Re: [Puppet Users] puppet and CI
On 01.08.2013 16:35, Stefan Wiederoder wrote: Hello puppet users, I扉e setup gerrit/jenkins on a box to add versioniong/CI to my puppet setup. I惴 a jenkins/git beginner, therefore I扉e googled to find bits and pieces which I扉e put together. It愀 working fine so far, the only drawback is that my jenkins job is always checking the whole repository (which takes six minutes) - instead of only checking the patchset (one .pp file) I suspect that my Refspec/branches to build is wrong, can anybody help me regarding this topic? After jenkins has checked out the repo, there is no immediate indication what actually changed. You need to code more intelligence into the jenkins job to look at the git history and extract the list of changed files from there. Take care that you also think of dependencies from your changes. e.g. if a parameter was removed, everyone who's using that might grow an error, because that is still using this parameter. What checks are you doing that take 6 minutes? A simple syntax check and erb evaluation takes around 30s on a big repo over here. Regards, David -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Outage on yum/apt/downloads for 1 hour at 03:00 UTC
Our primary distribution server will be down for scheduled maintenance at 03:00 UTC for approximately 1 hour. This system hosts yum.puppetlabs.com, apt.puppetlabs.com, and downloads.puppetlabs.com. Those services will be unavailable during this outage window. If you have questions, please let me know. Mike -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Puppet Support for Windows
Hi John, On Thu, Aug 1, 2013 at 6:00 AM, jcbollinger wrote: > > > On Wednesday, July 31, 2013 8:22:01 AM UTC-5, cha...@lyricalsoftware.comwrote: >> >> >> Hopefully my $0.02 can we worth something here ;) I'd argue that it's >> really a separate resource type - since the ACL is related to the user >> space. If you're going to extend it to multiple providers (solaris as per >> your example) it's really similar in idea to RBAC. In fact, if you look at >> Windows ACLs, RBAC, and set/get facl you pretty much have a new type. Or >> at least that's what I'd hope :) >> > > > And of course some Solaris is by no means the only Unix-y OS with ACL > support. It is available on Linux, too, at least for the most frequently > used filesystems, and I'm sure there are others. I'm inclined to agree > that a type aimed at broad ACL / RBAC support would be a win. > Yep, I agree. Now, how exactly to map the type across different implementations? Windows ACLs support inheritance. An ACL can be marked as protected, breaking inheritance, and for directories, everything below it. ACEs specify a subject (SID) and the rights that are granted/denied. This is a bitfield, though users are more typically used to saying "Full Control" or "Read & Execute". Windows ACEs can either be allow or deny, the order matters, and if no ACEs match, access is denied. An ACE for a directory can be marked as object-inherit and/or container-inherit. This doesn't affect the effective permissions on the directory, only files and subdirectories, respectively. How are these similar & different to Unix-y ACLs? Josh -- Josh Cooper Developer, Puppet Labs *Join us at PuppetConf 2013, August 22-23 in San Francisco - * http://bit.ly/pupconf13* **Register now and take advantage of the Final Countdown discount - save 15%!* -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] escape sequence within generate function
I'm looking for some help in getting the proper escape sequence within the
generate function.
Ultimately what I'm trying to do is generate some random strings, store
them as variables, and use those variables to populate configuration files
stored as templates.
I can get this to work when applying the template on the localhost, but it
fails when applied via the puppet master.:
> $random_1 = generate("/bin/sh", "-c", "/bin/cat /dev/urandom | /usr/bin/tr-
> dc 'a-z0-9' | /usr/bin/fold -w 8 | /usr/bin/head -n 1 | /usr/bin/tr -d
> '\n'")
The closest I've come is to use:
> $random_1 = generate('/bin/sh', '-c', '\"/bin/cat /dev/urandom | /usr/bin/
> tr -dc \'a-z0-9\' | /usr/bin/fold -w 8 | /usr/bin/head -n 1 | /usr/bin/tr-d
> \'\n\'\"'
> )
This however ends up populating the variable with the following and appears
to ignore the the "/usr/bin/tr -d '\n'" as there are line breaks inserted:
> /bin/sh: "/bin/cat: No such file or directory
>
What I'm really wanting (I think) to be executed on the puppet master is
> "/bin/sh" "-c" "/bin/cat /dev/urandom | /usr/bin/tr -dc 'a-z0-9' |
> /usr/bin/fold -w 8 | /usr/bin/head -n 1 | /usr/bin/tr -d '\n'"
Any help would be appreciated.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] More node definition complexity
Hi Everyone; First, thanks for your help! I am trying to create a way to categorize hosts based on both/either/or the name of the host as well as the location of the host. Right now, I have .pp files that categorize the hosts based on the hostname. I have written a custom fact to determine the datacenter location but, I cannot figure out how to create .pp files that will allow me to apply catalogs either based on hostname or datacenter name. Is there any way to do this outside of hiera or ENC? Thank you very much! Bee -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: Vagrant Puppet Provision VM
This is a cool way to do it!
