[Puppet Users] notify vs. require of services
Hi readers, I had this idea. I am deploying a configuration file of a service with puppet, and I want to restart the service if the file changes. so I had this idea that the file definition contains a require= and a notify= for the service. that does not work, because Puppet does assume cyclic dependencies then. And I have no clue whatsoever why. both statements go from file to service (or from service to file, however you like to put it), but I really don't see a cyclic dependency here. can anyone help me out? thanks in advance, axel. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/7y8HA_Nt0g4J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] notify vs. require of services
- Original Message - From: Axel Bock axel.b...@arbeitsagentur.de To: puppet-users@googlegroups.com Sent: Wednesday, September 5, 2012 9:47:03 AM Subject: [Puppet Users] notify vs. require of services Hi readers, I had this idea. I am deploying a configuration file of a service with puppet, and I want to restart the service if the file changes. so I had this idea that the file definition contains a require= and a notify= for the service. that does not work, because Puppet does assume cyclic dependencies then. And I have no clue whatsoever why. both statements go from file to service (or from service to file, however you like to put it), but I really don't see a cyclic dependency here. file{x: require = Service[y], notify = Service[y]} The require says 'do the service before the file' while the notify says 'once the file changed, restart the service'. You cant manage the service both before and after a file so there's a conflict. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Facter does not deliver ip addresses
Hello, @Joseph: not yet. @Eric: sure :) . SLES 11 SP2, and the output is here: http://pastebin.com/jqgNmewk But I have an idea. I have another host where it still works. The host it stopped working on has two IP addresses configured on one (!) network device. so an ip a gives me: [...] 2: eth0: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:50:56:99:05:02 brd ff:ff:ff:ff:ff:ff *inet 130.250.8.15/24 *brd 130.250.8.255 scope global eth0 *inet 130.250.8.20/24 *brd 130.250.8.255 scope global secondary eth0 [...] Maybe this is not actually covered by the detection algorithm of facter? :) Anyway, thanks for your help! Axel. Am Dienstag, 4. September 2012 23:57:08 UTC+2 schrieb Eric Sorenson: Hi Axel - what OS? What version of Facter? What does the output of your 'ifconfig -a' (or local equivalent) look like? Could you please run 'facter --debug' and pastebin the output somewhere? On Monday, August 20, 2012 1:19:39 AM UTC-7, Axel Bock wrote: Hi readers, another problem of mine. A host which worked just fine on friday is now not able to find out its own IP address. The reason is pretty simple as far as I have figured out: Facter. Facter returns the network interfaces just fine: interfaces=eth0,eth1, but then the ipaddress_ETHx entries are completely missing. Any idea what could be the cause of this? Thanks in advance greetings, Axel. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/HDWQfJIjv3wJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: troubleshooting resource collection
On Wednesday, August 29, 2012 11:12:12 PM UTC+2, jcbollinger wrote: On Wednesday, August 29, 2012 9:34:24 AM UTC-5, Frank Van Damme wrote: On Wednesday, August 29, 2012 4:14:27 PM UTC+2, jcbollinger wrote: There is, in another class (and as I wrote, the collection sort of works because I see the output of the 'notify{knownhosts class: $fqdn $hostname $ipaddress :}' above) That you see the output of your 'notify' proves only that class 'ssh::knownhosts' is included in the target node's catalog. It therefore compiled successfully, but that says nothing about what resources were actually collected. If nothing is showing up in /etc/ssh/ssh_known_hosts, then that almost certainly means that no Sshkey resources are being collected. The most likely explanations then are that your class 'ssh:hostkeys' is not being included in your nodes' catalogs, or else that you do not have [thin]storeconfigs configured. If the target node's key is showing up but no other nodes' are, then the most likely explanations are that your other nodes are not getting class 'ssh::hostkeys' in their catalogs, that they have not checked in with the Puppetmaster since that class was assigned to them, or that you do not have [thin]storeconfigs configured. That turned out to be the problem, storeconfigs was still disabled! Thank you! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/V2jzFnLi_EIJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: notify vs. require of services
hm, I still don't see the logic. I think this is a common scenario (please tell me I'm wrong) that you ensure presence of a service generally, and then deploy a config file, and on changes you want - of course - the service to be restarted. or ... not?! is there a puppet pattern on how to do this maybe? Thanks, Axel. Am Mittwoch, 5. September 2012 10:47:04 UTC+2 schrieb Axel Bock: Hi readers, I had this idea. I am deploying a configuration file of a service with puppet, and I want to restart the service if the file changes. so I had this idea that the file definition contains a require= and a notify= for the service. that does not work, because Puppet does assume cyclic dependencies then. And I have no clue whatsoever why. both statements go from file to service (or from service to file, however you like to put it), but I really don't see a cyclic dependency here. can anyone help me out? thanks in advance, axel. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/5UpZmaf6vyMJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Duplicate Class declaration error
Morning all I'm trying to get puppet setup to manage our env. I've managed to get the basic stuff working such as ntp, motd, users/groups, sudo, etc... I'm now starting to build a configuration framework for our applications, including java, glassfish, j2ee apps, etc... However I've hit a stumbling block... The relevant configuration is here: http://pastebin.com/Gc0ZRqKs The error I'm getting on a puppet agent run is: *[root@puppet-test ~]# puppet agent --test notice: Ignoring --listen on onetime run err: Could not retrieve catalog from remote server: Error 400 on SERVER: Duplicate declaration: Class[Act::Env::Java] is already declared; cannot redeclare at /etc/puppet/modules/act/manifests/env.pp:8 on node puppet-test.card.co.uk warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run* Any help on how I can resolve this issue would be greatly appreciated. Regards Gavin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/s_lG56uZVxYJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] How to automatically implement default configuration changes made by a package upgrade
Hi All, Sorry if this has been asked before but I am not entirely sure what to search for so as to get the answer I am looking for. I have recently started using puppet to manage our servers (we have 30 at the moment) and I have been posed the question of whether I wholesale change configs or make changes within. The reason this was asked is in the case of the following simplified example. Lets say I am managing the MySQL package and I would like it to stay up to the latest stable version, this is easy to implement. Lets then say that the latest MySQL version also makes a default change to the /etc/mysql/my.cnf configuration file that effects performance/security. As it stands this change would get lost because I am using a template to create the my.cnf config. The only way I can think of covering this problem is to essentially do a sed style operation and make all the changes I require in the my.cnf and add the lines if they aren't there. Is there a better way to approach this issue? Cheers for the help, Matthew -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/RRXJ0p22e90J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: notify vs. require of services
Am Mittwoch, 5. September 2012 11:25:51 UTC+2 schrieb R.I. Pienaar: why would you start a service before the config file is deployed? surely you want to configure the service before starting it? sure :) . that's what I meant, basically. so the common pattern is: package{something: ...} file{/etc/something/config: require = Package[something], notify = Service[something]} service{something:...} duh! thanks for that. obvious of course. thanks again! Axel. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/Y-mptuQCG50J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Weird variable dependency issue + different behavior between master/masterless
Hello all, I know that execution order is not guaranteed within a scope without explicitly declaring dependencies. However I've always been able to set variables in classes, and expect them to be used properly in templates that I declare in a File statement in the same class. It looks like I came across a problem with this yesterday : My class contains : $master_port = 6379 $master_host = $hostname ? { /(stage|live)-xx([a-d])-redis1/ = $1-yy$2-redis1, default = false, } file { /etc/redis/redis.conf: ensure = file, owner = root, group = root, mode= 0644, content = template(redis/redis.conf.erb), } And redis.conf.erb contains : % if master_host -% slaveof %= master_host % %= master_port % % end -% When the hostname matches the regexp, here's what I get in redis.conf depending on how I run puppet : - If I run puppet masterless using puppet apply testing.pp (with testing.pp being a simple manifest that just include the module that contains the class above) : slaveof live-yya-redis1 6379 This is fine - But if I run puppet through puppet agent --test, with the exact same manifest on the puppetmaster as locally, I get this : slaveof 6379 So, it looks like in the second case the master_host variable is definitely set (otherwise the if statement in the .erb would exit), but set to an empty string, while the other master_port variable, which is defined right next to it in the manifest, works fine ! Any idea why that should be ? Thanks ! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/Ve4XJQIpfFYJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] adding users on remote mysql
