Re: [Puppet Users] Dashboard not retrieving inventory
On Fri, Jul 22, 2011 at 10:27 PM, Khoury Brazil wrote: > Hi All, > > Puppet-dashboard appears to be having some trouble. Under inventory, it says: > "Could not retrieve facts from inventory service: Permission denied - > certs/dashboard.private_key.pem" > > When I run: > curl -k -H "Accept: yaml" https://puppet:8140/production/facts/host.domain > I get the expected dump of facts. > > Versions: > puppet-dashboard is 1.1.0 (using passenger) > puppet-master is 2.7.1 > > Went with an extremely loose config on test: > Puppet Master: > auth.conf: > path /facts > method find, search > auth any > allow * > > puppet.conf: > # Reporting > reporturl = http://puppetdashboard.domain/reports/upload > # Testing, to be changed to DB for prod > facts_terminus = yaml > > > Puppet Dashboard: > settings.yml: > # The "inventory service" allows you to connect to a puppet master to > retrieve and node facts > enable_inventory_service: true > # Hostname of the inventory server. > inventory_server: 'puppet' > # Port for the inventory server. > inventory_port: 8140 > > Any ideas? I'm stumped at this point. It almost seems like the > dashboard isn't asking for inventory at all. I've restarted all > services with no change, on both the master and dashboard hosts. > >From the "Permission denied - certs/dashboard.private_key.pem" message, it looks like the user as which Dashboard is running is unable to read its certs directory. Did you maybe run the cert-related rake tasks as root, when Dashboard runs as another user? Make sure that directory is readable by the appropriate user. > Thanks, > Khoury > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Dashboard not retrieving inventory
Hi All, Puppet-dashboard appears to be having some trouble. Under inventory, it says: "Could not retrieve facts from inventory service: Permission denied - certs/dashboard.private_key.pem" When I run: curl -k -H "Accept: yaml" https://puppet:8140/production/facts/host.domain I get the expected dump of facts. Versions: puppet-dashboard is 1.1.0 (using passenger) puppet-master is 2.7.1 Went with an extremely loose config on test: Puppet Master: auth.conf: path /facts method find, search auth any allow * puppet.conf: # Reporting reporturl = http://puppetdashboard.domain/reports/upload # Testing, to be changed to DB for prod facts_terminus = yaml Puppet Dashboard: settings.yml: # The "inventory service" allows you to connect to a puppet master to retrieve and node facts enable_inventory_service: true # Hostname of the inventory server. inventory_server: 'puppet' # Port for the inventory server. inventory_port: 8140 Any ideas? I'm stumped at this point. It almost seems like the dashboard isn't asking for inventory at all. I've restarted all services with no change, on both the master and dashboard hosts. Thanks, Khoury -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: puppetmaster on EC2 certificate issues
Got it working. Run puppetd through sudo and it would work :P On Jul 22, 6:31 pm, newguy wrote: > Yes I checked they are in the same group with port 8140 open,so I > think this is all what is required for machines in the same group to > talk. > Thanks > > On Jul 22, 6:14 pm, newguy wrote: > > > > > > > > > Well as am new to EC2 I will check this but what I know is that these > > instances are in the same security group and port 8140 is open, does > > that answer you question.?? > > > Thanks > > > On Jul 22, 5:42 pm, Mark Stanislav wrote: > > > > Does your EC2 security group allow connectivity to the Puppet master > > > inbound? Seems like it can't connect. > > > > -Mark > > > > On Jul 22, 2011, at 7:20 PM, newguy wrote: > > > > > Hi guys > > > > I recently started playing with EC2 and tried installing puppet. > > > > I ran in to this problem that puppetmaster doesnt get any certificate > > > > request. > > > > > This is my /etc/hosts file on the client: > > > > > 127.0.0.1 ip-10-243-34-4.ec2.internal localhost > > > > 10.220.198.146 domU-12-31-39-09-C1-64.compute-1.internal puppetmaster > > > > puppet > > > > 10.243.34.4 ip-10-243-34-4.ec2.internal client > > > > > Client hostname : ip-10-243-34-4.ec2.internal > > > > > Puppetmaster: /etc/hosts: > > > > 127.0.0.1 domU-12-31-39-09-C1-64.compute-1.internal localhost puppet > > > > > Both are Ubuntu 10.04 > > > > > When I do a puppetd --test --waitforcert 10 on client, it shows the > > > > following: > > > > info: Creating a new SSL key for ip-10-243-34-4.ec2.internal > > > > err: Could not request certificate: Connection timed out - connect(2) > > > > > Puppetmaster shows nothing when I do puppetca --list and there are no > > > > requests in the certificate requests folder too. > > > > > Please help guys am new to EC2. > > > > > Thanks > > > > > -- > > > > You received this message because you are subscribed to the Google > > > > Groups "Puppet Users" group. > > > > To post to this group, send email to puppet-users@googlegroups.com. > > > > To unsubscribe from this group, send email to > > > > puppet-users+unsubscr...@googlegroups.com. > > > > For more options, visit this group > > > > athttp://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Puppet/facter and update reporting
Hi All, Does anyone have any experience with debian/ubuntu and or OS X with regard to reporting on updates? I'm interested in getting update (specifically security) states for compliance (SOX, PCI, etc) purposes. I know there's spacewalk for things like this, but I'm kind of hoping to avoid going the centos/redhat route for my servers. I'm thinking of using unattended-upgrade --debug --dry-run on Debian/ Ubuntu and maybe softwareupdate on OS X to build custom facts. Thanks in advance. Best, Khoury -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: puppetmaster on EC2 certificate issues
Yes I checked they are in the same group with port 8140 open,so I think this is all what is required for machines in the same group to talk. Thanks On Jul 22, 6:14 pm, newguy wrote: > Well as am new to EC2 I will check this but what I know is that these > instances are in the same security group and port 8140 is open, does > that answer you question.?? > > Thanks > > On Jul 22, 5:42 pm, Mark Stanislav wrote: > > > > > > > > > Does your EC2 security group allow connectivity to the Puppet master > > inbound? Seems like it can't connect. > > > -Mark > > > On Jul 22, 2011, at 7:20 PM, newguy wrote: > > > > Hi guys > > > I recently started playing with EC2 and tried installing puppet. > > > I ran in to this problem that puppetmaster doesnt get any certificate > > > request. > > > > This is my /etc/hosts file on the client: > > > > 127.0.0.1 ip-10-243-34-4.ec2.internal localhost > > > 10.220.198.146 domU-12-31-39-09-C1-64.compute-1.internal puppetmaster > > > puppet > > > 10.243.34.4 ip-10-243-34-4.ec2.internal client > > > > Client hostname : ip-10-243-34-4.ec2.internal > > > > Puppetmaster: /etc/hosts: > > > 127.0.0.1 domU-12-31-39-09-C1-64.compute-1.internal localhost puppet > > > > Both are Ubuntu 10.04 > > > > When I do a puppetd --test --waitforcert 10 on client, it shows the > > > following: > > > info: Creating a new SSL key for ip-10-243-34-4.ec2.internal > > > err: Could not request certificate: Connection timed out - connect(2) > > > > Puppetmaster shows nothing when I do puppetca --list and there are no > > > requests in the certificate requests folder too. > > > > Please help guys am new to EC2. > > > > Thanks > > > > -- > > > You received this message because you are subscribed to the Google Groups > > > "Puppet Users" group. > > > To post to this group, send email to puppet-users@googlegroups.com. > > > To unsubscribe from this group, send email to > > > puppet-users+unsubscr...@googlegroups.com. > > > For more options, visit this group > > > athttp://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: puppetmaster on EC2 certificate issues
Well as am new to EC2 I will check this but what I know is that these instances are in the same security group and port 8140 is open, does that answer you question.?? Thanks On Jul 22, 5:42 pm, Mark Stanislav wrote: > Does your EC2 security group allow connectivity to the Puppet master inbound? > Seems like it can't connect. > > -Mark > > On Jul 22, 2011, at 7:20 PM, newguy wrote: > > > > > > > > > Hi guys > > I recently started playing with EC2 and tried installing puppet. > > I ran in to this problem that puppetmaster doesnt get any certificate > > request. > > > This is my /etc/hosts file on the client: > > > 127.0.0.1 ip-10-243-34-4.ec2.internal localhost > > 10.220.198.146 domU-12-31-39-09-C1-64.compute-1.internal puppetmaster > > puppet > > 10.243.34.4 ip-10-243-34-4.ec2.internal client > > > Client hostname : ip-10-243-34-4.ec2.internal > > > Puppetmaster: /etc/hosts: > > 127.0.0.1 domU-12-31-39-09-C1-64.compute-1.internal localhost puppet > > > Both are Ubuntu 10.04 > > > When I do a puppetd --test --waitforcert 10 on client, it shows the > > following: > > info: Creating a new SSL key for ip-10-243-34-4.ec2.internal > > err: Could not request certificate: Connection timed out - connect(2) > > > Puppetmaster shows nothing when I do puppetca --list and there are no > > requests in the certificate requests folder too. > > > Please help guys am new to EC2. > > > Thanks > > > -- > > You received this message because you are subscribed to the Google Groups > > "Puppet Users" group. > > To post to this group, send email to puppet-users@googlegroups.com. > > To unsubscribe from this group, send email to > > puppet-users+unsubscr...@googlegroups.com. > > For more options, visit this group > > athttp://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] puppetmaster on EC2 certificate issues
Does your EC2 security group allow connectivity to the Puppet master inbound? Seems like it can't connect. -Mark On Jul 22, 2011, at 7:20 PM, newguy wrote: > Hi guys > I recently started playing with EC2 and tried installing puppet. > I ran in to this problem that puppetmaster doesnt get any certificate > request. > > This is my /etc/hosts file on the client: > > 127.0.0.1 ip-10-243-34-4.ec2.internal localhost > 10.220.198.146 domU-12-31-39-09-C1-64.compute-1.internal puppetmaster > puppet > 10.243.34.4 ip-10-243-34-4.ec2.internal client > > Client hostname : ip-10-243-34-4.ec2.internal > > > Puppetmaster: /etc/hosts: > 127.0.0.1 domU-12-31-39-09-C1-64.compute-1.internal localhost puppet > > Both are Ubuntu 10.04 > > When I do a puppetd --test --waitforcert 10 on client, it shows the > following: > info: Creating a new SSL key for ip-10-243-34-4.ec2.internal > err: Could not request certificate: Connection timed out - connect(2) > > > Puppetmaster shows nothing when I do puppetca --list and there are no > requests in the certificate requests folder too. > > Please help guys am new to EC2. > > Thanks > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] puppetmaster on EC2 certificate issues
Hi guys I recently started playing with EC2 and tried installing puppet. I ran in to this problem that puppetmaster doesnt get any certificate request. This is my /etc/hosts file on the client: 127.0.0.1 ip-10-243-34-4.ec2.internal localhost 10.220.198.146 domU-12-31-39-09-C1-64.compute-1.internal puppetmaster puppet 10.243.34.4 ip-10-243-34-4.ec2.internal client Client hostname : ip-10-243-34-4.ec2.internal Puppetmaster: /etc/hosts: 127.0.0.1 domU-12-31-39-09-C1-64.compute-1.internal localhost puppet Both are Ubuntu 10.04 When I do a puppetd --test --waitforcert 10 on client, it shows the following: info: Creating a new SSL key for ip-10-243-34-4.ec2.internal err: Could not request certificate: Connection timed out - connect(2) Puppetmaster shows nothing when I do puppetca --list and there are no requests in the certificate requests folder too. Please help guys am new to EC2. Thanks -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] ANNOUNCE: Puppet Dashboard 1.2rc3 available
This a feature release candidate (number 3) of Puppet Dashboard. If you're wondering what happened to rc2, it was internal only. Our CI system found a few issues before we released it to the public. This release is available for download at: http://downloads.puppetlabs.com/dashboard/ We have included Debian and RPM packages as well as a tarball. See the Verifying Puppet Download section at: http://projects.puppetlabs.com/projects/puppet/wiki/Downloading_Puppet Please report feedback via the Puppet Labs Redmine site, using an affected version of 1.2rc3 http://projects.puppetlabs.com/projects/dashboard Documentation is available at: http://docs.puppetlabs.com/dashboard/index.html Highlights of RC3: === * Documentation moved primarily away from the included README to website: http://docs.puppetlabs.com/dashboard/index.html * Some minor UI bug fixes Commits for RC3 === 88771ec (#8589) Report events are now ordered by name. 8bd0ffb (#8544) Make empty inspected resources "red". d036276 (#8505) Update the default date stringification. bb99ed9 Properly Quote RAILS_ROOT in get_app_version method 08717e1 (#8508) Add delayed job worker script for debian/ubuntu