Re: [Puppet Users] Server acceptance unit testing

[John Warburton]

On 17 June 2014 16:17, Eric Shamow  wrote:

> There is Beaker, which is an internal (but open) PL testing framework:
>
> https://github.com/puppetlabs/beaker/wiki
>
> Beaker has an rspec variant, but it also has its own DSL which is much,
> much simpler.
>
>
Thanks Eric

I've looked at it, and the language is still a barrier

However, we are likely to adopt it in the test pipeline where we have a gap
testing new modules after simple syntax checks and catalog compiles

John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAAJLFxV3%2Be-rotCGk7RCy9sYrR0%2BDMiy%2BSE8J2wzKqFV4zVriw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Server acceptance unit testing

[John Warburton]

On 17 June 2014 16:13, Nan Liu  wrote:

If you are looking for something that's low barrier of entry and shell is
> your target, have you considered something like bats?
> https://github.com/sstephenson/bats
>
> Thanks Nan - that escaped me. Will take a look. The best I could find was "Sh
Unit 2 " which seemed more complicated

John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAAJLFxXO%3DjQ6sDUcShuFeEN82EG9UYuXcZ8MTD%3Dnzm5Z_o%2BmfA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Server acceptance unit testing

[Eric Shamow]

There is Beaker, which is an internal (but open) PL testing framework:

https://github.com/puppetlabs/beaker/wiki

Beaker has an rspec variant, but it also has its own DSL which is much,
much simpler.

-Eric



On Mon, Jun 16, 2014 at 11:13 PM, Nan Liu  wrote:

> On Mon, Jun 16, 2014 at 10:52 PM, John Warburton 
> wrote:
>
>> Hi Everyone
>>
>> We want to unit test our servers with something like serverspec, but we
>> do not have the coding skills in the team to write ruby/rspec, and we want
>> a low barrier to entry for writing tests
>>
>>
>>
>> Our site isn't small with 3.5K servers, 200 modules, 400 manifests
>> covering 3K resources. Each server averages about 650 resources
>>
>>
>>
>> I was wondering what others do for server acceptance testing given a
>> similar set of requirements. Based on my quick reviews on what is out
>> there, Jenkins with perl's Test::Harness looks a good fit, which is a
>> little scary
>>
>>
>>
>> Am I missing something?
>>
>
> If you are looking for something that's low barrier of entry and shell is
> your target, have you considered something like bats?
> https://github.com/sstephenson/bats
>
> Nan
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/CACqVBqB_kX8VUYwb2BHwaTpfCi%2B%2BFqxH3J4ono67tdU_3ve5Aw%40mail.gmail.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>



-- 
Eric Shamow
Methodologies Lead
Puppet Labs

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAOkEyqw57KKgA_njfPEe4zJi6i7hbX20UGi2py7-oOqn06fVSA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Server acceptance unit testing

[Nan Liu]

On Mon, Jun 16, 2014 at 10:52 PM, John Warburton 
wrote:

> Hi Everyone
>
> We want to unit test our servers with something like serverspec, but we do
> not have the coding skills in the team to write ruby/rspec, and we want a
> low barrier to entry for writing tests
>
>
>
> Our site isn't small with 3.5K servers, 200 modules, 400 manifests
> covering 3K resources. Each server averages about 650 resources
>
>
>
> I was wondering what others do for server acceptance testing given a
> similar set of requirements. Based on my quick reviews on what is out
> there, Jenkins with perl's Test::Harness looks a good fit, which is a
> little scary
>
>
>
> Am I missing something?
>

If you are looking for something that's low barrier of entry and shell is
your target, have you considered something like bats?
https://github.com/sstephenson/bats

Nan

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CACqVBqB_kX8VUYwb2BHwaTpfCi%2B%2BFqxH3J4ono67tdU_3ve5Aw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Server acceptance unit testing

[John Warburton]

Hi Everyone

We want to unit test our servers with something like serverspec, but we do
not have the coding skills in the team to write ruby/rspec, and we want a
low barrier to entry for writing tests



Our site isn't small with 3.5K servers, 200 modules, 400 manifests covering
3K resources. Each server averages about 650 resources



I was wondering what others do for server acceptance testing given a
similar set of requirements. Based on my quick reviews on what is out
there, Jenkins with perl's Test::Harness looks a good fit, which is a
little scary



Am I missing something?



Thanks



John



Requirements:

   - Use industry standard test harness


   - Use industry standard formatter / dashboard (Jenkins?)
   - Lightweight, not monolithic. One test = one file


   - Command line based


   - Independent of central server for initiating checks


   - Roll up checks into arbitrary domains such as role, profile, location,
   environment


   - Can be run on production servers


   - Check actual state, not puppet results (we already do that)
   - Run not just at build, but all the time and alert on deviations
   through monitoring system
   - Some checks run on servers, but some run elsewhere that check other
   systems (accurate data centre inventory records, console access, DNS
   reverse address exists, etc)
   - Do not want to be restricted by language to write tests in. We have a
   wide range of programming abilities in team (averaging little or none), and
   expect most checks to be written in shell, and if they have to be -
   perl/python. Very rarely ruby





Reviewed:

   - Serverspec
  - Ruby / rspec. No chance of widespread adoption


   - Beaker
  - Ruby / rspec. No chance of widespread adoption
   - Does allow shell outs...
   - Bigger than a test harness - whole test environment creation. Probably
  more than what we'd need
   - Focus seems to test puppet modules - cannot run in production and test
  arbitrary states


   - xUnit
  - Language specific? Difficult to have tests in different languages
  - Need to deploy each language specific test runner
  - Jenkins can eat xUnit test results


   - Perl
  - Test::Harness  by
  default exists on every server
  - Different languages supported if in different directories
  - Jenkins eats TAP test results

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAAJLFxW42sjKQ6PyLM9bUzwCPcmQ_0RcLZShdsM-BXA6mv3bfw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Puppet new deployment questions - deployment patterns, sensitivity to network errors, and certificate headaches.

