Re: [Puppet Users] Re: Anyone seeing odd agent behaviour with 2.7.10?

[Craig White]

to my knowledge puppetd always runs as root because it needs the permissions in 
order to perform its magic.
puppetmaster runs as user:puppet, group:puppet but not puppetd

Craig

On Feb 10, 2012, at 4:14 PM, Will S. G. wrote:

> I was browsing the group to see if anyone else was experiencing the
> issue. I'm having the same with CentOS 6.2 x86_64. From what I see,
> puppetd should be running with the user puppet. However, the pid is
> now owned by root, which is obviously the issue. Someone made a
> mistake on the puppet RPM spec somewhere.
> 
> On Jan 26, 4:00 am, Steph Gosling  wrote:
>> Hi all,
>> 
>> Upgraded a master and a couple of clients to 2.7.10 and now see the
>> following when running an agent if the daemon is also running:
>> 
>> [steph@somehost ~]$ sudo puppet agent --onetime --verbose --no-daemonize
>> info: Caching catalog for somehost.example.com
>> info: Applying configuration version '1327578407'
>> notice: /Stage[main]/Mysql-server/Package[mysql-server]/ensure: created
>> notice: /Stage[main]/Mysql-server/Service[mysqld]/ensure: ensure changed 
>> 'stopped' to 'running'
>> notice: Finished catalog run in 20.11 seconds
>> err: Could not remove PID file /var/run/puppet/agent.pid
>> [steph@somehost ~]$
>> 
>> I see that 2.7.10 fixed a bughttp://projects.puppetlabs.com/issues/5246and 
>> wonder if they're
>> related?
>> 
>> in 2.7.9 this would run without throwing the error, indeed in .10 the
>> onetime run completes and the agent daemon is happy too: It's just
>> unnerving to see pink messages :) Environment is CentOS
>> 6.2 fwiw.
>> 
>> --
>> Steph Gosling 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to 
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.
> 

-- 
Craig White ~ craig.wh...@ttiltd.com
1.800.869.6908 ~~ www.ttiassessments.com 

Need help communicating between generations at work to achieve your desired 
success? Let us help!

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Augeas fstab question

[Dominic Cleal]

On 10/02/12 20:10, Joe wrote:
> I'm trying to add a mount option using puppet/augeas. Something like:
> 
> class acl {
> augeas { "var_fs_acl":
> context => "/files/etc/fstab",
> changes => ["ins opt after *[file='/var']/
> opt[last()]",
> "set *[file='/var']/opt[last()] acl"],
> onlyif => "match *[file='/var']/opt[.='acl'] size ==
> 0"
> }
> }
> 
> This works if /var is a filesystem, but fails if /var is not. Since I
> can't have two onlyif clauses, I'm not sure how to say:
> If /var is a filesystem and
>doesn't already have an opt of acl
> 
> Any suggestions would be appreciated.

Try this:

augeas { "var_fs_acl":
  context => "/files/etc/fstab",
  changes => [
"ins opt after *[file='/var']/opt[last()]",
"set *[file='/var']/opt[last()] acl",
  ],
  onlyif  => "match *[file='/var' and count(opt[.='acl'])=0] size > 0",
}

The idea is that the match condition in onlyif will return the /var
node, only when it has no "acl" opt nodes beneath it.

While the above may work, I'd urge you to consider how you configure
systems with Puppet.  Detecting the current configuration (i.e. does or
doesn't have /var) before applying changes is best done with custom
facts or only applying the class to nodes that are supposed to have
/var, rather than complex "onlyif" workarounds on resources.

Hope that helps,

-- 
Dominic Cleal
Red Hat Consulting
m: +44 (0)7817 878113

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Anyone seeing odd agent behaviour with 2.7.10?

[Will S. G.]

I was browsing the group to see if anyone else was experiencing the
issue. I'm having the same with CentOS 6.2 x86_64. From what I see,
puppetd should be running with the user puppet. However, the pid is
now owned by root, which is obviously the issue. Someone made a
mistake on the puppet RPM spec somewhere.

