Re: [Puppet Users] puppetlabs-lvm and --guess-fstype
Hi, I just came across this problem due to an upgrade of util-linux-ng on RHEL6 this morning :( I have not seen any github PR related to this problem on puppetlabs-lvm module so I will propose a patch (if it works) to replace mount -f --guest-fstype /dev/... by file -sL /dev/... Cheers, Mathieu On 11/21/2012 04:54 PM, C R Ritson wrote: I'm testing a fedora 17 deployment and am using puppet 2.7.x and puppetlabs-lvm-0.1.1. I have a problem in that a filesystem in a logical volume is continually trying to get itself created even though it already exists and is mounted. It looks as if this might be because there is no longer a --guess-fstype option in the mount command which the lvm module attempts to use. I'm not sure how to solve this. Chris Ritson (Computing Officer and School Safety Officer) Room 707, Claremont Tower,EMAIL: c.r.rit...@ncl.ac.uk School of Computing Science, PHONE: +44 191 222 8175 Newcastle University, FAX : +44 191 222 8232 Newcastle upon Tyne, UK NE1 7RU. WEB : http://www.cs.ncl.ac.uk/ -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] How to apply condition such that jdk doesnt download if its already downloaded in the code given
We just download the RPMs and place them in a custom repository. That way we don't mess with the exec stuff or anything. Is there any reason you don't use the RPMs - Original Message - | Hi all, | Can u pls provide me the solution for this | class main { | $software = /app/tcs/puppetdemo/software | $server = /app/tcs/puppetdemo/server | exec{download_jdk: | command =/usr/bin/wget $URL, | cwd =$software, | } | exec {untar_jdk: | command = /bin/tar -C /app/tcs/puppetdemo/server/ -zxf | /app/tcs/puppetdemo/software/jdk1.6.0_24.tar.gz, | cwd = $server, | } | Exec['download_jdk'] - Exec['untar_jdk'] | } | -- | You received this message because you are subscribed to the Google | Groups Puppet Users group. | To unsubscribe from this group and stop receiving emails from it, | send an email to puppet-users+unsubscr...@googlegroups.com. | To post to this group, send email to puppet-users@googlegroups.com. | Visit this group at http://groups.google.com/group/puppet-users?hl=en | . | For more options, visit https://groups.google.com/groups/opt_out . -- James A. Peltier Manager, IT Services - Research Computing Group Simon Fraser University - Burnaby Campus Phone : 778-782-6573 Fax : 778-782-3045 E-Mail : jpelt...@sfu.ca Website : http://www.sfu.ca/itservices “A successful person is one who can lay a solid foundation from the bricks others have thrown at them.” -David Brinkley via Luke Shaw -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: .erb templates are not properly parsed.
Dear John, Thanks a lot for your response. I found where was the problem and I have it working. The solituion consist in always declare shorewall as the last class and you can write erb template as my first example and will work. I wanted to thank you for all you help and time. So finally my conclusion is that when you declase a node, includes order matters. El martes, 19 de febrero de 2013 17:48:27 UTC+1, jcbollinger escribió: On Tuesday, February 19, 2013 10:21:47 AM UTC-6, jcbollinger wrote: The most essential part of my suggestion was that the include firewall be parsed *after* include $service_modules. The example code achieves that by putting the former after the latter in the same node block. Putting the two in different node blocks, with the latter's inheriting from the former's, on the other hand, ensures the opposite (i.e. wrong) parse order. Hmm. My recollection of what was going on here was faulty, and in fact that was not the essential point at all. Indeed, the whole idea was that class declaration order could be made to not matter. As a corollary, how class declarations are split among node blocks in a node inheritance chain can be made not to matter either. If something like my suggestion worked when all the classes were declared in the same node block, but not when they were split up as described, then I would guess that you omitted the declaration of the $service_modules variable in your 'firewall' class. If you then declare that class in a node block where a variable of the same name has been declared (including in a base node), then the class will draw on the node variable. Otherwise, the value is empty. Note in particular that declaring a class in the base node and setting a variable in a child node does not make the variable visible to that class. Node inheritance does not inject the inheriting node's variables into the scope of the inherited node. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] autometically create nagios_hostgroup only when a member of a group comes up
If it's an acceptable compromise, you could do this: @@my_nagios_host { host1: hostrgoup = cloud-app, ... } @@my_nagios_host { host2: hostrgoup = cloud-app, ... } define my_nagios_host($hostgroup, ...) { nagios_host { $name: ... } realize(Nagios_hostgroup[$hostgroup]) } All your hostgroups must be declared in the nagios host manifest like @nagios_hostgroup { 'cloud-app': alias = Application Servers, } HTH, Felix On 02/20/2013 02:27 AM, Sans wrote: @@nagios_hostgroup { 'cloud-app': alias = Application Servers, } -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] puppetlabs-lvm and --guess-fstype
Logged a bug: http://projects.puppetlabs.com/issues/19410 On Friday, 22 February 2013 09:47:33 UTC, Mathieu Bornoz wrote: Hi, I just came across this problem due to an upgrade of util-linux-ng on RHEL6 this morning :( I have not seen any github PR related to this problem on puppetlabs-lvm module so I will propose a patch (if it works) to replace mount -f --guest-fstype /dev/... by file -sL /dev/... Cheers, Mathieu On 11/21/2012 04:54 PM, C R Ritson wrote: I'm testing a fedora 17 deployment and am using puppet 2.7.x and puppetlabs-lvm-0.1.1. I have a problem in that a filesystem in a logical volume is continually trying to get itself created even though it already exists and is mounted. It looks as if this might be because there is no longer a --guess-fstype option in the mount command which the lvm module attempts to use. I'm not sure how to solve this. Chris Ritson (Computing Officer and School Safety Officer) Room 707, Claremont Tower,EMAIL: c.r.r...@ncl.ac.ukjavascript: School of Computing Science, PHONE: +44 191 222 8175 Newcastle University, FAX : +44 191 222 8232 Newcastle upon Tyne, UK NE1 7RU. WEB : http://www.cs.ncl.ac.uk/ -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Can someone provide more clarity on Puppi
Hello Alessandro, Thank you very much for your quick reply, now it is bit more clear to me and I will start implementing Puppi today. One more quick question :-) I need to deploy two 'war' files to the same server, which means same 'deploy_root' but two 'war' files and I don't think I can use two 'source' two times. Any suggestions will be much appreciated. Thanks Regards, Krishna Murthy On Friday, 22 February 2013 05:20:13 UTC, Alessandro Franceschi wrote: Hi Krishna, the execution of a puppi deploy myapp is not done generally via Puppet (Puppet creates the environment that allows you to make a deploy with a puppi deploy command, you can also trigger a puppi deploy myapp execution via Puppet but that's not common if not for first time setup ) and can be done in various ways: - Directly from an host, typing as root: puppi deploy myapp - Doing the same via a cron job (puppi can check if the artifacts to deploy have changes) - Via Jenkins or similar, typically doing a ssh connection with an unprivileged user tha can so sudo puppi deploy myapp - Via Mcollective, using the puppi plugin. - Via whatever type of more or less centralized orchestration/scheduling tool that can execute a remote command To decide which war (or whatever artifact) deploy on which node, just consider that you have normal Puppet defines with some parameters that allow you to define what to deploy (or better, what to configure for puppi deploys) on what hosts. For example, for a role, or group of servers you can have : puppi::project::war { 'myapp': source = http://repo.example42.com/deploy/${environment}/myapp.war;, deploy_root = '/store/tomcat/myapp/webapps', } (note the environment variable that allows you to pick from different sources wars for different environments) and at the same time have to deploy different things on different servers (this time picking the artifacts from a Maven repository) with defines like : puppi::project::maven { 'supersite': source = 'http://nexus.example42.com/nexus/content/repositories/releases/it/example42/supersite/', deploy_root = '/usr/local/tomcat/supersite/webapps', init_script = 'tomcat', report_email = 'sysa...