[Puppet Users] Accessing variable from a user defined resource in the same module
Hi all, This may be a simple one but I am not able to do it. Folder structure is like: mname - name of the module ---manifests --init.pp - includes class mname --config.pp - includes are user defined resource which is defined as define mname::config ( $a,$b ) { ... code here ... } --misc.pp - Contains misc class. This class is included in config.pp. I did this because there are few resources which are to be defined only once for a node if there are multiple user-defined resources mname::config.pp defined. Now, in this class misc, I want to access variable $a and $b. *How do I do that?* Using mname::config::a is not working.. Error says class config could not be found. This makes sense because it's not a class, config is a user-defined resource type. ---templates --t1.erb - I want to access value of $a and $b here. Using mname::config::$a is not working. I am using %= scope.lookupvar(mname::config::$a % to get the value. I am completely lost. Right now, I am using 2.7 and just accessing $a and $b directly (which is showing warnings) so it's working but this will start failing once I move to 2.8. -- Cheers, Abhijeet R http://blog.abhijeetr.com -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] OperatingSystem fact for Oracle Linux?
Morning all Not sure on the best place to raise this, so thought I'd start here... I'm starting to work with Puppet and Oracle Linux 6.1. Unfortunately I'm finding a lot of existing modules aren't working with OL 6.1, because they're coded to expect an operatingsystem fact of oel. However at OL 6, the operatingsystem fact is now OracleLinux. Any ideas on where this issue should go? Cheers Gavin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/_VBKMoi1aXMJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] serialized call for defines by naming them with array (ordering for the output )
Hi.. I have following issue: If calling a define with an array as names, then it applyes defines in parallel way (which is logical by puppet structure) example: # define a function define func(){ exec{/bin/echo $name /tmp/file} } # call it func{[a,b,c,d]: } then my file would have an ordering like: # cat /tmp/file b a d c but how to do this in a serialized way? so, that, at the end, my file has an ordering structure exactly as an array, so: a b c d any idea? Its realy usefull for config files where the ordering of parameter does matter. Regards Dimitri -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/gf5K3PAgYPoJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Class in puppet-dashboard
Hello. I have a puppet class: class change-password-root{ user { root: password = 'asdfasdfasdfsafasfdsadf', ensure = present } } The task works perfectly but in puppet-dashboard always has the counter to zero. Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/0ADty1axJOMJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. attachment: Puppet Node Manager.png
[Puppet Users] Using regex to match hostnames in hiera
Hi, I'm having a problem with extlookup not respecting the 'certname' parameter[1]. When executing a puppet run with either the --certname or --fqdn parameters, it ends up using the specified SSL certificate and gets the correct node definition applied from the puppetmaster. However, it still retrieves extlookup data using the node's actual FQDN, not the one manually specified using the parameter. Anyway, I thought this might be a bug in the extlookup code so I decided to try out hiera as an alternative. It seems like a nice tool, but in my case there is a very big downside - the inability to match the fqdn based on a regular expression. This was brought up in a previous thread[2]. As an example, here is my existing extlookup configuration from site.pp: $hostgroup = regsubst($hostname, '-*\d+$', '') $extlookup_datadir = /etc/puppet/environments/${environment}/manifests/extdata $extlookup_precedence = [ 'hostnames/%{fqdn}', 'hostgroups/%{hostgroup}', 'common' ] This layout is quite beautiful, as it has three possible matching scenarios. 1. A CSV file for a specific hostname exists. Example: hostnames/web1.mydomain.com.csv applies to a single host - web1.mydomain.com. 2. A CSV file for a regular expression based on hostname exists. Example: hostgroups/web.csv applies to all hosts whose hostname begins with 'web' - web1.mydomain.com or web999.mydomain.com. 3. No matches are found, so default values from common.csv are used. I'd like to replicate this behavior using hiera. Is it possible? P.S. The first reply to the aforementioned mailing list thread suggested creating a custom fact and using that to specify the node's hostgroup. Please don't recommend that! To begin with, such measures aren't necessary with extlookup. Hiera is the shiny/new/better successor to extlookup, I shouldn't have to create a custom fact to reproduce the old functionality. Secondly, I have another good reason but it is complicated and would take too long to explain. Just take my word for it :-) Thank you. [1] https://projects.puppetlabs.com/issues/17198 [2] https://groups.google.com/forum/?fromgroups=#!topic/puppet-users/aGFSQ2SYgL8 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Using regex to match hostnames in hiera
- Original Message - From: Edwin Starkey edwinstar...@yahoo.com To: puppet-users@googlegroups.com Sent: Friday, October 26, 2012 4:45:27 AM Subject: [Puppet Users] Using regex to match hostnames in hiera Hi, I'm having a problem with extlookup not respecting the 'certname' parameter[1]. When executing a puppet run with either the --certname or --fqdn parameters, it ends up using the specified SSL certificate and gets the correct node definition applied from the puppetmaster. However, it still retrieves extlookup data using the node's actual FQDN, not the one manually specified using the parameter. Anyway, I thought this might be a bug in the extlookup code so I decided to try out hiera as an alternative. It seems like a nice tool, but in my case there is a very big downside - the inability to match the fqdn based on a regular expression. This was brought up in a previous thread[2]. As an example, here is my existing extlookup configuration from site.pp: $hostgroup = regsubst($hostname, '-*\d+$', '') $extlookup_datadir = /etc/puppet/environments/${environment}/manifests/extdata $extlookup_precedence = [ 'hostnames/%{fqdn}', 'hostgroups/%{hostgroup}', 'common' ] This layout is quite beautiful, as it has three possible matching scenarios. 1. A CSV file for a specific hostname exists. Example: hostnames/web1.mydomain.com.csv applies to a single host - web1.mydomain.com. 2. A CSV file for a regular expression based on hostname exists. Example: hostgroups/web.csv applies to all hosts whose hostname begins with 'web' - web1.mydomain.com or web999.mydomain.com. 3. No matches are found, so default values from common.csv are used. I'd like to replicate this behavior using hiera. Is it possible? Create a simple custom fact that has the same logic as your $hostgroup variable, use that in the hierarchy P.S. The first reply to the aforementioned mailing list thread suggested creating a custom fact and using that to specify the node's hostgroup. Please don't recommend that! To begin with, such measures aren't necessary with extlookup. Hiera is the shiny/new/better successor to extlookup, I shouldn't have to create a custom fact to reproduce the old functionality. Secondly, I have another good reason but it is complicated and would take too long to explain. Just take my word for it :-) hiera can access any variable in its hierarchy, so set it however you want, however facts are there for a reason to solve this exact problem. you should use them. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Accessing variable from a user defined resource in the same module
On Fri, 2012-10-26 at 13:16 +0530, Abhijeet R wrote: Hi all, This may be a simple one but I am not able to do it. Folder structure is like: mname - name of the module ---manifests --init.pp - includes class mname --config.pp - includes are user defined resource which is defined as define mname::config ( $a,$b ) { ... code here ... } --misc.pp - Contains misc class. This class is included in config.pp. I did this because there are few resources which are to be defined only once for a node if there are multiple user-defined resources mname::config.pp defined. Now, in this class misc, I want to access variable $a and $b. *How do I do that?* Using mname::config::a is not working.. Error says class config could not be found. This makes sense because it's not a class, config is a user-defined resource type. This doesn't make sense. Since mname::config is a defined resource, it can be used multiple times. And each time, the values of $a and $b would be different. How would the misc class know which values of $a and $b to use if it's included from multiple mname::config instances? ---templates --t1.erb - I want to access value of $a and $b here. Using mname::config::$a is not working. I am using %= scope.lookupvar(mname::config::$a % to get the value. In templates, you don't use the $ character on variable names. If the template is being used directly in the mname::config type, you can do %= @a % (preferred) or %= a % -- Calvin Walton calvin.wal...@kepstin.ca smime.p7s Description: S/MIME cryptographic signature
Re: [Puppet Users] Using regex to match hostnames in hiera
On Thu, 2012-10-25 at 20:45 -0700, Edwin Starkey wrote: Hi, I'm having a problem with extlookup not respecting the 'certname' parameter[1]. When executing a puppet run with either the --certname or --fqdn parameters, it ends up using the specified SSL certificate and gets the correct node definition applied from the puppetmaster. However, it still retrieves extlookup data using the node's actual FQDN, not the one manually specified using the parameter. As an example, here is my existing extlookup configuration from site.pp: $hostgroup = regsubst($hostname, '-*\d+$', '') $extlookup_datadir = /etc/puppet/environments/${environment}/manifests/extdata $extlookup_precedence = [ 'hostnames/%{fqdn}', 'hostgroups/%{hostgroup}', 'common' ] The certname value is exposed in the puppet manifests in the $clientcert variable. Something like the following might work: $hostgroup = regsubst($clientcert, '-*\d+$', '') $extlookup_datadir = /etc/puppet/environments/${environment}/manifests/extdata $extlookup_precedence = [ 'hostnames/%{clientcert}', 'hostgroups/%{hostgroup}', 'common' ] This layout is quite beautiful, as it has three possible matching scenarios. 1. A CSV file for a specific hostname exists. Example: hostnames/web1.mydomain.com.csv applies to a single host - web1.mydomain.com. 2. A CSV file for a regular expression based on hostname exists. Example: hostgroups/web.csv applies to all hosts whose hostname begins with 'web' - web1.mydomain.com or web999.mydomain.com. 3. No matches are found, so default values from common.csv are used. I'd like to replicate this behavior using hiera. Is it possible? Absolutely. Hiera lookups can be done using arbitrary variables defined in your puppet manifests. Something like the following should be sufficient: in site.pp toplevel: $hostgroup = regsubst($clientcert, '-*\d+$', '') in hiera.yaml: :yaml: :datadir: /etc/puppet/environments/${environment}/manifests/hiera :hierarchy: - hostnames/%{clientcert} - hostgroups/%{hostgroup} - common Then you can use puppet3's automatic class parameter lookup, or call the hiera() functions anywhere in your manifest. -- Calvin Walton calvin.wal...@kepstin.ca smime.p7s Description: S/MIME cryptographic signature
[Puppet Users] hiera broken in puppet-3
is anybody using hiera with puppet-3 and per-module hierarchy? it seems calling_module/calling_class is entirely broken now. see: http://pastebin.com/CfbW5Kcu and #16730 and PR1214 (which only fixes backend_puppet i think). anyone has some unofficial patches? because i'm just stuck in migration :( please don't advise me to use data bindings as there is no way to use them in 2.7 and we need seamless migration path. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/3b2w94f6OqAJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Accessing variable from a user defined resource in the same module
