[Puppet Users] Re: Newbie basic parameterized class usage question

[Rahul Khengare]

Hi Patrick,
   You calling the filesys_group_acl class in wrong way. Way you are using 
is for function/defined type.

Make following change in your manifests.

Here's the contents of tws_node's init.pp: 
>
> class tws_node { 
>
>   $userhome="/opt/IBM/TWS" 
>
>  

 # filesys_group_acl { "ibmtm_acl_group_ibmtm" :

 

>  
>
Change calling of class method : 
* class { "filesys_group_acl":  * 

#subscribe  => File["$userhome"], 
> dir => $userhome, 
> group => "ibmtm", 
>   } 
>
> } 
>
>
If you want to use filesys_group_acl  resource multiple times then change 
class to defined type.
http://docs.puppetlabs.com/learning/definedtypes.html

I hope this will help.

Thanks and Regards,
Rahul Khengare
NTT DATA OSS Center, Pune, India.
 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] b64_zlib_yaml errros after server upgrade to

[Tim Fall]

That might have been it, but I wiped out foreman and foreman-proxy and 
reinstalled.

On Thursday, October 3, 2013 2:29:05 PM UTC+9, Henrik Nicolaisen wrote:
>
> > I'm having the same issue as well. I tried enabling the dev repo, but no 
> luck there with 3.3.1rc2. Also running in passenger under Foreman. 
>
> try checking if you have both a repos version and a gem version installed, 
> and if they are different, that was the error on my setup 
>
> //Henrik

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] b64_zlib_yaml errros after server upgrade to

[Henrik Nicolaisen]

> I'm having the same issue as well. I tried enabling the dev repo, but no luck 
> there with 3.3.1rc2. Also running in passenger under Foreman.

try checking if you have both a repos version and a gem version installed, and 
if they are different, that was the error on my setup

//Henrik

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Newbie basic parameterized class usage question

[Cory Stoker]

Not sure if you got help or not but that error is telling you that
filesys_group_acl is not a resource type.  This is because you created
it as a class and not a defined resource type.  Defined types use the
"define" keyword instead of the "class" keyword.

http://docs.puppetlabs.com/puppet/3/reference/lang_defined_types.html

HTH

-Cory

On Tue, Oct 1, 2013 at 9:17 AM, Patrick Spinler  wrote:
>
> I'd like to create and call a parameterized class from another class,
> both in modules.  Here's what I'm trying to do:
>
> First, my module path:
>
> ap00375@ROFTMA901A ~ $ sudo puppet apply --configprint modulepath
> /modules:/shares/nfs/unixnoarch/config/puppet:/shares/nfs/unixnoarch/config/puppet/linux
>
> Here, you can see the two modules in question:
>
> ap00375@ROFTMA901A ~ $ find /shares/nfs/unixnoarch/config/puppet/ -name
> 'init.pp'
> /shares/nfs/unixnoarch/config/puppet/tws_node/manifests/init.pp
> /shares/nfs/unixnoarch/config/puppet/filesys_group_acl/manifests/init.pp
>
> Here's the contents of tws_node's init.pp:
>
> class tws_node {
>
>   $userhome="/opt/IBM/TWS"
>
>   filesys_group_acl { "ibmtm_acl_group_ibmtm" :
> #subscribe  => File["$userhome"],
> dir => $userhome,
> group => "ibmtm",
>   }
>
> }
>
> And the contents of filesys_group_acl's init.pp (the parameterized one)
>
>
> class filesys_group_acl ($dir = '', $group = '') {
>
>   exec { "apply_acl_${title}":
> unless => "/usr/bin/getfacl $dir 2>/dev/null | /bin/grep
> group:$group: > /dev/null",
> command=> "/usr/bin/setfacl -R -m group:$group:rwx -m
> default:group:$group:rwx $dir",
>   }
>
> }
>
>
> And it's complaining about the parameterized class, filesys_group_acl:
>
> ap00375@ROFTMA901A ~ $ sudo puppet apply --noop --verbose  --execute
> "include tws_node"
> Error: Puppet::Parser::AST::Resource failed with error ArgumentError:
> Invalid resource type filesys_group_acl at
> /shares/nfs/unixnoarch/config/puppet/tws_node/manifests/init.pp:10 on
> node roftma901a.mayo.edu
> Error: Puppet::Parser::AST::Resource failed with error ArgumentError:
> Invalid resource type filesys_group_acl at
> /shares/nfs/unixnoarch/config/puppet/tws_node/manifests/init.pp:10 on
> node roftma901a.mayo.edu
>
>
> Any help, please?  What am I missing?
>
> Thanks,
> -- Pat
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Idiom for throwing an error if a command fails

[Richard K. Miller]

Hi,

What's the best idiom for executing a command on every Puppet run and 
triggering an error if the command fails?

For example, the following code throws an error if the machine has anything 
other than 8 cores.

  exec { "echo 'This machine does not have 8 cores!'; exit 1":
unless => "facter processorcount | grep -q 8",
  }

The "; exit 1" changes this from a Notice to an Error, but it seems a bit 
hackish. I couldn't discover a way to do this with err() or notify{}. 

I'm envisioning something like this:

notify { 'This machine does not have 8 cores':
  error_level => warning,
  unless => "facter processorcount | grep -q 8",
}

Not mission-critical. Just curious...

Richard


-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] onlyif return code

[Mike Delaney]

On Wed, Oct 2, 2013 at 4:15 AM, Björn  wrote:

>   exec{'ensure password policy for pci':
> cwd => '/bin/',
> command => "/bin/sed -i 's/^password.*cracklib.so.*/password
> requisite   pam_cracklib.so retry=3 minlen=8 difok=5
> dcredit=-1 lcredit=-1 ucredit=-1 ocredit=-1/g' $pam_password",
> path=> "/usr/bin:/usr/sbin:/bin",
> onlyif  => "grep '^password.*cracklib.so.*' $pam_password",
> require => Package[$cracklib],
>   }
>
>   exec{'ensure password policy for pci when nothing is present':
> cwd => '/bin/',
> command => "echo 'passwordrequisite
> pam_cracklib.so retry=3 minlen=8 difok=5 dcredit=-1 lcredit=-1 ucredit=-1
> ocredit=-1' >> $pam_password",
> path=> "/usr/bin:/usr/sbin:/bin",
> onlyif  => "grep -vq '^password.*cracklib.so.*' $pam_password",
> require => Package[$cracklib],
>   }
> }
>
> My problem are the exec commands.
>
> With the first exec I try to change an existing line with sed.
>
> With the second exec I try to add the rule if no line with
> "password.*cracklib" is existing.
> Unfortunately, this exec run when the return code of onlyif is 0. I don't
> know a command which return 0 when the line isn't available and return 1
> when the line is available.
>
> May be I'm thinking to complicated? Do you have another solution?
>


Off the top of my head, I can't think of a way to invert grep's exit status
like you want (at least not a way
that will work in an onlyif), however the use of two execs to modify a file
is probably not the ideal solution.
Indeed, once the cracklib entry is present in the file, that first exec
will fire every time puppet runs, which
is probably not what you want either.