@example42.com javascript:', enable = 'true', } Hope to have cleared a bit... Alessandro On Friday, February 22, 2013 12:59:41 AM UTC+1, Krishna Murthy T wrote: Hello Alessandro, I found Puppi very interesting and want to use it along side our Puppet environment. Can you please give me an idea about how to deploy same and different 'war' files to different environments using Puppi? I have several node definitions in my Puppet manifest each serving different purpose, I want to use Puppi to deploy to all those hosts but not at the same time. Any help will be appreciated. Thanks in advance, Krishna Murthy On Thursday, 17 January 2013 22:02:25 UTC, Alessandro Franceschi wrote: Oh, I was forgetting, Puppi is also a required dependency of all Example42 modules, since it provides some functions used by these modules. Note anyway that you can decide to use these modules without using puppi in any way (that is to not install the command and its working environment on your nodes)... you just need it in your modulepath to pluginsync its lib dir. al On Thursday, January 17, 2013 10:58:20 PM UTC+1, Alessandro Franceschi wrote: Hi, Puppi is a shell tool, installed and configured bythe omonimous Puppet module, that has basically 2 functions: 1- Manage application deployments 2- Provide an handy bash command with data driven by Puppet For the first task there are a bunch of puppet defines that allow you to define a deployment procedure (and some ready to use deployments samples good for many different uses (defined in manifests/projects/*.pp )). These defines, that you configure on puppet, provide to you the possibility of executing, on your nodes, commands like puppi deploy myapp or puppi rollback myapp to manage deployments. For the second task you need modules that actually can drive data to Puppet (Example42 ones do), but it's not too difficult to feed custom configurations to populate the output of actions like puppi check (does an immediate health check of your system and its applications), puppi info [app] (show information about your system and applications), puppi log [app] (tails all the configured logs). Since the command is always one (puppi) and the actions are always the same (deploy, rollback, check, info, log etc) you can easily uniform some operations on your infrastructure (whatever are the operations you have to do for a deploy, you have to run puppi deploy something). Puppi, of course can be run directly from the shell , but also via a jenkins ssh command (allowing only a sudo puppi) or via mcollective (via the mc-puppi plugin) , or as a command that interacts
[Puppet Users] Variables within Manifests question
Hello all Can someone please help me or answer if this is possible I'm using the puppet forge IIS module, and want to use variables within the syntax dependent up ip address for example: colo_a = 1.1.1.0 colo_b = 2.2.2.0 if $network_local_area_connection = 1.1.1.0 add colo_a elseif $network_local_area_connection = 2.2.2.0 add colo_b iis_site {'mysite.co.uk': ensure = present, bindings = [ 'http/*:80:www.mysite.co.uk', 'http/*:80:mysite.co.uk', 'http/*:80:*colo_?*.mysite.co.uk', 'http/*:80:*colo_?*.mysite.co.uk' ], } Any help or advise would be much appreciated regards Jim -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Environment supersets using Hiera
Hi folks, I'm using Puppet 3.0.1 and hiera 1.1.1, and this is my hierarchy now: :hierarchy: - %{fqdn} - %{environment} - common but I'd like to achieve something like this: if my node has environment=vagrant, then Hiera sources should be: - /var/lib/hiera/vagrant.yaml - /var/lib/hiera/devel.yaml - /var/lib/hiera/common.yaml if environment=devel: - /var/lib/hiera/devel.yaml - /var/lib/hiera/common.yaml if environment=production: - /var/lib/hiera/common.yaml I'm going through documentation but seems there's no mention to this kind of setup. Any hint? Thanks! -- Alexander Fortin https://www.vizify.com/alexander-fortin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] applying condition for a module
yarlagadda ramya rams.15...@gmail.com writes: hi all, I wote a module for downloading jdk, jboss, mysql and installing them..now i would like to apply a condition to it...in such a way that..if its already downloaded, it should not download it.. can some one please help me with this... Are you using File or using an external tool (wget, curl, etc..)? The File resource should do that for you automatically. It will checksum the file it downloads, and if it already exists on the node then it won't download it again. Note that the File resource will leave the packages on the node, so it's best to have a directory set aside for storing things puppet has downloaded. -- Kyle Sexton -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Variables within Manifests question
On 2/22/13 2:20 PM, jim wrote: Hello all Can someone please help me or answer if this is possible I'm using the puppet forge IIS module, and want to use variables within the syntax dependent up ip address for example: colo_a = 1.1.1.0 colo_b = 2.2.2.0 if $network_local_area_connection = 1.1.1.0 add colo_a elseif $network_local_area_connection = 2.2.2.0 add colo_b iis_site {'mysite.co.uk': ensure = present, bindings = [ 'http/*:80:www.mysite.co.uk', 'http/*:80:mysite.co.uk', 'http/*:80:*colo_?*.mysite.co.uk', 'http/*:80:*colo_?*.mysite.co.uk' ], } Any help or advise would be much appreciated regards Jim -- Jim, This is what Hiera[1] is meant to help with. You could determine values based on which colo you are in. [1] - https://github.com/puppetlabs/hiera/ Regards, -g -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] defining hosts regex
Hi Guys all of our windows hosts, has the following naming convention: 3 characters for the product - Letter for location - class of service (3 characters) - node number (2 digits) e.g pos-a-www-02 or ocs-b-sql-01 therefore my regex would look something like /^pos-(a|b)-www-\d\d$/ or /^ocs-(a|b)-sql-\d\d$/ how do I make these regex case insensitive as or hosts can be named pos-a-www-02 or POS-A-WWW-02 regards Jim -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: defining hosts regex
Or does Puppet put everything into lowercase, as just checked my windows host and its name is in uppercase but when I look at inventory for this host the hostname is in lower case ??? regards jim On Friday, 22 February 2013 14:43:17 UTC, jim wrote: Hi Guys all of our windows hosts, has the following naming convention: 3 characters for the product - Letter for location - class of service (3 characters) - node number (2 digits) e.g pos-a-www-02 or ocs-b-sql-01 therefore my regex would look something like /^pos-(a|b)-www-\d\d$/ or /^ocs-(a|b)-sql-\d\d$/ how do I make these regex case insensitive as or hosts can be named pos-a-www-02 or POS-A-WWW-02 regards Jim -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: defining hosts regex
sorry the clientcert is lowercase the hostname is still upper case so my question on case insensitive is still valid regards jim On Friday, 22 February 2013 14:45:03 UTC, jim wrote: Or does Puppet put everything into lowercase, as just checked my windows host and its name is in uppercase but when I look at inventory for this host the hostname is in lower case ??? regards jim On Friday, 22 February 2013 14:43:17 UTC, jim wrote: Hi Guys all of our windows hosts, has the following naming convention: 3 characters for the product - Letter for location - class of service (3 characters) - node number (2 digits) e.g pos-a-www-02 or ocs-b-sql-01 therefore my regex would look something like /^pos-(a|b)-www-\d\d$/ or /^ocs-(a|b)-sql-\d\d$/ how do I make these regex case insensitive as or hosts can be named pos-a-www-02 or POS-A-WWW-02 regards Jim -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: defining hosts regex
Yes, puppet will downcase the fqdn and make this the default certname. Which is why I swore never to uppercase any host names again, it's confusing. The $fqdn or $hostname are not used for selecting the node { } definition as far as I know. The $certname is what matters (or should be, anything else would be bad security). Anyway, have you tried /regex/i ? :-) HTH, Felix On 02/22/2013 03:45 PM, jim wrote: sorry the clientcert is lowercase the hostname is still upper case so my question on case insensitive is still valid regards jim -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Custom utils lib
Hi all, Is it possible to have a custom utils lib in puppet ? By exemple I want to have a custom class used in many custom facts and many custom function : module_utils/lib/puppet/my_class.rb And in my custom fact I can call this class : require 'module_utils' Facter.add(custom_fact) do setcode do var = Puppet::Utils::my_class.getVariable() end end Loïc -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] How to manually create Puppet CA and client certificates using openssl?