package 2eef4f4 (#8529) Remove unneeded a print statement from sass.rb af8b6e9 (#8500) Replace README with a smaller one dff2256 (#8499) Update the usage of mktemp in Rakefile to work on mac 3f0afca (#8484) "Nodes for this group" heading now appears correctly 1.2 series Highlights Include: * Moved to Apache 2.0 License * LOTS of UI improvements * Updated version of Rails * Now Requires Ruby 1.8.7 * Has Delayed Jobs (puppet-dashboard-workers) for async actions * Several performance improvements More Details === d389d8b (#7568) Relicense to Apache-2.0 License 57d0122 (#8276) Remove MaRuKu dependency a44d9ff (#8262) Show node groups even when node classification is disabled 3996b29 (#8262) Create callbacks for each section of node_classification partial 5dac13a (#8199) Move 'failed' resources to the top when viewing report events 2a3a73c (#7967) Improved user-facing design for delayed job warnings c78b85a (#8266) Back-end logic for splitting read and unread DJ failures. 15bba31 (#8121) Properly generate CSS from SASS in production. a9abf41 (#8101) Updated to new version of Tipsy plugin 9cb5e55 (Maint) More generalized tabbed interface fbe11aa (#8196) Adjust content width based on body classes. e756c25 (#8196) Add a body class describing sidebar state. 23cbef1 (#8196) Clean up body class manipulation. 3670e2b (#8146) Change default DASHBOARD_URL in external_node to localhost 81ec3c0 (#8090) Update .gitignore to ignore plugin files 6f117fc (#8022) Don't fail when installing plugin without `public` directory 07a9407 (#8022) Create a hook for plugins to add items to in layout 64be352 (#7967) Add default value for read column of delayed_job_failures 240c548 (#7967) Infrastructure for displaying background failures. 8038cce (#7389) Don't auto-start DelayedJob workers. 933ae04 (#7389) Cheaper unique filenames for spooled reports. b4384eb (#7398) Support externally managed DelayedJob workers. 184e65b (#7689) Rake task to support parallel report POSTing. 2333c08 (#5947) Rename Destroy button to Delete 2fb0ac1 (#7976) Fixed static debug data in view 393970d (#7976) Node filter links in sidebar work in all cases 4ba3d23 (#7398) Configurable DelayedJob worker count. e839884 (#7938) Delayed import from file, not YAML string. d24c323 (#7973) Refactor colors for changed/unchanged 58c2b52 (#7398) Use DelayedJob for background processing. 6aefc60 (#7938) Add daemons gem to support DelayedJob 7395369 (#7398) Vendor DelayedJob for background tasks. 05040d9 (#7958) Allow plugins to add top level navigation c4d2f26 (#7597) Better integration of node summaries 4ad9cbc (#7913) Upgrade rspec and rspec-rails vendored gems c09b650 (#7913) Fix tap deprecation warning d88da0e (#7913) Update README to say we only support Ruby 1.8.7 acdc31f (#7913) upgrade will_paginate gem to avoid deprecation warnings e935b8d (#7913) vendor newer version of RDoc ce9be98 (#7913) Fix deprecation warning for config.load_paths dd8f277 (#7913) Upgrade vendored haml gem and vendor sass dd88d74 (#7913) vendor json_pure since it was an undocumented dependency 789c1b7 (#7913) Upgrading from Rails 2.3.4 to 2.3.12 060799f (#7597) Reformat node view CSV link 3726771 (#7280) Edit outdated information about the inventory service a02113a (#7597) Change empty tab display, report tab ordering, link expansion b62bf4c (#7597) Add count to pagination link, fix duplicate tags 9f06f58 (#7597) Display only relevant columns in node tables 96bb99c (#7597) Add "help" link to node summary. 95f870e (#6992) Add totals row for resource status counts to node view 44a145c (#7544) Group report resources by status c2e2c63 (#7840) Increase consistency of status definitions and remove old code dd5e610 (#7674) Add pending to the run status stacked bar graph a58d06d (#6992) Show a summary of nodes x resources on hom
Re: [Puppet Users] Semi-architectural question - data inside code-tree.
On 22/07/11 12:57 AM, John Hawkes-Reed wrote:
Hello.
As part of our Puppet rig, we manage a number of zonefiles with NSD. This means
that there's a directory of datafiles under ../puppet/modules/nsd/files/zones/
(and something somewhat similar for the Postfix virtual domains).
It seems to me that mixing code and data like that might be a bad idea, and was
wondering if anyone else had a better one.
Hi,
Data can be sourced from VCS repos, rather than your Puppet
manifests/modules in at least 2 ways.
