[Puppet Users] eggdrop-puppet-notificator
Hi folks. I've just written a small plug-in for Eggdrop: https://github.com/shaftoe/eggdrop-puppet-notificator Maybe someone here is running both a puppet master and an eggdrop process on the same machine and wishes to get notified about missing nodes (via IRC and email). I like very much that Dashboard tells me which node is missing for more than 60mins, but I didn't know how to get notified too, so... I'm sure there are better ways to do it but this was just the easier I've seen, so of course any comment/bug report etc is very appreciated ;) -- Alexander Fortin http://about.me/alexanderfortin/ -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Announce: Dashboard 1.2.0 is available now
On 08/27/2011 08:07 PM, Ramin K wrote: ruby 1.8.5, released Apr 2006 ruby 1.8.7, released May 2008 ruby 1.9.2, released Oct 2010 Not exactly bleeding edge though I suppose anything released in the last four years could be considered that when compared to RHEL 5.:-) FWIW, if you think of the releases as Ruby 1.0.x, 1.5.x, and 2.0.x respectively the differences in capabilities will make more sense. For my environment, having puppet agents = 2.6.4 is the only blocking issue, because I'd like to stay with Debian/Ubuntu packages and so far the most I can get from stable versions are 2.6.2 (the only exception being FreeBSD 8.2 shipping 2.6.7) Argh... I just can't wait to see the new Dashboard! :D -- Alexander Fortin http://about.me/alexanderfortin/ -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: howto make file resource purge option aware of other puppet resources managed files
http://projects.puppetlabs.com/issues/9277 On Aug 30, 7:48 pm, Daniel Pittman dan...@puppetlabs.com wrote: Oh, dear. Yes, John has it. :/ This is definitely a bug, and something we should fix. Can you file a ticket with the details, so that we don't lose track of this? Daniel On Tue, Aug 30, 2011 at 06:26, jcbollinger john.bollin...@stjude.org wrote: You put your finger on it when you wrote It will purge files managed by other puppet resources in the same directory, but Daniel missed your meaning, as did I on my first reading. You have tripped over a subtlety in the meaning of File's 'purge' parameter: it removes files that are not managed *via File resources*. It is not aware of files that are managed via other resources. You might consider filing a ticket about this, but do check first whether there's an existing one (i.e. I didn't). On the other hand, one reason you've run into trouble is that you're mixing levels of resource abstraction and effectively managing the same physical resources through two independent paths. To ensure that only the repos managed via Puppet are in fact present at all, you should be using the Resources metaresource: resources { 'yumrepo': purge = true } That says more directly what you seem really to want to say, without assuming any particular back-end storage for repository declarations. Moreover, it should do the right thing if you happen to end up with managed and unmanaged repositories declared in the same file. (Note: do not set the 'purge' parameter for File['/etc/yum.repos.d'], or set it to 'false'.) John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group athttp://groups.google.com/group/puppet-users?hl=en. -- ⎋ Puppet Labs Developer –http://puppetlabs.com ♲ Made with 100 percent post-consumer electrons -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Need some advice: Clients that change name and IP address
OK, let me try to see if I have it. Please correct any misteaks I make in this attempt. The paragraph pointed to by the link says that a certname is ...The name to use when handling certificates. Defaults to the fully qualified domain name. The top of the page also says that configuration settings can be specified in puppet.conf or on the command line. So I conclude I need to put certname=something unique into /etc/puppet/puppet.conf of the client machine and the same unique name into a node on the puppetmaster. It is my hope to generate the client conf as part of the cobbler/kickstart/puppet setup I am trying to establish. I am thinking that I should have access to facter in the kickstart %post section, so I should be able to make it happen in front of the snippet that generates the puppet certificates and signing request. Does that shot hit the target ? Thanks for your help and pointers. “Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.” Bill Waterson (Calvin Hobbes) - Scott Smith sc...