I think you're missing what I'm trying to convey. When you run via Apache or Nginx you are doing SSL termination at the apache and forwarding the requests to a puppetmaster application if you use say passenger. Its not so different than an F5. While I'm not giving you exact details on how to do it I'm giving you enough information to know its possible. The value of ca_server defaults to puppet, that means the certificate of the server it connects to must have that name in the cert and the DNS must match. When you start up the first puppet master, the CA server and not with mod_passenger, it will auto-generate the CA cert because the value of ca defaults to true if its not otherwise specified in the puppet conf. Essentially each puppet master that isnt the CA server is basically just a puppet client meaning when it does its first run it will generate a key, csr, and then try to connect to puppet. You dont actually need a cert for a puppet master if you do the ssl termination at the load balancer. I provided a copy of my apache conf used for a puppetmaster. As long as the puppetmasterd rack is installed it will function as a puppetmaster with that config. You need to generate a signed certificate from the CA for the load balancer dns. Lets say your DNS for one pool is puppetpool01.example.com, that is the cert name you need to generate and install on the apache/nginx load balancer. You need to also configure the load balancer to validate the ssl cert from the client against the CA. Specific parameters need to be passed to puppet, which is specified in the apache conf below. In each puppet master that is load balanced in its conf file in the master section you need to put these two lines ssl_client_header = SSL_CLIENT_S_DN ssl_client_verify_header = SSL_CLIENT_VERIFY You want to go the mod_passenger route then you can do ssl termination otherwise to do the tcp proxy is a real pain in the ass (been there, done that, never again). Below is an example of my apache conf where the communication is unencrypted because of the ssl termination at the load balancer. As long as the cert on the load balancer is signed by the CA and you set it up to pass the correct headers if the SSL cert is validated against the CA then you do not need multiple CA's. That way this setup you can revoke a certificate from one place instead of trying to figure out which CA you need to revoke it from. In each of my datacenters I have at the very minimum two F5 VIPs that go to 4 different puppet masters each with one common CA. I have at the current moment 6 datacenters, meaning I have 25 puppetmasters (24 servers, 1 CA). Hopefully this clarifies the point I am conveying. I know my apache configs, specifically for mod_passenger, might need tweaking but this actually works really good. Also if you pick up one of the puppet books, I forget which one exactly, they actually tell you how do the proxying with apache in a similar fashion to what I explained. # Apache Conf # Listen 18140 PassengerHighPerformance on PassengerMaxPoolSize 12 PassengerPoolIdleTime 30 PassengerMaxRequests 10 PassengerStatThrottleRate 120 PassengerUseGlobalQueue on RackAutoDetect On RailsAutoDetect On VirtualHost *:18140 ServerName ppm001.example.com DocumentRoot /usr/share/puppet/rack/puppetmasterd/public/ RackBaseURI / Directory /usr/share/puppet/rack/puppetmasterd/public/ Options None AllowOverride None Order allow,deny allow from all /Directory SetEnvIf X-SSL-Subject (.*) SSL_CLIENT_S_DN=$1 SetEnvIf X-Client-Verify (.*) SSL_CLIENT_VERIFY=$1 SetEnvIf X-Forwarded-For (.*) REMOTE_ADDR=$1 SetEnvIf X-Forwarded-Proto https HTTPS=1 LogLevel error ErrorLog |/usr/sbin/cronolog /var/log/httpd/puppetmaster_error_log.%Y%m%d -l /var/log/httpd/puppetmaster_error_log CustomLog |/usr/sbin/cronolog /var/log/httpd/puppetmaster_access_log.%Y%m%d -l /var/log/httpd/puppetmaster_access_log combined /VirtualHost # On Thu, Feb 21, 2013 at 9:36 AM, spankthes...@gmail.com wrote: Dear Matt, On Wednesday, February 20, 2013 10:39:51 PM UTC, Matt wrote: I run an F5 load balancer with SSL termination at the F5 and I dont need to put the CA cert anywhere except the F5. The actual CA signs the certs. The CA cert is only really used to authenticate the client cert. This gives the appearance to my puppet clients that I only have one puppet master when in actuality I have around 4-5 per VIP. Unfortunately, I dont have F5 available and all I can have is software based load balancing, either in form of Haproxy (most probably) or Nginx (less probably). As for your last part I'm not really seeing how you think you would need a puppetmaster per user. As one puppetmaster can use one CA at a time to sign/revoke certificates, if you'd have multiple users, you would need multiple puppetmasters,
Re: [Puppet Users] How to manually create Puppet CA and client certificates using openssl?
Oh and to add to my message. The benefit of this is there is no tomfoolery with multiple CAs and the confusion that will cause. If the concern is about letting one puppet client connect to two different pools then you can limit who can retrieve their catalog either through the auth.conf or directives via apache/nginx directives. The only time a new CA would be required is if you cant isolate via auth.conf or apache/ngnix and that would depend on the topology of your network. If you are concerned with a rogue server then you have autosign off then this is less of a issue because you actually have to authorize, by signing the certificate, the client to connect to any puppet master/pool signed by the CA. On Fri, Feb 22, 2013 at 10:31 AM, Matthew Black mjbl...@gmail.com wrote: I think you're missing what I'm trying to convey. When you run via Apache or Nginx you are doing SSL termination at the apache and forwarding the requests to a puppetmaster application if you use say passenger. Its not so different than an F5. While I'm not giving you exact details on how to do it I'm giving you enough information to know its possible. The value of ca_server defaults to puppet, that means the certificate of the server it connects to must have that name in the cert and the DNS must match. When you start up the first puppet master, the CA server and not with mod_passenger, it will auto-generate the CA cert because the value of ca defaults to true if its not otherwise specified in the puppet conf. Essentially each puppet master that isnt the CA server is basically just a puppet client meaning when it does its first run it will generate a key, csr, and then try to connect to puppet. You dont actually need a cert for a puppet master if you do the ssl termination at the load balancer. I provided a copy of my apache conf used for a puppetmaster. As long as the puppetmasterd rack is installed it will function as a puppetmaster with that config. You need to generate a signed certificate from the CA for the load balancer dns. Lets say your DNS for one pool is puppetpool01.example.com, that is the cert name you need to generate and install on the apache/nginx load balancer. You need to also configure the load balancer to validate the ssl cert from the client against the CA. Specific parameters need to be passed to puppet, which is specified in the apache conf below. In each puppet master that is load balanced in its conf file in the master section you need to put these two lines ssl_client_header = SSL_CLIENT_S_DN ssl_client_verify_header = SSL_CLIENT_VERIFY You want to go the mod_passenger route then you can do ssl termination otherwise to do the tcp proxy is a real pain in the ass (been there, done that, never again). Below is an example of my apache conf where the communication is unencrypted because of the ssl termination at the load balancer. As long as the cert on the load balancer is signed by the CA and you set it up to pass the correct headers if the SSL cert is validated against the CA then you do not need multiple CA's. That way this setup you can revoke a certificate from one place instead of trying to figure out which CA you need to revoke it from. In each of my datacenters I have at the very minimum two F5 VIPs that go to 4 different puppet masters each with one common CA. I have at the current moment 6 datacenters, meaning I have 25 puppetmasters (24 servers, 1 CA). Hopefully this clarifies the point I am conveying. I know my apache configs, specifically for mod_passenger, might need tweaking but this actually works really good. Also if you pick up one of the puppet books, I forget which one exactly, they actually tell you how do the proxying with apache in a similar fashion to what I explained. # Apache Conf # Listen 18140 PassengerHighPerformance on PassengerMaxPoolSize 12 PassengerPoolIdleTime 30 PassengerMaxRequests 10 PassengerStatThrottleRate 120 PassengerUseGlobalQueue on RackAutoDetect On RailsAutoDetect On VirtualHost *:18140 ServerName ppm001.example.com DocumentRoot /usr/share/puppet/rack/puppetmasterd/public/ RackBaseURI / Directory /usr/share/puppet/rack/puppetmasterd/public/ Options None AllowOverride None Order allow,deny allow from all /Directory SetEnvIf X-SSL-Subject (.*) SSL_CLIENT_S_DN=$1 SetEnvIf X-Client-Verify (.*) SSL_CLIENT_VERIFY=$1 SetEnvIf X-Forwarded-For (.*) REMOTE_ADDR=$1 SetEnvIf X-Forwarded-Proto https HTTPS=1 LogLevel error ErrorLog |/usr/sbin/cronolog /var/log/httpd/puppetmaster_error_log.%Y%m%d -l /var/log/httpd/puppetmaster_error_log CustomLog |/usr/sbin/cronolog /var/log/httpd/puppetmaster_access_log.%Y%m%d -l /var/log/httpd/puppetmaster_access_log combined /VirtualHost # On Thu, Feb 21, 2013 at 9:36
[Puppet Users] puppet module issue
Hello, I've installed the puppet module mysql however I'm noticing its only reading the init.pp when puppet does its run.. For some reason its ignoring all of the other pp files in under the directory such as the backup.pp,sever.pp or ruby.pp what am I doing wrong.. I even run a puppet apply on the individual pp files however they do not run I have other modules but they only contain one file under the /manifest directory the init.pp so that always runs please help Thanks -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] puppet module issue
Hi, On 02/22/2013 05:21 PM, Raymond Regnier wrote: Hello, I've installed the puppet module mysql however I'm noticing its only reading the init.pp when puppet does its run.. For some reason its ignoring all of the other pp files in under the directory such as the backup.pp,sever.pp or ruby.pp what am I doing wrong.. I even run a puppet apply on the individual pp files however they do not run what do you expect to happen when you apply a single manifest file from a module? The classes and types defined in the individual files only take effect when you include the classes or use the defined types. Does that not work for you? Regards, Felix -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Environment design decisions