On Fri 26 Oct 2012 04:42:56 PM IST, Calvin Walton wrote: On Fri, 2012-10-26 at 13:16 +0530, Abhijeet R wrote: ---templates --t1.erb - I want to access value of $a and $b here. Using mname::config::$a is not working. I am using %= scope.lookupvar(mname::config::$a % to get the value. In templates, you don't use the $ character on variable names. If the template is being used directly in the mname::config type, you can do %= @a % (preferred) or %= a % Sorry about using $a in templates. I actually wrote it by mistake and I didn't use it in my actual templates. But, I have a requirement where I've to use the values of $a, $b in other classes. Thing is like, some resources that are defined in user-defined resource have to defined only once and are common of two or more instances for defined resource. So, I included that in a new class (Otherwise, multiple definition errors come). Now, this class needs to use the values passed to defined resource. (ie $a, $b). So, what should I do? This thing is works in 2.6 and 2.7.9 perfectly but it throws errors like For classes - warning: Dynamic lookup of $node_id at /etc/puppet/modules/ucarp/manifests/up_down_scripts.pp:3 is deprecated. Support will be removed in Puppet 2.8. Use a fully-qualified variable name (e.g., $classname::variable) or parameterized classes. For template - warning: Dynamic lookup of $vip_addr_gw at /etc/puppet/modules/ucarp/templates/vip-up.erb:6 is deprecated. Support will be removed in Puppet 2.8. Use a fully-qualified variable name (e.g., $classname::variable) or parameterized classes. If I think of making a parametrised class instead of user-defined resource, I'll be not be able to use that because I need to use that class more than once for a node. (That is why I actually used user-defined resource). TLDR - Few resources of a defined resource are to be defined only once so are included in a class. How would that class be able to access the parameters passed to the user-defined resource? Also, this defined class is using templates to generate configuration files and needs to access the parameters passed to defined resource. How should that be done? -- Cheers, Abhijeet R http://blog.abhijeetr.com -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] copy file from a host other than puppet-server
Is there a way to copy files to one host (foo) from another (bar) in the same domain (mydom.org), where neither of them is the puppet-server, but both of them have *puppetd* running ? I am looking for something similar to the *server* method in *cfengine copy* where one can provide a server name for the source file. Here is what I have tried and failed : node 'foo.mydom.org' inherits default { include foo_class::setup } foo_class::setup defined in the modules/foo_class/setup.pp in the puppet-server node. class foo_class::setup { file { etc_passwd_file : path = /etc/passwd, source = puppet://bar.mydom.org//${path_to_file}, } } When running puppet --noop --server=puppet --no-daemonize --verbose --onetime I get error : . Could not evaluate: Could not retrieve information from environment production source(s) puppet://bar.mydom.org//${path_to_file} at /etc/puppet/modules/foo_class/manifests/setup.pp -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/sKd6dE6Fq3gJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Have Class Only Perform Actions When There Is Work To Do (i.e. Making Them Idempotent)
Howdy. I feel like I am missing something really simply with regards to the way that Puppet works and I am wondering if someone can point me in the write direction. I have written a class that downloads, uncompresses, compiles, and installs Python from source. So far so good. The problem is that it only needs to do this once, when Python is not already in place (or some other custom indicator of the Python version). I have my 3 calls to exec doing their checks just fine, but my calls to wget::fetch and archive::untar both fire during every apply. Specifically, archive::untar takes about 30 seconds to run and I'd prefer it if it only ran conditionally. What is the best way to make sure that this code: wget::fetch { python-${version}: source = http://python.org/ftp/python/${version}/Python-${version}.tgz;, destination = /tmp/Python-${version}.tgz, } archive::untar {/tmp/python-${version}: source = /tmp/Python-${version}.tgz, compression = 'gz', rootdir = Python-${version}, require = Wget::Fetch[python-${version}], } only runs when some condition is met? I can easily put a custom file in place to look for, but how do I make these commands dependent on its absence? I tried making such a file and subscribing to it, but these commands still ran each time. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/5H8zJOulvoAJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] reportdir ignored
Hi, I've filled up my hard drive so I want to point /var/lib/puppet/reports to another volume. I've change /etc/puppet/puppet.conf to match my needs: #reportdir = /var/lib/puppet/reports reportdir = /VOL2/puppet/reports after restarting puppet I see reports being stored in the same original place. I am missing some step here? thanks in advance, -- Frank -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] PuppetDB API permissions
Hello, Is it possible to control from which nodes is it allowed to execute commands like replace catalog and replace facts, and which nodes can only do queries (but no changes)? It seems like once someone could access the service through http or https (depending on jetty.ini settings) can do both. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/taXhYNOGLZgJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] reportdir ignored
Is there any particular reason you're not mounting a new volume under /var/lib/puppet/reports? That way you only have to customize at the disk/filesystem level, not in your application config. (I don't know why puppet might be doing this.) On Fri, Oct 26, 2012 at 03:23:43PM +0100, Frank wrote: Hi, I've filled up my hard drive so I want to point /var/lib/puppet/reports to another volume. I've change /etc/puppet/puppet.conf to match my needs: #reportdir = /var/lib/puppet/reports reportdir = /VOL2/puppet/reports after restarting puppet I see reports being stored in the same original place. I am missing some step here? thanks in advance, -- Frank -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] reportdir ignored
On Friday, October 26, 2012 at 3:27 PM, Christopher Wood wrote: Is there any particular reason you're not mounting a new volume under /var/lib/puppet/reports? That way you only have to customize at the disk/filesystem level, not in your application config. (I don't know why puppet might be doing this.) Well, in fact :) little weird but ok. Right now I'm running Puppet 2.7.19 and I'm gonna do this 'trick' until I have the time to migrate this to Puppet 3 Thanks :) On Fri, Oct 26, 2012 at 03:23:43PM +0100, Frank wrote: Hi, I've filled up my hard drive so I want to point /var/lib/puppet/reports to another volume. I've change /etc/puppet/puppet.conf to match my needs: #reportdir = /var/lib/puppet/reports reportdir = /VOL2/puppet/reports after restarting puppet I see reports being stored in the same original place. I am missing some step here? thanks in advance, -- Frank -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com (mailto:puppet-users@googlegroups.com). To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com (mailto:puppet-users+unsubscr...@googlegroups.com). For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com (mailto:puppet-users@googlegroups.com). To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com (mailto:puppet-users+unsubscr...@googlegroups.com). For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
RE: [Puppet Users] copy file from a host other than puppet-server
Yes you can use storedconfig's. Example of how I us them below. on bar @@file { $check_mk_location/conf.d/main/${hostname}.mk: ensure = file, content = template(check_mk/main.erb), tag = 'check_mk_remote' } on foo File | tag == 'check_mk_remote_parents' | http://projects.puppetlabs.com/projects/1/wiki/using_stored_configuration From: puppet-users@googlegroups.com [mailto:puppet-users@googlegroups.com] On Behalf Of iamauser Sent: 26 October 2012 14:43 To: puppet-users@googlegroups.com Subject: [Puppet Users] copy file from a host other than puppet-server Is there a way to copy files to one host (foo) from another (bar) in the same domain (mydom.org), where neither of them is the puppet-server, but both of them have *puppetd* running ? I am looking for something similar to the *server* method in *cfengine copy* where one can provide a server name for the source file. Here is what I have tried and failed : node 'foo.mydom.org' inherits default { include foo_class::setup } foo_class::setup defined in the modules/foo_class/setup.pp in the puppet-server node. class foo_class::setup { file { etc_passwd_file : path = /etc/passwd, source = puppet://bar.mydom.org//${path_to_file}, } } When running puppet --noop --server=puppet --no-daemonize --verbose --onetime I get error : . Could not evaluate: Could not retrieve information from environment production source(s) puppet://bar.mydom.org//${path_to_file} at /etc/puppet/modules/foo_class/manifests/setup.pp -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/sKd6dE6Fq3gJ. To post to this group, send email to puppet-users@googlegroups.commailto:puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.commailto:puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. This email has been sent from Gala Coral Group Limited (GCG) or a subsidiary or associated company. GCG is registered in England with company number 07254686. Registered office address: 71 Queensway, London W2 4QH, United Kingdom; website: www.galacoral.com. This e-mail message (and any attachments) is confidential and may contain privileged and/or proprietorial information protected by legal rules. It is for use by the intended addressee only. If you believe you are not the intended recipient or that the sender is not authorised to send you the email, please return it to the sender (and please copy it to h...@galacoral.com) and then delete it from your computer. You should not otherwise copy or disclose its contents to anyone. Except where this email is sent in the usual course of business, the views expressed are those of the sender and not necessarily ours. We reserve the right to monitor all emails sent to and from our businesses, to protect the businesses and to ensure compliance with internal policies. Emails are not secure and cannot be guaranteed to be error-free, as they can be intercepted, amended, lost or destroyed, and may contain viruses; anyone who communicates with us by email is taken to accept these risks. GCG accepts no liability for any loss or damage which may be caused by software viruses. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] reportdir ignored
On Oct 26, 2012, at 7:23 AM, Frank urealfr...@gmail.com wrote: Hi, I've filled up my hard drive so I want to point /var/lib/puppet/reports to another volume. I've change /etc/puppet/puppet.conf to match my needs: #reportdir = /var/lib/puppet/reports reportdir = /VOL2/puppet/reports after restarting puppet I see reports being stored in the same original place. I am missing some step here? And this has been added to the [main] or [master] section in the conf file? -Jeff -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Connection Timed Out updating node on 3g mobile broadband device
I was able to telnet port 8140 via the 3g connection. I also tried to lower the MTU on the interface and I was still unsuccessful. So I set it back One thing I don't understand is that the error message has now changed to err: Could not retrieve catalog from remote server: Connection reset by peer - SSL_connect warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run err: Could not send report: Connection reset by peer - SSL_connect I am going to try the timeout setting in the module, but the only module I have running is one that checks to see if a particular service is running. On Thursday, October 25, 2012 5:09:35 PM UTC-4, denmat wrote: Interesting setup. Sometimes providers block uncommon ports. Can you get to 8140 over your 3/4g? If not, try running on 443 (change puppet.conf or apache ports). If none of these work check the docs for timeout settings (can't remember of hand). Den On 26/10/2012, at 3:55, Steve steve...@gmail.com javascript: wrote: I have a puppetmaster on an Amazon EC2 instance of Ubuntu 12.04. All of the puppet nodes I am running are also on ubuntu server 12.04. I can connect any of the nodes on a wireless or LAN connection. When I switch my node to a Verizon mobile 3g or 4g device I run puppet agent -t and I get the message err: Could not retrieve catalog from remote server: Connection time out - SSL_connect warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run err: Could not send report: Connection timed out - SSL_connect Before I got the message there was a long pause about 20 minutes long trying to do the update. I can download and install packages with the 3g connection using apt-get install. I can access webpages including secure pages using Lynx. I can ping the Puppet Master. I wanted to make sure I was getting through to the Puppet Master so I removed the certificate from both the Puppet Master and the Client. Then I ran puppet agent -t and the certificate was signed and I can see it again on the Puppet Master and the client. I checked port 8140 to see that it is open in Amazon, and it is. There is no firewall enabled in the instance itself. Next I limited the puppet update to only one trivial module and nothing changed. Lastly, I connected a node that is on a desktop version of Ubuntu 12.10 and connected my Verizon device. I had the similar behavior. The system paused for 10 to 20 minutes like before then gave me the message: Error: Failed to apply catalog: execution expired Error: Could not send report: execution expired Since I have little experience with puppet or these devices, I suspect the device has some sort of interrupt or time out on the device that causes problems with the puppet process. Anyways as far as I can tell the only thing I cannot do with this connection is update puppet. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/PHNcXaR-TyAJ. To post to this group, send email to puppet...@googlegroups.comjavascript: . To unsubscribe from this group, send email to puppet-users...@googlegroups.com javascript:. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/8qegs60WbJkJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Launching a full screen app through puppet
