[Puppet Users] help with user type
Could really use some help with this. I have a simple class that contains only this: user { myuser: ensure = present, home = /home/myuser, shell= /bin/bash, uid = 1001, gid = 1001, comment = My user, } It fails with the following message: Could not set comment on user[myuser]: Execution of '/usr/sbin/usermod -c My user' returned 6: usermod: myuser not found in /etc/passwd Running the client in debug, I don't see anything to suggest that there's an attempt to add the user. That part isn't failing, it simply isn't happening. What could I be doing wrong? Any help is appreciated. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] help with user type
On Sat, Jul 9, 2011 at 5:04 AM, maillis...@gmail.com wrote: Could really use some help with this. I have a simple class that contains only this: user { myuser: ensure = present, home = /home/myuser, shell= /bin/bash, uid = 1001, gid = 1001, comment = My user, } It fails with the following message: Could not set comment on user[myuser]: Execution of '/usr/sbin/usermod -c My user' returned 6: usermod: myuser not found in /etc/passwd Running the client in debug, I don't see anything to suggest that there's an attempt to add the user. That part isn't failing, it simply isn't happening. What could I be doing wrong? Any help is appreciated. What OS and version? What Puppet version? -- Nigel Kersten Product Manager, Puppet Labs Twitter: @nigelkersten *Join us for **PuppetConf *http://www.bit.ly/puppetconfsig September 22nd and 23rd in Portland, Oregon, USA. * * -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Explanation of the metric section of a report
On Fri, Jul 8, 2011 at 3:00 PM, Haitao Jiang jianghai...@gmail.com wrote: I just wondering if anyone can point me to the documentation on the metric section of a report. I have a slow agent run which has following numbers: Config Retrieval10.43 seconds Exec0.00 seconds File157.11 seconds Filebucket 0.00 seconds Package 0.07 seconds Schedule0.00 seconds Total 167.62 seconds I would like to know meaning of above in order to find out the reasons of slowness. My guess is it was due to the network latency, but just want to make sure. It's telling you that it only took 10 seconds to talk to the server and retrieve the catalog, and almost all your time was spent in File resources. File resources impose a different kind of load upon the server, as when they have a remote source the client needs to request file metadata in order to compare locally and determine whether or not the file contents need to be retrieved from the server. If you have lots of File resources, multiple concurrent clients, and are still running with the webrick Puppet master, you'll see performance degradation like this. If you have deep recursive directories in a File resource, you'll run into similar issues. If you have very large files, the default checksumming will take a while. There are a few parameters that are designed to help with these cases. http://docs.puppetlabs.com/references/stable/type.html#file Have a look at recurse and checksum. -- Nigel Kersten Product Manager, Puppet Labs Twitter: @nigelkersten *Join us for **PuppetConf *http://www.bit.ly/puppetconfsig September 22nd and 23rd in Portland, Oregon, USA. * * -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: What is the best practice to clean up installed components on a node?