On 02/21/2013 03:23 PM, Jonathan Gazeley wrote: Thanks for your message. I discovered through testing that the autoloader does not support this behaviour. I had sort of resolved to implement your suggestion although it seems a little bit messy. Taking a step back, are there any better solutions? I want to achieve a common repository of modules, and a handful of environments with different sysadmins, who will be able to call upon the common modules, include them, and extend them in their own environments. Surely there must be some sort of prior art? :) I believe that the best way to achieve this is to put your modules in source control, preferably with multiple repositories like git. Each environment can thus be a branch of the main environment. All the voodoo of keeping up-to-date etc. happens outside of puppet, which is a good thing imo. HTH, Felix -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] puppet module issue
Hi, No i'm trying to have puppet run all of the pp files under the module's manifest directory all it does is run init.pp could it be because I'm not specifying every specifc pp file in my site.pp file on the master? On Fri, Feb 22, 2013 at 11:38 AM, Felix Frank felix.fr...@alumni.tu-berlin.de wrote: Hi, On 02/22/2013 05:21 PM, Raymond Regnier wrote: Hello, I've installed the puppet module mysql however I'm noticing its only reading the init.pp when puppet does its run.. For some reason its ignoring all of the other pp files in under the directory such as the backup.pp,sever.pp or ruby.pp what am I doing wrong.. I even run a puppet apply on the individual pp files however they do not run what do you expect to happen when you apply a single manifest file from a module? The classes and types defined in the individual files only take effect when you include the classes or use the defined types. Does that not work for you? Regards, Felix -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- Raymond Regnier Mobile (202) 716-9898 raymondregn...@gmail.com rayregn...@yahoo.com -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] puppet module issue
No I'm trying to have it run all pp files under the module's manifest directory.. its only just running init.pp.. could it be because I haven't listed each individual pp file under my site.pp file ? On Friday, February 22, 2013 11:38:13 AM UTC-5, Felix.Frank wrote: Hi, On 02/22/2013 05:21 PM, Raymond Regnier wrote: Hello, I've installed the puppet module mysql however I'm noticing its only reading the init.pp when puppet does its run.. For some reason its ignoring all of the other pp files in under the directory such as the backup.pp,sever.pp or ruby.pp what am I doing wrong.. I even run a puppet apply on the individual pp files however they do not run what do you expect to happen when you apply a single manifest file from a module? The classes and types defined in the individual files only take effect when you include the classes or use the defined types. Does that not work for you? Regards, Felix -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] using exit code from a command in a provider without causing puppet to fail
Hi, it might be sensible to ask that to puppet-dev. Anyway, is the call that causing you problems raising an exception? Could you catch/rescue that? Just an idle idea... Cheers, Felix On 02/22/2013 03:20 AM, Micah Anderson wrote: Hi, I've made some changes to the vcsrepo module[0] provider. It all works fine, but I'm trying to improve it to be more in-line with how the original module works. The original module uses 'optional_commands'[1] to define the 'git' command and then when the provider needs to do something with git it uses a define called 'git_with_identity'[2] which makes sure that certain variables are set and then just runs git using the optional_commands methods. I want to do the same thing, but I want to operate on the exit code of the git command that I am running. So while the following works fine: def valid_repo? Dir.chdir(@resource.value(:path)){ system('git rev-parse /dev/null 21')} end it is using system() to call 'git rev-parse' instead of 'git_with_identity'. If I simply change my 'system' above to 'git_with_identity', when 'git revparse' fails with a non-zero exit code, it causes puppet to fail. It seems like optional_commands eventually uses Puppet::Util::Execution[4] and that has the optional parameter 'failonfail', defaulting to 'true'. I am guessing that what I want to do is somehow toggle that so it wont fail, but I'm at a loss as to how. Any ideas or pointers to other providers that are doing this would be mighty appreciated! micah 0. https://github.com/puppetlabs/puppetlabs-vcsrepo 1. https://github.com/puppetlabs/puppetlabs-vcsrepo/blob/master/lib/puppet/provider/vcsrepo/git.rb#L7 2. https://github.com/puppetlabs/puppetlabs-vcsrepo/blob/master/lib/puppet/provider/vcsrepo/git.rb#L278 3. if you follow the indirection through this path: https://github.com/puppetlabs/puppet/blob/master/lib/puppet/provider.rb#L186-L201 https://github.com/puppetlabs/puppet/blob/master/lib/puppet/provider.rb#L221-L238 https://github.com/puppetlabs/puppet/blob/master/lib/puppet/provider.rb#L272 https://github.com/puppetlabs/puppet/blob/master/lib/puppet/util/execution.rb -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] puppet module issue
On 02/22/2013 05:43 PM, Raymond Regnier wrote: Hi, No i'm trying to have puppet run all of the pp files under the module's manifest directory all it does is run init.pp could it be because I'm not specifying every specifc pp file in my site.pp file on the master? But that's the thing - you don't run a manifest file. Puppet uses the files to find declarations of types and classes. What exactly are you trying and failing? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] puppet module issue
So I'm just trying to run the mysql module and have all of my clients pick it up for example I've created my own httpd and iptables modules and I have them include in my site.pp file.. however both of those modules just have a init.pp under their respective manifest directory. They run fine when each client completes its pull from the master.. the clients get httpd and iptables installed. So I downloaded the already created mysql module. Its under my /etc/puppet/modules/mysql directory under that directory is a manifests directory which contains a whole lot of .pp files including a init.pp file which installs just mysql.. the other pp files install like mysql-server and other packages however when I put in my site.pp file when I have the clients pull from the master they only pick up mysql as it should from the mysql module's init.pp file.. however it doesn't do anything else.. It seems as if the clients don't see the other pp files to execute or do anything.. is it because of my site.pp file? should i have import modules at the top of the file? or list each one like include mysql include mysql::server does this make sense? On Friday, February 22, 2013 11:52:36 AM UTC-5, Felix.Frank wrote: On 02/22/2013 05:43 PM, Raymond Regnier wrote: Hi, No i'm trying to have puppet run all of the pp files under the module's manifest directory all it does is run init.pp could it be because I'm not specifying every specifc pp file in my site.pp file on the master? But that's the thing - you don't run a manifest file. Puppet uses the files to find declarations of types and classes. What exactly are you trying and failing? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] puppet module issue
WIth the puppet module structure, you don't import any pp files from the modules ever. You only use include. If you look at the github for the module, it explains which classes do what. https://github.com/puppetlabs/puppetlabs-mysql The base class (mysql) only installs the client. mysql::server will install mysql-server and there are other classes for setting up databases and such. Include the ones you need in your node definitions, not in site.pp On Friday, February 22, 2013 9:59:20 AM UTC-7, Raymond Regnier wrote: So I'm just trying to run the mysql module and have all of my clients pick it up for example I've created my own httpd and iptables modules and I have them include in my site.pp file.. however both of those modules just have a init.pp under their respective manifest directory. They run fine when each client completes its pull from the master.. the clients get httpd and iptables installed. So I downloaded the already created mysql module. Its under my /etc/puppet/modules/mysql directory under that directory is a manifests directory which contains a whole lot of .pp files including a init.pp file which installs just mysql.. the other pp files install like mysql-server and other packages however when I put in my site.pp file when I have the clients pull from the master they only pick up mysql as it should from the mysql module's init.pp file.. however it doesn't do anything else.. It seems as if the clients don't see the other pp files to execute or do anything.. is it because of my site.pp file? should i have import modules at the top of the file? or list each one like include mysql include mysql::server does this make sense? On Friday, February 22, 2013 11:52:36 AM UTC-5, Felix.Frank wrote: On 02/22/2013 05:43 PM, Raymond Regnier wrote: Hi, No i'm trying to have puppet run all of the pp files under the module's manifest directory all it does is run init.pp could it be because I'm not specifying every specifc pp file in my site.pp file on the master? But that's the thing - you don't run a manifest file. Puppet uses the files to find declarations of types and classes. What exactly are you trying and failing? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Variables within manifests questions
Hello all again just another quick question, we have some machines in different colo's on different subnets, colo a - 1.1.1.0/24 colo b - 2.2.2.0/24 If for example I was using a module from puppet forge for IIS, could I use variables within my manifest syntax to reference different colo's for example if $network_local_area_connection = 1.1.1.0 add colo_a elseif $network_local_area_connection = 2.2.2.0 add colo_b iis_site {'mysite.co.uk': ensure = present, bindings = [ 'http/*:80:www.mysite.co.uk', 'http/*:80:mysite.co.uk', 'http/*:80:*colo_?*.mysite.co.uk', 'http/*:80:*colo_?*.mysite.co.uk' ], } Hope this makes sense just unsure how to achieve this ??? Regards Jim -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Prevent previous version remove upon RPM package install latest
Hello all, I'm installing/upgrading JDK using this manifest: package { 'jdk': ensure= 'latest', source= file('packages/files/jdk-7u15-linux-x64.rpm'), provider = 'rpm', } This package installs JDK to /usr/java/jdk1.7.0_15 dir and redirects /usr/java/default and /usr/java/latest links to this new version. This is OK. The problem is that this install deletes files from the previous version dir /usr/java/jdk1.7.0_11 What I can do for puppet to run RPM package install (particularly for JDK) without removing/uninstall previous version(s)? Best regards, Viktor -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Announce: Module puppetlabs/postgresql 2.1.1 Available