The problem is: when installing an application in a distributed environment I need to create the application DB on a remote host and not on the same host as the application. To make an example I'm going to install zabbix on host1 and the mysql db is on host2 I'll have to run the script to create the schema after having created the DB and user. That operation have to be done in the host2 since it will not be possible to have root access on host1. There is an interesting post on how to manage root password on the host2 on: http://bitfieldconsulting.com/puppet-and-mysql-create-databases-and-users But the post imply that you are working on the same host. Than there is the exported resources topic: http://docs.puppetlabs.com/guides/exported_resources.html The idea is ... could it be possible to take the define from the bitfieldconsulting and use it as a exported resource? define mysqldb( $user, $password ) { exec { create-${name}-db: unless = /usr/bin/mysql -u${user} -p${password} ${name}, command = /usr/bin/mysql -uroot -p$mysql_password -e \create database ${name}; grant all on ${name}.* to ${user}@localhost identified by '$password';\, require = Service[mysqld], } } This way: Create a define in the zabbix class that export the mysqldb resource define zabbix::mysqldb ($servername = $servername, $user= $user, $password= $password,$Db = $db){ @@mysqldb { $servername-$db: user = $user, password = $password,tag = new_user_for_mysql } } in the zabbix class class zabbix(...){ ... mysqldb('dbname': server = 'host2', passoword = 'pass', user = 'user') ... } and call from within the mysql node class mysql::server { package { mysql-server: ensure = installed } package { mysql: ensure = installed } service { mysqld: enable = true, ensure = running, require = Package[mysql-server], } file { /var/lib/mysql/my.cnf: owner = mysql, group = mysql, source = puppet:///mysql/my.cnf, notify = Service[mysqld], require = Package[mysql-server], } file { /etc/my.cnf: require = File[/var/lib/mysql/my.cnf], ensure = /var/lib/mysql/my.cnf, } exec { set-mysql-password: unless = mysqladmin -uroot -p$mysql_password status, path = [/bin, /usr/bin], command = mysqladmin -uroot password $mysql_password, require = Service[mysqld], } Mysqldb| tag == 'new_user_for_mysql' | } Could it work? Luca -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/ytNrEDY2IkMJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Module critique
On Tuesday, September 4, 2012 10:26:14 AM UTC-5, Bai Shen wrote: I've gotten an install of solr working, but it's pretty much a hack job at the moment. If y'all could give me your thoughts on how to improve my setup, I'd appreciate it. apache-tomcat is an rpm of Tomcat 7 that references the oracle jdk instead of openjdk. [...] class solr { Since Package['apache-tomcat'] is apparently declared in a different class, your should 'include' that class here. service { 'iptables' : ensure = stopped, } It's not a Puppet problem that your class stops iptables, but I sure find it questionable in a broader sense. If you're turning it off because you have a different local firewall installed (or because you have no IPv4 configured), then it would be more appropriate to manage that somewhere else. On the other hand, if you're turning it off because it interferes with SOLR, then you should address the problem by adding the appropriate firewall rules, not by shutting down your firewall. file { '/opt/apache-tomcat/conf/Catalina': ensure = directory, } file { '/opt/apache-tomcat/conf/Catalina/localhost': ensure = directory, } Supposing that directory /opt/apache-tomcat/conf belongs to Package['apache-tomcat'], File['/opt/apache-tomcat/conf/Catalina'] should 'require' that package or the class that declares it. The */localhost file will automatically require the File managing its parent directory, however, so you don't need an explicit relationship there. Does neither or those directories belong to the RPM, though? If they do, then you're gaining nothing but complexity and cycle burn by declaring them as you do above. file { '/opt/apache-tomcat/conf/Catalina/localhost/solr.xml': source = 'puppet:///modules/solr/solr.xml', owner = 'tomcat', group = 'tomcat', mode = '644', notify = Service['apache-tomcat'], require = Package['apache-tomcat'], } file { '/opt/apache-tomcat/conf/server.xml': source = 'puppet:///modules/solr/server.xml', owner = 'tomcat', group = 'tomcat', mode = '644', notify = Service['apache-tomcat'], require = Package['apache-tomcat'], } file { '/opt/solr': ensure = directory, recurse = true, purge = true, source = 'puppet:///modules/solr/solr', owner = 'tomcat', group = 'tomcat', mode = '644', notify = Service['apache-tomcat'], require = Package['apache-tomcat'], } file { '/opt/solr/solr.war': ensure = 'link', target = '/opt/solr/apache-solr-3.6.1.war', } I strongly recommend that you build a native package for SOLR, put it in a local repository, and ensure it installed via a Puppet Package resource. Recursive directory management will bite you, especially if there are many files or large ones, plus using packages is in general a major win. You can package up your custom SOLR configuration files along with, or manage just those via File resources as you are now doing; either is fine. file { '/solr': ensure = directory, owner = 'tomcat', group = 'tomcat' } No software should require its own subdirectory of the filesystem root. I'm not sure what that directory is for, but the appropriate place for it is likely to be under one of /var/lib, /usr/share, or /opt/solr. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/Vgv4PArhw5oJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Weird variable dependency issue + different behavior between master/masterless
On Wednesday, September 5, 2012 5:09:52 AM UTC-5, renaud wrote: Hello all, I know that execution order is not guaranteed within a scope without explicitly declaring dependencies. However I've always been able to set variables in classes, and expect them to be used properly in templates that I declare in a File statement in the same class. Indeed you should be able to rely on that, for the correct definition of properly. It looks like I came across a problem with this yesterday : My class contains : $master_port = 6379 $master_host = $hostname ? { /(stage|live)-xx([a-d])-redis1/ = $1-yy$2-redis1, default = false, } file { /etc/redis/redis.conf: ensure = file, owner = root, group = root, mode= 0644, content = template(redis/redis.conf.erb), } And redis.conf.erb contains : % if master_host -% slaveof %= master_host % %= master_port % % end -% When the hostname matches the regexp, here's what I get in redis.conf depending on how I run puppet : - If I run puppet masterless using puppet apply testing.pp (with testing.pp being a simple manifest that just include the module that contains the class above) : slaveof live-yya-redis1 6379 This is fine - But if I run puppet through puppet agent --test, with the exact same manifest on the puppetmaster as locally, I get this : slaveof 6379 So, it looks like in the second case the master_host variable is definitely set (otherwise the if statement in the .erb would exit), but set to an empty string, while the other master_port variable, which is defined right next to it in the manifest, works fine ! Any idea why that should be ? The Puppet templating docs recommend referring to DSL variables via Ruby class variables, so as @master_host and @master_port in your case. Referring to them via local variables (as your template does) will often work, but it can fail in interesting ways if your variables happen to have the same name as in-scope local variables of the Puppet application. I think that's what has happened to you. I suspect that the conflicting master_* variables belong to the puppet master code (makes sense), so it is plausible that they are not in scope when you apply your class via puppet apply, whereas they are in scope when the template is processed by the master in order to service puppet agent. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/AbYxW9qErd0J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] create_resources function returns error can't convert Array into Hash
I have written a custom function that returns a hash of data to be used by the *create_resources* function. class network::multiroute::mhpeers ( ) { $routes = gen_ip_routes(gw.uk) create_resources(network::multiroute::mhpeer, $routes) } However, on the puppet client I get err: Could not retrieve catalog from remote server: Error 400 on SERVER: can't convert Array into Hash My custom function https://gist.github.com/796ad5b9d81c01d1dced returns the following data structure: {10.100.0.9={dstip=10.100.0.10, dsthost=gw1.uk}, 10.100.0.46={dstip=10.100.0.45, dsthost=gw1.fr}, 10.100.0.17={dstip=10.100.0.18, dsthost=gw2.us}, 10.100.0.13={dstip=10.100.0.14, dsthost=gw1.us}} Based on the puppet sourcehttps://github.com/puppetlabs/puppet/blob/master/lib/puppet/parser/functions/create_resources.rb the rdoc states: The hash should be in the form `{title = {parameters} }` I believe I am returning the hash in the correct format so I am confused as to what the problem could be. I've been stuck on this issue for quite some time, any pointers would be really appreciated! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/h4EyleCsPLsJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: How to automatically implement default configuration changes made by a package upgrade
