Re: [Puppet Users] making puppetd immortal

[Scott Smith]

Well, changing a runlevel just to stop a daemon is a bit heavy handed.

There are other tools that perform this in a more flexible manner: Runit,
Daemontools, Monit, Supervisord, etc.

-scott

On Wed, Jun 29, 2011 at 10:33 PM, vagn scott  wrote:

> In my reading I just ran across this:
>
>[Puppet - Bug #7273] Modifying puppet.conf causes 'reparsing config'
>and TERM signal results in shutdown of daemon
>
> short version: puppet agent can commit suicide, but it can't raise itself
> from the dead.
>
> However, init is immortal, and so puppetd can be, too.
>
>
># on debian squeeze as root:
>insserv -r puppet
>echo "7:2:respawn:/usr/sbin/puppetd --no-daemonize" >> /etc/inittab
>init Q
>
> If you don't want puppet running
>
>init 3
>
> or some other run level.  puppetd will stop.
> When you
>
>init 2
>
> puppetd will start again.
>
> When you
>
>killall puppetd
>
> puppetd will do this:
>
>Jun 30 01:28:20 vm01 puppet-agent[7548]: Caught TERM; calling stop
>Jun 30 01:28:21 vm01 puppet-agent[8157]: Starting Puppet client
> version 2.6.2
>Jun 30 01:28:22 vm01 puppet-agent[8157]: Finished catalog run in
> 0.11 seconds
>
> I'm not seeing a downside to this.  Am I missing something?
>
> --
> vagn
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to puppet-users+unsubscribe@**
> googlegroups.com .
> For more options, visit this group at http://groups.google.com/**
> group/puppet-users?hl=en
> .
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] making puppetd immortal

[vagn scott]

In my reading I just ran across this:

[Puppet - Bug #7273] Modifying puppet.conf causes 'reparsing 
config'

and TERM signal results in shutdown of daemon

short version: puppet agent can commit suicide, but it can't raise 
itself from the dead.


However, init is immortal, and so puppetd can be, too.


# on debian squeeze as root:
insserv -r puppet
echo "7:2:respawn:/usr/sbin/puppetd --no-daemonize" >> /etc/inittab
init Q

If you don't want puppet running

init 3

or some other run level.  puppetd will stop.
When you

init 2

puppetd will start again.

When you

killall puppetd

puppetd will do this:

Jun 30 01:28:20 vm01 puppet-agent[7548]: Caught TERM; calling stop
Jun 30 01:28:21 vm01 puppet-agent[8157]: Starting Puppet client 
version 2.6.2
Jun 30 01:28:22 vm01 puppet-agent[8157]: Finished catalog run 
in 0.11 seconds


I'm not seeing a downside to this.  Am I missing something?

--
vagn

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Puppet agent creates certificates for localhost.localdomain and does not pick up the changed hostname

[brijesh]

on ubuntu you have to change the /etc/hostname file and set hostname
there which should do the job.  it depends on the distro you are using
you need to change the file accordingly.

Brijesh

On Jun 30, 12:47 pm, Sriramu Singaram  wrote:
> Hi Everyone,
>
> I am using Puppet 2.6.5 to configure fresh VMs. These VMs have their
> hostname set to localhost.localdomain initially at boot-time.
>
> There is this script file that runs in rc.local and this is what I do
> inside it
>   1. I change the hostname from localhost to xxx.xx using the
> hostname command.
>   2. start the puppet agent as /usr/sbin/puppetd --certname=xxx.xx
> --logdest=/var/log/puppet/puppet.log
>
> The problem I am facing is that the puppet agent on the VMs creates
> certificates for localhost.localdomain inspite of me changing the
> hostname to say xxx.xxx.
>
> I want the puppet agent to pick up the new hostname while creating the
> certificate, but it doesn't seem to be doing that.
>
> I am not sure where the puppet agent looks to pick up the hostname at
> certificate creation, is it the /etc/hosts file or the env or /etc/
> sysconfig/network? currently when I set the hostname using the
> hostname command, it doesnt create any entry in these files.
>
> Any help is really appreciated!!
>
> Thanks,
> Sriramu

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: How to define a hash table and loop over them in a definition?

[vagn scott]

On 06/29/2011 09:56 PM, treydock wrote:

<% apparray.each do |key,value| -%>

Key:<%= key %>
Path:<%= value['path'] %>
Command:<%= value['command'] %>

<% end -%>

inline_template() can be used as a here document.
that plus a puppet  shebang line makes testing
and presenting examples really easy.

Put the following in file here-hash.pp, then

chmod +x here-hash.pp
./here-hash.pp

--vagn

---8<

#! /usr/bin/puppet apply

Exec {
path => 
"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

}

$prog_name = "here-hash.pp"

$apparray =  {
app1 => { 'path' => '/test/path1', 'command' => 'cmd1' },
app2 => { 'path' => '/test/path2', 'command' => 'cmd2' },
}

$result = inline_template("

<% apparray.each do |key,value| -%>

Key: <%= key %>
Path: <%= value['path'] %>
Command: <%= value['command'] %>

<% end -%>

")


node default {

notice("--- running: $program_name 
-")


notice($result)

notice("--- done: $program_name 
")

}

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: How to define a hash table and loop over them in a definition?

[treydock]

Here's an example of how I have done this, and also a good way to test
the idea...

I created test.pp with these contents...you can also specify the
$apparray else where, for example in the node definition

$apparray =  {
app1 => { 'path' => '/test/path1', 'command' => 'cmd1' },
app2 => { 'path' => '/test/path2', 'command' => 'cmd2' },
}

file { "/etc/puppet/output":
content => template("/etc/puppet/test.erb")
}


Then create the template file that the hash is used in, test.erb, this
is where you loop through your values

<% apparray.each do |key,value| -%>

Key: <%= key %>
Path: <%= value['path'] %>
Command: <%= value['command'] %>

<% end -%>


Then to generate the output file you run ...

# puppet test.pp
notice: /Stage[main]//File[/etc/puppet/output]/content: content
changed '{md5}c473dbf9c2539d14a3042f81ab2edafd' to '{md5}
9568aa118a031c5621c65c36bbe34bfe'
notice: Finished catalog run in 0.03 seconds

The output file should look something like this


Key: app1
Path: /test/path1
Command: cmd1


Key: app2
Path: /test/path2
Command: cmd2



- Trey


On Jun 29, 8:16 pm, Haitao Jiang  wrote:
> This may have been asked before, if so, please excuse me and point me
> to the right direction.
>
> What I want to do is to define a hash table with multiple key->value
> pairs. I would like to pass this variable to a file template and
> generate a result file with all the mappings listed. Based on what I
> read, I need to do it in a definition. But does Puppet supports loop
> over a hash?
>
> Any help would be highly appreciated. I am using Puppet 2.6.8
>
> Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] How to define a hash table and loop over them in a definition?

[Haitao Jiang]

This may have been asked before, if so, please excuse me and point me
to the right direction.

What I want to do is to define a hash table with multiple key->value
pairs. I would like to pass this variable to a file template and
generate a result file with all the mappings listed. Based on what I
read, I need to do it in a definition. But does Puppet supports loop
over a hash?

Any help would be highly appreciated. I am using Puppet 2.6.8

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] syntax highlighting on emacs

[Tony G.]

On Tue, Jun 28, 2011 at 2:00 PM, Sylvain  wrote:

> Hi guys,
>
> I'm trying to install the syntax highlighting on emacs for Puppet.
> I'm using the configuration files provide on
> http://projects.reductivelabs.com/repositories/browse/puppet/ext/emacs
>
> When I open a .pp file I got this error:
> File mode specification error: (void-function puppet-mode)
>
Hi

The .el files must be in the library path or you can do something like this
in your ~.emacs file

;; Local Library Path
(add-to-list 'load-path "~/path/to/your/el/files")

then I autoload it with in my ~.emacs, that is almost the same as the
puppet-mode-init.el

;; Puppet mode
(autoload 'puppet-mode "puppet-mode" "Puppet Mode." t)
(add-to-list 'auto-mode-alist '("\\.pp\\'" . puppet-mode))
(add-to-list 'interpreter-mode-alist '("puppet" . puppet-mode))

Hope that helps.


> Thanks
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>


-- 
Tony
http://blog.tonyskapunk.net

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Puppet agent creates certificates for localhost.localdomain and does not pick up the changed hostname

[Sriramu Singaram]

Hi Everyone,

I am using Puppet 2.6.5 to configure fresh VMs. These VMs have their
hostname set to localhost.localdomain initially at boot-time.

