Re: [Puppet Users] Condition on class existence on agent
On Thursday, February 27, 2014 5:16:43 PM UTC+1, nikolavp wrote: More can be found in http://docs.puppetlabs.com/puppet/latest/reference/lang_classes.html#inheritance look at the Overriding Resource Attributes section. Although I don't like inheritance as you describe it if roleB is a secure web server and roleA is a web server I would go for it. Indeed, I was playing around with inheritance in the meantime and it solved my problem. Even though at first I didn't read that Puppet 3 does not support parameters in the base class and this confused me quite a bit ;). Thanks! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/4c581bfb-d1db-4a30-a94e-3bd6ce02ef56%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Puppet module template mentioned at contributor summit
The main difference between Gareth's current params.pp and the
'defaults.pp' model I was suggesting is that in the Gareth's pattern the
params class is inherited by the base class, and all the component
subclasses reference the variables explicitly in the scope of
base::params eg:
service { $%= metadata.name %::params::service_name:
Since the params class is not parameterized there is no way to easily
override this data using hiera/data mapping.
By making the base class parameterized, with it's defaults being set in
'defaults.pp' (defaults is a more sensible name than params for this
example) and having your component subclass reference $::baseclass::var you
can override data on class declaration or in hiera using data mapping.
It's not that different, but allows for more flexibility and tighter hiera
integration
Craig
On Wed, Feb 26, 2014 at 2:43 PM, Alessandro Franceschi a...@lab42.it wrote:
Craig,
Not sure to have understood the difference between a defaults.pp pattern
and a params.pp pattern, given that I suppose that if there were parameters
in the main module class of Gareth's example they would inherit values in
params.pp exactly as the defaults example you've written.
Can be elaborate or link examples of this defaults.pp pattern?
To the list of public modules skeletons let me add this one, that follows
stdmod naming conventions:
https://github.com/stdmod/puppet-skeleton-standard
and this alternative with Rip's data in module approach:
https://github.com/stdmod/puppet-skeleton-standard/tree/hiera
Al
On Wednesday, February 26, 2014 10:37:59 AM UTC+1, Craig Dunn wrote:
This is cool, though I realise that it's a (self confessed) opinionated
module design, the only thing that really stands out for me is that it
follows a rather old, and limited, 'params.pp' pattern. There is no place
for Hiera in this model without hard coding hiera lookup functions in the
classes. Personally I think a 'defaults.pp' pattern is more sensible in
todays Puppet.
Eg:
class base (
$parameter = $base::defaults::$parameter
) inherits base::defaults {
...
}
class base::defaults {
$parameter = $logic ? {
'foo' = 'bar'
}
}
Your classes can then look up values as $base::parameter. This allows
the module to default (rather than dictate) attributes based on whatever
logic you want to implement but allows the implementer to override the
values either at the resource declaration or using Hiera data mapping for
base::parameter.
Regards
Craig
On Wed, Feb 5, 2014 at 5:38 PM, Gareth Rushgrove
gar...@morethanseven.net wrote:
This came up in discussion a couple of times at the Puppet contributor
summit at Config Management Camp in Gent over the last couple of days
so I thought I'd write up.
A while ago I put together a pretty complete/opinionated skeleton for
puppet modules. Especially if you're not too familiar with ruby or the
ruby ecosystem, or just getting started with testing it should be a
useful starting point.
https://github.com/garethr/puppet-module-skeleton
I've added a bunch more features (including a Guardfile, resource
coverage and support for Beaker integration tests) and got round to
writing up a blog post about what and why:
http://www.morethanseven.net/2014/02/05/a-template-for-puppet-modules/
Hopefully it's useful to a few people. Any features or issues let me
know.
Gareth
--
Gareth Rushgrove
@garethr
devopsweekly.com
morethanseven.net
garethrushgrove.com
--
You received this message because you are subscribed to the Google
Groups Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send
an email to puppet-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/
msgid/puppet-users/CAFi_6y%2BiRQPPKk8yTLBMiHCNOsLdNFYeaPO
8oTCCcuaASj6SaQ%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
--
*Enviatics *| Automation and configuration management
http://www.enviatics.com | @Enviatics
Puppet Training http://www.enviatics.com/training/
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/feaadcb3-cc99-45c3-825d-57ba26dc4dc0%40googlegroups.com
.
For more options, visit https://groups.google.com/groups/opt_out.
--
*Enviatics *| Automation and configuration management
http://www.enviatics.com | @Enviatics
Puppet Training http://www.enviatics.com/training/
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
Re: [Puppet Users] Puppet module template mentioned at contributor summit
Ok, I think we are talking about the same thing, then:
https://github.com/stdmod/puppet-skeleton-standard/blob/develop/manifests/init.pp.erb
should follow what you described as defaults.pp patterns , just it uses a
class named params and not default.
On Friday, February 28, 2014 11:20:57 AM UTC+1, Craig Dunn wrote:
The main difference between Gareth's current params.pp and the
'defaults.pp' model I was suggesting is that in the Gareth's pattern the
params class is inherited by the base class, and all the component
subclasses reference the variables explicitly in the scope of
base::params eg:
service { $%= metadata.name %::params::service_name:
Since the params class is not parameterized there is no way to easily
override this data using hiera/data mapping.