[Doug Forster]

Steve,

I think you said you put all your configuration in a single site.pp. This
is often bad form and limits the flexibility of your deployment. Something
we do is layout modules.

The common pattern is:
/etc/puppet/environments/production
-> Manifests/site.pp
-> Hieradata/*.yaml
-> Modules/foo

This keeps everything in the production environment. All of your clients
will do this normally. One of the beauties of doing this is you may want to
do a cron job weekly that runs with a different environment like "weekly".
To take advantage of the flexibility you may want to group servers into
buckets by sticking custom facts and including modules based off them.

As for the Network issues. I think you may be running your puppetmaster
with the built in webbrick server. In my experience this offers a single
threaded approach to the puppetmaster with it failing if more than one
client connects at a time. Setup apache and run Passenger to allow for
multiple threads.

Info on Environments:
http://docs.puppetlabs.com/puppet/latest/reference/environments.html#enabling-directory-environments
(note this was introduced in 3.5 so you may want to checkout the legacy way
to achieve the same thing. )
Passenger with Apache:
http://docs.puppetlabs.com/guides/passenger.html

Finally to get visiblity into the network I would strongly suggest setting
up PuppetDB with Puppetboard as puppet Dashboard is effectivly dead.

Info on PuppetDB
http://docs.puppetlabs.com/puppetdb/2.0/install_from_packages.html
PuppetBoard module on the forge.
https://forge.puppetlabs.com/nibalizer/puppetboard

Last tip I would give to someone new is use an IDE that helps you code.
Puppetlabs maintains Geppetto for this purpose.
http://docs.puppetlabs.com/geppetto/4.0/

On Mon, Jun 16, 2014 at 1:33 PM, Stephen Morton 
wrote:

> I've got some newbie puppet questions.
> My team has a tremendous amount of linux/computer knowledge, but we're new
> to Puppet.
> We recently started using puppet to manage some 100 servers. Their configs
> are all pretty similar with some small changes.
>
> 
> History
>
> Prior to Puppet, we already had a management system that involved having
> config files under revision control and the config file repo checked out on
> every server and the repo config files symlinked into the appropriate place
> in the filesystem. Updating the repo would update these files.This was
> mostly just great, with the following limitations:
>
>
>- If the symlink got broken, it didn't work.
>- Some files require very specific ownership, or were required not to
>be symlinks (e.g. /etc/sudoers. /etc/vsftpd/ files I think)
>- Updating a daemon's config file does not mean that the daemon is
>restarted. e.g. updating /etc/httpd/conf/httpd.conf does not do a "service
>httpd reload"
>- You can't add a new symlink.
>- All files must be in revision control to link to. Some
>security-sensitive files we want to only be available to some servers and
>something like puppet that can send files over the network is a good
>solution to this.
>
> 
>
> Puppet to the rescue?
>
> So we've tried a very conservative Puppet implementation. We've left our
> existing infrastructure and we just add new rules in Puppet. So far, we
> have a single site.pp file and only a dozen or so rules. But already we're
> seeing problems.
>
>1. Puppet is good for configuring dynamic stuff that changes. But it
>seems silly to have rules for stuff that will be configured just one time
>and then will not change. If we set up some files, we don't expect them to
>disappear. In fact if they do disappear we might not want them silently
>fixed up we probably want to know what's going on.  Doing everything in
>puppet results in ever-growing manifests. I don't know of a way to specify
>different manifests, e.g. every 30 minutes I want Puppet to run and request
>the lean and mean regular manifest and then once a week I want it to run
>the "make sure everything is in the right place" manifest.
>2. Puppet seems very sensitive to network glitches. We run puppet from
>a cron job and errors were so frequent that we just started sending all
>output to /dev/null.
>3. Endless certificate issues. It's crazy. So sometimes hosts would
>get "dropped"... for unknown reasons their certificates were no longer
>accepted. Because we'd already stopped output (see previous bullet point)
>we would not know this and the server would be quietly not updated. And
>when you get a certificate problem, often simply deleting the cert on the
>agent and master won't fix it. Sometimes a restart of the master service
>(or more?) is required.
>- The solution to this to me is not "you should run puppet dashboard,
>   then you'd know". This shouldn't be failing in the first place. If
>   something is that flaky, I don't want to run it.
>
> (We're running version 3.4.2 on CentOS 6.5, 64-bit.)
>
> ---
>

Re: [Puppet Users] Puppet new deployment questions - deployment patterns, sensitivity to network errors, and certificate headaches.

[Rich Burroughs]

I'm not sure about your #2 and #3. I've not really experienced either of
those and I wouldn't expect they are regular for most people. It would
probably be more helpful if you could post more specifics when one of those
things happens.

As to #1, it maybe depends on how you administer your systems. Even if
files should not be changing under normal circumstances, managing them with
Puppet can make sure that doesn't happen (or at least that it's corrected
the next agent run). It sounds like you were already putting your configs
in version control, from that point it's not a ton of extra overhead to
write Puppet code to manage them. If you're just starting out with it,
you'll get faster/better at that part too. And if those resources aren't
changing, then it's not a lot of overheard for Puppet to deal with them.
Agent runs where no changes need to be applied should be pretty fast.

I'd also encourage you to think about scenarios like losing a node and
having to rebuild it from scratch. Suddenly all of those files that don't
normally change are gone and need to be replaced. Puppet can do that very
quickly. Or needing to spin up additional nodes to do the same task, that
can become very easy.

One of the other things I see as a huge benefit with Puppet is that it's
self-documenting. If you want to know what's going on with your systems you
can just look at the code. I was in a situation about a year ago where I
inherited a Puppet install when a co-worker left, and it was a huge
advantage, that the code had so much information. And since it's running
all the time you don't have to worry about whether it's stale like a Wiki
page.