Hello, I'm controlling 180 windows machines for an art project. I am using puppet to configure the machines, push out an app as a zip, unzip it, change permissions, then launch it. Everything works perfectly, except the app is being launched in a hidden desktop due to windows security. From what I'm told since puppet runs as a service it is not allowed to launch an app on the logged in desktop. I confirmed that when running the puppet agent manually the app launches correctly. My question is, does anyone have any experience launching an .exe from puppet in windows in the current logged in desktop? thanks, Lucas -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] reportdir ignored
On Friday, October 26, 2012 at 3:53 PM, Jeff McCune wrote: On Oct 26, 2012, at 7:23 AM, Frank urealfr...@gmail.com (mailto:urealfr...@gmail.com) wrote: Hi, I've filled up my hard drive so I want to point /var/lib/puppet/reports to another volume. I've change /etc/puppet/puppet.conf to match my needs: #reportdir = /var/lib/puppet/reports reportdir = /VOL2/puppet/reports after restarting puppet I see reports being stored in the same original place. I am missing some step here? And this has been added to the [main] or [master] section in the conf file? [user] I'm gonna try it on master section… -Jeff -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com (mailto:puppet-users@googlegroups.com). To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com (mailto:puppet-users+unsubscr...@googlegroups.com). For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] 'puppet resource user' questions
When I run puppet resource user ldadpuser I get a resource definition back for that user. However, when I run puppet resource user I do NOT see ldapuser in the list. Is this intended behavior? Is there a way to get a list of all users, whether they are ldap or local? This node is running puppet 2.7.19 on Ubuntu 12.04 against a 2.7.19 master on Ubuntu 10.04. Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/xzPXljvjvGoJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] reportdir ignored
solved! many thanks :) -- Frank On Friday, October 26, 2012 at 4:13 PM, Frank wrote: On Friday, October 26, 2012 at 3:53 PM, Jeff McCune wrote: On Oct 26, 2012, at 7:23 AM, Frank urealfr...@gmail.com (mailto:urealfr...@gmail.com) wrote: Hi, I've filled up my hard drive so I want to point /var/lib/puppet/reports to another volume. I've change /etc/puppet/puppet.conf to match my needs: #reportdir = /var/lib/puppet/reports reportdir = /VOL2/puppet/reports after restarting puppet I see reports being stored in the same original place. I am missing some step here? And this has been added to the [main] or [master] section in the conf file? [user] I'm gonna try it on master section… -Jeff -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com (mailto:puppet-users@googlegroups.com). To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com (mailto:puppet-users+unsubscr...@googlegroups.com). For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] copy file from a host other than puppet-server
thanks for this. A bit confused with your answer : what do you mean *on bar* and *on foo*. Is it mean on the machine 'foo' or node 'foo' {blah...blah } on puppet-server ? I tried defining both for the corresponding nodes, but it does nothing. On Friday, October 26, 2012 4:53:28 PM UTC+2, Fireblade wrote: Yes you can use storedconfig's. Example of how I us them below. on bar @@file { $check_mk_location/conf.d/main/${hostname}.mk: ensure = file, content = template(check_mk/main.erb), tag = 'check_mk_remote' } on foo File | tag == 'check_mk_remote_parents' | http://projects.puppetlabs.com/projects/1/wiki/using_stored_configuration *From:* puppet...@googlegroups.com javascript: [mailto: puppet...@googlegroups.com javascript:] *On Behalf Of *iamauser *Sent:* 26 October 2012 14:43 *To:* puppet...@googlegroups.com javascript: *Subject:* [Puppet Users] copy file from a host other than puppet-server Is there a way to copy files to one host (foo) from another (bar) in the same domain (mydom.org), where neither of them is the puppet-server, but both of them have *puppetd* running ? I am looking for something similar to the *server* method in *cfengine copy* where one can provide a server name for the source file. Here is what I have tried and failed : node 'foo.mydom.org' inherits default { include foo_class::setup } foo_class::setup defined in the modules/foo_class/setup.pp in the puppet-server node. class foo_class::setup { file { etc_passwd_file : path = /etc/passwd, source = puppet://bar.mydom.org//${path_to_file}http://bar.mydom.org//$%7Bpath_to_file%7D , } } When running puppet --noop --server=puppet --no-daemonize --verbose --onetime I get error : . Could not evaluate: Could not retrieve information from environment production source(s) puppet://bar.mydom.org//${path_to_file}http://bar.mydom.org//$%7Bpath_to_file%7Dat /etc/puppet/modules/foo_class/manifests/setup.pp -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/sKd6dE6Fq3gJ. To post to this group, send email to puppe...@googlegroups.comjavascript: . To unsubscribe from this group, send email to puppet-user...@googlegroups.com javascript:. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- This email has been sent from Gala Coral Group Limited (GCG) or a subsidiary or associated company. GCG is registered in England with company number 07254686. Registered office address: 71 Queensway, London W2 4QH, United Kingdom; website: www.galacoral.com. This e-mail message (and any attachments) is confidential and may contain privileged and/or proprietorial information protected by legal rules. It is for use by the intended addressee only. If you believe you are not the intended recipient or that the sender is not authorised to send you the email, please return it to the sender (and please copy it to h...@galacoral.com javascript:) and then delete it from your computer. You should not otherwise copy or disclose its contents to anyone. Except where this email is sent in the usual course of business, the views expressed are those of the sender and not necessarily ours. We reserve the right to monitor all emails sent to and from our businesses, to protect the businesses and to ensure compliance with internal policies. Emails are not secure and cannot be guaranteed to be error-free, as they can be intercepted, amended, lost or destroyed, and may contain viruses; anyone who communicates with us by email is taken to accept these risks. GCG accepts no liability for any loss or damage which may be caused by software viruses. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/yXAlnq2I7RQJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: What is the @ used for?
On Thursday, October 25, 2012 7:40:50 PM UTC-5, Ben McCann wrote: See http://docs.puppetlabs.com/guides/virtual_resources.html On Thursday, October 25, 2012 5:01:45 PM UTC-7, Dave Alden wrote: Hi, Sorry to be dense, but I've recently switched over to use the puppet labs apache module, but I was having trouble with the firewall not getting updated. It turns out that the @ in front of the firewall line seems to be keeping it from running. As soon as I removed it, my firewall got updated. So what does the @ do? …dave Do read the docs on virtual resources to which Ben directed you. They should answer the question you posed. With respect to some of the questions you did not pose: Changing a resource from virtual to concrete is probably not the best solution, and it may not even be a correct solution, depending on the module implementation details and your own configuration needs. Do read whatever module documentation there is; it should cover questions regarding which of its classes and resources are intended to be used directly by your own classes, and how, and which are intended for internal use only. In particular, if the firewall resource you are talking about is intended to be accessed by outside classes and resources, then the docs ought to instruct you to realize it via the 'realize' function or a resource collection. You probably should not make it concrete (by removing the '@'), certainly not if you don't understand what you're doing. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/gqYRMO4rp3cJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: hiera broken in puppet-3
I think that might have been renamed... http://docs.puppetlabs.com/puppet/3/reference/lang_variables.html#facts-and-built-in-variables Down near the bottom, under parser set variables, there's $module_name and $caller_module_name. That what you meant to use? On Friday, October 26, 2012 5:14:56 AM UTC-7, asq wrote: is anybody using hiera with puppet-3 and per-module hierarchy? it seems calling_module/calling_class is entirely broken now. see: http://pastebin.com/CfbW5Kcu and #16730 and PR1214 (which only fixes backend_puppet i think). anyone has some unofficial patches? because i'm just stuck in migration :( please don't advise me to use data bindings as there is no way to use them in 2.7 and we need seamless migration path. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/ysgWFC8zyl0J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: creating a list of files from an external define
On Thursday, October 25, 2012 3:33:16 PM UTC-5, danielt wrote: Puppet expects to find a definition with this name: helper::files{ in this file: [...] modules/helper/manifests/files.pp [...] I usually had the install define within the class. But puppet-lint didn't like this so I thought outsourcing it to its own module would work out. I'm not sure what you mean about putting the define in its own module, but doing so (correctly) without changing its name would have put it exactly where Puppet was looking for it. Some people try to use module as a synonym for file, but Puppet modules are structured collections of files containing class, resource, and data definitions, and arranged according to a standard directory structure. The definition doesn't need to be in its own module, but it should be in its own *file* within the module (which is what puppet-lint was telling you), and it should identify itself by its fully-qualified name. Anyone outside the module must reference it by that fully-qualified name. Classes and resources in the same module ought to be able to reference it by its name relative to the module, but they *should* reference it by its fully-qualified name, too. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/nDpeoYEXupkJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Have Class Only Perform Actions When There Is Work To Do (i.e. Making Them Idempotent)
If you're using this wget module https://github.com/liquidstate/puppet-wget/blob/master/manifests/init.pp It's set to not run so long as the destination is still there, so /tmp/Python-${version}.tgz needs to stick around. I'm not sure which archive module you're using, but as long as you have that require there, it should follow. On Friday, October 26, 2012 6:55:32 AM UTC-7, Dave Mankoff wrote: Howdy. I feel like I am missing something really simply with regards to the way that Puppet works and I am wondering if someone can point me in the write direction. I have written a class that downloads, uncompresses, compiles, and installs Python from source. So far so good. The problem is that it only needs to do this once, when Python is not already in place (or some other custom indicator of the Python version). I have my 3 calls to exec doing their checks just fine, but my calls to wget::fetch and archive::untar both fire during every apply. Specifically, archive::untar takes about 30 seconds to run and I'd prefer it if it only ran conditionally. What is the best way to make sure that this code: wget::fetch { python-${version}: source = http://python.org/ftp/python/${version}/Python-${version}.tgz;, destination = /tmp/Python-${version}.tgz, } archive::untar {/tmp/python-${version}: source = /tmp/Python-${version}.tgz, compression = 'gz', rootdir = Python-${version}, require = Wget::Fetch[python-${version}], } only runs when some condition is met? I can easily put a custom file in place to look for, but how do I make these commands dependent on its absence? I tried making such a file and subscribing to it, but these commands still ran each time. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/M1fFodRbPxkJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] defined types and enc
