Re: [Puppet Users] Re: Need input on how to run a file with list of commands
Glad to hear you got it worked out! You might have good luck with this module for controlling network interfaces https://github.com/adrienthebo/puppet-network =MobileMail= Please excuse brevity or spelling errors > On Sep 15, 2013, at 22:31, Mani Devarajan wrote: > > All, > Adding /bin/bash helped fix the issue. Thanks all. > > command => "/bin/bash $intconfigfile", > > Thanks, > Mani >> On Sunday, September 15, 2013 4:55:08 PM UTC-7, Mani Devarajan wrote: >> Hello, >> I am downloading a file from puppet master which has list of ifconfig >> command and run it using exec command on client. But it fails "change from >> notrun to 0 failed: intconfig returned 1 instead of one of [0] at". Any >> suggestion on how to overcome this error. Thanks in advance. >> >> File content: >> ifconfig eth3 up >> exit 0 >> >> Puppet code: >> file { $intconfigfile: >> owner => "root", >> group => "root", >> mode => "777", >> source => "puppet:///files/$intfilename", >> } >> >> exec {"config_uplink": >> command => $intconfigfile, >> require => File[$intconfigfile] >> } >> >> Error: >> err: returns: change from notrun to 0 failed: intconfig returned 1 instead >> of one of [0] at >> >> Thanks, >> Mani > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-users+unsubscr...@googlegroups.com. > To post to this group, send email to puppet-users@googlegroups.com. > Visit this group at http://groups.google.com/group/puppet-users. > For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Failed to apply catalog: Netowork is unreachable - connect(2)
Hi Anup, Try disabling the firewall/ iptables of both the machine puppetserver and puppet client. If you want firewall to be running then add rules for ports *8140, 61613, and 443 *in iptalbes. Commands to add rule in iptables, # iptables -I INPUT -p tcp --dport -j ACCEPT # service iptables save # service iptables restart Thanks and Regards, Rahul Khengare, NTT DATA OSS Center, Pune, India. On Saturday, September 14, 2013 3:16:55 AM UTC+5:30, Anup Singh wrote: > > I tried my best to follow the instruction given at the following page > however the result is ZERO for the last two months. > I am spending much of my time hitting the wrong corner and it looks like > no one know the right answer to the puppet problems. Installing and > configuring puppet is a tough jobs > Ok enough of my story. > tried to follow the instructions given in puppet prove of concept but > failed: > http://docs.puppetlabs.com/pe/latest/quick_start.html > > PuppetMaster > > My Error > Error: Failed to apply catalog: Netowork is unreachable - connect(2) > Error: Could not send report: Network is unrechable - connect (2) > logged in as roop > > Test > telnet localhost 8041 (61613 and 443) > connected > telnet learn.localdomain 8041 (61613 and 443) > network is unreachable > > puppet agent -t > Failed to apply catalog: Network is Unreachable > Could not send report: Network is Unreachable > > Hosts file > puppet agent and host have same information in /etc/hosts > 127.0.0.1 localhost.localdomain localhost > ::1 localhost6.localdomain6 localhost6 > 192.168.0.105 lear.localdomain learn puppet.localdomain puppet > > Certs > cd.pem > learnlocaldomain.pem > pe-internal-mcillective-servers.pem > pe-internal-broker.pem > pe-internal-puppet-console-mcillecitve-client.pem > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Puppet Resources Ordering
Hi Chengkai, I have faced similar kind of problem for class ordering using ordering arrow (*->)*. You can try the stage resources for ordering classes. Refer following code snippet, #Declare stage resources stage {'first':} stage {'second':} stage {'third':} #Define ordering of stages Stage[first] -> Stage[second] -> Stage[third] #use stages in each classes. class {'A': stage => first, } class {'B': stage => second, } class {'C': stage => third, } Refer http://docs.puppetlabs.com/puppet/2.7/reference/lang_run_stages.html for stage resource for classes. Thanks and Regards, Rahul Khengare, NTT DATA OSS Center, Pune, India. On Sunday, September 15, 2013 10:44:17 AM UTC+5:30, chengkai liang wrote: > Hi All, > >I have the following classes define: > >init.pp > > class { 'A': } -> > class { 'B': } -> > class { 'C': } > > Supposedly, the execution order should A then B then C, but the actual > execution order seems that C is being executed before B. Why is this > happening? Isn't -> will chain up the resources order? > > Anybody has any idea? > > Thanks, > Chengkai > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] "puppet module install simondean/iis" gives error "Error: cert already in hash table"