Thanks a lot
On Thu, Aug 1, 2013 at 6:17 AM, daddy dp wrote:
> you can pass puppet options
> puppet.options = ["--pluginsync","--verbose","--hiera_config
> /vagrant/modules/puppet/templates/master/hiera.yaml","--environment
> #{ROLE}"]
> and sync folder with hiera data
> config.vm.synced_folder "hieradata",
> "/etc/puppet/environments/#{ROLE}/hieradata"
>
>
>
> On Tuesday, July 30, 2013 5:32:36 PM UTC+3, chengkai liang wrote:
>>
>> Hi All,
>> I am using Vagrant to provision a box (CentOS 6.x) with puppet
>> provisioner. The box is built by using veewee, with ruby 1.8.7 and puppet
>> 3.2 iinstalled, and the vagrant environment layout is,
>>
>> .
>> ├── Gemfile
>> ├── Gemfile.lock
>> ├── Rakefile
>> ├── Vagrantfile
>> ├── definitions
>> │ └── centos-6.3.minimal
>> ├── hiera
>> │ └── data
>> ├── iso
>> │ ├── CentOS-6.3-x86_64-minimal.iso
>> │ └── VBoxGuestAdditions_4.2.12.iso
>> ├── puppet
>> │ ├── Puppetfile
>> │ ├── environments
>> │ ├── manifests
>> │ └── modules
>> └── r10k.yaml
>>
>> Puppet will execute the puppet/manfests/default.pp for executing all the
>> modules include within in. Now, I have the following modules list in this
>> default.pp,
>>
>> include stdlib
>> i*nclude hiera_config*
>> include confluence_facts
>> include confluence_setup
>>
>> One thing to note is that by default, hiera.yaml was installed at
>> /etc/hiera.yaml, yet puppet is looking for hiera.yaml at
>> /etc/puppet/hiera.yaml. As a result, hiera_config is created to remedy the
>> problem (puppet will complaint it can't find hiera.yaml in /etc/puppet
>> directory).
>>
>> Here problem, when running *vagrant destroy* -> *vagrant up*, during the
>> provision phase, puppet complaint can't find /etc/puppet/hiera.yaml, and
>> keep executing the reset of the modules but not hiera_config. If I comment
>> out all the modules but hiera_config, then this module gets executed. And
>> I can finally un-comment all the modules and execute them all successfully.
>>
>> Why puppet behaves in this way? Is there a way to enforce hiera_config
>> being executed?
>>
>> -Chengkai
>>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Puppet Users" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/puppet-users/dTWWj_kPlxE/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> puppet-users+unsubscr...@googlegroups.com.
> To post to this group, send email to puppet-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/puppet-users.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Puppet Support for Windows
On Aug 1, 2013 12:56 AM, "Josh Cooper" wrote:
>
>
>
>
> On Wed, Jul 31, 2013 at 6:22 AM, wrote:
>>
>> Hi Josh,
>>
>>> On Sun, Jul 28, 2013 at 1:03 PM, wrote:
>>>
>>> I don't have a time estimate, other than to say that we are working on
a set of improvements to file system management, including NTFS ACLs,
symlinks, and some bug fixes, and it's one of our top priorities, along
with powershell and reboot support.
>>
>>
>> That's amazing news. Powershell support alone would be killer - I had to
wrap nearly my entire universe with cmd.exe to make like easier - to the
point of writing a shared module for this pain. Powershell can't come fast
enough :)
>
>
> I have a powershell provider here:
http://forge.puppetlabs.com/joshcooper/powershell. And as of puppet 3.2,
that the module tool supports windows, so you can do:
>
> C:\>puppet module install joshcooper-powershell
> C:\>puppet apply -e "exec { 'Write-Host hello': provider=> powershell,
logoutput => true }"
> Notice: /Stage[main]//Exec[Write-Host hello]/returns: hello
> Notice: /Stage[main]//Exec[Write-Host hello]/returns: executed
successfully
>
> We've recently made some improvements around powershell invocation. See
https://github.com/joshcooper/puppetlabs-powershell/issues for more info.
>
> Josh
>
> --
> Josh Cooper
> Developer, Puppet Labs
Fantastic thank you! I'm going to bang on this next week.
Cheers,
--c
Chayim Kirshen
Founder, Lyrical Software
@lyricaldevops
>
> Join us at PuppetConf 2013, August 22-23 in San Francisco -
http://bit.ly/pupconf13
> Register now and take advantage of the Final Countdown discount - save
15%!