@ohlol.net wrote: http://docs.puppetlabs.com/references/stable/configuration.html#certname On Tue, Aug 30, 2011 at 8:32 PM, Dan White y...@comcast.net wrote: On Aug 30, 2011, at 9:45 PM, Gary Larizza wrote: On Tue, Aug 30, 2011 at 8:43 PM, Dan White y...@comcast.net wrote: On Aug 30, 2011, at 9:17 PM, Nigel Kersten wrote: On Tue, Aug 30, 2011 at 9:28 AM, Dan White y...@comcast.net wrote: The environment I work in has dev, QA, and production divisions. New machines are built/loaded in dev and then moved, if necessary to QA or production after they have been configured and verified. In moving, the machine in question will change its IP address and hostname. I have set up a Cobbler server to shortcut this, and I am now tasked with adding Puppet to the mixture. Can anyone suggest a maintainable way for Puppet to handle machines that get moved and renamed as described ? My first thought is to remove all the files generated by making the machine a puppet client and then just re-add it as a new client in the new location with the new name, but that feels like a brute-force solution. Don't use hostnames for your certnames? I've used UUIDs for this sort of deployment in the past. Details, please. The certname setting can be changed in the agent section of puppet.conf. When I managed Puppet down to the desktop, I would typically set the client's certname to their serial number (which wouldn't change unless the Motherboard was changed). Because of this, they could change their Hostname to their heart's content and the SSL certs for Puppet wouldn't be affected. Would an example be possible ? I think I understand what you are saying, but as a N00b PuppetMaster, I cannot quite figure out how to make it happen. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Check for dead clients
On Tue, Aug 30, 2011 at 4:12 PM, It Dept i...@ukcrd.com wrote: Hello, Is there a built in way to get notifications about clients which have not updated in a defined time period? For example, if a client is configured to poll the master every hour, and 2 hours elapse without the client polling the master, is there a way to have the master inform us of this failure? Thanks Sounds like one of the tasks foreman [1] was designed for. You can configure email reporting, or view it in the UI, or send alerts to your favorite monitoring software... Ohad [1] - http://theforeman.org -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] eggdrop-puppet-notificator
On Wed, Aug 31, 2011 at 2:17 PM, Alexander Fortin alexander.for...@gmail.com wrote: Hi folks. I've just written a small plug-in for Eggdrop: https://github.com/shaftoe/eggdrop-puppet-notificator Maybe someone here is running both a puppet master and an eggdrop process on the same machine and wishes to get notified about missing nodes (via IRC and email). I like very much that Dashboard tells me which node is missing for more than 60mins, but I didn't know how to get notified too, so... I'm sure there are better ways to do it but this was just the easier I've seen, so of course any comment/bug report etc is very appreciated ;) nice! any chance you would consider adding a query to foreman? easy to get that info via: curl http://foreman/hosts/out_of_sync?format={json,yaml} Ohad -- Alexander Fortin http://about.me/alexanderfortin/ -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] migrating to new puppet servers
On 26/08/11 03:12, Nan Liu wrote: On Thu, Aug 25, 2011 at 1:31 PM, Roy Nielsenr...@lanl.gov wrote: Hello, We need to migrate ~3000 machines to a new puppet server. What is the recommended method of doing this, considering the cert issues? Not much, just make sure you generate a cert for the new puppet master using the existing CA cert. You should not need to replace the existing agent certs, and this give you an easy way to fail back in case you run into any issues. This sounds like a good idea. I find certificates endlessly confusing - can you please spell this out in detail? Thanks, Jonathan Migrate puppet manifests/configuration. Copy the old puppet server ssl directory to the new master (replace everything in there). Generate a new cert for the new puppet master $ puppet master --no-daemonize -v Run puppet cert -p and check the new puppet master cert is signed by the same CA as existing agent certs. Test an existing agent against the new master. $ puppet agent --server new_master -t --noop Update DNS to new puppet master. Thanks, Nan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] migrating to new puppet servers