By making the base class parameterized, with it's defaults being set in
'defaults.pp' (defaults is a more sensible name than params for this
example) and having your component subclass reference $::baseclass::var you
can override data on class declaration or in hiera using data mapping.
It's not that different, but allows for more flexibility and tighter hiera
integration
Craig
On Wed, Feb 26, 2014 at 2:43 PM, Alessandro Franceschi
a...@lab42.itjavascript:
wrote:
Craig,
Not sure to have understood the difference between a defaults.pp pattern
and a params.pp pattern, given that I suppose that if there were parameters
in the main module class of Gareth's example they would inherit values in
params.pp exactly as the defaults example you've written.
Can be elaborate or link examples of this defaults.pp pattern?
To the list of public modules skeletons let me add this one, that follows
stdmod naming conventions:
https://github.com/stdmod/puppet-skeleton-standard
and this alternative with Rip's data in module approach:
https://github.com/stdmod/puppet-skeleton-standard/tree/hiera
Al
On Wednesday, February 26, 2014 10:37:59 AM UTC+1, Craig Dunn wrote:
This is cool, though I realise that it's a (self confessed) opinionated
module design, the only thing that really stands out for me is that it
follows a rather old, and limited, 'params.pp' pattern. There is no place
for Hiera in this model without hard coding hiera lookup functions in the
classes. Personally I think a 'defaults.pp' pattern is more sensible in
todays Puppet.
Eg:
class base (
$parameter = $base::defaults::$parameter
) inherits base::defaults {
...
}
class base::defaults {
$parameter = $logic ? {
'foo' = 'bar'
}
}
Your classes can then look up values as $base::parameter. This allows
the module to default (rather than dictate) attributes based on whatever
logic you want to implement but allows the implementer to override the
values either at the resource declaration or using Hiera data mapping for
base::parameter.
Regards
Craig
On Wed, Feb 5, 2014 at 5:38 PM, Gareth Rushgrove
gar...@morethanseven.net wrote:
This came up in discussion a couple of times at the Puppet contributor
summit at Config Management Camp in Gent over the last couple of days
so I thought I'd write up.
A while ago I put together a pretty complete/opinionated skeleton for
puppet modules. Especially if you're not too familiar with ruby or the
ruby ecosystem, or just getting started with testing it should be a
useful starting point.
https://github.com/garethr/puppet-module-skeleton
I've added a bunch more features (including a Guardfile, resource
coverage and support for Beaker integration tests) and got round to
writing up a blog post about what and why:
http://www.morethanseven.net/2014/02/05/a-template-for-puppet-modules/
Hopefully it's useful to a few people. Any features or issues let me
know.
Gareth
--
Gareth Rushgrove
@garethr
devopsweekly.com
morethanseven.net
garethrushgrove.com
--
You received this message because you are subscribed to the Google
Groups Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send
an email to puppet-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/
msgid/puppet-users/CAFi_6y%2BiRQPPKk8yTLBMiHCNOsLdNFYeaPO
8oTCCcuaASj6SaQ%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
--
*Enviatics *| Automation and configuration management
http://www.enviatics.com | @Enviatics
Puppet Training http://www.enviatics.com/training/
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users...@googlegroups.com javascript:.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/feaadcb3-cc99-45c3-825d-57ba26dc4dc0%40googlegroups.com
.
For more options, visit https://groups.google.com/groups/opt_out.
--
*Enviatics *|
[Puppet Users] Windows Package Install file permissions
Hi,
I have the following class for installing check_mk on windows machines:
class windows_check_mk {
require windows_common
package{ 'Check_MKAgent 1.2.4':
ensure = installed,
source = 'c:\\my folder\\installers\\check-mk-agent.exe',
install_options = ['/S', '/D=C:\myfolder\check_mk'],
}
}
The windows_common take cares of creating the folder c:\my folder\ and
fetching several subfolders there - including subfolder installers.
This class successfully installs check_mk agent inside
C:\myfolder\check_mk but none of the files inside can be exec by any
user, if I change install_options to
['/S', '/D=C:\\check_mk'],
this does not happen and all exes can be executed.
Why does this happens? Is there a way to workaround it?
I am using puppet 3.4.3 either on master and on the clients.
Thank you.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/86c664eb-4eae-4098-98e6-eeb1a4c272fe%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] No resources and catalog information with puppetdb
Hello
It is still broken.
I set soft_write_failure=false
I upgraded puppet on the nodes, so now the puppet master and nodes are in
version 3.4.3
This is the result of the puppetdb ssl-setup :
[root@el6 lofic]# puppetdb ssl-setup
PEM files in /etc/puppetdb/ssl already exists, checking integrity.
Setting ssl-host in /etc/puppetdb/conf.d/jetty.ini already correct.
Setting ssl-port in /etc/puppetdb/conf.d/jetty.ini already correct.
Setting ssl-key in /etc/puppetdb/conf.d/jetty.ini already correct.
Setting ssl-cert in /etc/puppetdb/conf.d/jetty.ini already correct.
Setting ssl-ca-cert in /etc/puppetdb/conf.d/jetty.ini already correct.
[root@el6 lofic]# puppetdb ssl-setup -f
PEM files in /etc/puppetdb/ssl already exists, checking integrity.