There is this script file that runs in rc.local and this is what I do
inside it
  1. I change the hostname from localhost to xxx.xx using the
hostname command.
  2. start the puppet agent as /usr/sbin/puppetd --certname=xxx.xx
--logdest=/var/log/puppet/puppet.log

The problem I am facing is that the puppet agent on the VMs creates
certificates for localhost.localdomain inspite of me changing the
hostname to say xxx.xxx.

I want the puppet agent to pick up the new hostname while creating the
certificate, but it doesn't seem to be doing that.

I am not sure where the puppet agent looks to pick up the hostname at
certificate creation, is it the /etc/hosts file or the env or /etc/
sysconfig/network? currently when I set the hostname using the
hostname command, it doesnt create any entry in these files.

Any help is really appreciated!!

Thanks,
Sriramu

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: can't deploy custom facts

[brijesh]

sure i am right now changing it from bash to ruby.

Brijesh

On Jun 30, 10:55 am, Craig White  wrote:
> I should reiterate that you should use the interactive ruby shell, irb to 
> test your code to make sure that it runs within ruby.
>
> You really should be using ruby for everything that you possibly can. If you 
> can learn bash programming then ruby should be a piece of cake and provide 
> readability down the road and actually make it a lot more fun and bring sense 
> to the coding and structure within puppet too.
>
> Craig
>
> On Jun 29, 2011, at 3:22 PM, brijesh wrote:
>
> > Thank You Very Much  Craig
>
> > that worked.
>
> > On Jun 30, 9:12 am, Craig White  wrote:
> >> I don't know about 'factsync' on client 'puppet.conf
>
> >> on my puppet clients, having
> >> [main]
> >>   ...
> >>   pluginsync=true
>
> >> seems to run the custom facts automatically
>
> >> Craig
>
> >> On Jun 29, 2011, at 2:02 PM, brijesh wrote:
>
> >>> Hi Craig,
>
> >>> Thanks for your reply. I understand your concern about using ruby code
> >>> instead of shell but my question how can i deploy this custom fact.
> >>> The code has no error if i copy this fact into
> >>> /usr/lib/ruby/1.8/facter and then run
> >>> facter curtime it returns the output.
>
> >>> The only thing is how can deploy this fact to all the clients?
>
> >>> On Jun 30, 4:52 am, Craig White  wrote:
>  On Jun 29, 2011, at 1:16 AM, brijesh wrote:
>
> > Hi
>
> > I have been having issue with deploying my custom facts. I have gone
> > through wiki on puppet labs and few other blogs but has no luck so
> > far. May be i am not understanding puppet very well. I would really
> > appreciate if someone helps me with this. I have the following fact i
> > want to deploy.
>
> > Facter.add("curtime") do
> >  setcode do
> >    %x{ foo=`date +%k` ; if [ "$foo" -ge 00 -o "$foo" -le 06  ] ; then
> > echo "true"; fi }
> >  end
> > end
>
> > I have created following directory structure
>
> > /etc/puppet/modules/common
> > /etc/puppet/modules/common/lib/facter/curtime.rb
> > /etc/puppet/modules/common/files
> > /etc/puppet/modules/common/manifests/init.pp <- this file is empty
>
> > on the puppet server i added the following to the /etc/puppet/
> > puppet.conf
>
> >    pluginsync     = true
> >    modulepath     = /etc/puppet/modules
> >    factpath       = $vardir/facts
>
> > on the client i have added
> > factsync = true to the puppet.conf
>
> > When i run puppetd on client i can't see the new fact curtime also on
> > the server i should be able to see the curtime fact under /var/lib/
> > puppet/facts.
>
> > I am running puppetmasterd and client - 0.25.4
>
> > Any help would be appreciated.
>
>  
>  If your custom fact has any errors, the fact will never work. You don't 
>  have to go searching for 'facts' - on any particular machine you should 
>  be able to just run from cli...
>
>  facter (NAME OF FACT) - i.e.  facter curtime
>
>  I also neglected to mention that there really is no reason whatsoever to 
>  resort to shell just to do date things because ruby has a very rich 
>  'Date' class built-in.
>
>  irb(main):001:0> require 'date'
>  => true
>  irb(main):002:0> d = Date.today
>  => #
>  irb(main):003:0> y = d.wday
>  => 3
>
>  irb(main):001:0> require 'date'
>  => true
>  irb(main):002:0> d = Date.today
>  => #
>  irb(main):003:0> y = d + 3
>  => #
>  irb(main):004:0> z = y.strftime("%m-%d-%Y")
>  => "07-02-2011"
>
>  Craig

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: can't deploy custom facts

[Craig White]

I should reiterate that you should use the interactive ruby shell, irb to test 
your code to make sure that it runs within ruby.

You really should be using ruby for everything that you possibly can. If you 
can learn bash programming then ruby should be a piece of cake and provide 
readability down the road and actually make it a lot more fun and bring sense 
to the coding and structure within puppet too.

Craig

On Jun 29, 2011, at 3:22 PM, brijesh wrote:

> Thank You Very Much  Craig
> 
> that worked.
> 
> 
> 
> On Jun 30, 9:12 am, Craig White  wrote:
>> I don't know about 'factsync' on client 'puppet.conf
>> 
>> on my puppet clients, having
>> [main]
>>   ...
>>   pluginsync=true
>> 
>> seems to run the custom facts automatically
>> 
>> Craig
>> 
>> On Jun 29, 2011, at 2:02 PM, brijesh wrote:
>> 
>> 
>> 
>>> Hi Craig,
>> 
>>> Thanks for your reply. I understand your concern about using ruby code
>>> instead of shell but my question how can i deploy this custom fact.
>>> The code has no error if i copy this fact into
>>> /usr/lib/ruby/1.8/facter and then run
>>> facter curtime it returns the output.
>> 
>>> The only thing is how can deploy this fact to all the clients?
>> 
>>> On Jun 30, 4:52 am, Craig White  wrote:
 On Jun 29, 2011, at 1:16 AM, brijesh wrote:
>> 
> Hi
>> 
> I have been having issue with deploying my custom facts. I have gone
> through wiki on puppet labs and few other blogs but has no luck so
> far. May be i am not understanding puppet very well. I would really
> appreciate if someone helps me with this. I have the following fact i
> want to deploy.
>> 
> Facter.add("curtime") do
>  setcode do
>%x{ foo=`date +%k` ; if [ "$foo" -ge 00 -o "$foo" -le 06  ] ; then
> echo "true"; fi }
>  end
> end
>> 
> I have created following directory structure
>> 
> /etc/puppet/modules/common
> /etc/puppet/modules/common/lib/facter/curtime.rb
> /etc/puppet/modules/common/files
> /etc/puppet/modules/common/manifests/init.pp <- this file is empty
>> 
> on the puppet server i added the following to the /etc/puppet/
> puppet.conf
>> 
>pluginsync = true
>modulepath = /etc/puppet/modules
>factpath   = $vardir/facts
>> 
> on the client i have added
> factsync = true to the puppet.conf
>> 
> When i run puppetd on client i can't see the new fact curtime also on
> the server i should be able to see the curtime fact under /var/lib/
> puppet/facts.
>> 
> I am running puppetmasterd and client - 0.25.4
>> 
> Any help would be appreciated.
>> 
 
 If your custom fact has any errors, the fact will never work. You don't 
 have to go searching for 'facts' - on any particular machine you should be 
 able to just run from cli...
>> 
 facter (NAME OF FACT) - i.e.  facter curtime
>> 
 I also neglected to mention that there really is no reason whatsoever to 
 resort to shell just to do date things because ruby has a very rich 'Date' 
 class built-in.
>> 
 irb(main):001:0> require 'date'
 => true
 irb(main):002:0> d = Date.today
 => #
 irb(main):003:0> y = d.wday
 => 3
>> 
 irb(main):001:0> require 'date'
 => true
 irb(main):002:0> d = Date.today
 => #
 irb(main):003:0> y = d + 3
 => #
 irb(main):004:0> z = y.strftime("%m-%d-%Y")
 => "07-02-2011"
>> 
 Craig
>> 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: can't deploy custom facts

[brijesh]

Thank You Very Much  Craig

that worked.