On 31 August 2011 19:04, Jonathan Gazeley jonathan.gaze...@bristol.ac.uk wrote: On 26/08/11 03:12, Nan Liu wrote: On Thu, Aug 25, 2011 at 1:31 PM, Roy Nielsenr...@lanl.gov wrote: Hello, We need to migrate ~3000 machines to a new puppet server. What is the recommended method of doing this, considering the cert issues? Not much, just make sure you generate a cert for the new puppet master using the existing CA cert. You should not need to replace the existing agent certs, and this give you an easy way to fail back in case you run into any issues. This sounds like a good idea. I find certificates endlessly confusing - can you please spell this out in detail? http://www.masterzen.fr/2010/11/14/puppet-ssl-explained/ Thanks, Jonathan -Naresh V. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: eggdrop-puppet-notificator
I went a slightly different direction and wrote cinch-imap in order to view my incoming nagios alerts when I'm lurking in my internal irc channel. If anyone is interested, the bits can be found at http://rubygems.org/gems/cinch-imap Best, Adam -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Composing a text file with Puppet
On Aug 30, 9:15 am, M C mcsof...@gmail.com wrote: Hi, is it possible to push a file (with source or content) and then add lines without having Puppet to regenerate it every time it runs? And, how can I add, remove or alter text lines without keeping old contents? As I understand you, you want Puppet to provide a default version of the file in the event that it does not exist at all, but otherwise to leave it completely alone. That runs against the Puppet grain: it would be better to completely manage the file content, updating the node's manifests as appropriate when you want the file's contents to change. Nevertheless, you can do this with Puppet, though it requires a bit more work (note: that's a sign that you're trying to work against the tool). You can hack it together as an Exec resource, and that may be the most reliable way to go, but I'm going to show you how you can build this around a File resource. Using a File may be advantageous when the default file contents are lengthy or sensitive, but mainly Files just aren't Execs. The best way might be to derive a custom type from File that provides the behavior you want, but I'm not going there today. The first thing to understand is that File's 'source' and 'content' properties always specify the exact file contents. If we're going to use them then we have to put in some kind of conditional logic. For your specific request, that conditional logic needs to be based on the presence or absence of the target file. Conditional logic is evaluated on the master, so the master needs to know during catalog compilation whether the target file already exists, and that requires a custom fact (see http://docs.puppetlabs.com/guides/custom_facts.html). The Ruby code for this particular fact can probably be something similar to this: Facter.add('myconf_exists') do setcode do File.exists?('/etc/myconf') ? 'true' : 'false' end end Your manifest using this fact might then contain something like this: file { '/etc/myconf': ensure = file, content = $::myconf_exists ? { 'true' = undef, default = '... contents ...' } # other properties ... } Note that when formulated as above, any properties other than content (e.g. owner, permissions) will be ensured on every run. If you want more than one property to be conditional, then you would probably be better off wrapping the while resource declaration in an 'if' construct. Note also that there is a hidden potential gotcha here: the presence of the file is determined when Puppet requests the catalog, not when it applies it. If the file is created in between then Puppet will replace it. Furthermore, if Puppet ever cannot retrieve a fresh catalog from the master, then its cached one may be stale with respect to whether the target file actually exists; that potentially extends the window in which file creation might be overlooked. Note: i want resources to be executed only if something actually changes. Depending on how you look at it, that's either always or never what Puppet does. That is, Puppet always checks each declared resource to determine whether its actual state matches its declared target state, so if you're saying you don't want that then Puppet is not the tool for you. On the other hand, Puppet only modifies resources that it finds out of sync with their declarations, and I think that's what you're asking for. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Need some advice: Clients that change name and IP address