Hi Matthew, Some of this depends on your package manager. For example, on RedHat, if you take puppet completely out of the picture: 1) I install mysql from yum 2) I modify my.cnf 3) I upgrade mysql via yum In this case, if there was a configuration change to my.cnf by redhat, I won't get them. Instead, the new configuration file will be created at /etc/mysql/my.cnf.rpmnew, and it's up to me to do the diffing and merging on my own. I'm not for sure what Debian/Ubuntu do in these cases. So you see, it's more of a package management question. However Puppet will support you if you choose to implement your configurations in a certain way. Example: 1) I install mysql via yum 2) I make my configuration changes in /etc/mysql.d/network.conf This is considered best practice by most exactly because of this reason -- your changes are in a file that is separate from, and overrides the shipped configuration file. When using puppet, it's not different from doing it yourself. Also, some daemons support .d includes like that, but the actual Include /etc/mysql.d statement isn't enabled in the default configuration file shipped by the upstream maintainer. In cases such as that, I either use file_line() from puppetlabs-stdlib, or if it's more involved, augeas resources will handle that too. Both of those are better than resorting to exec + sed. Hope that helps, Justin On Tuesday, September 4, 2012 7:01:06 PM UTC-5, Matthew Morgan wrote: Hi All, Sorry if this has been asked before but I am not entirely sure what to search for so as to get the answer I am looking for. I have recently started using puppet to manage our servers (we have 30 at the moment) and I have been posed the question of whether I wholesale change configs or make changes within. The reason this was asked is in the case of the following simplified example. Lets say I am managing the MySQL package and I would like it to stay up to the latest stable version, this is easy to implement. Lets then say that the latest MySQL version also makes a default change to the /etc/mysql/my.cnf configuration file that effects performance/security. As it stands this change would get lost because I am using a template to create the my.cnf config. The only way I can think of covering this problem is to essentially do a sed style operation and make all the changes I require in the my.cnf and add the lines if they aren't there. Is there a better way to approach this issue? Cheers for the help, Matthew -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/8aNJz4MmCnAJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Could not retrieve catalog from remote server: end of file reached
On Tuesday, July 24, 2012 12:47:09 PM UTC-4, Matt Wise wrote: I've got a few puppet servers running behind Nginx, load balanced with an ELB. I occasionally see this error in bursts.. Tue Jul 24 09:41:23 + 2012 Puppet (err): Could not retrieve catalog from remote server: end of file reached Tue Jul 24 09:41:24 + 2012 Puppet (err): Could not retrieve catalog; skipping run I don't see any obvious accompanying errors on the Puppet master sides... any thoughts on what this might be? Did you have any luck in resolving this issue? The problem has just arisen for me when working with Eucalyptus nodes (I'm calling puppet agent ... to bootstrap from /etc/rc.local). I am running mod_passenger on the Puppet master. This is a single master, single agent setup. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/0htYlM-hmwwJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: notify vs. require of services
On Wednesday, September 5, 2012 3:47:04 AM UTC-5, Axel Bock wrote: Hi readers, I had this idea. I am deploying a configuration file of a service with puppet, and I want to restart the service if the file changes. so I had this idea that the file definition contains a require= and a notify= for the service. that does not work, because Puppet does assume cyclic dependencies then. And I have no clue whatsoever why. both statements go from file to service (or from service to file, however you like to put it), but I really don't see a cyclic dependency here. I see that RIP gave you something you can use, but it's not clear whether you figured out your underlying misunderstanding about relationships. In particular, you seem to have been missing the point that relationships are directional, or perhaps you mistook the direction of the 'notify' relationship. The 'notify' relationships have directionality as 'before' relationships, opposite to that of 'require', and in fact 'notify' is best viewed as a specialization of 'before'. That is why you had a cycle. Moreover, no resource ever needs to declare more than one type of relationship with the same other resource. 'notify' is a specialization of 'before', so you don't need both or those, 'subscribe' is a specialization of 'require', so you don't need both of those, and all the other mixed pairs represent cycles. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/rj32woVGkmAJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] create_resources function returns error can't convert Array into Hash
On Wed, Sep 5, 2012 at 7:05 AM, JeremyCampbell jeremycampbel...@gmail.comwrote: I have written a custom function that returns a hash of data to be used by the *create_resources* function. class network::multiroute::mhpeers ( ) { $routes = gen_ip_routes(gw.uk) create_resources(network::multiroute::mhpeer, $routes) } However, on the puppet client I get err: Could not retrieve catalog from remote server: Error 400 on SERVER: can't convert Array into Hash can you try this with --trace and post the output? also,can you put the following line before the call to create_resources just to verify the data structure? $foo = inline_template(% puts routes.inspect %) also, could you try quoting the name of the defined type? 'network:: multiroute::mhpeer' My custom function https://gist.github.com/796ad5b9d81c01d1dced returns the following data structure: {10.100.0.9={dstip=10.100.0.10, dsthost=gw1.uk}, 10.100.0.46={dstip=10.100.0.45, dsthost=gw1.fr}, 10.100.0.17={dstip=10.100.0.18, dsthost=gw2.us}, 10.100.0.13={dstip=10.100.0.14, dsthost=gw1.us}} Based on the puppet sourcehttps://github.com/puppetlabs/puppet/blob/master/lib/puppet/parser/functions/create_resources.rb the rdoc states: The hash should be in the form `{title = {parameters} }` I believe I am returning the hash in the correct format so I am confused as to what the problem could be. I've been stuck on this issue for quite some time, any pointers would be really appreciated! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/h4EyleCsPLsJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Weird variable dependency issue + different behavior between master/masterless
Thanks John, The Puppet templating docs recommend referring to DSL variables via Ruby class variables, so as @master_host and @master_port in your case. Referring to them via local variables (as your template does) will often work, but it can fail in interesting ways if your variables happen to have the same name as in-scope local variables of the Puppet application. I think that's what has happened to you. Indeed I've seen this since posting and started addressing my variables with @. This didn't help unfortunately. I suspect that the conflicting master_* variables belong to the puppet master code (makes sense), so it is plausible that they are not in scope when you apply your class via puppet apply, whereas they are in scope when the template is processed by the master in order to service puppet agent. ... and I also thought of this, so I prepended redis_ in front of my variable names. Unfortunately this still didn't help. To clarify, my template now looks like this : % if @redis_master_host -% slaveof %= @redis_master_host % %= @redis_master_port % % end -% -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/WOa4y3ENoH4J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Weird variable dependency issue + different behavior between master/masterless
I should add that I've added a 'notice' statement for debugging, which again shows the correct things when the manifest is applied manually, but doesn't seem to be executed (at all) when run through the puppetmaster On Wednesday, September 5, 2012 3:19:07 PM UTC+1, renaud wrote: Thanks John, The Puppet templating docs recommend referring to DSL variables via Ruby class variables, so as @master_host and @master_port in your case. Referring to them via local variables (as your template does) will often work, but it can fail in interesting ways if your variables happen to have the same name as in-scope local variables of the Puppet application. I think that's what has happened to you. Indeed I've seen this since posting and started addressing my variables with @. This didn't help unfortunately. I suspect that the conflicting master_* variables belong to the puppet master code (makes sense), so it is plausible that they are not in scope when you apply your class via puppet apply, whereas they are in scope when the template is processed by the master in order to service puppet agent. ... and I also thought of this, so I prepended redis_ in front of my variable names. Unfortunately this still didn't help. To clarify, my template now looks like this : % if @redis_master_host -% slaveof %= @redis_master_host % %= @redis_master_port % % end -% -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/VGtWq84BqWkJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] create_resources function returns error can't convert Array into Hash