A new release of the puppetlabs/postgresql module is now available on the Forge: https://forge.puppetlabs.com/puppetlabs/postgresql/2.1.1 Changelog This release provides a bug fix for RHEL 5 and Centos 5 systems, or specifically systems using PostgreSQL 8.1 or older. On those systems one would have received the error: Error: Could not start Service[postgresqld]: Execution of ‘/sbin/service postgresql start’ returned 1: And the postgresql log entry: FATAL: unrecognized configuration parameter include This bug is due to a new feature we had added in 2.1.0, whereby the `include` directive in `postgresql.conf` was not compatible. As a work-around we have added checks in our code to make sure systems running PostgreSQL 8.1 or older do not have this directive added. Detailed Changes 2013-01-21 - Ken Barber k...@bob.sh * Only install `include` directive and included file on PostgreSQL = 8.2 * Add system tests for Centos 5 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] puppet module issue
so my site.pp looks like this node default { include httpd include iptables i*nclude mysql include mysql::server* then on my node.pp file i have node my ipdaddress here { include httpd include iptables include mysql so from my site.pp file if I do not have include mysql::server then it will not pull the server.pp file... On Friday, February 22, 2013 12:31:01 PM UTC-5, joe wrote: WIth the puppet module structure, you don't import any pp files from the modules ever. You only use include. If you look at the github for the module, it explains which classes do what. https://github.com/puppetlabs/puppetlabs-mysql The base class (mysql) only installs the client. mysql::server will install mysql-server and there are other classes for setting up databases and such. Include the ones you need in your node definitions, not in site.pp On Friday, February 22, 2013 9:59:20 AM UTC-7, Raymond Regnier wrote: So I'm just trying to run the mysql module and have all of my clients pick it up for example I've created my own httpd and iptables modules and I have them include in my site.pp file.. however both of those modules just have a init.pp under their respective manifest directory. They run fine when each client completes its pull from the master.. the clients get httpd and iptables installed. So I downloaded the already created mysql module. Its under my /etc/puppet/modules/mysql directory under that directory is a manifests directory which contains a whole lot of .pp files including a init.pp file which installs just mysql.. the other pp files install like mysql-server and other packages however when I put in my site.pp file when I have the clients pull from the master they only pick up mysql as it should from the mysql module's init.pp file.. however it doesn't do anything else.. It seems as if the clients don't see the other pp files to execute or do anything.. is it because of my site.pp file? should i have import modules at the top of the file? or list each one like include mysql include mysql::server does this make sense? On Friday, February 22, 2013 11:52:36 AM UTC-5, Felix.Frank wrote: On 02/22/2013 05:43 PM, Raymond Regnier wrote: Hi, No i'm trying to have puppet run all of the pp files under the module's manifest directory all it does is run init.pp could it be because I'm not specifying every specifc pp file in my site.pp file on the master? But that's the thing - you don't run a manifest file. Puppet uses the files to find declarations of types and classes. What exactly are you trying and failing? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Finding a manifest full file name (with path) in a function?
I'm trying to create a function that I can call in a manifest like this: $doc = doc('apache::service') In the function, I want it to actually find the filename for the 'apache::service' class... from there, I'm going to run some code that will generate the puppet-doc in text format, and then return it in a variable. Ultimately this is so that I can have nodes self-document themselves. Right now I'm stuck on figuring out the filename from the classname though. Anyone have any tips on this? Is there a function in the Puppet ruby code somewhere that will translate a class-name into a file path? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Finding a manifest full file name (with path) in a function?
I do this kind of thing here: https://github.com/puppetlabs/puppetlabs-kwalify/blob/master/lib/puppet/parser/functions/validate_resource.rb#L24 ken. On Fri, Feb 22, 2013 at 6:05 PM, Matt W m...@nextdoor.com wrote: I'm trying to create a function that I can call in a manifest like this: $doc = doc('apache::service') In the function, I want it to actually find the filename for the 'apache::service' class... from there, I'm going to run some code that will generate the puppet-doc in text format, and then return it in a variable. Ultimately this is so that I can have nodes self-document themselves. Right now I'm stuck on figuring out the filename from the classname though. Anyone have any tips on this? Is there a function in the Puppet ruby code somewhere that will translate a class-name into a file path? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: .erb templates are not properly parsed.
On Friday, February 22, 2013 4:20:21 AM UTC-6, Marc Bolós wrote: So finally my conclusion is that when you declase a node, includes order matters. Yes, it does. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Finding a manifest full file name (with path) in a function?
Jordan Sissel wrote up a little thing to do this: https://github.com/jordansissel/puppet-examples/tree/master/where-art-thou/ -=Eric On Friday, February 22, 2013 10:05:18 AM UTC-8, Matt W wrote: I'm trying to create a function that I can call in a manifest like this: $doc = doc('apache::service') In the function, I want it to actually find the filename for the 'apache::service' class... from there, I'm going to run some code that will generate the puppet-doc in text format, and then return it in a variable. Ultimately this is so that I can have nodes self-document themselves. Right now I'm stuck on figuring out the filename from the classname though. Anyone have any tips on this? Is there a function in the Puppet ruby code somewhere that will translate a class-name into a file path? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: defining hosts regex
/option notation doesn't work in puppet. However, (?option:...) notation does work. http://docs.puppetlabs.com/puppet/3/reference/lang_datatypes.html#regex-options So use /(?i:^pos-(a|b)-www-\d\d$)/ and see if that does what you want. On Friday, February 22, 2013 6:51:48 AM UTC-8, Felix.Frank wrote: Yes, puppet will downcase the fqdn and make this the default certname. Which is why I swore never to uppercase any host names again, it's confusing. The $fqdn or $hostname are not used for selecting the node { } definition as far as I know. The $certname is what matters (or should be, anything else would be bad security). Anyway, have you tried /regex/i ? :-) HTH, Felix On 02/22/2013 03:45 PM, jim wrote: sorry the clientcert is lowercase the hostname is still upper case so my question on case insensitive is still valid regards jim -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] gem packages installed directory on puppetmaster
What is the right path for ruby gems on puppet master. Scenario: I have installed hiera couple of months back. So the gem was installed under /opt/puppet/lib/gems/1.8/gems/hiera-0.3.0 /opt/puppet/lib/gems/1.8/gems/hiera-puppet-0.3.0 Later when I updated to new version of hiera then it installed (via gem install) under /opt/puppet/lib/gems/1.8/gems/hiera-1.1.1 /opt/puppet/lib/gems/1.8/gems/hiera-puppet-1.0.0 Puppet was always using the hiera under /opt/puppet/lib/gems/1.8/gems/, so I was unable to use new features of hiera I have uninstalled hiera-0.3.0 manually using gem sudo gem uninstall --install-dir /opt/puppet/lib/gems/1.8/ hiera Then Puppet failed to find hiera() function, so its always looking under /opt/puppet/lib/gems/1.8/gems. Later I installed hiera using gem and explicitly specified to install under /opt/puppet/lib/gems/1.8/gems Now puppet cannot even find hiera() err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not autoload hiera_include: no such file to load -- /opt/puppet/lib/site_ruby/1.8/puppet/parser/functions/hiera_include.rb at /etc/puppetlabs/puppet/environments/development/manifests/site.pp:46 on node Looks like some thing wrong with my gem path or my puppet load path is not. How do I come out of this? Any help greatly appreciated. Regards Sai. EMC -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Multiple Puppet agents on one node?
Michael, I'll try and help. I had a set of servers at my last employer where I had to run two separate agents from cron. That particular team had been using Puppet to manage an application which was no longer being actively developed and was on life support. Therefore, when I deployed Puppet across the entire company I set up those machines to have two separate agent runs with different Puppetmasters. I ran two separate crons with separate names so the two Puppets wouldn't conflict. I manually set the --server, --logdest, --vardir, and --ssldir directives (--ssldir may be extraneous if your local config is $vardir/ssl) on the cronjob's command line. I had no issues running them separately, keep in mind though that it might get hairier if you try and run two different Puppet versions. I never tried doing that. Good luck, and I hope this helps. Jeffrey. On Wed, Feb 20, 2013 at 11:22 AM, Michael Hüttermann mich...@huettermann.net wrote: Hello, can I run two different Puppet agents on one node listening to two different Masters? Thank you for your help. Best regards Michael -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: Finding a manifest full file name (with path) in a function?
Yeah, this is interesting... it will essentially report where the template file came from. It doesn't get me the path name to the manifest that called it, which is what i'm looking for. On Feb 22, 2013, at 10:24 AM, Eric Sorenson eric.soren...@puppetlabs.com wrote: Jordan Sissel wrote up a little thing to do this: https://github.com/jordansissel/puppet-examples/tree/master/where-art-thou/ -=Eric On Friday, February 22, 2013 10:05:18 AM UTC-8, Matt W wrote: I'm trying to create a function that I can call in a manifest like this: $doc = doc('apache::service') In the function, I want it to actually find the filename for the 'apache::service' class... from there, I'm going to run some code that will generate the puppet-doc in text format, and then return it in a variable. Ultimately this is so that I can have nodes self-document themselves. Right now I'm stuck on figuring out the filename from the classname though. Anyone have any tips on this? Is there a function in the Puppet ruby code somewhere that will translate a class-name into a file path? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: Finding a manifest full file name (with path) in a function?