Moin, playing with puppet. I did some defined type creating lxc-application-containers. With that I could run a lot of virtualised applications on a host. I choose defined types to call them many times for a node. In my understanding classes will not be able to be called many times on a node. ('name-clashing'). Trying to get my configuration into an enc. I looks like you can't use defined types via enc. So I wonder if Im wrong? If not is there a trick to call a class many times for a node. (Maybe by manipulating the name?) Regards Erkan -- über den grenzen muß die freiheit wohl wolkenlos sein -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Have Class Only Perform Actions When There Is Work To Do (i.e. Making Them Idempotent)
Yeah, the wget seems to be working. The archive library I am using is: http://forge.puppetlabs.com/bobsh/archive It runs irrespective of whether or not wget actually fetches anything, however. At this point, it seems that the exec type is the only thing that can actually conditionally run (unless, onlyif, creates, etc). I created a bash script in my templates directory that contains the wget and tar commands. I now copy that bash script out and only conditionally run it, which seems to defeat the whole purpose. On Friday, October 26, 2012 12:30:19 PM UTC-4, Ellison Marks wrote: If you're using this wget module https://github.com/liquidstate/puppet-wget/blob/master/manifests/init.pp It's set to not run so long as the destination is still there, so /tmp/Python-${version}.tgz needs to stick around. I'm not sure which archive module you're using, but as long as you have that require there, it should follow. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/G1Vyp1_uO2YJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
RE: [Puppet Users] copy file from a host other than puppet-server
I think the best way I can explain this is to point you to the full recipe. https://github.com/Firebladee/Puppet/tree/master/modules/check_mk You will see in the init.pp file that it creates a file on the agent and then copies the file to the server. From: puppet-users@googlegroups.com [mailto:puppet-users@googlegroups.com] On Behalf Of iamauser Sent: 26 October 2012 16:54 To: puppet-users@googlegroups.com Subject: Re: [Puppet Users] copy file from a host other than puppet-server thanks for this. A bit confused with your answer : what do you mean *on bar* and *on foo*. Is it mean on the machine 'foo' or node 'foo' {blah...blah } on puppet-server ? I tried defining both for the corresponding nodes, but it does nothing. On Friday, October 26, 2012 4:53:28 PM UTC+2, Fireblade wrote: Yes you can use storedconfig's. Example of how I us them below. on bar @@file { $check_mk_location/conf.d/main/${hostname}.mk: ensure = file, content = template(check_mk/main.erb), tag = 'check_mk_remote' } on foo File | tag == 'check_mk_remote_parents' | http://projects.puppetlabs.com/projects/1/wiki/using_stored_configuration From: puppet...@googlegroups.comjavascript: [mailto:puppet...@googlegroups.comjavascript:] On Behalf Of iamauser Sent: 26 October 2012 14:43 To: puppet...@googlegroups.comjavascript: Subject: [Puppet Users] copy file from a host other than puppet-server Is there a way to copy files to one host (foo) from another (bar) in the same domain (mydom.orghttp://mydom.org), where neither of them is the puppet-server, but both of them have *puppetd* running ? I am looking for something similar to the *server* method in *cfengine copy* where one can provide a server name for the source file. Here is what I have tried and failed : node 'foo.mydom.orghttp://foo.mydom.org' inherits default { include foo_class::setup } foo_class::setup defined in the modules/foo_class/setup.pp in the puppet-server node. class foo_class::setup { file { etc_passwd_file : path = /etc/passwd, source = puppet://bar.mydom.org//${path_to_file}http://bar.mydom.org/$%7Bpath_to_file%7D, } } When running puppet --noop --server=puppet --no-daemonize --verbose --onetime I get error : . Could not evaluate: Could not retrieve information from environment production source(s) puppet://bar.mydom.org//${path_to_file}http://bar.mydom.org/$%7Bpath_to_file%7D at /etc/puppet/modules/foo_class/manifests/setup.pp -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/sKd6dE6Fq3gJ. To post to this group, send email to puppe...@googlegroups.comjavascript:. To unsubscribe from this group, send email to puppet-user...@googlegroups.comjavascript:. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. This email has been sent from Gala Coral Group Limited (GCG) or a subsidiary or associated company. GCG is registered in England with company number 07254686. Registered office address: 71 Queensway, London W2 4QH, United Kingdom; website: www.galacoral.comhttp://www.galacoral.com. This e-mail message (and any attachments) is confidential and may contain privileged and/or proprietorial information protected by legal rules. It is for use by the intended addressee only. If you believe you are not the intended recipient or that the sender is not authorised to send you the email, please return it to the sender (and please copy it to h...@galacoral.comjavascript:) and then delete it from your computer. You should not otherwise copy or disclose its contents to anyone. Except where this email is sent in the usual course of business, the views expressed are those of the sender and not necessarily ours. We reserve the right to monitor all emails sent to and from our businesses, to protect the businesses and to ensure compliance with internal policies. Emails are not secure and cannot be guaranteed to be error-free, as they can be intercepted, amended, lost or destroyed, and may contain viruses; anyone who communicates with us by email is taken to accept these risks. GCG accepts no liability for any loss or damage which may be caused by software viruses. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/yXAlnq2I7RQJ. To post to this group, send email to puppet-users@googlegroups.commailto:puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.commailto:puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at
Re: [Puppet Users] Accessing variable from a user defined resource in the same module
On Friday, October 26, 2012 7:33:00 AM UTC-5, Abhijeet Rastogi wrote: On Fri 26 Oct 2012 04:42:56 PM IST, Calvin Walton wrote: On Fri, 2012-10-26 at 13:16 +0530, Abhijeet R wrote: ---templates --t1.erb - I want to access value of $a and $b here. Using mname::config::$a is not working. I am using %= scope.lookupvar(mname::config::$a % to get the value. In templates, you don't use the $ character on variable names. If the template is being used directly in the mname::config type, you can do %= @a % (preferred) or %= a % Sorry about using $a in templates. I actually wrote it by mistake and I didn't use it in my actual templates. But, I have a requirement where I've to use the values of $a, $b in other classes. Thing is like, some resources that are defined in user-defined resource have to defined only once and are common of two or more instances for defined resource. So, I included that in a new class (Otherwise, multiple definition errors come). Now, this class needs to use the values passed to defined resource. (ie $a, $b). So, what should I do? This thing is works in 2.6 and 2.7.9 perfectly but it throws errors like For classes - warning: Dynamic lookup of $node_id at /etc/puppet/modules/ucarp/manifests/up_down_scripts.pp:3 is deprecated. Support will be removed in Puppet 2.8. Use a fully-qualified variable name (e.g., $classname::variable) or parameterized classes. That's a warning, not an error. Code that elicits such warnings works in Puppet 2.7 the same way it worked in Puppet 2.6. Nevertheless, you should fix the problem, and the message tells you how to do so. For template - warning: Dynamic lookup of $vip_addr_gw at /etc/puppet/modules/ucarp/templates/vip-up.erb:6 is deprecated. Support will be removed in Puppet 2.8. Use a fully-qualified variable name (e.g., $classname::variable) or parameterized classes. Again, that's a warning, not an error. If $vip_addr_gw is a local variable in the context from which the template is evaluated, a parameter of the class or definition that invokes template() or inline_template(), then it's also bogus. If I think of making a parametrised class instead of user-defined resource, I'll be not be able to use that because I need to use that class more than once for a node. (That is why I actually used user-defined resource). Class vs. defined type does not make a difference for issues of that kind. TLDR - Few resources of a defined resource are to be defined only once so are included in a class. How would that class be able to access the parameters passed to the user-defined resource? You can't, but you don't need to do it that way. At all. 1. Each class and definition should be in its own file 2. An object whose nature precludes being applied more than once should be a class, not a definition 3. Any class's variables (except class parameters in some versions of Puppet) can be accessed from anywhere in the manifest set by their fully-qualified names (i.e. $module::class::variable) That leaves you at least two options. If you convert the singleton definitions to classes, then you can access their variables via their fully-qualified names. If you want to leave them as definitions then you can store the needed values as variables of some class (as I think you said you did), and then read those class variables where you need them instead of trying to access the parameter values of the defined-type instance. Also, this defined class is using templates to generate configuration files and needs to access the parameters passed to defined resource. How should that be done? It shouldn't. The big picture, in case it was not apparent in the foregoing, is to pull the authoritative source of the needed values out of the definition to some place accessible to everyone who wants it. Common choices for such a place include variables of some class and external data (perhaps accessed via hiera). John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/J5PbZFhuVCsJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: serialized call for defines by naming them with array (ordering for the output )
On Friday, October 26, 2012 5:26:43 AM UTC-5, Dmitry Nilsen wrote: Hi.. I have following issue: If calling a define with an array as names, then it applyes defines in parallel way (which is logical by puppet structure) example: # define a function define func(){ exec{/bin/echo $name /tmp/file} } # call it func{[a,b,c,d]: } then my file would have an ordering like: # cat /tmp/file b a d c but how to do this in a serialized way? so, that, at the end, my file has an ordering structure exactly as an array, so: a b c d any idea? Its realy usefull for config files where the ordering of parameter does matter. Relative ordering of resources is achieved by declaring resource relationships. You can do that via the 'require' and 'before' resource metaparameters, or via the resource chaining operators, but there is no mechanism for creating relationships based on the order of array elements. You might be able to write a custom function that did that -- for instance, a create_relationships() function in the same spirit as the create_resources() built-in. Alternatively, you could surely do what you want by switching (that class) to Ruby DSL instead of Puppet DSL. I can't think of any other general-purpose approaches, but there might be additional alternatives for your particular problem. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/JC2hMyRuzU8J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Passing parameters to Class from Dashboard
Good day to all: I'm trying to use the browser's dashboard to pass a parameter variable to a simple class. class hello ( $file_name ) { file {/tmp/${file_name}: owner = 'ubuntu', group = 'ubuntu' } } But when I run the agent update I keep getting ubuntu@db:~$ sudo puppet agent --test info: Retrieving plugin info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/facter_dot_d.rb info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/puppet_vardir.rb info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/root_home.rb err: Could not retrieve catalog from remote server: Error 400 on SERVER: Must pass file_name to Class[Hello] at /etc/puppetlabs/puppet/modules/hello/manifests/init.pp:1 on node db.company.com Any ideas on what I'm doing wrong? Thanks in advance. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/qu732-TrJHMJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: OperatingSystem fact for Oracle Linux?