On Jan 26, 4:00 am, Steph Gosling  wrote:
> Hi all,
>
> Upgraded a master and a couple of clients to 2.7.10 and now see the
> following when running an agent if the daemon is also running:
>
> [steph@somehost ~]$ sudo puppet agent --onetime --verbose --no-daemonize
> info: Caching catalog for somehost.example.com
> info: Applying configuration version '1327578407'
> notice: /Stage[main]/Mysql-server/Package[mysql-server]/ensure: created
> notice: /Stage[main]/Mysql-server/Service[mysqld]/ensure: ensure changed 
> 'stopped' to 'running'
> notice: Finished catalog run in 20.11 seconds
> err: Could not remove PID file /var/run/puppet/agent.pid
> [steph@somehost ~]$
>
> I see that 2.7.10 fixed a bughttp://projects.puppetlabs.com/issues/5246and 
> wonder if they're
> related?
>
> in 2.7.9 this would run without throwing the error, indeed in .10 the
> onetime run completes and the agent daemon is happy too: It's just
> unnerving to see pink messages :) Environment is CentOS
> 6.2 fwiw.
>
> --
> Steph Gosling 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Issue Installing Puppet on Red Hat6

[jcbollinger]

On Feb 10, 11:35 am, Gmoney  wrote:
> Tried all suggestions. The Red Hat Optional channel contains
> rubygems-1.37 ( not 1.8.7 ) , the ruby and ruby-libs are both 1,8.7,
> Guess I have to grab the source and build it myself, I can't seem to
> find rubygems-1.8.7 anywhere.


Why do you assume that the version of the rubygems package available
from one of RedHat's official channels is inappropriate for your
RedHat installation?  There is no particular reason to expect that the
version number of the rubygems package will be the same as the version
number of the ruby package.  If there were, you would expect the
former to be a subpackage of the latter, in which case it would be
named ruby-gems.


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Augeas fstab question

[David Rolston]

On Fri, Feb 10, 2012 at 12:15 PM, Christopher Wood <
christopher_w...@pobox.com> wrote:

> Try the mount type?
>
> http://docs.puppetlabs.com/references/stable/type.html#mount
>
> (Any particular reason for using augeas?)
>
> On Fri, Feb 10, 2012 at 12:10:56PM -0800, Joe wrote:
> > I'm trying to add a mount option using puppet/augeas. Something like:
> >
> > class acl {
> > augeas { "var_fs_acl":
> > context => "/files/etc/fstab",
> > changes => ["ins opt after *[file='/var']/
> > opt[last()]",
> > "set *[file='/var']/opt[last()] acl"],
> > onlyif => "match *[file='/var']/opt[.='acl'] size ==
> > 0"
> > }
> > }
> >
> > This works if /var is a filesystem, but fails if /var is not. Since I
> > can't have two onlyif clauses, I'm not sure how to say:
> > If /var is a filesystem and
>

I second this recommendation -- if it can be done with mount, then that
will make things cleaner for you.  Also, I would question the assumption
that you can't have multiple onlyif elements.  Most of the time, where you
can pass one thing, you can also pass an array, and that works, so you
might try that.  However, you can do something like this with a define for
example:


class nfsclient {  /// some dependencies I've omitted

 define nfs_mount(
$device,
$location = "/nfs/nfsa",
$fstype,
$owner,
$group,
$mode,
$options = "soft,intr,noatime"
){
file { "${location}/${name}":
ensure => directory,
owner => "${owner}",
group => "${group}",
mode => "${mode}",
}
mount { "${location}/${name}":
atboot => true,
ensure => "mounted",
device => "${device}",
fstype => "${fstype}",
options => "${options}",
pass => "2",
require => File["${location}/${name}"],
}
  }
  nfs_mount { "nfsvol1":
device => "nfsa.internal.site.com:/nfsvol1",
fstype => "nfs",
owner => "root",
mode => "777",
options => "soft,intr,noatime",
subscribe => File['/etc/idmapd.conf'],
  }
}

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Augeas fstab question

[Christopher Wood]

Try the mount type?

http://docs.puppetlabs.com/references/stable/type.html#mount

(Any particular reason for using augeas?)

On Fri, Feb 10, 2012 at 12:10:56PM -0800, Joe wrote:
> I'm trying to add a mount option using puppet/augeas. Something like:
> 
> class acl {
> augeas { "var_fs_acl":
> context => "/files/etc/fstab",
> changes => ["ins opt after *[file='/var']/
> opt[last()]",
> "set *[file='/var']/opt[last()] acl"],
> onlyif => "match *[file='/var']/opt[.='acl'] size ==
> 0"
> }
> }
> 
> This works if /var is a filesystem, but fails if /var is not. Since I
> can't have two onlyif clauses, I'm not sure how to say:
> If /var is a filesystem and
>doesn't already have an opt of acl
> 
> Any suggestions would be appreciated.
> 
> joe
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to 
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.
> 
> 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Augeas fstab question

[Joe]

I'm trying to add a mount option using puppet/augeas. Something like:

class acl {
augeas { "var_fs_acl":
context => "/files/etc/fstab",
changes => ["ins opt after *[file='/var']/
opt[last()]",
"set *[file='/var']/opt[last()] acl"],
onlyif => "match *[file='/var']/opt[.='acl'] size ==
0"
}
}

This works if /var is a filesystem, but fails if /var is not. Since I
can't have two onlyif clauses, I'm not sure how to say:
If /var is a filesystem and
   doesn't already have an opt of acl

Any suggestions would be appreciated.

joe

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Another dashboard question..