On Jun 30, 9:12 am, Craig White  wrote:
> I don't know about 'factsync' on client 'puppet.conf
>
> on my puppet clients, having
> [main]
>   ...
>   pluginsync=true
>
> seems to run the custom facts automatically
>
> Craig
>
> On Jun 29, 2011, at 2:02 PM, brijesh wrote:
>
>
>
> > Hi Craig,
>
> > Thanks for your reply. I understand your concern about using ruby code
> > instead of shell but my question how can i deploy this custom fact.
> > The code has no error if i copy this fact into
> > /usr/lib/ruby/1.8/facter and then run
> > facter curtime it returns the output.
>
> > The only thing is how can deploy this fact to all the clients?
>
> > On Jun 30, 4:52 am, Craig White  wrote:
> >> On Jun 29, 2011, at 1:16 AM, brijesh wrote:
>
> >>> Hi
>
> >>> I have been having issue with deploying my custom facts. I have gone
> >>> through wiki on puppet labs and few other blogs but has no luck so
> >>> far. May be i am not understanding puppet very well. I would really
> >>> appreciate if someone helps me with this. I have the following fact i
> >>> want to deploy.
>
> >>> Facter.add("curtime") do
> >>>  setcode do
> >>>    %x{ foo=`date +%k` ; if [ "$foo" -ge 00 -o "$foo" -le 06  ] ; then
> >>> echo "true"; fi }
> >>>  end
> >>> end
>
> >>> I have created following directory structure
>
> >>> /etc/puppet/modules/common
> >>> /etc/puppet/modules/common/lib/facter/curtime.rb
> >>> /etc/puppet/modules/common/files
> >>> /etc/puppet/modules/common/manifests/init.pp <- this file is empty
>
> >>> on the puppet server i added the following to the /etc/puppet/
> >>> puppet.conf
>
> >>>    pluginsync     = true
> >>>    modulepath     = /etc/puppet/modules
> >>>    factpath       = $vardir/facts
>
> >>> on the client i have added
> >>> factsync = true to the puppet.conf
>
> >>> When i run puppetd on client i can't see the new fact curtime also on
> >>> the server i should be able to see the curtime fact under /var/lib/
> >>> puppet/facts.
>
> >>> I am running puppetmasterd and client - 0.25.4
>
> >>> Any help would be appreciated.
>
> >> 
> >> If your custom fact has any errors, the fact will never work. You don't 
> >> have to go searching for 'facts' - on any particular machine you should be 
> >> able to just run from cli...
>
> >> facter (NAME OF FACT) - i.e.  facter curtime
>
> >> I also neglected to mention that there really is no reason whatsoever to 
> >> resort to shell just to do date things because ruby has a very rich 'Date' 
> >> class built-in.
>
> >> irb(main):001:0> require 'date'
> >> => true
> >> irb(main):002:0> d = Date.today
> >> => #
> >> irb(main):003:0> y = d.wday
> >> => 3
>
> >> irb(main):001:0> require 'date'
> >> => true
> >> irb(main):002:0> d = Date.today
> >> => #
> >> irb(main):003:0> y = d + 3
> >> => #
> >> irb(main):004:0> z = y.strftime("%m-%d-%Y")
> >> => "07-02-2011"
>
> >> Craig
>
> > --
> > You received this message because you are subscribed to the Google Groups 
> > "Puppet Users" group.
> > To post to this group, send email to puppet-users@googlegroups.com.
> > To unsubscribe from this group, send email to 
> > puppet-users+unsubscr...@googlegroups.com.
> > For more options, visit this group 
> > athttp://groups.google.com/group/puppet-users?hl=en.
>
> --
> Craig White ~~  craig.wh...@ttiltd.com
> 1.800.869.6908 ~~~www.ttiassessments.com
>
> Need help communicating between generations at work to achieve your desired 
> success? Let us help!

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: can't deploy custom facts

[Craig White]

I don't know about 'factsync' on client 'puppet.conf 

on my puppet clients, having 
[main]
  ...
  pluginsync=true

seems to run the custom facts automatically

Craig

On Jun 29, 2011, at 2:02 PM, brijesh wrote:

> Hi Craig,
> 
> Thanks for your reply. I understand your concern about using ruby code
> instead of shell but my question how can i deploy this custom fact.
> The code has no error if i copy this fact into
> /usr/lib/ruby/1.8/facter and then run
> facter curtime it returns the output.
> 
> The only thing is how can deploy this fact to all the clients?
> 
> 
> On Jun 30, 4:52 am, Craig White  wrote:
>> On Jun 29, 2011, at 1:16 AM, brijesh wrote:
>> 
>> 
>> 
>>> Hi
>> 
>>> I have been having issue with deploying my custom facts. I have gone
>>> through wiki on puppet labs and few other blogs but has no luck so
>>> far. May be i am not understanding puppet very well. I would really
>>> appreciate if someone helps me with this. I have the following fact i
>>> want to deploy.
>> 
>>> Facter.add("curtime") do
>>>  setcode do
>>>%x{ foo=`date +%k` ; if [ "$foo" -ge 00 -o "$foo" -le 06  ] ; then
>>> echo "true"; fi }
>>>  end
>>> end
>> 
>>> I have created following directory structure
>> 
>>> /etc/puppet/modules/common
>>> /etc/puppet/modules/common/lib/facter/curtime.rb
>>> /etc/puppet/modules/common/files
>>> /etc/puppet/modules/common/manifests/init.pp <- this file is empty
>> 
>>> on the puppet server i added the following to the /etc/puppet/
>>> puppet.conf
>> 
>>>pluginsync = true
>>>modulepath = /etc/puppet/modules
>>>factpath   = $vardir/facts
>> 
>>> on the client i have added
>>> factsync = true to the puppet.conf
>> 
>>> When i run puppetd on client i can't see the new fact curtime also on
>>> the server i should be able to see the curtime fact under /var/lib/
>>> puppet/facts.
>> 
>>> I am running puppetmasterd and client - 0.25.4
>> 
>>> Any help would be appreciated.
>> 
>> 
>> If your custom fact has any errors, the fact will never work. You don't have 
>> to go searching for 'facts' - on any particular machine you should be able 
>> to just run from cli...
>> 
>> facter (NAME OF FACT) - i.e.  facter curtime
>> 
>> I also neglected to mention that there really is no reason whatsoever to 
>> resort to shell just to do date things because ruby has a very rich 'Date' 
>> class built-in.
>> 
>> irb(main):001:0> require 'date'
>> => true
>> irb(main):002:0> d = Date.today
>> => #
>> irb(main):003:0> y = d.wday
>> => 3
>> 
>> irb(main):001:0> require 'date'
>> => true
>> irb(main):002:0> d = Date.today
>> => #
>> irb(main):003:0> y = d + 3
>> => #
>> irb(main):004:0> z = y.strftime("%m-%d-%Y")
>> => "07-02-2011"
>> 
>> Craig
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to 
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.
> 

-- 
Craig White ~~  craig.wh...@ttiltd.com
1.800.869.6908 ~~~ www.ttiassessments.com 

Need help communicating between generations at work to achieve your desired 
success? Let us help!

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: can't deploy custom facts

[brijesh]

Hi Craig,

Thanks for your reply. I understand your concern about using ruby code
instead of shell but my question how can i deploy this custom fact.
The code has no error if i copy this fact into
/usr/lib/ruby/1.8/facter and then run
facter curtime it returns the output.

The only thing is how can deploy this fact to all the clients?