Overwriting existing PEM files due to -f flag
Copying files: /var/lib/puppet/ssl/certs/ca.pem,
/var/lib/puppet/ssl/private_keys/el6.labolinux.fr.pem and
/var/lib/puppet/ssl/certs/el6.labolinux.fr.pem to /etc/puppetdb/ssl
Setting ssl-host in /etc/puppetdb/conf.d/jetty.ini already correct.
Setting ssl-port in /etc/puppetdb/conf.d/jetty.ini already correct.
Setting ssl-key in /etc/puppetdb/conf.d/jetty.ini already correct.
Setting ssl-cert in /etc/puppetdb/conf.d/jetty.ini already correct.
Setting ssl-ca-cert in /etc/puppetdb/conf.d/jetty.ini already correct.
I restarted the puppetdb
The catalogs are still absent.
When I launch the master in debug +trace mode, I see :
Debug: Failed to load library 'msgpack' for feature 'msgpack'
Debug: file_metadata supports formats: pson b64_zlib_yaml yaml raw
/usr/lib/ruby/1.9.1/rubygems/custom_require.rb:36:in `require': iconv will
be deprecated in the future, use String#encode instead.
Warning: ActiveRecord-based storeconfigs and inventory are deprecated. See
http://links.puppetlabs.com/activerecord-deprecation
(at /usr/lib/ruby/vendor_ruby/puppet/indirector/indirection.rb:334:in
`new')
Debug: Using settings: adding file resource 'dblocation':
'File[/var/lib/puppet/state/clientconfigs.sqlite3]{:path=/var/lib/puppet/state/clientconfigs.sqlite3,
:mode=660, :owner=puppet, :group=puppet, :ensure=:file,
:loglevel=:debug, :links=:follow, :backup=false}'
Debug: Using settings: adding file resource 'railslog':
'File[/var/log/puppet/rails.log]{:path=/var/log/puppet/rails.log,
:mode=600, :owner=puppet, :group=puppet, :ensure=:file,
:loglevel=:debug, :links=:follow, :backup=false}'
Debug: Finishing transaction 23034320
Info: Connecting to sqlite3 database:
/var/lib/puppet/state/clientconfigs.sqlite3
Debug: Configuring PuppetDB terminuses with config file
/etc/puppet/puppetdb.conf
The name resolution seems fine for the master, the puppetd and the nodes
[root@el6 conf.d]# host beaker.labolinux.fr
beaker.labolinux.fr has address 192.168.0.10
[root@el6 conf.d]# host 192.168.0.10
10.0.168.192.in-addr.arpa domain name pointer beaker.labolinux.fr.
[root@el6 conf.d]# host el6.labolinux.fr
el6.labolinux.fr has address 192.168.0.16
[root@el6 conf.d]# host 192.168.0.16
16.0.168.192.in-addr.arpa domain name pointer el6.labolinux.fr.
[root@el6 conf.d]# host el6d.labolinux.fr
el6d.labolinux.fr has address 192.168.0.63
[root@el6 conf.d]# host 192.168.0.63
63.0.168.192.in-addr.arpa domain name pointer el6d.labolinux.fr.
I still have the SSL problem :
# puppet node status el6.labolinux.fr --verbose --debug --trace
Debug: Configuring PuppetDB terminuses with config file
/etc/puppet/puppetdb.conf
Debug: Failed to load library 'selinux' for feature 'selinux'
Debug: Using settings: adding file resource 'confdir':
'File[/etc/puppet]{:path=/etc/puppet, :ensure=:directory,
:loglevel=:debug, :links=:follow, :backup=false}'
Debug: Puppet::Type::User::ProviderPw: file pw does not exist
Debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/uuidgen
does not exist
Debug: Puppet::Type::User::ProviderUser_role_add: file roleadd does not
exist
Debug: Failed to load library 'ldap' for feature 'ldap'
Debug: Puppet::Type::User::ProviderLdap: feature ldap is missing
Debug: /User[puppet]: Provider useradd does not support features libuser;
not managing attribute forcelocal
Debug: Puppet::Type::Group::ProviderPw: file pw does not exist
Debug: Puppet::Type::Group::ProviderDirectoryservice: file /usr/bin/dscl
does not exist
Debug: Failed to load library 'ldap' for feature 'ldap'
Debug: Puppet::Type::Group::ProviderLdap: feature ldap is missing
Debug: /Group[puppet]: Provider groupadd does not support features libuser;
not managing attribute forcelocal
Debug: Using settings: adding file resource 'vardir':
'File[/var/lib/puppet]{:path=/var/lib/puppet, :owner=puppet,
:group=puppet, :ensure=:directory, :loglevel=:debug, :links=:follow,
:backup=false}'
Debug: Using settings: adding file resource 'logdir':
'File[/var/log/puppet]{:path=/var/log/puppet, :mode=750,
:owner=puppet, :group=puppet, :ensure=:directory, :loglevel=:debug,
:links=:follow, :backup=false}'
Debug: Using settings: adding file resource 'statedir':
[Puppet Users] Re: ensure user and group created
This was a known problem with earlier puppet releases where adding local
users would fail if they existed in a network name service (LDAP, NIS,
etc), so more recent 3.x puppet versions of the user resource have a
'forcelocal' option. Use this, and it will work.