[Kenneth Lo]

I'm still relatively new on puppet, but we've been using dashboard quite 
extensively so I'm hoping I'm providing the correct answer:

>From dashboard a class is simply a place-holder for referencing puppet module 
>from the backend.

A group is where you can assign classes into nodes, as well as creating 
parameters that your backend modules and templates can use as global variable. 
It also support inhertiance where nodes/class does not (from dashboard)

--KL

From: Peter Berghold mailto:salty.cowd...@gmail.com>>
Reply-To: "puppet-users@googlegroups.com" 
mailto:puppet-users@googlegroups.com>>
Date: Fri, 10 Feb 2012 13:49:12 -0500
To: "puppet-users@googlegroups.com" 
mailto:puppet-users@googlegroups.com>>
Subject: [Puppet Users] Another dashboard question..

what does dashboard consider a "class?" what does dashboard consider a "group?" 
 Is there documentation for all this that I've missed?


--
Peter L. Berghold
Owner, Shark River Technical Solutions LLC

--
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to 
puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.
This message is for the designated recipient only and may contain privileged, 
proprietary, or otherwise private information. If you have received it in 
error, please notify the sender immediately and delete the original. Any other 
use of the email by you is prohibited.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Another dashboard question..

[Peter Berghold]

what does dashboard consider a "class?" what does dashboard consider a
"group?"  Is there documentation for all this that I've missed?


-- 
Peter L. Berghold
Owner, Shark River Technical Solutions LLC

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Why are not the reports uploading?

[Peter Berghold]

On Thu, Feb 9, 2012 at 4:40 PM, Russell Van Tassell wrote:

> The silly question... that's in the agent's puppet.conf, not just in the
> agent section of the puppet.conf on the puppet master?


Yes. It is universally in all my agent puppet.conf files.


> Have you restarted the server and agents?


yes


> Do you see anything written to /var/lib/puppet/reports at all?


There are reports in there...


> Is it writable by the puppet user?


yup


> Do you see any obvious errors in any of the logs?


nada...


> Do you see the reports being posted to /var/lib/puppet/log/masterhttp.log?
>
>
> chidpmaster - - [08/Feb/2012:12:58:29 EST] "PUT /production/report/
chidpmaster.chi.sharkrivertech.com HTTP/1.1" 200 14

Looks like...

I got this working after discovering a typo in my puppet.conf on the
master.  (html vs. http)


-- 
Peter L. Berghold
Owner, Shark River Technical Solutions LLC

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Issue Installing Puppet on Red Hat6

[Gmoney]

Tried all suggestions. The Red Hat Optional channel contains
rubygems-1.37 ( not 1.8.7 ) , the ruby and ruby-libs are both 1,8.7,
Guess I have to grab the source and build it myself, I can't seem to
find rubygems-1.8.7 anywhere.

yum -y install puppet-dashboard
Loaded plugins: rhnplugin
This system is not registered with RHN.
RHN support will be disabled.
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package puppet-dashboard.noarch 0:1.2.5-1.el6 set to be updated
--> Processing Dependency: ruby(abi) = 1.8 for package: puppet-
dashboard-1.2.5-1.el6.noarch
--> Processing Dependency: ruby > 1.8.7 for package: puppet-
dashboard-1.2.5-1.el6.noarch
--> Processing Dependency: ruby-mysql for package: puppet-
dashboard-1.2.5-1.el6.noarch
--> Processing Dependency: rubygem(rake) for package: puppet-
dashboard-1.2.5-1.el6.noarch
--> Processing Dependency: rubygems for package: puppet-
dashboard-1.2.5-1.el6.noarch
--> Processing Dependency: /usr/bin/ruby for package: puppet-
dashboard-1.2.5-1.el6.noarch
--> Running transaction check
---> Package puppet-dashboard.noarch 0:1.2.5-1.el6 set to be updated
--> Processing Dependency: rubygem(rake) for package: puppet-
dashboard-1.2.5-1.el6.noarch
--> Processing Dependency: rubygems for package: puppet-
dashboard-1.2.5-1.el6.noarch
---> Package ruby.x86_64 0:1.8.7.299-4.el6 set to be updated
---> Package ruby-libs.x86_64 0:1.8.7.299-4.el6 set to be updated
---> Package ruby-mysql.x86_64 0:2.8.2-1.el6 set to be updated
--> Finished Dependency Resolution
Error: Package: puppet-dashboard-1.2.5-1.el6.noarch (puppetlabs-
products)
   Requires: rubygems
Error: Package: puppet-dashboard-1.2.5-1.el6.noarch (puppetlabs-
products)
   Requires: rubygem(rake)
 You could try using --skip-broken to work around the problem
 You could try running: rpm -Va --nofiles --nodigest




