[Puppet Users] Re: Installing hiera
hello! On Jun 25, 11:34 pm, llow...@oreillyauto.com llow...@oreillyauto.com wrote: On Monday, June 25, 2012 10:21:20 AM UTC-5, Florian Koch wrote: Hi, Have you the hiera Files in the puppet libdir e.g /var/lib/puppet/lib ? No, I do not, actually. Which files need to go there? The stuff in /var/lib/gems/1.8/gems/hiera-0.3.0/lib/ ? Did you execute the following command in the puppet modulepath directory ? curl -L https://github.com/puppetlabs/hiera-puppet/tarball/master -o \ 'hiera-puppet.tar.gz' mkdir hiera-puppet tar -xzf hiera- puppet.tar.gz \ -C hiera-puppet --strip-components 1 rm hiera-puppet.tar.gz The master branch of hiera-puppet repo seems different from hiera- puppet gem. # gem list|grep hiera-puppet hiera-puppet (0.3.0) Try to use hiera-puppet gem: 1. Change to the modulepath directory. 2. Backup hiera-puppet master branch version. 3. Copy hiera-puppet gem version: cp -a /usr/lib/ruby/gems/1.8/gems/hiera-puppet-0.3.0/ hiera-puppet -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: configure apache passenger problem
When I was just setting up passenger, I had to alter that line referencing mod_passenger.so to our apache modules directory. # LoadModule passenger_module /usr/lib/ruby/gems/1.8/gems/passenger-2.2.11/ext/apache2/mod_passenger.so This needed to be changed to /etc/httpd/modules/mod_passenger.so since that is where apache has the module for passenger. I think you just need to track down where that module is and point the configuration to the right place. On Saturday, July 7, 2012 12:23:29 PM UTC-6, Hai wrote: I am configuring apache passenger by following the doc http://projects.reductivelabs.com/projects/puppet/wiki/Using_Passenger I am getting following erros when start httpd: ]# /etc/init.d/httpd start Starting httpd: httpd: Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 5 of /etc/httpd/conf.d/10_passenger.conf: Cannot load /usr/lib/ruby/gems/1.8/gems/passenger-3.0.12/ext/apache2/mod_passenger.c into server: /usr/lib/ruby/gems/1.8/gems/passenger-3.0.12/ext/apache2/mod_passenger.c: invalid ELF header [FAILED] the /usr/lib/ruby/gems/1.8/gems/passenger-3.0.12/ext/apache2/mod_passenger.c is the only thing I found in my system, I cannot find a mod_passenger.so file. here is my config, please help: === # ll total 28 -rw-r--r-- 1 root root 861 Jul 7 11:08 10_passenger.conf -rw-r--r-- 1 root root 1299 Jul 7 10:57 rack.conf -rw-r--r-- 1 root root 392 Dec 8 2011 README -rw-r--r-- 1 root root 9473 Dec 8 2009 ssl.conf -rw-r--r-- 1 root root 299 May 20 2009 welcome.conf == # cat 10_passenger.conf # /etc/httpd/conf.d/10_passenger.conf # The passenger module path should match ruby gem version # LoadModule passenger_module /usr/lib/ruby/gems/1.8/gems/passenger-2.2.11/ext/apache2/mod_passenger.so LoadModule passenger_module /usr/lib/ruby/gems/1.8/gems/passenger-3.0.12/ext/apache2/mod_passenger.c PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-3.0.12 PassengerRuby /usr/bin/ruby # Recommended Passenger Configuration PassengerHighPerformance on PassengerUseGlobalQueue on # PassengerMaxPoolSize control number of application instances, # typically 1.5x the number of processor cores. PassengerMaxPoolSize 6 # Restart ruby process after handling specific number of request to resolve MRI memory leak. PassengerMaxRequests 4000 # Shutdown idle Passenger instances after 30 min. PassengerPoolIdleTime 1800 # End of /etc/httpd/conf.d/10_passenger.conf = # cat rack.conf # you probably want to tune these settings PassengerHighPerformance on PassengerMaxPoolSize 12 PassengerPoolIdleTime 1500 # PassengerMaxRequests 1000 PassengerStatThrottleRate 120 RackAutoDetect Off RailsAutoDetect Off Listen 8140 VirtualHost *:8140 SSLEngine on SSLProtocol -ALL +SSLv3 +TLSv1 SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP SSLCertificateFile /var/lib/puppet/ssl/certs/hqd-puppet-01.telenav.com.pem SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/hqd-puppet-01.telenav.com.pem SSLCertificateChainFile /var/lib/puppet/ssl/certs/ca.pem SSLCACertificateFile/var/lib/puppet/ssl/ca/ca_crt.pem # If Apache complains about invalid signatures on the CRL, you can try disabling # CRL checking by commenting the next line, but this is not recommended. SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem SSLVerifyClient optional SSLVerifyDepth 1 SSLOptions +StdEnvVars DocumentRoot /etc/puppet/rack/public/ RackBaseURI / Directory /etc/puppet/rack/ Options None AllowOverride None Order allow,deny allow from all /Directory /VirtualHost -- Hai Tao -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/SHGyouoA1-IJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: configure apache passenger problem
Sound like you only have the passenger gem installed, it needs to install
the apache module. Here is a snippet from a Centos puppet build.