On Wednesday, February 26, 2014 4:17:05 PM UTC-6, bluethundr wrote:
Hey all,
I've created a puppet module to control LDAP in my environment. The ldap
packages on both the centos and ubuntu hosts seem to require a user and
group called 'ldap' (respectively).
in my ldap::install class I have the following defined:
user { ldap:
ensure = present,
}
group { ldap:
ensure = present, }
But on each puppet run after the user and group is created the following
error occurs:
err: /Stage[main]/Ldap::Install/User[ldap]/ensure: change from absent to
present failed: Could not create user ldap: Execution of '/usr/sbin/usera
dd -M ldap' returned 9: useradd: group ldap exists - if you want to add
this user to that group, use -g.
Is there any way to achieve being able to create this user and group and
avoid the error on each run thereafter?
Thanks
Tim
--
GPG me!!
gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/80becae8-c0bb-4287-98f7-c7984037f050%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: puppet agent on HP unix os
While I have not tried to get get puppet working on HP-UX, I have gotten it to work on a number of other very old platforms by using ruby gems. If you can get a working puppet-supported version of ruby on HP-UX, you are most of the way there. Hopefully, you can get the ruby from a source that already compiled and packaged it, otherwise you'll have to compile ruby on your own, which isn't too bad if you have gnu tools from http://hpux.connect.org.uk. Once you have ruby with gems support, the steps are basically: * gem install --version version you want, or leave out for the latest puppet * This will install 'puppet' and 'facter' within the case bin directory ruby is in * Create /etc/puppet and /var/lib/puppet directories * Add a working /etc/puppet/puppet.conf * Run it as usual by hand: /your/path/bin/puppet agent -t * Create a puppet init script and place into /sbin/init.d, with links to it inwhatever HP-UX uses The benefit of this approach is you get the latest 'n greatest puppet version, and you can even use the package resource's gem provider (may need to sym-link /your/path/bin/gem to /usr/bin/gem') to update the gem in the future if you so desire to keep all puppet versions the same. On Thursday, February 27, 2014 11:07:36 AM UTC-6, Rick Copley wrote: Hi has anyone done any more work on puppet for HP-UX 11.31? Or can someone point me to where I can download the opensource version of puppet agent code so I can try to compile myself? On Friday, December 27, 2013 5:20:09 AM UTC-5, Ankit Mittal wrote: Dear All, Please help me if puppet agent installation is possible on hp unix os or not. If it is possible please tell how to installed it Thanks and Regrads Ankit Mittal -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/30d12538-fcb2-412c-a026-abd93556b170%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Puppet agent hogging CPU/RAM
Hi,
So the subject might be a bit generic, but couldn't really come up with
anything better. Anyway, on to the point: having a problem with two servers
in my environment, where when running the puppet agent, it hogs all memory
and CPU; the weird thing is though that this only happens on to those two
specific servers, which manifest varies quite a bit. To make it a bit
easier to describe this issue, I'll call these servers server 1 and server
2. Server 1 runs puppet agent 3.4.2, while server 2 runs puppet agent
3.3.2. Both are running Debian 6 x86_64.
When running the agent in debug mode (puppet agent --test --debug --trace),
it looks like the issue appears at:
Debug: Prefetching apt resources for package
Debug: Executing '/usr/bin/dpkg-query-W--showformat'${Status} ${Package}
${Version} :DESC: ${Description}\n:DESC:\n''
What happens when this comes up in the log is that server 1 stands there
until it runs out of ram and starts killing processes (i.e. standard OOM
behaviour) while server 2 takes about half a minute to complete (with the
puppet agent hogging quite a bit of ram and 100% CPU), but then actually
completes properly. A detail regarding the execution time is that the
execution time reported to Puppet Dashboard when this happens isn't even
near the time it actually takes to run the command (for example, for server
2, it is reporting times somewhere around 10-15 sec).
So, anyone have any idea what might be causing this? Have anyone seen this
previously? (I was able to find quite a lot of posts regarding the puppet
agent eating a lot of resources, although I couldn't find anything which
seemed related to this specific issue)
Regards,
Aron Lander
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/36cdd97b-c3df-4466-aff4-9bd828519751%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] No resources and catalog information with puppetdb
Aah, the old null cert chain error. I haven't been able to fix this
yet and every time I try this over a mailing list I never get to a
conclusion ... I suggest jumping onto Freenode IRC and pinging me - my
IRC nick is ken_barber and I usually live in #puppet, I'll be happy to
help you there.
ken.
On Fri, Feb 28, 2014 at 1:30 PM, Louis Coilliot louis.coill...@think.fr wrote:
Hello
It is still broken.
I set soft_write_failure=false
I upgraded puppet on the nodes, so now the puppet master and nodes are in
version 3.4.3
This is the result of the puppetdb ssl-setup :
[root@el6 lofic]# puppetdb ssl-setup
PEM files in /etc/puppetdb/ssl already exists, checking integrity.
Setting ssl-host in /etc/puppetdb/conf.d/jetty.ini already correct.
Setting ssl-port in /etc/puppetdb/conf.d/jetty.ini already correct.
Setting ssl-key in /etc/puppetdb/conf.d/jetty.ini already correct.
Setting ssl-cert in /etc/puppetdb/conf.d/jetty.ini already correct.
