[Puppet Users] Re: Error 400 on SERVER: Could not find class pentaho for server.test.com
Hi Have you changed any facts and used in your class pentaho? broken handeling of facts may give such error. will you please elaborate on your development environment? Thanks Regards, Sneha More, NTT DATA GTS, OSS Center, India (Pune), On Monday, September 9, 2013 8:47:04 PM UTC+5:30, Eduardo Terzella wrote: Good morning , I could help to debug this problem ? puppet agent - test Debug: catalog supports formats: b64_zlib_yaml dot pson raw yaml; using pson Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not find class pentaho for s http://srvdev206.cia.stefanini.com/ erver.test.com /usr/lib/ruby/vendor_ruby/puppet/indirector/rest.rb:185:in `is_http_200?' /usr/lib/ruby/vendor_ruby/puppet/indirector/rest.rb:100:in `find' /usr/lib/ruby/vendor_ruby/puppet/indirector/indirection.rb:197:in `find' /usr/lib/ruby/vendor_ruby/puppet/configurer.rb:243:in `retrieve_new_catalog' /usr/lib/ruby/vendor_ruby/puppet/util.rb:351:in `thinmark' /usr/lib/ruby/1.8/benchmark.rb:308:in `realtime' /usr/lib/ruby/vendor_ruby/puppet/util.rb:350:in `thinmark' /usr/lib/ruby/vendor_ruby/puppet/configurer.rb:242:in `retrieve_new_catalog' /usr/lib/ruby/vendor_ruby/puppet/configurer.rb:67:in `retrieve_catalog' /usr/lib/ruby/vendor_ruby/puppet/configurer.rb:107:in `prepare_and_retrieve_catalog' /usr/lib/ruby/vendor_ruby/puppet/configurer.rb:159:in `run' /usr/lib/ruby/vendor_ruby/puppet/agent.rb:45:in `run' /usr/lib/ruby/vendor_ruby/puppet/agent/locker.rb:20:in `lock' /usr/lib/ruby/vendor_ruby/puppet/agent.rb:45:in `run' /usr/lib/ruby/1.8/sync.rb:230:in `synchronize' /usr/lib/ruby/vendor_ruby/puppet/agent.rb:45:in `run' /usr/lib/ruby/vendor_ruby/puppet/agent.rb:119:in `with_client' /usr/lib/ruby/vendor_ruby/puppet/agent.rb:42:in `run' /usr/lib/ruby/vendor_ruby/puppet/agent.rb:84:in `run_in_fork' /usr/lib/ruby/vendor_ruby/puppet/agent.rb:41:in `run' /usr/lib/ruby/vendor_ruby/puppet/application.rb:179:in `call' /usr/lib/ruby/vendor_ruby/puppet/application.rb:179:in `controlled_run' /usr/lib/ruby/vendor_ruby/puppet/agent.rb:39:in `run' /usr/lib/ruby/vendor_ruby/puppet/application/agent.rb:353:in `onetime' /usr/lib/ruby/vendor_ruby/puppet/application/agent.rb:327:in `run_command' /usr/lib/ruby/vendor_ruby/puppet/application.rb:364:in `run' /usr/lib/ruby/vendor_ruby/puppet/application.rb:456:in `plugin_hook' /usr/lib/ruby/vendor_ruby/puppet/application.rb:364:in `run' /usr/lib/ruby/vendor_ruby/puppet/util.rb:504:in `exit_on_fail' /usr/lib/ruby/vendor_ruby/puppet/application.rb:364:in `run' /usr/lib/ruby/vendor_ruby/puppet/util/command_line.rb:132:in `run' /usr/lib/ruby/vendor_ruby/puppet/util/command_line.rb:86:in `execute' /usr/bin/puppet:4 Warning: Not using cache on failed catalog Error: Could not retrieve catalog; skipping run Debug: report supports formats: b64_zlib_yaml pson raw yaml; using pson The same module , works in production environment ( inside the puppet ) , when I change the server to the development environment and use the same code , this error happens . -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] getting array of hostnames of clients
I need to get an array of hostnames of clients of the puppet server.
There doesn't seem to be a simple way to do this so I've tried a few
methods.
I've tried a curl expression in a fact like this:
curl -s -k -H Accept: yaml
https://localhost:8140/production/facts_search/search?facts.nodetypet=testnodes
where I've got a nodetype fact which works fine for me.
Now, this used to work but doesn't any more. Between it working and now
I've changed to using puppetdb. I'm not sure if theres a connection.
The error returned is:
Caught NoMethodError: undefined method `' for nil:NilClass
The next thing I tried was to get each interesting node to create a file on
the puppetmaster server. So I now have a bunch of files in /tmp/ with
distinctive names which contain only the hostname of that puppet client.
I have a fact which is supposed to cat these together and, with luck, turn
them into an array at some time. What I currently have is this:
require 'facter'
Facter.add(nodelist) do
setcode do
path=/tmp
if File.exists?(path) File.directory?(path) ! Dir[path +
'/*'].empty?
output = Facter::Util::Resolution.exec(/bin/cat
/tmp/testnode*).split('\n').join(',')
else
output = empty
end
output
end
end
but this isn't getting anything in the fact at all, not even empty.
Running that cat command on the commandline returns exactly what I would
expect.
If I run facter on the commandline like this:
FACTERLIB=/etc/puppet/modules/smokeping_prep/lib/facts facter nodelist
I get the list I expect.
On each node I have this:
@@file { testnode-{$::fqdn}:
ensure = file,
path = /tmp/testnode-$::fqdn.txt,
mode = 640, owner = root,
tag = 'testnodes',
content = $::hostname
,
}
On the puppetmaster node definition I have this:
File | tag == testnodes |
file { 'nodelist':
path = '/tmp/nodelist',
content =
$::nodelist
}
}
and I was expecting a file /tmp/nodelist to contain the text from the fact
$::nodelist but the file is empty.
So, sorry, but I have three questions:
1. why isn't that curl getting the facts? Why is it getting this NoMethod
error?
2. why isn't that new nodelist fact working? If a fact has an error where
does this get logged?
3. Is there an easier way to do what I want? An array of hostnames of
clients matching a fact which I can then pass to other Puppet commands. On
the face of it I'd think this was something many people would want to do.
In my case I want to generate a list of Smokeping slaves as a parameter for
Puppet-generated Smokeping targets. Ie Puppet already generates configs for
the targets and the slaves and I want to populate the target config with a
set of slaves.
facter --version
1.7.2
puppet --version
3.2.4
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] default data lookup w/ hiera2? Data in Modules
I am reading over the release notes for Puppet 3.3, and buried under data
in modules is a link to ARM-9.
There is a good chance that I don't get it - Puppet is moving pretty fast
these days and I am still trying to get caught up with all of the changes.
I have only read the latest Puppet code and the ARM docs- I have not tried
it on a real system yet. However, I am concerned about the usefullness of
the default lookup syntax. I find the examples in the ARM document a bit
obtuse.
https://github.com/puppetlabs/armatures/blob/master/arm-9.data_in_modules/index.md#lookup-with-default
With hiera1, we can (very simply) do:
hiera(namespace::key_name, default value )
Hiera2 requires some more work:
$x = lookup('something')
$looked_up = $x ? { undef = 'nothing', default = $x }
This is ugly. Checking if variables are undefined, and then setting them to
a default is what we did in bash. Not good.
On the positive side, the lookup function adds a static type checker, but
it also fails to be completely useful because we cannot (?) define our own
static types or validators. If we had the ability to define our own type
check via lambda or other function, this would be useful. We could do
complex validation on data, more than just 'string' or 'array'.
I would like to see something like:
lookup(namespace::key_name, custom_validator_function)
Where the custom_validator_function could be any puppet parser function OR
since we now worship the* *great *λ, *we should be able to use an anonymous
function
in-place to validate the input (and in this fictitious example, set a
default value):
lookup(namespace::key_name, |$val| {$val or default value} )
To sum it up, as someone who writes a lot of Puppet DSL code, I find the
hiera1 syntax much more useful than the lookup syntax in ARM-9.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] puppetdb query not working as expected
Running puppet only at around 4am once a day here. And I noticed that puppetdb query not working as expected, if using it to query nodes based on some custom fact value. During the days, things are working fine. But if I ran the same query at around say 3am (searching nodes based on some custom fact's value), then it would not be able to return node information. But if I ran puppet on that node at that time, then I could see the node showing up in the query output right away. And if I ran puppetdb query based on custom fact after 5am, then it is working as expected. Is there any errors associated with this failure, if so can you supply it? In particular - do you get anything of interest in your puppetdb.log? This could be a performance tuning issue, if so we usually log queries over 10 seconds to puppetdb.log for example. Are you using PostgreSQL? ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] hiera.yaml syntax required, for Puppet 3 lookup of files within a sudirectory
Hi all,
I'm having some issues getting hiera to check out a subdirectory in it's
hierarchy,
I've set a custom fact to reveal what my working environment is. Puppet 3 /
PE3.0.1
i.e. facter -p my_env shows test
My hiera.yaml has an extract like the following;
:hierarchy:
- defaults
- %{::clientcert}
- %{::my_env}/common
- common
I have a hieradata/test/common.yaml file with the required data I'm after.