On Wednesday, September 5, 2012 4:15:31 PM UTC+2, Dan Bode wrote: On Wed, Sep 5, 2012 at 7:05 AM, JeremyCampbell jeremyca...@gmail.comjavascript: wrote: I have written a custom function that returns a hash of data to be used by the *create_resources* function. class network::multiroute::mhpeers ( ) { $routes = gen_ip_routes(gw.uk) create_resources(network::multiroute::mhpeer, $routes) } However, on the puppet client I get err: Could not retrieve catalog from remote server: Error 400 on SERVER: can't convert Array into Hash can you try this with --trace and post the output? # puppet agent --test --server devbox --trace info: Retrieving plugin info: Loading facts in /var/lib/puppet/lib/facter/defgw_ipv4.rb info: Loading facts in /var/lib/puppet/lib/facter/puppet_vardir.rb info: Loading facts in /var/lib/puppet/lib/facter/virtual.rb info: Loading facts in /var/lib/puppet/lib/facter/root_home.rb /usr/lib/ruby/site_ruby/1.8/puppet/indirector/rest.rb:56:in `deserialize' /usr/lib/ruby/site_ruby/1.8/puppet/indirector/rest.rb:126:in `find' /usr/lib/ruby/site_ruby/1.8/puppet/indirector/indirection.rb:195:in `find' /usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:239:in `retrieve_new_catalog' /usr/lib/ruby/site_ruby/1.8/puppet/util.rb:493:in `thinmark' /usr/lib/ruby/1.8/benchmark.rb:308:in `realtime' /usr/lib/ruby/site_ruby/1.8/puppet/util.rb:492:in `thinmark' /usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:238:in `retrieve_new_catalog' /usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:86:in `retrieve_catalog' /usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:112:in `retrieve_and_apply_catalog' /usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:152:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:43:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/agent/locker.rb:21:in `lock' /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:43:in `run' /usr/lib/ruby/1.8/sync.rb:230:in `synchronize' /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:43:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:95:in `with_client' /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:41:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:172:in `call' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:172:in `controlled_run' /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:39:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/application/agent.rb:339:in `onetime' /usr/lib/ruby/site_ruby/1.8/puppet/application/agent.rb:313:in `run_command' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:309:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:416:in `hook' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:309:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:407:in `exit_on_fail' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:309:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/util/command_line.rb:69:in `execute' /usr/bin/puppet:4 err: Could not retrieve catalog from remote server: Error 400 on SERVER: can't convert Array into Hash at /etc/puppet/puppet/modules/network/manifests/multiroute/mhpeers.pp:7 on node gw1.zz warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run also,can you put the following line before the call to create_resources just to verify the data structure? $foo = inline_template(% puts routes.inspect %) I've done that but I'm not sure where/what output you expect. Please advise. also, could you try quoting the name of the defined type? 'network:: multiroute::mhpeer' Ok, Ive done this, but it doesn't make any difference. My custom function https://gist.github.com/796ad5b9d81c01d1dcedreturns the following data structure: {10.100.0.9={dstip=10.100.0.10, dsthost=gw1.uk}, 10.100.0.46={dstip=10.100.0.45, dsthost=gw1.fr}, 10.100.0.17={dstip=10.100.0.18, dsthost=gw2.us}, 10.100.0.13={dstip=10.100.0.14, dsthost=gw1.us}} Based on the puppet sourcehttps://github.com/puppetlabs/puppet/blob/master/lib/puppet/parser/functions/create_resources.rb the rdoc states: The hash should be in the form `{title = {parameters} }` I believe I am returning the hash in the correct format so I am confused as to what the problem could be. I've been stuck on this issue for quite some time, any pointers would be really appreciated! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/h4EyleCsPLsJ. To post to this group, send email to puppet...@googlegroups.comjavascript: . To unsubscribe from this group, send email to puppet-users...@googlegroups.com javascript:. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/V4MvJx5TfXAJ. To post to this group, send email to
[Puppet Users] Re: Weird variable dependency issue + different behavior between master/masterless
I've found the problem ! $1-yy$2-redis1 just didn't work on the puppetmaster, it needs better escaping : ${1}-yy${2}-redis1 I'd still be interested to know the reason for that, and also why my 'notice' statement had no output when run from puppetmaster. On Wednesday, September 5, 2012 3:24:10 PM UTC+1, renaud wrote: I should add that I've added a 'notice' statement for debugging, which again shows the correct things when the manifest is applied manually, but doesn't seem to be executed (at all) when run through the puppetmaster On Wednesday, September 5, 2012 3:19:07 PM UTC+1, renaud wrote: Thanks John, The Puppet templating docs recommend referring to DSL variables via Ruby class variables, so as @master_host and @master_port in your case. Referring to them via local variables (as your template does) will often work, but it can fail in interesting ways if your variables happen to have the same name as in-scope local variables of the Puppet application. I think that's what has happened to you. Indeed I've seen this since posting and started addressing my variables with @. This didn't help unfortunately. I suspect that the conflicting master_* variables belong to the puppet master code (makes sense), so it is plausible that they are not in scope when you apply your class via puppet apply, whereas they are in scope when the template is processed by the master in order to service puppet agent. ... and I also thought of this, so I prepended redis_ in front of my variable names. Unfortunately this still didn't help. To clarify, my template now looks like this : % if @redis_master_host -% slaveof %= @redis_master_host % %= @redis_master_port % % end -% -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/IBMdE03E1D4J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] create_resources function returns error can't convert Array into Hash
On Wed, Sep 5, 2012 at 8:15 AM, JeremyCampbell jeremycampbel...@gmail.comwrote: On Wednesday, September 5, 2012 4:15:31 PM UTC+2, Dan Bode wrote: On Wed, Sep 5, 2012 at 7:05 AM, JeremyCampbell jeremyca...@gmail.comwrote: I have written a custom function that returns a hash of data to be used by the *create_resources* function. class network::multiroute::mhpeers ( ) { $routes = gen_ip_routes(gw.uk) create_resources(network::**multiroute::mhpeer, $routes) } However, on the puppet client I get err: Could not retrieve catalog from remote server: Error 400 on SERVER: can't convert Array into Hash can you try this with --trace and post the output? # puppet agent --test --server devbox --trace info: Retrieving plugin info: Loading facts in /var/lib/puppet/lib/facter/defgw_ipv4.rb info: Loading facts in /var/lib/puppet/lib/facter/puppet_vardir.rb info: Loading facts in /var/lib/puppet/lib/facter/virtual.rb info: Loading facts in /var/lib/puppet/lib/facter/root_home.rb /usr/lib/ruby/site_ruby/1.8/puppet/indirector/rest.rb:56:in `deserialize' /usr/lib/ruby/site_ruby/1.8/puppet/indirector/rest.rb:126:in `find' /usr/lib/ruby/site_ruby/1.8/puppet/indirector/indirection.rb:195:in `find' /usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:239:in `retrieve_new_catalog' /usr/lib/ruby/site_ruby/1.8/puppet/util.rb:493:in `thinmark' /usr/lib/ruby/1.8/benchmark.rb:308:in `realtime' /usr/lib/ruby/site_ruby/1.8/puppet/util.rb:492:in `thinmark' /usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:238:in `retrieve_new_catalog' /usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:86:in `retrieve_catalog' /usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:112:in `retrieve_and_apply_catalog' /usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:152:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:43:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/agent/locker.rb:21:in `lock' /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:43:in `run' /usr/lib/ruby/1.8/sync.rb:230:in `synchronize' /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:43:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:95:in `with_client' /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:41:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:172:in `call' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:172:in `controlled_run' /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:39:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/application/agent.rb:339:in `onetime' /usr/lib/ruby/site_ruby/1.8/puppet/application/agent.rb:313:in `run_command' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:309:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:416:in `hook' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:309:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:407:in `exit_on_fail' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:309:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/util/command_line.rb:69:in `execute' /usr/bin/puppet:4 err: Could not retrieve catalog from remote server: Error 400 on SERVER: can't convert Array into Hash at /etc/puppet/puppet/modules/network/manifests/multiroute/mhpeers.pp:7 on node gw1.zz warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run actually, I care way more about --trace on the master also,can you put the following line before the call to create_resources just to verify the data structure? $foo = inline_template(% puts routes.inspect %) I've done that but I'm not sure where/what output you expect. Please advise. This should print the actual data structure in the masters logs. I would recommend just running the master from the foreground and looking for this output. also, could you try quoting the name of the defined type? 'network:: multiroute::mhpeer' Ok, Ive done this, but it doesn't make any difference. ok, it was worth a try, that would have been easy :) My custom function https://gist.github.com/796ad5b9d81c01d1dcedreturns the following data structure: {10.100.0.9={dstip=10.**100.0.10, dsthost=gw1.uk}, 10.100.0.46={dstip=10.**100.0.45, dsthost=gw1.fr}, 10.100.0.17={dstip=10.**100.0.18, dsthost=gw2.us}, 10.100.0.13={dstip=10.**100.0.14, dsthost=gw1.us}} Based on the puppet sourcehttps://github.com/puppetlabs/puppet/blob/master/lib/puppet/parser/functions/create_resources.rb the rdoc states: The hash should be in the form `{title = {parameters} }` I believe I am returning the hash in the correct format so I am confused as to what the problem could be. I've been stuck on this issue for quite some time, any pointers would be really appreciated! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/** msg/puppet-users/-/**h4EyleCsPLsJhttps://groups.google.com/d/msg/puppet-users/-/h4EyleCsPLsJ . To post to this group, send email to puppet...@googlegroups.com. To unsubscribe