On Jun 30, 4:52 am, Craig White  wrote:
> On Jun 29, 2011, at 1:16 AM, brijesh wrote:
>
>
>
> > Hi
>
> > I have been having issue with deploying my custom facts. I have gone
> > through wiki on puppet labs and few other blogs but has no luck so
> > far. May be i am not understanding puppet very well. I would really
> > appreciate if someone helps me with this. I have the following fact i
> > want to deploy.
>
> > Facter.add("curtime") do
> >  setcode do
> >    %x{ foo=`date +%k` ; if [ "$foo" -ge 00 -o "$foo" -le 06  ] ; then
> > echo "true"; fi }
> >  end
> > end
>
> > I have created following directory structure
>
> > /etc/puppet/modules/common
> > /etc/puppet/modules/common/lib/facter/curtime.rb
> > /etc/puppet/modules/common/files
> > /etc/puppet/modules/common/manifests/init.pp <- this file is empty
>
> > on the puppet server i added the following to the /etc/puppet/
> > puppet.conf
>
> >    pluginsync     = true
> >    modulepath     = /etc/puppet/modules
> >    factpath       = $vardir/facts
>
> > on the client i have added
> > factsync = true to the puppet.conf
>
> > When i run puppetd on client i can't see the new fact curtime also on
> > the server i should be able to see the curtime fact under /var/lib/
> > puppet/facts.
>
> > I am running puppetmasterd and client - 0.25.4
>
> > Any help would be appreciated.
>
> 
> If your custom fact has any errors, the fact will never work. You don't have 
> to go searching for 'facts' - on any particular machine you should be able to 
> just run from cli...
>
> facter (NAME OF FACT) - i.e.  facter curtime
>
> I also neglected to mention that there really is no reason whatsoever to 
> resort to shell just to do date things because ruby has a very rich 'Date' 
> class built-in.
>
> irb(main):001:0> require 'date'
> => true
> irb(main):002:0> d = Date.today
> => #
> irb(main):003:0> y = d.wday
> => 3
>
> irb(main):001:0> require 'date'
> => true
> irb(main):002:0> d = Date.today
> => #
> irb(main):003:0> y = d + 3
> => #
> irb(main):004:0> z = y.strftime("%m-%d-%Y")
> => "07-02-2011"
>
> Craig

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

RE: [Puppet Users] AIX clients

[Kinzel, David]

>-Original Message-
>From: puppet-users@googlegroups.com 
>[mailto:puppet-users@googlegroups.com] On Behalf Of Rob McBroom
>Sent: Wednesday, June 29, 2011 11:55 AM
>To: puppet-users@googlegroups.com
>Subject: [Puppet Users] AIX clients
>
>Is there anything current on getting a Puppet client going on 
>AIX? The wiki has a really old document that doesn't really 
>tell you how to install in the first place. Google indicates 
>that using gems should work, but right off the bat with 
>facter, I'm told that it can't proceed because I need some 
>Python tool to generate the man pages. This dependency stuff 
>could go on and on.

Can you point to where/how you got ruby working? Last attempt openssl
was refusing to function properly for me.

>
>So before I spend days dealing with these issues, I thought 
>I'd see if anyone else has sorted them out already.
>
>Thanks.

This email communication and any files transmitted with it may contain 
confidential and or proprietary information and is provided for the use of the 
intended recipient only.  Any review, retransmission or dissemination of this 
information by anyone other than the intended recipient is prohibited.  If you 
receive this email in error, please contact the sender and delete this 
communication and any copies immediately.  Thank you.
http://www.encana.com

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] AIX clients

[Rob McBroom]

Is there anything current on getting a Puppet client going on AIX? The wiki has 
a really old document that doesn’t really tell you how to install in the first 
place. Google indicates that using gems should work, but right off the bat with 
facter, I’m told that it can’t proceed because I need some Python tool to 
generate the man pages. This dependency stuff could go on and on.

So before I spend days dealing with these issues, I thought I’d see if anyone 
else has sorted them out already.

Thanks.

-- 
Rob McBroom


-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Dashboard & LDAP ENC's

[Rob McBroom]

On Jun 29, 2011, at 11:40 AM, Craig White wrote:

> I am still uncertain whether we will have enough servers to actually bother 
> with maintaining hosts in LDAP just for puppet.

Might not be worth it if it’s “just for puppet”, but once you have everything 
in LDAP, there are limitless possibilities for automation. I’ll just paste 
something from one of my previous messages on this list:

> … if you put details for your systems in LDAP, there’s so so much you can 
> automate outside of Puppet as well. Every scripting language understands 
> LDAP, so use your imagination.
> 
> One good example is a web-based front-end to allow manger types to view the 
> information (as sort of an inventory tracking tool). The reason databases 
> like this get out of date is that keeping them current is a pain. The only 
> way it works is if *not* keeping it current is even *more* painful. Puppet 
> can help with this. If you don’t go into LDAP and add a node and classify it 
> as a web server, it literally won’t function as a web server. So when a human 
> looks at the information about a system via the web, they know it has to be 
> correct.
> 
> We also use information in LDAP to configure our monitoring system. Again, 
> this keeps you on your toes. If you don’t add it to LDAP, it doesn’t get 
> monitored. If you don’t remove it from LDAP when it’s gone, you’ll get 
> annoyed with alerts that it went down.
> 
> And there are the daily tasks that can be sped up, like connecting (in a loop 
> or via cluster SSH) to all systems with certain attributes. Answering the 
> constant requests for “a list of all the XYZ servers with ABC”, running 
> `ssh-keyscan`, populating a local file for hostname completion in your shell, 
> etc.

And to add to that, I’ve recently started looking at Fabric which allows you 
define a list of hosts in different “roles”. I can have these lists generated 
in real-time based on LDAP when the command runs.

-- 
Rob McBroom


-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Setting requirements using collection -vs- before/require meta-parameters

[Nigel Kersten]

On Wed, Jun 29, 2011 at 9:54 AM, Jon Jaroker  wrote:

>
> Please let me know if you want me to create a bug for this, or whether
> you have debugging or workaround recommendations.
>

I'll read your post a bit more closely later on today, but a quick
suggestion would be to use the --graph output on the puppet node, and
visually inspecting the .dot graph files to see if the relationships you've
defined are being applied in the way you think they should be.

That often sheds light on a dependency problem.

http://docs.puppetlabs.com/guides/faq.html#how-do-i-use-puppets-graphing-support

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] <<>> imports, defined(), and conflicts

[Rich Rauenzahn]

We're trying to write a rule that <<>> imports a bunch of nagios
Nagios_host rules.  But then we take a list of machines and add
Nagios_host rules for them as well.  Some of the systems might
overlap, and we were hoping to use puppet to weed them out.

We assumed if we did

class a {
Nagios_host <<>>
Nagios_service <<>>
}

class b {
...
if ! defined Nagios_host[$a_host] {
   nagios_host { $a_host: ...}
   nagios_service { ... }
}
...
}

include a
include b

That we could count on using the defined() function to determine
whether something was already defined and define it if it isn't.

This isn't working -- we get a duplicate nagios_service entry, which
tells me either one of our hosts in registering a nagios_service,
without a nagios_host entry, or I can't count at all on the evaluation
order of <<>>'s and resource definitions.

I just verified the node has a nagios_host defined.  Is there any
other way around this problem?  (I have some other ideas, like a
concat file with the hosts defined and the grep -v'ing them.. but was
hoping for something more elegant.)

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Setting requirements using collection -vs- before/require meta-parameters

[Jon Jaroker]

>
> So it looks like we have a bug that I'm still trying to find in the
> database, and I think it might be affecting you.
>
> If you have a class that only declares other classes in it, and doesn't have
> any resources in it, then it gets removed from the dependency graph.
>


Hello Nigel,

To test whether this bug is the cause, I added a file resource to the
node class.   The updated node class is below.  Almost all of the
other classes contain a similar file resource that is used to generate
a dokuwiki-formatted page showing parameters and values.

I rebuilt 'node02' six times while developing the classes.  The node
class below remained unchanged.

The Class-DefinedType dependency below was not honored on two
rebuilds: Puppet attempted to install Package['java'] before the nfs
share containing the binary was mounted.

I noticed a second dependency failure within Class['role_frontend'].
It is a similar Class-DefinedType dependency, although reversed:

class role_frontend (...) {
...
 Class['tomcat'] -> Tomcat::Instance <| |>
...
}

I observed one deployment where Tomcat::Instance was applied before
Class['tomcat'].  Both the Tomcat::Instance defined type and
Class['tomcat'] have at least one managed resource,  the file resource
I use to create dokuwiki file fragments.

These dependency failures appear when I work on unrelated classes.
For example, the tomcat dependency above started failing
intermittently after I added Class['tomcat::logging'] as a managed
resource within Class['tomcat'].

These dependency failures are intermittent.  They appear to occur
between Classes and Defined Types.  They appear to occur for both the
collector- and 'before/require' -approach to specifying dependencies.
They occur even when the classes contain at least one managed
resource.

My only workaround is to run puppet twice.  (The original workaround
of using collector and 'before' to specify dependencies also
intermittently fails.)

Please let me know if you want me to create a bug for this, or whether
you have debugging or workaround recommendations.