Create a class called sg_node::disabled that inherits sg_node and overrides all of it's resources to undo them. This usually means setting 'ensure =absent' (or 'undef' if applicable) for most resources. For execs, I usually set 'unless = true.' Be sure to include the class on the nodes you want to clean up (e.g. vm1). On Jul 7, 3:13 pm, Haitao Jiang jianghai...@gmail.com wrote: I am new to Puppet, here is a question that I hope to get some help from the group: - assume I have 2 nodes, vm1 and vm2; - assume that I defined a class of node say, sg_node, that includes components such as Apache and Postgres DB etc. - in the nodes.pp file, we have node vm1 { include sg_node } Now, I want to let vm2 to be the sg_node, which is easy. But how to clean up vm1 so that it doesn't have the components that sg_node installed? Thanks a lot! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Downgrading RubyGems using Package provider = gem
On Fri, Jul 8, 2011 at 8:47 AM, Martin Willemsma mwillem...@gmail.comwrote: Hi Ryan, I experience the same. I'm using gem provider to manage puppet and facter installed versions. When I recently upgraded a selection of nodes to 2.7.1 I saw other not being removed like the way apt is doing. I would like to see what you purpose. Ensure = 2.7.1 also removes 2.6.8, 2.6.4 This is how gems work though. When you install a new version, it doesn't automatically remove the old one like apt does. I'd set up a 'gem cleanup' exec if you want to get rid of them. http://docs.rubygems.org/read/chapter/10 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Issue with puppet file serving api not parsing yaml content correctly
On Wed, Jul 6, 2011 at 1:33 PM, Derek dtam...@gmail.com wrote: I am working on building a facter tag based node classifier similar to https://github.com/jordansissel/puppet-examples/tree/master/nodeless-puppet/ . However, I have run into an issue where I cannot use puppet's require file ability to push the yaml file containing the facts file to the client because it would require two runs of puppet to pickup changes. Consequently, I have written into the facter ruby script the ability to connect to puppet's restful api and get the yaml file from the private store. This works fine in irb, ruby, and facter if called directly. However, when run inside of a puppet run it seems to fail on parsing the http response correctly into yaml. As a result, it does not get saved to disk and loaded as a fact for the puppet run. There is probably a simpler way to do this. Essentially we want to have tags on a server and use that to selectively include or remove modules from a server by facter tags rather than by a server's name. Some Version Information: - os = CentOS release 5.2 (Final) - ruby = ruby 1.8.6 (2008-08-11 patchlevel 287) [x86_64-linux] - facter = 1.6.0 (updated because my script loads multiple facts and the older version we were running requires the filename to match the fact name. This was not working because I did not want to split my ruby load script into multiple files to match each of the fact names.) - puppet = 0.25.4 Yaml file it is trying to grab from a private store: --- role: - base - db env: - dev The yaml file downloads correctly via a puppet run without my script. I can also wget the file and use net/https via ruby to get the file. All methods return the correct file with matching md5sums. Under my module called truth I have the following: - files - private - domain.inter - hostname - truth_tags.yml ex: --- role: - base env: - dev - lib - facter - load_truth_tags.rb problem area: def apitruthtag(calltype) # set some client side variables to build on later sslbasedir = '/etc/puppet/ssl' sslprivdir = sslbasedir + '/private_keys' sslpubdir = sslbasedir + '/certs' sslcafile = sslpubdir + '/ca.pem' # this sets if we want metadata or content from puppet datatype = calltype # We want yaml back from puppet header = {'Accept' = 'yaml'} # Setup some connection variables to our puppet server and what we want from it proto = 'https' server = 'puppet.domain.inter' port = '8140' path = '/production/file_' + datatype + '/truth_private/ truth_tags.yml' # Build the full uri to request from our puppet server. Then parse it for port and things uri = URI.parse(proto + '://' + server + ':' + port + path) # Setup the http module and set it for getting data http = Net::HTTP.new(uri.host, uri.port) request = Net::HTTP::Get.new(uri.request_uri, header) http.use_ssl = true if uri.scheme == 'https' # Enable ssl verification to ensure we are talking to the correct people http.verify_mode = OpenSSL::SSL::VERIFY_PEER # Cert Auth: # Set certificate paths # puppet certificate authority file if File.readable?(sslcafile) then # Puppet ca file http.ca_file = sslcafile puts readable? + sslprivdir + '/' + hostname + '.pem' if $debug if File.readable?(sslprivdir + '/' + hostname + '.pem') then # client private key http.key = OpenSSL::PKey::RSA.new(File.read(sslprivdir + '/' + hostname + '.pem')) puts readable? + sslpubdir + '/' + hostname + '.pem' if $debug if File.readable?