>
> --
> You received this message because you are subscribed to a topic in the
Google Groups "Puppet Users" group.
> To unsubscribe from this topic, visit
https://groups.google.com/d/topic/puppet-users/yKZAWODowGA/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
puppet-users+unsubscr...@googlegroups.com.
> To post to this group, send email to puppet-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/puppet-users.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Vagrant Puppet Provision VM
you can pass puppet options
puppet.options = ["--pluginsync","--verbose","--hiera_config
/vagrant/modules/puppet/templates/master/hiera.yaml","--environment
#{ROLE}"]
and sync folder with hiera data
config.vm.synced_folder "hieradata",
"/etc/puppet/environments/#{ROLE}/hieradata"
On Tuesday, July 30, 2013 5:32:36 PM UTC+3, chengkai liang wrote:
>
> Hi All,
> I am using Vagrant to provision a box (CentOS 6.x) with puppet
> provisioner. The box is built by using veewee, with ruby 1.8.7 and puppet
> 3.2 iinstalled, and the vagrant environment layout is,
>
> .
> ├── Gemfile
> ├── Gemfile.lock
> ├── Rakefile
> ├── Vagrantfile
> ├── definitions
> │ └── centos-6.3.minimal
> ├── hiera
> │ └── data
> ├── iso
> │ ├── CentOS-6.3-x86_64-minimal.iso
> │ └── VBoxGuestAdditions_4.2.12.iso
> ├── puppet
> │ ├── Puppetfile
> │ ├── environments
> │ ├── manifests
> │ └── modules
> └── r10k.yaml
>
> Puppet will execute the puppet/manfests/default.pp for executing all the
> modules include within in. Now, I have the following modules list in this
> default.pp,
>
> include stdlib
> i*nclude hiera_config*
> include confluence_facts
> include confluence_setup
>
> One thing to note is that by default, hiera.yaml was installed at
> /etc/hiera.yaml, yet puppet is looking for hiera.yaml at
> /etc/puppet/hiera.yaml. As a result, hiera_config is created to remedy the
> problem (puppet will complaint it can't find hiera.yaml in /etc/puppet
> directory).
>
> Here problem, when running *vagrant destroy* -> *vagrant up*, during the
> provision phase, puppet complaint can't find /etc/puppet/hiera.yaml, and
> keep executing the reset of the modules but not hiera_config. If I comment
> out all the modules but hiera_config, then this module gets executed. And
> I can finally un-comment all the modules and execute them all successfully.
>
> Why puppet behaves in this way? Is there a way to enforce hiera_config
> being executed?
>
> -Chengkai
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] puppet and CI
Hello puppet users, I´ve setup gerrit/jenkins on a box to add versioniong/CI to my puppet setup. I´m a jenkins/git beginner, therefore I´ve googled to find bits and pieces which I´ve put together. It´s working fine so far, the only drawback is that my jenkins job is always checking the whole repository (which takes six minutes) - instead of only checking the patchset (one .pp file) I suspect that my Refspec/branches to build is wrong, can anybody help me regarding this topic? thanks & bye , Stefan -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Node Classifications
On Wednesday, July 31, 2013 11:53:13 AM UTC-5, Worker Bee wrote: > > Hi Everyone, > > I am struggling a bit with the order of precedence of node > classifications. When using .pp files to classify nodes, what happens if a > node corresponds to two different manifests. For example, if I have .pp > files that select nodes based on hostnames and I have another .pp file that > selects hosts based in data center location, will both manifests be applied > accordingly? > > Puppet chooses at most one node definition for each catalog request. The document Ellison referred you to also describes how the best match is chosen when there are several node definitions that match. In particular, as he said, the default node definition is chosen only if no other node definition matches. You can use node inheritance if you want one node definition to encompass also everything in another (such as the default node), but be careful: history shows that people have a tendency to make incorrect assumptions about how node inheritance works. (Details of this, too, are in the documentation.) PL strongly discourages use of node inheritance, whereas I take a slightly softer stance. Node inheritance is fine with me as long as you really understand what it does, and that's really what you want. John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Puppet Support for Windows
On Wednesday, July 31, 2013 8:22:01 AM UTC-5, cha...@lyricalsoftware.com wrote: > > > Hopefully my $0.02 can we worth something here ;) I'd argue that it's > really a separate resource type - since the ACL is related to the user > space. If you're going to extend it to multiple providers (solaris as per > your example) it's really similar in idea to RBAC. In fact, if you look at > Windows ACLs, RBAC, and set/get facl you pretty much have a new type. Or > at least that's what I'd hope :) > And of course some Solaris is by no means the only Unix-y OS with ACL support. It is available on Linux, too, at least for the most frequently used filesystems, and I'm sure there are others. I'm inclined to agree that a type aimed at broad ACL / RBAC support would be a win. John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