Can you determine if the cert is also under Machine certificate store and not just the Current User certificate store? On Fri, Sep 13, 2013 at 1:27 AM, Samuel Huang wrote: > I deleted the cert you mentioned *(thatwte-timestamping.png)*, but I > still have the same error everyone's been mentioning * > (module-install-fails.png)*. Any help please? > > Sam > > > On Sunday, August 18, 2013 7:59:04 PM UTC-7, Robert Redgwell wrote: >> >> For what it's worth, I had the same problem and figured out the >> particular cert on Windows 7 (64bit) that was causing the issue: >> >> --**--** >> -- >> [Subject] >> CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte, >> L=Durbanville, S=Western Cape, C=ZA >> >> [Issuer] >> CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte, >> L=Durbanville, S=Western Cape, C=ZA >> >> [Serial Number] >> 00 >> >> [Not Before] >> 1/01/1997 1:00:00 p.m. >> >> [Not After] >> 1/01/2021 12:59:59 p.m. >> >> [Thumbprint] >> BE36A4562FB2EE05DBB3D32323ADF4**45084ED656 >> --**--** >> -- >> >> I found it under Trusted Root Certification Authorities. >> After deleting that, I no longer had the module/cert issue. >> >> On Wednesday, 17 July 2013 07:54:02 UTC+12, Josh Cooper wrote: >>> >>> >>> >>> >>> On Tue, Jul 16, 2013 at 11:19 AM, Arno den Uijl wrote: >>> I thought i tried the debug and trace options but i this trace was new for me. I looked through the code and I think that it was caused by the fact that there were some certificates installed with the same name. I deleted some from my certificate store and now it runs correct. Thanks for the help. I do think that this can be an issue for more people. >>> >>> I didn't realize MS cert store could contain duplicates. We should be >>> more defensive of this, in general, to ensure the failure to add one cert >>> doesn't stop puppet from running: >>> >>> begin >>> add_cert(x509) >>> rescue OpenSSL::X509::StoreError => detail >>> Puppet.warning "Failed to add certificate '#{x509.subject}'" >>> end >>> >>> Josh >>> >>> -- >>> Josh Cooper >>> Developer, Puppet Labs >>> >>> *Join us at PuppetConf 2013, August 22-23 in San Francisco - * >>> http://bit.ly/pupconf13* >>> **Register now and take advantage of the Early Bird discount - save 25%! >>> * >>> >> -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-users+unsubscr...@googlegroups.com. > To post to this group, send email to puppet-users@googlegroups.com. > Visit this group at http://groups.google.com/group/puppet-users. > For more options, visit https://groups.google.com/groups/opt_out. > -- Rob Reynolds Developer, Puppet Labs Join us at PuppetConf 2014, September 23-24 in San Francisco -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Need input on how to run a file with list of commands
All, Adding /bin/bash helped fix the issue. Thanks all. command => "/bin/bash $intconfigfile", Thanks, Mani On Sunday, September 15, 2013 4:55:08 PM UTC-7, Mani Devarajan wrote: > > Hello, > I am downloading a file from puppet master which has list of ifconfig > command and run it using exec command on client. But it fails "change from > notrun to 0 failed: intconfig returned 1 instead of one of [0] at". Any > suggestion on how to overcome this error. Thanks in advance. > > File content: > ifconfig eth3 up > exit 0 > > Puppet code: > file { $intconfigfile: > owner => "root", > group => "root", > mode => "777", > source => "puppet:///files/$intfilename", > } > > exec {"config_uplink": > command => $intconfigfile, > require => File[$intconfigfile] > } > > Error: > err: returns: change from notrun to 0 failed: intconfig returned 1 instead > of one of [0] at > > Thanks, > Mani > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] SSH configuration Question
I'm somewhat new to puppet and I have this issue with SSH. Let's say I have 6 different SSH configurations. How do I get puppet to install or upgrade SSH based on the configurations? Assume the O/S and SSHD versions are all the same. So let's say I have different configurations that run SSHD with the following ports: Port 22 Port Port 1000, and so on. How can I write or modify the puppet openssh module to update the different configurations? Thanks in advance. John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] puppetlabs firewall module :: selective disable
I'm trying to use the puppetlabs firewall module, but I want to selectively enable only on certain machines. I cant seem to override the default "$ensure = running" in the ./modules/firewall/manifests/init.pp and linux.pp scripts. Any suggestions would be welcome. so far I have tried (not all at the same time), none of which work ... # nodes file node "puppet" { include "iptables" } # class iptables class iptables { Service { ensure => stopped } class { ['fw::pre', 'fw::post]: } class { 'firewall': $ensure = stopped } class { 'firewall': ensure => stopped } } it's probably obvious I dont know what I'm doing so I'll save you the time by pointing that out myself :) iptables seems to want to start no matter what I change. Andrew -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Parse puppet manifests in rspec tests