init.pp
#
# modules/passenger/manifests/init.pp
class passenger {
package { 'rack':
ensure = '1.1.0',
provider = 'gem',
require = Class['rubygems'],
before = Package['passenger'],
}
package { 'passenger':
ensure = installed,
provider = 'gem',
require = Package['rack'],
before = File['/opt/passenger'],
}
# auto install passenger apache2 module and create links
file { '/opt/passenger':
ensure = 'directory',
owner = 'root',
group = 'root',
mode = '0755',
before = File['/opt/passenger/auto_passenger_install.sh'],
}
file { '/opt/passenger/auto_passenger_install.sh':
ensure = 'present',
owner = 'root',
group = 'root',
mode = '0755',
source = 'puppet:///modules/passenger/auto_passenger_install.sh',
before = Exec['auto_passenger_install'],
}
exec { 'auto_passenger_install':
command = '/opt/passenger/auto_passenger_install.sh',
timeout = '900',
creates = '/etc/passenger',
}
}
The install script. This installs the mod_passenger.so and links the
directory to /etc/passenger (which means easy to upgrade version, the link
is just swapped - apache still needs to restart as it reads the hardlink
when started.)
#!/bin/bash
auto_passenger_install.sh
#
# modules/passenger/files/auto_passenger_install.sh
#
# Script variables
SCRIPT=$(readlink -f $0)
SCRIPTNAME=$(basename $SCRIPT)
SCRIPTPATH=$(dirname $SCRIPT)
SERVER=`hostname | cut -d'.' -f1-1`
TIMESTAMP=$(date +%s)
RUNDATE=`date -d @$TIMESTAMP +%Y%m%d%H%M%S`
LOG_PATH=/var/log/scripts/$SCRIPTNAME
if [ ! -d $LOG_PATH ]; then
mkdir -p $LOG_PATH
fi
LOGFILE=$LOG_PATH/$RUNDATE.$SCRIPTNAME.log
RUBYGEMS_VER_DIR=$(basename `facter rubysitedir`)
PASSENGER_VERSION=`gem list --local | grep passenger | sed -e 's/passenger
(//g;s/)//g'`
cd /usr/lib/ruby/gems/$RUBYGEMS_VER_DIR/gems/passenger-$PASSENGER_VERSION
/usr/bin/ruby /usr/bin/rake apache2:clean apache2 RELEASE=yes
ln -s
/usr/lib/ruby/gems/$RUBYGEMS_VER_DIR/gems/passenger-$PASSENGER_VERSION
/etc/passenger
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/CS-7QcEic_IJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] create multiple resources from an array of things.