Setting ssl-ca-cert in /etc/puppetdb/conf.d/jetty.ini already correct.
[root@el6 lofic]# puppetdb ssl-setup -f
PEM files in /etc/puppetdb/ssl already exists, checking integrity.
Overwriting existing PEM files due to -f flag
Copying files: /var/lib/puppet/ssl/certs/ca.pem,
/var/lib/puppet/ssl/private_keys/el6.labolinux.fr.pem and
/var/lib/puppet/ssl/certs/el6.labolinux.fr.pem to /etc/puppetdb/ssl
Setting ssl-host in /etc/puppetdb/conf.d/jetty.ini already correct.
Setting ssl-port in /etc/puppetdb/conf.d/jetty.ini already correct.
Setting ssl-key in /etc/puppetdb/conf.d/jetty.ini already correct.
Setting ssl-cert in /etc/puppetdb/conf.d/jetty.ini already correct.
Setting ssl-ca-cert in /etc/puppetdb/conf.d/jetty.ini already correct.
I restarted the puppetdb
The catalogs are still absent.
When I launch the master in debug +trace mode, I see :
Debug: Failed to load library 'msgpack' for feature 'msgpack'
Debug: file_metadata supports formats: pson b64_zlib_yaml yaml raw
/usr/lib/ruby/1.9.1/rubygems/custom_require.rb:36:in `require': iconv will
be deprecated in the future, use String#encode instead.
Warning: ActiveRecord-based storeconfigs and inventory are deprecated. See
http://links.puppetlabs.com/activerecord-deprecation
(at /usr/lib/ruby/vendor_ruby/puppet/indirector/indirection.rb:334:in
`new')
Debug: Using settings: adding file resource 'dblocation':
'File[/var/lib/puppet/state/clientconfigs.sqlite3]{:path=/var/lib/puppet/state/clientconfigs.sqlite3,
:mode=660, :owner=puppet, :group=puppet, :ensure=:file,
:loglevel=:debug, :links=:follow, :backup=false}'
Debug: Using settings: adding file resource 'railslog':
'File[/var/log/puppet/rails.log]{:path=/var/log/puppet/rails.log,
:mode=600, :owner=puppet, :group=puppet, :ensure=:file,
:loglevel=:debug, :links=:follow, :backup=false}'
Debug: Finishing transaction 23034320
Info: Connecting to sqlite3 database:
/var/lib/puppet/state/clientconfigs.sqlite3
Debug: Configuring PuppetDB terminuses with config file
/etc/puppet/puppetdb.conf
The name resolution seems fine for the master, the puppetd and the nodes
[root@el6 conf.d]# host beaker.labolinux.fr
beaker.labolinux.fr has address 192.168.0.10
[root@el6 conf.d]# host 192.168.0.10
10.0.168.192.in-addr.arpa domain name pointer beaker.labolinux.fr.
[root@el6 conf.d]# host el6.labolinux.fr
el6.labolinux.fr has address 192.168.0.16
[root@el6 conf.d]# host 192.168.0.16
16.0.168.192.in-addr.arpa domain name pointer el6.labolinux.fr.
[root@el6 conf.d]# host el6d.labolinux.fr
el6d.labolinux.fr has address 192.168.0.63
[root@el6 conf.d]# host 192.168.0.63
63.0.168.192.in-addr.arpa domain name pointer el6d.labolinux.fr.
I still have the SSL problem :
# puppet node status el6.labolinux.fr --verbose --debug --trace
Debug: Configuring PuppetDB terminuses with config file
/etc/puppet/puppetdb.conf
Debug: Failed to load library 'selinux' for feature 'selinux'
Debug: Using settings: adding file resource 'confdir':
'File[/etc/puppet]{:path=/etc/puppet, :ensure=:directory,
:loglevel=:debug, :links=:follow, :backup=false}'
Debug: Puppet::Type::User::ProviderPw: file pw does not exist
Debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/uuidgen
does not exist
Debug: Puppet::Type::User::ProviderUser_role_add: file roleadd does not
exist
Debug: Failed to load library 'ldap' for feature 'ldap'
Debug: Puppet::Type::User::ProviderLdap: feature ldap is missing
Debug: /User[puppet]: Provider useradd does not support features libuser;
not managing attribute forcelocal
Debug: Puppet::Type::Group::ProviderPw: file pw does not exist
Debug: Puppet::Type::Group::ProviderDirectoryservice: file /usr/bin/dscl
does not exist
Debug: Failed to load library 'ldap' for feature 'ldap'
Debug: Puppet::Type::Group::ProviderLdap: feature ldap is missing
Debug: /Group[puppet]: Provider groupadd does not support features libuser;
not managing attribute forcelocal
Debug: Using settings: adding file resource 'vardir':
Re: [Puppet Users] Windows Package Install file permissions
Hi Armindo,
On Fri, Feb 28, 2014 at 5:23 AM, Armindo Silva deathon2l...@gmail.comwrote:
Hi,
I have the following class for installing check_mk on windows machines:
class windows_check_mk {
require windows_common
package{ 'Check_MKAgent 1.2.4':
ensure = installed,
source = 'c:\\my folder\\installers\\check-mk-agent.exe',
Per the puppet language docs, a double backslash in a single quoted string
is supposed to be a literal backslash[1]. But puppet actually interprets
that as a double backslash due to a long standing bug[2]. You'll want to
use single backslashes, or switch to double quotes.
install_options = ['/S', '/D=C:\myfolder\check_mk'],
I was going to point you to our windows package documentation[3], but I see
that it too needs updating. If you want to specify key/value pairs, then
you will want to do:
['/S', { '/D' = 'C:\myfolder\check_mk' }]
Note puppet will automatically quote the path if it contains spaces.