On Jan 26, 10:09 pm, Ryan Bowlby  wrote:
> I use CentOS 6.2 with yum-priorities and several additional
> repositories. In general the following priority order works well:
>
> updates -> extras -> puppetlabs -> epel -> rpmforge
>
> Then, as said previously, just run yum -y install puppet-dashboard and
> continue following docs. That setup will allow you access to just
> about every package you would need without causing crazy dependency
> issues.
>
> -Ryan
>
> On Jan 26, 3:33 pm, Gmoney  wrote:
>
> > I have been trying to follow the bootstrap instructions for installing
> > puppet-dashboard. I keep getting error about rubyge(rake) and
> > rubygems.  I'd appreciate any help or corrections, thanks in advance.
>
> > ruby-libs-1.8.7.299-4.el6.x86_64
> > ruby-1.8.7.299-4.el6.x86_64
>
> > These are some installation steps I took.
>
> > rvm tools rvm-env ruby bash
> > rvm install 1.8.7
>
> > yum install ruby
>
> > downloaded rubygems from:http://rubygems.org/pages/download
>
> > gem install rubygems-update
>
> > LD_LIBRARY_PATH=/usr/local/rvm/src/ruby-1.8.7-p357:$PATH
> > export LD_LIBRARY_PATH
> > gem install mysql-2.8.1.gem
>
> > install rake:
> > git clone g...@github.com:gmoneyice/rake
> > cd /root/ruby
> > gem install rake
>
> > Here is the error:
>
> > yum install puppet-dashboard
> > Loaded plugins: rhnplugin
> > This system is not registered with RHN.
> > RHN support will be disabled.
> > Setting up Install Process
> > Resolving Dependencies
> > --> Running transaction check
> > ---> Package puppet-dashboard.noarch 0:1.2.4-1.el6 set to be updated
> > --> Processing Dependency: ruby-mysql for package: puppet-
> > dashboard-1.2.4-1.el6.noarch
> > --> Processing Dependency: rubygem(rake) for package: puppet-
> > dashboard-1.2.4-1.el6.noarch
> > --> Processing Dependency: rubygems for package: puppet-
> > dashboard-1.2.4-1.el6.noarch
> > --> Running transaction check
> > ---> Package puppet-dashboard.noarch 0:1.2.4-1.el6 set to be updated
> > --> Processing Dependency: rubygem(rake) for package: puppet-
> > dashboard-1.2.4-1.el6.noarch
> > --> Processing Dependency: rubygems for package: puppet-
> > dashboard-1.2.4-1.el6.noarch
> > ---> Package ruby-mysql.x86_64 0:2.8.2-1.el6 set to be updated
> > --> Finished Dependency Resolution
> > Error: Package: puppet-dashboard-1.2.4-1.el6.noarch (puppetlabs-
> > products)
> >            Requires: rubygem(rake)
> > Error: Package: puppet-dashboard-1.2.4-1.el6.noarch (puppetlabs-
> > products)
> >            Requires: rubygems
> >  You could try using --skip-broken to work around the problem
> >  You could try running: rpm -Va --nofiles --nodigest

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: opensource VPN modules

[Raffael Schmid]

> Okay. Thank you for this short introduction!
> I will rewrite the module to use concat instead of concatfilepart and put it 
> on
> puppetlabs afterwards.

The refactored Version is now live:
http://forge.puppetlabs.com/users/luxflux/modules/openvpn/releases/1.0




signature.asc
Description: Digital signature

Re: [Puppet Users] opensource VPN modules

[Gabriel Filion]

On 12-02-10 10:12 AM, Raffael Schmid wrote:
> On Thu, 09 Feb 2012, Gabriel Filion wrote:
> 
>> Do you guys know of opensourced puppet modules for managing VPN
>> services?
>> 
>> I've only found a handful of modules for openvpn that seemed less
>> than complete.
> 
> Check mine https://github.com/luxflux/puppet-openvpn, I think it
> is complete.

hmm nice, it manages certificate creation for each client defined.

> Or which options are you missing?

