Re: [Puppet Users] Thoughts on job listings?

[Gonzalo Servat]

On Thu, May 31, 2012 at 7:13 AM, R.I.Pienaar  wrote:

>
> job postings from community members looking for themselves/their employers
> with clear direct to employer contact information +1
>
> job postings from recruiters -1
>

+1 to what R.I.P just said :-)

The problem with the weekly digest email is that if it goes out on, say,
Monday and someone posts an ad on Tuesday, it'll be almost a week until it
goes out to the list, which depending on urgency to fill the role, may not
be ideal (for both; the candidate and the company).

- Gonzalo

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Thoughts on job listings?

[Trevor Vaughan]

-1 on this list

+1 for a moderated, digest-only, list dedicated to this purpose.

Trevor

On Wed, May 30, 2012 at 4:49 PM, Michael Stahnke  wrote:
> How do folks feel about getting Puppet job listings on this list?
> I've rejected a few that we quite spammy, but when the subject matter
> really is a system admin with puppet experience, the decision becomes
> a bit different.
>
> I'm looking for general feelings.  A simple +1 or -1 would be great.
>
>
> Mike
>
> --
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to 
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.
>



-- 
Trevor Vaughan
Vice President, Onyx Point, Inc
(410) 541-6699
tvaug...@onyxpoint.com

-- This account not approved for unencrypted proprietary information --

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] resource override

[Papp Tamas]

On 05/31/2012 12:29 AM, Papp Tamas wrote:


On 05/30/2012 05:58 PM, Ryan Coleman wrote:

The issue here is how your module is structured in relation to what
Puppet expects to automatically find your manifests.

In jay module, manifests directory, Puppet expects init.pp to have the
jay class.

If you want to have a jay::postfix class, Puppet expects to find it in
jay/manifests/postfix.pp. So, if your init.pp currently contains the
class jay::postfix, rename that file to postfix.pp and try again.

Reference: 
http://docs.puppetlabs.com/puppet/2.7/reference/modules_fundamentals.html#module-layout


Of course I tried this way:

[...some example...]


At least, I thought, I did:)


Rather not..

It's OK, if I use include postfix::bob and the classes for this way.


But:

# puppet agent -t --noop
err: Could not retrieve catalog from remote server: Error 400 on SERVER: 
Could not find scope for bob::postfix at 
/etc/puppet/nodes/bob/manifests/init.pp:2 on node bob.foo.com

warning: Not using cache on failed catalog
err: Could not retrieve catalog; skipping run

IF:

node "bob.maramaros.chemaxon.local" inherits nodes_LXC {
include bob
}


# cat init.pp
class bob {
include bob::postfix
}

# cat postfix.pp
class bob::postfix inherits postfix {
File ["/etc/postfix/main.cf"] {
content => template('bob/etc/postfix/main.cf.erb')
}

}


OR

# puppet agent -t --noop
err: Could not retrieve catalog from remote server: Error 400 on SERVER: 
Could not find scope for bob::postfix at 
/etc/puppet/manifests/nodes.pp:6 on node bob.foo.com

warning: Not using cache on failed catalog
err: Could not retrieve catalog; skipping run

IF:

node "bob.foo.com" inherits nodes_LXC {
include bob::postfix
}

class bob::postfix inherits postfix {
File ["/etc/postfix/main.cf"] {
content => template('bob/etc/postfix/main.cf.erb')
}

}



So I still miss something, but I don't see what or where or any clue.

Thank you,
tamas

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] resource override

[Papp Tamas]

On 05/30/2012 05:58 PM, Ryan Coleman wrote:

The issue here is how your module is structured in relation to what
Puppet expects to automatically find your manifests.

In jay module, manifests directory, Puppet expects init.pp to have the
jay class.

If you want to have a jay::postfix class, Puppet expects to find it in
jay/manifests/postfix.pp. So, if your init.pp currently contains the
class jay::postfix, rename that file to postfix.pp and try again.

Reference: 
http://docs.puppetlabs.com/puppet/2.7/reference/modules_fundamentals.html#module-layout


Of course I tried this way:

[...some example...]


At least, I thought, I did:)


Thank you very much,
tamas

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Lots of problems with Puppet 2.7 and Passenger on FreeBSD

[Jo Rhett]

Authorization is handled by auth.conf, you should look at this file. The 
default syntax which handles this is something like so:

# allow nodes to retrieve their own catalog (ie their configuration)
path ~ ^/catalog/([^/]+)$
method find
allow $1

On May 8, 2012, at 6:55 PM, Josh wrote:
> I continually get error messages about denied requests and can't figure out 
> why...starting to get really frustrated. AFAICT, the SSL stuff doesn't 
> actually work, which makes me think I have something configured incorrectly. 
> This is my first attempt with Passenger. I've previously used Puppet (0.24) 
> with Mongrel and that worked well, I figured I would see how Passenger 
> worked. Seems a lot harder to get going so far.
> 
> I can see a signing request, I sign it, seems to work, but the agent never 
> attempts again. If I manually restart the agent I start getting 403s. If I 
> wipe out the SSL files and restart, the same thing happens: start agent, get 
> request, sign, restart agent, 403, rinse and repeat. It worked as [user] but 
> when I changed it to [agent], everything broke, even with the same 
> certificates. These are the errors I see:
> 
> May  8 21:36:06 puppet puppet-master[11776]: Denying access: Forbidden 
> request: backup1(192.168.3.9) access to /catalog/backup1.int.domain.com 
> [find] at line 98
> May  8 21:36:06 puppet puppet-master[11776]: Forbidden request: 
> backup1(192.168.3.9) access to /catalog/backup1.int.domain.com [find] at line 
> 98
> 
> I also had plugin errors and report errors but I turned those options off. I 
> created the master cert with dns_alt_name=puppet, and I see the extension in 
> the cert ONLY for the master's FQDN cert file, the CA cert file doesn't have 
> an alt name (ssl/certs/ca.pem). Neither does ssl/ca/ca_crt.pem. Is this 
> correct? Does the client also need an alt name in its cert?
> 
> This, believe it or not, is the default puppet.conf I got on FreeBSD (with 
> comments/whitespace removed, [user] changed to [agent], and my domain 
> replaced):
> 
> [agent]
> tagmap = /usr/local/etc/puppet/tagmail.conf
> lastrunreport = /var/puppet/state/last_run_report.yaml
> server = puppet.int.domain.com
> clientyamldir = /var/puppet/client_yaml
> clientbucketdir = /var/puppet/clientbucket
> puppetdlog = /var/puppet/log/puppetd.log
> report_server = puppet
> runinterval = 10
> inventory_port = 8140
> classfile = /var/puppet/state/classes.txt
> ca_port = 8140
> puppetdlockfile = /var/puppet/state/puppetdlock
> report = false
> localconfig = /var/puppet/state/localconfig
> splaylimit = 1800
> client_datadir = /var/puppet/client_data
> report_port = 8140
> lastrunfile = /var/puppet/state/last_run_summary.yaml
> graphdir = /var/puppet/state/graphs
> statefile = /var/puppet/state/state.yaml
> resourcefile = /var/puppet/state/resources.txt
> reportserver = puppet
> inventory_server = puppet
> ca_name = Puppet CA: jail-5.isc.freebsd.org
> cakey = /var/puppet/ssl/ca/ca_key.pem
> caprivatedir = /var/puppet/ssl/ca/private
> capass = /var/puppet/ssl/ca/private/ca.pass
> cert_inventory = /var/puppet/ssl/ca/inventory.txt
> cadir = /var/puppet/ssl/ca
> capub = /var/puppet/ssl/ca/ca_pub.pem
> csrdir = /var/puppet/ssl/ca/requests
> serial = /var/puppet/ssl/ca/serial
> cacert = /var/puppet/ssl/ca/ca_crt.pem
> cacrl = /var/puppet/ssl/ca/ca_crl.pem
> signeddir = /var/puppet/ssl/ca/signed
> autosign = /usr/local/etc/puppet/autosign.conf
> masterlog = /var/puppet/log/puppetmaster.log
> modulepath = /usr/local/etc/puppet/modules:/usr/share/puppet/modules
> ssl_client_header = SSL_CLIENT_S_DN
> server_datadir = /var/puppet/server_data
> masterhttplog = /var/puppet/log/masterhttp.log
> bucketdir = /var/puppet/bucket
> ssl_client_verify_header = SSL_CLIENT_VERIFY
> fileserverconfig = /usr/local/etc/puppet/fileserver.conf
> manifestdir = /usr/local/etc/puppet/manifests
> manifest = /usr/local/etc/puppet/manifests/site.pp
> rest_authconfig = /usr/local/etc/puppet/auth.conf
> yamldir = /var/puppet/yaml
> reportdir = /var/puppet/reports
> inventory_terminus = facter
> plugindest = /var/puppet/lib
> privatekeydir = /var/puppet/ssl/private_keys
> hostcsr = /var/puppet/ssl/csr_jail-5.isc.freebsd.org.pem
> factsource = puppet://puppet/facts/
> hostpubkey = /var/puppet/ssl/public_keys/jail-5.isc.freebsd.org.pem
> authconfig = /usr/local/etc/puppet/namespaceauth.conf
> logdir = /var/puppet/log
> httplog = /var/puppet/log/http.log
> publickeydir = /var/puppet/ssl/public_keys
> pluginsource = puppet://puppet/plugins
> privatedir = /var/puppet/ssl/private
> factpath = /var/puppet/lib/facter:/var/puppet/facts
> hostcert = /var/puppet/ssl/certs/jail-5.isc.freebsd.org.pem
> localcacert = /var/puppet/ssl/certs/ca.pem
> certdir = /var/puppet/ssl/certs
> 