If you don't want to manage the entire file, you could use either the
native augeas type or the file_line
type from the stdlib module to accomplish what you want (file_line is
probably easier):

  file_line { 'ensure password policy for pci':
path=> $pam_password,
match => '^password.*cracklib\.so',
line => 'passwordrequisite
  pam_cracklib.so retry=3 minlen=8 difok=5 dcredit=-1 lcredit=-1 ucredit=-1
ocredit=-1'
}

-Mike

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Announce: Puppet 3.3.1-rc3 available

[Melissa Stone]

**Release candidate:**

Pre-release: 3.3.1 has not yet been released.

RC1: September 23, 2013
RC2: September 27, 2013
RC3: October 02, 2013

3.3.1 is to be a bug fix release in the Puppet 3.3 series. The focus
of the release is fixing backwards compatibility regressions that
slipped in via the YAML deprecations in 3.3.0.

**Upgrade Note**

The release of Puppet 3.3.1 will supersede the upgrade warning for
Puppet 3.3.0. As of 3.3.1, agent nodes will be compatible with all
Puppet 3.x masters with no extra configuration.


Puppet 3.3.1-rc3 Downloads
--
Source: 
https://downloads.puppetlabs.com/puppet/puppet-3.3.1-rc3.tar.gz

Available in native package format in the pre-release repositories at:
http://yum.puppetlabs.com and http://apt.puppetlabs.com

For information on how to enable the Puppet Labs pre-release repos, see:
http://docs.puppetlabs.com/guides/puppetlabs_package_repositories.html#enabling-the-prerelease-repos

Gems are available via rubygems at
https://rubygems.org/downloads/puppet-3.3.1.rc3.gem
  or by using `gem install --pre puppet`

Mac packages are available at
https://downloads.puppetlabs.com/mac/puppet-3.3.1-rc3.dmg

Windows packages are available at
https://downloads.puppetlabs.com/windows/puppet-3.3.1-rc3.msi

Please report feedback via the Puppet Labs Redmine site, using an
affected puppet version of 3.3.1-rc3:
https://projects.puppetlabs.com/projects/puppet/


Fixes for Backwards Compatibility Regressions in 3.3.0


## Issue 22535: puppet 3.3.0 ignores File ignore in recursive copy
## Issue 22608: filebucket (backup) does not work with 3.3.0 master
and older clients
## Issue 22530: Reports no longer work for clients older than 3.3.0
when using a 3.3.0 puppet master
## Issue 22652: ignore doesn't work if pluginsync enabled


New backward compatibility issues were discovered after the release of
3.3.0, so we changed our handling of deprecated wire formats.

Starting with 3.3.1, you do not need to set additional settings in
puppet.conf on your agent nodes in order to use newer agents with
puppet masters running 3.2.4 or earlier. Agents will work with all 3.x
masters, and they will automatically negotiate wire formats as needed.
This behavior supersedes the behavior described for 3.3.0; the
report_serialization_format setting is now unnecessary.

Additionally, this release fixes two situations where 3.3.0 masters
would do the wrong thing with older agents. (Reports would fail unless
the master had report_serialization_format set to yaml, which was not
intended, and remote filebucket backups would always fail.)


Miscellaneous Regression Fixes
---
## Issue 22384: Excessive logging for files not found

This was a regression in 3.3.0.

When using multiple values in an array for the file type's source
attribute, Puppet will check them in order and use the first one it
finds; whenever it doesn't find one, it will log a note at the "info"
log level, which is silent when logging isn't verbose. In 3.3.0, the
level was accidentally changed to the "notice" level, which was too
noisy.

## Issue 22529: apt package ensure absent/purged causes warnings on 3.3.0

This was a regression in 3.3.0. The apt package provider was logging
bogus warnings when processing resources with ensurevalues of absent
or purged.

## Issue 22493: Can't start puppet agent on non english Windows

This was a regression in 3.2.4, caused by a bug in one of the Ruby
libraries Puppet relies on. We submitted a fix upstream, and packaged
a fixed version of the gem into the Windows installer.


Fixes for Long-Standing Bugs
---
## Issue 19994: ParsedFile providers do not clear failed flush
operations from their queues

This bug dates to Puppet 2.6 or earlier.

The bug behavior was weird. Basically:

Your manifests include multiple ssh_authorized_key resources for
multiple user accounts.
One of the users has messed-up permissions for their authorized keys
file, and their resource fails because Puppet tries to write to the
file as that user.
All remaining key resources also fail, because Puppet tries to write
the rest of them to that same user's file instead of the file they
were supposed to go in.

## Issue 21975: Puppet Monkey patch 'def instance_variables' clashing
with SOAP Class...

This bug dates to 3.0.0. It was causing problems when using plugins
that use SOAP libraries, such as the types and providers in the
puppetlabs/f5 module.

## Issue 22474: --no-zlib flag doesn't prevent zlib from being
required in Puppet

This bug dates to 3.0.0, and caused Puppet to fail when running on a
copy of Ruby 

[Puppet Users] exec is stripping "%" in the string.

[Jason Greathouse]

I'm trying to pass a url to an exec and at some point all the % characters 
are being stripped out of the string.  

Here's my init.pp:

  service { 'apache2':
ensure => running,
enable => true,
notify => Exec['AWSwait']
  }

  file { '/mnt/WaitResponse.json':
ensure => file,
owner  => 'root',
group  => 'root',
mode   => '0644',
source => 'puppet:///modules/api/WaitResponse.json'
  }

  exec { "/usr/bin/curl -T /mnt/WaitResponse.json \"${::mt_wait}\"":
onlyif   => '/usr/bin/wget -q -O /mnt/favicon.ico 
http://localhost/favicon.ico',
creates  => '/mnt/favicon.ico',
alias=> 'AWSwait',
require  => File['/mnt/WaitResponse.json']
  }

::mt_wait is being generated by a custom facter script:

# facter mt_wait
https://cloudformation-waitcondition-us-east-1.s3.amazonaws.com/arn%3Aaws%3Acloudformation%3Aus-east-1%3A106261427813%3Astack/api-qa-puppet-7/e9e86e20-2bac-11e3-8a8b-50e2416294a8/WaitHandle?Expires=1380837161&AWSAccessKeyId=&Signature=XX


The Scheduling refresh looks correct:
puppet-agent[5779]: (/Stage[main]/Api/Service[apache2]) Scheduling refresh 
of Exec[/usr/bin/curl -T /mnt/WaitResponse.json 
"https://cloudformation-waitcondition-us-east-1.s3.amazonaws.com/arn%3Aaws%3Acloudformation%3Aus-east-1%3A106261427813%3Astack/api-qa-puppet-7/e9e86e20-2bac-11e3-8a8b-50e2416294a8/WaitHandle?Expires=1380837161&AWSAccessKeyId=&Signature=XXX";]

But when it Exec Refresh runs, the "%" are missing:
puppet-agent[5779]: (/Stage[main]/Api/Exec[/usr/bin/curl -T 
/mnt/WaitResponse.json 
"https://cloudformation-waitcondition-us-east-1.s3.amazonaws.com/arn3Aaws3Acloudformation3Aus-east-13A1062614278133Astack/api-qa-puppet-7/e9e86e20-2bac-11e3-8a8b-50e2416294a8/WaitHandle?Expires=1380837161&AWSAccessKeyId=&Signature=XX";])
 
Triggered 'refresh' from 1 events

Is there a better way to pass the variable to exec then a double-quote or 
someway to escape the "%"?