Regards,
Jon

---
node 'node02' inherits local {

S_nfs::Client <| |> -> Class['role_frontend']

class{ 'role_frontend':
add_sampledata  => 'true',
}

s_nfs::client { '/opt/share':
action   => 'mount',
share_server => '10.10.10.14',
share_source => '/c/UserSource/Linux',
#before   => Class['s_java', 'tomcat'],
}

# Documentation File
file{"Node Documentation":
path=> '/tmp/node_doc',
ensure  => present,
content => 'Node Documentation Here',
}

}


-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Deployed but unmanaged file

[Craig White]

On Jun 29, 2011, at 9:14 AM, Brian Gallew wrote:

> On Jun 29, 2011, at 9:05 AM, Nigel Kersten wrote:
> 
>> I've long wanted the equivalent of a "conffile" in Puppet.
>> 
>> e.g. "replace this file if it's still the same as the one Puppet put down, 
>> but if it's been modified from the default, don't replace it"
>> 
>> I've wanted this in the past for things like a user .rc file, where you want 
>> to be able to continually update the default, but not throw away any 
>> customization the user may have done.
> 
> SInce I support developer who sometimes want to control the conf files, and 
> sometimes want Puppet to control them, I created a define:
> 
> define managed_file($source = undef, $content = undef) {
>  $pdir = inline_template("<%= name.reverse().split('/',2)[1].reverse() %>")
>  $basename = inline_template("<%= name.split('/')[-1] %>")
> 
>  file {
>"${name}-puppet":
>  source => $source, content => $content, ensure => present;
>"${pdir}/README-${basename}":
>  ensure => present,
>  content => "${name} is managed by Puppet.\n\nIf you need to 
> edit\n${name}\nand have your changes persist, touch\n${name}.noupdate\nand 
> Puppet will ignore that file.  When you are done with your\ntesting, please 
> have your changes put in Puppet and delete the\n${name}.noupdate\nfile.  
> Thanks.\n\n";
>  }
> 
>  exec {
>"${name}-sync":
>  unless => "test -f ${name}.noupdate || cmp -s ${name} ${name}-puppet",
>  command => "/usr/local/bin/rsync -a ${name}-puppet ${name}",
>  require => File["${name}-puppet"];
>  }
> }
> 
> 
> And you use it like so:
> managed_file {
>  "${muledir}/lib/user/system-config.properties":
>content => template("jboss/system-config.properties.erb"),
>require => File["${muledir}/lib/user"],
>notify => Service["/site/mule"];
> }
> 
> That will create three files in ${muledir}/lib/user: 
> README-system-config.properties, system-config.properties-puppet, and 
> system-config.properties.  If one of the developers on a managed system needs 
> to hand-edit that file, they red the instructions in the README-* and simply 
> touch system-config.properties.noupdate.  Removing that file re-enables 
> Puppet management.  As a further benefit, they can trivially see what's going 
> to change when they remove the .noupdate file because the -puppet version 
> will always be Puppet-managed.

wow, this is a keeper for sure.

In my case, I have an encrypted binary file but I think you have given me the 
idea for instructing puppet to keep hands off

Thanks

Craig

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] can't deploy custom facts

[Craig White]

On Jun 29, 2011, at 1:16 AM, brijesh wrote:

> Hi
> 
> I have been having issue with deploying my custom facts. I have gone
> through wiki on puppet labs and few other blogs but has no luck so
> far. May be i am not understanding puppet very well. I would really
> appreciate if someone helps me with this. I have the following fact i
> want to deploy.
> 
> Facter.add("curtime") do
>  setcode do
>%x{ foo=`date +%k` ; if [ "$foo" -ge 00 -o "$foo" -le 06  ] ; then
> echo "true"; fi }
>  end
> end
> 
> I have created following directory structure
> 
> /etc/puppet/modules/common
> /etc/puppet/modules/common/lib/facter/curtime.rb
> /etc/puppet/modules/common/files
> /etc/puppet/modules/common/manifests/init.pp <- this file is empty
> 
> on the puppet server i added the following to the /etc/puppet/
> puppet.conf
> 
>pluginsync = true
>modulepath = /etc/puppet/modules
>factpath   = $vardir/facts
> 
> on the client i have added
> factsync = true to the puppet.conf
> 
> When i run puppetd on client i can't see the new fact curtime also on
> the server i should be able to see the curtime fact under /var/lib/
> puppet/facts.
> 
> I am running puppetmasterd and client - 0.25.4
> 
> Any help would be appreciated.

If your custom fact has any errors, the fact will never work. You don't have to 
go searching for 'facts' - on any particular machine you should be able to just 
run from cli...

facter (NAME OF FACT) - i.e.  facter curtime

I also neglected to mention that there really is no reason whatsoever to resort 
to shell just to do date things because ruby has a very rich 'Date' class 
built-in.

irb(main):001:0> require 'date'
=> true
irb(main):002:0> d = Date.today
=> #
irb(main):003:0> y = d.wday
=> 3

irb(main):001:0> require 'date'
=> true
irb(main):002:0> d = Date.today
=> #
irb(main):003:0> y = d + 3
=> #
irb(main):004:0> z = y.strftime("%m-%d-%Y")
=> "07-02-2011"

Craig

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Deployed but unmanaged file

[Craig White]

Thanks - answers inline...

On Jun 29, 2011, at 8:57 AM, Daniel Piddock wrote:

> On 29/06/11 16:34, Craig White wrote:
>> This seems to work but it does seem perilous and ugly. A meta description of 
>> what I am trying to do is:
>> - install firebird sql server
>> - replace the 'security' file with a known file
>> - restart the firebird service
>> 
>> I'm not going to include firebird::install class because the part that 
>> worries me is that I can't work on /var/lib/firebird/2.1/system/security.fdb 
>> directly because we will want to maintain it locally after installation. I 
>> only want a single shot deploy. So I am linking to /root/security.fdb and 
>> then copying it from there to it's home. I suppose there is a much better 
>> way to do this but I haven't found it.
>> 
>> My worry is that I never actually overwrite 
>> /var/lib/firebird/2.1/system/security.fdb after the initial 
>> install/configure phase is completed.
>> 
>> class firebird::configure {
>>  file {"/root/security.fdb":
>>source => "puppet:///modules/firebird/security.fdb",
>>owner=> root,
>>group=> root,
>>mode => 640,
>>replace  => false,
>>  }
>>  exec { "Copy KNOWN security.fdb into position":
>>path=> "/usr/local/bin:/usr/local/sbin:/bin:/usr/bin",
>>environment => "HOME=/root",
>>command => "/bin/cp /root/security.fdb /var/lib/firebird/2.1/system",
>>user=> "root",
>>group   => "root",
>>logoutput   => on_failure,
>>require  => Class["firebird::install"],
>>  }
>> }
>> 
>> Is there a better way?
> 
> Looking at this you'll be overwriting the security file every puppet
> run, rather than never at all. The first run *may* fail as the copy has
> no dependency on File['/root/security.fdb'].

it doesn't... I have checked, rechecked, cleaned up and rechecked

> 
> Maintaining local configs on the servers is fighting the Puppet
> mentality. You'd be better off using an array of source files so that
> puppet will fall through the list until hitting a positive. Have a read
> through the Source part of
> http://docs.puppetlabs.com/references/stable/type.html#file

that page has become my bible  ;-)after you get stung by 'unless', 'mode' 
and various parameters that are accepted by 'file' but not 'exec' and vice 
versa, this information is exceedingly valuable

> 
> This class doesn't restart the sql server. Is that handled elsewhere?

yes, I clipped out the last section of firebird::configure class because it 
wasn't useful to the question/discussion but the firebird service itself is 
mostly unused because it runs via xinetd and so I had to create a 
prerequisite::xinetd_install and prerequisite::xinetd_service class and 
firebird ultimately notifies the prerequisite::xinetd_service class;-)   
Way afield from my question

> An example:
> class firebird::configure {
>file { '/var/lib/firebird/2.1/system/security.fdb':
>source => [ "puppet:///modules/firebird/custom/security.$host",
>  'puppet:///modules/firebird/security.fdb'],
>owner => root,
>group => root,
>mode => 640,
>require => Class['firebird::install'],
># notify => Service['firebird'],
>}
> }

perhaps my head is cloudy from dealing with Phoenix desert summer but I don't 
see how an array of choices for the source of this file isn't inherently more 
dangerous than my effort thus far than to create 'one time' deploy.

As for 'Maintaining local configs on the servers is fighting the Puppet 
mentality.'  - I definitely understand and concur but I have a boss and this is 
his overtly expressed desire. It makes total sense to me to just maintain one 
file and use puppet to deploy this file to every database server so there is 
complete alignment of users/passwords regardless of which database server but 
until / unless he agrees, I have to work on plan B which is to try to do a 
single deploy, forever unmanaged puppet script for this file.