Hi gang,
I feel like I'm missing something fundamental here…
I've got the following:
class snmp::rhel::rh5enable {
$collector = ['10.0.0.1', '10.0.0.2']
define add_snmp_hosts_allow ($ip) {
exec { hosts_allow_$ip:
command = /bin/echo \snmpd : $ip : ALLOW\ /etc/hosts.allow,
unless = /bin/grep -c \snmpd : $ip : ALLOW\ /etc/hosts.allow,
}
}
notify { COLLECTOR IS SET TO ${collector}: }
add_snmp_hosts_allow{$collector: ip= $collector,}
}
yet I get borked, as :
err: Could not retrieve catalog from remote server: Error 400 on SERVER:
Duplicate declaration: Exec[hosts_allow_10..0.0.110.0.0.2] is already declared
in file /etc/puppetlabs/puppet/modules/core/snmp/manifests/rhel/rh5enable.pp at
line 4; cannot redeclare at
/etc/puppetlabs/puppet/modules/core/snmp/manifests/rhel/rh5enable.pp:4 on node
centos
how do I go about doing this correctly ?
This message may contain confidential or privileged information. If you are not
the intended recipient, please advise us immediately and delete this message.
See http://www.datapipe.com/legal/email_disclaimer/ for further information on
confidentiality and the risks of non-secure electronic communication. If you
cannot access these links, please notify us by reply message and we will send
the contents to you.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] create multiple resources from an array of things.
Wolf,
Are you calling that parameterized class multiple places?
This sounds like a situation where what you want may be a defined type but in
fact you are using a parameterized class. You can include paramaterized classes
multiple times using include but not using parameters.
-Eric
--
Eric Shamow
Professional Services
http://puppetlabs.com/
(c)631.871.6441
On Sunday, July 8, 2012 at 2:00 PM, Wolf Noble wrote:
Hi gang,
I feel like I'm missing something fundamental here…
I've got the following:
class snmp::rhel::rh5enable {
$collector = ['10.0.0.1', '10.0.0.2']
define add_snmp_hosts_allow ($ip) {
exec { hosts_allow_$ip:
command = /bin/echo \snmpd : $ip : ALLOW\ /etc/hosts.allow,
unless = /bin/grep -c \snmpd : $ip : ALLOW\ /etc/hosts.allow,
}
}
notify { COLLECTOR IS SET TO ${collector}: }
add_snmp_hosts_allow{$collector: ip= $collector,}
}
yet I get borked, as :
err: Could not retrieve catalog from remote server: Error 400 on SERVER:
Duplicate declaration: Exec[hosts_allow_10..0.0.110.0.0.2] is already
declared in file
/etc/puppetlabs/puppet/modules/core/snmp/manifests/rhel/rh5enable.pp at line
4; cannot redeclare at
/etc/puppetlabs/puppet/modules/core/snmp/manifests/rhel/rh5enable.pp:4 on
node centos
how do I go about doing this correctly ?
This message may contain confidential or privileged information. If you are
not the intended recipient, please advise us immediately and delete this
message. See http://www.datapipe.com/legal/email_disclaimer/ for further
information on confidentiality and the risks of non-secure electronic
communication. If you cannot access these links, please notify us by reply
message and we will send the contents to you.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
(mailto:puppet-users@googlegroups.com).
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
(mailto:puppet-users+unsubscr...@googlegroups.com).
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] create multiple resources from an array of things.
Hi Eric,
No, this class is not being called anywhere else.
What I think is going on is that I have an array of two strings, but somehow
the defined type is getting a concatenated string which contains both values of
the array instead of treating each element of the array as an individual.
The end goal here is to have an array of each ip address that needs to have an
entry in /etc/hosts.allow, and have a defined type which is fed those IPs and
verifies the presence of/creates the entries as needed.
is there a better direction to approach this than I'm employing?
On Jul 8, 2012, at 1:46 PM, Eric Shamow wrote:
Wolf,
Are you calling that parameterized class multiple places?
This sounds like a situation where what you want may be a defined type but in
fact you are using a parameterized class. You can include paramaterized
classes multiple times using include but not using parameters.