That all said, if there's something you feel it's not necessary to manage,
then that's up to you and your team. I've definitely found that the more
I've used Puppet the easier it's gotten, which means it's less of a burden
to take the time to manage extra things. Puppet isn't the best tool for
everything, but it's a great one for managing files.

There's not really a way to tell an agent to run against just a subset of
the manifest sometimes and others other times, without doing something
pretty goofy. You can make manging files a bit easier in a few ways, like
specifying default attributes/values and using arrays of filenames, if you
want to apply the same settings to multiple files.



Rich



On Monday, June 16, 2014, Stephen Morton  wrote:

> I've got some newbie puppet questions.
> My team has a tremendous amount of linux/computer knowledge, but we're new
> to Puppet.
> We recently started using puppet to manage some 100 servers. Their configs
> are all pretty similar with some small changes.
>
> 
> History
>
> Prior to Puppet, we already had a management system that involved having
> config files under revision control and the config file repo checked out on
> every server and the repo config files symlinked into the appropriate place
> in the filesystem. Updating the repo would update these files.This was
> mostly just great, with the following limitations:
>
>
>- If the symlink got broken, it didn't work.
>- Some files require very specific ownership, or were required not to
>be symlinks (e.g. /etc/sudoers. /etc/vsftpd/ files I think)
>- Updating a daemon's config file does not mean that the daemon is
>restarted. e.g. updating /etc/httpd/conf/httpd.conf does not do a "service
>httpd reload"
>- You can't add a new symlink.
>- All files must be in revision control to link to. Some
>security-sensitive files we want to only be available to some servers and
>something like puppet that can send files over the network is a good
>solution to this.
>
> 
>
> Puppet to the rescue?
>
> So we've tried a very conservative Puppet implementation. We've left our
> existing infrastructure and we just add new rules in Puppet. So far, we
> have a single site.pp file and only a dozen or so rules. But already we're
> seeing problems.
>
>1. Puppet is good for configuring dynamic stuff that changes. But it
>seems silly to have rules for stuff that will be configured just one time
>and then will not change. If we set up some files, we don't expect them to
>disappear. In fact if they do disappear we might not want them silently
>fixed up we probably want to know what's going on.  Doing everything in
>puppet results in ever-growing manifests. I don't know of a way to specify
>different manifests, e.g. every 30 minutes I want Puppet to run and request
>the lean and mean regular manifest and then once a week I want it to run
>the "make sure everything is in the right place" manifest.
>2. Puppet seems very sensitive to network glitches. We run puppet from
>a cron job and errors were so frequent that we just started sending all
>output to /dev/null.
>3. Endless certificate issues. It's crazy. So sometimes hosts would
>get "dropped"... for unknown reasons their certificates were no longer
>accepted. 

[Puppet Users] Is PuppetDB environment aware?

[Vadym Chepkov]

Greetings,

Does PuppetDB support "environments" similar to puppet?
I noticed exported resources are "crossing" from one environment to another.
I would like to prevent this without having to add $environment to every 
single tag and 
forge modules don't do it anyway, so there must be a some way to have 
PuppetDB to segregate environments.

Thanks,
Vadym

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/f33befb1-2c44-484b-a815-6f93d0ed232b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: initdb error with puppet-postgresql module

[thinkwell]

Well, I found the problem. The initdb command was failing with this error:

runuser: cannot set groups: Operation not permitted

So, the folder was created but not the default database. When I commented 
out user & group, the command worked on both Rhel 5 & 6. Is this a bug?

  exec { 'postgresql_initdb':
command   => $initdb_command,
creates   => "${datadir}/PG_VERSION",
#user  => $user,
#group => $group,
logoutput => true,
#logoutput => on_failure,
require   => File[$datadir],
  }


Hope it helps someone else. 





On Monday, June 16, 2014 7:16:51 PM UTC-4, thinkwell wrote:
>
> Hello everyone,
>
> I'm trying out the puppet-postgresql module (v. 3.3.3) on Rhel 5 & 6 
> machines, installing Postgresql 9.3. When installing manually from the 
> repos, everything works as expected:
>
> 1. yum -y install postgresql93-server
> 2. service postgresql-9.3 initdb
> 3. service postgresql-9.3 start
>
> However, when installing from puppet-postgresql, 
> /var/lib/pgsql/9.3/data/pg_log/ gets created prematurely, so the puppet run 
> fails with output like so:
>
> Error: Could not start Service[postgresqld]: Execution of 
> '/etc/init.d/postgresql-9.3 start' returned 1: 
> Error: /Service[postgresqld]/ensure: change from stopped to running 
> failed: Could not start Service[postgresqld]: Execution of 
> '/etc/init.d/postgresql-9.3 start' returned 1: 
> Notice: 
> /Stage[main]/Postgresql::Server::Service/Postgresql::Validate_db_connection[validate_service_is_running]/Exec[validate
>  
> postgres connection for /postgres]: Dependency Service[postgresqld] has 
> failures: true
> Warning: 
> /Stage[main]/Postgresql::Server::Service/Postgresql::Validate_db_connection[validate_service_is_running]/Exec[validate
>  
> postgres connection for /postgres]: Skipping because of failed dependencies
> Notice: 
> /Stage[main]/Postgresql::Server::Service/Anchor[postgresql::server::service::end]:
>  
> Dependency Service[postgresqld] has failures: true
>
> Manually running initdb gives this output:
>
> [root@system ~]# /etc/init.d/postgresql-9.3 initdb
> Initializing database: mkdir: cannot create directory 
> `/var/lib/pgsql/9.3/data/pg_log': File exists
>
>
> The only way around the problem is to manually delete the file and 
> manually run initdb. After that, puppet runs succeed.
> 1. rm -rf /var/lib/pgsql/9.3/data/pg_log
> 2. service postgresql-9.3 start
>
>
> If you just delete the file and re-run puppet, the pg_log director is 
> again created prematurely.
>
>
> Any help to fix this problem?
>
> TIA,
>
> thinkwell
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/d5c3eeef-2307-46e2-93c5-193415a954c2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Announce: Facter 1.7.6 [ Security Release ]

[Melissa Stone]

Facter 1.7.6 is a security fix release in the Facter 1.7 series. The Facter
1.7 series was incorrectly omitted  from the original security announcement
for Facter. This release addresses CVE-2014-3248. It has no other bug fixes
or new features. All users of Facter 1.7.5 and earlier are encouraged to
update to 1.7.6.

