[Puppet Users] Error 400 on SERVER: Could not write /var/lib/puppet/ssl/ca/requests/agent1.pem to csrdir: undefined method `exists?' for nil:NilClass
I've been confused by this question for near two days ...my puppet master version is 2.7.9-1.el6 and client versiong is 2.6.16-2.el5. This is what my command lines shows: *[root@agent1 ~]# puppet agent --server=edward --test --waitforce 30* info: Creating a new SSL key for agent1 warning: peer certificate won't be verified in this SSL session info: Caching certificate for ca warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session info: Creating a new SSL certificate request for agent1 info: Certificate Request fingerprint (md5): 4C:03:FE:BD:B8:68:4A:AB:F8:DC:BA:36:38:38:9C:8E warning: peer certificate won't be verified in this SSL session err: Could not request certificate: Error 400 on SERVER: Could not write /var/lib/puppet/ssl/ca/requests/agent1.pem to csrdir: undefined method `exists?' for nil:NilClass then,I make run that with debug options and the result is : *[root@agent1 ~]# puppet agent --server=edward --debug --waitforce 30* debug: Failed to load library 'rubygems' for feature 'rubygems' debug: Puppet::Type::User::ProviderPw: file pw does not exist debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dscl does not exist debug: Puppet::Type::User::ProviderLdap: true value when expecting false debug: Puppet::Type::User::ProviderUser_role_add: file roleadd does not exist debug: Puppet::Type::File::ProviderMicrosoft_windows: feature microsoft_windows is missing debug: Failed to load library 'ldap' for feature 'ldap' debug: /File[/var/lib/puppet/ssl/private_keys/agent1.pem]: Autorequiring File[/var/lib/puppet/ssl/private_keys] debug: /File[/var/lib/puppet/ssl/certificate_requests]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl/certs]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl]: Autorequiring File[/var/lib/puppet] debug: /File[/etc/puppet/puppet.conf]: Autorequiring File[/etc/puppet] debug: /File[/var/lib/puppet/ssl/public_keys/agent1.pem]: Autorequiring File[/var/lib/puppet/ssl/public_keys] debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl/public_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/client_data]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/client_yaml]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/state/graphs]: Autorequiring File[/var/lib/puppet/state] debug: /File[/var/lib/puppet/ssl/private]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl/private_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/clientbucket]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl/certs/ca.pem]: Autorequiring File[/var/lib/puppet/ssl/certs] debug: /File[/var/lib/puppet/ssl/private_keys/agent1.pem]/mode: mode changed '640' to '600' debug: /File[/var/lib/puppet/ssl/public_keys/agent1.pem]/mode: mode changed '640' to '644' debug: Finishing transaction -606807388 Can somebody help me solve my problem? Hope your response sinceryly! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/plfJBjR9FPQJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Unable to generate certificate on Puppet Agent through Master
Hi, I have a puppet master and agent installed. I want to generate and configure master-agent certificate and followed the steps: Master: == 1. Cleaned up all certificate on Master: [root@puppet-server manifests]# puppet cert sign --all No waiting certificate requests to sign [root@puppet-server manifests]# puppet cert clean --all notice: Revoked certificate with serial 16 notice: Removing file Puppet::SSL::Certificate puppet-client.test.com at '/var/lib/puppet/ssl/ca/signed/puppet-client.test.com.pem' notice: Removing file Puppet::SSL::Certificate puppet-client.test.com at '/var/lib/puppet/ssl/certs/puppet-client.test.com.pem' [root@puppet-server manifests]# puppet cert clean --all [root@puppet-server manifests]# 2. Removed all ssl/* from Agent [root@puppet-client yum.repos.d]# rm -fr /var/lib/puppet/ssl/* [root@puppet-client yum.repos.d]# cd /var/lib/puppet/ssl/ [root@puppet-client ssl]# ls [root@puppet-client ssl]# 3. Generating Certificate from Agent: [root@puppet-client ssl]# puppet agent --test --verbose --server puppet-server.test.com info: Creating a new SSL key for puppet-client.test.com info: Caching certificate for ca info: Creating a new SSL certificate request for puppet-client.test.com info: Certificate Request fingerprint (md5): AC:EA:5B:B7:C6:A5:94:CE:26:1A:49:9E:F3:B1:EF:B1 Exiting; no certificate found and waitforcert is disabled [root@puppet-client ssl]# 4. Accepting it through Master: [root@puppet-server manifests]# puppetca -l puppet-client.test.com (AC:EA:5B:B7:C6:A5:94:CE:26:1A:49:9E:F3:B1:EF:B1) [root@puppet-server manifests]# [root@puppet-server manifests]# puppet cert sign --all notice: Signed certificate request for puppet-client.test.com notice: Removing file Puppet::SSL::CertificateRequest puppet-client.test.com at '/var/lib/puppet/ssl/ca/requests/puppet-client.test.com.pem' [root@puppet-server manifests]# Well going. 5.[root@puppet-client ssl]# puppet agent --test --verbose --server puppet-server.test.com info: Caching certificate for puppet-client.test.com info: Caching certificate_revocation_list for ca err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate revoked for /CN=puppet-server.test.com] warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run err: Could not send report: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate revoked for /CN=puppet-server.test.com] [root@puppet-client ssl]# I tried to remove all the certificate from agent manually /var/lib/puppet/ssl/* but things dint fix the issue. I also tried to generate the certificate on server through : puppet agent --test --server=`hostname` and then performed all the steps above. No Luck with this too. How to fix this issue? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/ftT-TXdZQkEJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Announce: Puppet 3.0.0-rc4 Available
I just published the saved query that lists these tickets, for a little nicer URL: https://projects.puppetlabs.com/projects/puppet/issues?query_id=263 That is a very interesting link. Do you know what the estimated time frame is for 3.0 final? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/3EnxEguy00QJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Append string to list items.
Hi, You could try this: matti@acrux ~ $ cat | puppet apply --noop notice bracket_expansion('gfs[01-10]:/var/bricks') notice: Scope(Class[main]): gfs01:/var/bricks gfs02:/var/bricks gfs03:/var/bricks gfs04:/var/bricks gfs05:/var/bricks gfs06:/var/bricks gfs07:/var/bricks gfs08:/var/bricks gfs09:/var/bricks gfs10:/var/bricks notice: Finished catalog run in 0.11 seconds Not quite a loop, but will do the trick (and handles zero-padding). https://github.com/kwilczynski/puppet-functions/blob/master/lib/puppet/parser/functions/bracket_expansion.rb I will look into adding array-walking mode to join, prefix and join_with_prefix. KW On Monday, 27 August 2012 20:03:57 UTC+1, Douglas wrote: I have an array: $nodes = ['gfs01' ,'gfs02', 'gfs03', 'gfs04] and a string variable: $brick_store = /var/bricks How can I append /var/bricks to each item in the array? Lack of a looping construct makes this challenging in puppet. Such that: brick_array = ['gfs01:/var/bricks', 'gfs02:/var/bricks', ... ] I also need to come up with a way to append a further sequence of incrementing brick numbers to the items as well. Doug -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/yNayGxbkAjgJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Array References?
On 2012-28-08 5:02, Douglas Garstang wrote: The first notice command shows the array as having two elements. The second notice command shows the same array as having only one element. Some sort of variable reference thing? How can I make a copy of the $nodes array rather than make a reference to it? notice (NODES1=$nodes) $n2 = $nodes $useless = inline_template(%= n2.shift -%) notice (NODES2=$nodes) Doug. You are responsible for not mutating variables and arrays in the ruby logic. Did you try n.dup.shift instead of n2.shift ? - henrik -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Unable to generate certificate on Puppet Agent through Master
Hi.. Can you check date and time on both master and agent.. it should be in sync with master.. Regards, Ashish Jaiswal On Aug 28, 2012 2:38 PM, Ajeet Raina ajeetra...@gmail.com wrote: Hi, I have a puppet master and agent installed. I want to generate and configure master-agent certificate and followed the steps: Master: == 1. Cleaned up all certificate on Master: [root@puppet-server manifests]# puppet cert sign --all No waiting certificate requests to sign [root@puppet-server manifests]# puppet cert clean --all notice: Revoked certificate with serial 16 notice: Removing file Puppet::SSL::Certificate puppet-client.test.comat '/var/lib/puppet/ssl/ca/signed/puppet-client.test.com.pem' notice: Removing file Puppet::SSL::Certificate puppet-client.test.comat '/var/lib/puppet/ssl/certs/puppet-client.test.com.pem' [root@puppet-server manifests]# puppet cert clean --all [root@puppet-server manifests]# 2. Removed all ssl/* from Agent [root@puppet-client yum.repos.d]# rm -fr /var/lib/puppet/ssl/* [root@puppet-client yum.repos.d]# cd /var/lib/puppet/ssl/ [root@puppet-client ssl]# ls [root@puppet-client ssl]# 3. Generating Certificate from Agent: [root@puppet-client ssl]# puppet agent --test --verbose --server puppet-server.test.com info: Creating a new SSL key for puppet-client.test.com info: Caching certificate for ca info: Creating a new SSL certificate request for puppet-client.test.com info: Certificate Request fingerprint (md5): AC:EA:5B:B7:C6:A5:94:CE:26:1A:49:9E:F3:B1:EF:B1 Exiting; no certificate found and waitforcert is disabled [root@puppet-client ssl]# 4. Accepting it through Master: [root@puppet-server manifests]# puppetca -l puppet-client.test.com (AC:EA:5B:B7:C6:A5:94:CE:26:1A:49:9E:F3:B1:EF:B1) [root@puppet-server manifests]# [root@puppet-server manifests]# puppet cert sign --all notice: Signed certificate request for puppet-client.test.com notice: Removing file Puppet::SSL::CertificateRequest puppet-client.test.com at '/var/lib/puppet/ssl/ca/requests/puppet-client.test.com.pem' [root@puppet-server manifests]# Well going. 5.[root@puppet-client ssl]# puppet agent --test --verbose --server puppet-server.test.com info: Caching certificate for puppet-client.test.com info: Caching certificate_revocation_list for ca err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate revoked for /CN=puppet-server.test.com] warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run err: Could not send report: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate revoked for /CN=puppet-server.test.com] [root@puppet-client ssl]# I tried to remove all the certificate from agent manually /var/lib/puppet/ssl/* but things dint fix the issue. I also tried to generate the certificate on server through : puppet agent --test --server=`hostname` and then performed all the steps above. No Luck with this too. How to fix this issue? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/ftT-TXdZQkEJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: class/define execution ordering