-Eric
--
Eric Shamow
Professional Services
http://puppetlabs.com/
(c)631.871.6441
On Sunday, July 8, 2012 at 2:00 PM, Wolf Noble wrote:
Hi gang,
I feel like I'm missing something fundamental here…
I've got the following:
class snmp::rhel::rh5enable {
$collector = ['10.0.0.1', '10.0.0.2']
define add_snmp_hosts_allow ($ip) {
exec { hosts_allow_$ip:
command = /bin/echo \snmpd : $ip : ALLOW\ /etc/hosts.allow,
unless = /bin/grep -c \snmpd : $ip : ALLOW\ /etc/hosts.allow,
}
}
notify { COLLECTOR IS SET TO ${collector}: }
add_snmp_hosts_allow{$collector: ip= $collector,}
}
yet I get borked, as :
err: Could not retrieve catalog from remote server: Error 400 on SERVER:
Duplicate declaration: Exec[hosts_allow_10..0.0.110.0.0.2] is already
declared in file
/etc/puppetlabs/puppet/modules/core/snmp/manifests/rhel/rh5enable.pp at line
4; cannot redeclare at
/etc/puppetlabs/puppet/modules/core/snmp/manifests/rhel/rh5enable.pp:4 on
node centos
how do I go about doing this correctly ?
This message may contain confidential or privileged information. If you are
not the intended recipient, please advise us immediately and delete this
message. See http://www.datapipe.com/legal/email_disclaimer/ for further
information on confidentiality and the risks of non-secure electronic
communication. If you cannot access these links, please notify us by reply
message and we will send the contents to you.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
(mailto:puppet-users@googlegroups.com).
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
(mailto:puppet-users+unsubscr...@googlegroups.com).
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
This message may contain confidential or privileged information. If you are not
the intended recipient, please advise us immediately and delete this message.
See http://www.datapipe.com/legal/email_disclaimer/ for further information on
confidentiality and the risks of non-secure electronic communication. If you
cannot access these links, please notify us by reply message and we will send
the contents to you.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: groups dependencies at user creation
Dears all,
Thanks nan your your suggestion, I took it (again) in account trying
to do something better. Thanks john for your puppet's lesson. I'd
never been worked with declarative system, noticeably it's demand a
different way of think than in typical imperative system.
I have done a new version having :
1) Custom function having input groups membership for all users
comming from ENC. Return an array having unique items (groups). I
prefer this instead of modify ENC for explicitness reason of input
json.
2) New defined type (main_groups) to ensuring group existence. I
discard 'defined' function like john suggest me. I suggest to
PuppetLabs team write a caution or warning about defined function at
documents.
3) New defined type (dep_groups) just like nan suggested to me, which
it's to ensuring dependencies.
Testing are good and i hope this approach can be less hurtful for
puppet design and obviously for my good health.
I appreciate all your help
Best Regards,
eduardo.
PD : The following are details of this approach .
-
class updssh( $users ) {
$all_groups = inline_template(
% users.each do |usr| -%% usr.each do |k,v| -%%= usr[k]
['groups'] %;% end -%% end -%)
# Custom function groups_uniq take all groups field values having
user's membership
# Return array having unique items(groups)
$groups_uniq = groups_uniq($all_groups)
# Ensuring group existence for membership of users
main_groups { $groups_uniq: }
# guarantee main groups existence for user's membership
define main_groups {
$group = $title
group { $group:
ensure = present
}
}
-
define updssh::add_user ( $email , $groups ) {
$username = $title
$usr_grp = inline_template(
% groups.each do |grp| -%%= username %_%= grp %,
% end -%
)
$usr_groups = split($usr_grp, ',')
dep_groups { $usr_groups: }
...
}
# Ensuring dependencies
define dep_groups {
$arr = split($title, '_')
$username = $arr[0]
$group = $arr[1]
notify {Ensuring dependencies ${title}: }
Group[$group] - User[$username]
}
-
On 7 jul, 11:19, Stefan Schulte stefan.schu...@taunusstein.net
wrote:
On Mon, Jul 02, 2012 at 12:20:40PM -0500, Tim Mooney wrote:
How to ensure groups dependencies at user creation ?.
If you were just talking about the user's default group, then it would
be one of the few cases where puppet establishes an ordering relation
for you automatically. In other words:
user { 'foo':
gid = 'bar',
}
automatically ensures that group 'bar' is present before user 'foo'.