On Wed, Aug 31, 2011 at 7:12 AM, Dan White y...@comcast.net wrote: OK, let me try to see if I have it. Please correct any misteaks I make in this attempt. The paragraph pointed to by the link says that a certname is ...The name to use when handling certificates. Defaults to the fully qualified domain name. The top of the page also says that configuration settings can be specified in puppet.conf or on the command line. So I conclude I need to put certname=something unique into /etc/puppet/puppet.conf of the client machine and the same unique name into a node on the puppetmaster. It is my hope to generate the client conf as part of the cobbler/kickstart/puppet setup I am trying to establish. I am thinking that I should have access to facter in the kickstart %post section, so I should be able to make it happen in front of the snippet that generates the puppet certificates and signing request. Does that shot hit the target ? Thanks for your help and pointers. Yep, that's it. Whatever UID you use in puppet.conf in the certname = UID setting is how the puppet master will refer to your node. So, if on the client you do 'certname = 12345' then on the puppet master server your node declaration should be node 12345 { include ssh }. “Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.” Bill Waterson (Calvin Hobbes) - Scott Smith sc...@ohlol.net wrote: http://docs.puppetlabs.com/references/stable/configuration.html#certname On Tue, Aug 30, 2011 at 8:32 PM, Dan White y...@comcast.net wrote: On Aug 30, 2011, at 9:45 PM, Gary Larizza wrote: On Tue, Aug 30, 2011 at 8:43 PM, Dan White y...@comcast.net wrote: On Aug 30, 2011, at 9:17 PM, Nigel Kersten wrote: On Tue, Aug 30, 2011 at 9:28 AM, Dan White y...@comcast.net wrote: The environment I work in has dev, QA, and production divisions. New machines are built/loaded in dev and then moved, if necessary to QA or production after they have been configured and verified. In moving, the machine in question will change its IP address and hostname. I have set up a Cobbler server to shortcut this, and I am now tasked with adding Puppet to the mixture. Can anyone suggest a maintainable way for Puppet to handle machines that get moved and renamed as described ? My first thought is to remove all the files generated by making the machine a puppet client and then just re-add it as a new client in the new location with the new name, but that feels like a brute-force solution. Don't use hostnames for your certnames? I've used UUIDs for this sort of deployment in the past. Details, please. The certname setting can be changed in the agent section of puppet.conf. When I managed Puppet down to the desktop, I would typically set the client's certname to their serial number (which wouldn't change unless the Motherboard was changed). Because of this, they could change their Hostname to their heart's content and the SSL certs for Puppet wouldn't be affected. Would an example be possible ? I think I understand what you are saying, but as a N00b PuppetMaster, I cannot quite figure out how to make it happen. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Gary Larizza Professional Services Engineer Puppet Labs Join us for PuppetConf http://bit.ly/puppetconfsig, September 22nd and 23rd in Portland, OR! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] eggdrop-puppet-notificator
On 08/31/2011 02:25 PM, Ohad Levy wrote: nice! any chance you would consider adding a query to foreman? easy to get that info via: curlhttp://foreman/hosts/out_of_sync?format={json,yaml} Hi Ohad! Unfortunately I've got no Foreman so no way to test it (and no real need to extend it because no Foreman in the near future here...) If you (or anyone) want to submit a patch I'll be more than happy :) Just ask to be added to the GitHub project and I'll give you RW. -- Alexander Fortin http://about.me/alexanderfortin/ -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: howto make file resource purge option aware of other puppet resources managed files
On Aug 31, 6:41 am, piavlo lolitus...@gmail.com wrote: Hi John Thanks for pointing me to the resources purge option - i was not aware of it. However I get this error then trying it err: Failed to apply catalog: Parameter purge failed: Purging is only supported on types that accept 'ensure' at /etc/puppet/modules/yum/ manifests/init.pp:12 Oops. For what it's worth, you might consider voting for feature request #949 and/or feature request #1023. Both have been accepted, but neither yet implemented. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Certificate verify failed.