On Friday, October 26, 2012 4:19:25 AM UTC-5, Gavin Williams wrote: Morning all Not sure on the best place to raise this, so thought I'd start here... I'm starting to work with Puppet and Oracle Linux 6.1. Unfortunately I'm finding a lot of existing modules aren't working with OL 6.1, because they're coded to expect an operatingsystem fact of oel. However at OL 6, the operatingsystem fact is now OracleLinux. Any ideas on where this issue should go? When Oracle dropped the Enterprise from the name of its distribution, facter stopped recognizing it. The fix (submitted by Oracle, if I understand correctly) changes the value Facter reports for the operatingsystem fact for these versions, probably because the e in oel no longer applies. This change went into Facter 1.6.1. See http://projects.puppetlabs.com/issues/9178 and http://projects.puppetlabs.com/issues/10241 Atlhough the tickets don't show it, discussion elsewhere indicates that PL personnel were aware that the fact change would cause breakage such as you report. I suspect, but cannot confirm, that this was covered in the release notes. Any way around, the bottom line is that the change was intentional. With that being the case, the issue should be directed to the maintainers of affected modules. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/F14IqGjX9jAJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Passing parameters to Class from Dashboard
I just found the answer in another thread. In case somebody is looking to pass parameters from the dashboard to your classes you should reference those variables like this: $::foo instead of $foo which are local variables Hope it helps On Friday, October 26, 2012 10:28:11 AM UTC-6, Javier Alvarez Samayoa wrote: Good day to all: I'm trying to use the browser's dashboard to pass a parameter variable to a simple class. class hello ( $file_name ) { file {/tmp/${file_name}: owner = 'ubuntu', group = 'ubuntu' } } But when I run the agent update I keep getting ubuntu@db:~$ sudo puppet agent --test info: Retrieving plugin info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/facter_dot_d.rb info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/puppet_vardir.rb info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/root_home.rb err: Could not retrieve catalog from remote server: Error 400 on SERVER: Must pass file_name to Class[Hello] at /etc/puppetlabs/puppet/modules/hello/manifests/init.pp:1 on node db.company.com Any ideas on what I'm doing wrong? Thanks in advance. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/RoTsakEh9FkJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Have Class Only Perform Actions When There Is Work To Do (i.e. Making Them Idempotent)
Ah, right, my mistake, the require won't guarantee anything in this case, as the other command is successful, even if it does nothing. It's early... However, looking at that module it seems like it's trying to use refreshonly, but it doesn't look like it will be effective the way it's using it. You might try adding creates = $name, under the exec {$exec_name: resource in untar.pp. This would make it dependent on the name given to archive::untar, /tmp/python-${version} in this case. On Friday, October 26, 2012 9:35:45 AM UTC-7, Dave Mankoff wrote: Yeah, the wget seems to be working. The archive library I am using is: http://forge.puppetlabs.com/bobsh/archive It runs irrespective of whether or not wget actually fetches anything, however. At this point, it seems that the exec type is the only thing that can actually conditionally run (unless, onlyif, creates, etc). I created a bash script in my templates directory that contains the wget and tar commands. I now copy that bash script out and only conditionally run it, which seems to defeat the whole purpose. On Friday, October 26, 2012 12:30:19 PM UTC-4, Ellison Marks wrote: If you're using this wget module https://github.com/liquidstate/puppet-wget/blob/master/manifests/init.pp It's set to not run so long as the destination is still there, so /tmp/Python-${version}.tgz needs to stick around. I'm not sure which archive module you're using, but as long as you have that require there, it should follow. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/lRzdxzGX85MJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Managing network interfaces?
On Thursday, October 25, 2012 8:05:09 PM UTC-5, Brian Rak wrote: I've been using Puppet to manage network interfaces on our machines. To do this I've got a class very similar to http://forge.puppetlabs.com/razorsedge/network . I'm encountering some annoyances with this method of handling it: 1) Every interface I have has to have a unique alias number. This means that whenever I want to add a new IP alias I have to grep through my entire tree and find an unused number. This seems... less then optimal. Why are your interface definitions spread throughout your tree? 2) If I'm changing an interface (say from normal to bonded networking) I have to go and switch the interface definitions for everything on that machine. This also makes it difficult to have the same module used on multiple machines (as their networking config needs to match exactly). Why are you hardcoding interface names if it is important to be able to easily switch interfaces? 2a) This gets more annoying as some of our newer machines have network interfaces emX instead of ethX. This means that all the definitions need to be updated once again when we change hardware. Again, why are you hardcoding interface names? Has anyone encountered this and come up with a decent solution? I should note that I'm using CentOS, all the modules I can find on forge appear to be doing very similar things. I have not tackled the specific problem you describe, but I'm inclined to think it arises more from the organization of your modules and manifest set than from any behavior of Puppet itself, or from interface-management modules such as the one you referred to. I think you need a dose or two of indirection and maybe added structure in your manifests. Some of the kinds of things to consider are - declaring interfaces inside classes, then establishing relationships where needed to the containing class instead of to the resource itself - storing interface details in class variables and / or external data - extracting interface definitions to their own module to narrow your search space - keeping separate documentation of the interfaces in use on each system - overall, working to make your manifests as DRY as possible, so that you only need to make changes in one place If you presented example code then we might have more specific suggestions. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/CV2EP8gGryIJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] OperatingSystem fact for Oracle Linux?
On 10/26/2012 2:19 AM, Gavin Williams wrote: Morning all Not sure on the best place to raise this, so thought I'd start here... I'm starting to work with Puppet and Oracle Linux 6.1. Unfortunately I'm finding a lot of existing modules aren't working with OL 6.1, because they're coded to expect an operatingsystem fact of oel. However at OL 6, the operatingsystem fact is now OracleLinux. You may want to create pull requests for the modules referencing the tickets John mentioned and convert oel to a more inclusive regex. Or just make the changes locally to your repo. $file = $::operatingsystem ? { /(?i:oel|oraclelinux)/ = '/some/file', /(?i:debian|ubuntu)/ = '/some/other/file', default= '/file', } etc etc. Ramin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: The Future of Puppet Dashboard
I'm interested in owning it. I started porting to Rails 3 last week and have quite a few fixes to the create/update/query endpoints to return more consistent YAML and JSON responses. At my organization we will continue to use Puppet Dashboard until Puppet Labs' recommended replacement solution is baked. http://github.com/sodabrew/puppet-dashboard Cheers, Aaron On Wednesday, October 10, 2012 10:02:35 AM UTC-7, Nigel Kersten wrote: (This mail has been sent to puppet-users, but bcc’d to puppet-dev and puppet-announce to try and keep the conversation in one place.) Summary: * We are stopping investment in Dashboard * Most Dashboard functionality will be replaced by two new open source services * Some Dashboard functionality will be replaced by a proprietary application * The Dashboard will continue to be open source and we're happy to help people take over maintenance * If we don't get a new maintainer, we will announce a date to EOL Dashboard Details: If you’ve been following the development of Puppet Dashboard over the last year or so, you’ve almost certainly noticed that it hasn’t been getting much love from Puppet Labs. We’ve been thinking about this for a while, and we’ve decided that we’re not going to invest more in the Dashboard. It will get security patches and some minor improvements over the next few months, but we’re treating it as an evolutionary dead end. We were planning to have some code ready for the replacement services before making this announcement, but after questions at PuppetConf and after the recent Dashboard update, we’ve realized that being transparent is the right approach. We’re generally moving the Puppet platform in a direction that is more aligned with service-oriented-architecture, with standalone services for specific functionality that own their own data. Monolithic apps like the Dashboard that store a variety of data types don’t fit well into this world. You’ve seen the first moves of this with PuppetDB, where we have a standalone, open source service with great APIs that is dedicated to catalog and fact storage. The ENC functionality in the Dashboard will be replaced by an open source, standalone service. The report storage and basic report viewing functionality from Dashboard will become part of PuppetDB, and will be open source, just as the rest of PuppetDB is. Work has recently started on both of these projects. We will be working on data migration scripts from Dashboard to these new services. We will also be working on a new graphical application that provides an interface to these services, but one more focused on workflows and advanced use cases, and this application will be proprietary. This is the model Puppet Labs is looking to follow from now on. Open source services, with great APIs and simple GUIs just like PuppetDB, and proprietary graphical applications that are more opinionated in terms of workflows. We believe this is a simple line that brings a lot of clarity to the difference between our open source and proprietary applications. We’re still in the business of making Puppet a great open source platform, and that’s not going to change. We will not be creating any secret APIs that are just for use by Puppet Labs. We will be building our proprietary apps on exactly the same APIs as everyone else has available to them. We believe this keeps us honest in terms of keeping the open source platform strong and functional, as well as Puppet Labs being fair and equitable to the rest of the ecosystem compared to the applications we’re building a sustainable company around. We are not taking the Dashboard code base closed source. Even though it’s never really attracted a development community around it in the same way that Puppet and MCollective have, if there are people who are committed to its existence, we’re more than happy to help people take on the maintenance role. We do think that it ultimately will need to be completely rewritten to take advantage of the new ENC and PuppetDB report storage, and it needs a general update to a newer version of Rails, but just as with *any* other open source application that builds upon our platform, we will help anyone who wants to take this on. We don’t have firm dates for when the replacement services will be ready, but we expect their first releases to be out by the end of the year. Once both of these are ready, and we have migration scripts for your data, we’ll announce a complete end of life date for Dashboard unless we have replacement maintainers. Again, if you love Dashboard enough to want to maintain it, this is your chance. I encourage and expect public discussion about this topic, but if you wish to convey your thoughts privately, you can always contact myself or Luke at: Nigel, CTO email/jabber: ni...@puppetlabs.com javascript: IRC : nigelk Luke, CEO email:
Re: [Puppet Users] Have Class Only Perform Actions When There Is Work To Do (i.e. Making Them Idempotent)
In regard to: [Puppet Users] Have Class Only Perform Actions When There Is...: Howdy. I feel like I am missing something really simply with regards to the way that Puppet works and I am wondering if someone can point me in the write direction. I have written a class that downloads, uncompresses, compiles, and installs Python from source. So far so good. I would highly recommend you just package your custom python and install it using a package management system, rather than doing what you're doing. Depending on what host OS you're using, it's not too difficult, and it works a lot better with puppet *and* you get all the benefits of having the package installed through a more coherent means. The problem is that it only needs to do this once, when Python is not already in place (or some other custom indicator of the Python version). I have my 3 calls to exec doing their checks just fine, but my calls to wget::fetch and archive::untar both fire during every apply. Specifically, archive::untar takes about 30 seconds to run and I'd prefer it if it only ran conditionally. What is the best way to make sure that this code: wget::fetch { python-${version}: source = http://python.org/ftp/python/${version}/Python-${version}.tgz;, destination = /tmp/Python-${version}.tgz, } archive::untar {/tmp/python-${version}: source = /tmp/Python-${version}.tgz, compression = 'gz', rootdir = Python-${version}, require = Wget::Fetch[python-${version}], } As you're discovering, these kind of exec chains, where the first part of the chain involves temporary files, don't really fit into the puppet paradigm very well. About the best you can do is something like exec { '/usr/local/sbin/install-python-if-necessary.sh': source = 'http://your_module/install-python-if-necessary.sh', creates = '/your/python/lib/dir', } and then bury all the fetch/extract/configure/compile/install logic in the shell script, which puppet will make certain is always present on the system. It will only execute it if /your/python/lib/dir is not present. But if you're going to build fetch/extract/configure/compile/install logic into a shell script, you're probably 85% of the way to packaging the software appropriately anyway. Tim -- Tim Mooney tim.moo...@ndsu.edu Enterprise Computing Infrastructure 701-231-1076 (Voice) Room 242-J6, IACC Building 701-231-8541 (Fax) North Dakota State University, Fargo, ND 58105-5164 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Trouble adding a user to a group
On Thu, Oct 25, 2012 at 05:11:34PM -0700, Ben McCann wrote: Definitely seems like a bug. I added the Puppet Ubuntu repo and upgraded to puppet 3.0.1 and it works now. I'm not going to bother filing it since it seems like it's since been fixed. One question though: Do any of the groups you want to assign have the same gid? -Stefan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Launching a full screen app through puppet
Hi Lucas, On Fri, Oct 26, 2012 at 8:10 AM, Lucas Vickers lucasvick...@gmail.com wrote: Hello, I'm controlling 180 windows machines for an art project. I am using puppet to configure the machines, push out an app as a zip, unzip it, change permissions, then launch it. If you do not need LocalSystem permissions, then you could simply configure the puppet service to run as an unprivileged (domain or local) user: sc config puppet obj= username password= password and allow the service to interact with the desktop: sc config puppet type= interact Everything works perfectly, except the app is being launched in a hidden desktop due to windows security. This page describes some of the issues. http://msdn.microsoft.com/en-us/library/windows/desktop/ms684190(v=vs.85).aspx If the service opens a command window and runs a batch file, the user could hit CTRL+C to terminate the batch file and gain access to a command window with LocalSystem permissions. So privilege escalation. From what I'm told since puppet runs as a service it is not allowed to launch an app on the logged in desktop. I confirmed that when running the puppet agent manually the app launches correctly. It is possible to allow services running under LocalSystem to interact with the desktop in older versions of Windows. If you don't care about the security implications, you could investigate that, though I wouldn't recommend it. Alternatively, you could do something like this: http://chabster.blogspot.com/2008/01/run-as-interactive-user-from-service.html. Compile it and distribute it with your module. Josh -- Josh Cooper Developer, Puppet Labs -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Have Class Only Perform Actions When There Is Work To Do (i.e. Making Them Idempotent)
On Friday, October 26, 2012 2:31:56 PM UTC-4, Tim Mooney wrote: In regard to: [Puppet Users] Have Class Only Perform Actions When There Is...: I would highly recommend you just package your custom python and install it using a package management system, rather than doing what you're doing. Depending on what host OS you're using, it's not too difficult, and it works a lot better with puppet *and* you get all the benefits of having the package installed through a more coherent means. As you're discovering, these kind of exec chains, where the first part of the chain involves temporary files, don't really fit into the puppet paradigm very well. About the best you can do is something like exec { '/usr/local/sbin/install-python-if-necessary.sh': source = ' http://your_module/install-python-if-necessary.sh', creates = '/your/python/lib/dir', } and then bury all the fetch/extract/configure/compile/install logic in the shell script, which puppet will make certain is always present on the system. It will only execute it if /your/python/lib/dir is not present. But if you're going to build fetch/extract/configure/compile/install logic into a shell script, you're probably 85% of the way to packaging the software appropriately anyway. Interesting. It sounds like you're actually advocating _for_ the bash script approach. I wanted to avoid package management systems only because they are way more complicated than a basic install of python requires: wget python.tgz tar -xzvf python.tgz cd python ./configure --prefix=/install/path make make test make install I wanted to make (I have made?) a simple python class that accepts a python version number, downloads it, and runs those steps, irrespective of the base Linux flavor. I don't know much of anything about deb or rpm files other than that they are more complicated than that; and I don't want to have to package up and maintain several different python versions for several different package managers. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/mAWFxrBz_kYJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] OperatingSystem fact for Oracle Linux?