1. directory structures such as DNS zones file, or apps that are housed
in VCS repos are managed through the vcsrepo type [1]
2. For an individual files content, we currently have something like:
file{'/blah':
inline_template("<%= `/usr/bin/svn cat http://repo.domain/somefile`
%>"),
}
This should be moved into a function with some code to manage failure
conditions such as being unable to contact the repository to ensure that
such a failure doesn't cause corruption.
[1] http://forge.puppetlabs.com/puppetlabs/vcsrepo
--
You received this message because you are subscribed to the Google Groups "Puppet
Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] So, what happened to the "old" Open Source Team backlog anyway?
Well, I can definitely let you know that. I apologize. It seems I
didn't explain what was going on well enough when I sent out the Open
Source Team update for 2011-07-06.
The items that were on our back log still are. They've just been
bumped behind the basic Windows agent support we're currently focusing
on. I haven't been listing them with the other things we've been
focusing on in an effort to keep the update messages from getting
overly long.
The full backlog ("old" one starts at #7316):
* Disable tests exclusive to master functionality on Windows
* All Puppet tests passing on Windows
* #8322 - Facter should return as much info as Windows SystemInfo
* #8272 - Windows Services Management
* #8414 - Task scheduler type/provider for Windows
* #8408 - Local user provider for Windows
* #8409 - Local group provider for Windows
* #8410 - Exec provider for Windows
* #8411 - File type working on Windows
* #8412 - MSI package provider for Windows
* #8413 - Ability to run Puppet as an agent on Windows
* #7316 - puppet applications delivered via pluginsync don't work.
* #5517 - behavior change within 2.6 makes it impossible to override
class parameters of "included" parametrized classes
* #3741 - Custom facts loaded multiple times
* #3669 - Make puppet honor DNS SRV records
* #4916 - Plugins should not be able to override core functionality.
* #7788 - Puppet should allow rubygems to deliver new functionality
* #3910 - Server is not authoritative over client environment when
specified in an ENC
* #2247 - enablerepo and disablerepo for yum type
* #3534 - Dashboard should support ability to set variables as
arrays in the ENC
--
Jacob Helwig
,
| Join us for PuppetConf, September 22nd and 23rd in Portland, OR
| http://bit.ly/puppetconfsig
`
signature.asc
Description: Digital signature
Re: [Puppet Users] variable/function evaluation
On Fri, Jul 22, 2011 at 12:43 PM, David Kavanagh wrote:
> I have this in a class:
> $version = '2.0.3',
You have an extra comma at the end.
> $repourl =
> "http://www.eucalyptussoftware.com/downloads/repo/eucalyptus/$version/yum/downcase($operatingsystem)/$architecture"
Can't really call downcase function in the middle of a string you need
to create another variable:
$dcos = downcase($::operatingsystem)
$repourl =
"http://www.eucalyptussoftware.com/downloads/repo/eucalyptus/${version}/yum/${dcos}/${::architecture}";
This should be what you get:
notice: Scope(Class[main]):
http://www.eucalyptussoftware.com/downloads/repo/eucalyptus/2.0/yum/centos/
> repourl evaluates to:
> http://www.eucalyptussoftware.com/downloads/repo/eucalyptus//yum/downcase(CentOS)/x86_64
>
> I included the downcase function as suggested in a previous thread.
> So, I notice that isn't evaluated and the $version also isn't
> evaluated. Is the version thing because there isn't any order assumed?
No variables should be evaluated in order.