Hi Tolbkni, What version of Puppet do you use ? In puppet 2.6.x, this is a well known issue which can be solved by using the puppetlabs-stdlib Anchor type. https://groups.google.com/forum/?fromgroups=#!topic/puppet-users/XfinNTV27T4 Hope it helped you ! Le lundi 27 août 2012 11:45:24 UTC+2, Tolbkni Kao a écrit : I am confused about the puppet class/define execution ordering. I wrote a module named 'mysql', manifests follow: *mysql/manifests/init.pp* class mysql($base_dir='/usr/local/mysql') { class { 'mysql::install': base_dir = $base_dir, } } *mysql/manifests/install.pp* class mysql::install($base_dir) { group { 'mysql': ensure = present, } user { 'mysql': ensure = present, gid= 'mysql', shell = '/sbin/nologin', managehome = false, require= Group['mysql'], } exec { 'download_mariadb_binary': path = '/bin:/usr/bin', cwd= '/tmp', timeout= 0, command= 'curl -OL http://mirror.yongbok.net/mariadb/mariadb-5.2.12/kvm-bintar-hardy-amd64/mariadb-5.2.12-Linux-x86_64.tar.gz ', logoutput = on_failure, creates= '/tmp/mariadb-5.2.12-Linux-x86_64.tar.gz', require= User['mysql'], } exec { 'install_mariadb_binary': path = '/bin:/usr/bin', cwd= '/tmp', command= tar xzfP mariadb-5.2.12-Linux-x86_64.tar.gz mv mariadb-5.2.12-Linux-x86_64 $base_dir, logoutput = on_failure, creates= ${base_dir}/bin/mysql, require= Exec['download_mariadb_binary'] } file { $base_dir: ensure = directory, require= Exec['install_mariadb_binary'], } file { ${base_dir}/scripts/start_db.sh: ensure = present, owner = 'root', group = 'root', mode = '0755', source = 'puppet:///modules/mysql/start_db.sh', require= File[$base_dir], } file { ${base_dir}/scripts/setup_mariadb.sh: ensure = present, owner = 'root', group = 'root', mode = '0755', source = 'puppet:///modules/mysql/setup_mariadb.sh', require= File[$base_dir], } file { /tmp/stub_my.cnf: ensure = present, mode = '0755', source = 'puppet:///modules/mysql/stub_my.cnf', } } *mysql/manifests/instance.pp* define mysql::instance( $bind_address='127.0.0.1', $port='3306', $extra_port='3991', $base_dir='/usr/local/mysql', $data_dir='/var/lib/mysql', $root_password ) { exec { 'create_mysql_instance': path = /bin:/sbin:/usr/bin:/usr/sbin, cwd= '/tmp', command= sh ${base_dir}/scripts/setup_mariadb.sh \ --name=${title} \ --stub=/tmp/stub_my.cnf \ --bind=$bind_address \ --port=$port \ --extra-port=$extra_port \ --basedir=$base_dir \ --datadir=$data_dir \ --root-password=$root_password, logoutput = on_failure, creates= /etc/mysql/my_${instance}.cnf, } } now I wrote a smoke test like this: mysql/tests/init.pp class { 'mysql': base_dir = '/usr/local/mysql' } mysql::instance { 'test': root_password = 'rootpassword' } Class['mysql'] - Mysql::Instance['test'] When I run this smoke test using `puppet apply --noop /etc/puppet/modules/mysql/tests/init.pp`, the output log follows: notice: /Stage[main]/Mysql::Install/Exec[download_mariadb_binary]/returns: executed successfully notice: /Stage[main]/Mysql::Install/Exec[install_mariadb_binary]/returns: executed successfully notice: /File[/usr/local/mysql]/owner: owner changed '1001' to 'root' notice: /File[/usr/local/mysql]/group: group changed '1001' to 'root' notice: /File[/usr/local/mysql]/seluser: seluser changed 'unconfined_u' to 'system_u' notice: /File[/usr/local/mysql]/seltype: seltype changed 'user_tmp_t' to 'usr_t' err: /Stage[main]//Node[localhost.localdomain]/Mysql::Instance[test]/Exec[create_mysql_instance]/returns: change from notrun to 0 failed: sh: /usr/local/mysql/scrip ts/setup_mariadb.sh: No such file or directory Why Mysql::Instance['test'] execute before File[${base}/scripts/setup_mariadb.sh] As U see, I have wrote *Class['mysql'] - Mysql::Instance['test']*, and when I wrote *Class['mysql::install'] - Class['mysql'] - Mysql::Instance['test']*, the execution order is right notice: /Stage[main]/Mysql::Install/Exec[download_mariadb_binary]/returns: current_value notrun, should be 0 (noop) notice: /Stage[main]/Mysql::Install/Exec[install_mariadb_binary]/returns: current_value notrun, should be 0 (noop) notice: /File[/usr/local/mysql]/ensure: current_value absent, should be directory (noop) notice: /File[/usr/local/mysql/scripts/start_db.sh]/ensure:
[Puppet Users] Re: Exec{} keeps running
On Monday, August 27, 2012 5:39:36 PM UTC-5, Douglas wrote: Argh. I have the definition below. The gluster peer probe command has already been executed successfully, and I'm testing it with 'peer status'. Running the unless= command yields: root@gfs01:~# /usr/sbin/gluster peer status | /bin/grep gfs02.us1.xxx.com Hostname: gfs02.us1.xxx.com root@gfs01:~# echo $? 0 Therefore, the command should never run again, but it is, as evidenced by the fact that /tmp/foo keeps getting X appended to it. define glusterfs::probe_peer ( $ensure, $master_node ) { if $master_node == $::fqdn { case $ensure { 'probed': { exec { add-peer-$name: #command = /usr/sbin/gluster peer probe $name, command = /bin/echo X /tmp/foo, logoutput = true, unless = /usr/sbin/gluster peer status | /bin/grep $name; } } } } } Usually this kind of problem arises when the command being run (the 'unless' command in this case) relies on an environment variable whose presence or value differs in an interactive shell from what the (very sparse) environment in which an Exec runs things. In this case, I also don't have enough information to rule out the possibility that $name's value differs from the expected value of gfs02.us1.xxx.com http://gfs02.us1.xxx.com. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/aOuMVbKCDKIJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Loading Hiera into array/hash
On Monday, August 27, 2012 4:14:13 PM UTC-5, Douglas wrote: This is driving me crazy. I'm trying to load the nodes array into a puppet array with hiera. Hiera seems to always flatten an array or a hash to a string, with no delimiter in between, which makes it hard to split into an array later on. The hiera_hash and hiera_array functions only take a single key, so there's no way that I can see to drill down into a multi level yaml file like below. glusterfs_volumes: gfsvol01: master_server: gfs01.us1.xxx.com transport: tcp name: gfsvol01 replicas: 1 nodes: - gfs01.us1.xxx.com - gfs02.us1.xxx.com brick_store: /var/bricks How can I do this? Hiera does not flatten arrays and hashes, but there are several ways you can make Puppet do so after the value is loaded. What you describe sounds exactly like what I would expect to see in such a case. In the first place, you should normally use the hiera() function to retrieve values of all types. The hiera_array() and hiera_hash() functions are for collecting the values of the specified key across all levels of your hierarchy, and returning them in array or hash form, respectively. Among other things, that means that the structure of the values returned from hiera_array() and hiera_hash() will *always* differ from the structure the hiera() function would return for the same key: at minimum, the former two functions wrap the value returned by the latter in an outer array or hash. What you are looking for is probably something like this: $volumes = hiera('glusterfs_volumes') $vol01 = $volumes['gfsvol01'] $v01_master = $vol01['master_server'] # I think this works, too: $v01_transport = $volumes['gfsvol01']['transport'] etc. Be sure not interpolate array or hash values into strings, or to assign them to parameters that assume a string value; these are some of the ways to inadvertently flatten your data. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/B3XtW2hjYngJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Hiera lookup by function.
In addition to hiera looking at files based on environment and node role etc, I'd like to be able to specify a file name based on function. Ie break keys into files by function. Is there a way to do this? Doug -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Exec{} keeps running
Thanks. This one turned out to be user error. :) On Tue, Aug 28, 2012 at 7:08 AM, jcbollinger john.bollin...@stjude.org wrote: On Monday, August 27, 2012 5:39:36 PM UTC-5, Douglas wrote: Argh. I have the definition below. The gluster peer probe command has already been executed successfully, and I'm testing it with 'peer status'. Running the unless= command yields: root@gfs01:~# /usr/sbin/gluster peer status | /bin/grep gfs02.us1.xxx.com Hostname: gfs02.us1.xxx.com root@gfs01:~# echo $? 0 Therefore, the command should never run again, but it is, as evidenced by the fact that /tmp/foo keeps getting X appended to it. define glusterfs::probe_peer ( $ensure, $master_node ) { if $master_node == $::fqdn { case $ensure { 'probed': { exec { add-peer-$name: #command = /usr/sbin/gluster peer probe $name, command = /bin/echo X /tmp/foo, logoutput = true, unless = /usr/sbin/gluster peer status | /bin/grep $name; } } } } } Usually this kind of problem arises when the command being run (the 'unless' command in this case) relies on an environment variable whose presence or value differs in an interactive shell from what the (very sparse) environment in which an Exec runs things. In this case, I also don't have enough information to rule out the possibility that $name's value differs from the expected value of gfs02.us1.xxx.com. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/aOuMVbKCDKIJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Regards, Douglas Garstang http://www.linkedin.com/in/garstang Email: doug.garst...@gmail.com Cell: +1-805-340-5627 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Could not retrieve catalog from remote server
I'm trying to get puppet to connect to my puppetmaster, but I keep getting the same error. err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed I've made sure ntpd is running during the kickstart and that the times are the same on both machines. I've also ran puppet cert --clean --all on the puppetmaster. I have the puppetmaster set to autosign all certs. Any ideas what I'm missing? Everything I've found says to make sure the clocks are the same, which I've already done. I did see one post talking about an issue with Ruby 1.9.2, but I'm running 1.8.7. Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Why this Could not evaluate error?