Re: [Puppet Users] ENC RDBM best practice

[Ken Barber]

Perhaps look at the Puppet Dashboard or Foreman schemas as a starting
point? These are both ENC's that are already working.

ken.

On Wed, May 30, 2012 at 9:13 PM, erkan yanar  wrote:
>
> Moin,
>
> I am thinking of using a RDBM as a best practise.
> I am missing some info/examples how to best organise the schema.
>
> Are there are some tips/howtos?
>
> Regards
> Erkan
>
>
>
> --
> über den grenzen muß die freiheit wohl wolkenlos sein
>
> --
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to 
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] hiera-redis 0.2.0

[windowsrefund]

This updated version allows for improved interaction with Redis hashes

https://github.com/reliantsecurity/hiera-redis

http://rubygems.org/gems/hiera-redis

Now it is possible to use the hiera() function to lookup a value from
a corresponding key within a Redis hash like so:

$coffee = hiera('coffee', nil, 'beverages:hot')

where the redis key had been created as a hash like so:

hset beverages:hot coffee "light and sweet"

assuming we added a few more hot beverages like this

hmset beverages:hot tea green "hot chocolate" "and marsh mellows"

we can get a hash of all hot beverages with

$hot_beverages = hiera_hash('hot')

which assumes the "beverages" scope is part of Hiera's hierarchy

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: puppetmaster fails to start

[Bill McGonigle]

Any chance you ran 'setenforce 0' before you rebooted the server?  :)

(SELinux caused the same problem for me)

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/8MAs-_3INTIJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Thoughts on job listings?

[R.I.Pienaar]

- Original Message -
> From: "Michael Stahnke" 
> To: puppet-users@googlegroups.com
> Sent: Wednesday, May 30, 2012 9:49:44 PM
> Subject: [Puppet Users] Thoughts on job listings?
> 
> How do folks feel about getting Puppet job listings on this list?
> I've rejected a few that we quite spammy, but when the subject matter
> really is a system admin with puppet experience, the decision becomes
> a bit different.
> 
> I'm looking for general feelings.  A simple +1 or -1 would be great.

job postings from community members looking for themselves/their employers 
with clear direct to employer contact information +1

job postings from recruiters -1

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Thoughts on job listings?

[John R. Dennison]

On Wed, May 30, 2012 at 01:49:44PM -0700, Michael Stahnke wrote:
> 
> I'm looking for general feelings.  A simple +1 or -1 would be great.

-1 on this list.




John
-- 
Act as if what you do makes a difference.  It does.

-- William James (1842-1910), American Psychologist, Professor, Author


pgpnEAdGEesyY.pgp
Description: PGP signature

Re: [Puppet Users] exec command: command works on cli, but not via puppet

[Gary Larizza]

On Wed, May 30, 2012 at 2:00 PM, Ryan Coleman  wrote:

> On Sun, May 27, 2012 at 1:18 PM, hohum  wrote:
> > I get an error that the exec command failed because it returned 1
> instead of
> > 0 but when I copy the command puppet outputs as an error, and paste that
> > into a shell it works perfectly.  The command's syntax is this:
>
> Hi,
>
> After you run your command in your shell, try running the following
> command: echo $?
>
> This will echo back the return code of the previous command, which I
> suspect will be 1. Just because a command doesn't return any output
> doesn't mean it exited 0.
>
> If it turns out that the exit code of 1 (or whatever) is what you'd
> like to consider success, you can tell Puppet what return code should
> indicate success with the returns parameter:
> http://docs.puppetlabs.com/references/stable/type.html#exec
>
> HTH!
>
> --Ryan
>

If Ryan's solution doesn't work, can you paste the Puppet code you're using
for the exec?  It might also be that the redirection you're trying to do
requires that "provider => shell" be set.


>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>


-- 

Gary Larizza
Professional Services Engineer
Puppet Labs

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Thoughts on job listings?

[R. Tyler Croy]

On Wed, 30 May 2012, Craig Dunn wrote:

> On 30/05/2012 21:49, Michael Stahnke wrote:
> >How do folks feel about getting Puppet job listings on this list?
> >I've rejected a few that we quite spammy, but when the subject matter
> >really is a system admin with puppet experience, the decision becomes
> >a bit different.
> 
> 
> I think very Puppet orientated job listings would be tolerable, but
> you run the risk of getting every "devopsy" type job that remotely
> touches on Puppet being posted and that would IMO start to be
> spammy.
> 
> You could always encourage people to email you with their job
> listings and have it sent out as a consolidated email once a week or
> something?
> 
> Just a thought.

I think this is the best idea here, a "This Week in Puppet Jobs" would be a
good email, low noise, high signal :)

Cheers
- R. Tyler Croy
--
Code: http://github.com/rtyler
 Chatter: http://twitter.com/agentdero
  rty...@jabber.org


pgptlsJ1ZI3qE.pgp
Description: PGP signature

Re: [Puppet Users] Thoughts on job listings?

[Christopher Wood]

On Wed, May 30, 2012 at 01:49:44PM -0700, Michael Stahnke wrote:
> How do folks feel about getting Puppet job listings on this list?
> I've rejected a few that we quite spammy, but when the subject matter
> really is a system admin with puppet experience, the decision becomes
> a bit different.
> 
> I'm looking for general feelings.  A simple +1 or -1 would be great.

-1 on jobs posts to this list.

+1 on a new list for jobs/candidates.

(Who wants to be a puppet-aware infrastructure sysadmin in Toronto? 
*coughnospam*)

> Mike
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to 
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.
> 
> 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: override parameter within base class?

[jcbollinger]

On May 30, 2:37 pm, Ryan Bowlby  wrote:
> Hi All,
>
> Is there a way to override the value of a parameter to a declared
> class within my base class. My nodes use a base class that
> occasionally need to be changed. Example:
>
> class "base" {
>   class { "apache":
>     mpm => "worker",
>   }
> ..other awesomeness
>
> }
>
> Then in the nodes:
>
> node "a" {
>   include base
>
> }
>
> # made up syntax
> node "specialhost" {
>   class "special" inherits base {
>     Class { "apache": mpm => "prefork" }
>   }
>
> }
>
> How do I override the mpm param within the apache declaration within
> the base class for "specialhost"? Is this possible and if not what are
> the common workarounds?