}
}
The windows_common take cares of creating the folder c:\my folder\ and
fetching several subfolders there - including subfolder installers.
This class successfully installs check_mk agent inside
C:\myfolder\check_mk but none of the files inside can be exec by any
user, if I change install_options to
['/S', '/D=C:\\check_mk'],
this does not happen and all exes can be executed.
Why does this happens? Is there a way to workaround it?
I am using puppet 3.4.3 either on master and on the clients.
Thank you.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/86c664eb-4eae-4098-98e6-eeb1a4c272fe%40googlegroups.com
.
For more options, visit https://groups.google.com/groups/opt_out.
Josh
[1]
http://docs.puppetlabs.com/puppet/latest/reference/lang_datatypes.html#single-quoted-strings
[2] https://projects.puppetlabs.com/issues/16246
[3] http://docs.puppetlabs.com/windows/writing.html#packagepackage
--
Josh Cooper
Developer, Puppet Labs
*Join us at PuppetConf 2014, September 23-24 in San Francisco* -*
http://bit.ly/pupconf14
http://bit.ly/pupconf14*
Register now and save $350!
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CA%2Bu97unYT%3Djfsjc%2ByjbvnoKKE%3DNZz8c8_pC8%3D_OHqFY%2Bp-ME%2BQ%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Windows Package Install file permissions
Hi Josh,
Thank you for your reply, but this is not a problem with either the
backslashes (btw, I am using doubles because of the example here:
http://docs.puppetlabs.com/windows/writing.html#packagepackage), neither
with the *install_options* array - both versions install the check_mk exe
successfully.
When I have
install_options = ['/S', '/D=C:\myfolder\check_mk'],
check_mk is successfully installed but the files inside *C:\myfolder\check_mk
*(check_mk installation dir) although readable I can not exec them;
When I have
install_options = ['/S', '/D=C:\check_mk'],
check_mk is also successfully installed and I can exec the files inside
*C:\check_mk
*(check_mk installation dir).
I think I found the problem, this puppet installation was updated from
3.3.2, where it was still acceptable to set permissions on Windows files, I
just added
if $osfamily == 'windows' {
File { source_permissions = ignore }
}
to my sites.pp, then deleted *C:\myfolder\* and re-ran puppet agent, now
the file permissions are as supposed - I had already tried to delete this
folder, but without ignoring the source_permissions windows wide, and
although the exec files that were fetched from the master could be ran the
ones created by the check_mk installer were not.
On Friday, February 28, 2014 2:51:21 PM UTC, Josh Cooper wrote:
Hi Armindo,
On Fri, Feb 28, 2014 at 5:23 AM, Armindo Silva
deatho...@gmail.comjavascript:
wrote:
Hi,
I have the following class for installing check_mk on windows machines:
class windows_check_mk {
require windows_common
package{ 'Check_MKAgent 1.2.4':
ensure = installed,
source = 'c:\\my folder\\installers\\check-mk-agent.exe',
Per the puppet language docs, a double backslash in a single quoted string
is supposed to be a literal backslash[1]. But puppet actually interprets
that as a double backslash due to a long standing bug[2]. You'll want to
use single backslashes, or switch to double quotes.
install_options = ['/S', '/D=C:\myfolder\check_mk'],
I was going to point you to our windows package documentation[3], but I
see that it too needs updating. If you want to specify key/value pairs,
then you will want to do:
['/S', { '/D' = 'C:\myfolder\check_mk' }]
Note puppet will automatically quote the path if it contains spaces.
}
}
The windows_common take cares of creating the folder c:\my folder\ and
fetching several subfolders there - including subfolder installers.
This class successfully installs check_mk agent inside
C:\myfolder\check_mk but none of the files inside can be exec by any
user, if I change install_options to
['/S', '/D=C:\\check_mk'],
this does not happen and all exes can be executed.
Why does this happens? Is there a way to workaround it?
I am using puppet 3.4.3 either on master and on the clients.
Thank you.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users...@googlegroups.com javascript:.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/86c664eb-4eae-4098-98e6-eeb1a4c272fe%40googlegroups.com
.
For more options, visit https://groups.google.com/groups/opt_out.
Josh
[1]
http://docs.puppetlabs.com/puppet/latest/reference/lang_datatypes.html#single-quoted-strings
[2] https://projects.puppetlabs.com/issues/16246
[3] http://docs.puppetlabs.com/windows/writing.html#packagepackage
--
Josh Cooper
Developer, Puppet Labs
*Join us at PuppetConf 2014, September 23-24 in San Francisco* -*
http://bit.ly/pupconf14
http://bit.ly/pupconf14*
Register now and save $350!