Dear readers, When I do this node testip { package {'isc-dhcp-server': ensure = purged, } service {'isc-dhcp-server': ensure = stopped, enable = false, pattern = 'dhcpd' } } I get this error Error: /Stage[main]//Node[mttj-linuxterm1-puppet]/Service[isc-dhcp-server]: Could not evaluate: Execution of '/sbin/initctl --version' returned 1: initctl: invalid command: --version Try `initctl --help' for more information. The puppetmaster is CentOS6 with puppet 3rc3 and the node is UbuntuServer 12.04 with puppet 3rc3. I have to use rc3, as rc4 doesn't work. http://projects.puppetlabs.com/issues/16137 What am I doing wrong? Hugs, Sandra -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/79_trpWHWM0J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Why this Could not evaluate error?
Please replace testip with mttj-linuxterm1-puppet =) -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/kljEiHtlKgIJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Error 400 on SERVER: Could not write /var/lib/puppet/ssl/ca/requests/agent1.pem to csrdir: undefined method `exists?' for nil:NilClass
Hi, To me it seems to be permission issue on SSL directory on master .. can you let me what is the permission on SSL directory .. This is just a wild guess.. Regards, Ashish Jaiswal On Aug 28, 2012 12:53 PM, Edward Tuan duanyan...@gmail.com wrote: I've been confused by this question for near two days ...my puppet master version is 2.7.9-1.el6 and client versiong is 2.6.16-2.el5. This is what my command lines shows: *[root@agent1 ~]# puppet agent --server=edward --test --waitforce 30* info: Creating a new SSL key for agent1 warning: peer certificate won't be verified in this SSL session info: Caching certificate for ca warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session info: Creating a new SSL certificate request for agent1 info: Certificate Request fingerprint (md5): 4C:03:FE:BD:B8:68:4A:AB:F8:DC:BA:36:38:38:9C:8E warning: peer certificate won't be verified in this SSL session err: Could not request certificate: Error 400 on SERVER: Could not write /var/lib/puppet/ssl/ca/requests/agent1.pem to csrdir: undefined method `exists?' for nil:NilClass then,I make run that with debug options and the result is : *[root@agent1 ~]# puppet agent --server=edward --debug --waitforce 30* debug: Failed to load library 'rubygems' for feature 'rubygems' debug: Puppet::Type::User::ProviderPw: file pw does not exist debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dscl does not exist debug: Puppet::Type::User::ProviderLdap: true value when expecting false debug: Puppet::Type::User::ProviderUser_role_add: file roleadd does not exist debug: Puppet::Type::File::ProviderMicrosoft_windows: feature microsoft_windows is missing debug: Failed to load library 'ldap' for feature 'ldap' debug: /File[/var/lib/puppet/ssl/private_keys/agent1.pem]: Autorequiring File[/var/lib/puppet/ssl/private_keys] debug: /File[/var/lib/puppet/ssl/certificate_requests]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl/certs]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl]: Autorequiring File[/var/lib/puppet] debug: /File[/etc/puppet/puppet.conf]: Autorequiring File[/etc/puppet] debug: /File[/var/lib/puppet/ssl/public_keys/agent1.pem]: Autorequiring File[/var/lib/puppet/ssl/public_keys] debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl/public_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/client_data]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/client_yaml]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/state/graphs]: Autorequiring File[/var/lib/puppet/state] debug: /File[/var/lib/puppet/ssl/private]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl/private_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/clientbucket]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl/certs/ca.pem]: Autorequiring File[/var/lib/puppet/ssl/certs] debug: /File[/var/lib/puppet/ssl/private_keys/agent1.pem]/mode: mode changed '640' to '600' debug: /File[/var/lib/puppet/ssl/public_keys/agent1.pem]/mode: mode changed '640' to '644' debug: Finishing transaction -606807388 Can somebody help me solve my problem? Hope your response sinceryly! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/plfJBjR9FPQJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Could not retrieve catalog from remote server
Hi,, Have you tried deleting the existing directory of master and agent.. rm -frv /var/lib/puppet/ssl Try this and see if this work!! Regards, Ashish Jaiswal On Aug 28, 2012 8:58 PM, Bai Shen baishen.li...@gmail.com wrote: I'm trying to get puppet to connect to my puppetmaster, but I keep getting the same error. err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed I've made sure ntpd is running during the kickstart and that the times are the same on both machines. I've also ran puppet cert --clean --all on the puppetmaster. I have the puppetmaster set to autosign all certs. Any ideas what I'm missing? Everything I've found says to make sure the clocks are the same, which I've already done. I did see one post talking about an issue with Ruby 1.9.2, but I'm running 1.8.7. Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Could not retrieve catalog from remote server
That didn't seem to help. I got some weird errors about the certs not being able to be signed. I was finally able to get one test run, but after that it went back to giving me the same error. Any other suggestions? On Tue, Aug 28, 2012 at 12:18 PM, Ashish Jaiswal ashish1...@gmail.comwrote: Hi,, Have you tried deleting the existing directory of master and agent.. rm -frv /var/lib/puppet/ssl Try this and see if this work!! Regards, Ashish Jaiswal On Aug 28, 2012 8:58 PM, Bai Shen baishen.li...@gmail.com wrote: I'm trying to get puppet to connect to my puppetmaster, but I keep getting the same error. err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed I've made sure ntpd is running during the kickstart and that the times are the same on both machines. I've also ran puppet cert --clean --all on the puppetmaster. I have the puppetmaster set to autosign all certs. Any ideas what I'm missing? Everything I've found says to make sure the clocks are the same, which I've already done. I did see one post talking about an issue with Ruby 1.9.2, but I'm running 1.8.7. Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Hiera, OSSEC and per-node stuff?
On 08/27/2012 08:45 PM, jcbollinger wrote: Right is a tricky word, but I'm happy to say that your approach is reasonable, good, acceptable, and perhaps even standard. There is at least one hiera-based alternative that I would describe with many of the same terms, but why mess with success? Well this is my first hiera rollout, so I just wanted to be sure I'm using it as reasonable as possible :) You are welcome to pinpoint another example of similar config offcourse. Anyway thank you for your response. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Announce: Puppet 3.0.0-rc4 Available
When all the tickets in that query say Merged - Pending Release, it's done. :) On Tuesday, August 28, 2012 2:14:04 AM UTC-7, Sandra Schlichting wrote: I just published the saved query that lists these tickets, for a little nicer URL: https://projects.puppetlabs.com/projects/puppet/issues?query_id=263 That is a very interesting link. Do you know what the estimated time frame is for 3.0 final? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/T0G3i9HbQ-cJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Announce: Puppet 3.0.0-rc4 Available
Here are another couple of helpful links: 3.0.0 target version (with a nifty percentage done graphic): https://projects.puppetlabs.com/versions/271 3.0.0 remaining open tickets: https://projects.puppetlabs.com/projects/puppet/issues?fixed_version_id=271set_filter=1status_id=o On Tue, Aug 28, 2012 at 10:49 AM, Eric Sorenson eric.soren...@puppetlabs.com wrote: When all the tickets in that query say Merged - Pending Release, it's done. :) On Tuesday, August 28, 2012 2:14:04 AM UTC-7, Sandra Schlichting wrote: I just published the saved query that lists these tickets, for a little nicer URL: https://projects.puppetlabs.com/projects/puppet/issues?query_id=263 That is a very interesting link. Do you know what the estimated time frame is for 3.0 final? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/T0G3i9HbQ-cJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Matthaus Litteken Release Manager, Puppet Labs -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Could not retrieve catalog from remote server
Hi, You sure, cos it seem to be really ugly certificate issue openssl x509 -text -noout -in /var/lib/puppet/ssl/certs/hostname.tld.pem | grep -A2 Validity Can you check the time period of your certificate.. and compare it with master one. if it is same, then something serious is happening Regards, System Admin Ashish Jaiswal On Tuesday 28 August 2012 10:55:14 PM IST, Bai Shen wrote: That didn't seem to help. I got some weird errors about the certs not being able to be signed. I was finally able to get one test run, but after that it went back to giving me the same error. Any other suggestions? On Tue, Aug 28, 2012 at 12:18 PM, Ashish Jaiswal ashish1...@gmail.com mailto:ashish1...@gmail.com wrote: Hi,, Have you tried deleting the existing directory of master and agent.. rm -frv /var/lib/puppet/ssl Try this and see if this work!! Regards, Ashish Jaiswal On Aug 28, 2012 8:58 PM, Bai Shen baishen.li...@gmail.com mailto:baishen.li...@gmail.com wrote: I'm trying to get puppet to connect to my puppetmaster, but I keep getting the same error. err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed I've made sure ntpd is running during the kickstart and that the times are the same on both machines. I've also ran puppet cert --clean --all on the puppetmaster. I have the puppetmaster set to autosign all certs. Any ideas what I'm missing? Everything I've found says to make sure the clocks are the same, which I've already done. I did see one post talking about an issue with Ruby 1.9.2, but I'm running 1.8.7. Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com mailto:puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com mailto:puppet-users%2bunsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com mailto:puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com mailto:puppet-users%2bunsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] How to delete previous resources from directory
I'm using hiera to define a list of database engine id's for a node. I'm using this variable to feed into a defined type to create a set of files (upstart configs). The problem I would like to solve isŠ. How do I delete files/resources that were previously created but are now removed (without deleting files that are there by default)? Here is an example (Please ignore syntax. I hope it's clear what I'm trying to do. If not, let me know). /hiera/config.yaml -- engines: - 1 - 2 /modules/queue/manifests/upstart.pp -- define upstart{ file{/etc/init/queue-$name.conf: ensure = file, content = template('queue/upstart.conf.erb'), # The below would be nice, but is not supported #purge = true, #ignore = !(queue*) } } /modules/queue/manifests/init.pp -- define queue { upstart::queue{hiera_lookup('engines'):} } Puppet apply will create the following files correctly: /etc/init/queue-1.conf /etc/init/queue-2.conf Now I update the hiera config file to only include 1 engine: /hiera/config.yaml -- engines: - 1 But the /etc/init/queue02.conf file is not removed. I can't purge the directory because there are other scripts in that directory that I do not want to remove. If ruby supported extended globs I could use the purge and ignore parameters to accomplish this. Is there a good pattern for handling this? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Hash Access... Frustrating!