What you wrote is similar to what I would expect to work, which would
be this:

class special inherits base {
  Class['apache'] { mpm => 'prefork' }
}

node 'specialhost' {
  include 'special'
}

That's the standard syntax for subclasses overriding their parent
class's resource's parameters.  In practice, I'd put the subclass
definition in its own file in a suitable module, of course.


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] exec command: command works on cli, but not via puppet

[Ryan Coleman]

On Sun, May 27, 2012 at 1:18 PM, hohum  wrote:
> I get an error that the exec command failed because it returned 1 instead of
> 0 but when I copy the command puppet outputs as an error, and paste that
> into a shell it works perfectly.  The command's syntax is this:

Hi,

After you run your command in your shell, try running the following
command: echo $?

This will echo back the return code of the previous command, which I
suspect will be 1. Just because a command doesn't return any output
doesn't mean it exited 0.

If it turns out that the exit code of 1 (or whatever) is what you'd
like to consider success, you can tell Puppet what return code should
indicate success with the returns parameter:
http://docs.puppetlabs.com/references/stable/type.html#exec

HTH!

--Ryan

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Thoughts on job listings?

[Craig Dunn]

On 30/05/2012 21:49, Michael Stahnke wrote:

How do folks feel about getting Puppet job listings on this list?
I've rejected a few that we quite spammy, but when the subject matter
really is a system admin with puppet experience, the decision becomes
a bit different.



I think very Puppet orientated job listings would be tolerable, but you 
run the risk of getting every "devopsy" type job that remotely touches 
on Puppet being posted and that would IMO start to be spammy.


You could always encourage people to email you with their job listings 
and have it sent out as a consolidated email once a week or something?


Just a thought.

Craig

--
Craig Dunn | http://www.craigdunn.org
Yahoo/Skype: craigrdunn | Twitter: @crayfishX

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Thoughts on job listings?

[Steve Traylen]

On Wednesday, 30 May 2012 22:49:44 UTC+2, Michael Stanhke wrote:
>
> How do folks feel about getting Puppet job listings on this list? 
> I've rejected a few that we quite spammy, but when the subject matter 
> really is a system admin with puppet experience, the decision becomes 
> a bit different. 
>
> I'm looking for general feelings.  A simple +1 or -1 would be great. 
>
> I would like somewhere to post jobs (we have one :-))
If it can be somewhere close to the people reading this list so much the 
better.

Steve

>
> Mike 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/kULJFmwfqgMJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Thoughts on job listings?

[Craig White]

+1

On May 30, 2012, at 1:49 PM, Michael Stahnke wrote:

> How do folks feel about getting Puppet job listings on this list?
> I've rejected a few that we quite spammy, but when the subject matter
> really is a system admin with puppet experience, the decision becomes
> a bit different.
> 
> I'm looking for general feelings.  A simple +1 or -1 would be great.
> 
> 
> Mike
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to 
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.
> 

-- 
Craig White ~ craig.wh...@ttiltd.com
1.800.869.6908 ~~ www.ttiassessments.com 

Need help communicating between generations at work to achieve your desired 
success? Let us help!

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Thoughts on job listings?

[Brendan O'Bra]

-1
the lack of noise is appreciated on this list.  How about another list
instead?

On Wed, May 30, 2012 at 1:49 PM, Michael Stahnke wrote:

> How do folks feel about getting Puppet job listings on this list?
> I've rejected a few that we quite spammy, but when the subject matter
> really is a system admin with puppet experience, the decision becomes
> a bit different.
>
> I'm looking for general feelings.  A simple +1 or -1 would be great.
>
>
> Mike
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>


-- 
GVoice: 707.646.9180
LinkedIn: http://www.linkedin.com/in/brendanobra

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Thoughts on job listings?

[Scott Merrill]

On Wed, May 30, 2012 at 4:49 PM, Michael Stahnke  wrote:
> How do folks feel about getting Puppet job listings on this list?
> I've rejected a few that we quite spammy, but when the subject matter
> really is a system admin with puppet experience, the decision becomes
> a bit different.
>
> I'm looking for general feelings.  A simple +1 or -1 would be great.

-1 on this list. I don't know if there's enough job-related traffic to
justify a job-specific Puppet list, but that'd be where I'd think such
traffic should go.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Thoughts on job listings?

[Michael Stahnke]

How do folks feel about getting Puppet job listings on this list?
I've rejected a few that we quite spammy, but when the subject matter
really is a system admin with puppet experience, the decision becomes
a bit different.

I'm looking for general feelings.  A simple +1 or -1 would be great.


Mike

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: defaults for virtual defined resources from hiera.

[Steve Traylen]

On Tuesday, 15 May 2012 16:48:48 UTC+2, jcbollinger wrote:
>
> On May 14, 2:27 pm, Steve Traylen  wrote: 
> > Up to now I've had a large file of virtual resources and then enabled 
> them 
> > on demand 
> > on various services. The very standard. 
> > 
> > @metric{'1234: 
> >   one => 1 
> >   two => [1,2]} 
> > 
> > @metric{'abcd': 
> >   one => a, 
> >   two => [b,c] 
> > } 
> > and then somewhere realize potentially with an override <| title == 1234 
> |> 
> > { one => 2  } 
>
> Overriding parameter values at realization time is mildly evil.  You 
> need at least to understand that doing this prevents you from 
> realizing the overridden resource in more than one place, which 
> otherwise is safe and sometimes useful. 
>
>
Agreed, i need to set paramaters at creation time, the parameters just may
differ in place to place at creation time sometimes.

>
> > metric is something like 
> > define metric ($one, $two) { 
> ># do stuff. 
> > 
> > } 
> > 
> > Attempting to move the data of virtual resources above into hiera now 
>  and 
> > a few questions. 
> > 
> > metric1234: 
> >  one: 1 
> >  two: 
> >-'1' 
> >-'2' 
> > 
> > metricabcd: 
> >  one: a 
> >  two: 
> >   -'b' 
> >   -'c' 
> > 
> > I accept  to have to use that hierarchy rather than the perhaps more 
> obvious 
> > metric: 
> >1234: ... 
> > abcd: ... 
> > 
> > since hiera can only select on the first level as the key?, i.e 
> > hiera(metic[1234]) or something is not posible is it? 
>
> Not exactly, but similar should be possible.  Hiera can return hashes 
> as values, so you ought to be able to do something like 
>
> $metric_data = hiera('metric') 
> $metric_1234 = $metric_data['1234'] 
>
> That sort of structure might also play well with Puppet's 
> create_resources() function, which I see you already know about. 
>
> > To  realize in a manifest the following works: 
> > 
> > $h = hiera_hash('metric4102') 
> > $g = { '4102' => $h } 
> > create_resources('lemon::metric',$g) 
>
> Ok.  You need to know, if you don't already, that the hiera() function 
> will return a hash if that's the type of value associated with the 
> specified key.  Hiera_hash() also returns a hash, but its main purpose 
> is to collect and merge data from your whole hierarchy, instead of 
> from just the highest-priority level where the key is found.  I don't 
> see any evidence from your example that the latter is what you're 
> really after in that case. 
>
> > however what I would like to do is get the defaults from hiera within 
> the 
> > defined resource so it becomes 
> > like the following which is incorrect but hopefully explains it. 
> > 
> > metric{4102: one=> 'override'} 
> > 
> > where metric is defined as 
> > 
> > define metric (hiera("lemon${title}") { 
> >   # do stuff. 
> > 
> > } 
> > 
> > I can understand why that does not make sense, the define is only going 
> to 
> > evaluated once and badly. 
>
> What does not make sense is "default values" that vary with the 
> resource instance you are declaring.  At least, that doesn't match up 
> with what Puppet means by that term. 
>
>
Okay, I guess i am just using hiera as a data store because its easy to 
access that
and let it deal with the complexity.