Thanks,
-Jason 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Re: [windows server 2008 r2] puppet errors in 3.3.0 on exchange database servers

[cko]

Hi Ethan,

what's the exact command that i would have to use? 


On Wednesday, October 2, 2013 11:35:29 PM UTC+2, Ethan Brown wrote:
>
> Christian - 
>
> I'm doing the final verification of our fix, and was hoping that I could 
> get the output from Facter run by itself?
>
>
>
> On Fri, Sep 20, 2013 at 1:36 PM, Rob Reynolds 
> 
> > wrote:
>
>> I would say with all of this in mind we move forward with a fix where we 
>> look to see that the network adapter itself is also enabled. This is laid 
>> out in the ticket that I noted earlier.
>>  
>>
>> On Fri, Sep 20, 2013 at 7:44 AM, Rich Siegel 
>> > wrote:
>>
>>> Exchange DAG is essentially a cluster and the adapter in question the 
>>> dag ip.
>>>
>>> My guess is the logic for adapters should be modded for when 
>>> netconnectionid is not null.
>>>
>>> In general don't try to mess with hidden adapters on dags unless you 
>>> understand ramifications.
>>>
>>> --
>>> You received this message because you are subscribed to the Google 
>>> Groups "Puppet Users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send 
>>> an email to puppet-users...@googlegroups.com .
>>> To post to this group, send email to puppet...@googlegroups.com
>>> .
>>> Visit this group at http://groups.google.com/group/puppet-users.
>>> For more options, visit https://groups.google.com/groups/opt_out.
>>>
>>
>>
>>
>> -- 
>> Rob Reynolds
>> Developer, Puppet Labs
>>
>> Join us at PuppetConf 2014, September 23-24 in San Francisco
>>  
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to puppet-users...@googlegroups.com .
>> To post to this group, send email to puppet...@googlegroups.com
>> .
>> Visit this group at http://groups.google.com/group/puppet-users.
>> For more options, visit https://groups.google.com/groups/opt_out.
>>
>
>
>
> -- 
> --
> Ethan Brown
> et...@puppetlabs.com 
> Software Engineer
>
> *Join us at PuppetConf 2014, September 23-24 in San Francisco*
>  

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Re: [windows server 2008 r2] puppet errors in 3.3.0 on exchange database servers

[Ethan Brown]

Christian -

I'm doing the final verification of our fix, and was hoping that I could
get the output from Facter run by itself?



On Fri, Sep 20, 2013 at 1:36 PM, Rob Reynolds  wrote:

> I would say with all of this in mind we move forward with a fix where we
> look to see that the network adapter itself is also enabled. This is laid
> out in the ticket that I noted earlier.
>
>
> On Fri, Sep 20, 2013 at 7:44 AM, Rich Siegel  wrote:
>
>> Exchange DAG is essentially a cluster and the adapter in question the dag
>> ip.
>>
>> My guess is the logic for adapters should be modded for when
>> netconnectionid is not null.
>>
>> In general don't try to mess with hidden adapters on dags unless you
>> understand ramifications.
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to puppet-users+unsubscr...@googlegroups.com.
>> To post to this group, send email to puppet-users@googlegroups.com.
>> Visit this group at http://groups.google.com/group/puppet-users.
>> For more options, visit https://groups.google.com/groups/opt_out.
>>
>
>
>
> --
> Rob Reynolds
> Developer, Puppet Labs
>
> Join us at PuppetConf 2014, September 23-24 in San Francisco
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To post to this group, send email to puppet-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/puppet-users.
> For more options, visit https://groups.google.com/groups/opt_out.
>



-- 
--
Ethan Brown
et...@puppetlabs.com
Software Engineer

*Join us at PuppetConf 2014, September 23-24 in San Francisco*

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Failed to execute a command using the exec resource on Windows

[beyonddc . storage]

It's the path, you are right.  After I set it, it ran successfully.

Thanks!

On Wednesday, October 2, 2013 3:26:56 PM UTC-4, Fernando Torres wrote:
>
> Did you provide the path attribute in your exec resource?
>
> Some like that:
>
> exe {'execute pretty command':
>command => 'cmd.exe /c echo 'hello world',
>path => $::path
> }
>
> $::path is a variable that contains all paths contained in this user 
> profile. you can also define it hardcoded. Note: you must have 
> c:\windows\system32 (for cmd.exe) and your ruby bin directory in your path 
> in order your command run well.
>
>
> On Wed, Oct 2, 2013 at 11:41 AM, >wrote:
>
>> I am having a difficult time to determine the cause of why my exec 
>> resource failed to execute a command on Windows.
>>
>> Here's the error message reproduced by the Puppet on the windows machine 
>> when I ran 'puppet agent --test'.
>>
>> Error: cmd.exe /c ruby -e "File.open('c:\replace_me', 'w') { |f| 
>> f.write(File.read('C:/Documents and Settings/All Users/Application 
>> Data/PuppetLabs/puppet/var/replace_me')) }" returned 1 instead of one of [0]
>>
>> Error: 
>> /Stage[main]/Windows_95d7fd26_b0e4_4642_9eb0_a06de0ea2fc7_1380724354040/Exec[rem_a8159a47_5507_4731_9d5f_1587fa8d5803_824177284125062]/returns:
>>  
>> change from notrun to 0 failed: cmd.exe /c ruby -e 
>> "File.open('c:\replace_me', 'w') { |f| f.write(File.read('C:/Documents and 
>> Settings/All Users/Application Data/PuppetLabs/puppet/var/replace_me')) }" 
>> returned 1 instead of one of [0]
>>
>> Notice: Finished catalog run in 2.06 seconds
>>
>> If I copied and pasted the command manual to a command prompt on Windows 
>> then the command would run successfully.  It's just that it when running it 
>> with Puppet then it would failed.  Please let know if you see any issue 
>> with my command or if there's any debug technique that I should try.
>>
>> Thanks!
>>
>> David
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to puppet-users...@googlegroups.com .
>> To post to this group, send email to puppet...@googlegroups.com
>> .
>> Visit this group at http://groups.google.com/group/puppet-users.
>> For more options, visit https://groups.google.com/groups/opt_out.
>>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Pulling my hair out with CA proxying

[Pete Hartman]

I tried to update this, but apparently failed.

Problem was my own misunderstanding of apache.

1) the passenger module was loaded before the proxy module, so the app
was responding before apache could proxy the request
2) I didn't recognize this as a working fix at first because I also
omitted mod_proxy_http which was needed in addition to mod_proxy


Thanks...