Craig

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Deployed but unmanaged file

[Aaron Grewell]

That would be sweet.  For system-level files I want to overwrite and keep a
known state, but at the user level I would love to be able to push a default
and then let them customize.  You can get something similar with concat by
including a local file with additions but since modifications to the core
file won't be retained it's not the same.

On Wed, Jun 29, 2011 at 9:05 AM, Nigel Kersten  wrote:

> I've long wanted the equivalent of a "conffile" in Puppet.
>
> e.g. "replace this file if it's still the same as the one Puppet put down,
> but if it's been modified from the default, don't replace it"
>
> I've wanted this in the past for things like a user .rc file, where you
> want to be able to continually update the default, but not throw away any
> customization the user may have done.
>
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Deployed but unmanaged file

[Brian Gallew]

On Jun 29, 2011, at 9:05 AM, Nigel Kersten wrote:

> I've long wanted the equivalent of a "conffile" in Puppet.
> 
> e.g. "replace this file if it's still the same as the one Puppet put down, 
> but if it's been modified from the default, don't replace it"
> 
> I've wanted this in the past for things like a user .rc file, where you want 
> to be able to continually update the default, but not throw away any 
> customization the user may have done.

SInce I support developer who sometimes want to control the conf files, and 
sometimes want Puppet to control them, I created a define:

define managed_file($source = undef, $content = undef) {
  $pdir = inline_template("<%= name.reverse().split('/',2)[1].reverse() %>")
  $basename = inline_template("<%= name.split('/')[-1] %>")
  
  file {
"${name}-puppet":
  source => $source, content => $content, ensure => present;
"${pdir}/README-${basename}":
  ensure => present,
  content => "${name} is managed by Puppet.\n\nIf you need to 
edit\n${name}\nand have your changes persist, touch\n${name}.noupdate\nand 
Puppet will ignore that file.  When you are done with your\ntesting, please 
have your changes put in Puppet and delete the\n${name}.noupdate\nfile.  
Thanks.\n\n";
  }

  exec {
"${name}-sync":
  unless => "test -f ${name}.noupdate || cmp -s ${name} ${name}-puppet",
  command => "/usr/local/bin/rsync -a ${name}-puppet ${name}",
  require => File["${name}-puppet"];
  }
}


And you use it like so:
managed_file {
  "${muledir}/lib/user/system-config.properties":
content => template("jboss/system-config.properties.erb"),
require => File["${muledir}/lib/user"],
notify => Service["/site/mule"];
}

That will create three files in ${muledir}/lib/user: 
README-system-config.properties, system-config.properties-puppet, and 
system-config.properties.  If one of the developers on a managed system needs 
to hand-edit that file, they red the instructions in the README-* and simply 
touch system-config.properties.noupdate.  Removing that file re-enables Puppet 
management.  As a further benefit, they can trivially see what's going to 
change when they remove the .noupdate file because the -puppet version will 
always be Puppet-managed.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Deployed but unmanaged file

[Nigel Kersten]

I've long wanted the equivalent of a "conffile" in Puppet.

e.g. "replace this file if it's still the same as the one Puppet put down,
but if it's been modified from the default, don't replace it"

I've wanted this in the past for things like a user .rc file, where you want
to be able to continually update the default, but not throw away any
customization the user may have done.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Deployed but unmanaged file

[Craig White]

That's what I was thinking too but I worry that someone may feel compelled to 
tidy things up ;-)

I can see it now...

echo "Delete me and you will die" > 
/root/firebird_security_file_deployed_do_not_delete

Craig

On Jun 29, 2011, at 9:00 AM, Aaron Grewell wrote:

> I'd be tempted to write another file as well as part of the initial config 
> (/var/lib/firebird/configured or something), then check for its 
> (non)existence before pushing the file out.
> 
> On Wed, Jun 29, 2011 at 8:34 AM, Craig White  wrote:
> This seems to work but it does seem perilous and ugly. A meta description of 
> what I am trying to do is:
> - install firebird sql server
> - replace the 'security' file with a known file
> - restart the firebird service
> 
> I'm not going to include firebird::install class because the part that 
> worries me is that I can't work on /var/lib/firebird/2.1/system/security.fdb 
> directly because we will want to maintain it locally after installation. I 
> only want a single shot deploy. So I am linking to /root/security.fdb and 
> then copying it from there to it's home. I suppose there is a much better way 
> to do this but I haven't found it.
> 
> My worry is that I never actually overwrite 
> /var/lib/firebird/2.1/system/security.fdb after the initial install/configure 
> phase is completed.
> 
> class firebird::configure {
>  file {"/root/security.fdb":
>source => "puppet:///modules/firebird/security.fdb",
>owner=> root,
>group=> root,
>mode => 640,
>replace  => false,
>  }
>  exec { "Copy KNOWN security.fdb into position":
>path=> "/usr/local/bin:/usr/local/sbin:/bin:/usr/bin",
>environment => "HOME=/root",
>command => "/bin/cp /root/security.fdb /var/lib/firebird/2.1/system",
>user=> "root",
>group   => "root",
>logoutput   => on_failure,
>require  => Class["firebird::install"],
>  }
> }
> 
> Is there a better way?
> 
> --
> Craig White ~~  craig.wh...@ttiltd.com
> 1.800.869.6908 ~~~ www.ttiassessments.com
> 
> Need help communicating between generations at work to achieve your desired 
> success? Let us help!
> 
> --
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to 
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.
> 
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to 
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.

-- 
Craig White ~~  craig.wh...@ttiltd.com
1.800.869.6908 ~~~ www.ttiassessments.com 

Need help communicating between generations at work to achieve your desired 
success? Let us help!

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] can't deploy custom facts

[Craig White]

On Jun 29, 2011, at 1:16 AM, brijesh wrote:

> Hi
> 
> I have been having issue with deploying my custom facts. I have gone
> through wiki on puppet labs and few other blogs but has no luck so
> far. May be i am not understanding puppet very well. I would really
> appreciate if someone helps me with this. I have the following fact i
> want to deploy.
> 
> Facter.add("curtime") do
>  setcode do
>%x{ foo=`date +%k` ; if [ "$foo" -ge 00 -o "$foo" -le 06  ] ; then
> echo "true"; fi }
>  end
> end
> 
> I have created following directory structure
> 
> /etc/puppet/modules/common
> /etc/puppet/modules/common/lib/facter/curtime.rb
> /etc/puppet/modules/common/files
> /etc/puppet/modules/common/manifests/init.pp <- this file is empty
> 
> on the puppet server i added the following to the /etc/puppet/
> puppet.conf
> 
>pluginsync = true
>modulepath = /etc/puppet/modules
>factpath   = $vardir/facts
> 
> on the client i have added
> factsync = true to the puppet.conf
> 
> When i run puppetd on client i can't see the new fact curtime also on
> the server i should be able to see the curtime fact under /var/lib/
> puppet/facts.
> 
> I am running puppetmasterd and client - 0.25.4
> 
> Any help would be appreciated.

1 - Suggest that you use ruby language instead of trying to do things in shell

2 - Suggest that you use 'irb' to troubleshoot ruby language segments

for example...

irb(main):002:0> foo = `date +%k`
=> " 8\n"
irb(main):003:0> foo = (`date +%k`).chomp
=> " 8"
irb(main):004:0> if foo <= 6 then foo -= 6 
irb(main):005:1> foo
irb(main):006:1> end
ArgumentError: comparison of String with 6 failed
from (irb):4:in `<='
from (irb):4
from :0
irb(main):008:0> foo
=> " 8"
irb(main):009:0> foo = foo.to_i
=> 8
irb(main):010:0> foo <= 6 ? foo : foo -= 6
=> 2

Hope this helps

Craig

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Deployed but unmanaged file

[Aaron Grewell]

I'd be tempted to write another file as well as part of the initial config
(/var/lib/firebird/configured or something), then check for its
(non)existence before pushing the file out.