On Fri, Oct 26, 2012 at 02:19:25AM -0700, Gavin Williams wrote: Morning all Not sure on the best place to raise this, so thought I'd start here... I'm starting to work with Puppet and Oracle Linux 6.1. Unfortunately I'm finding a lot of existing modules aren't working with OL 6.1, because they're coded to expect an operatingsystem fact of oel. However at OL 6, the operatingsystem fact is now OracleLinux. Any ideas on where this issue should go? Cheers Gavin Do you mean core functionalities of puppet or modules from the forge or elsewhere from the net? If you think that there should not be a difference between OracleLinux, OVS and OEL (I don't even know what they stand for) you might comment on http://projects.puppetlabs.com/issues/9178 that introduced the OracleLinux fact or raise an issue. If there is a coretype that does not work for you also create a ticket on redmine. Most providers for example that will run on all RedHatish versions should not confine on operartingsystem but on osfamily. -Stefan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Accessing variable from a user defined resource in the same module
On Fri 26 Oct 2012 10:15:23 PM IST, jcbollinger wrote: On Friday, October 26, 2012 7:33:00 AM UTC-5, Abhijeet Rastogi wrote: That leaves you at least two options. If you convert the singleton definitions to classes, then you can access their variables via their fully-qualified names. If you want to leave them as definitions then you can store the needed values as variables of some class (as I think you said you did), and then read those class variables where you need them instead of trying to access the parameter values of the defined-type instance. How can save the values from defined resources to a variable of class? When I tried doing that, I got error like Cannot assign to variables in other namespaces at ... It shouldn't. The big picture, in case it was not apparent in the foregoing, is to pull the authoritative source of the needed values out of the definition to some place accessible to everyone who wants it. Common choices for such a place include variables of some class and external data (perhaps accessed via hiera). -- Cheers, Abhijeet R http://blog.abhijeetr.com -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: PuppetDB API permissions
On Friday, October 26, 2012 7:24:18 AM UTC-7, ak0ska wrote: Hello, Is it possible to control from which nodes is it allowed to execute commands like replace catalog and replace facts, and which nodes can only do queries (but no changes)? It seems like once someone could access the service through http or https (depending on jetty.ini settings) can do both. Unfortunately, this isn't currently possible, though it's certainly something we'd like to provide in the future. Currently the only restriction that can be made is a whitelist of certnames which are allowed to talk to the API, for both read and write alike. Until this is supported by PuppetDB itself, you could use a proxy to allow only certain routes. If we were to add this feature, would it be sufficient to just have no access, read access, and read/write access as categories, or would you need something more granular than that (for instance, can query metrics but not facts)? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/6rioj916zpAJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Have Class Only Perform Actions When There Is Work To Do (i.e. Making Them Idempotent)
On Fri, Oct 26, 2012 at 06:55:32AM -0700, Dave Mankoff wrote: Howdy. I feel like I am missing something really simply with regards to the way that Puppet works and I am wondering if someone can point me in the write direction. I have written a class that downloads, uncompresses, compiles, and installs Python from source. So far so good. The problem is that it only needs to do this once, when Python is not already in place (or some other custom indicator of the Python version). I have my 3 calls to exec doing their checks just fine, but my calls to wget::fetch and archive::untar both fire during every apply. Specifically, archive::untar takes about 30 seconds to run and I'd prefer it if it only ran conditionally. What is the best way to make sure that this code: wget::fetch { python-${version}: source = http://python.org/ftp/python/${version}/Python-${version}.tgz;, destination = /tmp/Python-${version}.tgz, } archive::untar {/tmp/python-${version}: source = /tmp/Python-${version}.tgz, compression = 'gz', rootdir = Python-${version}, require = Wget::Fetch[python-${version}], } only runs when some condition is met? I can easily put a custom file in place to look for, but how do I make these commands dependent on its absence? I tried making such a file and subscribing to it, but these commands still ran each time. You don't tell us how wget::fetch is implemented so I can only guess that there is an exec resource in there? The wget::fetch resource is *always* evaluated so you have to make sure that the exec resource inside does not do anything (the exec resource has a `creates` parameter you can point to a file. If this file is present the command specified by the `command´ parameter will not run). Is there a reason why you do not install python as a package or build a package your own? -Stefan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Trouble adding a user to a group
Nope, all groups have different gids. On Fri, Oct 26, 2012 at 11:34 AM, Stefan Schulte stefan.schu...@taunusstein.net wrote: On Thu, Oct 25, 2012 at 05:11:34PM -0700, Ben McCann wrote: Definitely seems like a bug. I added the Puppet Ubuntu repo and upgraded to puppet 3.0.1 and it works now. I'm not going to bother filing it since it seems like it's since been fixed. One question though: Do any of the groups you want to assign have the same gid? -Stefan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- about.me/benmccann -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Have Class Only Perform Actions When There Is Work To Do (i.e. Making Them Idempotent)
You don't tell us how wget::fetch is implemented so I can only guess that there is an exec resource in there? The wget::fetch resource is *always* evaluated so you have to make sure that the exec resource inside does not do anything (the exec resource has a `creates` parameter you can point to a file. If this file is present the command specified by the `command´ parameter will not run). The wget package is: http://forge.puppetlabs.com/maestrodev/wget The archive package is: http://forge.puppetlabs.com/bobsh/archive Is there a reason why you do not install python as a package or build a package your own? I wanted a python class where I could declare the version I wanted and have it download and make-d. Most the package management systems I've seen come with 2.6 (or older!) by default. I didn't want to create my own package for reasons I listed in another email: extra complication (python is really easy to make from source) and extra maintenance (would have to maintain different python versions for every package management system I wanted to support). I really just wanted to create a simple puppet script to download and install python in a consistent fashion on whatever system I happened to be setting up. -dave -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Have Class Only Perform Actions When There Is Work To Do (i.e. Making Them Idempotent)
In regard to: Re: [Puppet Users] Have Class Only Perform Actions When There...: On Friday, October 26, 2012 2:31:56 PM UTC-4, Tim Mooney wrote: In regard to: [Puppet Users] Have Class Only Perform Actions When There Is...: I would highly recommend you just package your custom python and install it using a package management system, rather than doing what you're doing. Depending on what host OS you're using, it's not too difficult, and it works a lot better with puppet *and* you get all the benefits of having the package installed through a more coherent means. As you're discovering, these kind of exec chains, where the first part of the chain involves temporary files, don't really fit into the puppet paradigm very well. About the best you can do is something like exec { '/usr/local/sbin/install-python-if-necessary.sh': source = ' http://your_module/install-python-if-necessary.sh', creates = '/your/python/lib/dir', } and then bury all the fetch/extract/configure/compile/install logic in the shell script, which puppet will make certain is always present on the system. It will only execute it if /your/python/lib/dir is not present. But if you're going to build fetch/extract/configure/compile/install logic into a shell script, you're probably 85% of the way to packaging the software appropriately anyway. Interesting. It sounds like you're actually advocating _for_ the bash script approach. Absolutely not. I think the package management system is definitely the way to go. If you're bound and determined to not do it that way, and you want to avoid having the pre-cursor exec's fire in your fetch/extract/compile chain, then the shell script is really your best option. Otherwise, the wget fetch will fire any time that /tmp/Python-${version}.tgz is not present. That won't be present if your /tmp cleaner gets rid of it. Ditto for the extract step. I'm assuming that none of these systems are multi-user systems, where you might have less-than-trustworthy people with local access on the system. If that's not the case, I definitely wouldn't be having the first step of a multi-exec chain depend on a file in /tmp. I wanted to avoid package management systems only because they are way more complicated than a basic install of python requires: wget python.tgz tar -xzvf python.tgz cd python ./configure --prefix=/install/path make make test make install I wanted to make (I have made?) a simple python class that accepts a python version number, downloads it, and runs those steps, irrespective of the base Linux flavor. I don't know much of anything about deb or rpm files other than that they are more complicated than that; and I don't want to have to package up and maintain several different python versions for several different package managers. You don't have to create your package from whole cloth, though. You download the source format for the package management system, extract the recipe file, make a couple of changes for your local install, and then build the package. In the case of an RPM, that means starting with the source RPM (.srpm) for the python that comes from your CentOS/RHEL/RHEL-derived vendor. You would extract the spec file (the recipe), tweak the %_prefix, the Version, and probably not much else. If you're still against packaging it, there's external repos you might consider, to get packages that someone else has created. That might not meet your needs, though. Ultimately, use puppet however it works best for your organization. Just be advised that some things fit better into the puppet paradigm than others. Tim -- Tim Mooney tim.moo...@ndsu.edu Enterprise Computing Infrastructure 701-231-1076 (Voice) Room 242-J6, IACC Building 701-231-8541 (Fax) North Dakota State University, Fargo, ND 58105-5164 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: defined types and enc
On Friday, October 26, 2012 11:32:36 AM UTC-5, erkules wrote: Moin, playing with puppet. I did some defined type creating lxc-application-containers. With that I could run a lot of virtualised applications on a host. I choose defined types to call them many times for a node. In my understanding classes will not be able to be called many times on a node. ('name-clashing'). That's sort-of true, but it misses the key point. Classes represent configurations features with singleton nature -- if managed at all then they are either present/on or absent/off. Thus, although there are ways to declare the same class more than once, but they do not permit you to use different sets of parameters, and they have no additional implications for the target node's configuration beyond what declaring that class once would have. In any case, supposing that you want to be able to declare containers for multiple different applications on the same node, you cannot model them all via a single class (though you can model a particular collection of them with a class). Trying to get my configuration into an enc. I looks like you can't use defined types via enc. So I wonder if Im wrong? You are correct that an ENC cannot declare instances of a defined type, nor of any other resource type for that matter. It can declare only classes and global variables. If not is there a trick to call a class many times for a node. (Maybe by manipulating the name?) You can create classes with different names but similar content, or you can use one class that wraps all the resources you want. For example, class mymodule::lxc_application_containers { mymodule::lxc_application_container { 'container1: application = 'Awesomeness1.1' # other parameters } mymodule::lxc_application_container { 'container2: application = 'Moneymaker3.2' # other parameters } # other containers ... } Supposing that the point is to select a subset of the available applications for each target node, using the one-class approach, you can do that via global variables (yuck), class parameters (meh), or data from an external source (best bet). On the other hand, don't discard the idea of different classes too lightly. In many cases it makes a lot of sense. In particular, it may relieve pressure on your defined type to be sufficiently flexible to do everything needed for any application you might ever want to use. Having a separate class for each module could make it a lot easier to deal with the special needs of each application. Note also that names in Puppet should not contain the hyphen (-). It may happen to work in some versions of Puppet, but it is not supported, and some uses definitely will fail in various Puppet versions. This applies most to variable names, including parameter names, but also to class, module, and definition names. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/sGIe97g0JsEJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Accessing variable from a user defined resource in the same module