If I run a hiera -d for the variable I'm after, my datadir is found, but I
can see that it only tries to parse defaults.yaml and common.yaml, but
neither clientcert or my_env directories are searched or mentioned in the
debug output.
I've tried with and without the ::
If I place my key pair in either defaults, or common, it's found
successfully.
( Indeed, if I run facter clientcert, nothing is actually returned?? This
is the default in the hiera.conf file I see. clientcert, rather than fqdn??
)
Does anybody have the correct syntax for Puppet 3 hiera to search in a
subdirectory as above?
Thanks Steven
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Puppet environments versus the PE console?
Hi, I was wondering if it's possible to use (puppet.conf) environments within the classes in the PE console? I saw this link, but wondered if there had been any updates or other experiences from anybody? http://projects.puppetlabs.com/issues/6608 Thanks, Steven -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] An assortment of 2.x agents out there...a Puppet 3 PM, and Satellite to lend a hand? Agent update / migration approach?
Hi, We have a fairly large number of 2.x FOS puppet agents out there in RH5, 6 and Solaris 10 server land. We've just installed PE3 on RH6.4, and trying to work out how to migrate all of the agents across. We have a new Satellite in the mix to lend a hand if necessary. I'm curious to see how others have addressed this one. I was thinking that we should be creating a separate channel on Satellite to accommodate the Puppet EL5, EL6 and Solaris 10 Sparc software firstly. Then maybe use FPM to assist with the creation of an RPM and PKGs, including an answers files to point the new agent at the new PE3 server. Package to be signed on Satellite and deplyed out to clients to do the upgrade magic My fear is that the old agent will not come off cleanly, or something else bad may happen. Does anybody have any ideas or strategies on this one? Thanks again! Steven -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Setting up an HA Puppet console using HAProxy
Hi all, I'm trying to set up an HA Puppet 3 (PE3) console. My goal is to use HAProxy to present the puppet VIP, and have two load balance Puppet Masters in behind. My plan goes along the following lines. The first PM would be the active CA *and* console. Port 443 and 8140 will need to be handled by HAProxy, but I'm not certain how this should be set up. Database and MCollective aside, I understand the process for setting up the 2nd server is similar to the first, but we need a ca_server = false in the puppet.conf as we should only have one CA active. If I load balance 8140 to both boxes, that will mean that regular Puppet traffic may be OK, but the agent CSR will be round robin distributed to the 2ndary which is not running an active CA...hmmm. Not good. Maybe update the apache code to make SSL certificate magic run on a different port, or? Does anybody have any advice on what to do with regards to the secondary console, which I'm assuming must be passive whilst the first is running? I suppose my question is around how to set up a load balanced pair of Puppet Masters (PE3), using HAProxy. Any experiences, or guides? My brain is hurting. Thanks Steven -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Offering Puppet As A Service
We have several internal customers that we would like to start offering Puppet as a Service to. Our central group would manage Puppet masters, ENC, etc. But, we want other independent groups to be able to use our Puppet services. Is anyone currently doing this? If so, how are you handling segregation of manifests? Are you creating multiple environments for each internal customers (perhaps with one common environment shared amongst all for base configuration). Any suggestions would be greatly appreciated. Thanks, Josh -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Custom Fact undefined in manifests
On 9/10/13 5:49 PM, Denmat wrote:
On 11/09/2013, at 1:38, David Thompson dthomp...@waisman.wisc.edu
mailto:dthomp...@waisman.wisc.edu wrote:
I'm working with custom facts with facter 1.7.2. I've created a fact
file with an ntp configuration fact in it:
# grep ntp_conf /etc/facter/facts.d/myfacts.txt
puppet:///modules/ntp/DEFAULT/ntp_conf
facter knows the fact is there:
# facter -p v_ntp__ntp_conf
puppet:///modules/ntp/DEFAULT/ntp_conf
...but puppet thinks the variable is undefined:
# cat /tmp/notify.pp
notify{$hardwaremodel:}
notify{$v_ntp__ntp_conf:}
For completeness, I'll add that I get the same result regardless of
whether I refer to the custom fact as $v_ntp__ntp_conf or
$::v_ntp__ntp_conf, regardless of whether I try to expand the custom
fact in a string or use it in a conditional test.
Based on the lack of response, it looks like I should open a bug report?
David
[root@sazabi facts.d]# puppet apply /tmp/notify.pp
Notice: x86_64
Notice: /Stage[main]//Notify[x86_64]/message: defined 'message' as
'x86_64'
Notice: undef
Notice: /Stage[main]//Notify[undef]/message: defined 'message' as 'undef'
Notice: Finished catalog run in 0.28 seconds
What am I missing here? Thanks!
--
You received this message because you are subscribed to the Google
Groups Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send
an email to puppet-users+unsubscr...@googlegroups.com
mailto:puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com
mailto:puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google
Groups Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send
an email to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
--
David Thompson
Waisman Center Brain Imaging and Behavior Lab
1500 Highland Ave. Room T133
Madison, WI 53705-2280
(608) 265-6608
dthompson (at) waisman (dot) wisc (dot) edu
--
You received this message because you are subscribed to the Google Groups Puppet
Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Ordering and templates question/issue
On Tuesday, September 10, 2013 8:53:10 AM UTC-5, sjr wrote:
Hi John,
thanks for your answer, first of all I must say I just wanted to
experiment and learn, it's not like I'm going to put such awful hacks :-)
in productionmostly because I guess it's easy they can be changed over
the time as they are not part of puppet DSL and so, it can be harder to
maintain and for other colleagues to understand.
OK, now to the point...I forgot to include the node definition, sorry
about that, it looks like:
node hostname {
class {'test1': }
test1::print {'test11':
message = 'test11',
}
test1::print {'test12':
message = 'test13',
}
test1::print {'test13':
message = 'test13',
}
So I understand that when you say I haven't defined any resource it's
because I forgot to mention that part, right?
Yes.
If so, why the define types are not showing up in the file?
You have not fully appreciated the implications of the evaluation-order
dependency of scope.catalog.resources. The defined-type instances are not
showing up in the file because their declarations have not yet been
evaluated when the template is evaluated. Overall evaluation order is
difficult to predict, and it is not stable with respect changes in your
manifest set. I cannot emphasize strongly enough how important it is to
avoid evaluation-order dependencies in your Puppet code.
Also, as you can see in the content of the file I included in my previous
message, Class[test1] was declared and showed in the content of the file,
but the File resource itself was not there when the template was built.
Of course it wasn't. The value of the File's 'content' parameter is
generated by evaluating the template via the template() function (on the
master, during catalog compilation, the same as all Puppet functions are
executed). Puppet must compute the values of the resource's parameters
before it can add the resource to the catalog.
I have the feeling the template is evaluated before all this resources are
present in the catalog...am I wrong? Is that expected behavior?
As described above, in this case the template will reliably be evaluated
before the File because the template evaluation is subsidiary to the File's
declaration. Also, it happens that the template is evaluated before the
three declarations of Test1::Print instances, but you should not
over-interpret that result. In particular, you should not use it to try to
predict evaluation order within other manifest sets. That should not be a
problem, however, since you will be carefully avoiding code for which
evaluation order males any difference. Right?
John
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Ordering and templates question/issue
On Wednesday, September 11, 2013 8:35:07 AM UTC-5, jcbollinger wrote: males any difference makes, that is. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Custom Fact undefined in manifests
On Wednesday, September 11, 2013 8:07:59 AM UTC-5, David Thompson wrote:
On 9/10/13 5:49 PM, Denmat wrote:
On 11/09/2013, at 1:38, David Thompson
dtho...@waisman.wisc.edujavascript:
mailto:dtho...@waisman.wisc.edu javascript: wrote:
I'm working with custom facts with facter 1.7.2. I've created a fact
file with an ntp configuration fact in it:
# grep ntp_conf /etc/facter/facts.d/myfacts.txt
puppet:///modules/ntp/DEFAULT/ntp_conf
facter knows the fact is there:
# facter -p v_ntp__ntp_conf
puppet:///modules/ntp/DEFAULT/ntp_conf
...but puppet thinks the variable is undefined:
# cat /tmp/notify.pp
notify{$hardwaremodel:}
notify{$v_ntp__ntp_conf:}
For completeness, I'll add that I get the same result regardless of
whether I refer to the custom fact as $v_ntp__ntp_conf or
$::v_ntp__ntp_conf, regardless of whether I try to expand the custom
fact in a string or use it in a conditional test.