On Wed, Jun 29, 2011 at 8:34 AM, Craig White  wrote:

> This seems to work but it does seem perilous and ugly. A meta description
> of what I am trying to do is:
> - install firebird sql server
> - replace the 'security' file with a known file
> - restart the firebird service
>
> I'm not going to include firebird::install class because the part that
> worries me is that I can't work on /var/lib/firebird/2.1/system/security.fdb
> directly because we will want to maintain it locally after installation. I
> only want a single shot deploy. So I am linking to /root/security.fdb and
> then copying it from there to it's home. I suppose there is a much better
> way to do this but I haven't found it.
>
> My worry is that I never actually overwrite
> /var/lib/firebird/2.1/system/security.fdb after the initial
> install/configure phase is completed.
>
> class firebird::configure {
>  file {"/root/security.fdb":
>source => "puppet:///modules/firebird/security.fdb",
>owner=> root,
>group=> root,
>mode => 640,
>replace  => false,
>  }
>  exec { "Copy KNOWN security.fdb into position":
>path=> "/usr/local/bin:/usr/local/sbin:/bin:/usr/bin",
>environment => "HOME=/root",
>command => "/bin/cp /root/security.fdb
> /var/lib/firebird/2.1/system",
>user=> "root",
>group   => "root",
>logoutput   => on_failure,
>require  => Class["firebird::install"],
>  }
> }
>
> Is there a better way?
>
> --
> Craig White ~~  craig.wh...@ttiltd.com
> 1.800.869.6908 ~~~ www.ttiassessments.com
>
> Need help communicating between generations at work to achieve your desired
> success? Let us help!
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Deployed but unmanaged file

[Daniel Piddock]

On 29/06/11 16:34, Craig White wrote:
> This seems to work but it does seem perilous and ugly. A meta description of 
> what I am trying to do is:
> - install firebird sql server
> - replace the 'security' file with a known file
> - restart the firebird service
>
> I'm not going to include firebird::install class because the part that 
> worries me is that I can't work on /var/lib/firebird/2.1/system/security.fdb 
> directly because we will want to maintain it locally after installation. I 
> only want a single shot deploy. So I am linking to /root/security.fdb and 
> then copying it from there to it's home. I suppose there is a much better way 
> to do this but I haven't found it.
>
> My worry is that I never actually overwrite 
> /var/lib/firebird/2.1/system/security.fdb after the initial install/configure 
> phase is completed.
>
> class firebird::configure {
>   file {"/root/security.fdb":
> source => "puppet:///modules/firebird/security.fdb",
> owner=> root,
> group=> root,
> mode => 640,
> replace  => false,
>   }
>   exec { "Copy KNOWN security.fdb into position":
> path=> "/usr/local/bin:/usr/local/sbin:/bin:/usr/bin",
> environment => "HOME=/root",
> command => "/bin/cp /root/security.fdb /var/lib/firebird/2.1/system",
> user=> "root",
> group   => "root",
> logoutput   => on_failure,
> require  => Class["firebird::install"],
>   }
> }
>
> Is there a better way?

Looking at this you'll be overwriting the security file every puppet
run, rather than never at all. The first run *may* fail as the copy has
no dependency on File['/root/security.fdb'].

Maintaining local configs on the servers is fighting the Puppet
mentality. You'd be better off using an array of source files so that
puppet will fall through the list until hitting a positive. Have a read
through the Source part of
http://docs.puppetlabs.com/references/stable/type.html#file

This class doesn't restart the sql server. Is that handled elsewhere?

An example:
class firebird::configure {
file { '/var/lib/firebird/2.1/system/security.fdb':
source => [ "puppet:///modules/firebird/custom/security.$host",
  'puppet:///modules/firebird/security.fdb'],
owner => root,
group => root,
mode => 640,
require => Class['firebird::install'],
# notify => Service['firebird'],
}
}

HTH,
Dan

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] can't deploy custom facts

[brijesh]

Hi

I have been having issue with deploying my custom facts. I have gone
through wiki on puppet labs and few other blogs but has no luck so
far. May be i am not understanding puppet very well. I would really
appreciate if someone helps me with this. I have the following fact i
want to deploy.

Facter.add("curtime") do
  setcode do
%x{ foo=`date +%k` ; if [ "$foo" -ge 00 -o "$foo" -le 06  ] ; then
echo "true"; fi }
  end
end

I have created following directory structure

/etc/puppet/modules/common
/etc/puppet/modules/common/lib/facter/curtime.rb
/etc/puppet/modules/common/files
/etc/puppet/modules/common/manifests/init.pp <- this file is empty

on the puppet server i added the following to the /etc/puppet/
puppet.conf

pluginsync = true
modulepath = /etc/puppet/modules
factpath   = $vardir/facts

on the client i have added
 factsync = true to the puppet.conf

When i run puppetd on client i can't see the new fact curtime also on
the server i should be able to see the curtime fact under /var/lib/
puppet/facts.

I am running puppetmasterd and client - 0.25.4

Any help would be appreciated.

Thank you

Brijesh

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Dashboard & LDAP ENC's

[Craig White]

On Jun 29, 2011, at 8:23 AM, Rob McBroom wrote:

> On Jun 22, 2011, at 2:37 PM, Craig White wrote:
> 
>> I've restarted both puppetmaster and apache (Dashboard is running on 
>> passenger) and still, I don't see the above system in 'Nodes' though I 
>> haven't run or even installed puppet on that system. Shouldn't it show up in 
>> Dashboard as a node that has never reported? 
>> 
>> I'm trying to figure out how to get Dashboard to import the ENC 'nodes' from 
>> LDAP.
> 
> Someone can correct me if I’m wrong, but I believe the Dashboard is just 
> another possible destination for reports. It has no awareness of the 
> Puppetmaster or it’s configuration (like `node_terminus`). The Puppetmaster, 
> on the other hand, does know about the Dashboard (via the `reports` setting) 
> and can send reports there, but not until after there’s something to report 
> (which would be a Puppet run on that node).
> 
> So I think what you’re seeing is expected behavior. The node should show up 
> after its first Puppet run.
> 
> If you want it to be more automatic, you may have to write something that 
> queries LDAP and modifies the MySQL database. If you use Python, I’ve got a 
> library that simplifies getting servers out of LDAP. Let me know if you’re 
> interested.

I am still uncertain whether we will have enough servers to actually bother 
with maintaining hosts in LDAP just for puppet.

I demonstrated OpenLDAP for my boss and we are discussing rfc2307 
implementation at which point I would have to maintain hosts in LDAP and it 
might make sense to tie them all in to puppet. I think you confirmed that I am 
not seeing nodes from LDAP in the Dashboard not because of anything I am doing 
wrong so I'll leave it for now.

Thanks

Craig

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Deployed but unmanaged file

[Craig White]

This seems to work but it does seem perilous and ugly. A meta description of 
what I am trying to do is:
- install firebird sql server
- replace the 'security' file with a known file
- restart the firebird service

I'm not going to include firebird::install class because the part that worries 
me is that I can't work on /var/lib/firebird/2.1/system/security.fdb directly 
because we will want to maintain it locally after installation. I only want a 
single shot deploy. So I am linking to /root/security.fdb and then copying it 
from there to it's home. I suppose there is a much better way to do this but I 
haven't found it.

My worry is that I never actually overwrite 
/var/lib/firebird/2.1/system/security.fdb after the initial install/configure 
phase is completed.

class firebird::configure {
  file {"/root/security.fdb":
source => "puppet:///modules/firebird/security.fdb",
owner=> root,
group=> root,
mode => 640,
replace  => false,
  }
  exec { "Copy KNOWN security.fdb into position":
path=> "/usr/local/bin:/usr/local/sbin:/bin:/usr/bin",
environment => "HOME=/root",
command => "/bin/cp /root/security.fdb /var/lib/firebird/2.1/system",
user=> "root",
group   => "root",
logoutput   => on_failure,
require  => Class["firebird::install"],
  }
}

Is there a better way?

-- 
Craig White ~~  craig.wh...@ttiltd.com
1.800.869.6908 ~~~ www.ttiassessments.com 

Need help communicating between generations at work to achieve your desired 
success? Let us help!

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Dashboard & LDAP ENC's

[Rob McBroom]

On Jun 22, 2011, at 2:37 PM, Craig White wrote:

> I've restarted both puppetmaster and apache (Dashboard is running on 
> passenger) and still, I don't see the above system in 'Nodes' though I 
> haven't run or even installed puppet on that system. Shouldn't it show up in 
> Dashboard as a node that has never reported? 
> 
> I'm trying to figure out how to get Dashboard to import the ENC 'nodes' from 
> LDAP.

Someone can correct me if I’m wrong, but I believe the Dashboard is just 
another possible destination for reports. It has no awareness of the 
Puppetmaster or it’s configuration (like `node_terminus`). The Puppetmaster, on 
the other hand, does know about the Dashboard (via the `reports` setting) and 
can send reports there, but not until after there’s something to report (which 
would be a Puppet run on that node).