On Friday, October 26, 2012 1:54:23 PM UTC-5, Abhijeet Rastogi wrote: On Fri 26 Oct 2012 10:15:23 PM IST, jcbollinger wrote: On Friday, October 26, 2012 7:33:00 AM UTC-5, Abhijeet Rastogi wrote: That leaves you at least two options. If you convert the singleton definitions to classes, then you can access their variables via their fully-qualified names. If you want to leave them as definitions then you can store the needed values as variables of some class (as I think you said you did), and then read those class variables where you need them instead of trying to access the parameter values of the defined-type instance. How can save the values from defined resources to a variable of class? When I tried doing that, I got error like Cannot assign to variables in other namespaces at ... You misunderstand. A defined type cannot set class variables, nor can one class set a different class's variables. Class variables must be set by the class to which they belong. Thereafter, their values can be referenced by anything, and in particular by your defined type. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/9bCYHGbDX2AJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Managing network interfaces?
On Thu, Oct 25, 2012 at 6:05 PM, Brian Rak d...@devicenull.org wrote: I've been using Puppet to manage network interfaces on our machines. To do this I've got a class very similar to http://forge.puppetlabs.com/razorsedge/network . I'm encountering some annoyances with this method of handling it: 1) Every interface I have has to have a unique alias number. This means that whenever I want to add a new IP alias I have to grep through my entire tree and find an unused number. This seems... less then optimal. Is this with respect to having to have eth0:0/eth0:1 for each IP address you want to assign to a single interface? I have my own network_config type at http://forge.puppetlabs.com/adrien/network that might be able to ease some of those problems, depending on what your exact problem is. 2) If I'm changing an interface (say from normal to bonded networking) I have to go and switch the interface definitions for everything on that machine. This also makes it difficult to have the same module used on multiple machines (as their networking config needs to match exactly). Is this with respect to bonding eth0 and eth1 and having to reassign the IP addresses? 2a) This gets more annoying as some of our newer machines have network interfaces emX instead of ethX. This means that all the definitions need to be updated once again when we change hardware. Yeah, this is an annoyance. The solution for this will probably mean adding udev rules to sort this out so that eth0 will always be associated with a certain device regardless of how the distro wants to name things. Has anyone encountered this and come up with a decent solution? I should note that I'm using CentOS, all the modules I can find on forge appear to be doing very similar things. If you are having trouble managing what interfaces get what configs on a wide base, have you considered storing the data in hiera and then pulling that out when generating interfaces? I've done that with our linode boxes; I drop all of the configuration for private addresses into hiera and if a machine has an address available, it assigns itself that from the hiera lookup. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/IPtvRTAwRWgJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Adrien Thebo | Puppet Labs Operations -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Upgrading from PuppetMaster 2.7 to 3.0 breaks the Console dashboard and foreman
I am running RHEL 6 64bit using the puppetlabs yum repositories. I have it configured to run the Puppet Console against port 3000 and The Foreman against port 3030 using passenger. When I installed the upgrade to puppetmaster 3.0, both the Puppet Cosole stopped working and rails/passenger broke for The Foreman. Has anyone else seen this and if so, how have you fixed it? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/uPDTPLa78XkJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] multiple puppetmasters, 1 as the CA. Using passenger and mod_proxy
We don't run that configuration on Corp Puppet servers; we change ca_server. You may have better luck if you ask on puppet-users. https://groups.google.com/forum/?fromgroups#!forum/puppet-users Thanks, Jason On Fri, Oct 26, 2012 at 1:06 PM, ryan wallner wallnerr...@gmail.com wrote: HI all, I am currently setting up a HA devops configuration using puppet. I want to be able to run a single puppet master as the CA and the rest act as peering puppet masters. I have each puppet master running on passenger and I am proxying the SSL requests to the CA server following: http://docs.puppetlabs.com/guides/scaling_multiple_masters.html#option-2-redirect-certificate-traffic http://docs.puppetlabs.com/guides/passenger.html as a reference. Watching the access.log on each master, when an agent requests a cert from a puppetmaster that is not the CA, I can see the request forwarded: (below) .4 is the agent .3 us the master proxying the request puppetca is the acting CA for all masters Here is the what logs in access.log for the puppetmaster that is NOT the CA. ubuntu-pupmaster1:8140 192.168.192.4 - - [26/Oct/2012:15:32:36 -0400] GET /production/certificate/agent-hostname? HTTP/1.1 200 2245 - - Here is what logs in the master which IS the CA puppetca:8140 192.168.192.3 - - [26/Oct/2012:15:32:33 -0400] GET / 400 588 - - Here is what I am receiving on the Agents end. warning: peer certificate won't be verified in this SSL session err: Could not request certificate: No content type in http response; cannot parse Attached are the config files for the vhost for the masters, labeled CA and NONCA. Also attached are the config.ru for the rack app and httpd.conf whre the proxy balancer is specified. Any help is appreciated. I just started debugging but feedback is appreciated if anyone has ideas. -r -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/7ws4VMcUxE8J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Life was better when sun4m mattered. -Thom -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: defined types and enc
On Fri, Oct 26, 2012 at 12:24:52PM -0700, jcbollinger wrote: [snip] If not is there a trick to call a class many times for a node. (Maybe by manipulating the name?) You can create classes with different names but similar content, or you can use one class that wraps all the resources you want. For example, class mymodule::lxc_application_containers { mymodule::lxc_application_container { 'container1: application = 'Awesomeness1.1' # other parameters } mymodule::lxc_application_container { 'container2: application = 'Moneymaker3.2' # other parameters } # other containers ... } Ok my defined types in a class. How would that look like in a yaml-output? Supposing that the point is to select a subset of the available applications for each target node, using the one-class approach, you can do that via global variables (yuck), class parameters (meh), or data from an external source (best bet). Hmm, right now it is the same application running multiple times. On the other hand, don't discard the idea of different classes too lightly. In many cases it makes a lot of sense. In particular, it may relieve pressure on your defined type to be sufficiently flexible to do everything needed for any application you might ever want to use. Having a separate class for each module could make it a lot easier to deal with the special needs of each application. Right, in my case it is (for now) the same application. Having for every application a different name would no be that dynamic I would suggest/hope it to be. As the differ in IP and some dirs only. So this would suggest to write a class for every application I want to run then? [snip/thx] Regards Erkan -- über den grenzen muß die freiheit wohl wolkenlos sein -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Have Class Only Perform Actions When There Is Work To Do (i.e. Making Them Idempotent)
I would highly recommend you just package your custom python and install it using a package management system, rather than doing what you're doing. In this case you really ought to consider packaging, but there's always *something* that doesn't work that way for whatever reason (badly-wrapped vendor software is a favorite here). IMHO a tarball installer is a necessary evil in certain situations. It'll probably take a bit of tweaking to get it working in your environment , but this works well for me. # Define: packages::tar::install # # This define installs tar-based packages, including making sure they're # only installed once and performing cleanup after the installation. # # Sample Usage: # packages::tar::install { 'vmware-solaris-tools': # package = 'vmware-solaris-tools-381511.tar.gz', # name of tarball # repo = 'http://hostname/path', # ftp or http path minus filename # dir = 'vmware-tools-distrib', # top-level directory in the tarball # installer = 'vmware-install.pl', # name of install script # options = '-d', # options to pass to install script # tmpdir= '/opt/tmp', # dir to extract tarball into # } define packages::tar::install($repo,$package,$dir,$installer,$options,$tmpdir='/var/tmp', $timeout='600',$dotdir='/opt/puppet/libexec'){ exec { wget -O $tmpdir/$package $repo/$package: unless = /usr/bin/test -f ${dotdir}/.${package}, path= [/opt/csw/bin,/usr/bin], alias = wget_${package}, require = File[$tmpdir], } exec { gunzip -c $tmpdir/$package | tar xf - : unless = /usr/bin/test -f ${dotdir}/.${package}, path= [/bin,/usr/bin,/usr/sbin], alias = untar_${package}, cwd = $tmpdir, require = Exec[wget_${package}], } exec { $tmpdir/$dir/$installer $options: unless = /usr/bin/test -f ${dotdir}/.${package}, cwd = $tmpdir/$dir, alias = install_${package}, timeout = $timeout, require = Exec[untar_${package}], } exec { touch ${dotdir}/.${package}: path= [/bin,/usr/bin], unless = /usr/bin/test -f ${dotdir}/.${package}, alias = ${package}_dotfile, require = Exec[install_${package}], } exec { rm -rf $tmpdir/$dir: path= [/bin,/usr/bin], onlyif = /usr/bin/test -d $tmpdir/$dir, cwd = $tmpdir, alias = rm_${dir}, require = Exec[install_${package}], } exec { rm -f $tmpdir/$package: path= [/bin,/usr/bin], onlyif = /usr/bin/test -f $tmpdir/$package, cwd= $tmpdir, alias = rm_${package}, require = Exec[install_${package}], } } -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Upgrading from PuppetMaster 2.7 to 3.0 breaks the Console dashboard and foreman
For dashboard, the rack config.ru file changed. If you don't update it, dashboard breaks. Not sure about foreman, don't use it myself, though I've heard that it's not updated for puppet 3 yet. On Friday, October 26, 2012 12:15:44 PM UTC-7, MasterPO wrote: I am running RHEL 6 64bit using the puppetlabs yum repositories. I have it configured to run the Puppet Console against port 3000 and The Foreman against port 3030 using passenger. When I installed the upgrade to puppetmaster 3.0, both the Puppet Cosole stopped working and rails/passenger broke for The Foreman. Has anyone else seen this and if so, how have you fixed it? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/kJrmpHmdMy8J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] What is the @ used for?