I don't know if that same thing is true for supplemental groups
It is also true for supplemental groups. You can see puppet creates the
relationship when you run puppet agent / puppet apply in debug mode.
So when I run
# puppet apply -vd --noop EOF
group { ['foo', 'bar']:ensure = present }
user { 'bob': groups = [ 'foo', 'bar' ], ensure = present }
EOF
I get
debug: /Stage[main]//User[bob]: Autorequiring Group[bar]
debug: /Stage[main]//User[bob]: Autorequiring Group[foo]
-Stefan
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] puppet agent won't recognize configuration
On Fri, Jul 6, 2012 at 9:35 AM, catshirt n...@thefuture.fm wrote: hi all, just started using puppet and i think it's great. but i'm having a number of problems surrounding the authentication of the servers. on a fresh master, when i create a new client using the node_aws cloud provisioner (using --certname), the agent doesn't respect the generated configuration. `certname` is certainly listed under [main] in puppet.conf, so why wouldn't the agent recognize it? You are seeing the difference running puppet under root account vs. the ubuntu account. $ sudo puppet master --configprint certname analytics0 $ puppet master --configprint certname analytics0 $ sudo puppet agent --configprint certname analytics0 $ puppet agent --configprint certname domu-x-x-x-x-x-x.compute-1.internal When running as root, puppet use the configuration specified in /etc/puppet/puppet.conf. When running as a normal user such as ubuntu, puppet use the configuration under ~/.puppet/puppet.conf, so in this case this file is likely missing and puppet will use the default certname which is the ec2 instance name as seen above. $ ls -la /etc/puppet/puppet.conf -rw-r--r-- 1 root root puppet.conf this pattern also occurs with the `server` option. i've also other, unrelated but similar sudo discrepancies that i think are leading to other problems (for another post...). for instance: $ sudo puppet agent --configprint ssldir /var/lib/puppet/ssl $ puppet agent --configprint ssldir /home/ubuntu/.puppet/ssl So the settings above are correct between root vs. ubuntu user. In general you need to run sudo puppet to make changes to the system which should use the correct setting in /etc/puppet/puppet.conf. Thanks, Nan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: groups dependencies at user creation
Thanks you very much Stefan. Testing were tell me something like that
exactly. But I can't reach an autorequiring reason like you did by
debug output.
It's a shame not having had prior nevertheless you are not only
clarifying me about that but also simplify my recipe. So finally I can
rest without any fear about not have Group - User dependencies
explicitly in it, in fact puppet is smart enough as i was suspecting .
I appreciate all help, this time particularly to Stefan.
Best Regards,
eduardo.
On 7 jul, 11:19, Stefan Schulte stefan.schu...@taunusstein.net
wrote:
On Mon, Jul 02, 2012 at 12:20:40PM -0500, Tim Mooney wrote:
How to ensure groups dependencies at user creation ?.
If you were just talking about the user's default group, then it would
be one of the few cases where puppet establishes an ordering relation
for you automatically. In other words:
user { 'foo':
gid = 'bar',
}
automatically ensures that group 'bar' is present before user 'foo'.
I don't know if that same thing is true for supplemental groups
It is also true for supplemental groups. You can see puppet creates the
relationship when you run puppet agent / puppet apply in debug mode.
So when I run
# puppet apply -vd --noop EOF
group { ['foo', 'bar']:ensure = present }
user { 'bob': groups = [ 'foo', 'bar' ], ensure = present }
EOF
I get
debug: /Stage[main]//User[bob]: Autorequiring Group[bar]
debug: /Stage[main]//User[bob]: Autorequiring Group[foo]
-Stefan
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] create multiple resources from an array of things.
I figured out what I was doing wrong.
I wasn't (maybe I'm still not? :) ) properly taking advantage of the freebie
parameter 'title' of defined types. This now seems to behave like I had hoped
it would:
class snap::rhel::rh5enable {
#...
$collector = ['10.0.0.1','10.0.0.2']
#…
define add_snmp_hosts_allow () {
exec { hosts_allow_$title:
command = /bin/echo \snmpd : $title : ALLOW\ /etc/hosts.allow,
unless = /bin/grep -c \snmpd : $title : ALLOW\ /etc/hosts.allow,
}
}#end define
#...
notify { COLLECTOR IS SET TO ${collector}: }
add_snmp_hosts_allow{$collector:}
#...