Pete



On Wed, Oct 2, 2013 at 2:27 PM, Felipe Salum  wrote:
> Can you paste your /etc/httpd/conf.d/puppetmaster.conf ?
>
>
> On Wednesday, October 2, 2013 5:35:58 AM UTC-7, Pete Hartman wrote:
>>
>> I do not have responsibility for the F5's and I'm not sure what my
>> networking team would be willing to do in terms of custom rules no
>> matter how simple.
>>
>> The use of the apache proxy service on the masters is a configuration
>> documented and recommended (at least as one alternative) by
>> PuppetLabs; now that I have found what I was missing, I plan to stick
>> with that.
>>
>> On Wed, Oct 2, 2013 at 2:08 AM, Gavin Williams  wrote:
>> > Pete
>> >
>> > I've not done this before, however am familiar with Puppet, and know a
>> > lot more about F5s...
>> >
>> > I note that you say that you're expecting apache on the masters to proxy
>> > onto the CA server.
>> > Is there any reason you couldn't use the F5 to select the CA server for
>> > any CA requests?
>> > Should be a fairly straight forward iRule to do pool selection based on
>> > the URI.
>> >
>> > Thoughts?
>> >
>> > Gav
>> >
>> > --
>> > You received this message because you are subscribed to a topic in the
>> > Google Groups "Puppet Users" group.
>> > To unsubscribe from this topic, visit
>> > https://groups.google.com/d/topic/puppet-users/xY5xnOU09Qg/unsubscribe.
>> > To unsubscribe from this group and all its topics, send an email to
>> > puppet-users...@googlegroups.com.
>> > To post to this group, send email to puppet...@googlegroups.com.
>> > Visit this group at http://groups.google.com/group/puppet-users.
>> > For more options, visit https://groups.google.com/groups/opt_out.
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Puppet Users" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/puppet-users/xY5xnOU09Qg/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> puppet-users+unsubscr...@googlegroups.com.
> To post to this group, send email to puppet-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/puppet-users.
> For more options, visit https://groups.google.com/groups/opt_out.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Failed to execute a command using the exec resource on Windows

[Fernando Torres]

Did you provide the path attribute in your exec resource?

Some like that:

exe {'execute pretty command':
   command => 'cmd.exe /c echo 'hello world',
   path => $::path
}

$::path is a variable that contains all paths contained in this user
profile. you can also define it hardcoded. Note: you must have
c:\windows\system32 (for cmd.exe) and your ruby bin directory in your path
in order your command run well.


On Wed, Oct 2, 2013 at 11:41 AM,  wrote:

> I am having a difficult time to determine the cause of why my exec
> resource failed to execute a command on Windows.
>
> Here's the error message reproduced by the Puppet on the windows machine
> when I ran 'puppet agent --test'.
>
> Error: cmd.exe /c ruby -e "File.open('c:\replace_me', 'w') { |f|
> f.write(File.read('C:/Documents and Settings/All Users/Application
> Data/PuppetLabs/puppet/var/replace_me')) }" returned 1 instead of one of [0]
>
> Error:
> /Stage[main]/Windows_95d7fd26_b0e4_4642_9eb0_a06de0ea2fc7_1380724354040/Exec[rem_a8159a47_5507_4731_9d5f_1587fa8d5803_824177284125062]/returns:
> change from notrun to 0 failed: cmd.exe /c ruby -e
> "File.open('c:\replace_me', 'w') { |f| f.write(File.read('C:/Documents and
> Settings/All Users/Application Data/PuppetLabs/puppet/var/replace_me')) }"
> returned 1 instead of one of [0]
>
> Notice: Finished catalog run in 2.06 seconds
>
> If I copied and pasted the command manual to a command prompt on Windows
> then the command would run successfully.  It's just that it when running it
> with Puppet then it would failed.  Please let know if you see any issue
> with my command or if there's any debug technique that I should try.
>
> Thanks!
>
> David
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To post to this group, send email to puppet-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/puppet-users.
> For more options, visit https://groups.google.com/groups/opt_out.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Pulling my hair out with CA proxying

[Felipe Salum]

Can you paste your /etc/httpd/conf.d/puppetmaster.conf ?

On Wednesday, October 2, 2013 5:35:58 AM UTC-7, Pete Hartman wrote:
>
> I do not have responsibility for the F5's and I'm not sure what my 
> networking team would be willing to do in terms of custom rules no 
> matter how simple. 
>
> The use of the apache proxy service on the masters is a configuration 
> documented and recommended (at least as one alternative) by 
> PuppetLabs; now that I have found what I was missing, I plan to stick 
> with that. 
>
> On Wed, Oct 2, 2013 at 2:08 AM, Gavin Williams 
> > 
> wrote: 
> > Pete 
> > 
> > I've not done this before, however am familiar with Puppet, and know a 
> lot more about F5s... 
> > 
> > I note that you say that you're expecting apache on the masters to proxy 
> onto the CA server. 
> > Is there any reason you couldn't use the F5 to select the CA server for 
> any CA requests? 
> > Should be a fairly straight forward iRule to do pool selection based on 
> the URI. 
> > 
> > Thoughts? 
> > 
> > Gav 
> > 
> > -- 
> > You received this message because you are subscribed to a topic in the 
> Google Groups "Puppet Users" group. 
> > To unsubscribe from this topic, visit 
> https://groups.google.com/d/topic/puppet-users/xY5xnOU09Qg/unsubscribe. 
> > To unsubscribe from this group and all its topics, send an email to 
> puppet-users...@googlegroups.com . 
> > To post to this group, send email to 
> > puppet...@googlegroups.com. 
>
> > Visit this group at http://groups.google.com/group/puppet-users. 
> > For more options, visit https://groups.google.com/groups/opt_out. 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Failed to execute a command using the exec resource on Windows

[Rob Reynolds]

Can you verify the user running the service has access to the folder?

Also, can you please post your manifest?  And if you wouldn't mind, please
run 'puppet agent --test --trace --debug --verbose' and attach that output
as well?


On Wed, Oct 2, 2013 at 9:41 AM,  wrote:

> I am having a difficult time to determine the cause of why my exec
> resource failed to execute a command on Windows.
>
> Here's the error message reproduced by the Puppet on the windows machine
> when I ran 'puppet agent --test'.
>
> Error: cmd.exe /c ruby -e "File.open('c:\replace_me', 'w') { |f|
> f.write(File.read('C:/Documents and Settings/All Users/Application
> Data/PuppetLabs/puppet/var/replace_me')) }" returned 1 instead of one of [0]
>
> Error:
> /Stage[main]/Windows_95d7fd26_b0e4_4642_9eb0_a06de0ea2fc7_1380724354040/Exec[rem_a8159a47_5507_4731_9d5f_1587fa8d5803_824177284125062]/returns:
> change from notrun to 0 failed: cmd.exe /c ruby -e
> "File.open('c:\replace_me', 'w') { |f| f.write(File.read('C:/Documents and
> Settings/All Users/Application Data/PuppetLabs/puppet/var/replace_me')) }"
> returned 1 instead of one of [0]
>
> Notice: Finished catalog run in 2.06 seconds
>
> If I copied and pasted the command manual to a command prompt on Windows
> then the command would run successfully.  It's just that it when running it
> with Puppet then it would failed.  Please let know if you see any issue
> with my command or if there's any debug technique that I should try.
>
> Thanks!
>
> David
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To post to this group, send email to puppet-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/puppet-users.
> For more options, visit https://groups.google.com/groups/opt_out.
>



-- 
Rob Reynolds
Developer, Puppet Labs

Join us at PuppetConf 2014, September 23-24 in San Francisco

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Re: [Puppet-dev] Announce: PuppetDB 1.5.0 Available

[Matthaus Owens]

burji is a hostname for a machine that is no longer in use. I would
rsync using the yum.puppetlabs.com hostname. The following works for
me:

rsync 
rsync://yum.puppetlabs.com/packages/yum/el/5/products/x86_64/puppetdb-1.5.0-1.el5.noarch.rpm
-rw-r--r--20569592 2013/09/30 16:47:20 puppetdb-1.5.0-1.el5.noarch.rpm

Hope that helps.