Thanks,
Nan
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] variable/function evaluation
I have this in a class: $version = '2.0.3', $repourl = "http://www.eucalyptussoftware.com/downloads/repo/eucalyptus/$version/yum/downcase($operatingsystem)/$architecture" repourl evaluates to: http://www.eucalyptussoftware.com/downloads/repo/eucalyptus//yum/downcase(CentOS)/x86_64 I included the downcase function as suggested in a previous thread. So, I notice that isn't evaluated and the $version also isn't evaluated. Is the version thing because there isn't any order assumed? David -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Random error in the recovery catalog
Hello, I randomly errors like this: Fri Jul 22 09:01:41 + 2011 //SERVER.fqdn/Puppet (err): Could not retrieve catalog from remote server: end of file reached Fri Jul 22 09:01:41 + 2011 //SERVER.fqdn/Puppet (notice): Using cached catalog Fri Jul 22 09:01:41 + 2011 //SERVER.fqdn/Puppet (err): Could not retrieve catalog; skipping run Here are the versions: puppetmaster 2.6.2-4~bpo50+1 puppet 2.6.2-4 => Squeeze puppet 2.6.2-4~bpo50+1 => lenny I have about 130 customer puppet. I left the default time interval. Someone managed to solve this problem? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Dashboard and remote MySQL BDD
On 21 July 2011 11:19, david ramblewski wrote: > Hi, > > I've installed Dashboard on my server and I aim to remotely request > the MySQL Database. > All documentations read explain the way to roll out using Dashboard > and MySQL Database on the same server. > > I am looking for any information to achieve that because I haven't > found any from the time being and I wonder if it's just possible. > > Thanks you, > > David Perfectely possible - I had Puppet, Dashboard, and MySQL on 3 separate machines. Dashboard is a rails app - so you configure the db in config/database.yml. I had the following: production: host: dbserver.domain database: dashboard username: dashboarduser password: mydbpass encoding: utf8 adapter: mysql Hope that helps :) Greg -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Adding users to groups
On Jul 22, 2011, at 4:23 PM, Oliver Beattie wrote: > Hi, > > Yes, this is Debian (Ubuntu). If I specify groups (not gid) surely the groups > the user gets added to should be secondary, not primary? > > If I run the command directly I get the same error (although not if I > lowercase the g of course). OK. I assume you need to give the gid parameter for primary group to your manifest. > > —Oliver > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/puppet-users/-/M_HplM5p9loJ. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] tolower()??
> Because about one in five of them is not actually *finished* So currently the incomplete functions are: date is_float is_integer is_numberic is_valid_domain_name is_valid_ip_address is_valid_mac_address is_valid_netmask rand squeeze If anyone wants to help complete these - I'm happy to take patches :-). My day job is a professional services engineer so I work on these items when I possibly can - so any help is appreciated. > some of them seem to replicate core functionality, Which ones in particular? > the testing is weak So I pushed out patches previously to solve a lot of the testing on these. Any particular problems you still see? > and they all actually pass the tests that are currently defined – even the > functions that are literally just "do nothing at all". Apologies - feel free to raise bugs on these ones if you like. > Progress is being made to bring them up to standard, but I am still > vaguely surprised they have not started to merge in as they get done, > and that they are being developed aside from the core. Surprised? Why? No one has asked me - at least not directly (I work in the UK so I don't always hear about these ideas) :-). ken. -- "Join us for PuppetConf, September 22nd and 23rd in Portland, OR: http://bit.ly/puppetconfsig"; -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Import existing classes to puppet-dashboard
Is there currently a way to import existing puppet modules and classes into the puppet-dashboard? If not , will defining them in puppet-dashboard make the nodes aware of modules already created in puppet? I found this issue opened on the subject, http://projects.puppetlabs.com/issues/3503, but did not see anything mentioning this in the 1.2rc1 release notes. Thanks - Trey -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Adding users to groups
Hi, Yes, this is Debian (Ubuntu). If I specify groups (not gid) surely the groups the user gets added to should be secondary, not primary? If I run the command directly I get the same error (although not if I lowercase the g of course). —Oliver -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/M_HplM5p9loJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Adding users to groups
Hi,
On Jul 22, 2011, at 2:31 PM, Oliver Beattie wrote:
> I have a definition like this in one of my manifests:
>
> group { 'foo':
> ensure => present,
> }
>
> user { 'bar':
> ensure => present,
> groups => ['foo'],
> managehome => true,
> home => '/home/bar',
> shell => '/usr/sbin/nologin',
> require => Group['deploy'],
> }
>
> When I run it, however, I get this error:
>
> err: /Stage[main]/App-server/User[deploy]/ensure: change from absent to
> present failed: Could not create user deploy: Execution of '/usr/sbin/useradd
> -d /home/deploy -G deploy -s /usr/sbin/nologin -m deploy' returned 9:
> useradd: group deploy exists - if you want to add this user to that group,
> use -g.
>
> What can I do to fix this? I don't always want to assign the user to that
> group as its primary?
Is this a Debian system?
On Debian the user add command automatically adds a primary group with the same
name as the username.
What happens when you run the useradd command directly?
Kind regards,
Martin
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: 'requires' dependency in file-fragments pattern was not honored
On 07/22/2011 09:08 AM, jcbollinger wrote:
Well yes, but that's not relevant to the OP's problem. I had in fact
supposed that he omitted all that so as to provide a smaller failure
case.