>
> > Only option I can think of is to override the paramters inside the 
> define 
> > if they are non-sensical 
> > defaults. 
> > 
> > define metric(one=>'UNSET', two=>'UNSET) { 
> > 
> >   $h = hiera("lemon${title}") 
> >   if $one == 'UNSET' { 
> >   $one = $h['one'] 
> >   } 
> >   if $two == 'UNSET' { 
> >   $two = $['two'] 
> >   } 
> > 
> > } 
> > 
> > but this is it a bit bizarre. 
>
> And it wouldn't work as written, since you cannot redefine variables 
> in Puppet, but something similar could be done.  You could do 
> something a little cleaner and clearer with the aid of a couple of 
> functions.  For example, 
>
> define metric($one => 'UNSET', $two => 'UNSET') { 
>   $passed_params = remove_value({ 'one' => $one, 'two' => $two }, 
> 'UNSET') 
>   $standard_params = hiera("metric_${title}") 
>   $resolved_params = merge($standard_params, $passed_params) 
>   # do something with $resolved_params['one'] 
>   # do something with $resolved_params['two'] 
> } 
>
> There is just such a merge() function in the Puppetlabs stdlib 
> module.  You would have to write remove_values() yourself, but it 
> ought to be pretty simple. 
>  

> I am looking for a better way for a defined resource to get its defaults 
> > dynamically from hiera? 
>
> If the "default" values were associated with top-level keys in your 
> data store, then perhaps you could do something like this: 
>
> define metric($one => hiera("metric${title}_one"), $two => 
> hiera("metric${title}_one")) { 
># ... 
> } 
>
> Again, however, part of the problem is that you are trying to use 
> Puppet's default value facility in a way that was not intended. 
> Generally speaking, default values are defaul

Re: [Puppet Users] override parameter within base class?

[Gary Larizza]

On Wed, May 30, 2012 at 12:37 PM, Ryan Bowlby  wrote:

> Hi All,
>
> Is there a way to override the value of a parameter to a declared
> class within my base class. My nodes use a base class that
> occasionally need to be changed. Example:
>
> class "base" {
>  class { "apache":
>mpm => "worker",
>  }
> ..other awesomeness
> }
>
> Then in the nodes:
>
> node "a" {
>  include base
> }
>
> # made up syntax
> node "specialhost" {
>  class "special" inherits base {
>Class { "apache": mpm => "prefork" }
>  }
> }
>
> How do I override the mpm param within the apache declaration within
> the base class for "specialhost"? Is this possible and if not what are
> the common workarounds?
>
> Thanks,
> Ryan
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>
The way Ryan has described will allow you to override parameters FROM a
base class inside of a called class.  You were asking about overriding
parameters from inside the BASE class to a called class?  If you're getting
to this level of abstraction, I'd look a data lookup mechanism like Hiera
that will allow you to specify different data/parameters based on hierarchy
levels of your own design.  The benefit of THAT is that you don't need to
use the parameterized class syntax, you can simply do 'include base' or
even 'include apache' and the parameters to the apache class would always
be looked-up to determine the appropriate value per-host.  Does that make
sense (or help)?

-- 

Gary Larizza
Professional Services Engineer
Puppet Labs

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] ENC RDBM best practice

[erkan yanar]

Moin,

I am thinking of using a RDBM as a best practise. 
I am missing some info/examples how to best organise the schema.

Are there are some tips/howtos?

Regards
Erkan



-- 
über den grenzen muß die freiheit wohl wolkenlos sein

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: override parameter within base class?

[Nick Fagerlund]

Probably use a class parameter. You're gonna want something like this, I 
think:

class base ($kind = "normal") {
  $mpmtype = $kind ? {
'special' => 'prefork',
default => 'worker',
  }
  class {'apache': mpm => $mpmtype }
}

On your normal nodes, you'd just "include base" or "class {'base':}", and 
on your special nodes, you'd "class {'base': kind => 'special'}".

See?

Best practice is to try and present a clean interface with your wrapper 
classes -- that means instead of exposing every knob you might twiddle as a 
class parameter, settle on a limited number of roles (like that "kind" 
parameter I was showing), and then use logic inside the class to change any 
of the relevant bits in the way that node type needs. 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/KPQzJv_NjPMJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] override parameter within base class?

[Ryan Coleman]

On Wed, May 30, 2012 at 12:37 PM, Ryan Bowlby  wrote:
> Hi All,

Hi!

>
> Is there a way to override the value of a parameter to a declared
> class within my base class. My nodes use a base class that
> occasionally need to be changed. Example:

Yes, there are several ways. One common way is to inherit the class
that has the resources you want to modify into a new class and then
override the resources.

I'd suggest you learn more about that and see if it meets your needs:
http://docs.puppetlabs.com/guides/language_guide.html#resource-collections

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] override parameter within base class?

[Ryan Bowlby]

Hi All,

Is there a way to override the value of a parameter to a declared
class within my base class. My nodes use a base class that
occasionally need to be changed. Example:

class "base" {
  class { "apache":
mpm => "worker",
  }
..other awesomeness
}

Then in the nodes:

node "a" {
  include base
}

# made up syntax
node "specialhost" {
  class "special" inherits base {
Class { "apache": mpm => "prefork" }
  }
}

How do I override the mpm param within the apache declaration within
the base class for "specialhost"? Is this possible and if not what are
the common workarounds?

Thanks,
Ryan

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: How do I get a PE 2.5.1 agent to run as a non-root user in Solaris?

[Berry Sizemore]

What didn't work yesterday works today.  I suspect we were using the wrong 
command.  Thanks for having a look.

On Wednesday, May 30, 2012 10:45:38 AM UTC-7, Berry Sizemore wrote:
>
> Hi,
>
> Some months ago I got PE 1.5.6 agent running as a non-root user on Solaris 
> 10.  I upgraded my agents to PE 2.5.1 and now I cannot successfully start 
> them as non-root user.  I get no error message or logs.
>
> Thanks
>

On Wednesday, May 30, 2012 10:45:38 AM UTC-7, Berry Sizemore wrote:
>
> Hi,
>
> Some months ago I got PE 1.5.6 agent running as a non-root user on Solaris 
> 10.  I upgraded my agents to PE 2.5.1 and now I cannot successfully start 
> them as non-root user.  I get no error message or logs.
>
> Thanks
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/QmJnBB2EBgcJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] puppet-load forbidden request to /catalog/*

[Brice Figureau]

On 30/05/12 19:10, Matthew Burgess wrote:
> On Wed, May 30, 2012 at 5:11 PM, Brice Figureau
>  wrote:
>> Hi Matthew,
>>
>> As the original author of puppet-load (and the aforementioned blog
>> post), I'm sorry to answer so late to this thread.
>>
>> On Wed, 2012-05-30 at 16:32 +0100, Matthew Burgess wrote:
 Apologies for taking so long to get back about this, more pressing
 matters took precedence.  So, back on this, I think I must be doing
 something really daft then, as I've made that change to my auth.conf
 file and still get the same forbidden errors.
>>>
>>> Indeed, I was doing something really daft.  I'd added the changes to
>>> the bottom of auth.conf.  2 things were wrong in doing that:
>>>
>>> a) Adding anything below the 'path /' stanza isn't going to be picked
>>> up, I don't think (I noticed this when trying to get 'puppet kick' to
>>> work and got
>>> similar 403 errors when trying to access /run)
>>> b) There's already a 'path ~ ^/catalog/([^/]+)$' stanza in the default
>>> auth.conf file, so the settings there were being hit before my new
>>> stanza at the bottom
>>> of the file.  By adding 'allow master.domain.com' and 'auth any' to
>>> the default stanza the 403s have disappeared.
>>>
>>> Now though, is my next problem.  puppet-load works fine with
>>> concurrency set to 1.  As soon as I increase that number though, I get
>>> the following error:
>>>
>>> undefined method `>' for ["2.7.14", "2.7.14"]:Array on node 
>>> master.domain.com
>>
>> Where do you get this error?
>> Is it from puppet-load or your current master stack?
>> Is there any stack trace printed?
> 
> The error appears in /var/log/messages and is being spit out by the
> puppet master.
> 
>> Can you add --debug and --trace to the puppet-load command line?
> 
> I've added --debug, but there's no --trace option.

