, 7:33 am, christian huber christian.hu...@triphase.ch wrote: Hi all, i' am having a strange problem with a puppet class, basically i wrote a small class, no special content (ensure packed is installed). I applied this class to a linuxbox with puppetclient 2.6.4 installed (and working for the other classes). So the problem if I'am forcing now the client to get the new configuration, it does it very well. No error's even with the debug option. In the /var/lib/puppet directory i take a look at the classes.txt and i find the new class inside. So i try to force en error with the class be doing a modifying the class and adding a parser error. Executing again on the linuxbox the puppet command, nothing happens. I would now expect a error. But it looks like puppet just doesn't executed this class. anyone a idea what i'am missing .. ? You might be missing a message that Puppet is applying a cached catalog because the master failed to compile a new one; that's normally what happens when there is a syntax error in a node's manifests. We're missing all details of Puppet's output, whether to the console or to the system logs. Also the contents of the manifests involved and the command you used to run Puppet. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