Based on the lack of response, it looks like I should open a bug report?
Lack of response? This is a volunteer community forum, not a paid
technical support service. Give it some time.
Before you open a bug report, you should make sure that the file containing
your custom fact(s) is readable by the Puppet agent service. That facter
can read the file when you run it from the command line does not prove
that. Even though the agent runs as a privileged user (or should), access
could still be blocked in various ways, such as
1. Mandatory access controls (a.k.a. SELinux in enforcing mode) could
allow you to read the file, but prevent the agent service from doing so.
2. If /etc/facter/facts.d is on an NFS-mounted filesystem that performs
root-squashing, then the agent may have less permissions on it than you,
personally, do.
There are probably other means.
Also, make sure Puppet is using the same Facter that you are using from the
command line. If you have multiple versions installed then all manner of
havoc might ensue. You might get multiple versions by installing them from
gem or from source into different Ruby libraries, or into different parts
of the same Ruby lib.
John
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Custom Fact undefined in manifests
On 9/11/13 8:54 AM, jcbollinger wrote: Lack of response? This is a volunteer community forum, not a paid technical support service. Give it some time. No offense intended. I'm continually impressed by the effort made by the volunteers who watch this lists and provide so much help. Before you open a bug report, you should make sure that the file containing your custom fact(s) is readable by the Puppet agent service. That facter can read the file when you run it from the command line does not prove that. Even though the agent runs as a privileged user (or should), access could still be blocked in various ways, such as 1. Mandatory access controls (a.k.a. SELinux in enforcing mode) could allow you to read the file, but prevent the agent service from doing so. 2. If /etc/facter/facts.d is on an NFS-mounted filesystem that performs root-squashing, then the agent may have less permissions on it than you, personally, do. There are probably other means. Also, make sure Puppet is using the same Facter that you are using from the command line. If you have multiple versions installed then all manner of havoc might ensue. You might get multiple versions by installing them from gem or from source into different Ruby libraries, or into different parts of the same Ruby lib. All good ideas. An strace of puppet agent --test (and/or the test manifest above) shows that puppet is able to read the fact file (and, yes, it's on the local disk), and the the version of facter being loaded is the correct (and only) one (in my case, the RPM version 1.7.2, from /usr/lib/ruby/site_ruby/1.8/facter.rb and friends), and still show the custom facts as undef. Even if I reduce my custom facts to a single file containing a single trivial line (somefact=somevalue), the custom fact shows up in facter but not in puppet. I also get the same result when I pass the fact as yaml. I tried json, but got an error about missing the json gem, even though I have the puppetlabsdep rubygem-json RPM installed. -- David Thompson Waisman Center Brain Imaging and Behavior Lab 1500 Highland Ave. Room T133 Madison, WI 53705-2280 (608) 265-6608 dthompson (at) waisman (dot) wisc (dot) edu -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: getting array of hostnames of clients
On Wednesday, September 11, 2013 2:49:50 AM UTC-5, Steve Wray wrote:
I need to get an array of hostnames of clients of the puppet server.
There doesn't seem to be a simple way to do this so I've tried a few
methods.
I've tried a curl expression in a fact like this:
curl -s -k -H Accept: yaml
https://localhost:8140/production/facts_search/search?facts.nodetypet=testnodes
In other words, this is intended to retrieve the desired information via
the master's REST API. I'm not quite making the connection here, however:
how is putting that expression into a fact supposed to achieve your result?
Do you mean you have a custom fact that executes that command and parses
the YAML result to produce the desired array? That seems odd, because in
that case 'localhost' probably would not resolve to the correct machine (it
would be the client, not the master), and because the result is not a
property of the node.
Or do you mean that you pass the command itself as a literal fact value,
which the master executes locally to extract the result? Again in that
case the value is not a property of the node, so it doesn't appear to make
much sense to use a fact. Also, it would be a serious security risk for
the master to execute commands provided by clients.
where I've got a nodetype fact which works fine for me.
Now, this used to work but doesn't any more. Between it working and now
I've changed to using puppetdb. I'm not sure if theres a connection.
The error returned is:
Caught NoMethodError: undefined method `' for nil:NilClass
There could be a connection. I have lately seen some evidence that
puppetdb may not reliably escape fact values when it stores them. That
would be a serious flaw, but I cannot confirm its existence.
Alternatively, if you have also updated your master, then it may be that
the data returned by the REST call has changed in form or content. Do you
get what you expect if you run it from the command line?
The next thing I tried was to get each interesting node to create a file
on the puppetmaster server. So I now have a bunch of files in /tmp/ with
distinctive names which contain only the hostname of that puppet client.
Yuck.
I have a fact which is supposed to cat these together and, with luck, turn
them into an array at some time. What I currently have is this:
Facts are properties of target nodes, and their values are evaluated
there. Dropping a bunch of files on the master could allow the Puppet
agent to collect data from them into a fact when it runs on the Puppet
master server, but it cannot do anything for agents running on other
nodes. Do you need the information on nodes other than the master?
require 'facter'
Facter.add(nodelist) do
setcode do
path=/tmp
if File.exists?(path) File.directory?(path) ! Dir[path +
'/*'].empty?
output = Facter::Util::Resolution.exec(/bin/cat
/tmp/testnode*).split('\n').join(',')
else
output = empty
end
output
end
end
but this isn't getting anything in the fact at all, not even empty.
Running that cat command on the commandline returns exactly what I would
expect.
If you're not getting the fact at all, even after you restart the agent
(though that should not be necessary), then I conclude that the fact has
not been synced to the client.
If I run facter on the commandline like this:
FACTERLIB=/etc/puppet/modules/smokeping_prep/lib/facts facter nodelist
I get the list I expect.
On *which* command line? You could have the fact installed on the master,
but not synced to clients.
On each node I have this:
@@file { testnode-{$::fqdn}:
ensure = file,
path = /tmp/testnode-$::fqdn.txt,
mode = 640, owner = root,
tag = 'testnodes',
content = $::hostname
,
}
On the puppetmaster node definition I have this:
File | tag == testnodes |
file { 'nodelist':
path = '/tmp/nodelist',
content =
$::nodelist
}
}
and I was expecting a file /tmp/nodelist to contain the text from the fact
$::nodelist but the file is empty.
1. You are collecting the Files only on the master, therefore only the
master's $::nodelist fact could provide the information you want.
2. Facts are evaluated before catalog compilation, therefore even the
master's $::nodelist fact would be perpetually one cycle behind.
So, sorry, but I have three questions:
1. why isn't that curl getting the facts? Why is it getting this NoMethod
error?
Beats me. It might help for you to explain more fully how you are using
it, and to present the curl output actually generated.
2. why isn't that new nodelist fact working? If a fact has an error where
does this get logged?
See my discussion above for possibilities. Any log output would show up in
the agent's log destination, which by default is the regular system log.
On the agent.