I was intending to manage both the server and client with puppet in
order to maintain a vpn tunnel up and running between two sites.

but I talked with someone I know, and actually my use case is so
simple -- I want to be able to contact my puppetmaster, which is
behind a NAT, behind a dynamic IP from a remote host. and that remote
host has a static ip -- that it's gonna be less hassle to use a simple
reverse ssh tunnel from the puppetmaster to the host with a static ip.
(p.s. and .. yes, I know.. a puppetmaster in such a painful setup,
yuck! but the infrastructure is mostly my personal testbed)

but I'll keep you module in mind, thanks :)

-- 
Gabriel Filion

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: opensource VPN modules

[Raffael Schmid]

Hi Kelsey

On Fri, 10 Feb 2012, Kelsey Hightower wrote:

> One way to generate the metadata file is to use the puppet module tool:
> https://github.com/puppetlabs/puppet-module-tool
>
> Once you have it installed run the generate command:
>
> puppet-module generate username-modulename
>
> You can grab the Modulefile from there and add it to your git repo. Once
> you have a Modulefile you can use the puppet-module build command to
> generate a release package.

Okay. Thank you for this short introduction!
I will rewrite the module to use concat instead of concatfilepart and put it on
puppetlabs afterwards.

regards
 raf


signature.asc
Description: Digital signature

Re: [Puppet Users] Re: opensource VPN modules

[Kelsey Hightower]

On Fri, Feb 10, 2012 at 10:24 AM, Raffael Schmid  wrote:

>
> Hi Kelsey
>
> On Fri, 10 Feb 2012, Kelsey Hightower wrote:
>
> > > Check minehttps://github.com/luxflux/puppet-openvpn, I think it is
> > > complete. Or which options are you missing?
> >
> > Raffael, cool module, how can I help you get that on the Puppet Forge:
> > http://forge.puppetlabs.com. Looks like you are only missing a
> > metadata file and an account on the Forge.
>
> I've got an account on the Forge and wanted to put it there... I
> dunno why I failed :) Think it's because it misses some tests...?
> Are they needed? Whats the easiest way to generate a metadata file?
>

The tests are not required.

One way to generate the metadata file is to use the puppet module tool:
https://github.com/puppetlabs/puppet-module-tool

Once you have it installed run the generate command:

puppet-module generate username-modulename

You can grab the Modulefile from there and add it to your git repo. Once
you have a Modulefile you can use the puppet-module build command to
generate a release package.



-- 
Kelsey Hightower
Solutions Engineer
Puppet Labs
1-678-471-9501

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: opensource VPN modules

[Raffael Schmid]

Hi Kelsey

On Fri, 10 Feb 2012, Kelsey Hightower wrote:

> > Check minehttps://github.com/luxflux/puppet-openvpn, I think it is
> > complete. Or which options are you missing?
>
> Raffael, cool module, how can I help you get that on the Puppet Forge:
> http://forge.puppetlabs.com. Looks like you are only missing a
> metadata file and an account on the Forge.

I've got an account on the Forge and wanted to put it there... I
dunno why I failed :) Think it's because it misses some tests...?
Are they needed? Whats the easiest way to generate a metadata file?

regards
 raf


signature.asc
Description: Digital signature

[Puppet Users] Re: opensource VPN modules

[Kelsey Hightower]

On Feb 10, 10:12 am, Raffael Schmid  wrote:
> Hi Gabriel
>
> On Thu, 09 Feb 2012, Gabriel Filion wrote:
> > Do you guys know of opensourced puppet modules for managing VPN services?
>
> > I've only found a handful of modules for openvpn that seemed less than
> > complete.
>
> Check minehttps://github.com/luxflux/puppet-openvpn, I think it is
> complete. Or which options are you missing?

Raffael, cool module, how can I help you get that on the Puppet Forge:
http://forge.puppetlabs.com. Looks like you are only missing a
metadata file and an account on the Forge.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] opensource VPN modules

[Raffael Schmid]

Hi Gabriel

On Thu, 09 Feb 2012, Gabriel Filion wrote:

> Do you guys know of opensourced puppet modules for managing VPN services?
>
> I've only found a handful of modules for openvpn that seemed less than
> complete.

