[Puppet Users] help with user type
Could really use some help with this. I have a simple class that
contains only this:
user { myuser:
ensure = present,
home = /home/myuser,
shell= /bin/bash,
uid = 1001,
gid = 1001,
comment = My user,
}
It fails with the following message:
Could not set comment on user[myuser]: Execution of '/usr/sbin/usermod
-c My user' returned 6: usermod: myuser not found in /etc/passwd
Running the client in debug, I don't see anything to suggest that
there's an attempt to add the user. That part isn't failing, it
simply isn't happening. What could I be doing wrong? Any help is
appreciated.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] help with user type
On Sat, Jul 9, 2011 at 5:04 AM, maillis...@gmail.com wrote:
Could really use some help with this. I have a simple class that
contains only this:
user { myuser:
ensure = present,
home = /home/myuser,
shell= /bin/bash,
uid = 1001,
gid = 1001,
comment = My user,
}
It fails with the following message:
Could not set comment on user[myuser]: Execution of '/usr/sbin/usermod
-c My user' returned 6: usermod: myuser not found in /etc/passwd
Running the client in debug, I don't see anything to suggest that
there's an attempt to add the user. That part isn't failing, it
simply isn't happening. What could I be doing wrong? Any help is
appreciated.
What OS and version?
What Puppet version?
--
Nigel Kersten
Product Manager, Puppet Labs
Twitter: @nigelkersten
*Join us for **PuppetConf *http://www.bit.ly/puppetconfsig
September 22nd and 23rd in Portland, Oregon, USA.
*
*
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Explanation of the metric section of a report
On Fri, Jul 8, 2011 at 3:00 PM, Haitao Jiang jianghai...@gmail.com wrote: I just wondering if anyone can point me to the documentation on the metric section of a report. I have a slow agent run which has following numbers: Config Retrieval10.43 seconds Exec0.00 seconds File157.11 seconds Filebucket 0.00 seconds Package 0.07 seconds Schedule0.00 seconds Total 167.62 seconds I would like to know meaning of above in order to find out the reasons of slowness. My guess is it was due to the network latency, but just want to make sure. It's telling you that it only took 10 seconds to talk to the server and retrieve the catalog, and almost all your time was spent in File resources. File resources impose a different kind of load upon the server, as when they have a remote source the client needs to request file metadata in order to compare locally and determine whether or not the file contents need to be retrieved from the server. If you have lots of File resources, multiple concurrent clients, and are still running with the webrick Puppet master, you'll see performance degradation like this. If you have deep recursive directories in a File resource, you'll run into similar issues. If you have very large files, the default checksumming will take a while. There are a few parameters that are designed to help with these cases. http://docs.puppetlabs.com/references/stable/type.html#file Have a look at recurse and checksum. -- Nigel Kersten Product Manager, Puppet Labs Twitter: @nigelkersten *Join us for **PuppetConf *http://www.bit.ly/puppetconfsig September 22nd and 23rd in Portland, Oregon, USA. * * -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: What is the best practice to clean up installed components on a node?
Create a class called sg_node::disabled that inherits sg_node and
overrides all of it's resources to undo them. This usually means
setting 'ensure =absent' (or 'undef' if applicable) for most
resources. For execs, I usually set 'unless = true.'
Be sure to include the class on the nodes you want to clean up (e.g.
vm1).
On Jul 7, 3:13 pm, Haitao Jiang jianghai...@gmail.com wrote:
I am new to Puppet, here is a question that I hope to get some help
from the group:
- assume I have 2 nodes, vm1 and vm2;
- assume that I defined a class of node say, sg_node, that includes
components such as Apache and Postgres DB etc.
- in the nodes.pp file, we have
node vm1 {
include sg_node
}
Now, I want to let vm2 to be the sg_node, which is easy. But how to
clean up vm1 so that it doesn't have the components that sg_node
installed?
Thanks a lot!