Another way this could work, by the way, is if I can somehow reference the calling class filename. Ie, if /foo/class.pp: class foo { document_me() } If I can somehow reference /foo/class.pp:2, like some of the error log messages do, that would work as well. --Matt On Feb 22, 2013, at 10:35 AM, Matt Wise m...@nextdoor.com wrote: Yeah, this is interesting... it will essentially report where the template file came from. It doesn't get me the path name to the manifest that called it, which is what i'm looking for. On Feb 22, 2013, at 10:24 AM, Eric Sorenson eric.soren...@puppetlabs.com wrote: Jordan Sissel wrote up a little thing to do this: https://github.com/jordansissel/puppet-examples/tree/master/where-art-thou/ -=Eric On Friday, February 22, 2013 10:05:18 AM UTC-8, Matt W wrote: I'm trying to create a function that I can call in a manifest like this: $doc = doc('apache::service') In the function, I want it to actually find the filename for the 'apache::service' class... from there, I'm going to run some code that will generate the puppet-doc in text format, and then return it in a variable. Ultimately this is so that I can have nodes self-document themselves. Right now I'm stuck on figuring out the filename from the classname though. Anyone have any tips on this? Is there a function in the Puppet ruby code somewhere that will translate a class-name into a file path? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: gem packages installed directory on puppetmaster
Forgot to add my environment details. Ubuntu12.04LTS, PE 2.7, Hiera1.2 Regards Sai. On Friday, February 22, 2013 1:29:45 PM UTC-5, Sai_Emc wrote: What is the right path for ruby gems on puppet master. Scenario: I have installed hiera couple of months back. So the gem was installed under /opt/puppet/lib/gems/1.8/gems/hiera-0.3.0 /opt/puppet/lib/gems/1.8/gems/hiera-puppet-0.3.0 Later when I updated to new version of hiera then it installed (via gem install) under /opt/puppet/lib/gems/1.8/gems/hiera-1.1.1 /opt/puppet/lib/gems/1.8/gems/hiera-puppet-1.0.0 Puppet was always using the hiera under /opt/puppet/lib/gems/1.8/gems/, so I was unable to use new features of hiera I have uninstalled hiera-0.3.0 manually using gem sudo gem uninstall --install-dir /opt/puppet/lib/gems/1.8/ hiera Then Puppet failed to find hiera() function, so its always looking under /opt/puppet/lib/gems/1.8/gems. Later I installed hiera using gem and explicitly specified to install under /opt/puppet/lib/gems/1.8/gems Now puppet cannot even find hiera() err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not autoload hiera_include: no such file to load -- /opt/puppet/lib/site_ruby/1.8/puppet/parser/functions/hiera_include.rb at /etc/puppetlabs/puppet/environments/development/manifests/site.pp:46 on node Looks like some thing wrong with my gem path or my puppet load path is not. How do I come out of this? Any help greatly appreciated. Regards Sai. EMC -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Can someone provide more clarity on Puppi
Hi Krishna, to deploy 2 different wars you can place 2 different puppi defines on the same node: puppi::project::war { 'myapp': source = http://repo.example42.com/deploy/${environment}/myapp.war;, deploy_root = '/store/tomcat/webapps', } puppi::project::war { 'other': source = http://repo.example42.com/deploy/${environment}/other.war http://repo.example42.com/deploy/$%7Benvironment%7D/myapp.war, deploy_root = '/store/tomcat/webapps', } This will provide 2 puppi deploy commands: puppi deploy myapp and puppi deploy other that would deploy the 2 wars on the same webapps dir. Note that if you don't have autodeployment activated on your application server you need to restart its service to deploy an app and this would affect the other app. In this case you might prefer to have 2 distinct application servers instances one for each app. If, instead, your 2 apps are somehow related and should be deployed at the same time, there it currently no supportm, out the box, of a unique puppi deploy procedure that takes 2 wars at the same time from 2 different sources , deploys them and eventually restarts the application server. Actually that's not a big effort to do (it would require the addition of some parameters in puppi/manifests/projects/war.pp and sono resources) but it requires some knowledge on how the puppi module is done. IF you need such a feature please open a feature request on Github. As a side note, you can create a custom procedure (similar to the example ones present in puppi/manifests/projects/ which actually cover most of the common cases) that does whatever you need. Ciao al On Friday, February 22, 2013 11:52:21 AM UTC+1, Krishna Murthy T wrote: Hello Alessandro, Thank you very much for your quick reply, now it is bit more clear to me and I will start implementing Puppi today. One more quick question :-) I need to deploy two 'war' files to the same server, which means same 'deploy_root' but two 'war' files and I don't think I can use two 'source' two times. Any suggestions will be much appreciated. Thanks Regards, Krishna Murthy On Friday, 22 February 2013 05:20:13 UTC, Alessandro Franceschi wrote: Hi Krishna, the execution of a puppi deploy myapp is not done generally via Puppet (Puppet creates the environment that allows you to make a deploy with a puppi deploy command, you can also trigger a puppi deploy myapp execution via Puppet but that's not common if not for first time setup ) and can be done in various ways: - Directly from an host, typing as root: puppi deploy myapp - Doing the same via a cron job (puppi can check if the artifacts to deploy have changes) - Via Jenkins or similar, typically doing a ssh connection with an unprivileged user tha can so sudo puppi deploy myapp - Via Mcollective, using the puppi plugin. - Via whatever type of more or less centralized orchestration/scheduling tool that can execute a remote command To decide which war (or whatever artifact) deploy on which node, just consider that you have normal Puppet defines with some parameters that allow you to define what to deploy (or better, what to configure for puppi deploys) on what hosts. For example, for a role, or group of servers you can have : puppi::project::war { 'myapp': source = http://repo.example42.com/deploy/${environment}/myapp.war;, deploy_root = '/store/tomcat/myapp/webapps', } (note the environment variable that allows you to pick from different sources wars for different environments) and at the same time have to deploy different things on different servers (this time picking the artifacts from a Maven repository) with defines like : puppi::project::maven { 'supersite': source = 'http://nexus.example42.com/nexus/content/repositories/releases/it/example42/supersite/', deploy_root = '/usr/local/tomcat/supersite/webapps', init_script = 'tomcat', report_email = 'sysa...@example42.com', enable = 'true', } Hope to have cleared a bit... Alessandro On Friday, February 22, 2013 12:59:41 AM UTC+1, Krishna Murthy T wrote: Hello Alessandro, I found Puppi very interesting and want to use it along side our Puppet environment. Can you please give me an idea about how to deploy same and different 'war' files to different environments using Puppi? I have several node definitions in my Puppet manifest each serving different purpose, I want to use Puppi to deploy to all those hosts but not at the same time. Any help will be appreciated. Thanks in advance, Krishna Murthy On Thursday, 17 January 2013 22:02:25 UTC, Alessandro Franceschi wrote: Oh, I was forgetting, Puppi is also a required dependency of all Example42 modules, since it provides some functions used by these modules. Note anyway that you can decide to use these modules without using puppi in any way (that is to not
Re: [Puppet Users] puppet module issue
so how do you get the db.pp to work? On Friday, February 22, 2013 12:31:01 PM UTC-5, joe wrote: WIth the puppet module structure, you don't import any pp files from the modules ever. You only use include. If you look at the github for the module, it explains which classes do what. https://github.com/puppetlabs/puppetlabs-mysql The base class (mysql) only installs the client. mysql::server will install mysql-server and there are other classes for setting up databases and such. Include the ones you need in your node definitions, not in site.pp On Friday, February 22, 2013 9:59:20 AM UTC-7, Raymond Regnier wrote: So I'm just trying to run the mysql module and have all of my clients pick it up for example I've created my own httpd and iptables modules and I have them include in my site.pp file.. however both of those modules just have a init.pp under their respective manifest directory. They run fine when each client completes its pull from the master.. the clients get httpd and iptables installed. So I downloaded the already created mysql module. Its under my /etc/puppet/modules/mysql directory under that directory is a manifests directory which contains a whole lot of .pp files including a init.pp file which installs just mysql.. the other pp files install like mysql-server and other packages however when I put in my site.pp file when I have the clients pull from the master they only pick up mysql as it should from the mysql module's init.pp file.. however it doesn't do anything else.. It seems as if the clients don't see the other pp files to execute or do anything.. is it because of my site.pp file? should i have import modules at the top of the file? or list each one like include mysql include mysql::server does this make sense? On Friday, February 22, 2013 11:52:36 AM UTC-5, Felix.Frank wrote: On 02/22/2013 05:43 PM, Raymond Regnier wrote: Hi, No i'm trying to have puppet run all of the pp files under the module's manifest directory all it does is run init.pp could it be because I'm not specifying every specifc pp file in my site.pp file on the master? But that's the thing - you don't run a manifest file. Puppet uses the files to find declarations of types and classes. What exactly are you trying and failing? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] puppet could'nt find hiera even when hiera gem is installed