Check mine https://github.com/luxflux/puppet-openvpn, I think it is
complete. Or which options are you missing?

regards
 raf


signature.asc
Description: Digital signature

[Puppet Users] Re: puppet 2.6.13-2.el5 not writing logs

[Kelsey Hightower]

On Feb 10, 7:52 am, Sam F  wrote:
> Hi every one,
>
> I have a strange behavior with my puppet agent on CentOS 5.7.
>
> The agent does not write into the log file when it runs as a daemon.
> Nevertheless, It does when it is run manually by "puppet agent -t".
>
> And the behavior is the same even if I specify explicitly the log file
> on the command line like :
>
> /usr/bin/puppet agent --logdest=/var/log/syslog
>
> Here is my puppet.conf
> ---
> [main]
> vardir=/var/lib/puppet
> ssldir=/var/lib/puppet/ssl
> rundir=/var/run/puppet
> factpath=$vardir/lib/facter
> pluginsync=true
> server=puppetmaster01.back.adencf.local
> #server=puppetmaster02.int.adencf.local
>
> [agent]
> environment=development
> #listen = true # Issue on CentOS 5.7 confirmed by a bugreport on
> PuppetLabs
> report = true
>
> In /etc/sysconfig/puppet
> ---
> # Defaults for puppet - sourced by /etc/init.d/puppet
> # Start puppet on boot?
> START=yes
>
> # Pull puppetmaster periodicaly
> PUPPET_EXTRA_OPTS=""
> PUPPET_LOG="/var/log/syslog"
> PUPPETD="/usr/bin/puppet agent"
>
> PUPPET_LOG="/var/log/syslog"
>
> Have any one of you an idea about that ?

Can you try and set autoflush to true?

http://docs.puppetlabs.com/references/2.7.9/configuration.html#autoflush

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: SSL certificates issues with some of the nodes

[Kelsey Hightower]

On Feb 10, 8:59 am, mukulm  wrote:
> Hi,
>
> I am using puppet open source & their are above 2000 nodes in my
> network & getting SSL certificates issues with some of the remote
> nodes & they are not in sync with puppet server where others are in
> sync with server & date of the nodes systems are in sync with ntp
> server, also tried the following as,
>
>    1. Deleted the nodes certificate on the puppet server
>    2. Deleted the SSL directory of the agent.
>    3. Run puppet agent --test on that agent to generate a new
> certificate request.
>
> but I have to regularly repeat the above process within a timeframe
> (weekly or monthly) so is there any other way other than this so that
> all of my agent should be in sync.
>
> Also how can I find the sync & unsync count    ?
>
> Thanks
> mukulm

To help clarify things, are all your nodes and masters in sync with
the same NTP server? This is a common source of the issues you are
describing.

If you are still running into issues can you post (pastbin) the errors
so
others can help you troubleshoot?

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] puppet-module-tool question

[Darin Perusich]

On Fri, Feb 10, 2012 at 9:05 AM, Kelsey Hightower  wrote:
> On Feb 10, 2012, at 8:41 AM, Darin Perusich wrote:
>
>> The puppet-module-tool GIT pages says it's been converted into a
>> puppet face and merged into puppet core. Does this make puppet-module
>> obsolete or does it still need to be installed?
>
> The puppet module tool still needs to be installed, sorry for the confusion. 
> If you would like to use it right now, please following the installation 
> instructions on the github page (gem install puppet-module). Once the new 
> version of the module tool is ready for release, we will deprecate the 
> current stand-alone version, but it will stay around to support users running 
> older versions of Puppet.

Thanks for the clarification Kelsey.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: How do I track updates to forge modules?

[Kelsey Hightower]

On Feb 2, 5:55 pm, John Warburton  wrote:
> Is there a way to "watch" modules and be notified if they are updated?
>
> I can't see anything obvious in the documentation
>
> Thanks
>
> John

Currently there is no easy way to "track" when modules are updated on
the Forge. One way I can think of to track updates to modules, but not
necessarlly releases to the Forge, would be to follow the project on
Github.

For example, if I wanted to track updates to the nginx module by
BenoitCattie

http://forge.puppetlabs.com/BenoitCattie/nginx

I could follow his Github repo here: http://github.com/BenoitCattie/puppet-nginx

I'm fully aware not everyone will have a corresponding github repo for
their module on the Forge, but so far this has been the convention.

This also sounds like a really good feature request which can be
opened here: https://projects.puppetlabs.com/projects/module-site

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] puppet 2.6.13-2.el5 not writing logs

[Sam F]

Hi every one,

I have a strange behavior with my puppet agent on CentOS 5.7.

The agent does not write into the log file when it runs as a daemon.
Nevertheless, It does when it is run manually by "puppet agent -t".


And the behavior is the same even if I specify explicitly the log file
on the command line like :

/usr/bin/puppet agent --logdest=/var/log/syslog


Here is my puppet.conf
---
[main]
vardir=/var/lib/puppet
ssldir=/var/lib/puppet/ssl
rundir=/var/run/puppet
factpath=$vardir/lib/facter
pluginsync=true
server=puppetmaster01.back.adencf.local
#server=puppetmaster02.int.adencf.local

[agent]
environment=development
#listen = true # Issue on CentOS 5.7 confirmed by a bugreport on
PuppetLabs
report = true


In /etc/sysconfig/puppet
---
# Defaults for puppet - sourced by /etc/init.d/puppet
# Start puppet on boot?
START=yes

# Pull puppetmaster periodicaly
PUPPET_EXTRA_OPTS=""
PUPPET_LOG="/var/log/syslog"
PUPPETD="/usr/bin/puppet agent"

PUPPET_LOG="/var/log/syslog"



Have any one of you an idea about that ?