My bad, there is no --trace in puppet-load. But there is one for puppet
master. Running your master with --debug and --trace will definitely
print a stack trace.

>From there, I believe I should be able to understand what really happens.

My gut feeling right now is that the facts puppet-load sends to the
master are somehow not correct, but I can be wrong of course.

> debug just shows the facts file being picked up, then both clients
> finishing with an HTTP code 400.  No stack trace is printed.
> 
> I've also added --debug to the puppetmaster's config.ru file.  That's
> printing lots of stuff about access lists, expiring the nodes and then
> caching the node, then I get the undefined method error.  Again, no
> stack trace :-(
> 
> So, I took mod_passenger out of the equation and ran 'puppetmasterd
> --no-daemonize --debug --verbose --logdest /tmp/puppet-error.log' and
> get the following:
> 
> Wed May 30 18:02:22 +0100 2012 Puppet (info): Expiring the node cache
> of master.domain.com
> Wed May 30 18:02:22 +0100 2012 Puppet (info): Expiring the node cache
> of master.domain.com
> Wed May 30 18:02:23 +0100 2012 Puppet (info): Not using expired node
> for master.domain.com from cache; expired at Wed May 30 18:01:22 +0100
> 2012
> Wed May 30 18:02:23 +0100 2012 Puppet (info): Not using expired node
> for master.domain.com from cache; expired at Wed May 30 18:01:22 +0100
> 2012
> Wed May 30 18:02:23 +0100 2012 Puppet (debug): Executing
> '/etc/puppet/enc.pl master.domain.com'
> Wed May 30 18:02:23 +0100 2012 Puppet (debug): Executing
> '/etc/puppet/enc.pl master.domain.com'
> Wed May 30 18:02:24 +0100 2012 Puppet (debug): Using cached facts for
> master.domain.com
> Wed May 30 18:02:24 +0100 2012 Puppet (debug): Using cached facts for
> master.domain.com
> Wed May 30 18:02:24 +0100 2012 Puppet (info): Caching node for 
> master.domain.com
> Wed May 30 18:02:24 +0100 2012 Puppet (info): Caching node for 
> master.domain.com
> Wed May 30 18:02:24 +0100 2012 Puppet (err): undefined method `>' for
> ["2.7.14", "2.7.14"]:Array on node master.domain.com
> Wed May 30 18:02:24 +0100 2012 Puppet (err): undefined method `>' for
> ["2.7.14", "2.7.14"]:Array on node master.domain.com
> Wed May 30 18:02:24 +0100 2012 Puppet (err): undefined method `>' for
> ["2.7.14", "2.7.14"]:Array on node master.domain.com
> Wed May 30 18:02:24 +0100 2012 Puppet (err): undefined method `>' for
> ["2.7.14", "2.7.14"]:Array on node master.domain.com
> Wed May 30 18:02:32 +0100 2012 Puppet (notice): Caught INT; calling stop
> 
> Now, interestingly, I guess, is that every other run of puppet-load is
> triggering this issue, so adding '--repeat 2' to my puppet-load
> command line will trigger the issue consistently for me (as in 2
> requests will succeed, 2 will fail).  If you want full debug logs of
> that type of run, I'll be more than happy to provide them.

Probably that the stacktrace you'll get with --trace will be enough for
the moment. Also if you can cat the facts file (feel free to obfuscate
the private data you might have in there), that might help.

-- 
Brice Figureau
My Blog: http://www.masterzen.fr/

-- 
You received this 

[Puppet Users] 403 Forbidden with Passenger

[Michael Altfield]

Hello Puppet gurus,

I'm trying to setup a Puppet environment on CentOS 6. I got it working 
using WEBrick, but when I finally got Puppet running through Apache using 
Passenger, my Puppet node gets this "403 Forbidden" response (full output 
is attached as node.txt):

[root@puppetnode-01 ~]# puppetd --waitforcert 30 --server 
>> puppetmaster.mydomain.com --debug --verbose --test
>
> ...
>
> warning: peer certificate won't be verified in this SSL session
>
> err: Could not request certificate: Error 403 on SERVER: > PUBLIC "-//IETF//DTD HTML 2.0//EN">
>
> 
>
> 403 Forbidden
>
> 
>
> Forbidden
>
> You don't have permission to access /production/certificate/ca
>
> on this server.
>
> 
>
> Apache/2.2.15 (CentOS) Server at puppetmaster.mydomain.com Port 
>> 8140
>
> 
>
>
At the same time, the httpd logs show this:

[root@dx-puppetmaster-01 ~]# tail -f /var/log/httpd/*
>
> ...
>
> ==> /var/log/httpd/error_log <==
>
> [Wed May 30 12:46:21 2012] [error] [client 10.230.100.155] (13)Permission 
>> denied: access to /production/certificate/ca denied
>
>
>> ==> /var/log/httpd/access_log <==
>
> 10.230.100.155 - - [30/May/2012:12:46:21 -0400] "GET 
>> /production/certificate/ca? HTTP/1.1" 403 325 "-" "-"
>
>
The steps I used to install Puppet mostly followed the attached install.sh 
script (with slight modifications). I've also tried to follow this install 
guide 
to 
no avail.

Although I have not modified my /etc/httpd/conf/httpd.conf file, I've 
attached it for reference. I've also attached 
/etc/httpd/conf.d/passenger.conf 
and /usr/share/puppet/rack/puppetmasterd/config.ru. config.ru's perms are 
600 puppet:root.

Both of these machines are virtualized using Citrix XenServer. Here's some 
more info on these boxes:

[root@puppetmaster-01 ~]# cat /etc/redhat-release
CentOS release 6.2 (Final)

[root@puppetmaster-01 ~]# uname -a
Linux puppetmaster-01.datalex.com 2.6.32-220.7.1.el6.x86_64 #1 SMP Wed Mar 
7 00:52:02 GMT 2012 x86_64 x86_64 x86_64 GNU/Linux

Any help will be greatly appreciated! :)

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/od2vXGXfQqsJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[root@puppetnode-01 ~]# puppetd --waitforcert 30 --server 
puppetmaster.mydomain.com --debug --verbose --test
debug: Failed to load library 'ldap' for feature 'ldap'
debug: Puppet::Type::User::ProviderLdap: feature ldap is missing
debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dscl does 
not exist
debug: Puppet::Type::User::ProviderPw: file pw does not exist
debug: Puppet::Type::User::ProviderUser_role_add: file roleadd does not exist
debug: Failed to load library 'rubygems' for feature 'rubygems'
debug: /File[/var/lib/puppet/clientbucket]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/ssl/certificate_requests]: Autorequiring 
File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/ssl/public_keys/puppetnode-01.mydomain.com.pem]: 
Autorequiring File[/var/lib/puppet/ssl/public_keys]
debug: /File[/var/lib/puppet/client_data]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/ssl/public_keys]: Autorequiring 
File[/var/lib/puppet/ssl]
debug: /File[/etc/puppet/puppet.conf]: Autorequiring File[/etc/puppet]
debug: /File[/var/lib/puppet/state/graphs]: Autorequiring 
File[/var/lib/puppet/state]
debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/ssl/private]: Autorequiring 
File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/ssl/private_keys/puppetnode-01.mydomain.com.pem]: 
Autorequiring File[/var/lib/puppet/ssl/private_keys]
debug: /File[/var/lib/puppet/client_yaml]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/ssl]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/ssl/private_keys]: Autorequiring 
File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/ssl/certs]: Autorequiring File[/var/lib/puppet/ssl]
debug: Finishing transaction 69930350646060
debug: /File[/var/lib/puppet/ssl/private_keys]: Autorequiring 
File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/ssl/public_keys/puppetnode-01.mydomain.com.pem]: 
Autorequiring File[/var/lib/puppet/ssl/public_keys]
debug: /File[/var/lib/puppet/ssl/certs]: Autorequiring File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/state]: Autorequiring F

[Puppet Users] Re: How do I get a PE 2.5.1 agent to run as a non-root user in Solaris?