3. Is there an easier way to
[Puppet Users] Re: Offering Puppet As A Service
Thanks for raising the question! One of the primary points I explored at this year's PuppetConf was to see what others were doing in this area and figure out what is possible with the puppet in its current state. Your mileage may vary on this... and keep in mind we are in the exploration stages of how to do this and that I work in a university environment... We setup separate environments for groups based on administrative domain boundaries (i.e. common sets of admins). Access to the environments is done at the code repository level and then the repositories are pulled into the puppet masters. This prevents modules/manifests from spilling over and affecting servers that a particular set of admins don't (and shouldn't) manage. We are currently moving to three layers modules for puppet masters to parse: a common set of modules, an org set of modules, and then the environment set of modules. The common set of modules primarily comes from the puppet forge. The second layer of org modules are placed where we have overlaps of admins and/or services across multiple environments but where those methods/modules are not (or should not) be available for all environments site wide... (think University - College - Department... disparate system monitoring tool preferences for groups... etc.). The last layer of modules would be the modules found in the environment itself. Currently, I am working on how to provide access to PuppetDB and a reporting dashboard that respects the administrative boundaries. PuppetDB does not support environments (yet... there is an open feature request for that) so separate PuppetDBs need to be setup along some administrative boundary partition scheme... it looks like the ORG layer will suffice for that and those ENVs that aren't in an ORG would get a separate PuppetDB if needed. One of the major problems that I see with this are how you do a site wide look at the PuppetDB information for those operations that need it as well as mimicking federated queries using multiple PuppetDB backends. But, if it works, then the ORGs or groups can have their separate instances of puppet-dashboard or whatever web front end they want to use, and we won't have to worry about some complex convoluted way of putting access control in there... standard web access methods will work. PuppetDB will be key though in order to be able to automate this beast as much as possible as things progress. Other things on the to explore/figure out list for me are: - ENC? do groups of admins actually want this? provide via puppet-dashboard? theforeman? someotherwhizbangmethod? - dynamic branching git repositories being served side by side with more traditional static environment repositories - hiera availability for use in environments - automated horizontal scaling of puppet masters to handle additional loads as more systems are added in (hiera again likely key) - figure out how mcollective and subcollectives can fit into the mix... if at all... - using CI (Jenkins likely) to provide a more robust capability of checking manifests/modules before they get pushed out to puppet masters - ?? - profit! There is a lot more in the ??... but this seems like a long enough response for now. :) It seems that setting up Puppet-as-a-Service is doable so that all the various administrative groups (and the auditors) will be happy. -Jeffrey On Wednesday, September 11, 2013 7:27:25 AM UTC-5, Josh wrote: We have several internal customers that we would like to start offering Puppet as a Service to. Our central group would manage Puppet masters, ENC, etc. But, we want other independent groups to be able to use our Puppet services. Is anyone currently doing this? If so, how are you handling segregation of manifests? Are you creating multiple environments for each internal customers (perhaps with one common environment shared amongst all for base configuration). Any suggestions would be greatly appreciated. Thanks, Josh -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: Offering Puppet As A Service
Thanks for the detailed reply. I envision a setup similar to yours. We will be using Foreman for ENC, reporting, etc. The Foreman can already handle segregation of organizations/units/locations with ACLs very nicely so it should be a good fit for this type of scenario. In addition, we can easily allow customer's to provision their own servers/VM's etc. I haven't even began to think about the PuppetDB stuff, but I do envision separate prod/dev/qa environments for each administrative team or customer in our organization. I'm not sure we would need separate instances of PuppetDB. Perhaps we will have a common/org layer as well which will pull in modules that are common to each and every customer in our environment. Josh On Wed, Sep 11, 2013 at 10:57 AM, Jeffrey Miller millerjl1...@gmail.comwrote: Thanks for raising the question! One of the primary points I explored at this year's PuppetConf was to see what others were doing in this area and figure out what is possible with the puppet in its current state. Your mileage may vary on this... and keep in mind we are in the exploration stages of how to do this and that I work in a university environment... We setup separate environments for groups based on administrative domain boundaries (i.e. common sets of admins). Access to the environments is done at the code repository level and then the repositories are pulled into the puppet masters. This prevents modules/manifests from spilling over and affecting servers that a particular set of admins don't (and shouldn't) manage. We are currently moving to three layers modules for puppet masters to parse: a common set of modules, an org set of modules, and then the environment set of modules. The common set of modules primarily comes from the puppet forge. The second layer of org modules are placed where we have overlaps of admins and/or services across multiple environments but where those methods/modules are not (or should not) be available for all environments site wide... (think University - College - Department... disparate system monitoring tool preferences for groups... etc.). The last layer of modules would be the modules found in the environment itself. Currently, I am working on how to provide access to PuppetDB and a reporting dashboard that respects the administrative boundaries. PuppetDB does not support environments (yet... there is an open feature request for that) so separate PuppetDBs need to be setup along some administrative boundary partition scheme... it looks like the ORG layer will suffice for that and those ENVs that aren't in an ORG would get a separate PuppetDB if needed. One of the major problems that I see with this are how you do a site wide look at the PuppetDB information for those operations that need it as well as mimicking federated queries using multiple PuppetDB backends. But, if it works, then the ORGs or groups can have their separate instances of puppet-dashboard or whatever web front end they want to use, and we won't have to worry about some complex convoluted way of putting access control in there... standard web access methods will work. PuppetDB will be key though in order to be able to automate this beast as much as possible as things progress. Other things on the to explore/figure out list for me are: - ENC? do groups of admins actually want this? provide via puppet-dashboard? theforeman? someotherwhizbangmethod? - dynamic branching git repositories being served side by side with more traditional static environment repositories - hiera availability for use in environments - automated horizontal scaling of puppet masters to handle additional loads as more systems are added in (hiera again likely key) - figure out how mcollective and subcollectives can fit into the mix... if at all... - using CI (Jenkins likely) to provide a more robust capability of checking manifests/modules before they get pushed out to puppet masters - ?? - profit! There is a lot more in the ??... but this seems like a long enough response for now. :) It seems that setting up Puppet-as-a-Service is doable so that all the various administrative groups (and the auditors) will be happy. -Jeffrey On Wednesday, September 11, 2013 7:27:25 AM UTC-5, Josh wrote: We have several internal customers that we would like to start offering Puppet as a Service to. Our central group would manage Puppet masters, ENC, etc. But, we want other independent groups to be able to use our Puppet services. Is anyone currently doing this? If so, how are you handling segregation of manifests? Are you creating multiple environments for each internal customers (perhaps with one common environment shared amongst all for base configuration). Any suggestions would be greatly appreciated. Thanks, Josh -- You received this message because you are subscribed to a topic in the Google Groups Puppet Users group. To unsubscribe from this
Re: [Puppet Users] Re: getting array of hostnames of clients
http://docs.puppetlabs.com/references/latest/configuration.html#reportdir gives
a list of certnames.
I use FQDN for my certname, so ...
“Sometimes I think the surest sign that intelligent life exists elsewhere in
the universe is that none of it has tried to contact us.”
Bill Waterson (Calvin Hobbes)
- Original Message -
From: jcbollinger john.bollin...@stjude.org
To: puppet-users@googlegroups.com
Sent: Wednesday, September 11, 2013 10:50:59 AM
Subject: [Puppet Users] Re: getting array of hostnames of clients
On Wednesday, September 11, 2013 2:49:50 AM UTC-5, Steve Wray wrote:
I need to get an array of hostnames of clients of the puppet server.
There doesn't seem to be a simple way to do this so I've tried a few methods.
I've tried a curl expression in a fact like this:
curl -s -k -H Accept: yaml
https://localhost:8140/production/facts_search/search?facts.nodetypet=testnodes
In other words, this is intended to retrieve the desired information via the
master's REST API. I'm not quite making the connection here, however: how is
putting that expression into a fact supposed to achieve your result?
Do you mean you have a custom fact that executes that command and parses the
YAML result to produce the desired array? That seems odd, because in that case
'localhost' probably would not resolve to the correct machine (it would be the
client, not the master), and because the result is not a property of the node.
Or do you mean that you pass the command itself as a literal fact value, which
the master executes locally to extract the result? Again in that case the value
is not a property of the node, so it doesn't appear to make much sense to use a
fact. Also, it would be a serious security risk for the master to execute
commands provided by clients.
blockquote
where I've got a nodetype fact which works fine for me.
Now, this used to work but doesn't any more. Between it working and now I've
changed to using puppetdb. I'm not sure if theres a connection.
The error returned is:
Caught NoMethodError: undefined method `' for nil:NilClass
/blockquote
There could be a connection. I have lately seen some evidence that puppetdb may
not reliably escape fact values when it stores them. That would be a serious
flaw, but I cannot confirm its existence.
Alternatively, if you have also updated your master, then it may be that the
data returned by the REST call has changed in form or content. Do you get what
you expect if you run it from the command line?
blockquote
The next thing I tried was to get each interesting node to create a file on the
puppetmaster server. So I now have a bunch of files in /tmp/ with distinctive
names which contain only the hostname of that puppet client.
/blockquote
Yuck.
blockquote
I have a fact which is supposed to cat these together and, with luck, turn them
into an array at some time. What I currently have is this:
/blockquote
Facts are properties of target nodes, and their values are evaluated there.
Dropping a bunch of files on the master could allow the Puppet agent to collect
data from them into a fact when it runs on the Puppet master server, but it
cannot do anything for agents running on other nodes. Do you need the
information on nodes other than the master?
blockquote
require 'facter'
Facter.add(nodelist) do
setcode do
path=/tmp
if File.exists?(path) File.directory?(path) ! Dir[path + '/*'].empty?
output = Facter::Util::Resolution.exec(/bin/cat
/tmp/testnode*).split('\n').join(',')
else
output = empty
end
output
end
end
but this isn't getting anything in the fact at all, not even empty. Running
that cat command on the commandline returns exactly what I would expect.
/blockquote
If you're not getting the fact at all, even after you restart the agent (though
that should not be necessary), then I conclude that the fact has not been
synced to the client.
blockquote
If I run facter on the commandline like this:
FACTERLIB=/etc/puppet/modules/smokeping_prep/lib/facts facter nodelist
I get the list I expect.
/blockquote
On which command line? You could have the fact installed on the master, but not
synced to clients.
blockquote
On each node I have this:
@@file { testnode-{$::fqdn}:
ensure = file,
path = /tmp/testnode-$::fqdn.txt,
mode = 640, owner = root,
tag = 'testnodes',
content = $::hostname
,
}
On the puppetmaster node definition I have this:
File | tag == testnodes |
file { 'nodelist':
path = '/tmp/nodelist',
content =
$::nodelist
}
}
and I was expecting a file /tmp/nodelist to contain the text from the fact
$::nodelist but the file is empty.