}
notice:
/Stage[main]/Snmp::Rhel::Rh5enable/Snmp::Rhel::Rh5enable::Add_snmp_hosts_allow[10.0.0.2]/Exec[hosts_allow_10.0.0.2]/returns:
executed successfully
notice: COLLECTOR IS SET TO 10.0.0.110.0.0.2
notice: /Stage[main]/Snmp::Rhel::Rh5enable/Notify[COLLECTOR IS SET TO
10.0.0.110.0.0.2]/message: defined 'message' as 'COLLECTOR IS SET TO
10.0.0.110.0.0.2'
notice:
/Stage[main]/Snmp::Rhel::Rh5enable/Snmp::Rhel::Rh5enable::Add_snmp_hosts_allow[10.0.0.1]/Exec[hosts_allow_10.0.0.1]/returns:
executed successfully
notice: Finished catalog run in 6.76 seconds
On Jul 8, 2012, at 2:38 PM, Wolf Noble wrote:
Hi Eric,
No, this class is not being called anywhere else.
What I think is going on is that I have an array of two strings, but somehow
the defined type is getting a concatenated string which contains both values
of the array instead of treating each element of the array as an individual.
The end goal here is to have an array of each ip address that needs to have
an entry in /etc/hosts.allow, and have a defined type which is fed those IPs
and verifies the presence of/creates the entries as needed.
is there a better direction to approach this than I'm employing?
On Jul 8, 2012, at 1:46 PM, Eric Shamow wrote:
Wolf,
Are you calling that parameterized class multiple places?
This sounds like a situation where what you want may be a defined type but
in fact you are using a parameterized class. You can include paramaterized
classes multiple times using include but not using parameters.
-Eric
--
Eric Shamow
Professional Services
http://puppetlabs.com/
(c)631.871.6441
On Sunday, July 8, 2012 at 2:00 PM, Wolf Noble wrote:
Hi gang,
I feel like I'm missing something fundamental here…
I've got the following:
class snmp::rhel::rh5enable {
$collector = ['10.0.0.1', '10.0.0.2']
define add_snmp_hosts_allow ($ip) {
exec { hosts_allow_$ip:
command = /bin/echo \snmpd : $ip : ALLOW\ /etc/hosts.allow,
unless = /bin/grep -c \snmpd : $ip : ALLOW\ /etc/hosts.allow,
}
}
notify { COLLECTOR IS SET TO ${collector}: }
add_snmp_hosts_allow{$collector: ip= $collector,}
}
yet I get borked, as :
err: Could not retrieve catalog from remote server: Error 400 on SERVER:
Duplicate declaration: Exec[hosts_allow_10..0.0.110.0.0.2] is already
declared in file
/etc/puppetlabs/puppet/modules/core/snmp/manifests/rhel/rh5enable.pp at
line 4; cannot redeclare at
/etc/puppetlabs/puppet/modules/core/snmp/manifests/rhel/rh5enable.pp:4 on
node centos
how do I go about doing this correctly ?
This message may contain confidential or privileged information. If you are
not the intended recipient, please advise us immediately and delete this
message. See http://www.datapipe.com/legal/email_disclaimer/ for further
information on confidentiality and the risks of non-secure electronic
communication. If you cannot access these links, please notify us by reply
message and we will send the contents to you.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
(mailto:puppet-users@googlegroups.com).
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
(mailto:puppet-users+unsubscr...@googlegroups.com).
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
This message may contain confidential or privileged information. If you are
not the intended recipient, please advise us immediately and delete this
message. See http://www.datapipe.com/legal/email_disclaimer/ for further
information on confidentiality and the risks of non-secure electronic
communication. If you cannot access these links, please notify us by reply
message and we will send the contents to you.