** CVE-2014-3248 **
Arbitrary Code Execution with Required Social Engineering
An attacker could convince an administrator to unknowingly create and
execute malicious code on platforms with Ruby 1.9.1 and earlier.
CVSSv2 Score: 5.2
Vector: AV:L/AC:M/Au:S/C:C/I:C/A:C/E:POC/RL:OF/RC:C

Affected Facter versions (ruby 1.9.1 and earlier only):
2.x
1.7.x
1.6.x

Fixed Facter versions:
1.7.6, 2.0.2

See the Release Notes here:
http://docs.puppetlabs.com/facter/1.7/release_notes.html#facter-176

For more information on this vulnerability, please visit
https://puppetlabs.com/security/cve/cve-2014-3248

To report issues with the release, file a ticket in the "FACT" project
on http://tickets.puppetlabs.com/ and set the "Affects version/s"
field to "1.7.6"

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAHEe_kqvHD-rq-sTEFqA%2BnUmqfMSru97aH2GbGVOxRV9coLN0w%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] initdb error with puppet-postgresql module

[thinkwell]

Hello everyone,

I'm trying out the puppet-postgresql module (v. 3.3.3) on Rhel 5 & 6 
machines, installing Postgresql 9.3. When installing manually from the 
repos, everything works as expected:

1. yum -y install postgresql93-server
2. service postgresql-9.3 initdb
3. service postgresql-9.3 start

However, when installing from puppet-postgresql, 
/var/lib/pgsql/9.3/data/pg_log/ gets created prematurely, so the puppet run 
fails with output like so:

Error: Could not start Service[postgresqld]: Execution of 
'/etc/init.d/postgresql-9.3 start' returned 1: 
Error: /Service[postgresqld]/ensure: change from stopped to running failed: 
Could not start Service[postgresqld]: Execution of 
'/etc/init.d/postgresql-9.3 start' returned 1: 
Notice: 
/Stage[main]/Postgresql::Server::Service/Postgresql::Validate_db_connection[validate_service_is_running]/Exec[validate
 
postgres connection for /postgres]: Dependency Service[postgresqld] has 
failures: true
Warning: 
/Stage[main]/Postgresql::Server::Service/Postgresql::Validate_db_connection[validate_service_is_running]/Exec[validate
 
postgres connection for /postgres]: Skipping because of failed dependencies
Notice: 
/Stage[main]/Postgresql::Server::Service/Anchor[postgresql::server::service::end]:
 
Dependency Service[postgresqld] has failures: true

Manually running initdb gives this output:

[root@system ~]# /etc/init.d/postgresql-9.3 initdb
Initializing database: mkdir: cannot create directory 
`/var/lib/pgsql/9.3/data/pg_log': File exists


The only way around the problem is to manually delete the file and manually 
run initdb. After that, puppet runs succeed.
1. rm -rf /var/lib/pgsql/9.3/data/pg_log
2. service postgresql-9.3 start


If you just delete the file and re-run puppet, the pg_log director is again 
created prematurely.


Any help to fix this problem?

TIA,

thinkwell

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/dfd1bb55-c9ae-4e11-9733-d17ca3e75533%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Grant user SELECT on pg_stat_database?

[Chris]

On 13/06/14 14:44, Chris Miller wrote:

How do I grant a user SELECT privileges on the pg_stat_database catalog?
Using the normal postgresql::server::database_grant approach just
returns: "'ERROR: database "pg_stat_database" does not exist"


pg_stat_database isn't a database, it's a view inside *each* postgres 
database (ie the stats in there are not for the entire cluster).


--
Postgresql & php tutorials
http://www.designmagick.com/

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/539F7354.604%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] No rubygem-deep-merge RPM in EL7 Yum repo

[Melissa Stone]

Hey Marc,

Thanks for reporting this! Could you file a ticket at
https://tickets.puppetlabs.com/browse/CPR with that information? That way
we can be sure to get that package up.

Thanks!


On Sun, Jun 15, 2014 at 11:50 AM, Marc  wrote:

> Hi,
>
> Puppetizing my first Centos7 I realized there is no rubygem-deep-merge RPM
> in:
> http://yum.puppetlabs.com/el/7/dependencies/x86_64/
>
> Is this intended?
>
> Cheers,
> Marc
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/58643257-4526-4b60-87b3-1586ee09a7a5%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>



-- 
Melissa Stone
Release Engineer, Puppet Labs

*Join us at PuppetConf 2014 , September
20-24 in San Francisco*
*Register by June 5th to take advantage of the Early Adopter discount
 **—**save $349!*

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAHEe_kp_aAxS4TmyXxePBb3t5szv%3DOOy3e7Uaqu2j1AoVEFqLw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] How to configure PIP package provider to run "pip3"?

[Dan Bode]

there is a patch in openstack-infra that is looking to accomplish this.
They are creating different providers for pip vs. pip3 (b/c for their use
case, they have to be able to use both in the same run)

  (it's buried in here somewhere)
https://review.openstack.org/#/c/51425/


On Mon, Jun 16, 2014 at 2:22 PM, Alexander Luetjen 
wrote:

> Ubuntu 14.04 comes with pre-loaded python 3 running side-by-side with the
> python 2.7.
>
> To install a package into the python 3 environment, I can simple run
> "pip3" instead of "pip".
>
> Is there a way to make the pip package provider run "pip3" instead of
> "pip"?
>
> Cheers,
> Alex
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/58d9f9c2-2322-44d2-bd62-1cc94d9a99cd%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CA%2B0t2LzFVh6x-0Jgb7wxawVqbzv0RjNpXRaXcqP_zeOoz07s_g%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] How to configure PIP package provider to run "pip3"?