So I think what you’re seeing is expected behavior. The node should show up 
after its first Puppet run.

If you want it to be more automatic, you may have to write something that 
queries LDAP and modifies the MySQL database. If you use Python, I’ve got a 
library that simplifies getting servers out of LDAP. Let me know if you’re 
interested.

-- 
Rob McBroom


-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Augeas match & Puppet

[Rob McBroom]

On Jun 6, 2011, at 9:45 PM, Michael Knox wrote:

> The following works ...
> onlyif=> "match FW_CONFIGURATIONS_EXT/value[.='$svc'] size == 0",


Couldn’t you just do this and not have to deal with “onlyif” at all?

set FW_CONFIGURATIONS_EXT/value[.='$svc'] $svc

Read the section of the wiki titled “A Better Way”. I have 26 Augeas resources 
and only one of them has “onlyif”.

-- 
Rob McBroom


-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Eclipse Task Tags

[Henrik Lindberg]

Hi, please file an enhancement request for this (at 
https://github.com/cloudsmith/geppetto/issues) as this is something that 
needs to be added to Geppetto. Comments must be parsed to find the 
"todos" and turn them into Tasks (this is easy). It is a bit more 
involved to keep the tasks in sync as it needs to be done when saving 
the file (too heavy to do per keystroke when editing).


Regards
- henrik

On 6/29/11 4:28 AM, Vlad wrote:

Thank you for pointing me in the right direction. I know about the
Tasks View and I can insert and use tasks, but what I am trying to
achieve is to simply write in my manifest small TODO comments and
those to be scanned and automatically imported into the task list. All
the CSS, PHP or HTML files are parsed for task tags, but not .pp files
(even when adding them to Ruby Source file associations list). But
maybe this is more an Eclipse problem...

Thanks anyway.

On Jun 28, 7:45 pm, Henrik Lindberg
wrote:

On 6/29/11 1:09 AM, Vlad wrote:>  Does anyone know if you can get task tags for 
Gepetto in Eclipse. I

see that it works only for CSS, HTML and a couple more. Can I add this
functionality for puppet projects?


Hint - there is a Geppetto forum at google 
groups:https://groups.google.com:443/forum/?hl=en#!forum/puppet-geppetto

And to answer your question - the "task tags" works in the Geppetto
manifest editor. Not sure what you mean by "if you can get task tags" -
they are there, they can be set and viewed in the "tasks" view. Do ypu
want to "get them" in some special way?

Regards
- henrik





--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Ruby script to download files without 'puppet agent'

[Peter Meier]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> [root@foo me]# ./puppet-wget file_content/sudo/sudoers
> https://foo.bar:8140/file_content/sudo/sudoers
> warning: peer certificate won't be verified in this SSL session
> /usr/lib/ruby/1.8/net/http.rb:2099:in `error!': 403 "Forbidden request:
> foo.bar(10.2.3.4) access to /sudo/sudoers [find] authenticated  at line 93
> " (Net::HTTPServerException)
> from ./puppet-wget:56
> from ./puppet-wget:43:in `each'
> from ./puppet-wget:43

Using your script works to get a file from a module files, like:

./puppet_wget
/development/file_content/modules/site-bind/etc/rz.foo.ch/named.conf

However your error looks like the client is not authorized to find that
content. Maybe some tweaks in the auth.conf are missing to fetch files
from the fileserver instead from modules?

~pete
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk4LCqYACgkQbwltcAfKi38O9wCgnUKnyugLiukznBcjjLQ2wXbd
sK0AnA8UAYkrIiFPAkIbCELvFLu7F6q3
=iiOQ
-END PGP SIGNATURE-

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Ruby script to download files without 'puppet agent'

[Andreas Zuber]

> >  # make ssl request
> >  connection = Net::HTTP.new(url.host, url.port)
> >  connection.use_ssl = true
> >  connection.cert = OpenSSL::X509::Certificate.new(File.read(certpath))
> >  connection.key = OpenSSL::PKey::RSA.new(File.read(pkey_path))
> 
> you are missing the CA file... something like
> connection.ca_file = Puppet[:localcacert]

Tested that, but it seams to make no difference. From what i unerstand the ca 
is not really needed for this on the client.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Setting up puppetmaster-passenger on Debian

[Stefan Midjich]

I am at the end of my rope here so I pray to the gods that
puppet-users can help.

Using Debian apt-get install puppetmaster-passenger you get a fairly
complete puppetmaster setup. I have the Pro Puppet book next to me and
following Chapter 4 on setting up Puppet with Passenger I can see that
apt has already done most of the ground work.

For example the config.ru script is owned by puppet, passenger module
in apache is activated. One thing is that puppetmaster is never run
and when dpkg tries to start apache it fails because there are no
certificates.

So at this point I did puppetca --generate node00.swehack.localdomain.

Now passenger starts and listens on port 8140 through apache.

My site.pp is for simplicity and debugging only import "nodes/*.pp"
and in /etc/puppet/manifests/nodes I have just one file called
node00.swehack.localdomain.pp and in there the following block.

node 'node00' {
}

In /etc/hosts I have setup long and short forms of the domain to the
local ip. And I've also added swehack.localdomain as search domain in
/etc/resolv.conf.

I try running puppet agent --server node00.swehack.localdomain -otDdv
from the same machine as the master and this is what I get.

root@node00:/home/nocturnal# puppet agent --server
node00.swehack.localdomain -otvDd
debug: Puppet::Type::User::ProviderPw: file pw does not exist
debug: Puppet::Type::User::ProviderDirectoryservice: file
/usr/bin/dscl does not exist
debug: Puppet::Type::User::ProviderUser_role_add: file rolemod does not exist
debug: Puppet::Type::User::ProviderLdap: true value when expecting false
debug: Failed to load library 'selinux' for feature 'selinux'
debug: Puppet::Type::File::ProviderMicrosoft_windows: feature
microsoft_windows is missing
debug: /File[/etc/puppet/puppet.conf]: Autorequiring File[/etc/puppet]
debug: /File[/var/lib/puppet/ssl/public_keys]: Autorequiring
File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/ssl]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/clientbucket]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/ssl/public_keys/node00.swehack.localdomain.pem]:
Autorequiring File[/var/lib/puppet/ssl/public_keys]
debug: /File[/var/lib/puppet/state/graphs]: Autorequiring
File[/var/lib/puppet/state]
debug: /File[/var/lib/puppet/ssl/certs/node00.swehack.localdomain.pem]:
Autorequiring File[/var/lib/puppet/ssl/certs]
debug: /File[/var/lib/puppet/ssl/certs]: Autorequiring File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/client_data]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/state/last_run_summary.yaml]:
Autorequiring File[/var/lib/puppet/state]
debug: /File[/var/lib/puppet/ssl/private]: Autorequiring
File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/state/state.yaml]: Autorequiring
File[/var/lib/puppet/state]
debug: /File[/var/lib/puppet/ssl/private_keys/node00.swehack.localdomain.pem]:
Autorequiring File[/var/lib/puppet/ssl/private_keys]
debug: /File[/var/lib/puppet/ssl/certificate_requests]: Autorequiring
File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/ssl/private_keys]: Autorequiring
File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/client_yaml]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/ssl/certs/ca.pem]: Autorequiring
File[/var/lib/puppet/ssl/certs]
debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/puppet]
debug: Finishing transaction 70218012435120
debug: /File[/var/lib/puppet/ssl/public_keys]: Autorequiring
File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/ssl/certs/ca.pem]: Autorequiring
File[/var/lib/puppet/ssl/certs]
debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/ssl/certs]: Autorequiring File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/ssl/public_keys/node00.swehack.localdomain.pem]:
Autorequiring File[/var/lib/puppet/ssl/public_keys]
debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/ssl/certificate_requests]: Autorequiring
File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/ssl/certs/node00.swehack.localdomain.pem]:
Autorequiring File[/var/lib/puppet/ssl/certs]
debug: /File[/var/lib/puppet/ssl/private_keys]: Autorequiring
File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/ssl]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/ssl/private]: Autorequiring
File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/ssl/private_keys/node00.swehack.localdomain.pem]:
Autorequiring File[/var/lib/puppet/ssl/private_keys]
debug: Finishing transaction 70218014163440
debug: Using cached certificate for ca
debug: Using cached certificate for node00.swehack.localdomain
debug: Finishing transaction 70218012999760
debug: Loaded state in 0.00 seconds
debug: Using