Hi All, I am running puppet (2.7.3) with nginx and passenger (3.0.8) and ruby-1.9.2p290. I am receiving the following error on the client when connecting to the server. info: Creating a new SSL key for hostname.domain.com err: Could not request certificate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed. This is often because the time is out of sync on the server or client I verified the time on puppetmaster and the client. They are identical. Anyone who has encountered this type of error message before? Regards, Kevin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] 2.7.3 and 'Could not retrieve operatingsystem'
Just updated to 2.7.3 from 2.6.9. That's when 'Could not retrieve operatingsystem: undefined method `+' for nil:NilClass' started popping up. It doesn't seem to be causing any real issues, but its there. hostname:/etc/puppet # puppet agent --test info: Retrieving plugin Could not retrieve operatingsystem: undefined method `+' for nil:NilClass info: Loading facts in uspspuppetfacts info: Loading facts in os_version info: Loading facts in network info: Loading facts in buildinfo info: Loading facts in memorysize info: Loading facts in hcs_service info: Loading facts in uspspuppetfacts info: Loading facts in os_version info: Loading facts in network info: Loading facts in buildinfo info: Loading facts in memorysize info: Loading facts in hcs_service info: Caching catalog for hostname.usps.gov info: Applying configuration version '1314734945' notice: Finished catalog run in 4.50 seconds This doesn't seem to come my custom facter plugins as if I call 'facter -p' I don't get the error. Recipes I have that utilize 'operatingsystem' seem to work fine. I'm still running ruby 1.8.7, so not sure if that could be part of the cause? Anyone else encounter this? Should I worry about it? Thanks, Jake -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Up and running with puppet
I am just getting started with Puppet, went through the install on a SuSE Linux (11.1) system. I wanted to use the web console but run into this error: Ruby on Rails application could not be started Permission denied - /opt/puppet/share/puppet-dashboard/config/ database.yml I've checked the permissions on this yml, changed it to 777 for good measure but still can't seem to get rid of this error. I was wondering if somebody who's had more experience with puppet or Ruby on Rails could help throw some light on the topic. thanks! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: buglet (with rpms from tmz) Re: [Puppet Users] Re: [Puppet-dev] ANNOUNCE: Puppet 2.6.9rc1 is available
I wrote: Chris May wrote: Did anyone ever post a bug, or find a solution for this? I've just upgraded some of our Solaris boxes (using OpenCSW) to 2.6.9 and I'm seeing the same behaviour. If there is a bug filed, I'd love to know what it is. Searching redmine for reports doesn't find anything that looks like the right ticket. This looks to be https://projects.puppetlabs.com/issues/9167 and the patch there fixes the problem. I've updated the 2.6.9 packages on fedorapeople.org for Fedora and EPEL. -- ToddOpenPGP - KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~ A penny saved kills your career in government. pgpR1tRzPpa5X.pgp Description: PGP signature
Re: [Puppet Users] Up and running with puppet
On 11-08-31 01:15 PM, AJ wrote: I am just getting started with Puppet, went through the install on a SuSE Linux (11.1) system. I wanted to use the web console but run into this error: Ruby on Rails application could not be started Permission denied - /opt/puppet/share/puppet-dashboard/config/ database.yml I've checked the permissions on this yml, changed it to 777 for good measure but still can't seem to get rid of this error. I was wondering if somebody who's had more experience with puppet or Ruby on Rails could help throw some light on the topic. verify the permissions on the whole path. maybe the config or the puppet-dashboard directories don't give enough privileges to the user running dashboard. -- Gabriel Filion -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Need some advice: Clients that change name and IP address