[Puppet Users] Re: How to automatically implement default configuration changes made by a package upgrade
Hi Matthew, We are on Red Hat and do the following with config files which will be updated after yum update. - our own customized config files of the rpm are in Puppet with an addon for rpm nameversion (for instance; files/lvm.conf_lvm2-2.02.88-7.el5) - we have a custom facter which determines this version (for instance; facter lvm2version) - when we do an update in our sandbox environment the new rpm will create rpmnew (for instance; /etc/lvm/lvm.conf.rpmnew) - after update we check on all created rpmnew/rpmsave files - do a puppet run with noop, it will stop as there is no new version of the config file in Puppet available - we merge the current and rmpnew into a new config file in Puppet (files/lvm.conf_lvm2-3.02.88-7.el5) - do a puppet run and should be fine, new config file with Red Hat changes and our own changes. Stefan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/tAnhkbEAVd4J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Starting service as non root user with puppet
Hi, I have an ubuntu system with some of our own services on it. I prefer to run these services as a non-root user. I can control the services using upstart as a non root user and can start and stop the service using initctl without any problems. I'm trying to use puppet to start and stop these services; however, it's not obvious if it is possible. A suboptimal approach appears to be one in which I create a service.conf file in /etc/init - this service.conf file can su to the user and run the service. I think this is suboptimal, as it's not working with the user level control mechanisms that have already been designed into upstart. So I'm wondering if there is any way to instruct puppet to automatically become a specific user before starting a specific service (presumably using initctl in the case of ubuntu). Thoughts/pointers appreciated. BR, Seán. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Is there a puppet module for tomcat and apache
Is there a puppet module for tomcat and another one for apache? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/mQ_MgkwB0z0J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Weird variable dependency issue + different behavior between master/masterless
- Original Message - From: renaud ren...@renaudguerin.net To: puppet-users@googlegroups.com Sent: Wednesday, September 5, 2012 4:20:17 PM Subject: [Puppet Users] Re: Weird variable dependency issue + different behavior between master/masterless I've found the problem ! $1-yy$2-redis1 just didn't work on the puppetmaster, it needs better escaping : ${1}-yy${2}-redis1 I'd still be interested to know the reason for that, and also why my 'notice' statement had no output when run from puppetmaster. are the agents and masters the same version? There was some change in behavior between some versions wrt to -'s in variable names, you should always fo ${foo} inside quotes -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Weird variable dependency issue + different behavior between master/masterless
That was the problem indeed. The agent was 2.7.19 and the master 2.7.14. Thanks ! On Wednesday, September 5, 2012 4:38:58 PM UTC+1, R.I. Pienaar wrote: - Original Message - From: renaud ren...@renaudguerin.net javascript: To: puppet...@googlegroups.com javascript: Sent: Wednesday, September 5, 2012 4:20:17 PM Subject: [Puppet Users] Re: Weird variable dependency issue + different behavior between master/masterless I've found the problem ! $1-yy$2-redis1 just didn't work on the puppetmaster, it needs better escaping : ${1}-yy${2}-redis1 I'd still be interested to know the reason for that, and also why my 'notice' statement had no output when run from puppetmaster. are the agents and masters the same version? There was some change in behavior between some versions wrt to -'s in variable names, you should always fo ${foo} inside quotes -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/CUHNNDoL_s0J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] create_resources function returns error can't convert Array into Hash
On Wed, Sep 5, 2012 at 8:37 AM, JeremyCampbell jeremycampbel...@gmail.comwrote: On Wednesday, September 5, 2012 5:20:49 PM UTC+2, Dan Bode wrote: On Wed, Sep 5, 2012 at 8:15 AM, JeremyCampbell jeremyca...@gmail.comwrote: On Wednesday, September 5, 2012 4:15:31 PM UTC+2, Dan Bode wrote: On Wed, Sep 5, 2012 at 7:05 AM, JeremyCampbell jeremyca...@gmail.comwrote: I have written a custom function that returns a hash of data to be used by the *create_resources* function. class network::multiroute::mhpeers ( ) { $routes = gen_ip_routes(gw.uk) create_resources(network::**mult**iroute::mhpeer, $routes) } However, on the puppet client I get err: Could not retrieve catalog from remote server: Error 400 on SERVER: can't convert Array into Hash can you try this with --trace and post the output? # puppet agent --test --server devbox --trace info: Retrieving plugin info: Loading facts in /var/lib/puppet/lib/facter/**defgw_ipv4.rb info: Loading facts in /var/lib/puppet/lib/facter/**puppet_vardir.rb info: Loading facts in /var/lib/puppet/lib/facter/**virtual.rb info: Loading facts in /var/lib/puppet/lib/facter/**root_home.rb /usr/lib/ruby/site_ruby/1.8/**puppet/indirector/rest.rb:56:**in `deserialize' /usr/lib/ruby/site_ruby/1.8/**puppet/indirector/rest.rb:126:**in `find' /usr/lib/ruby/site_ruby/1.8/**puppet/indirector/indirection.**rb:195:in `find' /usr/lib/ruby/site_ruby/1.8/**puppet/configurer.rb:239:in `retrieve_new_catalog' /usr/lib/ruby/site_ruby/1.8/**puppet/util.rb:493:in `thinmark' /usr/lib/ruby/1.8/benchmark.**rb:308:in `realtime' /usr/lib/ruby/site_ruby/1.8/**puppet/util.rb:492:in `thinmark' /usr/lib/ruby/site_ruby/1.8/**puppet/configurer.rb:238:in `retrieve_new_catalog' /usr/lib/ruby/site_ruby/1.8/**puppet/configurer.rb:86:in `retrieve_catalog' /usr/lib/ruby/site_ruby/1.8/**puppet/configurer.rb:112:in `retrieve_and_apply_catalog' /usr/lib/ruby/site_ruby/1.8/**puppet/configurer.rb:152:in `run' /usr/lib/ruby/site_ruby/1.8/**puppet/agent.rb:43:in `run' /usr/lib/ruby/site_ruby/1.8/**puppet/agent/locker.rb:21:in `lock' /usr/lib/ruby/site_ruby/1.8/**puppet/agent.rb:43:in `run' /usr/lib/ruby/1.8/sync.rb:230:**in `synchronize' /usr/lib/ruby/site_ruby/1.8/**puppet/agent.rb:43:in `run' /usr/lib/ruby/site_ruby/1.8/**puppet/agent.rb:95:in `with_client' /usr/lib/ruby/site_ruby/1.8/**puppet/agent.rb:41:in `run' /usr/lib/ruby/site_ruby/1.8/**puppet/application.rb:172:in `call' /usr/lib/ruby/site_ruby/1.8/**puppet/application.rb:172:in `controlled_run' /usr/lib/ruby/site_ruby/1.8/**puppet/agent.rb:39:in `run' /usr/lib/ruby/site_ruby/1.8/**puppet/application/agent.rb:**339:in `onetime' /usr/lib/ruby/site_ruby/1.8/**puppet/application/agent.rb:**313:in `run_command' /usr/lib/ruby/site_ruby/1.8/**puppet/application.rb:309:in `run' /usr/lib/ruby/site_ruby/1.8/**puppet/application.rb:416:in `hook' /usr/lib/ruby/site_ruby/1.8/**puppet/application.rb:309:in `run' /usr/lib/ruby/site_ruby/1.8/**puppet/application.rb:407:in `exit_on_fail' /usr/lib/ruby/site_ruby/1.8/**puppet/application.rb:309:in `run' /usr/lib/ruby/site_ruby/1.8/**puppet/util/command_line.rb:**69:in `execute' /usr/bin/puppet:4 err: Could not retrieve catalog from remote server: Error 400 on SERVER: can't convert Array into Hash at /etc/puppet/puppet/modules/** network/manifests/multiroute/**mhpeers.pp:7 on node gw1.zz warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run actually, I care way more about --trace on the master Sorry Dan, I should have realized you meant on the master. See below - is this what you expected? yep, although it looks completely valid. Can you share the result of --trace from the master? $ sudo /usr/sbin/puppetmasterd --no-daemonize --trace {10.100.0.10={dsthost=gw1.nl, dstip=10.100.0.9}, 10.100.0.34={dsthost=gw1.fr, dstip=10.100.0.33}, 10.100.0.6={dsthost=gw2.us, dstip=10.100.0.5}, 10.100.0.2={dsthost=gw1.us, dstip=10.100.0.1}, 10.100.0.22={dsthost=gw2.nl, dstip=10.100.0.21}} also,can you put the following line before the call to create_resources just to verify the data structure? $foo = inline_template(% puts routes.inspect %) I've done that but I'm not sure where/what output you expect. Please advise. This should print the actual data structure in the masters logs. I would recommend just running the master from the foreground and looking for this output. also, could you try quoting the name of the defined type? 'network:: multiroute::mhpeer' Ok, Ive done this, but it doesn't make any difference. ok, it was worth a try, that would have been easy :) My custom function https://gist.github.com/796ad5b9d81c01d1dcedreturns the following data structure: {10.100.0.9={dstip=10.**1**00.0.10, dsthost=gw1.uk}, 10.100.0.46={dstip=10.**1**00.0.45, dsthost=gw1.fr}, 10.100.0.17={dstip=10.**1**00.0.18, dsthost=gw2.us}, 10.100.0.13={dstip=10.**1**00.0.14, dsthost=gw1.us}}
[Puppet Users] Nagios and www-data users.