Thanks a lot !


--
Xakraz

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] puppet-module-tool question

[Kelsey Hightower]

On Feb 10, 2012, at 8:41 AM, Darin Perusich wrote:

> The puppet-module-tool GIT pages says it's been converted into a
> puppet face and merged into puppet core. Does this make puppet-module
> obsolete or does it still need to be installed?

The puppet module tool still needs to be installed, sorry for the confusion. If 
you would like to use it right now, please following the installation 
instructions on the github page (gem install puppet-module). Once the new 
version of the module tool is ready for release, we will deprecate the current 
stand-alone version, but it will stay around to support users running older 
versions of Puppet.


> I'm running puppet
> 2.7.9 but this "face" is not included so obviously it's not available.
> 
> Can someone provide a little clarification please.

+1 one making this more clear.

> 
> --
> Later,
> Darin
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to 
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.
> 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] SSL certificates issues with some of the nodes

[mukulm]

Hi,

I am using puppet open source & their are above 2000 nodes in my
network & getting SSL certificates issues with some of the remote
nodes & they are not in sync with puppet server where others are in
sync with server & date of the nodes systems are in sync with ntp
server, also tried the following as,

   1. Deleted the nodes certificate on the puppet server
   2. Deleted the SSL directory of the agent.
   3. Run puppet agent --test on that agent to generate a new
certificate request.

but I have to regularly repeat the above process within a timeframe
(weekly or monthly) so is there any other way other than this so that
all of my agent should be in sync.

Also how can I find the sync & unsync count?

Thanks
mukulm

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Time interval within execution of scripts from the server

[Ygor]

http://lmgtfy.com/?q=cron+random+delay

Inserting Random Delay In Cron Jobs
http://www.moundalexis.com/archives/76.php

On Feb 9, 9:00 am, mukulm  wrote:
> Hi,
>
> I have multiple script to be copied & executed from the puppet server
> on the client systems but i want to execute
> each script within a timeframe such as hourly, weekly or monthly from
> the puppet server as i dont want to execute all scripts on the same
> frequency.
>
> Any help will be greatly appreciated.
>
> Thanks
> mukulm

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] puppet-module-tool question

[Darin Perusich]

The puppet-module-tool GIT pages says it's been converted into a
puppet face and merged into puppet core. Does this make puppet-module
obsolete or does it still need to be installed? I'm running puppet
2.7.9 but this "face" is not included so obviously it's not available.

Can someone provide a little clarification please.

--
Later,
Darin

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: neatest way to determine a major version of centos/linux?

[Dick Davies]

Thanks all, there should be enough in the replies to get me going :)

Want to use hiera for determining package names etc between major
versions (e.g. sendmail on 5.x, postfix on 6.x)

- will look up based on OS_flavour+ major_release
(Centos-5.json, RHEL-6.json, etc.) and that should get me sorted.

Thanks a lot!

On 8 February 2012 02:37, d...@looprock.com  wrote:
> I use this:
>
> Facter.add("operatingsystemrelease_mv") do
>        setcode do
>                %x{cat /etc/redhat-release |awk \{'print $3'\}|cut -
> c1}.chomp
>        end
> end
>
> On Feb 3, 11:29 am, Ramin K  wrote:
>> You'll need to add the redhat-lsb package to your kickstart system and/
>> or just install it on your current systems. That's the package facter
>> uses to determine the lsb facts.
>>
>> On Feb 3, 8:57 am, Dick Davies  wrote:
>>
>>
>>
>>
>>
>>
>>
>> > Just started a rollout of centos 6.x across our Puppet deployment
>> > (100-odd servers).
>>
>> > what fact would people suggest I use to distinguish 5.x from 6.x
>> > (quite a lot of subsystems are different between major releases)?
>>
>> > lsb* facts don't seem to be present on centos 6 - is this an EPEL bug,
>> > or have they
>> > just been removed in Facter?
>>
>> > Thanks!
>
> --
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to 
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Questions regarding Puppet with httpd.conf

[the_fonz]

Thanks for the replies, they were very helpful. I'll post back if I
have any problems.