Boy... accessing hashes in puppet is downright painful. I have this in a yaml file... glusterfs_volumes: gfsvol01: master_node: gfs01.us1.xxx.com transport: tcp replicas: 0 nodes: - gfs01.us1.xxx.com hostname: gfs01 state: mounted - gfs02.us1.xxx.com hostname: gfs02 state: unmounted - gfs03.us1.xxx.com hostname: gfs03 state: mounted I'm loading it with: $config = hiera('glusterfs_volumes') $nodes = $config['gfsvol01']['nodes'] ... etc Works fine. I'm also calling a definition like this: glusterfs::add_bricks { [$nodes]: master_node = $master_node, brick_store = $brick_store, volume_name = $name, require = Glusterfs::Add_peers[$nodes]; } The question is, how do I access the hostname and state keys inside each node? The following (inside add_bricks): $node = $name['hostname'] notice (DEBUG nodes=$name) notice (DEBUG NODE=$node) yields, for each call to add_bricks: DEBUG nodes=statemountedgfs01.us1.xxx.com hostnamegfs01 DEBUG NODE= I can see the hash in $name... I just can't access the 'state' or 'hostname' keys, which are obviously there. How...? Doug. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Why this Could not evaluate error?
Hi, Thanks for the hugs :) There seem to be a problem with underlying provider / binaries on which said provider relies. Nothing wrong with your content, as far as I can tell from the little snippet provided. KW On Tuesday, August 28, 2012 4:37:51 PM UTC+1, Sandra Schlichting wrote: Please replace testip with mttj-linuxterm1-puppet =) -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/LHGLNHML-pAJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Puppet not picking up manifests
I created some manifest files, but my client doesn't seem to be picking them up. According to all of the tutorials, I'm doing this right, so I'm not sure what the issue is. nodes.pp: node default { include ntp } ntp.pp: class ntp { package { ntp: ensure = installed } service { ntpd: ensure = running, } } puppetd --test: dnsdomainname: Unknown host dnsdomainname: Unknown host info: Caching catalog for testserver info: Applying configuration version '1346184997' notice: Finished catalog run in 0.01 seconds -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Puppet Error
Hello, I am trying to build puppet on Amazon VPC and am getting this error pretty consistently. sudo puppet agent --test --server=ip-10-0-1-83 --waitforcert 60 err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run Puppetmaster: hostname -f ip-10-0-1-83 Client: hostname -f ip-10-0-1-26 I have tried deleting the ssl directory and regenerating the certificates, doesnt help. Anyone have any ideas? Is it because Amazon doesnt provide an FQDN to vpc instances? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/FyhAUW4-0Q4J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Puppet and AIX
Hi Everyone; I am working on installing puppet agents on AIX servers. I downloaded the rpm's from the puppet site: http://projects.puppetlabs.com/projects/1/wiki/PuppetAix However, I am confused about why db-3.1.11 is required. Isn't this a database package? Does anyone know why this is needed? Thanks a bunch! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] using puppet augeas to add entry in /etc/syslog.conf
Hi , Im trying to add a entry in /etc/syslog.conf using puppet augeas like this*.warning;mail.none;authpriv.none;cron.none @syslog_host , seems the way to do this with augeas is : augeas { syslog_conf: lens= syslog.lns, incl = /etc/syslog.conf, changes = [ ins entry after entry[last()], set entry[last()]/selector[1]/facility '*', set entry[last()]/selector[1]/level warning, set entry[last()]/selector[2]/facility mail, set entry[last()]/selector[2]/level none, set entry[last()]/selector[3]/facility authpriv, set entry[last()]/selector[3]/level none, set entry[last()]/selector[4]/facility cron, set entry[last()]/selector[4]/level none, set entry[last()]/action/hostname syslog_host, ], onlyif = match entry[hostname = 'syslog_host'] size == 0, } which is a lot of entries just for one line of config file, also augeas has some problem on Solaris 10 to parse /etc/syslog.conf , it there a better way ? I know could use file server or template, but I'm just trying to add an entry to the existing syslog.conf file, rather than store them in puppet master. there's a puppet module at https://github.com/mstrauss/puppet-editfile , which I haven't tried yet. Is there a plan to add editfile feature to puppet , this is becoming rather frustrating . Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/YqXFiwuWtxQJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Hash Access... Frustrating!
On Tuesday, August 28, 2012 2:55:20 PM UTC-5, Douglas wrote: Boy... accessing hashes in puppet is downright painful. I have this in a yaml file... glusterfs_volumes: gfsvol01: master_node: gfs01.us1.xxx.com transport: tcp replicas: 0 nodes: - gfs01.us1.xxx.com hostname: gfs01 state: mounted - gfs02.us1.xxx.com hostname: gfs02 state: unmounted - gfs03.us1.xxx.com hostname: gfs03 state: mounted I'm loading it with: $config = hiera('glusterfs_volumes') $nodes = $config['gfsvol01']['nodes'] ... etc Works fine. I'm also calling a definition like this: glusterfs::add_bricks { [$nodes]: master_node = $master_node, brick_store = $brick_store, volume_name = $name, require = Glusterfs::Add_peers[$nodes]; } The question is, how do I access the hostname and state keys inside each node? The following (inside add_bricks): $node = $name['hostname'] notice (DEBUG nodes=$name) notice (DEBUG NODE=$node) yields, for each call to add_bricks: DEBUG nodes=statemountedgfs01.us1.xxx.com hostnamegfs01 DEBUG NODE= I can see the hash in $name... I just can't access the 'state' or 'hostname' keys, which are obviously there. How...? Resource names are strings. If you try to use a hash as a resource name then it will be flattened. Generally speaking, you have several options: you could load the hash into a class variable, and have your definitions access it from there. You could also pass it as a parameter to your definition. You could even have the definition load it (again) via hiera. Sometimes the create_resources() function is convenient for unpacking a hash of hashes. I'm afraid I cannot recommend any specifics to you, however, because your YAML is not valid (according to http://yaml-online-parser.appspot.com/ and my own eyes), so I don't know what the data structure is supposed to be. It looks like something based on create_resources() might work out nicely for you, but I can't be sure. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/cS8_5qGpd8wJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Why this Could not evaluate error?
On Tuesday, August 28, 2012 3:03:45 PM UTC-5, Krzysztof Wilczynski wrote: Hi, Thanks for the hugs :) Never can get enough of those :) There seem to be a problem with underlying provider / binaries on which said provider relies. Nothing wrong with your content, as far as I can tell from the little snippet provided. If I recall correctly, 3.0.0RC3 was withdrawn. Frankly, I was a bit surprised that RC4 came out as soon as it did. Were I you, I would stick with Puppet 2.x for the time being, as it seems to be much more stable. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/ofH6UBulpCwJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Speed up file resource on Windows
Puppet is taking about 5 minutes per run on a Windows 2008 R2 server. Here's the breakdown: config_retrieval 1.638 exec 1.0764 file 320.1297 Total 322.8441 There are only 13 file resources: 4 are directories 2 are small powershell scripts 6 are relatively small text files 1 image file (9K png file) Puppet version is 2.7.19 Why so long ensuring these files are correct? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/sxstGOvzln0J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Announce: Hiera-Puppet 1.0.0 available
We are happy to announce Hiera-Puppet 1.0.0. It includes Puppet functions for hiera and also the puppet backend for hiera lookups. Downloads are available: * Source http://downloads.puppetlabs.com/hiera/hiera-puppet-1.0.0.tar.gz * Apt and yum repositories * Apple package http://puppetlabs.com/downloads/mac/hiera-puppet-1.0.0.dmg * Rubygems https://rubygems.org/downloads/hiera-puppet-1.0.0.gem It includes contributions from the following people: Andrew Parker, Gary Larizza, Hunter Haugen, Jeff McCune, Kelsey Hightower, Ken Barber, Matthaus Litteken, Nan Liu, Patrick Carlisle, and Will Hopper See the Verifying Puppet Download section at: http://projects.puppetlabs.com/projects/puppet/wiki/Downloading_Puppet#Verifying+Puppet+Downloads Please report feedback via the Puppet Labs Redmine site, using an affected version of 1.0.0: http://projects.puppetlabs.com/projects/hiera-puppet ## Hiera-Puppet 1.0.0 Changelog ## Andrew Parker (1): 89cde8d (Maint) Create a test for the puppet backend Gary Larizza (2): 894a7a4 Fail if a lookup key isn't passed 927de1f Add test coverage for hiera_hash() Hunter Haugen (1): 632457e Rubygems is not required to use hiera Jeff McCune (5): def41d5 Add watchr script d840325 (Maint) Use PuppetlabsSpec::PuppetSeams.parser_scope 88c5f9a (Maint) Fix mock error with hiera module 7ac4a54 (Maint) Fix missing spec_helper lines in some tests 84b4d11 (Maint) Rename PuppetlabsSpec::Puppet{Seams,Internals} Kelsey Hightower (8): 48bfccb (#14461) Remove Puppet parser functions a042de4 Revert (#14461) Remove Puppet parser functions 01e9122 (maint) Follow Puppet Labs style guide + code cleanup 95d7058 (maint) parser functions do not require hiera.yaml 8a49eab (maint) Add acceptance tests bdb8563 (#15184) Refactor parser functions 9ab901f (maint) Hiera Puppet now has a LICENSE file 44bc7cb (#15105) Update README YAML examples Ken Barber (1): 2df319a (#14124) Load rake tasks directly to fix tests for Ruby 1.9.x Matthaus Litteken (17): cb721c5 Add mac packaging to hiera-puppet 64b7375 Move conf to ext directory 4101d02 Add debian packaging for hiera-puppet 470c5c8 Add Redhat packaging to hiera-puppet 5adc454 Add package task to tasks 1138e65 Updating CHANGELOG for hiera-puppet 1.0.0rc1 378a1a2 Tweak debian packaging 9c23e9d Remove puppetlabs_spec_helper require from root Rakefile 8e4e76a (maint) Replace .should on blocks with .to 2fa4251 Update hiera-puppet package tasks c686adb Update debian package task to handle orig version properly and use the correct directory name when building. 416f098 Update hiera-puppet hiera dependency to ~ 1.0 1b2a5d1 Update CHANGELOG for 1.0.0rc2 0fbdd62 (#15291) Add Vendor tag to Hiera-Puppet spec file fd3fe17 Add hiera_puppet.rb to debian, redhat packages, fix gem version dependency 962453f Updating CHANGELOG for 1.0.0rc3 62492ba Updating CHANGELOG for 1.0.0, changing hiera dependency to ~ 1.0 Nan Liu (1): eb800e4 (#12037) hiera-puppet should support hash values. Patrick Carlisle (4): dbdda00 (#12122) Use nil as default answer in lookup 7a458a4 (#14841) Give useful error for array or hash lookup failure d76a9d8 (#14841) Add test for hiera_hash parser function b166328 (#14841) Add test coverage for remaining hiera parser functions Will Hopper (1): 5e516ee Update Debian packaging rake task to correctly create the orig.tar.gz -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Puppet not picking up manifests