On Wed, Oct 2, 2013 at 9:03 AM, asq  wrote:
> W dniu wtorek, 1 października 2013 19:11:40 UTC+2 użytkownik Matthaus
> Litteken napisał:
>>
>> Sorry about that. Something went awry in the ship of 1.5.0. We've
>> updated the apt repos and 1.5.0 is now there for all of the debian and
>> ubuntu flavors. And as Ken said, thanks for letting us know!
>
>
> it seems that rsync is out of the loop too :(
>
> -bash-3.2$ GET -deS
> http://yum.puppetlabs.com/el/5/products/x86_64/puppetdb-1.5.0-1.el5.noarch.rpm
> GET
> http://yum.puppetlabs.com/el/5/products/x86_64/puppetdb-1.5.0-1.el5.noarch.rpm
> --> 200 OK
> Connection: close
> Date: Wed, 02 Oct 2013 15:56:26 GMT
> Accept-Ranges: bytes
> ETag: "240711-139ddf8-4e7a274f87200"
> Server: Apache
> Content-Length: 20569592
> Content-Type: application/x-redhat-package-manager
> Last-Modified: Mon, 30 Sep 2013 23:47:20 GMT
> Client-Date: Wed, 02 Oct 2013 15:57:04 GMT
> Client-Peer: 198.58.114.168:80
> Client-Response-Num: 1
> X-Frame-Options: SAMEORIGIN
>
> -bash-3.2$ rsync
> rsync://burji.puppetlabs.com/packages/yum/el/5/products/x86_64/puppetdb-1.5.0-1.el5.noarch.rpm
> rsync: link_stat "/yum/el/5/products/x86_64/puppetdb-1.5.0-1.el5.noarch.rpm"
> (in packages) failed: No such file or directory (2)
> rsync error: some files/attrs were not transferred (see previous errors)
> (code 23) at main.c(1508) [Receiver=3.0.7]
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To post to this group, send email to puppet-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/puppet-users.
>
> For more options, visit https://groups.google.com/groups/opt_out.



-- 
Matthaus Owens
Release Manager, Puppet Labs

Join us at PuppetConf 2014, September 23-24 in San Francisco

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Re: Still no nagios joy

[David Thompson]

On 10/2/13 9:44 AM, David Thompson wrote:



Do you know whether the exported nagios_host resources in particular are
ending up in the DB?


Just to eliminate postgres as a possible problem source, I changed the 
database.ini and switched (back) to the embedded hsqldb database.  Same 
result with the embedded database.



Could you be more specific?  What are the forms of the collector and
query URIs you are using?



curl -G 'http://localhost:8080/v3/resources' --data-urlencode
'query=["=", "type", "Nagios_host"]'


Strange that although I can see the record inserts in the 
catalog_resources and resource_params relations (in either postgres or 
hsqldb), the query says there is no such resource.


--
David Thompson
Waisman Center Brain Imaging and Behavior Lab
1500 Highland Ave. Room T133
Madison, WI  53705-2280
(608) 265-6608
dthompson (at) waisman (dot) wisc (dot) edu

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Re: [Puppet-dev] Announce: PuppetDB 1.5.0 Available

[asq]

W dniu wtorek, 1 października 2013 19:11:40 UTC+2 użytkownik Matthaus 
Litteken napisał:
>
> Sorry about that. Something went awry in the ship of 1.5.0. We've 
> updated the apt repos and 1.5.0 is now there for all of the debian and 
> ubuntu flavors. And as Ken said, thanks for letting us know! 
>

it seems that rsync is out of the loop too :(

-bash-3.2$ GET -deS 
http://yum.puppetlabs.com/el/5/products/x86_64/puppetdb-1.5.0-1.el5.noarch.rpm
GET 
http://yum.puppetlabs.com/el/5/products/x86_64/puppetdb-1.5.0-1.el5.noarch.rpm 
--> 200 OK
Connection: close
Date: Wed, 02 Oct 2013 15:56:26 GMT
Accept-Ranges: bytes
ETag: "240711-139ddf8-4e7a274f87200"
Server: Apache
Content-Length: 20569592
Content-Type: application/x-redhat-package-manager
Last-Modified: Mon, 30 Sep 2013 23:47:20 GMT
Client-Date: Wed, 02 Oct 2013 15:57:04 GMT
Client-Peer: 198.58.114.168:80
Client-Response-Num: 1
X-Frame-Options: SAMEORIGIN

-bash-3.2$ rsync 
rsync://burji.puppetlabs.com/packages/yum/el/5/products/x86_64/puppetdb-1.5.0-1.el5.noarch.rpm
rsync: link_stat 
"/yum/el/5/products/x86_64/puppetdb-1.5.0-1.el5.noarch.rpm" (in packages) 
failed: No such file or directory (2)
rsync error: some files/attrs were not transferred (see previous errors) 
(code 23) at main.c(1508) [Receiver=3.0.7] 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Re: Puppet vs Oracle Enterprise Manager (cm pack)?

[Byron Miller]

Doug,

For the most part, Oracle sells 12c cloud control as an enterprise 
dashboard with provisioning and metering capabilities.  12c provisions 
using templates and scripts and then has some patching stuff built on that 
for its oracle products and some os's.  It's not an idempotent based system 
by design - not a desired state config - more of a reporting config and 
here is how to bill for it.  It makes people happy who want to share costs 
since oracle costs so much to begin with :)

While oracle can provision oracle vm's and oracle systems and oracle is 
moving to pluggable databases to further remove themselves from the OS, 
there is value in 12c for oracle shops. It's just a big cost and a big 
price you pay to play that game.

We don't use the oracle provisioning, oracle vm. We're a vmware shop, so i 
provision everything from the OS up to apps through puppet & the foreman 
and i use puppet to deploy an RPM based 12c agent on hosts in the oracle 
groups.  The oracle agent just does its thing for our management and 
performance packs and allows us to easily manage / alert on oracle metrics, 
processes, jobs and events.

For what isn't oracle related, we don't install the oracle cloud control 
agents - we use Nagios..