I'm sure people have hit this problem before. In my nagios module, the nagios command pipe file at /var/lib/nagios3/rw/nagios.cmd is owned by the nagios user, but needs to be written to by the www-data user. Adding the www-user to the nagios group is one solution, but that requires that the nagios module potentially modify the www-data user, which seems bad. What's the best way to do this? I tried to explicitly define the www-data user in it's own class, and then create another nagios class that inherits from that so that I could do plusignment, but I obviously have the syntax wrong. Puppet doesn't like this. class nagios::users inherits users::www-data { User['www-data'] { group + ['nagios'] } } Doug -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Facter does not deliver ip addresses
Hi, How does your ifconfig -a output looks like? Suspects: https://github.com/puppetlabs/facter/blob/master/lib/facter/interfaces.rb https://github.com/puppetlabs/facter/blob/master/lib/facter/util/ip.rb KW On Wednesday, 5 September 2012 09:52:03 UTC+1, Axel Bock wrote: Hello, @Joseph: not yet. @Eric: sure :) . SLES 11 SP2, and the output is here: http://pastebin.com/jqgNmewk But I have an idea. I have another host where it still works. The host it stopped working on has two IP addresses configured on one (!) network device. so an ip a gives me: [...] 2: eth0: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:50:56:99:05:02 brd ff:ff:ff:ff:ff:ff *inet 130.250.8.15/24 *brd 130.250.8.255 scope global eth0 *inet 130.250.8.20/24 *brd 130.250.8.255 scope global secondary eth0 [...] Maybe this is not actually covered by the detection algorithm of facter? :) Anyway, thanks for your help! Axel. Am Dienstag, 4. September 2012 23:57:08 UTC+2 schrieb Eric Sorenson: Hi Axel - what OS? What version of Facter? What does the output of your 'ifconfig -a' (or local equivalent) look like? Could you please run 'facter --debug' and pastebin the output somewhere? On Monday, August 20, 2012 1:19:39 AM UTC-7, Axel Bock wrote: Hi readers, another problem of mine. A host which worked just fine on friday is now not able to find out its own IP address. The reason is pretty simple as far as I have figured out: Facter. Facter returns the network interfaces just fine: interfaces=eth0,eth1, but then the ipaddress_ETHx entries are completely missing. Any idea what could be the cause of this? Thanks in advance greetings, Axel. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/fR9hLVhv3bsJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: adding users on remote mysql
OK I tryed to apply the idea and it seems to work up to the fact that the db host forget the root password I'm using puppetlabs mysql module and doing this in node hostdb class { 'mysql::server': config_hash = {root_password = 'changeme',} } Mysql::Db | tag == 'new_db' | on host zabbix i do addmysqldb{'prova':servername = '', user = 'zabbix', password = 'zab01', db = 'zabbix'} where addmysqldb is: define addmysqldb( $servername, $user, $password, $db ) { @@mysql::db { $db: user = $user, password = $password, host = $::hostname, grant= ['all'], tag = 'new_db' } notice(User ${user}) notice(Password ${password}) } Any hint on why it looses the password it states access denied for user 'root'@'localhost' using password NO But if I enter mysql using the changeme password from cli I access mysql. How can I make @@mysql::db remember the password? Thanks Luca Il giorno mercoledì 5 settembre 2012 15:44:45 UTC+2, Luca Gioppo ha scritto: The problem is: when installing an application in a distributed environment I need to create the application DB on a remote host and not on the same host as the application. To make an example I'm going to install zabbix on host1 and the mysql db is on host2 I'll have to run the script to create the schema after having created the DB and user. That operation have to be done in the host2 since it will not be possible to have root access on host1. There is an interesting post on how to manage root password on the host2 on: http://bitfieldconsulting.com/puppet-and-mysql-create-databases-and-users But the post imply that you are working on the same host. Than there is the exported resources topic: http://docs.puppetlabs.com/guides/exported_resources.html The idea is ... could it be possible to take the define from the bitfieldconsulting and use it as a exported resource? define mysqldb( $user, $password ) { exec { create-${name}-db: unless = /usr/bin/mysql -u${user} -p${password} ${name}, command = /usr/bin/mysql -uroot -p$mysql_password -e \create database ${name}; grant all on ${name}.* to ${user}@localhost identified by '$password';\, require = Service[mysqld], } } This way: Create a define in the zabbix class that export the mysqldb resource define zabbix::mysqldb ($servername = $servername, $user= $user, $password= $password,$Db = $db){ @@mysqldb { $servername-$db: user = $user, password = $password,tag = new_user_for_mysql } } in the zabbix class class zabbix(...){ ... mysqldb('dbname': server = 'host2', passoword = 'pass', user = 'user') ... } and call from within the mysql node class mysql::server { package { mysql-server: ensure = installed } package { mysql: ensure = installed } service { mysqld: enable = true, ensure = running, require = Package[mysql-server], } file { /var/lib/mysql/my.cnf: owner = mysql, group = mysql, source = puppet:///mysql/my.cnf, notify = Service[mysqld], require = Package[mysql-server], } file { /etc/my.cnf: require = File[/var/lib/mysql/my.cnf], ensure = /var/lib/mysql/my.cnf, } exec { set-mysql-password: unless = mysqladmin -uroot -p$mysql_password status, path = [/bin, /usr/bin], command = mysqladmin -uroot password $mysql_password, require = Service[mysqld], } Mysqldb| tag == 'new_user_for_mysql' | } Could it work? Luca -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/qts-WyFDIckJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Custom type obligatory field?
Hi. I've been trying to develop a module for managing Cobbler from puppet. So, I need a custom type - cobblerdistro, which will fetch ISO from http, unpack it at desired destination and register distro with Cobbler. I have one issue with ensure = absent situation. First of all, here is my type: code # cat type/cobblerdistro.rb Puppet::Type.newtype(:cobblerdistro) do @doc = Manages the Cobbler distros. A typical rule will look like this: distro {'CentOS-6.3-x86_64': ensure = present, arch= 'x86_64', isolink = 'http://mi.mirror.garr.it/mirrors/CentOS/6.3/isos/x86_64/CentOS-6.3-x86_64-bin-DVD1.iso', } This rule would ensure that the kernel swappiness setting be set to '20' desc The cobbler distro type ensurable newparam(:name) do isnamevar desc The name of the distro, that will create subdir in $distro end newparam(:arch) do desc The architecture of distro (x86_64 or i386). newvalues(:x86_64, :i386) munge do |value| # fix values case value when :amd64 :x86_64 when :i86pc :i386 else super end end end newparam(:isolink) do desc The link of the distro ISO image. validate do |value| unless value =~ /^http:.*iso/ raise ArgumentError, %s is not a valid link to ISO image. % value end end end newparam(:destdir) do desc The link of the distro ISO image. validate do |value| unless Pathname.new(value).absolute? raise ArgumentError, Full pathname must be set end end end end /code Now, how can I ensure that destdir param is obligatory? I don't want my provider to run at all, if destdir is not specified in the resource. So, for example, I want to spew error if user writes this code: cobblerdistro {'CentOS-6.3-x86_64': ensure = absent, } and want this to be a minimal code snippet cobblerdistro {'CentOS-6.3-x86_64': ensure = absent, destdir = '/distro', } Otherwise, I have to hardcode the destination directory for distribution releases and I don't want to do that :( -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Override param from parametrized class?