Could you please link me to these tutorials, so I may destroy them. Okay, anyway, here's how Puppet works: The master has ONE manifest file that it ALWAYS reads, called /etc/puppet/manifests/site.pp. (use puppet master --configprint manifest to confirm its location. You can set the 'manifest' setting to change that.) It also OPTIONALLY can have an external node classifier; don't worry about that right now. The main manifest and the ENC can declare classes. Puppet will AUTOLOAD classes from MODULES. See here: http://docs.puppetlabs.com/puppet/2.7/reference/modules_fundamentals.html If you use an IMPORT statement in site.pp, you can also load arbitrary files like nodes.pp or nodes/somethingelse.pp. See here: http://docs.puppetlabs.com/puppet/2.7/reference/lang_import.html But you don't need to do this right now. So to get your simple thing working now: * rename nodes.pp to site.pp so puppet master will use it * move ntp.pp to /etc/puppet/modules/ntp/manifests/init.pp On Tuesday, August 28, 2012 1:19:23 PM UTC-7, Bai Shen wrote: I created some manifest files, but my client doesn't seem to be picking them up. According to all of the tutorials, I'm doing this right, so I'm not sure what the issue is. nodes.pp: node default { include ntp } ntp.pp: class ntp { package { ntp: ensure = installed } service { ntpd: ensure = running, } } puppetd --test: dnsdomainname: Unknown host dnsdomainname: Unknown host info: Caching catalog for testserver info: Applying configuration version '1346184997' notice: Finished catalog run in 0.01 seconds -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/ABbfMKE7JkgJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] trouble with nodes.pp regex
I'm having a bit of trouble figuring out how regex matching (and maybe inheritance?) are working in my nodes.pp file. I've got a host with the hostname lms-www0-2x-qa.domain 1) In my site.pp file I 'import nodes.pp' -- pretty sure that works 2) In my nodes.pp file, I have a default stanza -- modules in here are being applied to my nodes, no problem 3) Again in nodes.pp, node /qa/ inherits default -- this appears to be loading modules into the overall manifest that's applied to my server 4) Below the qa regex, I have node /www/ inherits default -- none of the modules mentioned here are being applied Is it a case of single matching? That my host can only match one of those stanzas in nodes.pp? Greg Damiani DevOps Engineer - 2tor, Inc. e: gdami...@2tor.com s: gregory.damiani c: (845) 548-6361 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Refresh not working with launchd service provider?
I'm seeing the same thing. I can't actually recall the last time I verified it was working, but it _was_ at some point in the past. Currently it's not, though, at least with puppet 2.7.18 on OS X 10.8.1. Debug output shows a trigger of a refresh, but no execs are ever run: [...] notice: /Stage[main]//Service[com.apple.mDNSResponder]: Triggered 'refresh' from 1 events debug: /Stage[main]//Service[com.apple.mDNSResponder]: The container Class[Main] will propagate my refresh event debug: /Schedule[weekly]: Skipping device resources because running on a host debug: /Schedule[puppet]: Skipping device resources because running on a host debug: Class[Main]: The container Stage[main] will propagate my refresh event debug: Finishing transaction 2223267580 debug: Storing state debug: Stored state in 0.29 seconds notice: Finished catalog run in 15.52 seconds On Tue, Jul 10, 2012 at 6:09 PM, David L Ballenger d...@davidlballenger.comwrote: Hi, Refresh doesn't seem to be working with the launched service provider on OS X Lion (10.7.4). I've come up with a simple service script, plist file and puppet script to apply to demonstrate. The problem. Here's the shell script which logs an initial starting message and then just loops logging a Still running… message. /usr/local/bin/example.sh: #!/bin/sh # We need to trap on TERM signals, according to Apple's launchd docs: # trap 'exit 1' 15 syslog -s -l 1 example.sh: Starting... while true; do sleep 15 syslog -s -l 1 example.sh: Still running... done Here's the launchd plist. /Library/LaunchDaemons/net.davidlballenger.example.plist: ?xml version=1.0 encoding=UTF-8? !DOCTYPE plist PUBLIC -//Apple Computer//DTD PLIST 1.0//EN http://www.apple.com/DTDs/PropertyList-1.0.dtd; plist version=1.0 dict keyKeepAlive/key true/ keyLabel/key stringnet.davidlballenger.example/string keyProgramArguments/key array string/usr/local/bin/example.sh/string /array /dict /plist Here's the example.pp file: $service_name = 'net.davidlballenger.example' $file_path = /var/tmp/${service_name} file { $file_path : content = $uptime_seconds , } service { $service_name : ensure= running, enable= true, subscribe = File[ $file_path ], } The File resource is updated with the facter variable $uptime_seconds each time it runs. And the Service subscribes to the that File resource. Assuming the script and plist file are in the appropriate places, then applying example.pp will start the service if it is not already running. But subsequent runs will not restart it, even though the log messages say that the file's content changed and that it triggered a refresh of the service. If I run the apply with --debug, the only launchctl command that I see in the output is a launchctl list command. Does anyone see anything wrong with the above files, or should I submit a bug report. Thanks - David -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Hash Access... Frustrating!
Having fixed the yaml... glusterfs_volumes: gfsvol01: master_node: gfs01.us1.xxx.com transport: tcp replicas: 0 nodes: - name: gfs01.us1.xxx.com bricks: - /var/bricks/b1 - name: gfs02.us1.xxx.com bricks: - /var/bricks/b2 - name: gfs03.us1.xxx.com bricks: - /var/bricks/b3 The issue is now how do I iterate over the nodes? They are no longer an array. They are an array of hashes, which puppet doesn't want to iterate over. Doug. On Tue, Aug 28, 2012 at 2:44 PM, jcbollinger john.bollin...@stjude.org wrote: On Tuesday, August 28, 2012 2:55:20 PM UTC-5, Douglas wrote: Boy... accessing hashes in puppet is downright painful. I have this in a yaml file... glusterfs_volumes: gfsvol01: master_node: gfs01.us1.xxx.com transport: tcp replicas: 0 nodes: - gfs01.us1.xxx.com hostname: gfs01 state: mounted - gfs02.us1.xxx.com hostname: gfs02 state: unmounted - gfs03.us1.xxx.com hostname: gfs03 state: mounted I'm loading it with: $config = hiera('glusterfs_volumes') $nodes = $config['gfsvol01']['nodes'] ... etc Works fine. I'm also calling a definition like this: glusterfs::add_bricks { [$nodes]: master_node = $master_node, brick_store = $brick_store, volume_name = $name, require = Glusterfs::Add_peers[$nodes]; } The question is, how do I access the hostname and state keys inside each node? The following (inside add_bricks): $node = $name['hostname'] notice (DEBUG nodes=$name) notice (DEBUG NODE=$node) yields, for each call to add_bricks: DEBUG nodes=statemountedgfs01.us1.xxx.com hostnamegfs01 DEBUG NODE= I can see the hash in $name... I just can't access the 'state' or 'hostname' keys, which are obviously there. How...? Resource names are strings. If you try to use a hash as a resource name then it will be flattened. Generally speaking, you have several options: you could load the hash into a class variable, and have your definitions access it from there. You could also pass it as a parameter to your definition. You could even have the definition load it (again) via hiera. Sometimes the create_resources() function is convenient for unpacking a hash of hashes. I'm afraid I cannot recommend any specifics to you, however, because your YAML is not valid (according to http://yaml-online-parser.appspot.com/ and my own eyes), so I don't know what the data structure is supposed to be. It looks like something based on create_resources() might work out nicely for you, but I can't be sure. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/cS8_5qGpd8wJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Regards, Douglas Garstang http://www.linkedin.com/in/garstang Email: doug.garst...@gmail.com Cell: +1-805-340-5627 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] trouble with nodes.pp regex
On 8/28/2012 4:24 PM, Gregory Damiani wrote: Is it a case of single matching? That my host can only match one of those stanzas in nodes.pp? Yes. You get one match. http://docs.puppetlabs.com/puppet/2.7/reference/lang_node_definitions.html#regular-expression-names Ramin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Hash Access... Frustrating!