I believe I got it working ! I'm using the mac address instead of uuid as the mac address is a machine-unique value I can easily access. I will post details of my implementation (cobbler snippet tweaks and all) once I am confident I have all the details covered. Pay it forward !! Thanks for the pointers. “Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.” Bill Waterson (Calvin Hobbes) - Gary Larizza g...@puppetlabs.com wrote: On Wed, Aug 31, 2011 at 7:12 AM, Dan White y...@comcast.net wrote: OK, let me try to see if I have it. Please correct any misteaks I make in this attempt. The paragraph pointed to by the link says that a certname is ...The name to use when handling certificates. Defaults to the fully qualified domain name. The top of the page also says that configuration settings can be specified in puppet.conf or on the command line. So I conclude I need to put certname=something unique into /etc/puppet/puppet.conf of the client machine and the same unique name into a node on the puppetmaster. It is my hope to generate the client conf as part of the cobbler/kickstart/puppet setup I am trying to establish. I am thinking that I should have access to facter in the kickstart %post section, so I should be able to make it happen in front of the snippet that generates the puppet certificates and signing request. Does that shot hit the target ? Thanks for your help and pointers. Yep, that's it. Whatever UID you use in puppet.conf in the certname = UID setting is how the puppet master will refer to your node. So, if on the client you do 'certname = 12345' then on the puppet master server your node declaration should be node 12345 { include ssh }. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Bind9 Ubuntu Lucid
Seems that every cycle, puppet thinks that bind9 service is stopped and wants to restart... info: Applying configuration version '1314822598' notice: /Stage[main]/Bind::Service/Service[bind9]/ensure: ensure changed 'stopped' to 'running' notice: Finished catalog run in 3.70 seconds But it's running and from the logs, puppet doesn't appear to have any impact at all (bind9 was running, continues to run and is not restarted by the puppet cycle). # /etc/init.d/bind9 status * bind9 is running # update-rc.d -n bind9 defaults System start/stop links for /etc/init.d/bind9 already exist. # ps aux | grep `cat /var/run/named/named.pid`|grep -v grep bind 21856 0.0 0.2 326644 39664 ?Ssl Aug26 0:17 /usr/sbin/named -u bind Extremely simple class... class bind::service { service { bind9: ensure = running, require = Class[bind::install], } } ??? -- Craig White ~ craig.wh...@ttiltd.com 1.800.869.6908 ~~ www.ttiassessments.com Need help communicating between generations at work to achieve your desired success? Let us help! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Bind9 Ubuntu Lucid
On Wed, Aug 31, 2011 at 4:43 PM, Craig White craig.wh...@ttiltd.com wrote: Seems that every cycle, puppet thinks that bind9 service is stopped and wants to restart... info: Applying configuration version '1314822598' notice: /Stage[main]/Bind::Service/Service[bind9]/ensure: ensure changed 'stopped' to 'running' notice: Finished catalog run in 3.70 seconds But it's running and from the logs, puppet doesn't appear to have any impact at all (bind9 was running, continues to run and is not restarted by the puppet cycle). # /etc/init.d/bind9 status * bind9 is running # update-rc.d -n bind9 defaults System start/stop links for /etc/init.d/bind9 already exist. # ps aux | grep `cat /var/run/named/named.pid`|grep -v grep bind 21856 0.0 0.2 326644 39664 ? Ssl Aug26 0:17 /usr/sbin/named -u bind Extremely simple class... class bind::service { service { bind9: ensure = running, require = Class[bind::install], } } ??? I think the issue is that you need to have hasstatus in your service definition. Otherwise puppet will think that it can't check to see if it's running. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Bind9 Ubuntu Lucid
Craig White writes: Seems that every cycle, puppet thinks that bind9 service is stopped and wants to restart... info: Applying configuration version '1314822598' notice: /Stage[main]/Bind::Service/Service[bind9]/ensure: ensure changed 'stopped' to 'running' notice: Finished catalog run in 3.70 seconds But it's running and from the logs, puppet doesn't appear to have any impact at all (bind9 was running, continues to run and is not restarted by the puppet cycle). # /etc/init.d/bind9 status * bind9 is running What's the exit status of /etc/init.d/bind9 status? That's what Puppet is checking if hasstatus = true is set for the service (usually the default). Give the command echo $? immediately after running that; if the value is not 0, then the init script is kind of broken and you should set hasstatus = false for the service. # update-rc.d -n bind9 defaults System start/stop links for /etc/init.d/bind9 already exist. # ps aux | grep `cat /var/run/named/named.pid`|grep -v grep bind 21856 0.0 0.2 326644 39664 ?Ssl Aug26 0:17 /usr/sbin/named -u bind Extremely simple class... class bind::service { service { bind9: ensure = running, require = Class[bind::install], } } ??? -- Craig White ~ craig.wh...@ttiltd.com 1.800.869.6908 ~~ www.ttiassessments.com -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Bind9 Ubuntu Lucid