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/390f678f-21de-470c-a779-2b7687d780e6%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] controlling argument passed to ENC script for AWS
I think I have this resolved. the certname was in fact the solution. I had a permissions problem that looked like things weren't working correctly. Once I got that straightened out the value passed into my ENC script (vpc-id plus hostname) worked fine. Thanks On Thu, Feb 27, 2014 at 4:19 PM, Patrick Kelso patr...@teamkelso.orgwrote: On Fri, Feb 28, 2014 at 8:57 AM, John Pyeatt john.pye...@singlewire.com wrote: I am trying to use one puppetmaster to support multiple AWS VPCs. In other words, I am trying to have one puppetmaster support multiple independent networks. The problem with this is that it is possible for machines on two different VPCs to have the same hostname/ipaddress. I use an ENC script on the puppetmaster to classify what types of classes to load to an agent machine based on the hostname that is passed to the ENC script. But the hostname isn't enough information because as I mentioned above, two different agents might have the same hostname but live in different VPCs. Is there any way to customize the identifier that is passed from the agent to the enc script on the puppetmaster? Ideally, I would like to pass the vpc-id and the hostname. That would guarantee uniqueness. I looked at the puppet inventory service a bit, but I don't think that would solve my problem either. John, Have you had a look at using the Amazon AMI metadata? Set a customer tag for the VPC env and use it with Puppet. This is what I've used to solve a similar issue. http://stackoverflow.com/a/19785580 Regards, Patrick Kelso -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CANf9H4YLNVvJ0iDVKVSMojPpUQGQ5cJoFXq87%3DJ%3DP3JnrvFNgQ%40mail.gmail.com . For more options, visit https://groups.google.com/groups/opt_out. -- John Pyeatt Singlewire Software, LLC www.singlewire.com -- 608.661.1184 john.pye...@singlewire.com -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAEisTL%3DTEx7CF4iAzeUYVa-yfwJ1z-YxkUKJyRR5FA7RNquAkQ%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Puppet Dashboard behind HTTPS
Hi, Can Puppet Master send the reports to Puppet Dashboard via HTTPS? My Puppet Dashboard is protected with a certificate signed by another CA and this seems to break the sending of reports because Puppet doesn't have the necessary certificate to connect securely and I can't seem to make it work. Thank you, Henrique Rodrigues -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/25e293bd-41b0-4eda-b65b-bb0d82caeff3%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: vagrant and reusing certs after destroy box
On Thursday, February 27, 2014 12:17:51 PM UTC-8, Johan De Wit wrote: Hi, The situation ; Whenever I bring up a vagrant box, I do a puppet run against my puppet master to configure some common things I need. And I want to avoid the remove/new request and sign cycle after a vagrant destroy. This can be done using following vagrant config : vm_config.vm.provision :puppet_server do |puppet_server| puppet_server.client_cert_path= box_certs/rspecfc20/cert_rspecfc20.koewacht.net.pem puppet_server.client_private_key_path = box_certs/rspecfc20/priv_rspecfc20.koewacht.net.pem puppet_server.puppet_node = rspecfc20.koewacht.net puppet_server.puppet_server = puppet.koewacht.net end but it does not work, I get a Error: Could not request certificate: stack level too deep so, i stumbled against https://projects.puppetlabs.com/issues/21869 This bug seemed to be solved in 3.4.x, but I'm running 3.4.3 But I think, when I want to reuse my certs on my clean vagrant box, CA public key of the server should also be provided with both the generated cert/private key of the node. Even if i stumbled against this bug, which did give the solution of my problem, I think puppetmasters CA public key should always be provided. I added in my fork of the vagrant code this extra config option, and now I my puppet run against my master, reusing my certs works : puppet_server.server_ca_public_key= box_certs/ca.pem But is this the way to do this, or a bug ? Grts Johan Hi Johan, It looks like the fix for #21869 was supposed to go out in 3.4.0 but got stuck on our master branch --- this means the fix won't show up until 3.5.0. Your strategy of copying the CA pubkey and agent keypair to each node should work. -Charlie -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/4185b79c-0dfc-4d42-932d-0a9b7c67e275%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] CFPropertyList usage
My experience is puppet doesnt like upper case in classes, autoloader
hates them, so rename the module directory to lowercase.
Regards,
El 28/02/2014 16:33, Jason Hatman jason.hat...@gmail.com escribió:
I've been looking all over for usage examples for CFPropertyList. I'm
trying to make a test manifest to create a simple plist and it keeps saying
that it can't find class CFPropertyList. I downloaded the zip from
https://github.com/ckruse/CFPropertyList/ and unzipped it into
/etc/puppet/modules/CFPropertyList. What am I doing wrong?