/blockquote
1. You are collecting the Files only on the master, therefore only the
master's $::nodelist fact could provide the information you want.
2. Facts are evaluated before catalog compilation, therefore even the
master's
[Puppet Users] Using Puppet for remote config management of offline machines?
Hello all, I'm working with a Kenya-based non-profit (tunapanda.org) that uses OSS to provide computing resources to schools where bandwidth is either nonexistent or prohibitively expensive. We provide a customized Edubuntu/LTSP setup which will host local versions of useful online resources like Kahn Academy (via ka-lite), Wikipedia (via Wikipedia For Schools), etc. I'm serving as a sort of Linux/tech advisor to them, and am looking into ways to provide updates to configuration files on classroom servers that... - Are not physically accessible to me - Are not online (local reps can download updates to a USB drive and bring it to the server) - Do not have much in the way of local technical expertise, so deployment will need to be fairly straightforward/scriptable I don't have much experience with tools like Puppet, Chef, etc, but after reading through some of the docs, it sounds like Puppet might be able to do exactly what I want. Before I put too much effort into it, I hope I can run my ideas by y'all for a sanity check and ask some questions: 1. If I maintained a master image configured via a set of Puppet manifests, could I just periodically put those manifests online, have someone in Kenya download them to a USB drive, copy them to the server, and run puppy apply... on them? 2. If they first backed up the server's previous set of manifests, would they be able to roll back changes in case of a problem? 3. Is there a better approach? Any other suggestions for things (including tools other than Puppet) to look at? Thanks in advance to anyone who can help! --Brad -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Is it possible to install actual OS using puppet?
Hi, ideally I would like to crate bootable USB stick with, say, Ubuntu + Puppet on it. I would then use this USB stick on a blank computer to boot to it and install new OS (Ubuntu+WhateverIWant) on that blank computer. I know I can do WhateverIWant part, but can I install actual OS? Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] puppetdb query not working as expected
Hi Ken, Yes, using postgresql here. It turns out I have another script pushing facts (without custom facts) into puppetdb, which messed up with puppetdb query outputs. After fixing that script, things are ok now here. Thanks, On Wed, Sep 11, 2013 at 5:29 AM, Ken Barber k...@puppetlabs.com wrote: Running puppet only at around 4am once a day here. And I noticed that puppetdb query not working as expected, if using it to query nodes based on some custom fact value. During the days, things are working fine. But if I ran the same query at around say 3am (searching nodes based on some custom fact's value), then it would not be able to return node information. But if I ran puppet on that node at that time, then I could see the node showing up in the query output right away. And if I ran puppetdb query based on custom fact after 5am, then it is working as expected. Is there any errors associated with this failure, if so can you supply it? In particular - do you get anything of interest in your puppetdb.log? This could be a performance tuning issue, if so we usually log queries over 10 seconds to puppetdb.log for example. Are you using PostgreSQL? ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Looking for tips for transitioning to Puppet Enterprise
Dan, You can do those things from the PE console but you don't have to. You can assign classes to nodes the old school way too. It's really up to you whether you prefer to do those kinds of things through the UI or in your Puppet code. On Wednesday, September 11, 2013, Dan White wrote: I have bee using Open Source Puppet for about two years now -- and I have enjoyed the ride so far. I want to spin up a demo PE-Master because we are also spinning up a big VMWare driven virtualization push and I want to try the Cloud Provisioning. If it works for me as well as everything else has to date, I will have no trouble making the pitch to The Customer to go for PE licensing. The difficulty I am having is transitioning from nodes defined under /etc/puppet/manifests/nodes to nodes defined in the PE console. I think I have to somehow add all my modules into the console and then I can assign them to nodes. Is that in the right direction ? “Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.” Bill Waterson (Calvin Hobbes) -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com javascript:;. To post to this group, send email to puppet-users@googlegroups.comjavascript:; . Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Looking for tips for transitioning to Puppet Enterprise
I have bee using Open Source Puppet for about two years now -- and I have enjoyed the ride so far. I want to spin up a demo PE-Master because we are also spinning up a big VMWare driven virtualization push and I want to try the Cloud Provisioning. If it works for me as well as everything else has to date, I will have no trouble making the pitch to The Customer to go for PE licensing. The difficulty I am having is transitioning from nodes defined under /etc/puppet/manifests/nodes to nodes defined in the PE console. I think I have to somehow add all my modules into the console and then I can assign them to nodes. Is that in the right direction ? “Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.” Bill Waterson (Calvin Hobbes) -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Nagios Puppet Module - Multiple Service File Permissions Issues
I am using the nagios puppet module to create and manage services via
stored configurations. The original module, stored all service cheks in
one file and this was causing my puppet run on my nagios server to take 30+
minutes. I have read here (
http://pieter.barrezeele.be/2009/05/11/puppet-and-nagios/) that if you
split up the services files into multiple, puppet can run faster since it
doesn't have to look through one huge file. I would like to split this up
by host. (i.e. nagios_service_$::fqdn.cfg) One issue I am running into,
is that the file that is created using the target method has the
permissions of root:root 600, and thus nagios will crash when trying to
read it since it does not have permissions. The original nagios_service
file is controlled via the following...
I could add each hostname below, but that does not scale well. Is there
another way in which this can be more easily managed?
file{[ ${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_command.cfg,
${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_contact.cfg,
${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_contactgroup.cfg,
${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_host.cfg,
${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_hostdependency.cfg,
${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_hostescalation.cfg,
${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_hostextinfo.cfg,
${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_hostgroup.cfg,
${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_hostgroupescalation.cfg,
${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_service.cfg,
${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_servicedependency.cfg,
${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_serviceescalation.cfg,
${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_serviceextinfo.cfg,
${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_servicegroup.cfg,
${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_timeperiod.cfg ]:
ensure = file,
replace = false,
notify = Service['nagios'],
mode = 0644, owner = root, group = 0;
}
--
_
This email and any files transmitted with it are confidential and intended
solely for the addressee. If you received this email in error, please do
not disclose the contents to anyone; kindly notify the sender by return
email and delete this email and any attachments from your system.
© 2011 Currensee Inc. is a member of the National Futures Association (NFA)
Member ID 0403251 | Over the counter retail foreign currency (Forex)
trading may involve significant risk of loss. It is not suitable for all
investors and you should make sure you understand the risks involved before
trading and seek independent advice if necessary. Performance, strategies
and charts shown are not necessarily predictive of any particular result
and past performance is no indication of future results. Investor returns
may vary from Trade Leader returns based on slippage, fees, broker spreads,
volatility or other market conditions.
Currensee Inc | 54 Canal St 4th Floor | Boston, MA 02114 | +1.617.624.3824
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Purge puppet's reports
OK, but the reports live on the puppetmaster. How do you get a list of
hostnames to apply to this resource definition ?
On Sep 10, 2013, at 10:12 PM, Andrew wrote:
Using tidy to clean up logs, this is pretty self-explanatory, so I wont
bother explaining :)
case $hostname {
/^puppet$/: {
tidy { 'puppet::reports':
path = '/var/lib/puppet/reports',
matches = '*',
age = '14d',
backup = false,
recurse = true,
rmdirs = true,
type = 'ctime',
}
# notify { debug: tidy command should run now: }
}
}
Ciao,
Andrew.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] default data lookup w/ hiera2? Data in Modules
Thank you for the feedback, very good comments.
See more inline...
On 2013-11-09 11:02, robbyt wrote:
I am reading over the release notes for Puppet 3.3, and buried under
data in modules is a link to ARM-9.
There is a good chance that I don't get it - Puppet is moving pretty
fast these days and I am still trying to get caught up with all of the
changes.
I have only read the latest Puppet code and the ARM docs- I have not
tried it on a real system yet. However, I am concerned about the
usefullness of the default lookup syntax. I find the examples in the ARM
document a bit obtuse.
https://github.com/puppetlabs/armatures/blob/master/arm-9.data_in_modules/index.md#lookup-with-default
With hiera1, we can (very simply) do:
hiera(namespace::key_name, default value )
Hiera2 requires some more work:
$x = lookup('something')
$looked_up = $x ? { undef = 'nothing', default = $x }
This is ugly. Checking if variables are undefined, and then setting them
to a default is what we did in bash. Not good.
The challenge here was to have a function that works for 3x as well as
for what is being worked on for 4x (where the data-in-modules
supposedly is on by default along parser future). When we reach that
point, it is possible to reference a type directly without having to
encode it in a string. i.e. it will be possible to do like this:
lookup('mykey', Integer)
For 3.x this was not possible and the signature of the lookup function
is now lookup(String key, String type), or just lookup(String key), and
thus difficult to handle both type and default value as optional (given
two strings, it that key and type or key and default).
We have a couple of options before 4x:
a) Add a third argument, and if a default is wanted, type must be specified.
b) Add the ability to pass arguments as a hash, it can either be a third
argument, or used instead of the type argument. (i.e. giving arguments
by name instead).