[Berry Sizemore]

Or perhaps there is a designated user other than root and some random 
non-root user?

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/e_j5tsjt1Q8J.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] How do I get a PE 2.5.1 agent to run as a non-root user in Solaris?

[Berry Sizemore]

Hi,

Some months ago I got PE 1.5.6 agent running as a non-root user on Solaris 
10.  I upgraded my agents to PE 2.5.1 and now I cannot successfully start 
them as non-root user.  I get no error message or logs.

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/lMNVbvniYmoJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] exclude puppetmaster from default

[Brian Gupta]

On Wed, May 30, 2012 at 12:49 PM, Andrei-Florian Staicu
 wrote:
> On Wed, May 30, 2012 at 7:39 PM, Peter Bukowinski  wrote:
>> On May 30, 2012, at 12:13 PM, Andrei-Florian Staicu wrote:
>>
>> Hi all,
>>
>> Can you tell me if the puppetmaster (which is also a puppet node) can
>> be excluded from the default node definition?
>> The idea is that new unclassified nodes should get the puppet.conf and
>> auth.conf files by default, but these files are pretty different on
>> the master.
>>
>> Thanks.
>>
>>
>> The default node definition is only applied to nodes that aren't included in
>> any other node definitions. As long as your puppetmaster node is included in
>> any other node definition — either explicitly (e.g. 'puppet.domain.org') or
>> by glob (e.g. /^puppet/) — the default node definition will not affect it.
>>
>
> Ok, so this will exactly what I want for new (i.e. which don't already
> have a definition) nodes.
> Then how can I have a definition for all nodes, except the puppet master?

We basically use a base node class, that is applied to every host. For
managing puppet.conf we have an exception for the puppetmasters that
is setup in an erb template. Here is an example
https://gist.github.com/2837734

There are probably simpler ways to do this, e.g. via file
conditionals, but we needed to template for other reasons.

-Brian

> --
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to 
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] puppet-load forbidden request to /catalog/*

[Matthew Burgess]

On Wed, May 30, 2012 at 5:11 PM, Brice Figureau
 wrote:
> Hi Matthew,
>
> As the original author of puppet-load (and the aforementioned blog
> post), I'm sorry to answer so late to this thread.
>
> On Wed, 2012-05-30 at 16:32 +0100, Matthew Burgess wrote:
>> > Apologies for taking so long to get back about this, more pressing
>> > matters took precedence.  So, back on this, I think I must be doing
>> > something really daft then, as I've made that change to my auth.conf
>> > file and still get the same forbidden errors.
>>
>> Indeed, I was doing something really daft.  I'd added the changes to
>> the bottom of auth.conf.  2 things were wrong in doing that:
>>
>> a) Adding anything below the 'path /' stanza isn't going to be picked
>> up, I don't think (I noticed this when trying to get 'puppet kick' to
>> work and got
>> similar 403 errors when trying to access /run)
>> b) There's already a 'path ~ ^/catalog/([^/]+)$' stanza in the default
>> auth.conf file, so the settings there were being hit before my new
>> stanza at the bottom
>> of the file.  By adding 'allow master.domain.com' and 'auth any' to
>> the default stanza the 403s have disappeared.
>>
>> Now though, is my next problem.  puppet-load works fine with
>> concurrency set to 1.  As soon as I increase that number though, I get
>> the following error:
>>
>> undefined method `>' for ["2.7.14", "2.7.14"]:Array on node master.domain.com
>
> Where do you get this error?
> Is it from puppet-load or your current master stack?
> Is there any stack trace printed?

The error appears in /var/log/messages and is being spit out by the
puppet master.

> Can you add --debug and --trace to the puppet-load command line?

I've added --debug, but there's no --trace option.

debug just shows the facts file being picked up, then both clients
finishing with an HTTP code 400.  No stack trace is printed.

I've also added --debug to the puppetmaster's config.ru file.  That's
printing lots of stuff about access lists, expiring the nodes and then
caching the node, then I get the undefined method error.  Again, no
stack trace :-(

So, I took mod_passenger out of the equation and ran 'puppetmasterd
--no-daemonize --debug --verbose --logdest /tmp/puppet-error.log' and
get the following:

Wed May 30 18:02:22 +0100 2012 Puppet (info): Expiring the node cache
of master.domain.com
Wed May 30 18:02:22 +0100 2012 Puppet (info): Expiring the node cache
of master.domain.com
Wed May 30 18:02:23 +0100 2012 Puppet (info): Not using expired node
for master.domain.com from cache; expired at Wed May 30 18:01:22 +0100
2012
Wed May 30 18:02:23 +0100 2012 Puppet (info): Not using expired node
for master.domain.com from cache; expired at Wed May 30 18:01:22 +0100
2012
Wed May 30 18:02:23 +0100 2012 Puppet (debug): Executing
'/etc/puppet/enc.pl master.domain.com'
Wed May 30 18:02:23 +0100 2012 Puppet (debug): Executing
'/etc/puppet/enc.pl master.domain.com'
Wed May 30 18:02:24 +0100 2012 Puppet (debug): Using cached facts for
master.domain.com
Wed May 30 18:02:24 +0100 2012 Puppet (debug): Using cached facts for
master.domain.com
Wed May 30 18:02:24 +0100 2012 Puppet (info): Caching node for master.domain.com
Wed May 30 18:02:24 +0100 2012 Puppet (info): Caching node for master.domain.com
Wed May 30 18:02:24 +0100 2012 Puppet (err): undefined method `>' for
["2.7.14", "2.7.14"]:Array on node master.domain.com
Wed May 30 18:02:24 +0100 2012 Puppet (err): undefined method `>' for
["2.7.14", "2.7.14"]:Array on node master.domain.com
Wed May 30 18:02:24 +0100 2012 Puppet (err): undefined method `>' for
["2.7.14", "2.7.14"]:Array on node master.domain.com
Wed May 30 18:02:24 +0100 2012 Puppet (err): undefined method `>' for
["2.7.14", "2.7.14"]:Array on node master.domain.com
Wed May 30 18:02:32 +0100 2012 Puppet (notice): Caught INT; calling stop

Now, interestingly, I guess, is that every other run of puppet-load is
triggering this issue, so adding '--repeat 2' to my puppet-load
command line will trigger the issue consistently for me (as in 2
requests will succeed, 2 will fail).  If you want full debug logs of
that type of run, I'll be more than happy to provide them.

Regards,

Matt.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] exclude puppetmaster from default

[Andrei-Florian Staicu]

On Wed, May 30, 2012 at 7:39 PM, Peter Bukowinski  wrote:
> On May 30, 2012, at 12:13 PM, Andrei-Florian Staicu wrote:
>
> Hi all,
>
> Can you tell me if the puppetmaster (which is also a puppet node) can
> be excluded from the default node definition?
> The idea is that new unclassified nodes should get the puppet.conf and
> auth.conf files by default, but these files are pretty different on
> the master.
>
> Thanks.
>
>
> The default node definition is only applied to nodes that aren't included in
> any other node definitions. As long as your puppetmaster node is included in
> any other node definition — either explicitly (e.g. 'puppet.domain.org') or
> by glob (e.g. /^puppet/) — the default node definition will not affect it.
>

Ok, so this will exactly what I want for new (i.e. which don't already
have a definition) nodes.
Then how can I have a definition for all nodes, except the puppet master?

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] exclude puppetmaster from default

[Peter Bukowinski]

On May 30, 2012, at 12:13 PM, Andrei-Florian Staicu wrote:

> Hi all,
> 
> Can you tell me if the puppetmaster (which is also a puppet node) can
> be excluded from the default node definition?
> The idea is that new unclassified nodes should get the puppet.conf and
> auth.conf files by default, but these files are pretty different on
> the master.
> 
> Thanks.