Here's my example:
class osx_management::testplist {
require 'CFPropertyList'
cfpropertylist { 'clientidentifier':
ensure = present,
path = '/Library/Preferences/ManagedInstallsTest.plist',
key = 'ClientIdentifier',
value = '$::sp_serial_number',
}
cfpropertylist { 'installapplesoftwareupdates':
ensure = present,
path = '/Library/Preferences/ManagedInstallsTest.plist',
key = 'InstallAppleSoftwareUpdates',
value = true,
}
cfpropertylist { 'softwarerepourl':
ensure = present,
path = '/Library/Preferences/ManagedInstallsTest.plist',
key = 'SoftwareRepoURL',
value = 'http://munkiserver1.orchard.fruit.com/munki_repo',
}
}
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/02e54492-61eb-4b3d-9f08-d33b48601fb0%40googlegroups.com
.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAF_B3dcmNp7Y2G1SUMh-7H8fBZd2CtCJb-0vD8EkcPYDM9BkhQ%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] CFPropertyList usage
Thanks for the suggestion. I tried making it all lowercase, but I'm getting the same results. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/eab1685a-107f-4fe5-800e-465517b7b252%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Announce: Facter 2.0.1-rc1 Now Available
Facter 2.0.1-rc1 --- ** Pre-release ** - RC1: February 28, 2014. Facter 2.0.1-rc1 Downloads -- Source: https://downloads.puppetlabs.com/facter/facter-2.0.1-rc1.tar.gz Available in native package format in the pre-release repositories at: http://yum.puppetlabs.com and http://apt.puppetlabs.com For information on how to enable the Puppet Labs pre-release repos, see: http://docs.puppetlabs.com/guides/puppetlabs_package_repositories.html#enabling-the-prerelease-repos Gems are available via rubygems at https://rubygems.org/downloads/facter-2.0.1.rc1.gem or by using `gem install --pre facter` Mac packages are available at https://downloads.puppetlabs.com/mac/facter-2.0.1-rc1.dmg Please report feedback via the Puppet Labs tickets site, using an affected facter version of 2.0.1-rc1: https://tickets.puppetlabs.com/browse/FACT Facter 2.0.1-rc1 release notes --- Release Candidate: Facter 2.0.1 is not yet released. It entered RC 1 on February 28, 2014. Facter 2.0.1 is the first release in the Facter 2 series. (See the note below about Facter 2.0.0.) *Features* FACT-134: Perform basic sanity checks on Facter outputhttps://tickets.puppetlabs.com/browse/FACT-134 Facter now does sanity checking on the output of facts. Facter previously assumed that all facts would be of type String but did not enforce this; Facter now validates that facts are one of (Integer, Float, TrueClass, FalseClass, NilClass, String, Array, Hash). FACT-237: Allow fact resolutions to be built up piece-wisehttps://tickets.puppetlabs.com/browse/FACT-237 FACT-239: Expose different resolution types in DSLhttps://tickets.puppetlabs.com/browse/FACT-239 Introduces aggregate resolutions for facts. Aggregate resolutions allow facts to be extended at runtime and provide a simplified way of building up complex fact values. FACT-341: Windows operatingsystemrelease supporthttps://tickets.puppetlabs.com/browse/FACT-341 On Windows, the operatingsystemrelease fact now returns XP,2003, 2003 R2, Vista, 2008, 7, 2008 R2,8, or 2012, depending on the version reportedy by WMI. *Improvements* FACT-94: Unvendor CFPropertyListhttps://tickets.puppetlabs.com/browse/FACT-94 Removes vendored code for CFPropertyList in favor of treating it as a separate dependency and managing it with Rubygems. FACT-163: Fact loading logic is overly complicatedhttps://tickets.puppetlabs.com/browse/FACT-163 In Facter 1.x the fact search path would be recursively loaded, but only when using Facter via the command line. In Facter 2.0 only fact files at the top level of the search path will be loaded, which matches the behavior when loading facts with Puppet. FACT-266: Backport Facter::Util::Confine improvements to Facter 2https://tickets.puppetlabs.com/browse/FACT-266 Adds several improvements to Facter::Util::Confine, including the ability to confine a fact to a block. FACT-321: Remove deprecated code for 2.0https://tickets.puppetlabs.com/browse/FACT-321 Code that had previously been marked deprecated has now been removed. FACT-322: Remove special casing of the empty stringhttps://tickets.puppetlabs.com/browse/FACT-322 Previous versions of Facter would interpret an empty string (and only an empty string) as nil. Now that facts can return more than just strings (i.e., they can directly return nil), empty strings no longer have this special case. FACT-186: Build Windows-specific gemhttps://tickets.puppetlabs.com/browse/FACT-186 Adds Windows-specific gem dependencies for Facter 2. FACT-194: Merge external facts support to Facter 2https://tickets.puppetlabs.com/browse/FACT-194 Adds pluginsync support for external facts to Facter 2. FACT-207: Remove deprecated ldapnamehttps://tickets.puppetlabs.com/browse/FACT-207 Removes all instances of ldapname, completing its deprecation. FACT-272: Update Facter man page for 2.0https://tickets.puppetlabs.com/browse/FACT-272 The man page for Facter 2 now includes the new command line options. *Bug Fixes* FACT-202: Fix undefined path in macaddress.rbhttps://tickets.puppetlabs.com/browse/FACT-202 One of the possible resolutions for the macaddress fact would incorrectly return nil. This release fixes the bug. *Facter 2.0.0* For historical reasons, Facter 2.0.0 was never released. Facter 2.0.1 is the first release in the Facter 2 series. In May 2012, several release candidates were published for a Facter 2.0.0 release, using code that had diverged from the 1.6 series. After testing it, the Puppet community and developers decided that this code wasn't yet usable and the release was cancelled, in favor of continuing work that became the Facter 1.7 series. Since the 2.0.0rc1 tag in the Facter repo was already occupied by that cancelled release, and since issuing a RC5 out of nowhere might have been confusing, we decided to go directly to 2.0.1 instead. Facter 2.0.1-rc1 Contributors