Hi. I've seen in many modules at puppet-forge this kind of organization: class myclass( $somevar='value' ) inherits myclass::params { file { $mydir: ensure = directory, } } class myclass::params { $mydir = '/some/path' } Now, I wonder how can I override $mydir from node definition? Or am I missing the whole point, am I supposed to put $mydir inside standard brackets and then call the class with something like: node mynode.mydomain.com { class myclass($mydir='/some/other/path') } Thank you -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] QUERY : no resources for remote admin?
hello fellow engineers: i am currently developing a Puppet manifest to Deploy (Install, Configure) a Software Package onto a number of Nodes from a Machine that is network connected to the Nodes (can ssh). the Yum Repo for the Nodes is on this Deployment Point. it was and still is very surprising to find that Puppet does not have a * Resource* to allow a *Remote Package* installation to be done. *Package{}*works on the current Node and will use yum by default to install a Software Package. however, if i want to do a yum install from another Deployment Point, Puppet does not offer a Resource. Local Package Install: package { 'ksh': ensure = installed } i also found out by simply trying that i can do a installation using lists as in (also found on Puppet Cookbook much later): package { [ 'ksh', 'mksh' ]: ensure = installed } but, if i want to install ksh onto Node node from Machine master, i need to use *Exec*: # Install package exec { 'remote-install': command = /usr/bin/ssh root@node 'yum -y install ksh', returns = 0, logoutput = on_failure, } what does Puppet Labs and the User Community recommend? is it better and more efficient to create a second Puppet manifest for the Nodes so that i can use Package{}? that would mean: * additional Puppet manifests for the Nodes in addition to the manifest on the Deployment Point, which is used for configuration; * additional communication between the Puppet Agent and Puppet master for package installation (?); * additional overhead of maintaining two Puppet manifests; * additional overhead of synchronizing the Installation on Nodes with the Configuration on Deployment Point. why does PuppetLabs simply not offer simple Resources to do what we require here? is there some Puppet ic way of designing and coding manifests that i do not know about? thank you very, very much in advance. ciao, Aaron -- { celltext Nokia E90 Communicator: +353-89-420-8033; Skype: am-aaron } -- This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/hDwoUUw4RDwJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Nagios and www-data users.
There should be a nagcmd group which both nagios and your apache user are members of. The nagios.cmd pipe should have permission of 0660 and ownership of nagios:nagcmd. If you were using check_mk livestatus then the livestatus.cmd socket would have the same perms and ownership. Usually this is taken care of by the nagios packages. -- Later, Darin On Wed, Sep 5, 2012 at 12:33 PM, Douglas Garstang doug.garst...@gmail.com wrote: I'm sure people have hit this problem before. In my nagios module, the nagios command pipe file at /var/lib/nagios3/rw/nagios.cmd is owned by the nagios user, but needs to be written to by the www-data user. Adding the www-user to the nagios group is one solution, but that requires that the nagios module potentially modify the www-data user, which seems bad. What's the best way to do this? I tried to explicitly define the www-data user in it's own class, and then create another nagios class that inherits from that so that I could do plusignment, but I obviously have the syntax wrong. Puppet doesn't like this. class nagios::users inherits users::www-data { User['www-data'] { group + ['nagios'] } } Doug -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: QUERY : no resources for remote admin?
Puppet is not really designed to do what you're asking. The idiomatic Puppet way to install ksh on all your nodes would be to create a node declaration for each host and either add Package[ksh] on each node or have them include a class with that resource definition. If you're looking for a way to push but not manage configurations remotely, you might want to try scripting with MCollective or something like it. -- Jenner On Wednesday, September 5, 2012 12:30:05 PM UTC-7, am-aaron wrote: hello fellow engineers: i am currently developing a Puppet manifest to Deploy (Install, Configure) a Software Package onto a number of Nodes from a Machine that is network connected to the Nodes (can ssh). the Yum Repo for the Nodes is on this Deployment Point. it was and still is very surprising to find that Puppet does not have a * Resource* to allow a *Remote Package* installation to be done. *Package{}*works on the current Node and will use yum by default to install a Software Package. however, if i want to do a yum install from another Deployment Point, Puppet does not offer a Resource. Local Package Install: package { 'ksh': ensure = installed } i also found out by simply trying that i can do a installation using lists as in (also found on Puppet Cookbook much later): package { [ 'ksh', 'mksh' ]: ensure = installed } but, if i want to install ksh onto Node node from Machine master, i need to use *Exec*: # Install package exec { 'remote-install': command = /usr/bin/ssh root@node 'yum -y install ksh', returns = 0, logoutput = on_failure, } what does Puppet Labs and the User Community recommend? is it better and more efficient to create a second Puppet manifest for the Nodes so that i can use Package{}? that would mean: * additional Puppet manifests for the Nodes in addition to the manifest on the Deployment Point, which is used for configuration; * additional communication between the Puppet Agent and Puppet master for package installation (?); * additional overhead of maintaining two Puppet manifests; * additional overhead of synchronizing the Installation on Nodes with the Configuration on Deployment Point. why does PuppetLabs simply not offer simple Resources to do what we require here? is there some Puppet ic way of designing and coding manifests that i do not know about? thank you very, very much in advance. ciao, Aaron -- { celltext Nokia E90 Communicator: +353-89-420-8033; Skype: am-aaron } This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/Dj_X8EmpDswJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Puppet smoking crack?
Couple of questions. Firstly, what's the plugin error about? puppet agent --onetime --test --verbose info: Retrieving plugin err: /File[/var/lib/puppet/lib]: Could not evaluate: Could not retrieve information from source(s) puppet://puppet/plugins info: Caching catalog for mon01.ap1.xxx.com info: Applying configuration version '1346878830' err: /Stage[main]/Xxx::Nagios::Server/File[/var/lib/nagios3]: Failed to generate additional resources using 'eval_generate': Cannot manage files of type fifo notice: Finished catalog run in 3.63 seconds Secondly, I think puppet is smoking crack. Why is it telling me that it can't manage files of type fifo when that is not what the manifest has? The manifest has: file { '/var/lib/nagios3/rw': owner = 'nagios', group = 'www-data', mode = '0750'; } The fifo file is IN the rw directory Doug. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: QUERY : no resources for remote admin?
hello Jenner: thank you. without intending to be rude or scornful: using MCollective? hmmm. instead, i can use a simple shell script, and it works great in minutes. Puppet makes us go bonkers and i do not think its really intuitive to understand. instead a procedural scipt is just great. i find this restriction very strange, though i understood recently that you use Puppet to declare how a system should be. i have a problem: i want to install a software package on multiple nodes and then have to run a configure program to configure all the nodes. its not distributing configuration files, i have to run the program only on 1 of the nodes or from a separate machine. its not easy to synchronize all the nodes and to ensure that all machines are in the same state before you run the configure. instead, it damn easy to run the Install and Configure from a single machine to all the Nodes. no synchronization problems and one manifest to maintain. Puppet also has big issues with this scenario: from one machine to check the status of a file on another machine and to then take action. the File{} resource only applies to the local machine. so, how do i do distributed system admin or remote sys admin? i spend so much time to learn Puppet, we pay a good deal for it, and we spend some time to understand how to use the declarative language, but i cannot do simple things. even doing an 'echo' to log output is so complicated. if we have to resort to using Ruby, its even more complicated. enhances my qualifications, but is it that vital to use it? genuinely puzzled, Aaron -- This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/owt3q3AChhsJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Override param from parametrized class?