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Downgrading RubyGems using Package provider = gem
On Fri, Jul 8, 2011 at 8:47 AM, Martin Willemsma mwillem...@gmail.comwrote: Hi Ryan, I experience the same. I'm using gem provider to manage puppet and facter installed versions. When I recently upgraded a selection of nodes to 2.7.1 I saw other not being removed like the way apt is doing. I would like to see what you purpose. Ensure = 2.7.1 also removes 2.6.8, 2.6.4 This is how gems work though. When you install a new version, it doesn't automatically remove the old one like apt does. I'd set up a 'gem cleanup' exec if you want to get rid of them. http://docs.rubygems.org/read/chapter/10 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Issue with puppet file serving api not parsing yaml content correctly
On Wed, Jul 6, 2011 at 1:33 PM, Derek dtam...@gmail.com wrote:
I am working on building a facter tag based node classifier similar to
https://github.com/jordansissel/puppet-examples/tree/master/nodeless-puppet/
.
However, I have run into an issue where I cannot use puppet's require
file ability to push the yaml file containing the facts file to the
client because it would require two runs of puppet to pickup changes.
Consequently, I have written into the facter ruby script the ability
to connect to puppet's restful api and get the yaml file from the
private store. This works fine in irb, ruby, and facter if called
directly. However, when run inside of a puppet run it seems to fail on
parsing the http response correctly into yaml. As a result, it does
not get saved to disk and loaded as a fact for the puppet run.
There is probably a simpler way to do this. Essentially we want to
have tags on a server and use that to selectively include or remove
modules from a server by facter tags rather than by a server's name.
Some Version Information:
- os = CentOS release 5.2 (Final)
- ruby = ruby 1.8.6 (2008-08-11 patchlevel 287) [x86_64-linux]
- facter = 1.6.0 (updated because my script loads multiple facts and
the older version we were running requires the filename to match the
fact name. This was not working because I did not want to split my
ruby load script into multiple files to match each of the fact names.)
- puppet = 0.25.4
Yaml file it is trying to grab from a private store:
---
role:
- base
- db
env:
- dev
The yaml file downloads correctly via a puppet run without my script.
I can also wget the file and use net/https via ruby to get the file.
All methods return the correct file with matching md5sums.
Under my module called truth I have the following:
- files - private - domain.inter - hostname - truth_tags.yml
ex:
---
role:
- base
env:
- dev
- lib - facter - load_truth_tags.rb
problem area:
def apitruthtag(calltype)
# set some client side variables to build on later
sslbasedir = '/etc/puppet/ssl'
sslprivdir = sslbasedir + '/private_keys'
sslpubdir = sslbasedir + '/certs'
sslcafile = sslpubdir + '/ca.pem'
# this sets if we want metadata or content from puppet
datatype = calltype
# We want yaml back from puppet
header = {'Accept' = 'yaml'}
# Setup some connection variables to our puppet server and what we
want from it
proto = 'https'
server = 'puppet.domain.inter'
port = '8140'
path = '/production/file_' + datatype + '/truth_private/
truth_tags.yml'
# Build the full uri to request from our puppet server. Then parse
it for port and things
uri = URI.parse(proto + '://' + server + ':' + port + path)
# Setup the http module and set it for getting data
http = Net::HTTP.new(uri.host, uri.port)
request = Net::HTTP::Get.new(uri.request_uri, header)
http.use_ssl = true if uri.scheme == 'https'
# Enable ssl verification to ensure we are talking to the correct
people
http.verify_mode = OpenSSL::SSL::VERIFY_PEER
# Cert Auth:
# Set certificate paths
# puppet certificate authority file
if File.readable?(sslcafile) then
# Puppet ca file
http.ca_file = sslcafile
puts readable? + sslprivdir + '/' + hostname + '.pem' if $debug
if File.readable?(sslprivdir + '/' + hostname + '.pem') then
# client private key
http.key = OpenSSL::PKey::RSA.new(File.read(sslprivdir + '/' +
hostname + '.pem'))
puts readable? + sslpubdir + '/' + hostname + '.pem' if
$debug
if File.readable?(sslpubdir + '/' + hostname + '.pem') then
# client public key
http.cert = OpenSSL::X509::Certificate.new(File.read(sslpubdir
+ '/' + hostname + '.pem'))
# Make the request
response = http.request(request)
else
raise No readable client pubic key in #{sslpubdir}/
#{hostname}.pem
end # End public key check
else
raise No readable client private key in #{sslprivdir}/
#{hostname}.pem
end # End private key check
else
raise No readable ca cert in #{sslcafile}
end # End ca file check
# Check to make sure we got some data back
if response != nil
# Check to see if we have a good server response before saving the
variable
puts check code + response.code if $debug
if ((response.code 300) and (response.code = 200))
return response.body
else
raise server did not return an acceptable reponse code
end # end server response code check
else
raise No response from #{server}
end # end nil response check
end # end apitruthtag
servermd5 = YAML.load(apitruthtag(metadata)).ivars[checksum] #
When executed from a puppet run I tells me that ivars is undefined.