[Alexander Luetjen]

Ubuntu 14.04 comes with pre-loaded python 3 running side-by-side with the 
python 2.7.

To install a package into the python 3 environment, I can simple run "pip3" 
instead of "pip".

Is there a way to make the pip package provider run "pip3" instead of "pip"?

Cheers,
Alex

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/58d9f9c2-2322-44d2-bd62-1cc94d9a99cd%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Puppet new deployment questions - deployment patterns, sensitivity to network errors, and certificate headaches.

[Stephen Morton]

I've got some newbie puppet questions.
My team has a tremendous amount of linux/computer knowledge, but we're new 
to Puppet. 
We recently started using puppet to manage some 100 servers. Their configs 
are all pretty similar with some small changes.


History

Prior to Puppet, we already had a management system that involved having 
config files under revision control and the config file repo checked out on 
every server and the repo config files symlinked into the appropriate place 
in the filesystem. Updating the repo would update these files.This was 
mostly just great, with the following limitations:

 
   - If the symlink got broken, it didn't work. 
   - Some files require very specific ownership, or were required not to be 
   symlinks (e.g. /etc/sudoers. /etc/vsftpd/ files I think) 
   - Updating a daemon's config file does not mean that the daemon is 
   restarted. e.g. updating /etc/httpd/conf/httpd.conf does not do a "service 
   httpd reload" 
   - You can't add a new symlink.
   - All files must be in revision control to link to. Some 
   security-sensitive files we want to only be available to some servers and 
   something like puppet that can send files over the network is a good 
   solution to this.
   


Puppet to the rescue?

So we've tried a very conservative Puppet implementation. We've left our 
existing infrastructure and we just add new rules in Puppet. So far, we 
have a single site.pp file and only a dozen or so rules. But already we're 
seeing problems.

   1. Puppet is good for configuring dynamic stuff that changes. But it 
   seems silly to have rules for stuff that will be configured just one time 
   and then will not change. If we set up some files, we don't expect them to 
   disappear. In fact if they do disappear we might not want them silently 
   fixed up we probably want to know what's going on.  Doing everything in 
   puppet results in ever-growing manifests. I don't know of a way to specify 
   different manifests, e.g. every 30 minutes I want Puppet to run and request 
   the lean and mean regular manifest and then once a week I want it to run 
   the "make sure everything is in the right place" manifest. 
   2. Puppet seems very sensitive to network glitches. We run puppet from a 
   cron job and errors were so frequent that we just started sending all 
   output to /dev/null.
   3. Endless certificate issues. It's crazy. So sometimes hosts would get 
   "dropped"... for unknown reasons their certificates were no longer 
   accepted. Because we'd already stopped output (see previous bullet point) 
   we would not know this and the server would be quietly not updated. And 
   when you get a certificate problem, often simply deleting the cert on the 
   agent and master won't fix it. Sometimes a restart of the master service 
   (or more?) is required.
   - The solution to this to me is not "you should run puppet dashboard, 
  then you'd know". This shouldn't be failing in the first place. If 
  something is that flaky, I don't want to run it.
  
(We're running version 3.4.2 on CentOS 6.5, 64-bit.)

---

Questions.

So my questions for the above three issue are I guess as follows

   1. Is there a common Puppet pattern to address this? Or am I thinking 
   about things all wrong.
   2. Is there a way to get puppet to be more fault-tolerant, or at least 
   complain less?
   3. Are endless certificate woes the norm? Once an agent has successfully 
   got its certificates working with the server, is it a known issue that it 
   should sometimes start to subsequently fail?


Thanks,


Steve

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/08b72832-d18a-4397-9587-a769f0ee2d6e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Error in puppet module install under Puppet 3.6.x: Version numbers MUST begin with three dot-separated numbers

[Aron Roberts]

When running 'puppet module install ...' under Puppet 3.6.x, we encountered 
the error message:

Error: Version numbers MUST begin with three dot-separated numbers
Error: Try 'puppet help module install' for usage

We eventually tracked this down to a version number that wasn't in the 
requisite format, in the metadata.json file of an in-house-developed module.  
E.g. it was:

"version": "4.1 alpha",

rather than (as now required):

"version": "4.1.0",

Posting this here in case anyone else might run into this.  This validation 
behavior was *not* present in any other version of Puppet we'd previously used; 
that is, in version 3.4.3 or earlier.


-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/c58af366-aa58-4874-bfe0-6812847635d5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Dashboard - hide/unhide nodes from the command line?

[Fine, Thomas]

Hi,

Is there any way in puppet dashboard to hide and unhide nodes from the
command line?  I couldn't find anything in the rake API, but I don't really
understand rake that well at this point.

tom

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CANVEBdi5uQsRDbM3Q6ePR_Uite_9KrsdMjOKZUThxQuqSvZ%2BXg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Puppet-Dashboard All Nodes "Unresponsive", Background Tasks

[Ximena Cardinali]

Hello There,

I've been struggling the last days with this issue. The situation is 
happening since I've upgrade Puppet to 3.6.0.

*- Problem:*
On Puppet-Dashboard all Hosts are shown as *Unresponsive* and thousand of 
tasks are queued as *Failed*.

*- Environment:*
OS: Debian Wheezy
Puppet-Dashboard: 1.2.23
Puppet: 3.6.0
Facter: 2.0.1
Hiera: 1.3.2

*- Applied Solutions:*

* Solution 1:
cd /usr/share/puppet-dashboard/
- Stop dashboard workers
rm -v spool/*
rake jobs:clear RAILS_ENV=production
- Start dashboard workers.

Good solution, but temporary, because the problem after a few days comes 
back.

* Solution 2: 
I've also did the following update to the DB:
mysql> ALTER TABLE delayed_job_failures MODIFY details BLOB;
Which also did not work.