On Aug 31, 2011, at 1:55 PM, Steven VanDevender wrote: Craig White writes: Seems that every cycle, puppet thinks that bind9 service is stopped and wants to restart... info: Applying configuration version '1314822598' notice: /Stage[main]/Bind::Service/Service[bind9]/ensure: ensure changed 'stopped' to 'running' notice: Finished catalog run in 3.70 seconds But it's running and from the logs, puppet doesn't appear to have any impact at all (bind9 was running, continues to run and is not restarted by the puppet cycle). # /etc/init.d/bind9 status * bind9 is running What's the exit status of /etc/init.d/bind9 status? That's what Puppet is checking if hasstatus = true is set for the service (usually the default). Give the command echo $? immediately after running that; if the value is not 0, then the init script is kind of broken and you should set hasstatus = false for the service. # echo $? 0 Craig -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Bind9 Ubuntu Lucid
On Aug 31, 2011, at 1:47 PM, David Nalley wrote: On Wed, Aug 31, 2011 at 4:43 PM, Craig White craig.wh...@ttiltd.com wrote: Seems that every cycle, puppet thinks that bind9 service is stopped and wants to restart... info: Applying configuration version '1314822598' notice: /Stage[main]/Bind::Service/Service[bind9]/ensure: ensure changed 'stopped' to 'running' notice: Finished catalog run in 3.70 seconds But it's running and from the logs, puppet doesn't appear to have any impact at all (bind9 was running, continues to run and is not restarted by the puppet cycle). # /etc/init.d/bind9 status * bind9 is running # update-rc.d -n bind9 defaults System start/stop links for /etc/init.d/bind9 already exist. # ps aux | grep `cat /var/run/named/named.pid`|grep -v grep bind 21856 0.0 0.2 326644 39664 ?Ssl Aug26 0:17 /usr/sbin/named -u bind Extremely simple class... class bind::service { service { bind9: ensure = running, require = Class[bind::install], } } ??? I think the issue is that you need to have hasstatus in your service definition. Otherwise puppet will think that it can't check to see if it's running. yes, that's what I get for not checking out other 'service.pp' files I have done in the past. hasrestart = true, is also useful ;-) Thanks Craig -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Bind9 Ubuntu Lucid
Just a couple odd questions... does the status return 0 or 1 when bind is running? If the process table is used, would you need a name parameter to differentiate the name versus the process name? And, what version of puppet? You might need a hasstatus in there, as well? Ref: http://docs.puppetlabs.com/references/stable/type.html#service On Wed, Aug 31, 2011 at 1:43 PM, Craig White craig.wh...@ttiltd.com wrote: Seems that every cycle, puppet thinks that bind9 service is stopped and wants to restart... info: Applying configuration version '1314822598' notice: /Stage[main]/Bind::Service/Service[bind9]/ensure: ensure changed 'stopped' to 'running' notice: Finished catalog run in 3.70 seconds But it's running and from the logs, puppet doesn't appear to have any impact at all (bind9 was running, continues to run and is not restarted by the puppet cycle). # /etc/init.d/bind9 status * bind9 is running # update-rc.d -n bind9 defaults System start/stop links for /etc/init.d/bind9 already exist. # ps aux | grep `cat /var/run/named/named.pid`|grep -v grep bind 21856 0.0 0.2 326644 39664 ?Ssl Aug26 0:17 /usr/sbin/named -u bind Extremely simple class... class bind::service { service { bind9: ensure = running, require = Class[bind::install], } } ??? -- Craig White ~ craig.wh...@ttiltd.com 1.800.869.6908 ~~ www.ttiassessments.com Need help communicating between generations at work to achieve your desired success? Let us help! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Module Plugin Documentation
Anyone, I've read this doc several times: http://docs.puppetlabs.com/guides/plugins_in_modules.html As a whole, it really doesn't make sense. It seems pretty obvious it was written by someone with deep knowledge of the subject, but there is little context for someone like me. Is there better documentation somewhere? Doug -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] File resource owner not found, only during automatic puppet runs
I have a file resource defined to be owned by a group that is accessible via samba/winbind (AD based group), but every time Puppet runs automatically (every 30 min) the run fails with this error , (sensitive information removed) (/Stage[main]//Node[node1.tld]/Apache::Vhost[vhost1]/File[/var/www/ vhost1/html]) Could not evaluate: Could not find group org-www at /etc/ puppet/modules/apache/manifests/definitions/vhost.pp:52 When I manually run puppetd --test --debug -v there is no failure. Also the group is visible on the system and all works just fine. It only fails during the automatic Puppet runs. I also have another host, with an almost identical setup , assigning AD based groups to file resources, and it doesn't have this problem. Using Puppet 2.6.9, on CentOS 6. Thanks - Trey -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.