The default node definition is only applied to nodes that aren't included in 
any other node definitions. As long as your puppetmaster node is included in 
any other node definition — either explicitly (e.g. 'puppet.domain.org') or by 
glob (e.g. /^puppet/) — the default node definition will not affect it.

-- 
Peter M. Bukowinski
Sr. Systems Engineer
Janelia Farm Research Campus, HHMI

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] exclude puppetmaster from default

[Andrei-Florian Staicu]

Hi all,

Can you tell me if the puppetmaster (which is also a puppet node) can
be excluded from the default node definition?
The idea is that new unclassified nodes should get the puppet.conf and
auth.conf files by default, but these files are pretty different on
the master.

Thanks.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] puppet-load forbidden request to /catalog/*

[Brice Figureau]

Hi Matthew,

As the original author of puppet-load (and the aforementioned blog
post), I'm sorry to answer so late to this thread.

On Wed, 2012-05-30 at 16:32 +0100, Matthew Burgess wrote:
> > Apologies for taking so long to get back about this, more pressing
> > matters took precedence.  So, back on this, I think I must be doing
> > something really daft then, as I've made that change to my auth.conf
> > file and still get the same forbidden errors.
> 
> Indeed, I was doing something really daft.  I'd added the changes to
> the bottom of auth.conf.  2 things were wrong in doing that:
> 
> a) Adding anything below the 'path /' stanza isn't going to be picked
> up, I don't think (I noticed this when trying to get 'puppet kick' to
> work and got
> similar 403 errors when trying to access /run)
> b) There's already a 'path ~ ^/catalog/([^/]+)$' stanza in the default
> auth.conf file, so the settings there were being hit before my new
> stanza at the bottom
> of the file.  By adding 'allow master.domain.com' and 'auth any' to
> the default stanza the 403s have disappeared.
> 
> Now though, is my next problem.  puppet-load works fine with
> concurrency set to 1.  As soon as I increase that number though, I get
> the following error:
> 
> undefined method `>' for ["2.7.14", "2.7.14"]:Array on node master.domain.com

Where do you get this error?
Is it from puppet-load or your current master stack?
Is there any stack trace printed?

Can you add --debug and --trace to the puppet-load command line?
This should print more information to the console and we'll certainly be
able to find what's wrong.

> Is this an issue with my Ruby version (1.8.7.299-7), or is it a bug in the 
> code?

I'd tend to say a bug in the code :)
-- 
Brice Figureau
Follow the latest Puppet Community evolutions on www.planetpuppet.org!

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] resource override

[Ryan Coleman]

On Wed, May 30, 2012 at 6:27 AM, Papp Tamas  wrote:
> hi All,

Hi.

>
> I'm a bit new to puppet. Is there a mailing list for puppet beginners?:)

Welcome! No, but this list is for all skill levels.



>
> However I'd like to use this:
>
> class jay {
>    include jay::postfix
> }
>
> class jay::postfix inherits postfix {
>    File ["/etc/postfix/main.cf"] {
>        content => template('jay/etc/postfix/main.cf.erb')
>    }
>
> }
>
> #  puppet agent -t --noop
> err: Could not retrieve catalog from remote server: Error 400 on SERVER:
> Could not find scope for jay::postfix at
> /etc/puppet/nodes/jay/manifests/init.pp:2 on node jay.foo.com
> warning: Not using cache on failed catalog
> err: Could not retrieve catalog; skipping run
>
>

The issue here is how your module is structured in relation to what
Puppet expects to automatically find your manifests.

In jay module, manifests directory, Puppet expects init.pp to have the
jay class.

If you want to have a jay::postfix class, Puppet expects to find it in
jay/manifests/postfix.pp. So, if your init.pp currently contains the
class jay::postfix, rename that file to postfix.pp and try again.

Reference: 
http://docs.puppetlabs.com/puppet/2.7/reference/modules_fundamentals.html#module-layout



>
> Or this:
>
> node "jay.foo.com" inherits nodes_base {
> #   include jay
>    File ["/etc/postfix/main.cf"] {
>        content => template('jay/etc/postfix/main.cf.erb')
>    }
>
> }
>
>
> # puppet agent -t --noop
> err: Could not retrieve catalog from remote server: Error 400 on SERVER:
> Only subclasses can override parameters at /etc/puppet/manifests/nodes.pp:24
> on node jay.foo.com
> warning: Not using cache on failed catalog
> err: Could not retrieve catalog; skipping run
> root@jay:~#
>

In this case, Puppet is telling you that you can only override
resources in a class that inherits another class. You can't do this
outside of a class. You were on the right track above.

Cheers!

--Ryan

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] puppet-load forbidden request to /catalog/*

[Matthew Burgess]

On Wed, May 30, 2012 at 4:36 PM, Ryan Coleman  wrote:

> Could you please post the puppet-load command you're using? I've not
> encountered any issues increasing the concurrency. Perhaps its a
> mishandled syntax error.

cd /usr/share/puppet/ext
./puppet-load.rb --node master.domain.com --server master.domain.com
--factsdir /var/lib/puppet/yaml/facts --cert
master.domain.com.cert.pem --key master.domain.com.private.pem
--concurrency 2

Thanks,

Matt.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] puppet-load forbidden request to /catalog/*

[Ryan Coleman]

On Wed, May 30, 2012 at 8:32 AM, Matthew Burgess
 wrote:
> Indeed, I was doing something really daft.  I'd added the changes to
> the bottom of auth.conf.  2 things were wrong in doing that:

Glad you got that sorted!

> Now though, is my next problem.  puppet-load works fine with
> concurrency set to 1.  As soon as I increase that number though, I get
> the following error:
>
> undefined method `>' for ["2.7.14", "2.7.14"]:Array on node master.domain.com
>
> Is this an issue with my Ruby version (1.8.7.299-7), or is it a bug in the 
> code?

Could you please post the puppet-load command you're using? I've not
encountered any issues increasing the concurrency. Perhaps its a
mishandled syntax error.

--Ryan

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] puppet-load forbidden request to /catalog/*

[Matthew Burgess]

> Apologies for taking so long to get back about this, more pressing
> matters took precedence.  So, back on this, I think I must be doing
> something really daft then, as I've made that change to my auth.conf
> file and still get the same forbidden errors.

Indeed, I was doing something really daft.  I'd added the changes to
the bottom of auth.conf.  2 things were wrong in doing that:

a) Adding anything below the 'path /' stanza isn't going to be picked
up, I don't think (I noticed this when trying to get 'puppet kick' to
work and got
similar 403 errors when trying to access /run)
b) There's already a 'path ~ ^/catalog/([^/]+)$' stanza in the default
auth.conf file, so the settings there were being hit before my new
stanza at the bottom
of the file.  By adding 'allow master.domain.com' and 'auth any' to
the default stanza the 403s have disappeared.

Now though, is my next problem.  puppet-load works fine with
concurrency set to 1.  As soon as I increase that number though, I get
the following error:

undefined method `>' for ["2.7.14", "2.7.14"]:Array on node master.domain.com

Is this an issue with my Ruby version (1.8.7.299-7), or is it a bug in the code?

Cheers,

Matt.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Disable HTML traces from Passenger

[ollies...@googlemail.com]

Hello,

Not sure on this must be something in Apache/Passenger but I cannot
find it right now.

Is there anyway to disable the Ruby traces to return non--HTML
output ?

Many thanks,
Paul

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] resource override

[Papp Tamas]

hi All,

I'm a bit new to puppet. Is there a mailing list for puppet beginners?:)


I have a service module called postfix, which defines file in a class:

file {
'/etc/postfix/main.cf':
owner => "root",
group => "root",
mode  => 644,
content => template('postfix/etc/postfix/main.cf.erb'),
notify => Service['postfix'],
require => Package['postfix']
}

This is included in the base node which is inherited by all nodes.