The OP's problem is that he is not including the header
fragment in "Assemble_Sudo_Fragments". It is easy to miss
because
1. the code is noisy, he should get rid of those long interpolations
in the resources
2. he is handling the header fragment outside of the fragment directory,
complicating the design.
I didn't spot the logic error until I rewrote the thing:
class s_sudo ( $wheel_req_password = true)
inherits s_sudo::params
{
$dir= "${s_sudo::params::sudo_fragment_directory}"
$hdr= "${s_sudo::params::sudo_header_file}"
$hdr_tt = "s_sudo/00-sudobase.erb"
$check = "${s_sudo::params::sudo_check_file}"
file {"Sudoer_File":
path=> "/etc/sudoers",
ensure => file,
mode=> 440,
owner => root,
group => root,
}
file { "Sudo_Fragment_Directory":
path=> "${dir}",
ensure => directory,
purge => true,
recurse => true,
}
file { "Sudo_Check_File":
path=> "${check}",
ensure => file,
mode=> 644,
}
file {"Sudo_Header":
path=> "${hdr}",
content => template($hdr_tt),
}
exec { "Assemble_Sudo_Fragments":
command => "/bin/cat ${hdr} ${dir}/* > ${check}",
# <=== error was here
refreshonly => true,
subscribe => File[
"Sudoer_File",
"Sudo_Fragment_Directory",
"Sudo_Check_File",
"Sudo_Header",
],
notify => Exec["Check_And_Instantiate"],
}
exec {"Check_And_Instantiate":
command => "visudo -cf ${check} && cat ${check} >
/etc/sudoers",
refreshonly => true,
}
}
--
You received this message because you are subscribed to the Google Groups "Puppet
Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: 'requires' dependency in file-fragments pattern was not honored
On Jul 21, 11:38 pm, vagn scott wrote: > On 07/20/2011 09:37 PM, Jon Jaroker wrote:> Hello, I was wondering if anyone > can spot the mistake I am making in > > the file-fragments pattern below. > > You probably want to drop ALL your fragments into the > fragments directory, including the head fragment. Well yes, but that's not relevant to the OP's problem. I had in fact supposed that he omitted all that so as to provide a smaller failure case. John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: exec onlyif not working properly
Oops:
On Jul 22, 7:51 am, jcbollinger wrote:
> On Jul 21, 11:28 am, Panaman wrote:
>
>
>
> > I basically have a custom service i am running
> > I want puppet to run a command if the process doesn't show up in ps -
> > aux
>
> > What is happening is it runs the command no matter what.
> > here is my exec
>
> > exec { "$rule-$interface-svscan":
> > command => "/usr/sbin/daemon -f /bin/sh -c \"/usr/
> > local/bin/svscan /data/service\"",
> > unless => "/bin/ps -aux |/usr/bin/grep '/data/
> > service'",
>
> > }
I meant to say: start by checking your command paths. In particular,
grep is in /bin on my Cent 5 boxes, and not in /usr/bin.
John
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: exec onlyif not working properly
On Jul 21, 11:28 am, Panaman wrote:
> I basically have a custom service i am running
> I want puppet to run a command if the process doesn't show up in ps -
> aux
>
> What is happening is it runs the command no matter what.