- lib - puppet - parser - functions - truth_tags.rb
- manifests - init.pp
ex:
class truth inherits truth::init_bootstrap {
if truth_tag('role', 'base') and !truth_tag('role', 'nobase') {
notice(${::hostname}:
Re: [Puppet Users] Issue with puppet file serving api not parsing yaml content correctly
So ...
servermd5 = YAML.load(apitruthtag(metadata)).ivars[checksum] #
When executed from a puppet run I tells me that ivars is undefined.
What does the output of apitruthtag(metadata) show you between each
run in facter, irb and puppet? Can you output each to a file and
analyze the difference?
irb, ruby, or facter:
yaml parsed http response = #YAML::Object:0x2ada01f7cf00
puppet run:
yaml parsed http response = #Puppet::FileServing::Metadata:
0x2ac7987b9c08
with error:
undefined method `ivars' for #Puppet::FileServing::Metadata:
0x2ac7987152c0
#NoMethodError: undefined method `ivars' for
#Puppet::FileServing::Metadata:0x2ac7987152c0
So when you run it with all the Puppet libraries the YAML object is
being serialized back into a Ruby object Puppet::FileServing::Metadata
... I'm really curious what the raw YAML output looks like. This
should only happen I think if the YAML output has meta information
that matches that class type for example:
---
!ruby/object:Puppet::FileServing::Metadata {}
I get the feeling the YAML you are getting back isn't what you were
expecting and looking at the contents of the raw output might give a
better clue as to why.
ken.
--
Join us for PuppetConf, September 22nd and 23rd in Portland, OR:
http://bit.ly/puppetconfsig;
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Bizarre errors from puppetmaster 2.7.1
Periodically after restarting the master (which uses puppet-dashboard as a reporting server and ENC), when an agent tries to run, the agent isn't given any classes, and exits without error, then the master spews out this message: Jul 10 01:32:12 localhost puppet-master[15757]: Compiled catalog for ip-10-36-34-207.ec2.internal in environment --- --- \--- \\\--- \\\--- \\\--- \\\--- \\\--- \\\--- \\\--- \\\--- \\ Any ideas? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] use puppet to manage user accounts on mysql
Hi guys I have 2 types of clients(developers, users) connecting to my puppet server, puppet installs mysql on both the machines but I want that when its user machine connecting to server the mysql root user is disabled and a user account should be made with a custom password and for developers machine puppet makes a root user with an option to select a password(right now puppet just installs mysql with root user and without asking for any root password), developers should also be able to make a non root account through puppet on mysql. Is this possible with puppet, please help. Thanks -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] use puppet to manage user accounts on mysql
On 11-07-10 12:48 AM, newguy wrote: I have 2 types of clients(developers, users) connecting to my puppet server, puppet installs mysql on both the machines but I want that when its user machine connecting to server the mysql root user is disabled and a user account should be made with a custom password and for developers machine puppet makes a root user with an option to select a password(right now puppet just installs mysql with root user and without asking for any root password), developers should also be able to make a non root account through puppet on mysql. Is this possible with puppet, please help. I'm not entirely sure what the long sentence is asking about, but yes I guess it should be possible. the following module includes custom resource types that could help you out (Mysql_database, Mysql_user, Mysql_grant): https://labs.riseup.net/code/projects/shared-mysql check out 'lib/puppet/type' -- Gabriel Filion -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