The first is simple to add, the second does not work well unless the
future parser is also used.
Examples:
# a
lookup('mykey', 'Integer', 42)
# b (requires future parser since 3x does not support direct passing
# of a hash
lookup('mykey', 'Integer', { default = 42})
lookup('mykey', { type = 'Integer', default = 42})
# In 4x. this will is possible:
lookup('mykey', 'Integer', 42)
lookup('mykey', Integer, 42)
lookup('mykey', 42)
lookup('mykey', Integer)
If future parser is used, it is also possible to use a lambda, there is
no need to first assign variable and then check - i.e.
$x = lookup('something') {|$x| $x ? {
undef = 'nothing', default = $x }
which is just slightly better, but still bulky.
I am in favor of adding the 3d argument for default, and until 4x the
lookup must then also use type.
What do you think about that?
On the positive side, the lookup function adds a static type checker,
but it also fails to be completely useful because we cannot (?) define
our own static types or validators. If we had the ability to define our
own type check via lambda or other function, this would be useful. We
could do complex validation on data, more than just 'string' or 'array'.
I would like to see something like:
lookup(namespace::key_name, custom_validator_function)
Where the custom_validator_function could be any puppet parser function
OR since we now worship the**great *λ, *we should be able to use an
anonymous function in-place to validate the input (and in this
fictitious example, set a default value):
lookup(namespace::key_name, |$val| {$val or default value} )
There is a short and a long answer.
Short answer, the lookup already takes a lambda which can do validation
and handle default value. This works now with --parser future.
Longer answer. The idea is to support specification of types in the
Puppet Language. Your example would be
lookup('namespace::key', SomeNamespace::SomeType)
Puppet Types is described in ARM-7
(https://github.com/puppetlabs/armatures/blob/master/arm-7.puppet_types/puppet_types.md).
ARM-7 may need a revision since the work on Type in ARM-9 took the type
system a bit further.
To sum it up, as someone who writes a lot of Puppet DSL code, I find the
hiera1 syntax much more useful than the lookup syntax in ARM-9.
Does adding a 3d argument to lookup for default cut it for you?
Regards
- henrik
--
You received this message because you are subscribed to the Google Groups Puppet
Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Custom Fact undefined in manifests
Hi, Do you have stdlib module installed? http://puppetlabs.com/blog/module-of-the-week-puppetlabsstdlib-puppetlabs-standard-library-part-3 On 12/09/2013, at 1:12, David Thompson dthomp...@waisman.wisc.edu wrote: On 9/11/13 8:54 AM, jcbollinger wrote: Lack of response? This is a volunteer community forum, not a paid technical support service. Give it some time. No offense intended. I'm continually impressed by the effort made by the volunteers who watch this lists and provide so much help. Before you open a bug report, you should make sure that the file containing your custom fact(s) is readable by the Puppet agent service. That facter can read the file when you run it from the command line does not prove that. Even though the agent runs as a privileged user (or should), access could still be blocked in various ways, such as 1. Mandatory access controls (a.k.a. SELinux in enforcing mode) could allow you to read the file, but prevent the agent service from doing so. 2. If /etc/facter/facts.d is on an NFS-mounted filesystem that performs root-squashing, then the agent may have less permissions on it than you, personally, do. There are probably other means. Also, make sure Puppet is using the same Facter that you are using from the command line. If you have multiple versions installed then all manner of havoc might ensue. You might get multiple versions by installing them from gem or from source into different Ruby libraries, or into different parts of the same Ruby lib. All good ideas. An strace of puppet agent --test (and/or the test manifest above) shows that puppet is able to read the fact file (and, yes, it's on the local disk), and the the version of facter being loaded is the correct (and only) one (in my case, the RPM version 1.7.2, from /usr/lib/ruby/site_ruby/1.8/facter.rb and friends), and still show the custom facts as undef. Even if I reduce my custom facts to a single file containing a single trivial line (somefact=somevalue), the custom fact shows up in facter but not in puppet. I also get the same result when I pass the fact as yaml. I tried json, but got an error about missing the json gem, even though I have the puppetlabsdep rubygem-json RPM installed. -- David Thompson Waisman Center Brain Imaging and Behavior Lab 1500 Highland Ave. Room T133 Madison, WI 53705-2280 (608) 265-6608 dthompson (at) waisman (dot) wisc (dot) edu -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Looking for tips for transitioning to Puppet Enterprise
OK. Lete me be more specific: I have a module to handle user accounts that relies on hiera: Accounts are defined at the lowest level of the hierarchy and instantiated (ensure = present) up at the node level of the hierarchy. The issue with this is that I am getting complaints from other team members about having to touch multiple yaml files at multiple locations in the data store (rather than having to touch multiple servers), so I was hoping for a way to present it in one “page” of the console - like Inventory Service or Inventory Search My next choice is to hack together a ruby script to do the job from a command line. On Sep 11, 2013, at 3:42 PM, Rich Burroughs wrote: Dan, You can do those things from the PE console but you don't have to. You can assign classes to nodes the old school way too. It's really up to you whether you prefer to do those kinds of things through the UI or in your Puppet code. On Wednesday, September 11, 2013, Dan White wrote: I have bee using Open Source Puppet for about two years now -- and I have enjoyed the ride so far. I want to spin up a demo PE-Master because we are also spinning up a big VMWare driven virtualization push and I want to try the Cloud Provisioning. If it works for me as well as everything else has to date, I will have no trouble making the pitch to The Customer to go for PE licensing. The difficulty I am having is transitioning from nodes defined under /etc/puppet/manifests/nodes to nodes defined in the PE console. I think I have to somehow add all my modules into the console and then I can assign them to nodes. Is that in the right direction ? “Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.” Bill Waterson (Calvin Hobbes) -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] when does 'updated_at' column get updated?
Using centos 6 with puppet-2.6.17 with thin_storeconfigs with mysql and nagios exported resources. Every time an agent connects to the master, the updated_at column in the hosts table is updated. However, the updated_at column in the other tables is not updated even when I alter a nagios resource attribute like retry_check_interval. What are the conditions by which the updated_at column is updated for the other tables? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Java module woes
Hi everyone,
Just getting into Puppet, so please bear with me :D
I'm setting up a java module to keep an eye on the java installation on our
RHEL machines. Quick background, RHEL ships openjdk, we need to use Oracle
instead. I've gone ahead and put the latest oracle java6 RPM, *
jre-6u45-linux-amd64*, on one of our puppet-managed boxes.
Like many distributions, RHEL has a utility to manage multiple
installations of java. I've already set the default version of java to the
latest oracle, so java -version yields java version 1.6.0_45.
Here is a dead simple java module to verify installation
class java {
package { 'jre-6u45-linux-amd64':
ensure = installed,
}
}
This works great, but suppose I change the default by hand, just to gauge
puppet's reaction.
sudo alternatives --set java /usr/lib/jvm/jre-1.6.0-openjdk.x86_64/bin/java
java -version
java version 1.6.0_24
Now, when I run sudo puppet agent --test, this is what comes out
Error: Execution of '/usr/bin/yum -d 0 -e 0 -y install
jre-6u45-linux-amd64' returned 1: Error: Nothing to do
Error: /Stage[main]/Java/Package[jre-6u45-linux-amd64]/ensure: change from
absent to present failed: Execution of '/usr/bin/yum -d 0 -e 0 -y install
jre-6u45-linux-amd64' returned 1: Error: Nothing to do
This is actually not what I expected, since* jre-6u45-linux-amd* is
installed, just not set to be the default. Puppet seems to think the
package is absent however, any thoughts on the reaction from puppet?
Ultimately what I'd like to achieve is a smooth check / ensure that java is
installed and at the correct version, but since this is an RPM from outside
yum I'm running into a little trouble. First off, I'd expect the above
module to work, even when the correct version isn't configured. The next
step in my mind would be to coax puppet into running sudo alternatives
--set java /usr/java/jre1.6.0_45/bin/java if the installation check
succeeds, but the default isn't correctly set.
I grabbed a *java_version* fact from another groups
discussionhttps://groups.google.com/forum/#!topic/puppet-users/W67dvqS-GdU,
and naively the module code would look something like this
# if version check in package resource succeeds ..
if($java_version != '1.6.0_45')
# run sudo alternatives --set java /usr/java/jre1.6.0_45/bin/java
but I already know enough puppet to know that's not the way to do it :) Can
you good people help a newb glue this one together?
thanks,
-nathan
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Puppet and RH chkconfig
I've been trying to follow several threads around Google about Puppet and
it's use (or non-use) of chkconfig on RH Linux.