Hiera was properly working in my environment. But puppet was looking at old version even when I have the latest hiera gem installed. So I could'nt use json backend. But puppet is not looking at my latest hiera gem. Not sure when went wrong here. Scenario: I have installed hiera couple of months back. So the gem was installed under /opt/puppet/lib/gems/1.8/gems/hiera-0.3.0 /opt/puppet/lib/gems/1.8/gems/hiera-puppet-0.3.0 Later when I updated to new version of hiera then it installed (via gem install) under /opt/puppet/lib/gems/1.8/gems/hiera-1.1.1 /opt/puppet/lib/gems/1.8/gems/hiera-puppet-1.0.0 Puppet was always using the hiera under /opt/puppet/lib/gems/1.8/gems/, so I was unable to use new features of hiera I have uninstalled hiera-0.3.0 manually using gem sudo gem uninstall --install-dir /opt/puppet/lib/gems/1.8/ hiera Then Puppet failed to find hiera() function, so its always looking under /opt/puppet/lib/gems/1.8/gems. Later I installed hiera using gem and explicitly specified to install under /opt/puppet/lib/gems/1.8/gems Now puppet cannot even find hiera() err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not autoload hiera_include: no such file to load -- /opt/puppet/lib/site_ruby/1.8/puppet/parser/functions/hiera_include.rb at /etc/puppetlabs/puppet/environments/development/manifests/site.pp:46 on node Looks like some thing wrong with my gem path or my puppet load path is not. Any idea what went wrong here? Using Ubuntu12.04LTS, PE 2.7, Hiera1.2 Any help greatly appreciated. Regards Sai. EMC -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Puppet-Hiera: hiera_include and hiera_hash behaviour
I can see json_backend working in latest hiera. Tried from command line its working . puppetmaster was looking at old hiera-0.3.0 gem even whem latest hiera is installed. Posted a different topic for that. Thanks. Sai EMC On Thursday, February 21, 2013 5:50:32 PM UTC-5, Sai_Emc wrote: Wonderful...This is cool. As you said, maintaining thousands yaml files manually might be difficlut. I have to automate this process to accept requests from an external system about which node needs which resources. So I might use json over yaml, because at this point I dont know my external system can do yaml. Any idea json backend supported in 2.7?. I saw in the documentation but not sure supported in 2.7 or not. Once again thank you very much. Regards Sai. EMC On Thursday, February 21, 2013 5:32:55 PM UTC-5, Ellison Marks wrote: It's not that bad performance wise. Hiera should only lode the applicable yaml files. If (god forbid) you had one yaml file per host and had thousands of hosts, hiera should still only load two files, the host's yaml file and the common yaml file. The only thing that would be bad is manually maintaining all the yaml files :) As to the multiple parameters, it's also not that bad. You could format the parameters as an array and seperate them later, like this: NodeB.yaml --- classes: - b 'classB::params': - 'Puppet-Hiera' - 'Puppet-Hiera' - 'Puppet-Hiera' - 'Puppet-Hiera' class classB ($params = hiera('classB::params', '')) { $param1=$params[0] $param2=$params[1] $param3=$params[2] $param4=$params[3] but it's not that much better. The real trick is in using create resources correctly. You want to have a 3 depth array in hiera. top is the name you will look up with the hiera() call. Second level is the names of the resources you want to create. For example, if you were creating users, this level could have 'john' and 'jane'. Third level is the parameters for the individual resource. In this example, below john could be {'uid'=501, 'group'=john} and below jane could be {'uid'=502, 'group'=jane} userhash: john: uid: 501 group: john jane: uid: 502 group: jane then you would say $userhash=hiera('userhash') create_resources(user, $userhash) So if you can structure your class in a way that supports that flow, it can be really good. On Thursday, February 21, 2013 12:27:30 PM UTC-8, Sai_Emc wrote: That's ok Mark. I kind of remember that from documentation. When we use above approach puppet need to make multiple hiera() calls to get resources specific to a class. I mean a class with say 4 arguments, puppet need to make a multiple calls to get all the parameters. NodeB.yaml --- classes: - b 'classB::param1': 'Puppet-Hiera' 'classB::param2': 'Puppet-Hiera' 'classB::param3': 'Puppet-Hiera' 'classB::param4': 'Puppet-Hiera' If we have thousands of nodes we might see any performance issues with array approach? I might be totally wrong on this. The same if I have declared as Hash then from puppet that is just one call, but it might look all defined hierarchies. So if we do use hiera_hash then without using create_resources() is there any other method I can include class definitions. Thank you. Regards Sai. EMC On Thursday, February 21, 2013 3:01:54 PM UTC-5, Ellison Marks wrote: Ah, sorry, my mistake, mised the version. That line would have to be class classB ($param1 = hiera('classB::param1', '')) { with the hiera call in the definition. Sorry about that :P On Thursday, February 21, 2013 11:57:24 AM UTC-8, Sai_Emc wrote: Mark, Thanks for the quick reply. This uses the auto lookup of parameters. It will perform a hiera search for 'classB::param1'. -- Auto lookup feature what you mentioned is in PE 2.7? I remember reading as 3.0 feature. Regards Sai. EMC On Thursday, February 21, 2013 2:32:10 PM UTC-5, Ellison Marks wrote: quick definitions first: hiera() gets a value from the backend. stops searching after it finds a value. the value can be any data type. hiera_array() gets multiple values from the backend, combining them into one large array as possible. hiera_hash() gets multiple values from the backend, combining them into one large hash as possible. hiera_include() calls hiera_array() and then includes each classname returned. Ok, so hiera_include will look in the backend for a variable named in the call, in your case 'classesA'. this should contain an array of class names to include. As your hierarchy apparently doesn't contain the variable 'classesA', this explains the second error you are getting. You also didn't include the variable 'classesH' in nodeA.yaml, so that might be the cause of the failure there. create_resources is also not used on classes, just types or defines. Generally, for hiera_include, it should look sort of like this. class
[Puppet Users] Re: puppet could'nt find hiera even when hiera gem is installed
On Friday, February 22, 2013 2:03:30 PM UTC-6, Sai_Emc wrote: Hiera was properly working in my environment. But puppet was looking at old version even when I have the latest hiera gem installed. So I could'nt use json backend. But puppet is not looking at my latest hiera gem. Not sure when went wrong here. Scenario: I have installed hiera couple of months back. So the gem was installed under /opt/puppet/lib/gems/1.8/gems/hiera-0.3.0 /opt/puppet/lib/gems/1.8/gems/hiera-puppet-0.3.0 Later when I updated to new version of hiera then it installed (via gem install) under /opt/puppet/lib/gems/1.8/gems/hiera-1.1.1 /opt/puppet/lib/gems/1.8/gems/hiera-puppet-1.0.0 Puppet was always using the hiera under /opt/puppet/lib/gems/1.8/gems/, so I was unable to use new features of hiera I have uninstalled hiera-0.3.0 manually using gem sudo gem uninstall --install-dir /opt/puppet/lib/gems/1.8/ hiera Then Puppet failed to find hiera() function, so its always looking under /opt/puppet/lib/gems/1.8/gems. Later I installed hiera using gem and explicitly specified to install under /opt/puppet/lib/gems/1.8/gems Now puppet cannot even find hiera() err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not autoload hiera_include: no such file to load -- /opt/puppet/lib/site_ruby/1.8/puppet/parser/functions/hiera_include.rb at /etc/puppetlabs/puppet/environments/development/manifests/site.pp:46 on node Looks like some thing wrong with my gem path or my puppet load path is not. Any idea what went wrong here? Using Ubuntu12.04LTS, PE 2.7, Hiera1.2 Any help greatly appreciated. Try sudo /opt/puppet/bin/gem install hiera I'm not a PE user, but I think that is the right path. Regards Sai. EMC -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Finding a manifest full file name (with path) in a function?