It looks like it's flattening the darned thing out... :( err: Could not retrieve catalog from remote server: Could not intern from pson: Could not convert from pson: Could not find relationship source Glusterfs::Add_peers[bricks/var/bricks/b3namegfs03.us1.xxx.com] :( On Tue, Aug 28, 2012 at 4:31 PM, Douglas Garstang doug.garst...@gmail.com wrote: Having fixed the yaml... glusterfs_volumes: gfsvol01: master_node: gfs01.us1.xxx.com transport: tcp replicas: 0 nodes: - name: gfs01.us1.xxx.com bricks: - /var/bricks/b1 - name: gfs02.us1.xxx.com bricks: - /var/bricks/b2 - name: gfs03.us1.xxx.com bricks: - /var/bricks/b3 The issue is now how do I iterate over the nodes? They are no longer an array. They are an array of hashes, which puppet doesn't want to iterate over. Doug. On Tue, Aug 28, 2012 at 2:44 PM, jcbollinger john.bollin...@stjude.org wrote: On Tuesday, August 28, 2012 2:55:20 PM UTC-5, Douglas wrote: Boy... accessing hashes in puppet is downright painful. I have this in a yaml file... glusterfs_volumes: gfsvol01: master_node: gfs01.us1.xxx.com transport: tcp replicas: 0 nodes: - gfs01.us1.xxx.com hostname: gfs01 state: mounted - gfs02.us1.xxx.com hostname: gfs02 state: unmounted - gfs03.us1.xxx.com hostname: gfs03 state: mounted I'm loading it with: $config = hiera('glusterfs_volumes') $nodes = $config['gfsvol01']['nodes'] ... etc Works fine. I'm also calling a definition like this: glusterfs::add_bricks { [$nodes]: master_node = $master_node, brick_store = $brick_store, volume_name = $name, require = Glusterfs::Add_peers[$nodes]; } The question is, how do I access the hostname and state keys inside each node? The following (inside add_bricks): $node = $name['hostname'] notice (DEBUG nodes=$name) notice (DEBUG NODE=$node) yields, for each call to add_bricks: DEBUG nodes=statemountedgfs01.us1.xxx.com hostnamegfs01 DEBUG NODE= I can see the hash in $name... I just can't access the 'state' or 'hostname' keys, which are obviously there. How...? Resource names are strings. If you try to use a hash as a resource name then it will be flattened. Generally speaking, you have several options: you could load the hash into a class variable, and have your definitions access it from there. You could also pass it as a parameter to your definition. You could even have the definition load it (again) via hiera. Sometimes the create_resources() function is convenient for unpacking a hash of hashes. I'm afraid I cannot recommend any specifics to you, however, because your YAML is not valid (according to http://yaml-online-parser.appspot.com/ and my own eyes), so I don't know what the data structure is supposed to be. It looks like something based on create_resources() might work out nicely for you, but I can't be sure. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/cS8_5qGpd8wJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Regards, Douglas Garstang http://www.linkedin.com/in/garstang Email: doug.garst...@gmail.com Cell: +1-805-340-5627 -- Regards, Douglas Garstang http://www.linkedin.com/in/garstang Email: doug.garst...@gmail.com Cell: +1-805-340-5627 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Hash Access... Frustrating!
You still can't use anything other than a string as a resource title. Since you're passing an array of hashes, it's being converted to a string, specifically by Puppet::Resource::Type#set_name_and_namespace, which does @name = name.to_s.downcase. In your case, you'll probably want to use the create_resources function ( http://docs.puppetlabs.com/references/stable/function.html#createresources). Something like $config = hiera('glusterfs_volumes') create_resources(glusterfs::add_brick, $config['gfsvol01']['nodes']) might work. -- Jenner On Tuesday, August 28, 2012 4:39:57 PM UTC-7, Douglas wrote: It looks like it's flattening the darned thing out... :( err: Could not retrieve catalog from remote server: Could not intern from pson: Could not convert from pson: Could not find relationship source Glusterfs::Add_peers[bricks/var/bricks/b3namegfs03.us1.xxx.com] :( On Tue, Aug 28, 2012 at 4:31 PM, Douglas Garstang doug.g...@gmail.com javascript: wrote: Having fixed the yaml... glusterfs_volumes: gfsvol01: master_node: gfs01.us1.xxx.com transport: tcp replicas: 0 nodes: - name: gfs01.us1.xxx.com bricks: - /var/bricks/b1 - name: gfs02.us1.xxx.com bricks: - /var/bricks/b2 - name: gfs03.us1.xxx.com bricks: - /var/bricks/b3 The issue is now how do I iterate over the nodes? They are no longer an array. They are an array of hashes, which puppet doesn't want to iterate over. Doug. On Tue, Aug 28, 2012 at 2:44 PM, jcbollinger john.bo...@stjude.orgjavascript: wrote: On Tuesday, August 28, 2012 2:55:20 PM UTC-5, Douglas wrote: Boy... accessing hashes in puppet is downright painful. I have this in a yaml file... glusterfs_volumes: gfsvol01: master_node: gfs01.us1.xxx.com transport: tcp replicas: 0 nodes: - gfs01.us1.xxx.com hostname: gfs01 state: mounted - gfs02.us1.xxx.com hostname: gfs02 state: unmounted - gfs03.us1.xxx.com hostname: gfs03 state: mounted I'm loading it with: $config = hiera('glusterfs_volumes') $nodes = $config['gfsvol01']['nodes'] ... etc Works fine. I'm also calling a definition like this: glusterfs::add_bricks { [$nodes]: master_node = $master_node, brick_store = $brick_store, volume_name = $name, require = Glusterfs::Add_peers[$nodes]; } The question is, how do I access the hostname and state keys inside each node? The following (inside add_bricks): $node = $name['hostname'] notice (DEBUG nodes=$name) notice (DEBUG NODE=$node) yields, for each call to add_bricks: DEBUG nodes=statemountedgfs01.us1.xxx.com hostnamegfs01 DEBUG NODE= I can see the hash in $name... I just can't access the 'state' or 'hostname' keys, which are obviously there. How...? Resource names are strings. If you try to use a hash as a resource name then it will be flattened. Generally speaking, you have several options: you could load the hash into a class variable, and have your definitions access it from there. You could also pass it as a parameter to your definition. You could even have the definition load it (again) via hiera. Sometimes the create_resources() function is convenient for unpacking a hash of hashes. I'm afraid I cannot recommend any specifics to you, however, because your YAML is not valid (according to http://yaml-online-parser.appspot.com/and my own eyes), so I don't know what the data structure is supposed to be. It looks like something based on create_resources() might work out nicely for you, but I can't be sure. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/cS8_5qGpd8wJ. To post to this group, send email to puppet...@googlegroups.comjavascript:. To unsubscribe from this group, send email to puppet-users...@googlegroups.com javascript:. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Regards, Douglas Garstang http://www.linkedin.com/in/garstang Email: doug.g...@gmail.com javascript: Cell: +1-805-340-5627 -- Regards, Douglas Garstang http://www.linkedin.com/in/garstang Email: doug.g...@gmail.com javascript: Cell: +1-805-340-5627 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit
Re: [Puppet Users] Re: Puppet not picking up manifests
Hi, And see to that you get output while going for this command # dnsdomainname example.com Regards, System Admin Ashish Jaiswal On Wednesday 29 August 2012 04:25:23 AM IST, Nick Fagerlund wrote: Could you please link me to these tutorials, so I may destroy them. Okay, anyway, here's how Puppet works: The master has ONE manifest file that it ALWAYS reads, called /etc/puppet/manifests/site.pp. (use puppet master --configprint manifest to confirm its location. You can set the 'manifest' setting to change that.) It also OPTIONALLY can have an external node classifier; don't worry about that right now. The main manifest and the ENC can declare classes. Puppet will AUTOLOAD classes from MODULES. See here: http://docs.puppetlabs.com/puppet/2.7/reference/modules_fundamentals.html If you use an IMPORT statement in site.pp, you can also load arbitrary files like nodes.pp or nodes/somethingelse.pp. See here: http://docs.puppetlabs.com/puppet/2.7/reference/lang_import.html But you don't need to do this right now. So to get your simple thing working now: * rename nodes.pp to site.pp so puppet master will use it * move ntp.pp to /etc/puppet/modules/ntp/manifests/init.pp On Tuesday, August 28, 2012 1:19:23 PM UTC-7, Bai Shen wrote: I created some manifest files, but my client doesn't seem to be picking them up. According to all of the tutorials, I'm doing this right, so I'm not sure what the issue is. nodes.pp: node default { include ntp } ntp.pp: class ntp { package { ntp: ensure = installed } service { ntpd: ensure = running, } } puppetd --test: dnsdomainname: Unknown host dnsdomainname: Unknown host info: Caching catalog for testserver info: Applying configuration version '1346184997' notice: Finished catalog run in 0.01 seconds -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/ABbfMKE7JkgJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Error 400 on SERVER: Could not write /var/lib/puppet/ssl/ca/requests/agent1.pem to csrdir: undefined method `exists?' for nil:NilClass