We weren't using puppet to help do metered billing or to focus on provision 
oracle stacks only so we didn't buy the provisioning or cloud management 
packs, but we do enjoy it for the oracle rdbms / weblogic 
monitoring/reporting/alerting



On Monday, September 30, 2013 6:50:24 PM UTC-5, dkoleary wrote:
>
> Hey;
>
> >>We use both as they solve different problems.
>
> Thank you very much for responding!  All of the searching I've been doing 
> has slowly lead me to that same conclusion, but I don't have any solid 
> facts or sites to back it up.  
>
> My client also has a lot of oracle stuff.  I'm sure they could start using 
> rhel w/o issue, but it's almost exclusively OEL at this point.  They say 
> they have the license for OEM 12c; but, so far, I've not been able to 
> confirm the license for the CM pack - which, if I'm reading it right, is 
> *not* cheap and does not come with the base OEM.
>
> I've read about the mcollective but haven't had a chance to try it yet. 
>  Good to know that there's a performance issue running both of puppet and 
> OEM simultaneously.
>
> As for the environment: as I mentioned, it's mostly OEL but they do have a 
> smattering of rhel ver 4 and 5.  Most of the systems are now vmware guests; 
> but, there are a few physicals - mostly the rhel4 systems, still running.  
>
> >>What are you trying to solve? 
>
> That, right there, is my core problem.  I haven't yet been able to hammer 
> that down; but, I believe that the other admin (the one pushing for OEM) 
> and I are trying to solve different problems.  She's looking for something 
> that'll automate patching + some other nebulous things on which I haven't 
> gotten a clear answer.  I'm looking for a tool through which I can nail 
> down system configurations - ensuring that they're kept consistent across 
> all environments - and help automate configuration change distributions. 
>  I'm a UNIX admin but also a security guy at heart (CISSP/CISA).
>
> So, short version: I need to figure out what my client's trying to solve 
> (not as easy an investigation as one would hope) and, from there, I can 
> figure out whether or not OEM will be sufficient.
>
> At your convenience, any chance you could expand on the concept that they 
> solve different problems?
>
> Thanks again, very much, for your response.  It's nice getting at least a 
> partial confirmation that what I was suspecting is accurate.
>
> Doug O"Leary
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Failed to execute a command using the exec resource on Windows

[beyonddc . storage]

I am having a difficult time to determine the cause of why my exec resource 
failed to execute a command on Windows.

Here's the error message reproduced by the Puppet on the windows machine 
when I ran 'puppet agent --test'.

Error: cmd.exe /c ruby -e "File.open('c:\replace_me', 'w') { |f| 
f.write(File.read('C:/Documents and Settings/All Users/Application 
Data/PuppetLabs/puppet/var/replace_me')) }" returned 1 instead of one of [0]

Error: 
/Stage[main]/Windows_95d7fd26_b0e4_4642_9eb0_a06de0ea2fc7_1380724354040/Exec[rem_a8159a47_5507_4731_9d5f_1587fa8d5803_824177284125062]/returns:
 
change from notrun to 0 failed: cmd.exe /c ruby -e 
"File.open('c:\replace_me', 'w') { |f| f.write(File.read('C:/Documents and 
Settings/All Users/Application Data/PuppetLabs/puppet/var/replace_me')) }" 
returned 1 instead of one of [0]

Notice: Finished catalog run in 2.06 seconds

If I copied and pasted the command manual to a command prompt on Windows 
then the command would run successfully.  It's just that it when running it 
with Puppet then it would failed.  Please let know if you see any issue 
with my command or if there's any debug technique that I should try.

Thanks!

David

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Re: Still no nagios joy

[David Thompson]

On 10/2/13 9:09 AM, jcbollinger wrote:



On Tuesday, October 1, 2013 10:50:42 AM UTC-5, David Thompson wrote:


I continue to be unable to get puppetdb to create nagios resources.



Nitpick: puppetdb does not create resources of any type, in any sense.
That leaves me uncertain whether you are saying that the exported
nagios_host resources you describe next fail to be recorded in the DB,
or whether you are saying that despite being recorded, they are not
subsequently collected.


Yes, it would be better to say that the generated nagios_host.cfg file 
contains far fewer entries than are indicated by the number of hosts 
containing the nagios_host resource shown below.




  I
have a very standard nagios host definition:

notify {"Nagios Base: $fqdn $hostname $ipaddress": }
@@nagios_host { $fqdn:
  ensure => present,
  alias => $hostname,
  address => $ipaddress,
  use => "linux-server",
}

...and the notify shows up on subsequent agent runs, so I know the
statement is being activated.  I also know that the facts and catalogs
are winding up in the postgres database.



Do you know whether the exported nagios_host resources in particular are
ending up in the DB?


If I turn on postgres statement logging, I can see e.g.:

LOG:  execute S_2: INSERT INTO catalog_resources 
(catalog,resource,type,title,tags,exported,file,line) VALUES 
($1,$2,$3,$4,$5,$6,$7,$8)
DETAIL:  parameters: $1 = 'b0ddc055494f58babc8f0085245517d3424e1e63', $2 
= '5b5706ff5fe112b04f3722b5ce65d699c80a0e04', $3 = 'Nagios_host', $4 = 
'c101.keck.waisman.wisc.edu', $5 = 
'{node,nagios_host,x86_64_sci6,class,nagios,c101.keck.waisman.wisc.edu}', $6 
= 't', $7 = 
'/systypes/noarch/puppet/production/modules/nagios/manifests/init.pp', 
$8 = '125'



(...and then c101 shows up in neither the generated nagios config nor in 
the REST query...)





Despite all this, both the nagios collector and the puppetdb rest API
only show the Nagios_host resources generated on the nagios server
itself.



Could you be more specific?  What are the forms of the collector and
query URIs you are using?


The puppet nagios collector:

if $nagios_server {
  Nagios_host <<||>>
}


The query I'm using:

curl -G 'http://localhost:8080/v3/resources' --data-urlencode 
'query=["=", "type", "Nagios_host"]'


(I tried updating to the latest-and-greatest puppetdb yesteday.  No 
change.  I get the same from the v2 URI.)



Do you actually have PuppetDB configured as your storeconfigs back end?
Following the docs
(http://docs.puppetlabs.com/puppetdb/latest/connect_puppet_master.html),
you should have

|   storeconfigs = true
   storeconfigs_backend = puppetdb

in the [master] section of the master's puppet.conf,/and/  thin_storeconfigs  
andasync_storeconfigs  should be disabled (the default).


Yes, this is the configuration I have on all the hosts.  In addition, I 
have the following routes.yaml on the puppet server/puppetdb server (1 
host does both):


---
master:
  facts:
terminus: puppetdb
cache: yaml


--
David Thompson
Waisman Center Brain Imaging and Behavior Lab
1500 Highland Ave. Room T133
Madison, WI  53705-2280
(608) 265-6608
dthompson (at) waisman (dot) wisc (dot) edu

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Re: Still no nagios joy

[jcbollinger]

On Tuesday, October 1, 2013 10:50:42 AM UTC-5, David Thompson wrote:
>
>
> I continue to be unable to get puppetdb to create nagios resources.



Nitpick: puppetdb does not create resources of any type, in any sense.  
That leaves me uncertain whether you are saying that the exported 
nagios_host resources you describe next fail to be recorded in the DB, or 
whether you are saying that despite being recorded, they are not 
subsequently collected.

 

>  I 
> have a very standard nagios host definition: 
>
>notify {"Nagios Base: $fqdn $hostname $ipaddress": } 
>@@nagios_host { $fqdn: 
>  ensure => present, 
>  alias => $hostname, 
>  address => $ipaddress, 
>  use => "linux-server", 
>} 
>
> ...and the notify shows up on subsequent agent runs, so I know the 
> statement is being activated.  I also know that the facts and catalogs 
> are winding up in the postgres database. 
>
>

Do you know whether the exported nagios_host resources in particular are 
ending up in the DB?
 

Despite all this, both the nagios collector and the puppetdb rest API 
> only show the Nagios_host resources generated on the nagios server itself. 
>
>

Could you be more specific?  What are the forms of the collector and query 
URIs you are using?  
 