> here is my exec
>
> exec { "$rule-$interface-svscan":
> command => "/usr/sbin/daemon -f /bin/sh -c \"/usr/
> local/bin/svscan /data/service\"",
> unless => "/bin/ps -aux |/usr/bin/grep '/data/
> service'",
>
>
>
> }- Hide quoted text -
>
> - Show quoted text -
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: IPv6 issue
On Jul 21, 2:59 pm, Bob wrote: > Hi, I run puppetmaster on a machine accessible by both ipv4 and ipv6. > bindaddress in puppet.conf is "::" > > Puppet version: > Client (debian squeeze): 2.6.2-5 > Server (ubuntu 10.10): 2.6.1 > > When I try to run puppetd --test from my IPv4 only client, I get the > following error message: > > Could not retrieve hostname: getaddrinfo: Name or service not known > Could not retrieve hostname: getaddrinfo: Name or service not known > dnsdomainname: Name or service not known > /usr/lib/ruby/1.8/puppet/defaults.rb:190: undefined method `downcase' > for nil:NilClass (NoMethodError) > from /usr/lib/ruby/1.8/puppet.rb:100:in `require' > from /usr/lib/ruby/1.8/puppet.rb:100 > from /usr/lib/ruby/1.8/puppet/application.rb:278:in `require' > from /usr/lib/ruby/1.8/puppet/application.rb:278:in `initialize' > from /usr/lib/ruby/1.8/puppet/application.rb:222:in `new' > from /usr/lib/ruby/1.8/puppet/application.rb:222:in `[]' > from /usr/sbin/puppetd:4 > > puppet.mydomain.com resolves to both an IPv4 and IPv6 address. > > I have tried everything I can think about, but it seems like I cannot > get the client host to connect through IPv4 when the dns name resolves > to both a IPv4 and IPv6 address. It looks to me like the client cannot resolve its own name, or perhaps can't reverse-resolve its own IP(v4) address. Try running 'hostname -- fqdn' from the command line: if I'm right, it will fail. If indeed the client cannot resolve its own name, then the solution depends on your resolver configuration. Adding the approrpiate entry to /etc/hosts will often do the trick, but the resolver can be configured to ignore that file. John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Adding users to groups
(I should point out, the user was called deploy in the actual manifest :-) -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/gxCVq9pmJi0J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Adding users to groups
I have a definition like this in one of my manifests:
group { 'foo':
ensure => present,
}
user { 'bar':
ensure => present,
groups => ['foo'],
managehome => true,
home => '/home/bar',
shell => '/usr/sbin/nologin',
require => Group['deploy'],
}
When I run it, however, I get this error:
err: /Stage[main]/App-server/User[deploy]/ensure: change from absent to
present failed: Could not create user deploy: Execution of
'/usr/sbin/useradd -d /home/deploy -G deploy -s /usr/sbin/nologin -m deploy'
returned 9: useradd: group deploy exists - if you want to add this user to
that group, use -g.
What can I do to fix this? I don't always want to assign the user to that
group as its primary?
—Oliver
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/1inCE1-KAQgJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] IPv6 issue
On Thu, Jul 21, 2011 at 8:59 PM, Bob wrote: > Hi, I run puppetmaster on a machine accessible by both ipv4 and ipv6. > bindaddress in puppet.conf is "::" > Could not retrieve hostname: getaddrinfo: Name or service not known > dnsdomainname: Name or service not known You have something wrongly set but it ain't your IPv4/IPv6. Had a production on dual stack for years with clients connecting over v4 only and it has never been a problem. Steph -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Using with EC2 (and auto-scaling)
The approach I've used is similar - automatically sign new CSRs so
that new nodes can be added without human interaction.
In order to then apply a configuration to the node, the hostnames for
my machines all conform to a pattern, which I then match against a
regular expression in the node manifest.
For example, instead of this:
node 'mywebapp1.domain' { include webapp }
node 'mywebapp2.domain' { include webapp }
node 'mydatabase.domain' { include database }
You can do this:
node /mywebapp*/ { include webapp }
node /mydatabase*/ { include database }
All my servers conform to a common pattern with the project, the type
of node, and a timestamp to ensure uniqueness.
Hope that helps!
On Jul 21, 10:56 am, Oliver Beattie wrote:
> Hi there,
>
> I am trying to setup a "cluster" on Amazon EC2, using auto-scaling. I
> currently have it working so that when the instances are started, they
> generate a CSR, which is automatically signed by the server if it's valid by
> a cron job I setup to run every minute.
>
> However, where does one go from there? I suppose now the nodes need to be
> somehow registered on the puppet master so they can receive the correct
> configuration, but I'm unsure how to do this. I've read several articles
> which involve essentially creating a script which modifies the manifest, but
> is there a better way than this?
>
> I'm fairly new to Puppet, so my other question would be how does one
> classify instances into "roles" or similar — for instance, if I am bringing
> up a webserver, can I just add it to a "webserver" group and it will be
> configured as such?
>
> Any pointers would be very much appreciated :)
>
> —Oliver
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Semi-architectural question - data inside code-tree.
On 07/21/2011 10:57 AM, John Hawkes-Reed wrote: It seems to me that mixing code and data like that might be a bad idea, and was wondering if anyone else had a better one. It would be cool if puppet knew about svn, git, and so on. A file could have a URI and revision, when the revision changed, puppet could refetch the file and push it out. That would let you do configuration management on your data separate from your modules. I suppose you could fake it by doing a checkout to a staging directory and sourcing your data from there. Thank you for that question. I think you just gave me the subject of my next set of experiments. -- vagn -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