(sslpubdir + '/' + hostname + '.pem') then # client public key http.cert = OpenSSL::X509::Certificate.new(File.read(sslpubdir + '/' + hostname + '.pem')) # Make the request response = http.request(request) else raise No readable client pubic key in #{sslpubdir}/ #{hostname}.pem end # End public key check else raise No readable client private key in #{sslprivdir}/ #{hostname}.pem end # End private key check else raise No readable ca cert in #{sslcafile} end # End ca file check # Check to make sure we got some data back if response != nil # Check to see if we have a good server response before saving the variable puts check code + response.code if $debug if ((response.code 300) and (response.code = 200)) return response.body else raise server did not return an acceptable reponse code end # end server response code check else raise No response from #{server} end # end nil response check end # end apitruthtag servermd5 = YAML.load(apitruthtag(metadata)).ivars[checksum] # When executed from a puppet run I tells me that ivars is undefined. - lib - puppet - parser - functions - truth_tags.rb - manifests - init.pp ex: class truth inherits truth::init_bootstrap { if truth_tag('role', 'base') and !truth_tag('role', 'nobase') { notice(${::hostname}:
Re: [Puppet Users] Issue with puppet file serving api not parsing yaml content correctly
So ... servermd5 = YAML.load(apitruthtag(metadata)).ivars[checksum] # When executed from a puppet run I tells me that ivars is undefined. What does the output of apitruthtag(metadata) show you between each run in facter, irb and puppet? Can you output each to a file and analyze the difference? irb, ruby, or facter: yaml parsed http response = #YAML::Object:0x2ada01f7cf00 puppet run: yaml parsed http response = #Puppet::FileServing::Metadata: 0x2ac7987b9c08 with error: undefined method `ivars' for #Puppet::FileServing::Metadata: 0x2ac7987152c0 #NoMethodError: undefined method `ivars' for #Puppet::FileServing::Metadata:0x2ac7987152c0 So when you run it with all the Puppet libraries the YAML object is being serialized back into a Ruby object Puppet::FileServing::Metadata ... I'm really curious what the raw YAML output looks like. This should only happen I think if the YAML output has meta information that matches that class type for example: --- !ruby/object:Puppet::FileServing::Metadata {} I get the feeling the YAML you are getting back isn't what you were expecting and looking at the contents of the raw output might give a better clue as to why. ken. -- Join us for PuppetConf, September 22nd and 23rd in Portland, OR: http://bit.ly/puppetconfsig; -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Bizarre errors from puppetmaster 2.7.1
Periodically after restarting the master (which uses puppet-dashboard as a reporting server and ENC), when an agent tries to run, the agent isn't given any classes, and exits without error, then the master spews out this message: Jul 10 01:32:12 localhost puppet-master[15757]: Compiled catalog for ip-10-36-34-207.ec2.internal in environment --- --- \--- \\\--- \\\--- \\\--- \\\--- \\\--- \\\--- \\\--- \\\--- \\ Any ideas? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] use puppet to manage user accounts on mysql
Hi guys I have 2 types of clients(developers, users) connecting to my puppet server, puppet installs mysql on both the machines but I want that when its user machine connecting to server the mysql root user is disabled and a user account should be made with a custom password and for developers machine puppet makes a root user with an option to select a password(right now puppet just installs mysql with root user and without asking for any root password), developers should also be able to make a non root account through puppet on mysql. Is this possible with puppet, please help. Thanks -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] use puppet to manage user accounts on mysql
On 11-07-10 12:48 AM, newguy wrote: I have 2 types of clients(developers, users) connecting to my puppet server, puppet installs mysql on both the machines but I want that when its user machine connecting to server the mysql root user is disabled and a user account should be made with a custom password and for developers machine puppet makes a root user with an option to select a password(right now puppet just installs mysql with root user and without asking for any root password), developers should also be able to make a non root account through puppet on mysql. Is this possible with puppet, please help. I'm not entirely sure what the long sentence is asking about, but yes I guess it should be possible. the following module includes custom resource types that could help you out (Mysql_database, Mysql_user, Mysql_grant): https://labs.riseup.net/code/projects/shared-mysql check out 'lib/puppet/type' -- Gabriel Filion -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.