Do you actually have PuppetDB configured as your storeconfigs back end?  
Following the docs 
(http://docs.puppetlabs.com/puppetdb/latest/connect_puppet_master.html), 
you should have

  storeconfigs = true
  storeconfigs_backend = puppetdb

in the [master] section of the master's puppet.conf, *and* thin_storeconfigs 
and async_storeconfigs should be disabled (the default).



John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Converting to heira format issue

[Dan]

Hi

I'm just getting into hiera and have now configured it, my attempts at 
migrating to hiera have been frustratingly hard as I'm not able to get the 
write syntax. Can someone help me in converting the below from a class 
declaration to hiera?

Current declarations in my declare.pp file:

class profile::web {
  class { 'nsswitch':
automount => 'files',
hosts => ['files','dns'],
  }
}

class { 'sudo': }
sudo::conf { 'web-users':
sudo_config_dir => '/etc/sudoers.d/',
source => 'puppet:///files/web/web-users.conf',
}
Thanks Dan

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Odd (fatal) error noted in logs

[jcbollinger]

On Tuesday, October 1, 2013 1:57:43 PM UTC-5, Ayers, Mike wrote:
>
> > From: puppet...@googlegroups.com  [mailto:puppet- 
> > us...@googlegroups.com ] On Behalf Of Peter Berghold 
>
> > What does "Could not prefetch package provider 'apt': invalid byte 
> > sequence in US-ASCII" mean exactly?  This started showing up in the logs 
> > of some of my servers... 
>
> If a file is being interpreted as US-ASCII, then it is expected to 
> have no characters with the high bit set.  If you edited any source files 
> with an Unicode editor, it may have changed some of your punctuatiuon to 
> fancy Unicode versions of that punctuation (e.g. a pair of quotes to "left 
> quote" and "right quote"), which the interpreter would not understand. 
>
> Blind stab: If you save a file as type "UTF-8" on Windows, a BOM 
> will be inserted as the first character in the file.  Make sure you save as 
> ASCII. 
>
>

Yes, a byte-order mark at the beginning of the file is the most likely 
culprit.   Note that UTF-8 does not require a BOM, so removing one will not 
invalidate the file, though it may make life harder for code that tries to 
detect the encoding.  But by that token, no encoding detection appears to 
be happening anyway, otherwise the file would not be assumed US-ASCII.  If 
the only bytes having their high bit set appear in a BOM at the start of 
the file, then removing the BOM will make the file simultaneously valid 
UTF-8, valid US-ASCII, and valid ISO-8859-x, x = 1 ... 15.

Note, too, that although Windows editors are known for adding a BOM under 
certain circumstances, modern vim (and I assume emacs) understand Unicode 
encodings, including UTF-8, and can probably be induced to add a BOM 
themselves.


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Pulling my hair out with CA proxying

[Pete Hartman]

I do not have responsibility for the F5's and I'm not sure what my
networking team would be willing to do in terms of custom rules no
matter how simple.

The use of the apache proxy service on the masters is a configuration
documented and recommended (at least as one alternative) by
PuppetLabs; now that I have found what I was missing, I plan to stick
with that.

On Wed, Oct 2, 2013 at 2:08 AM, Gavin Williams  wrote:
> Pete
>
> I've not done this before, however am familiar with Puppet, and know a lot 
> more about F5s...
>
> I note that you say that you're expecting apache on the masters to proxy onto 
> the CA server.
> Is there any reason you couldn't use the F5 to select the CA server for any 
> CA requests?
> Should be a fairly straight forward iRule to do pool selection based on the 
> URI.
>
> Thoughts?
>
> Gav
>
> --
> You received this message because you are subscribed to a topic in the Google 
> Groups "Puppet Users" group.
> To unsubscribe from this topic, visit 
> https://groups.google.com/d/topic/puppet-users/xY5xnOU09Qg/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to 
> puppet-users+unsubscr...@googlegroups.com.
> To post to this group, send email to puppet-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/puppet-users.
> For more options, visit https://groups.google.com/groups/opt_out.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] rspec-puppet require syntax

[Johan De Wit]

When 'require' multiple resources, you should copy what the catalog 
contains : 

*  'require' => '[User[nginx]{:name=>"nginx"}, 
Exec[install_nginx]{:command=>"install_nginx"}]',

in the rspec file.  Thats the only way i could make it pass the test.

Grts

jo
*


On Saturday, 21 September 2013 01:52:34 UTC+2, Guy Knights wrote:
>
> No such luck. I all the above suggestions (capitalising class names, 
> removing inner quotes) with another require:
>
>  * file { 'set_nginx_dir_permissions':*
> *ensure  => directory,*
> *path=> "/opt/nginx-${version}",*
> *owner   => nginx,*
> *group   => nginx,*
> *mode=> '0644',*
> *require => [User['nginx'],Exec['install_nginx']],*
> *  }*
>
>  but it says the catalogue is set to *[User[nginx]{:name=>"nginx"}, 
> Exec[install_nginx]{:command=>"install_nginx"}]*, which is what I was 
> getting with the other require.
>
> On Thursday, 19 September 2013 22:12:34 UTC-7, Dan Bode wrote:
>>
>> I'm pretty sure the error is b/c the class names need to be capitalized.
>>
>>
>> On Tue, Sep 17, 2013 at 10:05 AM, Guy Knights <
>> g...@eastsidegamestudio.com> wrote:
>>
>>> Can someone tell me the correct way to specify the following require 
>>> statement in an rspec-puppet test?
>>>
>>> *require => 
>>> [Class['ssl'],Class['pcre3'],Staging::Extract["nginx-${version}.tar.gz"]]
>>> *
>>>
>>> I tried this: *'require' => 
>>> "[Class['ssl'],Class['pcre3'],Staging::Extract['nginx-1.4.1.tar.gz']]"*but 
>>> got the following error:
>>>
>>> *Failure/Error: )
>>> *
>>> *expected that the catalogue would contain Exec[install_nginx] with 
>>> require set to 
>>> `"[Class['ssl'],Class['pcre3'],Staging::Extract['nginx-1.4.1.tar.gz']]"` 
>>> but it is set to `[Class[Ssl]{:name=>"Ssl"}, Class[Pcre3]{:name=>"Pcre3"}, 
>>> Staging::Extract[nginx-1.4.1.tar.gz]{:name=>"nginx-1.4.1.tar.gz"}]` in the 
>>> catalogue*
>>>
>>> I've tried every combination of different quotes, removing the inner 
>>> quotes, capitalising the resource titles, and even just copying and pasting 
>>> what the error above says the catalogue is reporting, but it just doesn't 
>>> work. I thought I had the syntax for requires figured out, but apparently 
>>> not.
>>>
>>> Thanks,
>>> Guy
>>>
>>> -- 
>>> You received this message because you are subscribed to the Google 
>>> Groups "Puppet Users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send 
>>> an email to puppet-users...@googlegroups.com.
>>> To post to this group, send email to puppet...@googlegroups.com.
>>> Visit this group at http://groups.google.com/group/puppet-users.
>>> For more options, visit https://groups.google.com/groups/opt_out.
>>>
>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] onlyif return code

[Björn]

Hello,

I try to ensure our password policies using /etc/login.defs and PAM 
cracklib. 