What prompted me to do this is I noticed that Puppet is, correctly,
repeatedly logging that it is changing a services from ON to OFF. Funny, I
thought I had disabled that with:
service { ip6tables:
enable = false,
ensure = stopped,
}
Which certainly works, but it doesn't disable the service (ie: chkconfig
servicename off) -- it seems like there should be a provider that
correctly integrates with the system chkconfig -- I realize that not all
init scripts honor that, and for that folks can do whatever. This is a
basic functionality of RH Linux that enables, adds, deletes and otherwise
alters the levels of basic services. Seems reasonable that Puppet could
properly interact with it?
We are up to Puppet 3.4.x now. I'm simply asking here as I didn't seem to
find a definitive answer - a lot of code snippets and suggestions, I just
wonder if this is on-tap for improvement or if someone has another, perhaps
clever approach to working with this?
Thanks!
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Puppet ignores hiera completely
I'm not sure at all what's going on here, but I've spent a lot of time
reading over the puppet hiera docs and setting everything up, but when I
run puppet agent it just seems to ignore the hiera setup completely.
Both the puppet master and agent nodes have exactly the same versions of
puppet and hiera (installed via the official puppet APT repository). I've
laid out my hiera files like this: /etc/hiera/hiera.yaml,
/etc/hiera/data/%{::environment}, have symlinked both
/etc/puppet/hiera.yaml and /etc/hiera.yaml to /etc/hiera/hiera.yaml, and
have tested the hiera setup using the command line utility. All seems good.
However, when I run puppet on the agent node it doesn't install any of the
classes I've outlined in my hierarchy. I tried running the puppet master in
debug mode to see if it was having problems locating the hiera config but
it seems to locate it ok, eg. Debug: /File[/etc/puppet/hiera.yaml]:
Autorequiring File[/etc/puppet]. At least, it doesn't appear to display
any errors related to hiera.
I'm really at a loss here. Any ideas?
Thanks,
Guy
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: getting notrun to 0 error
whats the solution? I have the same problem... no unzip commands work.
Ubuntu10.4.1
#Init.pp
2.6.4 (Puppet Enterprise 1.0)
class apache-maven-v3 {
# prepare local filesystem
file { 'java_path':
path = /usr/local/java,
ensure = directory,
}
# copy file from puppet master to local system
file { 'copy_maven_v3':
path = /usr/local/java/apache-maven-3.0.3-bin.tar.gz,
source =
puppet:///modules/apache-maven-v3/apache-maven-3.0.3-bin.tar.gz,
}
# extract local file
exec { 'install_maven_v3':
command = /bin/tar zxf
/usr/local/java/apache-maven-3.0.3-bin.tar.gz,
cwd = /usr/local/java,
creates = /usr/local/java/apache-maven-3.0.3,
}
# make sure the order is set properly
File['java_path'] - File['copy_maven_v3'] -
Exec['install_maven_v3']
}
err: /Stage[main]/Apache-maven-v3/Exec[install_maven_v3]/returns: change
from notrun to 0 failed: /bin/tar zxf
/usr/local/java/apache-maven-3.0.3-bin.tar.gz returned 2 instead of one of
[0] at /etc/puppetlabs/puppet/modules/apache-maven-v3/manifests/init.pp:18
On Wednesday, February 13, 2013 1:04:33 AM UTC-8, yarlagadda ramya wrote:
Thanks i got the solution mathew
On Wednesday, 13 February 2013 11:16:13 UTC+5:30, yarlagadda ramya wrote:
*Hi all,
I wrote a manifest for downloading linux.x64_11gR2_database_1of2.zip and
copying that to another directory and unzipping there..its getting
downloaded but copying and unzipping is not happening..am getting this
error..
*
notice: /Stage[main]//Exec[download_url]/returns: executed successfully
err: /Stage[main]//Exec[copy_unzip]/returns: change from notrun to 0
failed: /usr/bin/unzip -C /db/oracle /db/combo.zip returned 9 instead of
one of [0] at /root/learning-manifests/combozip.pp:13
notice: Finished catalog run in 0.19 seconds
the manifest that i wrote is:
$URL =
http://192.168.24.171:8080/softwares/linux.x64_11gR2_database_1of2.zip;
$Software = /db
$Server = /db/oracle
exec { download_url:
command = /usr/bin/wget $URL,
cwd = $Software,
}
exec {copy_unzip:
command = /usr/bin/unzip -C /db/oracle
/db/linux.x64_11gR2_database_1of2.zip,
cwd = $Server,
}
Exec['download_url'] - Exec['copy_unzip']
Please do help me with this.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Resolving/ Expanding module puppet:/// URI in exec line
Ed, I am having trouble unzipping any tarball via Puppet. So I installed
your module to see how you might have done it. It runs, it creates the
javapath and copies the file... but I get the same error that I get on my
modules... can I please ask how you made unzip work? I am on Ubuntu
10.4.1, and 2.6.4 (Puppet Enterprise 1.0).
err: /Stage[main]/Apache-maven-v3/Exec[install_maven_v3]/returns: change
from notrun to 0 failed: /bin/tar zxf
/usr/local/java/apache-maven-3.0.3-bin.tar.gz returned 2 instead of one of
[0] at /etc/puppetlabs/puppet/modules/apache-maven-v3/manifests/init.pp:18
On Monday, May 2, 2011 7:58:09 AM UTC-7, Edd Grant wrote:
Hi All,
I have defined the following module to untar/unzip and copy the Maven
distributable to a convenient location:
class apache-maven-v3 {
exec { /bin/tar xzf /etc/puppet/modules/apache-maven-v3/files/
apache-maven-3.0.3-bin.tar.gz:
cwd = /usr/local/java,
creates = /usr/local/java/apache-maven-3.0.3,
}
...
}
The above definition executes perfectly however in order to keep the
module portable I want to replace the absolute path to the .gz file
with a puppet:/// URI e.g.
exec { /bin/tar xzf
puppet:///modules/apache-maven-v3/apache-maven-3.0.3-bin.tar.gz:
When I change the class to use the puppet:/// URI I get the following
error:
(/Stage[main]/Apache-maven-v3/Exec[/bin
/tar xzf
puppet:///modules/apache-maven-v3/apache-maven-3.0.3-bin.tar.gz]/return
s) change from notrun to 0 failed: /bin/tar xzf
puppet:///modules/apache-maven-v
3/apache-maven-3.0.3-bin.tar.gz returned 2 instead of one of [0] at /
etc/puppet/
modules/apache-maven-v3/manifests/init.pp:11
It appears to me that the puppet:/// URI is not being resolved in the
exec and this is causing the tar command to operate on the literal
path puppet:///modules/apache-maven-v3/apache-maven-3.0.3-bin.tar.gz
which of course doesn't exist.
Looking at the docs I can't see any examples of puppet:/// being used
in this way, is there anyway I can obtain the resolved absolute path
to pass this in to my exec? Failing that it there a standard approach
for combining a puppet:/// URI with an exec?
Cheers,
Edd
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Puppet and RH chkconfig
Try ensure disabled,
On Sep 11, 2013 5:24 PM, Forrie for...@gmail.com wrote:
I've been trying to follow several threads around Google about Puppet and
it's use (or non-use) of chkconfig on RH Linux.
What prompted me to do this is I noticed that Puppet is, correctly,
repeatedly logging that it is changing a services from ON to OFF. Funny, I
thought I had disabled that with:
service { ip6tables:
enable = false,
ensure = stopped,
}
Which certainly works, but it doesn't disable the service (ie: chkconfig
servicename off) -- it seems like there should be a provider that
correctly integrates with the system chkconfig -- I realize that not all
init scripts honor that, and for that folks can do whatever. This is a
basic functionality of RH Linux that enables, adds, deletes and otherwise
alters the levels of basic services. Seems reasonable that Puppet could
properly interact with it?
We are up to Puppet 3.4.x now. I'm simply asking here as I didn't seem
to find a definitive answer - a lot of code snippets and suggestions, I
just wonder if this is on-tap for improvement or if someone has another,
perhaps clever approach to working with this?
Thanks!