Much thanks for your reply. Is this your meaning: [edward@edward ~]$* cd /var/lib/puppet/* [edward@edward puppet]$ ls bucket clientbucket client_yaml lib rrd sslyaml classes.txt client_data factsreports server_data state [edward@edward puppet]$ cd ssl *[edward@edward ssl]$ ls ls: cannot open directory .: Permission denied* [edward@edward ssl]$ As a regular user I can't open this directory,otherwise I am a root user. I deleted this directory with rm -rf when I install puppet,then let it create a new ssl in a root. Is that question?How can I do? 在 2012年8月29日星期三UTC+8上午12时15分07秒,Ashish Jaiswal写道: Hi, To me it seems to be permission issue on SSL directory on master .. can you let me what is the permission on SSL directory .. This is just a wild guess.. Regards, Ashish Jaiswal On Aug 28, 2012 12:53 PM, Edward Tuan duany...@gmail.com javascript: wrote: I've been confused by this question for near two days ...my puppet master version is 2.7.9-1.el6 and client versiong is 2.6.16-2.el5. This is what my command lines shows: *[root@agent1 ~]# puppet agent --server=edward --test --waitforce 30* info: Creating a new SSL key for agent1 warning: peer certificate won't be verified in this SSL session info: Caching certificate for ca warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session info: Creating a new SSL certificate request for agent1 info: Certificate Request fingerprint (md5): 4C:03:FE:BD:B8:68:4A:AB:F8:DC:BA:36:38:38:9C:8E warning: peer certificate won't be verified in this SSL session err: Could not request certificate: Error 400 on SERVER: Could not write /var/lib/puppet/ssl/ca/requests/agent1.pem to csrdir: undefined method `exists?' for nil:NilClass then,I make run that with debug options and the result is : *[root@agent1 ~]# puppet agent --server=edward --debug --waitforce 30* debug: Failed to load library 'rubygems' for feature 'rubygems' debug: Puppet::Type::User::ProviderPw: file pw does not exist debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dscl does not exist debug: Puppet::Type::User::ProviderLdap: true value when expecting false debug: Puppet::Type::User::ProviderUser_role_add: file roleadd does not exist debug: Puppet::Type::File::ProviderMicrosoft_windows: feature microsoft_windows is missing debug: Failed to load library 'ldap' for feature 'ldap' debug: /File[/var/lib/puppet/ssl/private_keys/agent1.pem]: Autorequiring File[/var/lib/puppet/ssl/private_keys] debug: /File[/var/lib/puppet/ssl/certificate_requests]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl/certs]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl]: Autorequiring File[/var/lib/puppet] debug: /File[/etc/puppet/puppet.conf]: Autorequiring File[/etc/puppet] debug: /File[/var/lib/puppet/ssl/public_keys/agent1.pem]: Autorequiring File[/var/lib/puppet/ssl/public_keys] debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl/public_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/client_data]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/client_yaml]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/state/graphs]: Autorequiring File[/var/lib/puppet/state] debug: /File[/var/lib/puppet/ssl/private]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl/private_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/clientbucket]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl/certs/ca.pem]: Autorequiring File[/var/lib/puppet/ssl/certs] debug: /File[/var/lib/puppet/ssl/private_keys/agent1.pem]/mode: mode changed '640' to '600' debug: /File[/var/lib/puppet/ssl/public_keys/agent1.pem]/mode: mode changed '640' to '644' debug: Finishing transaction -606807388 Can somebody help me solve my problem? Hope your response sinceryly! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/plfJBjR9FPQJ. To post to this group, send email to puppet...@googlegroups.comjavascript: . To unsubscribe from this group, send email to puppet-users...@googlegroups.com javascript:. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/KCLcnqxmvHcJ. To post to this group, send email to
Re: [Puppet Users] Error 400 on SERVER: Could not write /var/lib/puppet/ssl/ca/requests/agent1.pem to csrdir: undefined method `exists?' for nil:NilClass
Hi Edward, You won't be able to access as normal user, you need to be root for that. If you have deleted your ssl directory, nothing much to worry it will generate again, what I was asking the permission on ssl directory.? On my server it has something like this # ls drwxrwx--x 8 puppet root 4096 2012-05-15 01:08 ssl/ You can refer to this link http://projects.puppetlabs.com/projects/1/wiki/certificates_and_security -Ashish On Wednesday 29 August 2012 07:40:06 AM IST, Edward Tuan wrote: Much thanks for your reply. Is this your meaning: [edward@edward ~]$*cd /var/lib/puppet/* [edward@edward puppet]$ ls bucket clientbucket client_yaml lib rrd sslyaml classes.txt client_data factsreports server_data state [edward@edward puppet]$ cd ssl *[edward@edward ssl]$ ls ls: cannot open directory .: Permission denied* [edward@edward ssl]$ As a regular user I can't open this directory,otherwise I am a root user. I deleted this directory with rm -rf when I install puppet,then let it create a new ssl in a root. Is that question?How can I do? 在 2012年8月29日星期三UTC+8上午12时15分07秒,Ashish Jaiswal写道: Hi, To me it seems to be permission issue on SSL directory on master .. can you let me what is the permission on SSL directory .. This is just a wild guess.. Regards, Ashish Jaiswal On Aug 28, 2012 12:53 PM, Edward Tuan duany...@gmail.com javascript: wrote: I've been confused by this question for near two days ...my puppet master version is 2.7.9-1.el6 and client versiong is 2.6.16-2.el5. This is what my command lines shows: *[root@agent1 ~]# puppet agent --server=edward --test --waitforce 30* info: Creating a new SSL key for agent1 warning: peer certificate won't be verified in this SSL session info: Caching certificate for ca warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session info: Creating a new SSL certificate request for agent1 info: Certificate Request fingerprint (md5): 4C:03:FE:BD:B8:68:4A:AB:F8:DC:BA:36:38:38:9C:8E warning: peer certificate won't be verified in this SSL session err: Could not request certificate: Error 400 on SERVER: Could not write /var/lib/puppet/ssl/ca/requests/agent1.pem to csrdir: undefined method `exists?' for nil:NilClass then,I make run that with debug options and the result is : *[root@agent1 ~]# puppet agent --server=edward --debug --waitforce 30* debug: Failed to load library 'rubygems' for feature 'rubygems' debug: Puppet::Type::User::ProviderPw: file pw does not exist debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dscl does not exist debug: Puppet::Type::User::ProviderLdap: true value when expecting false debug: Puppet::Type::User::ProviderUser_role_add: file roleadd does not exist debug: Puppet::Type::File::ProviderMicrosoft_windows: feature microsoft_windows is missing debug: Failed to load library 'ldap' for feature 'ldap' debug: /File[/var/lib/puppet/ssl/private_keys/agent1.pem]: Autorequiring File[/var/lib/puppet/ssl/private_keys] debug: /File[/var/lib/puppet/ssl/certificate_requests]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl/certs]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl]: Autorequiring File[/var/lib/puppet] debug: /File[/etc/puppet/puppet.conf]: Autorequiring File[/etc/puppet] debug: /File[/var/lib/puppet/ssl/public_keys/agent1.pem]: Autorequiring File[/var/lib/puppet/ssl/public_keys] debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl/public_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/client_data]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/client_yaml]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/state/graphs]: Autorequiring File[/var/lib/puppet/state] debug: /File[/var/lib/puppet/ssl/private]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl/private_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/clientbucket]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl/certs/ca.pem]: Autorequiring File[/var/lib/puppet/ssl/certs] debug:
Re: [Puppet Users] Re: Hash Access... Frustrating!
Thanks. I'll check it out. Does anyone know where the docs for this are? All the links on the puppet web site are broken for create_resources. Doug. On Tue, Aug 28, 2012 at 6:03 PM, Jenner La Fave jen...@edgetechsd.com wrote: You still can't use anything other than a string as a resource title. Since you're passing an array of hashes, it's being converted to a string, specifically by Puppet::Resource::Type#set_name_and_namespace, which does @name = name.to_s.downcase. In your case, you'll probably want to use the create_resources function (http://docs.puppetlabs.com/references/stable/function.html#createresources). Something like $config = hiera('glusterfs_volumes') create_resources(glusterfs::add_brick, $config['gfsvol01']['nodes']) might work. -- Jenner On Tuesday, August 28, 2012 4:39:57 PM UTC-7, Douglas wrote: It looks like it's flattening the darned thing out... :( err: Could not retrieve catalog from remote server: Could not intern from pson: Could not convert from pson: Could not find relationship source Glusterfs::Add_peers[bricks/var/bricks/b3namegfs03.us1.xxx.com] :( On Tue, Aug 28, 2012 at 4:31 PM, Douglas Garstang doug.g...@gmail.com wrote: Having fixed the yaml... glusterfs_volumes: gfsvol01: master_node: gfs01.us1.xxx.com transport: tcp replicas: 0 nodes: - name: gfs01.us1.xxx.com bricks: - /var/bricks/b1 - name: gfs02.us1.xxx.com bricks: - /var/bricks/b2 - name: gfs03.us1.xxx.com bricks: - /var/bricks/b3 The issue is now how do I iterate over the nodes? They are no longer an array. They are an array of hashes, which puppet doesn't want to iterate over. Doug. On Tue, Aug 28, 2012 at 2:44 PM, jcbollinger john.bo...@stjude.org wrote: On Tuesday, August 28, 2012 2:55:20 PM UTC-5, Douglas wrote: Boy... accessing hashes in puppet is downright painful. I have this in a yaml file... glusterfs_volumes: gfsvol01: master_node: gfs01.us1.xxx.com transport: tcp replicas: 0 nodes: - gfs01.us1.xxx.com hostname: gfs01 state: mounted - gfs02.us1.xxx.com hostname: gfs02 state: unmounted - gfs03.us1.xxx.com hostname: gfs03 state: mounted I'm loading it with: $config = hiera('glusterfs_volumes') $nodes = $config['gfsvol01']['nodes'] ... etc Works fine. I'm also calling a definition like this: glusterfs::add_bricks { [$nodes]: master_node = $master_node, brick_store = $brick_store, volume_name = $name, require = Glusterfs::Add_peers[$nodes]; } The question is, how do I access the hostname and state keys inside each node? The following (inside add_bricks): $node = $name['hostname'] notice (DEBUG nodes=$name) notice (DEBUG NODE=$node) yields, for each call to add_bricks: DEBUG nodes=statemountedgfs01.us1.xxx.com hostnamegfs01 DEBUG NODE= I can see the hash in $name... I just can't access the 'state' or 'hostname' keys, which are obviously there. How...? Resource names are strings. If you try to use a hash as a resource name then it will be flattened. Generally speaking, you have several options: you could load the hash into a class variable, and have your definitions access it from there. You could also pass it as a parameter to your definition. You could even have the definition load it (again) via hiera. Sometimes the create_resources() function is convenient for unpacking a hash of hashes. I'm afraid I cannot recommend any specifics to you, however, because your YAML is not valid (according to http://yaml-online-parser.appspot.com/ and my own eyes), so I don't know what the data structure is supposed to be. It looks like something based on create_resources() might work out nicely for you, but I can't be sure. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/cS8_5qGpd8wJ. To post to this group, send email to puppet...@googlegroups.com. To unsubscribe from this group, send email to puppet-users...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Regards, Douglas Garstang http://www.linkedin.com/in/garstang Email: doug.g...@gmail.com Cell: +1-805-340-5627 -- Regards, Douglas Garstang http://www.linkedin.com/in/garstang Email: doug.g...@gmail.com Cell: +1-805-340-5627 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit
Re: [Puppet Users] Re: Hash Access... Frustrating!