class pci_policy::password(
$cracklib = $pci_policy::params::cracklib,
$pam_password = $pci_policy::params::pam_password,
) inherits pci_policy::params {

  package{$cracklib:
ensure => installed,
  }

  file{'/etc/login.defs':
ensure  => present,
owner   => root,
group   => root,
mode=> 0644,
source  => "puppet:///modules/pci_policy/login.defs.$::operatingsystem",
require => Package[$cracklib],
  }

  exec{'ensure password policy for pci':
cwd => '/bin/',
command => "/bin/sed -i 's/^password.*cracklib.so.*/password
requisite   pam_cracklib.so retry=3 minlen=8 difok=5 
dcredit=-1 lcredit=-1 ucredit=-1 ocredit=-1/g' $pam_password",
path=> "/usr/bin:/usr/sbin:/bin",
onlyif  => "grep '^password.*cracklib.so.*' $pam_password",
require => Package[$cracklib],
  }

  exec{'ensure password policy for pci when nothing is present':
cwd => '/bin/',
command => "echo 'passwordrequisite   
pam_cracklib.so retry=3 minlen=8 difok=5 dcredit=-1 lcredit=-1 ucredit=-1 
ocredit=-1' >> $pam_password",
path=> "/usr/bin:/usr/sbin:/bin",
onlyif  => "grep -vq '^password.*cracklib.so.*' $pam_password",
require => Package[$cracklib],
  }
}

My problem are the exec commands. 

With the first exec I try to change an existing line with sed. 

With the second exec I try to add the rule if no line with 
"password.*cracklib" is existing. 
Unfortunately, this exec run when the return code of onlyif is 0. I don't 
know a command which return 0 when the line isn't available and return 1 
when the line is available. 

May be I'm thinking to complicated? Do you have another solution? 

Thanks a lot! 

Björn

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Howto model different stages

[Stig Sandbeck Mathisen]

Christian Flamm  writes:

> Hi all,
> I'm trying to find a nice way to model different stages (like: live,
> test, dev) of puppet modules. Initially I thought of different
> branches inside one (Git) repository... 
>
> * either being checked out on one puppetmaster into different
>   directories being used as different puppet environments
>
> * or being checked out on different puppetmasters

I map git branches ("testing", "production") to puppet environments,
with the "r10k" tool, and use dynamic environments on my puppet master.

Each branch contain a "manifests" directory with "site.pp", and a
Puppetfile. "r10k" creates a "modules" directory, and checks out the
modules using the versions set in the puppetfile.

After that, you need at least the following in your puppet.conf on your
puppet master to set up dynamic environments:

[main]
environment = production

[master]
manifest   = /srv/puppet/env/$environment/manifests/site.pp
modulepath = /srv/puppet/env/$environment/modules

> but then colleagues of mine recently attended Citconf in Turin were
> somebody strongly recommended not to use puppet environments and/or
> branches.

Did you get a reason for this recommendation?

-- 
Stig Sandbeck Mathisen

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Howto model different stages

[Christian Flamm]

Hi all,
I'm trying to find a nice way to model different stages (like: live, test, 
dev) of puppet modules. Initially I thought of different branches inside 
one (Git) repository...  

   - either being checked out on one puppetmaster into different 
   directories being used as different puppet environments
   - or being checked out on different puppetmasters

but then colleagues of mine recently attended Citconf in Turin were 
somebody strongly recommended *not* to use puppet environments and/or 
branches.

I'd like to understand how you solve(d) this.

Thanks in advance,
Christian

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Re: b64_zlib_yaml errros after server upgrade to

[Tim Fall]

I'm having the same issue as well. I tried enabling the dev repo, but no 
luck there with 3.3.1rc2. Also running in passenger under Foreman.

On Tuesday, September 17, 2013 1:14:13 AM UTC-7, SAF wrote:
>
> Hi,
>
> After upgrading the puppet server to puppet-server-3.3.0-1.el6.noarch, I 
> get the following on a puppet-3.2.2-1.el6.noarch client:
> puppet agent --test --noop
> Error: Could not retrieve catalog from remote server: Error 400 on SERVER: 
> Could not intern from b64_zlib_yaml: invalid bit length repeat
> Warning: Not using cache on failed catalog
> Error: Could not retrieve catalog; skipping run
>
> However, the erros look different with debug:
> puppet agent --test --noop --debug
> Error: Could not retrieve catalog from remote server: Error 400 on SERVER: 
> Could not intern from b64_zlib_yaml: invalid bit length repeat
> Warning: Not using cache on failed catalog
> Error: Could not retrieve catalog; skipping run
>
> And with trace:
> Error: Could not retrieve catalog from remote server: Error 400 on SERVER: 
> Could not intern from b64_zlib_yaml: invalid bit length repeat
> /usr/lib/ruby/site_ruby/1.8/puppet/indirector/rest.rb:185:in `is_http_200?'
> /usr/lib/ruby/site_ruby/1.8/puppet/indirector/rest.rb:100:in `find'
> /usr/lib/ruby/site_ruby/1.8/puppet/indirector/indirection.rb:197:in `find'
> /usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:243:in 
> `retrieve_new_catalog'
> /usr/lib/ruby/site_ruby/1.8/puppet/util.rb:351:in `thinmark'
> /usr/lib/ruby/1.8/benchmark.rb:308:in `realtime'
> /usr/lib/ruby/site_ruby/1.8/puppet/util.rb:350:in `thinmark'
> /usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:242:in 
> `retrieve_new_catalog'
> /usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:67:in `retrieve_catalog'
> /usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:107:in 
> `prepare_and_retrieve_catalog'
> /usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:159:in `run'
> /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:45:in `run'
> /usr/lib/ruby/site_ruby/1.8/puppet/agent/locker.rb:20:in `lock'
> /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:45:in `run'
> /usr/lib/ruby/1.8/sync.rb:230:in `synchronize'
> /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:45:in `run'
> /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:119:in `with_client'
> /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:42:in `run'
> /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:84:in `run_in_fork'
> /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:41:in `run'
> /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:179:in `call'
> /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:179:in `controlled_run'
> /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:39:in `run'
> /usr/lib/ruby/site_ruby/1.8/puppet/application/agent.rb:353:in `onetime'
> /usr/lib/ruby/site_ruby/1.8/puppet/application/agent.rb:327:in 
> `run_command'
> /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:364:in `run'
> /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:456:in `plugin_hook'
> /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:364:in `run'
> /usr/lib/ruby/site_ruby/1.8/puppet/util.rb:504:in `exit_on_fail'
> /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:364:in `run'
> /usr/lib/ruby/site_ruby/1.8/puppet/util/command_line.rb:132:in `run'
> /usr/lib/ruby/site_ruby/1.8/puppet/util/command_line.rb:86:in `execute'
> /usr/bin/puppet:4
> Warning: Not using cache on failed catalog
> Error: Could not retrieve catalog; skipping run
>
> Any idea if this is a recognized bug?
>
> Thanks.
> -- 
> Beware of programmers who carry screwdrivers! 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Pulling my hair out with CA proxying

[Gavin Williams]

Pete

I've not done this before, however am familiar with Puppet, and know a lot more 
about F5s...

I note that you say that you're expecting apache on the masters to proxy onto 
the CA server. 
Is there any reason you couldn't use the F5 to select the CA server for any CA 
requests? 
Should be a fairly straight forward iRule to do pool selection based on the 
URI. 

Thoughts? 

Gav

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.