Does anyone have any idea of what can be happening there?

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/d5e90a32-e8d6-4883-9cd0-d7c6d89d7f5d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Puppetlabs support for squeeze

[Erik Dalén]

Debian has announced a long term support for debian squeeze:
https://www.debian.org/News/2014/20140616

I'm wondering if this will mean that Squeeze will stick around at
apt.puppetlabs.com for the same period?

-- 
Erik Dalén

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAAAzDLe303b91ZY7dpL1BOpgT-g_nKA9Oa_YgpRbHLsjNpFQqQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: Moving from manifest files to ENC script - not working...

[Ken Barber]

> When I install open source Puppet 3.3.1, I follow old instruction of 2.6.0.
> I did not install the PuppetDB, unless it came by default installation. Is
> it installed with open source puppet 3.3.1?

No it is not. It's a separate step. Follow the documentation:
http://docs.puppetlabs.com/puppetdb/latest/

ken.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAE4bNTnNjVZ91aWZcYW2W3RLsJ6UpiVKdKnfaDrDyx0EgNaePQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] can a puppet run tell puppet master to run puppet on other host based on previous events (e.g. new host)?

[Ken Barber]

Alex,

The more complete idea would be to trigger when resources have
actually been applied. So I would probably consider a report listener
for this kind of thing, as it shows when a resource has changed rather
than compiled.

I think Chris Spence has a tool for this kind of thing that uses MCO
to trigger the runs:

https://github.com/fiddyspence/puppet-mconotify

ken.

On Sat, Jun 14, 2014 at 1:15 PM, Cristian Falcas
 wrote:
> No.
>
> Maybe you can do it if you have a script that monitors a puppetdb? But this
> is not what you are asking, so the answer will be no.
>
> The master is involved only on giving the ENC data and doing the catalog
> compilation.
>
> Cristi Falcas
>
>
>
> On Sat, Jun 14, 2014 at 4:46 PM, Alex Leonhardt 
> wrote:
>>
>> hi,
>>
>> to ease orchestration and changes to systems with dynamic configurations /
>> e.g. configure load balancer based on how many webs are known to puppet / I
>> was wondering if it's possible to make a puppet master trigger puppet runs
>> on e.g. the load balancers *after* it got told there is a new host that got
>> class 'web' applied ?
>>
>> in particular am looking for someting like saltstacks salt-reactor w/
>> salt-mine system
>>
>> thanks!
>> alex
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to puppet-users+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/puppet-users/5c9348f8-aeb1-4c10-9ccd-a70618f3c761%40googlegroups.com.
>> For more options, visit https://groups.google.com/d/optout.
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/CAMo7R_dXQxkZ31reRGO03O960voihCL7P7mtkqZzbjRXJw5uOg%40mail.gmail.com.
>
> For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAE4bNTk%2BNJNig6m0dE_UYag8j%3DHKhbzc6eRfiVLb%2B51LwchECA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Moving from manifest files to ENC script - not working...

[shlo . afgin]

HI,

I empty the file nodes.pp, but it look like it's not running.
I make the script to print something to a file, each time it run, but it 
write it only when I run it from the command line,
While I expect to have that print each time the Puppet agent run the puppet 
command.

Is the hostname should send automatically as the first parameter or I need 
to do it in somehow?

When I install open source Puppet 3.3.1, I follow old instruction of 2.6.0.
I did not install the PuppetDB, unless it came by default installation. Is 
it installed with open source puppet 3.3.1?
Can ENC work without it or should I install PuppetDB? installation  can 
mess what I had?

Maybe I missing the basic,
I create perl script and put it in /path/to/bin/external_node
in this script I put a regular perl commands:

#!/usr/bin/perl -w
> use strict;
> use YAML qw(Dump);
> 
> my $hostname = shift || die "No hostname passed";
> 
> system("echo $hostname >> /tmp/llkkll");
> 
> my ($host, $domain, $net) = ($1, $2, $3);
> 
> my @classes = ();
> my %parameters = (
> puppetserver => "puppetsrv"
> );
> @classes = ('class1', 'class2::basic', "class3");
> $parameters{var} = "kk1";
> 
> 
> print Dump({
> classes => \@classes,
> parameters => \%parameters,
> }); 


that as output give me:

---
> classes:
>   - class1
>   - class2::basic
>   - class3
> parameters:
>   puppetserver: puppetsrv
>   var: kk1


Is it okay?

Thank you very much for your responses.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/a7ae0b61-8178-4070-85f7-28f1322eaf41%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] What is the puppet way to send configuration details along with the request from the puppet ?

[Christopher Wood]

It sounds like you want to use facts to make decisions about what 
configurations to apply:

http://docs.puppetlabs.com/puppet/latest/reference/lang_facts_and_builtin_vars.html
http://docs.puppetlabs.com/guides/custom_facts.html

The usual caveat here tends to be that you should be telling the host what to 
configure, not configuring based on what the machine thinks.

To store configuration details in a straightforward fashion, you should 
probably be looking into hiera:

http://docs.puppetlabs.com/hiera/1/



On Sun, Jun 15, 2014 at 10:40:43PM -0700, Malintha Adikari wrote:
>Hi,
>I am new to puppet. In my puppet master side I want to create some
>configurations dynamically. For that I have to send those configuration
>details along with the puppet agent request to the master. I have plenty
>of configurations details to be sent with a request. Does Puppet support
>this kind of operation. How can I achieve this ?
>Regards,
>Malintha Adiakri
> 
>--
>You received this message because you are subscribed to the Google Groups
>"Puppet Users" group.
>To unsubscribe from this group and stop receiving emails from it, send an
>email to [1]puppet-users+unsubscr...@googlegroups.com.
>To view this discussion on the web visit
>
> [2]https://groups.google.com/d/msgid/puppet-users/be2e1f24-1515-4f5e-8c4a-7d488b473d8e%40googlegroups.com.
>For more options, visit [3]https://groups.google.com/d/optout.
> 
> References
> 
>Visible links
>1. mailto:puppet-users+unsubscr...@googlegroups.com
>2. 
> https://groups.google.com/d/msgid/puppet-users/be2e1f24-1515-4f5e-8c4a-7d488b473d8e%40googlegroups.com?utm_medium=email&utm_source=footer
>3. https://groups.google.com/d/optout

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/20140616133324.GA2413%40iniquitous.heresiarch.ca.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] What is the puppet way to send configuration details along with the request from the puppet ?