Oops. There's a working link right there... On Tue, Aug 28, 2012 at 7:38 PM, Douglas Garstang doug.garst...@gmail.com wrote: Thanks. I'll check it out. Does anyone know where the docs for this are? All the links on the puppet web site are broken for create_resources. Doug. On Tue, Aug 28, 2012 at 6:03 PM, Jenner La Fave jen...@edgetechsd.com wrote: You still can't use anything other than a string as a resource title. Since you're passing an array of hashes, it's being converted to a string, specifically by Puppet::Resource::Type#set_name_and_namespace, which does @name = name.to_s.downcase. In your case, you'll probably want to use the create_resources function (http://docs.puppetlabs.com/references/stable/function.html#createresources). Something like $config = hiera('glusterfs_volumes') create_resources(glusterfs::add_brick, $config['gfsvol01']['nodes']) might work. -- Jenner On Tuesday, August 28, 2012 4:39:57 PM UTC-7, Douglas wrote: It looks like it's flattening the darned thing out... :( err: Could not retrieve catalog from remote server: Could not intern from pson: Could not convert from pson: Could not find relationship source Glusterfs::Add_peers[bricks/var/bricks/b3namegfs03.us1.xxx.com] :( On Tue, Aug 28, 2012 at 4:31 PM, Douglas Garstang doug.g...@gmail.com wrote: Having fixed the yaml... glusterfs_volumes: gfsvol01: master_node: gfs01.us1.xxx.com transport: tcp replicas: 0 nodes: - name: gfs01.us1.xxx.com bricks: - /var/bricks/b1 - name: gfs02.us1.xxx.com bricks: - /var/bricks/b2 - name: gfs03.us1.xxx.com bricks: - /var/bricks/b3 The issue is now how do I iterate over the nodes? They are no longer an array. They are an array of hashes, which puppet doesn't want to iterate over. Doug. On Tue, Aug 28, 2012 at 2:44 PM, jcbollinger john.bo...@stjude.org wrote: On Tuesday, August 28, 2012 2:55:20 PM UTC-5, Douglas wrote: Boy... accessing hashes in puppet is downright painful. I have this in a yaml file... glusterfs_volumes: gfsvol01: master_node: gfs01.us1.xxx.com transport: tcp replicas: 0 nodes: - gfs01.us1.xxx.com hostname: gfs01 state: mounted - gfs02.us1.xxx.com hostname: gfs02 state: unmounted - gfs03.us1.xxx.com hostname: gfs03 state: mounted I'm loading it with: $config = hiera('glusterfs_volumes') $nodes = $config['gfsvol01']['nodes'] ... etc Works fine. I'm also calling a definition like this: glusterfs::add_bricks { [$nodes]: master_node = $master_node, brick_store = $brick_store, volume_name = $name, require = Glusterfs::Add_peers[$nodes]; } The question is, how do I access the hostname and state keys inside each node? The following (inside add_bricks): $node = $name['hostname'] notice (DEBUG nodes=$name) notice (DEBUG NODE=$node) yields, for each call to add_bricks: DEBUG nodes=statemountedgfs01.us1.xxx.com hostnamegfs01 DEBUG NODE= I can see the hash in $name... I just can't access the 'state' or 'hostname' keys, which are obviously there. How...? Resource names are strings. If you try to use a hash as a resource name then it will be flattened. Generally speaking, you have several options: you could load the hash into a class variable, and have your definitions access it from there. You could also pass it as a parameter to your definition. You could even have the definition load it (again) via hiera. Sometimes the create_resources() function is convenient for unpacking a hash of hashes. I'm afraid I cannot recommend any specifics to you, however, because your YAML is not valid (according to http://yaml-online-parser.appspot.com/ and my own eyes), so I don't know what the data structure is supposed to be. It looks like something based on create_resources() might work out nicely for you, but I can't be sure. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/cS8_5qGpd8wJ. To post to this group, send email to puppet...@googlegroups.com. To unsubscribe from this group, send email to puppet-users...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Regards, Douglas Garstang http://www.linkedin.com/in/garstang Email: doug.g...@gmail.com Cell: +1-805-340-5627 -- Regards, Douglas Garstang http://www.linkedin.com/in/garstang Email: doug.g...@gmail.com Cell: +1-805-340-5627 -- You received this message
Re: [Puppet Users] Error 400 on SERVER: Could not write /var/lib/puppet/ssl/ca/requests/agent1.pem to csrdir: undefined method `exists?' for nil:NilClass
Hi Ashish, 1st, what on my server is this: [root@edward ~]# ls -ld /var/lib/puppet/ssl/ drwxrwx--x. 8 puppet root 4096 Aug 27 17:21 /var/lib/puppet/ssl/ [root@edward ~]# 2nd, I debug on my server with puppet cert --list --debug, and the result is(not far only this,I just show 5 lines): debug: Puppet::Type::User::ProviderUser_role_add: file roleadd does not exist debug: Puppet::Type::User::ProviderLdap: true value when expecting false debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dscl does not exist debug: Puppet::Type::User::ProviderPw: file pw does not exist debug: /File[/var/lib/puppet/ssl/ca/requests]/seluser: Found seluser default 'system_u' for /var/lib/puppet/ssl/ca/requests 3rd, I read what you have linked to me: there is one sentence(under the * Certificates*): *You can manually copy the master certificate through a secure channel to the client if you want to*, does I do that can solve my question? How can I do? --Edward. 在 2012年8月29日星期三UTC+8上午10时22分41秒,Ashish Jaiswal写道: Hi Edward, You won't be able to access as normal user, you need to be root for that. If you have deleted your ssl directory, nothing much to worry it will generate again, what I was asking the permission on ssl directory.? On my server it has something like this # ls drwxrwx--x 8 puppet root 4096 2012-05-15 01:08 ssl/ You can refer to this link http://projects.puppetlabs.com/projects/1/wiki/certificates_and_security -Ashish On Wednesday 29 August 2012 07:40:06 AM IST, Edward Tuan wrote: Much thanks for your reply. Is this your meaning: [edward@edward ~]$*cd /var/lib/puppet/* [edward@edward puppet]$ ls bucket clientbucket client_yaml lib rrd ssl yaml classes.txt client_data factsreports server_data state [edward@edward puppet]$ cd ssl *[edward@edward ssl]$ ls ls: cannot open directory .: Permission denied* [edward@edward ssl]$ As a regular user I can't open this directory,otherwise I am a root user. I deleted this directory with rm -rf when I install puppet,then let it create a new ssl in a root. Is that question?How can I do? 在 2012年8月29日星期三UTC+8上午12时15分07秒,Ashish Jaiswal写道: Hi, To me it seems to be permission issue on SSL directory on master .. can you let me what is the permission on SSL directory .. This is just a wild guess.. Regards, Ashish Jaiswal On Aug 28, 2012 12:53 PM, Edward Tuan duany...@gmail.com javascript: wrote: I've been confused by this question for near two days ...my puppet master version is 2.7.9-1.el6 and client versiong is 2.6.16-2.el5. This is what my command lines shows: *[root@agent1 ~]# puppet agent --server=edward --test --waitforce 30* info: Creating a new SSL key for agent1 warning: peer certificate won't be verified in this SSL session info: Caching certificate for ca warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session info: Creating a new SSL certificate request for agent1 info: Certificate Request fingerprint (md5): 4C:03:FE:BD:B8:68:4A:AB:F8:DC:BA:36:38:38:9C:8E warning: peer certificate won't be verified in this SSL session err: Could not request certificate: Error 400 on SERVER: Could not write /var/lib/puppet/ssl/ca/requests/agent1.pem to csrdir: undefined method `exists?' for nil:NilClass then,I make run that with debug options and the result is : *[root@agent1 ~]# puppet agent --server=edward --debug --waitforce 30* debug: Failed to load library 'rubygems' for feature 'rubygems' debug: Puppet::Type::User::ProviderPw: file pw does not exist debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dscl does not exist debug: Puppet::Type::User::ProviderLdap: true value when expecting false debug: Puppet::Type::User::ProviderUser_role_add: file roleadd does not exist debug: Puppet::Type::File::ProviderMicrosoft_windows: feature microsoft_windows is missing debug: Failed to load library 'ldap' for feature 'ldap' debug: /File[/var/lib/puppet/ssl/private_keys/agent1.pem]: Autorequiring File[/var/lib/puppet/ssl/private_keys] debug: /File[/var/lib/puppet/ssl/certificate_requests]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl/certs]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl]: Autorequiring File[/var/lib/puppet]
Re: [Puppet Users] Re: Puppet not picking up manifests
On Tue, Aug 28, 2012 at 3:55 PM, Nick Fagerlund nick.fagerl...@puppetlabs.com wrote: Could you please link me to these tutorials, so I may destroy them. It is easy to destroy incomplete tutorials, but harder to offer something good instead! When I started using Puppet it took long time until I suddenly found somewhere that the starting point is site.pp After that all went flawlessly. But this first step was very hard to understand. It would be nice to have a working scenario that describes basic details, how Puppet works, step by step, instead of long explanations of syntax, variables, and tricks with code optimization that are not needed to start running it. Anatoliy Okay, anyway, here's how Puppet works: The master has ONE manifest file that it ALWAYS reads, called /etc/puppet/manifests/site.pp. (use puppet master --configprint manifest to confirm its location. You can set the 'manifest' setting to change that.) It also OPTIONALLY can have an external node classifier; don't worry about that right now. The main manifest and the ENC can declare classes. Puppet will AUTOLOAD classes from MODULES. See here: http://docs.puppetlabs.com/puppet/2.7/reference/modules_fundamentals.html If you use an IMPORT statement in site.pp, you can also load arbitrary files like nodes.pp or nodes/somethingelse.pp. See here: http://docs.puppetlabs.com/puppet/2.7/reference/lang_import.html But you don't need to do this right now. So to get your simple thing working now: * rename nodes.pp to site.pp so puppet master will use it * move ntp.pp to /etc/puppet/modules/ntp/manifests/init.pp On Tuesday, August 28, 2012 1:19:23 PM UTC-7, Bai Shen wrote: I created some manifest files, but my client doesn't seem to be picking them up. According to all of the tutorials, I'm doing this right, so I'm not sure what the issue is. nodes.pp: node default { include ntp } ntp.pp: class ntp { package { ntp: ensure = installed } service { ntpd: ensure = running, } } puppetd --test: dnsdomainname: Unknown host dnsdomainname: Unknown host info: Caching catalog for testserver info: Applying configuration version '1346184997' notice: Finished catalog run in 0.01 seconds -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/ABbfMKE7JkgJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] hiera-puppet no longer installs
I'm unable to install hiera-puppet. Seems it requires hiera ~ 1.0. $ gem install hiera-puppet ERROR: While executing gem ... (Gem::DependencyError) Unable to resolve dependencies: hiera-puppet requires hiera (~ 1.0) Hiera installs, but version 0.3.0 $ gem install hiera Fetching: hiera-0.3.0.gem (100%) Successfully installed hiera-0.3.0 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/cKz0pYFMxKIJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] dmz network configuration
Hi all, I need to install puppet agent on some DMZ hosts, so I need to have all TCP ports. Can anyone tell me what the data flow is between agents and the master? Also, what would be the case when using MCollective, inseatad of puppet kick? Thanks. -- Beware of programmers who carry screwdrivers! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.