On 2013-16-09 24:05, James Kyle wrote: I want to do a syntax check of all our managed puppet manifests in rspec. It's an easy way to generate build reports for use in a CI. My first attempt looks like this: Puppet::Face[:parser, '0.0.1'].validate('puppet/manifests/site.pp') But this throws the following error: Puppet::Error: Could not parse for environment production: Error converting value for param 'modulepath': Could not find value for $confdir at /Users/jkyle/Projects/puppet/occam/puppet/manifests/site.pp:2 from /Users/jkyle/.rvm/gems/ruby-2.0.0-p247@puppet/gems/puppet-3.3.0/lib/puppet/parser/parser_support.rb:166:in `rescue in parse' Even though the same file passes if tested via puppet parser validate puppet/manifests/site.pp The puppet 3x parser is not really suitable as a "syntax checker" only, it does things while it is parsing that are unwanted in a pure "syntax checking" use-case (e.g. some evaluation IIRC, imports, if you try to use collection you need to have store-configs turned or or it will barf, it will stop on the first found error, etc.). It is simply not designed to support the syntax-checker use-case well. The future parser performs parsing as a separate step, then validation, and finally translation to the 3x AST for evaluation. By using only the parse and validation steps you could construct a language validator that can be used in rspec tests. It should be possible to figure out how to do this by looking at the rspec tests in spec/unit/pops/validator (i.e. what you need to set up) - it is however not perfect as some of the checking is delegated to the transformation and runtime classes. (This will be much better with a new evaluator and further improved validator - i.e. hopefully in puppet 4). Still, you would capture many syntax and semantic issues this way. There are alternatives though, the corresponding functionality in Geppetto is available as plugins to travis and jenkins (have to check if the geppetto-jenkins plugin is generally available yet). You can also run puppet-lint as part of this setup. The Geppetto CI plugins should give you a more high quality checking than what you can (easily) achieve by using 'puppet as a library'. These are used when publishing to the forge to check quality issues BTW. One advantage with the Geppetto validator is that it also supports stylistic checks and checks for problematic expressions (like puppet-lint), something that the runtime parser does not do. Then there are runtime issues naturally - none of the tools can capture those problems (rspec-puppet can find some). Not being able to run the parser via Puppet Faces is the least of the problems IMO. While I would love to get help to ensure that the Puppet runtime validator is perfect your best bet is to look at the Geppetto validator for CI if you want to do something right away. Hope that helps. Regards - henrik -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Need input on how to run a file with list of commands
Hello, I am downloading a file from puppet master which has list of ifconfig command and run it using exec command on client. But it fails "change from notrun to 0 failed: intconfig returned 1 instead of one of [0] at". Any suggestion on how to overcome this error. Thanks in advance. File content: ifconfig eth3 up exit 0 Puppet code: file { $intconfigfile: owner => "root", group => "root", mode => "777", source => "puppet:///files/$intfilename", } exec {"config_uplink": command => $intconfigfile, require => File[$intconfigfile] } Error: err: returns: change from notrun to 0 failed: intconfig returned 1 instead of one of [0] at Thanks, Mani -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Parse puppet manifests in rspec tests
I want to do a syntax check of all our managed puppet manifests in rspec. It's an easy way to generate build reports for use in a CI. My first attempt looks like this: Puppet::Face[:parser, '0.0.1'].validate('puppet/manifests/site.pp') But this throws the following error: Puppet::Error: Could not parse for environment production: Error converting value for param 'modulepath': Could not find value for $confdir at /Users/jkyle/Projects/puppet/occam/puppet/manifests/site.pp:2 from /Users/jkyle/.rvm/gems/ruby-2.0.0-p247@puppet/gems/puppet-3.3.0/lib/puppet/parser/parser_support.rb:166:in `rescue in parse' Even though the same file passes if tested via puppet parser validate puppet/manifests/site.pp -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: Announce: Puppet 3.3.0 Available
On 2013-15-09 3:11, William Van Hevelingen wrote: Hi Henrik or Eric, Is it possible to error on failed lookups? This is useful for replacing the fail('osfamily not supported') lines in most params.pp files. Ryan mentioned the same thing in the ticket and I wasn't sure if it was resolved. It currently returns undef if the value is not found. It should error if a parameterized class does not get a value for a parameter (and it has no default value), but it does not do that for an explicit lookup. It has been brought up earlier that it is a bit klunky to lookup a value and use a default as a check is needed. I can imagine changing the lookup signature to take name, type and default. If no default is given it could be made to raise an error if name does not exist. Regards - henrik -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Puppetmaster revokes just signed certificates
I am hitting almost the same issue as https://groups.google.com/forum/#!topic/puppet-users/9U3es1Z46B0. The difference might be that it occurs randomly here, not consistently. Maybe there's some corruption with CRL file on puppetca server. Is it ok to simply nil or remove file '/var/lib/puppet/ca/ca_crl.pem' on puppetca server? Is it ok to nil or remove inventory.txt file on puppetca server as well? I am not sure what is the correct procedure to get ca_crl.pem file recreated, and I don't see this is mentioned in any puppet documentation. Please advise, -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.