--
You received this message because you are subscribed to the Google Groups
Re: [Puppet Users] Re: proper usage of global variables / node variables / +=
On Thu, Jul 5, 2012 at 2:41 PM, jcbollinger john.bollin...@stjude.org wrote:
On Thursday, July 5, 2012 2:59:07 PM UTC-5, fpee wrote:
On 07/05/2012 08:30 AM, jcbollinger wrote:
If that's so then you are relying on a Puppet bug, or perhaps you have
oversimplified your example. The language guide specifically states
that the += operator affects the observed value of the affected variable
only in the scope where the plussignment is performed. You definitely
should not see the modified value in classes that are not declared in
the scope of the plussignment.
Cool! Let's find out. Here is a working tiny example:
node my_standard {
$pkg_list += 'one two three '
}
node 'testnode' inherits my_standard {
include my_test1
include my_test2
}
class my_test1 {
$pkg_list += 'four five '
notify {pkg_list=$pkg_list:}
notice(pkg_list=$pkg_list)
}
class my_test2 {
$pkg_list += 'six seven '
notify {pkg_list=$pkg_list:}
notice(pkg_list=$pkg_list)
}
The output when run on testnode:
notice: /Stage[main]/My_test1/Notify[pkg_list=one two three four five
]/message: defined 'message' as 'pkg_list=one two three four five '
notice: /Stage[main]/My_test2/Notify[pkg_list=one two three four five
six seven ]/message: defined 'message' as 'pkg_list=one two three four
five six seven '
So, the my_test2 scope does have the changes from the my_test1 scope.
Using puppet-server 2.7.9-1 (epel version).
As the guy who has many modules that use this bug, I like it's
functionality :)
Should I file a bug report?
Not if you like the buggy behavior :-)
Personally, I would be very concerned that it might stop working between one
point release and another, with no warning. The behavior is not merely
undocumented, but contrary to the documentation as far as I can tell.
At this point, however, I'm hoping that one of the PuppetLabs guys will jump
in to either explain why I'm wrong or confirm that it's a bug.
This is not an official Puppet Labs opinion. This seems to be
compilation order dependent, so you will have different notify for:
include my_test1
include my_test2
v.s.
include my_test2
include my_test1
Also at a quick glance I can't see how you would use this in Puppet
3.0 with dynamic scope removed.
Nan
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] how to scale puppet with F5 load balancer?
From what I can tell there is no need to use alternate names. You can make the F5 appear to the clients to be the puppetmaster by leveraging the F5 to do SSL offloading and part of the certificate verification taking some load off your puppet masters. Even more though, since the puppet environments and other calls use pretty consistently organized URI paths, you can do some really neat stuff with F5 HTTP Class profiles to delegate certain requests to certain servers. For example we have one server that acts as a CA, all signing requests go there. Then for normal puppetmaster tasks requests are assigned to a pool of several servers. Further as part of our development setup we have separate environments for our main puppet module developers but these only exist on one puppetmaster so we use the F5 to pick out those requests and direct them to the correct server. In general its a lot like configuring a reverse proxy (Apache, Nginx, etc) in front of puppet. Our setup is quite extensive but I didn't do most of it so I don't want to lead anyone astray with an incomplete explanation. Let me see if I can get some of the details together and make a new wiki page on projects.puppetlabs.com or perhaps expand on the existing page. (linked below) Here's a starting point. http://projects.puppetlabs.com/projects/puppet/wiki/Load_Balancing_F5 Some examples for reverse proxy w/ Apache http://www.puppetmanaged.org/documentation/Reference_Guide-Appendices-Example_SSL_Frontend_Reverse_Proxy_Load_Balancer_Configuration.html http://www.masterzen.fr/2010/03/21/more-puppet-offloading/ -Alan On Sun, Jul 8, 2012 at 12:07 AM, Matthew Black mjbl...@gmail.com wrote: The best I was able to do is when you generate the certificate for the puppet master you use dns alt names flag to specify the alternative names for the puppet master. That is the only way I was able to make it work in my environment with the F5. On Sat, Jul 7, 2012 at 6:17 PM, Hai Tao ehai...@gmail.com wrote: How can I configure F5 load balancer to be infront of multiple puppet masters? The SSL will break as the server name if different, hostname of the VIP on the LB vs hostnames of each masters, right? Can you shed some light? Thanks. -- Hai Tao -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