Hi, On Oct 26, 2012, at 11:58 AM, jcbollinger wrote: On Thursday, October 25, 2012 7:40:50 PM UTC-5, Ben McCann wrote: See http://docs.puppetlabs.com/guides/virtual_resources.html On Thursday, October 25, 2012 5:01:45 PM UTC-7, Dave Alden wrote: Hi, Sorry to be dense, but I've recently switched over to use the puppet labs apache module, but I was having trouble with the firewall not getting updated. It turns out that the @ in front of the firewall line seems to be keeping it from running. As soon as I removed it, my firewall got updated. So what does the @ do? …dave Do read the docs on virtual resources to which Ben directed you. They should answer the question you posed. With respect to some of the questions you did not pose: Changing a resource from virtual to concrete is probably not the best solution, and it may not even be a correct solution, depending on the module implementation details and your own configuration needs. Do read whatever module documentation there is; it should cover questions regarding which of its classes and resources are intended to be used directly by your own classes, and how, and which are intended for internal use only. In particular, if the firewall resource you are talking about is intended to be accessed by outside classes and resources, then the docs ought to instruct you to realize it via the 'realize' function or a resource collection. You probably should not make it concrete (by removing the '@'), certainly not if you don't understand what you're doing. I think the issue is that it shouldn't be a virtual resource -- there's already a parameter in the class for defining whether or not you want the firewall to be modified -- why should you have to set the parameter (although it does currently default to true) and realize the resource? I've found Bug #16435 which directly addresses this and I've reopened it with my concerns. :-) Thanks for all of the thought-provoking discussion and explanation of virtual resources. …dave -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet 3.0 rspec and custom resources
Hrmmm. Is there a small rspec example you could post that reproduces this issue? I'd love to try and reproduce it since there's definitely a possibility that a change between Puppet 2.7 and 3.0 is responsible for this issue. -Jeff On Fri, Oct 26, 2012 at 8:01 AM, Nathan Huff nathan.ri.h...@gmail.com wrote: I am trying to figure out if I am missing something simple here. After upgrading to puppet 3.0 running puppet-rspec tests that use custom resources from modules in the fixtures directory are failing. I have a module that uses the anchor type and with 2.7.19 it works fine. After upgrading to 3.0 all of the tests are failing with Puppet::Error: Puppet::Parser::AST::Resource failed with error ArgumentError: Invalid resource type anchor at /home/nrhuff/repos/puppet-os/spec/fixtures/modules/os/manifests/init.pp:2 on node enyo.localhost The debug output is Debug: importing '/home/nrhuff/repos/puppet-os/spec/fixtures/manifests/site.pp' in environment production Debug: importing '/home/nrhuff/repos/puppet-os/spec/fixtures/modules/stdlib/manifests/init.pp' in environment production Debug: Automatically imported stdlib from stdlib into production Debug: importing '/home/nrhuff/repos/puppet-os/spec/fixtures/modules/stdlib/manifests/stages.pp' in environment production Debug: Automatically imported stdlib::stages from stdlib/stages into production Debug: importing '/home/nrhuff/repos/puppet-os/spec/fixtures/modules/os/manifests/init.pp' in environment production Debug: Automatically imported os from os into production Error: Puppet::Parser::AST::Resource failed with error ArgumentError: Invalid resource type anchor at /home/nrhuff/repos/puppet-os/spec/fixtures/modules/os/manifests/init.pp:2 on node enyo.localhost /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/resource.rb:218:in `initialize' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/resource.rb:120:in `initialize' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast/resource.rb:44:in `new' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast/resource.rb:44:in `evaluate' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/util/errors.rb:35:in `exceptwrap' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast/resource.rb:43:in `evaluate' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast/resource.rb:42:in `collect' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast/resource.rb:42:in `evaluate' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/module.rb:283:in `collect' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast/branch.rb:16:in `each' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast/branch.rb:15:in `each' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast/resource.rb:25:in `collect' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast/resource.rb:25:in `evaluate' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast.rb:62:in `safeevaluate' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast/astarray.rb:25:in `evaluate' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast/astarray.rb:20:in `each' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast/astarray.rb:20:in `evaluate' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast.rb:62:in `safeevaluate' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/resource/type.rb:136:in `evaluate_code' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/resource.rb:81:in `evaluate' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/compiler.rb :165:in `evaluate_classes' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/compiler.rb:150:in `each' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/compiler.rb:150:in `evaluate_classes' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/functions/include.rb:11:in `real_function_include' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/functions.rb:63:in `send' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/functions.rb:63:in `function_include' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast/function.rb:31:in `send' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast/function.rb:31:in `evaluate' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast.rb:62:in `safeevaluate'
Re: [Puppet Users] Puppet 3.0 rspec and custom resources
Jeff, During those failing rspecs I have (the stdlib functions) I also see anchor failures so they are probably related to the same bug as this email! On Fri, Oct 26, 2012 at 6:33 PM, Jeff McCune j...@puppetlabs.com wrote: Hrmmm. Is there a small rspec example you could post that reproduces this issue? I'd love to try and reproduce it since there's definitely a possibility that a change between Puppet 2.7 and 3.0 is responsible for this issue. -Jeff On Fri, Oct 26, 2012 at 8:01 AM, Nathan Huff nathan.ri.h...@gmail.com wrote: I am trying to figure out if I am missing something simple here. After upgrading to puppet 3.0 running puppet-rspec tests that use custom resources from modules in the fixtures directory are failing. I have a module that uses the anchor type and with 2.7.19 it works fine. After upgrading to 3.0 all of the tests are failing with Puppet::Error: Puppet::Parser::AST::Resource failed with error ArgumentError: Invalid resource type anchor at /home/nrhuff/repos/puppet-os/spec/fixtures/modules/os/manifests/init.pp:2 on node enyo.localhost The debug output is Debug: importing '/home/nrhuff/repos/puppet-os/spec/fixtures/manifests/site.pp' in environment production Debug: importing '/home/nrhuff/repos/puppet-os/spec/fixtures/modules/stdlib/manifests/init.pp' in environment production Debug: Automatically imported stdlib from stdlib into production Debug: importing '/home/nrhuff/repos/puppet-os/spec/fixtures/modules/stdlib/manifests/stages.pp' in environment production Debug: Automatically imported stdlib::stages from stdlib/stages into production Debug: importing '/home/nrhuff/repos/puppet-os/spec/fixtures/modules/os/manifests/init.pp' in environment production Debug: Automatically imported os from os into production Error: Puppet::Parser::AST::Resource failed with error ArgumentError: Invalid resource type anchor at /home/nrhuff/repos/puppet-os/spec/fixtures/modules/os/manifests/init.pp:2 on node enyo.localhost /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/resource.rb:218:in `initialize' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/resource.rb:120:in `initialize' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast/resource.rb:44:in `new' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast/resource.rb:44:in `evaluate' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/util/errors.rb:35:in `exceptwrap' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast/resource.rb:43:in `evaluate' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast/resource.rb:42:in `collect' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast/resource.rb:42:in `evaluate' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/module.rb:283:in `collect' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast/branch.rb:16:in `each' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast/branch.rb:15:in `each' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast/resource.rb:25:in `collect' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast/resource.rb:25:in `evaluate' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast.rb:62:in `safeevaluate' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast/astarray.rb:25:in `evaluate' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast/astarray.rb:20:in `each' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast/astarray.rb:20:in `evaluate' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast.rb:62:in `safeevaluate' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/resource/type.rb:136:in `evaluate_code' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/resource.rb:81:in `evaluate' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/compiler.rb :165:in `evaluate_classes' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/compiler.rb:150:in `each' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/compiler.rb:150:in `evaluate_classes' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/functions/include.rb:11:in `real_function_include' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/functions.rb:63:in `send' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/functions.rb:63:in `function_include' /home/nrhuff/.rvm/gems/ruby-1.8.7-p358/gems/puppet-3.0.1/lib/puppet/parser/ast/function.rb:31:in `send'
Re: [Puppet Users] OperatingSystem fact for Oracle Linux?
On Fri, Oct 26, 2012 at 10:36 AM, Ramin K ramin-l...@badapple.net wrote: On 10/26/2012 2:19 AM, Gavin Williams wrote: Morning all Not sure on the best place to raise this, so thought I'd start here... I'm starting to work with Puppet and Oracle Linux 6.1. Unfortunately I'm finding a lot of existing modules aren't working with OL 6.1, because they're coded to expect an operatingsystem fact of oel. However at OL 6, the operatingsystem fact is now OracleLinux. You may want to create pull requests for the modules referencing the tickets John mentioned and convert oel to a more inclusive regex. Or just make the changes locally to your repo. $file = $::operatingsystem ? { /(?i:oel|oraclelinux)/ = '/some/file', /(?i:debian|ubuntu)/ = '/some/other/file', default= '/file', } I recommend using $::osfamily which will return RedHat. etc etc. Ramin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: OperatingSystem fact for Oracle Linux?
Hi, OL = Oracle Linux OVS = is the server component of Oracle VM for x86. Think the server that makes up a cluster for virtualization. OEL = The old name for Oracle Linux. The Enterprise is no longer part of the name so its just OL. my /etc/oracle-release has only this line of txt: Oracle Linux Server release 6.3 I hope that helps a little bit. I don't use puppet so I just wanted to comment to clear some confusion. Bryan On Friday, October 26, 2012 5:19:25 AM UTC-4, Gavin Williams wrote: Morning all Not sure on the best place to raise this, so thought I'd start here... I'm starting to work with Puppet and Oracle Linux 6.1. Unfortunately I'm finding a lot of existing modules aren't working with OL 6.1, because they're coded to expect an operatingsystem fact of oel. However at OL 6, the operatingsystem fact is now OracleLinux. Any ideas on where this issue should go? Cheers Gavin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/R2nNF5YNQssJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.