For one node I want to change the configuration:

node "jay.foo.com" inherits nodes_base {
include jay
}


jay (node specific) module:

class jay inherits postfix {
File ["/etc/postfix/main.cf"] {
content => template('jay/etc/postfix/main.cf.erb')
}

}


This works fine.

However I'd like to use this:

class jay {
include jay::postfix
}

class jay::postfix inherits postfix {
File ["/etc/postfix/main.cf"] {
content => template('jay/etc/postfix/main.cf.erb')
}

}

#  puppet agent -t --noop
err: Could not retrieve catalog from remote server: Error 400 on SERVER: 
Could not find scope for jay::postfix at 
/etc/puppet/nodes/jay/manifests/init.pp:2 on node jay.foo.com

warning: Not using cache on failed catalog
err: Could not retrieve catalog; skipping run



Or this:

node "jay.foo.com" inherits nodes_base {
#   include jay
File ["/etc/postfix/main.cf"] {
content => template('jay/etc/postfix/main.cf.erb')
}

}


# puppet agent -t --noop
err: Could not retrieve catalog from remote server: Error 400 on SERVER: 
Only subclasses can override parameters at 
/etc/puppet/manifests/nodes.pp:24 on node jay.foo.com

warning: Not using cache on failed catalog
err: Could not retrieve catalog; skipping run
root@jay:~#


What's wrongm, what do I miss?


Thanks,
tamas

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: how to reassign variable extlookup in manifest files

[jcbollinger]

On May 29, 8:47 am, liondgr8  wrote:
> Hi puppet users,
>
> I would like to know how to reassign the global variables specifically
> extlookup_datadir, extlookup_precedence.


You cannot change the value of any variable once it's set.


> My use case is in such a way that suppose I have 2 agents handled by
> master.
> Agent1 requires the custom parameters for the module installation.
> These parameter files(*.csv) are independent of the different agents.
>
> What I did, I made different manifest files including there related
> lookup datadir, and precedence order. But puppet cant reassign
> extlookup as these are global variables.
>
> How can I pass different parameters from different parameter files on
> various modules as each agent have different manifest files.


I thought extlookup resolved its controlling variables from the
current scope via Puppet's normal resolution mechanism.  That would
mean that if you set local variables $extlookup_datadir and
$extlookup_precedence within the class calling extlookup(), then the
function should use them (and if not, it should use the global
variables).

Alternatively, you could switch to hiera, the newer, more powerful
younger brother of extlookup().  It has a more flexible mechanism for
choosing among various possible values for a given key, among many
other advantages.


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Simply Auto Increment A Number

[jcbollinger]

On May 29, 1:11 pm, Brian Carpio  wrote:
> Hi,
>
> I have a template which looks like this
>
> <% scope.lookupvar('openldap::params::ldapservers').each do |var| -%>
> olcSyncrepl: {0}rid=001 provider="ldap://<%= var %>:389"
> type=refreshAndPer
>  sist retry="5 5 300 +" searchbase="<%=
> scope.lookupvar('openldap::params::searchbase') %>" attrs="*,+"
> bindmeth
>  od=simple binddn="cn=<%= scope.lookupvar('openldap::params::binddn')
> %>" credentials="<%= scope.lookupvar('openldap::params::secret') %>"
> <% end -%>
>
> I want to auto increment the {0}rid=001 for each iteration of the
> loop. Is there an easy way to do this with out creating a hash map?


Should be.  Try this:

<% rid = 0
scope.lookupvar('openldap::params::ldapservers').each do |var| -%>
olcSyncrepl: {0}rid=<%=printf("%03d", rid += 1)%> provider="ldap://<%=
var %>:389"
[...]

John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Puppet First Run after Install failing in module pe_mcollective

[Shiva]

Here you go..

 rpm -qf /usr/lib/jvm/jre-1.6.0-openjdk.x86_64/bin/keytool
java-1.6.0-openjdk-1.6.0.0-1.41.1.10.4.el6.x86_64


On May 29, 4:39 pm, Jeff McCune  wrote:
> On Tue, May 29, 2012 at 6:19 AM, Shiva wrote:
>
> > Jeff
>
> > This is where the keytool is
>
> > lrwxrwxrwx. 1 root root 49 Apr 27 08:18 keytool -> /usr/lib/jvm/
> > jre-1.6.0-openjdk.x86_64/bin/keytool
>
> That looks correct.
>
> What version of the package do you have installed?  You can check using:
> rpm -qf /usr/lib/jvm/jre-1.6.0-openjdk/bin/keytool
>
> (Please paste the full line printed on the output.  Package versions get
> pretty specific.)
>
> Cheers,
> -Jeff

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Configuring Puppet for OnApp Cloud

[ankush grover]

Hi Friends,

My company is soon to going to deploy a private cloud from OnApp in
the infrastructure. Task given to me is to install puppet agent when
any Cloud instance boots. After searching on the google found there
are 2 ways to do this:


* Create a template in which puppet agent is already installed and
configured to talk to Puppetmaster. The issue is the hostnames for
these Cloud instances are given by the user and puppet requires unique
hostnames.

* 2nd Option is run some scripts to install puppet agent, assign the
new hostname based on the ip and connect it to the Puppet Master and
on the Puppet master side accept the client without Admin
intervention.

I somebody could share his experience in configuring Puppet for Cloud
Instances. What is the best way to configure Puppet and also if
possible please share the configuration or how to that will be very
helpful.


Thanks & Regards

Ankush

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Puppet/Hiera and Git workflow

[Jos Houtman]

As said we handle this a little different.
One branch for development, staging and live.

Development of the puppet code base is done using in puppet
environments, which can be used to test a change across systems in any
of the environments.
Once people consider the change working it is committed and pushed. At
which point we check for lint or syntax errors as a precaution.

Bigger changes are ussually hidden in if/else constructs that allows
us to roll them out gradually.

this works for us, because:
- The development/staging and live environment have a big overlap.
- We accept that there might be a few mistakes.

It is a tradeoff between rigorous testing and development speed.

Jos

On Tue, May 29, 2012 at 10:34 PM, Andy Taylor  wrote:
> The git branches/Puppet environments actually mirror the
> infrastructure. So we have groups of servers. Unstable is just for
> nodes which I test new functionality on, dev is for web developers. So
> it seemed to make sense to mirror the environments in the git
> repository with branches.
>
> On May 29, 9:28 pm, Nigel Kersten  wrote:
>> On Mon, May 28, 2012 at 6:14 AM, Andy Taylor  wrote:
>> > I'm currently trying to work out the best way structure my Puppet
>> > environments and VCS structure. At the moment I'mk working on
>> > something like this:
>>
>> > Three Git repositories (one for modules, one for Hiera, one for node
>> > manifests)
>> > Multiple branches (each branch representing an environment, e.g.
>> > production, dev, testing etc.)
>>
>> > When changes to modules/Hiera are made, the changes will be made to a
>> > testing branch, and then merged up the branches until it hits
>> > production (with the appropriate testing of course). So something like
>> > this:
>>
>> > unstable > dev > testing > production
>>
>> Do you need a distinction between "unstable" and "dev" ? I've often found
>> that I don't need those to be separate stages.
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> > What system do you guys use? Any suggestions about the above workflow?
>>
>> > Thanks!
>>
>> > Andy
>>
>> > --
>> > You received this message because you are subscribed to the Google Groups
>> > "Puppet Users" group.
>> > To post to this group, send email to puppet-users@googlegroups.com.
>> > To unsubscribe from this group, send email to
>> > puppet-users+unsubscr...@googlegroups.com.
>> > For more options, visit this group at
>> >http://groups.google.com/group/puppet-users?hl=en.
>>
>> --
>> Nigel Kersten |http://puppetlabs.com| @nigelkersten
>> Schedule Meetings at:http://tungle.me/nigelkersten
>
> --
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to 
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.