On Feb 9, 5:45 am, Brian Gallew  wrote:
> Further, you should remember that there is no reason for an Apache
> configuration to be monolithic.  Apache is perfectly happy to have a bunch
> of files to include.  Throw in a naming convention (e.g. files named
> foo.ssl will be included by my SSL config file) and you've got some real
> flexibility.
>
> On Wed, Feb 8, 2012 at 5:56 PM, Michael Stahnke wrote:
>
>
>
>
>
>
>
> > On Wed, Feb 8, 2012 at 3:46 PM, the_fonz 
> > wrote:
> > > Hi,
>
> > > I'd like to start using Puppet to manage an httpd.conf file across
> > > several webservers. I have a Puppet server and client config setup and
> > > have followed a couple of simple "How To's" to get off the ground. I'm
> > > syncing a couple of files and ensuring certain packages are installed
> > > etc on the client.
>
> > > Now, here 's where I'm stuck... what happens if the httpd.conf file is
> > > slightly different on each webserver? For example, each httpd.conf
> > > file has multiple Virtual Host entries that are defined by the
> > > webservers IP.  for example.
>
> > You'll want to look athttp://docs.puppetlabs.com/guides/templating.html
>
> > You can use a template and have it fill in variables.  Luckily, the
> > host's IP address is already available as a variable via facter.
>
> > > How do I manage one httpd.conf file from the Puppet server given the
> > > VirtualHost IP's will be different on each server? I guess I just want
> > > to "taylor" the http.conf file for each weberserver but manage it from
> > > the Puppet Server.
>
> > > If anyone can give me a few pointers it would be appreciated.
>
> > > Thanks,
>
> > > --
> > > You received this message because you are subscribed to the Google
> > Groups "Puppet Users" group.> > To post to this group, send email 
> > topuppet-us...@googlegroups.com.
> > > To unsubscribe from this group, send email 
> > > to>puppet-users+unsubscr...@googlegroups.com.
> > > For more options, visit this group at
> >http://groups.google.com/group/puppet-users?hl=en.
>
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Puppet Users" group.> To post to this group, send email 
> > topuppet-us...@googlegroups.com.
> > To unsubscribe from this group, send email 
> > to>puppet-users+unsubscr...@googlegroups.com.
> > For more options, visit this group at
> >http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Looping in Ruby DSL

[sateesh]

Hi Felix,

Thanks for the help. I have solved it another way.

In my case the array is dynamic. My scripts should support any number
of IPs. Initially we dont know that. The user will set the array in
the site.pp and run the scripts. Our modules should rnu according to
the length of the array. So here

proxy_ring {
"1": $ip1;
"2": $ip2;
...

}

We cannot hardcode the parameters.

However, I have solved that in different manner.

I have used the John's comment "Exec<| tag == 'test_tag' |> -> File['/
tmp/testecho.txt'] " statement to tell the dependency to the Ruby DSL.

Thanks everybody who helped me.

Thanks,
Sateesh B.

On Feb 9, 1:39 pm, Felix Frank 
wrote:
> On 02/09/2012 05:50 AM, Eric Shamow wrote:
>
> > Sateesh,
>
> > It is better if you don't look at it as a "loop."  A loop is a very
> > procedural concept.  You are working with a machine that you are trying
> > to get into a fixed state.
>
> > So better to think "I want to have a bunch of similar-looking resources
> > that are identified and enumerated in an array."
>
> > This leads you to defined
> > types:http://docs.puppetlabs.com/learning/definedtypes.html
>
> > Which is probably the way you should do this.
>
> +1
>
> Be especially aware that you need a "creates" or "onlyif" constraint,
> otherwise puppet will perform your exec through each run.
>
> Here's a pointer:
>
> define proxy_ring($sip) {
>   exec { "account-for-zone$name":
>                 command => "swift-ring-builder account.builder add
> z$name-$sip:6002/sdb1 100",
>                 creates => ?!
>                 cwd => "/etc/swift",
>                 require => Class['swift::proxy-install'],
>                 path => ["/bin", "/sbin", "/usr/bin", "/usr/sbin"];
>         "containter-for-zone$name":
>                 ...
>
> }
>
> Use this like
> proxy_ring {
>         "1": $ip1;
>         "2": $ip2;
>         ...
>
> }
>
> If you prefer arrays - that's harder. You could store the definitions in
> a hash and use the create_resources() function.
>
> HTH,
> Felix

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Anyone know a good tool for 'watching' configurations?

[ptman]

>
> Does anyone have any idea on if there are any tools that can provide 
> the ability to watch directories for changes like that. 
>

You might want to take a look at  http://joey.kitenet.net/code/etckeeper/ for 
ideas.

Cheers,
Paul

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/NCukkAW5NMEJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.