On Wednesday, September 5, 2012 1:19:16 PM UTC-5, Jakov Sosic wrote: Hi. I've seen in many modules at puppet-forge this kind of organization: class myclass( $somevar='value' ) inherits myclass::params { file { $mydir: ensure = directory, } } class myclass::params { $mydir = '/some/path' } Now, I wonder how can I override $mydir from node definition? Not as your example is written, read on. Or am I missing the whole point, am I supposed to put $mydir inside standard brackets and then call the class with something like: node mynode.mydomain.com { class myclass($mydir='/some/other/path') } I think very likely have overlooked a key aspect of the pattern you observed (or else the modules you are looking at aren't good teaching examples). The usual usage of the pattern I suspect you've seen is more like this: # This might as readily be named mymodule::myclass class mymodule ($myparam = $myparam_default) inherits mymodule::params { file { $myparam: # ... } } class mymodule::params { $myparam_default = '/some/path' } The key difference there is that a variable declared by the ::params class is used as a default value for a parameter of the class that inherits it. That's the *only* reason why class inheritance is reasonable in this particular case. As a matter of good style, classes inherited for this purpose should normally contain only variable declarations. If one class wants to use another class's variables, but not as class parameter defaults, then it should not inherit from that class. Instead, it should 'include' that class (provided it is not parametrized) and then refer to the variables by their fully-qualified names, such as $mymodule::params::anothervar. Inheriting the ::params class is simply a trick to ensure the variables are initialized and accessible for use before any part of the class body of the inheriting class is parsed (i.e. in time to be used as parameter defaults). Getting back to your questions, no, you cannot override the value of a class variable, but you *can* provide your own values for class parameters, which will then be used instead of whatever default values may have been declared. That's done like so: class { mymodule: # parameters follow... myparam = 'custom value' } Yes, it looks very much like a resource declaration. No, I don't think that was a good design decision, but the prevailing opinion at PuppetLabs is different, or was when parametrized classes were added. Before you start swooning over how nice parametrized classes look, let me warn you that they carry some substantial drawbacks. Therefore, I urge you to avoid using them in your own code as much as you can do, at least until you understand Puppet well enough to appreciate why they might make sense in some circumstances (clue me in when you figure that out), and especially until you appreciate the problems they present. Hint: the biggest one is that parametrized classes cannot be declared more than once. There are other, better ways to get data to your classes, notably data access functions such as hiera(), and global or [other]class variables. Puppet 3 does shine up parametrized classes a lot, in large part by integrating hiera directly into parameter value resolution. Nevertheless, you don't need class parameters, and even in Puppet 3, parametrized classes retain a few pointy bits. Therefore, I'd focus on building classes that rely on hiera (which for Puppet 2.x is a third-party extension) where they need external data, as that will serve you well both now and going forward. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/sHqw7Z31O_sJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: QUERY : no resources for remote admin?
Like I said, these aren't issues with Puppet, you're just using a screwdriver to hit a nail. All resources only apply to the local machine. Your manifests are supposed to declaratively describe what the state and configuration of a node should be, and the Puppet agent makes it so after compiling the node's catalog. Without knowing the details of the software you are trying to deploy, I would say either fix your deployment procedure so that Puppet can manage the configuration files on each node (with the typical Package, File, Service), or don't use Puppet at all. -- Jenner On Wednesday, September 5, 2012 2:35:45 PM UTC-7, am-aaron wrote: hello Jenner: thank you. without intending to be rude or scornful: using MCollective? hmmm. instead, i can use a simple shell script, and it works great in minutes. Puppet makes us go bonkers and i do not think its really intuitive to understand. instead a procedural scipt is just great. i find this restriction very strange, though i understood recently that you use Puppet to declare how a system should be. i have a problem: i want to install a software package on multiple nodes and then have to run a configure program to configure all the nodes. its not distributing configuration files, i have to run the program only on 1 of the nodes or from a separate machine. its not easy to synchronize all the nodes and to ensure that all machines are in the same state before you run the configure. instead, it damn easy to run the Install and Configure from a single machine to all the Nodes. no synchronization problems and one manifest to maintain. Puppet also has big issues with this scenario: from one machine to check the status of a file on another machine and to then take action. the File{} resource only applies to the local machine. so, how do i do distributed system admin or remote sys admin? i spend so much time to learn Puppet, we pay a good deal for it, and we spend some time to understand how to use the declarative language, but i cannot do simple things. even doing an 'echo' to log output is so complicated. if we have to resort to using Ruby, its even more complicated. enhances my qualifications, but is it that vital to use it? genuinely puzzled, Aaron This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/_VP5N_sFs6cJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Starting service as non root user with puppet
On Wednesday, September 5, 2012 10:37:40 AM UTC-5, Sean Murphy wrote: Hi, I have an ubuntu system with some of our own services on it. I prefer to run these services as a non-root user. I can control the services using upstart as a non root user and can start and stop the service using initctl without any problems. I'm trying to use puppet to start and stop these services; however, it's not obvious if it is possible. A suboptimal approach appears to be one in which I create a service.conf file in /etc/init - this service.conf file can su to the user and run the service. I think this is suboptimal, as it's not working with the user level control mechanisms that have already been designed into upstart. So I'm wondering if there is any way to instruct puppet to automatically become a specific user before starting a specific service (presumably using initctl in the case of ubuntu). If you use Puppet's standard Service resource to manage your service then no, you cannot cause Puppet to assume a different user ID to execute the service management commands. But that should not be necessary. Which user a service runs as should be a matter of that service's configuration, not of the UID of the process that starts it. Indeed, it is typically necessary for a privileged process to handle service startup in order to * enable* services to assume the correct user identity. If your home-built services don't know how to set their own UIDs then they are deficient. Whoever is responsible for maintaining them should be introduced to the setuid() family of functions. In the mean time, you may have no alternative to using a wrapper of some kind (an upstart script, for instance). Note, too, that this is not fundamentally a Puppet problem. You will have the same issue if you want to configure your services to start automatically (as the desired user) at system startup, for instance. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/PbPLeJeRRqoJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet smoking crack?
On Wed, Sep 5, 2012 at 2:23 PM, Christopher Wood christopher_w...@pobox.com wrote: (inline) On Wed, Sep 05, 2012 at 02:04:59PM -0700, Douglas Garstang wrote: Couple of questions. Firstly, what's the plugin error about? puppet agent --onetime --test --verbose Could you also try with --debug? I could. What are we looking for? info: Retrieving plugin err: /File[/var/lib/puppet/lib]: Could not evaluate: Could not retrieve information from source(s) puppet://puppet/plugins Worth looking into your pluginsync config here. I have on the client 'pluginsync = true' in the [main] section. info: Caching catalog for mon01.ap1.xxx.com info: Applying configuration version '1346878830' err: /Stage[main]/Xxx::Nagios::Server/File[/var/lib/nagios3]: Failed Do you have a declaration /var/lib/nagios3? What does that say? Nope. The manifest only has: file { '/var/lib/nagios3/rw': owner = 'nagios', group = 'www-data', mode = '0750'; } Doug -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet smoking crack?
On Wed, Sep 05, 2012 at 03:01:42PM -0700, Douglas Garstang wrote: On Wed, Sep 5, 2012 at 2:23 PM, Christopher Wood christopher_w...@pobox.com wrote: (inline) On Wed, Sep 05, 2012 at 02:04:59PM -0700, Douglas Garstang wrote: Couple of questions. Firstly, what's the plugin error about? puppet agent --onetime --test --verbose Could you also try with --debug? I could. What are we looking for? More detailed error messages for now. info: Retrieving plugin err: /File[/var/lib/puppet/lib]: Could not evaluate: Could not retrieve information from source(s) puppet://puppet/plugins Did this fail because of a connection issue, because you typo'ed something, because something in your manifest doesn't exist on the puppetmaster, etc. etc. Worth looking into your pluginsync config here. I have on the client 'pluginsync = true' in the [main] section. You do, is it working? Apparently not, judging from this error message. Using --debug might assist here as well. Also see what your puppetmaster has to say. Debug logging there might help too. info: Caching catalog for mon01.ap1.xxx.com info: Applying configuration version '1346878830' err: /Stage[main]/Xxx::Nagios::Server/File[/var/lib/nagios3]: Failed Do you have a declaration /var/lib/nagios3? What does that say? Nope. The manifest only has: file { '/var/lib/nagios3/rw': owner = 'nagios', group = 'www-data', mode = '0750'; } As a random guess I'd say your missing plugin configuration and the debug output together might be a useful path to pursue. Doug -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: notify vs. require of services
On Wednesday, September 5, 2012 7:13:53 AM UTC-7, jcbollinger wrote: 'notify' is a specialization of 'before', so you don't need both or those, 'subscribe' is a specialization of 'require', so you don't need both of those, and all the other mixed pairs represent cycles. John -- this is a wonderfully succinct way of describing the relationships between these parameters. I'd never really thought about them (nor seen it put) quite that way. Thanks! -=Eric -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/u55mKM7uSA4J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: How to automatically implement default configuration changes made by a package upgrade
I can't believe I didn't think about the conf.d directory. I have it set up for that and just skipped over that last line. Ramin, I agree with you about wanting to control introducing change into the system. We have grown from a very small team with only a couple servers to what we are today rather quickly. So now taking that control away from certain members of the team shall be an interesting challenge. I will have to formulate an argument around those ideas before trying to takle that one. In the meantime I have a sandbox environment set up for just such things and will be quietly doing something similar anyway. Thanks heaps for the help all. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/RJ67TnI26Y8J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.