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: getting array of hostnames of clients
On Wednesday, 11 September 2013 22:50:59 UTC+8, jcbollinger wrote: On Wednesday, September 11, 2013 2:49:50 AM UTC-5, Steve Wray wrote: I need to get an array of hostnames of clients of the puppet server. There doesn't seem to be a simple way to do this so I've tried a few methods. I've tried a curl expression in a fact like this: curl -s -k -H Accept: yaml https://localhost:8140/production/facts_search/search?facts.nodetypet=testnodes In other words, this is intended to retrieve the desired information via the master's REST API. I'm not quite making the connection here, however: how is putting that expression into a fact supposed to achieve your result? It was returning a list of hostnames of nodes before I started using puppetdb, but only on the puppetmaster itself. Do you mean you have a custom fact that executes that command and parses the YAML result to produce the desired array? That seems odd, because in that case 'localhost' probably would not resolve to the correct machine (it would be the client, not the master), and because the result is not a property of the node. Yes on the puppetmaster of course. Now, this used to work but doesn't any more. Between it working and now I've changed to using puppetdb. I'm not sure if theres a connection. The error returned is: Caught NoMethodError: undefined method `' for nil:NilClass There could be a connection. I have lately seen some evidence that puppetdb may not reliably escape fact values when it stores them. That would be a serious flaw, but I cannot confirm its existence. Alternatively, if you have also updated your master, then it may be that the data returned by the REST call has changed in form or content. Do you get what you expect if you run it from the command line? I get the error when I run it from the commandline, after seeing it not work in the fact running the curl commandline was the first thing I tried. The next thing I tried was to get each interesting node to create a file on the puppetmaster server. So I now have a bunch of files in /tmp/ with distinctive names which contain only the hostname of that puppet client. Yuck. Yuck indeed. But so far we haven't got any other way to get the list of nodes. I'm asking for a better solution. I have a fact which is supposed to cat these together and, with luck, turn them into an array at some time. What I currently have is this: Facts are properties of target nodes, and their values are evaluated there. Dropping a bunch of files on the master could allow the Puppet agent to collect data from them into a fact when it runs on the Puppet master server, but it cannot do anything for agents running on other nodes. Do you need the information on nodes other than the master? At this point in time the puppet master node will do but ultimately I need this list propagated to the smokeping server. What I am trying to avoid is hard-coding the list of smokeping slaves. Puppet configures the slaves themselves and it should be able to get a list of those slaves onto the smokeping server without me having to list them exhaustively and manually (and keep that list up to date). If I run facter on the commandline like this: FACTERLIB=/etc/puppet/modules/smokeping_prep/lib/facts facter nodelist I get the list I expect. On *which* command line? You could have the fact installed on the master, but not synced to clients. on the commandline on the puppet master of course, otherwise the FACTERLIB path wouldn't make any sense. The fact is being read on the puppet master node and supposedly going into that file but it isn't. I did say On the puppetmaster node definition I have this: and then the code thats supposed to put the fact into a file. 1. You are collecting the Files only on the master, therefore only the master's $::nodelist fact could provide the information you want. Yes thats right. But it doesn't. 1. Facts are evaluated before catalog compilation, therefore even the master's $::nodelist fact would be perpetually one cycle behind. I don't think thats a problem. So, sorry, but I have three questions: 1. why isn't that curl getting the facts? Why is it getting this NoMethod error? Beats me. It might help for you to explain more fully how you are using it, and to present the curl output actually generated. I'm running the curl command ON the puppet master itself and that IS the output actually generated, the error. Here it is again: Caught NoMethodError: undefined method `' for nil:NilClass 3. Is there an easier way to do what I want? An array of hostnames of clients matching a fact which I can then pass to other Puppet commands. On the face of it I'd think this was something many people would want to do. In my case I want to generate a list of Smokeping slaves as a parameter for Puppet-generated Smokeping targets. Ie
Re: [Puppet Users] Puppet and RH chkconfig
The redhat provider for the service type does indeed use chkconfig to
disable the service when
enable is false. If that's not happening for you, there's something wrong.
Some possibilities:
* facter is misidentifying the OS, causing puppet to pick a different
default provider. Does
'facter osfamily' return 'RedHat' or something else?
* Someone's set an explicit default for the service type at top or node
scope which is overriding
the default use of the redhat provider
* chkconfig, for whatever reason, isn't actually disabling the service
when puppet calls it
* Something else is re-enabling the service behind puppet's back
-Mike
On Wed, Sep 11, 2013 at 3:24 PM, Forrie for...@gmail.com wrote:
I've been trying to follow several threads around Google about Puppet and
it's use (or non-use) of chkconfig on RH Linux.
What prompted me to do this is I noticed that Puppet is, correctly,
repeatedly logging that it is changing a services from ON to OFF. Funny, I
thought I had disabled that with:
service { ip6tables:
enable = false,
ensure = stopped,
}
Which certainly works, but it doesn't disable the service (ie: chkconfig
servicename off) -- it seems like there should be a provider that
correctly integrates with the system chkconfig -- I realize that not all
init scripts honor that, and for that folks can do whatever. This is a
basic functionality of RH Linux that enables, adds, deletes and otherwise
alters the levels of basic services. Seems reasonable that Puppet could
properly interact with it?
We are up to Puppet 3.4.x now. I'm simply asking here as I didn't seem
to find a definitive answer - a lot of code snippets and suggestions, I
just wonder if this is on-tap for improvement or if someone has another,
perhaps clever approach to working with this?
Thanks!
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Puppet and RH chkconfig
Puppet did not like that: Sep 12 01:08:18 my-server puppet-agent[10063]: Failed to apply catalog: Parameter ensure failed on Service[pcscd]: Invalid value disabled. Valid values are stopped, running. at /etc/puppet/manifests/classes/disabled-services.pp:10 I changed it back to ensure = stopped and it's happy. On 9/11/13 8:13 PM, Len Rugen wrote: Try ensure disabled, -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Is it possible to install actual OS using puppet?
Hi Rastio, I dont think that puppet do operating system installation. Puppet is configuration management tool, you can use puppet to configure any software and operating system settings after puppet get install on your machine. For automatic installation of operating system there is tools called*kickstart, cobler *, etc. Refer following blog link about puppet and operating system installation relation, http://puppetlabs.com/blog/your-os-installer-and-you* * * * Thanks and* *regards, Rahul Khengare, NTT DATA OSS Center, Pune, India. On Thursday, September 12, 2013 1:08:02 AM UTC+5:30, Rastio Hodul wrote: Hi, ideally I would like to crate bootable USB stick with, say, Ubuntu + Puppet on it. I would then use this USB stick on a blank computer to boot to it and install new OS (Ubuntu+WhateverIWant) on that blank computer. I know I can do WhateverIWant part, but can I install actual OS? Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Purge puppet's reports
hi dan,
it applies only to any server with a shortform dnsname == puppet.
the facter variable $hostname matches the puppet master server name.
alternatively, remove the case statement, put it in it's own class and
apply that class specifically to your puppetmaster server.
Andrew
On Thu, Sep 12, 2013 at 7:22 AM, Dan White y...@comcast.net wrote:
OK, but the reports live on the puppetmaster. How do you get a list of
hostnames to apply to this resource definition ?
On Sep 10, 2013, at 10:12 PM, Andrew wrote:
Using tidy to clean up logs, this is pretty self-explanatory, so I wont
bother explaining :)
case $hostname {
/^puppet$/: {
tidy { 'puppet::reports':
path = '/var/lib/puppet/reports',
matches = '*',
age = '14d',
backup = false,
recurse = true,
rmdirs = true,
type = 'ctime',
}
# notify { debug: tidy command should run now: }
}
}
Ciao,
Andrew.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to a topic in the
Google Groups Puppet Users group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/puppet-users/q8vWDr3bn4Q/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: Is it possible to install actual OS using puppet?
One popular standard method is: + LDAP initial boot a box from Kickstart or equivalent deploying an appropriate basic OS image + Ensure the post-image-install script includes a puppet agent package and changes to let the box talk with a known puppet master and autostart the puppet agent at system boot + Write more and more and more Puppet patterns to customize the system for given uses NFS server, Database server, Mail server, Compute Server, etc. + Ensure no touch-the-cloud ideas ever appear in non-Puppet form. Nobody as superuser on boxes... The point is to move more of the OS config and continuous drift-prevention into puppet patterns which run 7x24 during production or permit manual-only operation with post-mortem data capture (lsof, ps, top, sar, etc.) for security analysis, logging all changes either way to an audit trail to find out why change is happening, when, and to trace it down to root cause (busy/corrupted fingers, security compromises, phase-of-moon, gamma-rays, etc.) Further, your glove boxes become puppet-applied patterns which must go through a repository-sourced-and-dr'ed dev/test/limited-prod/extended-prod. Additionals? On Sep 11, 2013, at 10:20 PM, Rahul Khengare rahulk1...@gmail.com wrote: Hi Rastio, I dont think that puppet do operating system installation. Puppet is configuration management tool, you can use puppet to configure any software and operating system settings after puppet get install on your machine. For automatic installation of operating system there is tools called kickstart, cobler, etc. Refer following blog link about puppet and operating system installation relation, http://puppetlabs.com/blog/your-os-installer-and-you Thanks and regards, Rahul Khengare, NTT DATA OSS Center, Pune, India. On Thursday, September 12, 2013 1:08:02 AM UTC+5:30, Rastio Hodul wrote: Hi, ideally I would like to crate bootable USB stick with, say, Ubuntu + Puppet on it. I would then use this USB stick on a blank computer to boot to it and install new OS (Ubuntu+WhateverIWant) on that blank computer. I know I can do WhateverIWant part, but can I install actual OS? Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out. --Stuart RHCE/RHCSA/Oracle DBA/Sun SA/Mensa http://www.linkedin.com/in/stuartcracraft http://gnutech.us -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