[Malintha Adikari]

Hi,

I am new to puppet. In my puppet master side I want to create some 
configurations dynamically. For that I have to send those configuration 
details along with the puppet agent request to the master. I have plenty of 
configurations details to be sent with a request. Does Puppet support this 
kind of operation. How can I achieve this ?

Regards,
Malintha Adiakri

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/be2e1f24-1515-4f5e-8c4a-7d488b473d8e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Need help! Puppet could not request certificate: No route to host -connect(2)

[Philip Mosquera]

I was in the exact same situation and found a dirty solution was to simply 
to use service iptables stop. 

It's a bit of a dirty workaround and definitely wouldn't recommend it on an 
open network but it solved the issue for me to use it on a few internal vms.

Hope it helped.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/ff0be8b2-593c-4e33-9dfb-307944723a2f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Upper case Key in hiera hash

[jcbollinger]

On Friday, June 13, 2014 1:39:08 PM UTC-5, RG wrote:
>
> For some reason its not working, puppet debug message saying it got 
> created but i don't see it in setnv.sh file
>
>
> Hiera[class::subclass1::setenv_sh]/class::subclass1::Setenv_sh[INSTALL_SCRIPT]/Ini_setting[/opt/application/
> setenv.sh/INSTALL_SCRIPT]/ensure 
> : created
>
>


It would help to see relevant the manifest code.  If Ini_setting happens to 
be a custom plugin then it would also be helpful to know which.  The 
meaning of "created" depends heavily on those things.  Additionally, it is 
possible that the agent will provide additional relevant details if you run 
it with --debug output enabled.


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/f83ddd58-930a-4f74-92d2-17a99a2dedfe%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Announce: Puppet 3.6.2 [ Security and Bug fix Release ]

[Byron Miller]

Running puppet 3.6.2 and disable_warnings = deprecations appears to make no 
difference to prohibiting the alert about environments.

On Tuesday, June 10, 2014 1:19:05 PM UTC-5, Moses Mendoza wrote:
>
> Puppet 3.6.2 is a security and bug fix release in the Puppet 3.6 
> series. This release addresses CVE-2014-3248 and CVE-2014-3250. 
>
> ** CVE-2014-3248 ** 
> Arbitrary Code Execution with Required Social Engineering 
> An attacker could convince an administrator to unknowingly create and 
> execute malicious code on platforms with Ruby 1.9.1 and earlier. 
> CVSSv2 Score: 5.2 
> Vector: AV:L/AC:M/Au:S/C:C/I:C/A:C/E:POC/RL:OF/RC:C 
>
> Affected Puppet versions (ruby 1.9.1 and earlier platforms only): 
> All 
>
> Fixed Puppet versions: 
> 3.6.2 
> 2.7.26* 
>
> ** CVE-2014-3250 ** 
> Information Leakage Vulnerability 
> In Apache 2.4, SSLCARevocationCheck directive was added to mod_ssl, 
> which defaults it to none and must be explicitly configured. This 
> setting enables checking of a certificate revocation list. The default 
> Puppet master vhost config shipped with Puppet does not include this 
> setting. If a Puppet master is set up to run with Apache 2.4, and this 
> default vhost configuration file is used, the Puppet master will 
> continue to honor a host's certificate even after it is revoked. 
> CVSSv2 Score: 3.1 
> Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N/E:POC/RL:OF/RC:C 
>
> Affected Puppet versions: 
> All (must be configured as a master behind Apache 2.4 using the 
> default puppet master vhost). 
>
> Fixed Puppet versions: 
> 3.6.2 
>
> For more information on these vulnerabilities, please visit 
> https://puppetlabs.com/security/cve/cve-2014-3248 
> https://puppetlabs.com/security/cve/cve-2014-3250 
>
> ## Bug Fixes 
> Chatty warning/deprecation messages can now be suppressed – as we near 
> the end of the 3.x series, there's going to be a slew of deprecations 
> coming which need to be visible so everyone knows what's going to 
> change, but some messages trigger tons of log spam, so now it's 
> possible to turn them off. 
> Directory environments under webrick now work; they no longer fail 
> with "Attempted to pop, but already at root of the context stack" 
> errors. 
> A memory leak in loading functions was fixed. 
>
> Community shout-out for this release goes to Joshua Hoblitt for 
> testing the memory leak patch and providing awesome usage graphs 
> (PUP-2692). 
>
> Please read through the Release Notes for the full list of changes: 
> http://docs.puppetlabs.com/puppet/latest/reference/release_notes.html 
> To install Puppet, follow the Installation 
> Guide:http://docs.puppetlabs.com/guides/install_puppet/pre_install.html 
> To report issues with the release, file a ticket in the “PUP” project 
> on https://tickets.puppetlabs.com/ and set the “Affects version/s” 
> field to "3.6.2”. 
>
> * The Puppet 2.7.x series is officially end of life, but continues to 
> be maintained by community members. See the release announcement to 
> puppet-announce/puppet-users/puppet-dev regarding Puppet 2.7.26. 
>
> -- 
> Moses Mendoza 
> Puppet Labs 
>
> Join us at PuppetConf 2014, September 20-24 in San Francisco 
> Register by July 31st to take advantage of the Early Bird discount —save 
> $249! 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/bc01a5e8-cf30-4152-bbba-b0b50621b9f5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Belgian Puppet User Group - Something about Mcollective 24th of June

[Johan De Wit]

This time we will talk about mcollective.