Thanks... I ended up with this: # # my_puppet_doc.rb # require 'puppet/util/rdoc' module Puppet::Parser::Functions newfunction(:my_puppet_doc, :type = :rvalue, :doc = -EOS This function returns the 'puppet doc' header from the module that called it. Usage: $doc = my_puppet_doc() EOS ) do |args| # Get the filename of the manifest that called us f = source.file # Create a Puppet file parser object parser = Puppet::Parser::Parser.new(Puppet::Node::Environment.new(Puppet[:environment])) parser.file = f ast = parser.parse # Now, for the manifest walk through it line by line and parse it. # (taken from Puppet::Util::RDoc.output) astobj = [] ast.instantiate('').each do |resource_type| astobj resource_type if resource_type.file == f end # Now, grab the @doc object and return it # TODO: Implement some clean parsing to remove the puppet doc formatting return astobj[0].doc end end Its not perfect ... there are two big issues. 1. We manually walk through the puppet doc parsing process because the Puppet::Utils::RDoc class *always* outputs to console or file, rather than giving you an ability to just return the string. 2. I probably want to run the doc object through a parser to strip out the various control characters. Other than that, it allows us to add docs to our node MOTD files like this: motd::add { $name: content = my_puppet_doc() } --Matt On Feb 22, 2013, at 10:15 AM, Ken Barber k...@puppetlabs.com wrote: I do this kind of thing here: https://github.com/puppetlabs/puppetlabs-kwalify/blob/master/lib/puppet/parser/functions/validate_resource.rb#L24 ken. On Fri, Feb 22, 2013 at 6:05 PM, Matt W m...@nextdoor.com wrote: I'm trying to create a function that I can call in a manifest like this: $doc = doc('apache::service') In the function, I want it to actually find the filename for the 'apache::service' class... from there, I'm going to run some code that will generate the puppet-doc in text format, and then return it in a variable. Ultimately this is so that I can have nodes self-document themselves. Right now I'm stuck on figuring out the filename from the classname though. Anyone have any tips on this? Is there a function in the Puppet ruby code somewhere that will translate a class-name into a file path? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: puppet could'nt find hiera even when hiera gem is installed
Tried /opt/puppet/bin/gem , no use puppet is still failing with errors err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not autoload hiera_include: no such file to load -- /opt/puppet/lib/site_ruby/1.8/puppet/parser/functions/hiera_include.rb at /etc/puppetlabs/puppet/environments/development/manifests/site.pp:46 I can see gem -list --local shows hiera gems installed. /opt/puppet/bin$ /opt/puppet/bin/gem list --local *** LOCAL GEMS *** activerecord (2.3.14) activesupport (2.3.14) ar-extensions (0.9.5) builder (3.0.0) dalli (1.1.2) excon (0.14.1) fog (1.5.0) formatador (0.2.0) guid (0.1.1) hiera (1.1.2) hiera-puppet (1.0.0) Regards Sai. EMC On Friday, February 22, 2013 3:07:41 PM UTC-5, llowder wrote: On Friday, February 22, 2013 2:03:30 PM UTC-6, Sai_Emc wrote: Hiera was properly working in my environment. But puppet was looking at old version even when I have the latest hiera gem installed. So I could'nt use json backend. But puppet is not looking at my latest hiera gem. Not sure when went wrong here. Scenario: I have installed hiera couple of months back. So the gem was installed under /opt/puppet/lib/gems/1.8/gems/hiera-0.3.0 /opt/puppet/lib/gems/1.8/gems/hiera-puppet-0.3.0 Later when I updated to new version of hiera then it installed (via gem install) under /opt/puppet/lib/gems/1.8/gems/hiera-1.1.1 /opt/puppet/lib/gems/1.8/gems/hiera-puppet-1.0.0 Puppet was always using the hiera under /opt/puppet/lib/gems/1.8/gems/, so I was unable to use new features of hiera I have uninstalled hiera-0.3.0 manually using gem sudo gem uninstall --install-dir /opt/puppet/lib/gems/1.8/ hiera Then Puppet failed to find hiera() function, so its always looking under /opt/puppet/lib/gems/1.8/gems. Later I installed hiera using gem and explicitly specified to install under /opt/puppet/lib/gems/1.8/gems Now puppet cannot even find hiera() err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not autoload hiera_include: no such file to load -- /opt/puppet/lib/site_ruby/1.8/puppet/parser/functions/hiera_include.rb at /etc/puppetlabs/puppet/environments/development/manifests/site.pp:46 on node Looks like some thing wrong with my gem path or my puppet load path is not. Any idea what went wrong here? Using Ubuntu12.04LTS, PE 2.7, Hiera1.2 Any help greatly appreciated. Try sudo /opt/puppet/bin/gem install hiera I'm not a PE user, but I think that is the right path. Regards Sai. EMC -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] upgraded to puppet 1.2.22 from 1.2.21 and get error
[ pid=1870 thr=69908823898540 file=utils.rb:176 time=2013-02-22 16:39:47.170 ]: *** Exception RuntimeError in PhusionPassenger::Rack::ApplicationSpawner (can't activate rack (~ 1.1.0, runtime) for [], already activated rack-1.5.2 for []) (process 1870, thread #Thread:0x7f29d53af358): from ./config/../vendor/rails/railties/lib/initializer.rb:271:in `require_frameworks' from ./config/../vendor/rails/railties/lib/initializer.rb:134:in `process' from ./config/../vendor/rails/railties/lib/initializer.rb:113:in `send' from ./config/../vendor/rails/railties/lib/initializer.rb:113:in `run' from ./config/environment.rb:14 from /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in `gem_original_require' from /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in `require' from config.ru:4 from /usr/lib/ruby/gems/1.8/gems/rack-1.5.2/lib/rack/builder.rb:55:in `instance_eval' from /usr/lib/ruby/gems/1.8/gems/rack-1.5.2/lib/rack/builder.rb:55:in `initialize' from config.ru:1:in `new' from config.ru:1 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: upgraded to puppet 1.2.22 from 1.2.21 and get error
I can get this working via running via WEBrick, but get the error when running it via passenger in apache. Not sure yet how to get this working via apache so I can SSL and LDAP authenticate it. On Friday, February 22, 2013 2:46:57 PM UTC-8, Tom Blich wrote: [ pid=1870 thr=69908823898540 file=utils.rb:176 time=2013-02-22 16:39:47.170 ]: *** Exception RuntimeError in PhusionPassenger::Rack::ApplicationSpawner (can't activate rack (~ 1.1.0, runtime) for [], already activated rack-1.5.2 for []) (process 1870, thread #Thread:0x7f29d53af358): from ./config/../vendor/rails/railties/lib/initializer.rb:271:in `require_frameworks' from ./config/../vendor/rails/railties/lib/initializer.rb:134:in `process' from ./config/../vendor/rails/railties/lib/initializer.rb:113:in `send' from ./config/../vendor/rails/railties/lib/initializer.rb:113:in `run' from ./config/environment.rb:14 from /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in `gem_original_require' from /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in `require' from config.ru:4 from /usr/lib/ruby/gems/1.8/gems/rack-1.5.2/lib/rack/builder.rb:55:in `instance_eval' from /usr/lib/ruby/gems/1.8/gems/rack-1.5.2/lib/rack/builder.rb:55:in `initialize' from config.ru:1:in `new' from config.ru:1 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] puppet-dashboard-1.2.22 - unable to get it running under Apache/Passenger
Had puppet-dashboard-1.2.21 running via instructions provided here: http://docs.puppetlabs.com/dashboard/passenger.html Upgraded to puppet-dashboard-1.2.22 and now get the following error: [ pid=8729 thr=70328297972140 file=utils.rb:176 time=2013-02-22 19:12:17.188 ]: *** Exception RuntimeError in PhusionPassenger::Rack::ApplicationSpawner (can't activate rack (~ 1.1.0, runtime) for [], already activated rack-1.5.2 for []) (process 8729, thread #Thread:0x7fed2a6fc358): from ./config/../vendor/rails/railties/lib/initializer.rb:271:in `require_frameworks' from ./config/../vendor/rails/railties/lib/initializer.rb:134:in `process' from ./config/../vendor/rails/railties/lib/initializer.rb:113:in `send' from ./config/../vendor/rails/railties/lib/initializer.rb:113:in `run' from ./config/environment.rb:14 from /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in `gem_original_require' from /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in `require' from config.ru:4 from /usr/lib/ruby/gems/1.8/gems/rack-1.5.2/lib/rack/builder.rb:55:in `instance_eval' from /usr/lib/ruby/gems/1.8/gems/rack-1.5.2/lib/rack/builder.rb:55:in `initialize' from config.ru:1:in `new' from config.ru:1 [Fri Feb 22 19:12:46 2013] [notice] caught SIGTERM, shutting down [Fri Feb 22 19:13:37 2013] [warn] Init: Session Cache is not configured [hint: SSLSessionCache] [Fri Feb 22 19:13:37 2013] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Fri Feb 22 19:13:37 2013] [warn] module php5_module is already loaded, skipping [Fri Feb 22 19:13:37 2013] [notice] Digest: generating secret for digest authentication ... [Fri Feb 22 19:13:37 2013] [notice] Digest: done [Fri Feb 22 19:13:37 2013] [notice] Apache/2.2.15 (Unix) DAV/2 Phusion_Passenger/3.0.19 PHP/5.3.20 mod_ssl/2.2.15 OpenSSL/1.0.0-fips configured -- resuming normal operations Not sure how to fix it. Thanks, Tom -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.