The first part we will flood you with some nice slides and a bit of 
talking,


The second part, all will setup mcollective on its own VM, and explore 
what Mcollective can do and how it works.


Detailed information can be found on our meetup page :

http://www.meetup.com/Belgian-Puppet-User-Group/events/185601762/

more on the agenda :

http://www.meetup.com/Belgian-Puppet-User-Group/messages/boards/thread/44965332

Grts

Johan

--
Johan De Wit

Open Source Consultant

Red Hat Certified Engineer  (805008667232363)
Puppet Certified Professional 2013/2014 (PCP006)
_
 
Open-Future Phone +32 (0)2/255 70 70

Zavelstraat 72  Fax   +32 (0)2/255 70 71
3071 KORTENBERG Mobile+32 (0)474/42 40 73
BELGIUM http://www.open-future.be
_
 


Next Events:
Puppet Advanced Training | 
https://www.open-future.be/puppet-advanced-training-10-till-12th-june
Puppet Introduction Course | 
https://www.open-future.be/puppet-introduction-course-13th-june
Linux Training | https://www.open-future.be/linux-training-16-till-20th-june
Subscribe to our newsletter | http://eepurl.com/BUG8H

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/539EE6DE.6090300%40open-future.be.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Moving from manifest files to ENC script - not working...

[RichTea]

--
<-- http://23.me.uk/2 -->
<--Time flies like an arrow; fruit flies like a banana.  -->


On 16 June 2014 08:52,  wrote:

> Hi,
>
> Until now I work with manifest file. Now I would like to create a perl/php
> script that will create the YAML script and should overwrite the manifest
> file.
>
> So I edit the file puppet.conf and put:
>
> mode_terminus = exec
> external_nodes = /usr/bin/env PUPPET_DASHBOARD_URL=http://localhost:3000 
> /path/to/bin/external_node
>
>
​ dont think you need the extra option in your external_nodes... i use:

node_terminus = exec
external_nodes = /PATH/TO/ENC/findrole.rb

FYI My enc script is here, it reads json files though and can pass querys
back of to the dashboard.
http://paste.debian.net/104832
​



> In the file /path/to/bin/external_node I put my code for the perl script.
> when I run Puppet on the agent, it's look like it still take the manifest
> instead of the script I put.
>
> How Can I make this script work instead of the manifest files? how can I
> debug it?
>
> Also, How can I send parameters to the script? How to access to fact
> variables from the script, like $hostname etc?
>
> Thanks.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/6eb837b7-b3d8-4531-ad1b-4f14c2826c60%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAFWLKdeJf3G9XapM7nfJgekzhYnMZ9MLUn5d_SMu9SdKSUs_hg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] "Connection timed out - connect(2)" when using puppet module

[Torsten Kleiber]

Hi!
 
I try to install modules in puppet, but it gives an error message 
independent of the module I try to install:
 
myserver:~ # puppet module install rtyler/jenkins
Notice: Preparing to install into /etc/puppet/modules ...
Notice: Downloading from https://forgeapi.puppetlabs.com ...
Error: Could not connect to https://forgeapi.puppetlabs.com
  There was a network communications problem
The error we caught said 'Connection timed out - connect(2)'
Check your network connection and try again
 
Kind regards
Torsten

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/614d985e-ea6c-4e8e-8bbd-fb4f0aafa4e4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Moving from manifest files to ENC script - not working...

[daddy dp]

As I know puppet merge both sources ENC and manifest file. You can use 
empty manifest file to avoid this behavior. Host name will be available as 
first argument to this script, all others facts you can query from 
puppetdb. Also you can use hiera as ENC, and all facts will be available 
for you out of the box.

On Monday, June 16, 2014 10:52:03 AM UTC+3, shlo@gmail.com wrote:
>
> Hi,
>
> Until now I work with manifest file. Now I would like to create a perl/php 
> script that will create the YAML script and should overwrite the manifest 
> file.
>
> So I edit the file puppet.conf and put:
>
> mode_terminus = exec
> external_nodes = /usr/bin/env PUPPET_DASHBOARD_URL=http://localhost:3000 
> /path/to/bin/external_node
>
> In the file /path/to/bin/external_node I put my code for the perl script. 
> when I run Puppet on the agent, it's look like it still take the manifest 
> instead of the script I put.
>
> How Can I make this script work instead of the manifest files? how can I 
> debug it?
>
> Also, How can I send parameters to the script? How to access to fact 
> variables from the script, like $hostname etc?
>
> Thanks.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/eef1f326-e23a-4334-b229-0ef2682cb7df%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] SuSe SLES: error when refreshing puppet yum repository

[Torsten Kleiber]

The problem is rubygem itself, which was missing. This has to be installed 
from the SDK which was not available as repository on th system.

Am Freitag, 13. Juni 2014 14:47:19 UTC+2 schrieb Darin Perusich:

> rubygem-ruby-shadow is available in the repo so I don't know what 
> could be causing that.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/ff9074d7-927f-42e7-afc7-35b9ec50278b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Moving from manifest files to ENC script - not working...

[shlo . afgin]

Hi,

Until now I work with manifest file. Now I would like to create a perl/php 
script that will create the YAML script and should overwrite the manifest 
file.

So I edit the file puppet.conf and put:

mode_terminus = exec
external_nodes = /usr/bin/env PUPPET_DASHBOARD_URL=http://localhost:3000 
/path/to/bin/external_node

In the file /path/to/bin/external_node I put my code for the perl script. 
when I run Puppet on the agent, it's look like it still take the manifest 
instead of the script I put.

How Can I make this script work instead of the manifest files? how can I 
debug it?

Also, How can I send parameters to the script? How to access to fact 
variables from the script, like $hostname etc?

Thanks.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/6eb837b7-b3d8-4531-ad1b-4f14c2826c60%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.