Re: [Puppet Users] Server acceptance unit testing
On Mon, Jun 16, 2014 at 10:52 PM, John Warburton jwarbur...@gmail.com wrote: Hi Everyone We want to unit test our servers with something like serverspec, but we do not have the coding skills in the team to write ruby/rspec, and we want a low barrier to entry for writing tests Our site isn't small with 3.5K servers, 200 modules, 400 manifests covering 3K resources. Each server averages about 650 resources I was wondering what others do for server acceptance testing given a similar set of requirements. Based on my quick reviews on what is out there, Jenkins with perl's Test::Harness looks a good fit, which is a little scary Am I missing something? If you are looking for something that's low barrier of entry and shell is your target, have you considered something like bats? https://github.com/sstephenson/bats Nan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CACqVBqB_kX8VUYwb2BHwaTpfCi%2B%2BFqxH3J4ono67tdU_3ve5Aw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Server acceptance unit testing
There is Beaker, which is an internal (but open) PL testing framework: https://github.com/puppetlabs/beaker/wiki Beaker has an rspec variant, but it also has its own DSL which is much, much simpler. -Eric On Mon, Jun 16, 2014 at 11:13 PM, Nan Liu nan@gmail.com wrote: On Mon, Jun 16, 2014 at 10:52 PM, John Warburton jwarbur...@gmail.com wrote: Hi Everyone We want to unit test our servers with something like serverspec, but we do not have the coding skills in the team to write ruby/rspec, and we want a low barrier to entry for writing tests Our site isn't small with 3.5K servers, 200 modules, 400 manifests covering 3K resources. Each server averages about 650 resources I was wondering what others do for server acceptance testing given a similar set of requirements. Based on my quick reviews on what is out there, Jenkins with perl's Test::Harness looks a good fit, which is a little scary Am I missing something? If you are looking for something that's low barrier of entry and shell is your target, have you considered something like bats? https://github.com/sstephenson/bats Nan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CACqVBqB_kX8VUYwb2BHwaTpfCi%2B%2BFqxH3J4ono67tdU_3ve5Aw%40mail.gmail.com https://groups.google.com/d/msgid/puppet-users/CACqVBqB_kX8VUYwb2BHwaTpfCi%2B%2BFqxH3J4ono67tdU_3ve5Aw%40mail.gmail.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- Eric Shamow Methodologies Lead Puppet Labs -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAOkEyqw57KKgA_njfPEe4zJi6i7hbX20UGi2py7-oOqn06fVSA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Server acceptance unit testing
On 17 June 2014 16:13, Nan Liu nan@gmail.com wrote: If you are looking for something that's low barrier of entry and shell is your target, have you considered something like bats? https://github.com/sstephenson/bats Thanks Nan - that escaped me. Will take a look. The best I could find was Sh Unit 2 http://code.google.com/p/shunit2/ which seemed more complicated John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAAJLFxXO%3DjQ6sDUcShuFeEN82EG9UYuXcZ8MTD%3Dnzm5Z_o%2BmfA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Server acceptance unit testing
On 17 June 2014 16:17, Eric Shamow e...@puppetlabs.com wrote: There is Beaker, which is an internal (but open) PL testing framework: https://github.com/puppetlabs/beaker/wiki Beaker has an rspec variant, but it also has its own DSL which is much, much simpler. Thanks Eric I've looked at it, and the language is still a barrier However, we are likely to adopt it in the test pipeline where we have a gap testing new modules after simple syntax checks and catalog compiles John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAAJLFxV3%2Be-rotCGk7RCy9sYrR0%2BDMiy%2BSE8J2wzKqFV4zVriw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] sshd configuration
Hi, what's the best module/way to change some options in the sshd_config file? I just have to change a couple of options from their OS defaults. I searched in the forge but, apart from the fact that I often find it hard to understand how to use some of the contributed modules, it looks like ssh-related modules tend to completely rewrite the config file. For example, I tried ghoneycutt-ssh but it completely replaces sshd_config with its own defaults, so also other options are changed from the OS default. Do I really have to use Augeas? Thanks. Marco -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/9454a535-f6b0-4e77-b267-2005812dc933%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] sshd configuration
Hi Marco, You should take a look at https://forge.puppetlabs.com/domcleal/augeasproviders . Regards, Alexander On Tue, Jun 17, 2014 at 9:59 AM, zerozerouno...@gmail.com wrote: Hi, what's the best module/way to change some options in the sshd_config file? I just have to change a couple of options from their OS defaults. I searched in the forge but, apart from the fact that I often find it hard to understand how to use some of the contributed modules, it looks like ssh-related modules tend to completely rewrite the config file. For example, I tried ghoneycutt-ssh but it completely replaces sshd_config with its own defaults, so also other options are changed from the OS default. Do I really have to use Augeas? Thanks. Marco -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/9454a535-f6b0-4e77-b267-2005812dc933%40googlegroups.com https://groups.google.com/d/msgid/puppet-users/9454a535-f6b0-4e77-b267-2005812dc933%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAFdJyc3z90imiQtvsXyXYsQBHY9x8q3%3DPO1scY2niWk5SPGWfQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] sshd configuration
I found that in order to change just some options it is far easier just to write a little ssh module with a template with only the parameters you want yo change. Regards, El 17/06/2014 10:29, Alexander Holte-Davidsen alexander.david...@gmail.com escribió: Hi Marco, You should take a look at https://forge.puppetlabs.com/domcleal/augeasproviders . Regards, Alexander On Tue, Jun 17, 2014 at 9:59 AM, zerozerouno...@gmail.com wrote: Hi, what's the best module/way to change some options in the sshd_config file? I just have to change a couple of options from their OS defaults. I searched in the forge but, apart from the fact that I often find it hard to understand how to use some of the contributed modules, it looks like ssh-related modules tend to completely rewrite the config file. For example, I tried ghoneycutt-ssh but it completely replaces sshd_config with its own defaults, so also other options are changed from the OS default. Do I really have to use Augeas? Thanks. Marco -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/9454a535-f6b0-4e77-b267-2005812dc933%40googlegroups.com https://groups.google.com/d/msgid/puppet-users/9454a535-f6b0-4e77-b267-2005812dc933%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAFdJyc3z90imiQtvsXyXYsQBHY9x8q3%3DPO1scY2niWk5SPGWfQ%40mail.gmail.com https://groups.google.com/d/msgid/puppet-users/CAFdJyc3z90imiQtvsXyXYsQBHY9x8q3%3DPO1scY2niWk5SPGWfQ%40mail.gmail.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAF_B3ddOapy%2Bd5D7UGvooaBs6g_a%3Du9JGYnpjTJsFsMYFWCm6g%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Large files over puppet
I always heard that serve large files over puppet is a bad practice. But...I guess it depends of what you consider a large file. Everyone agree that serve for example a 25MB file over puppet it's definitely not recommended. My question is wether a text file of ~7000 lines and ~700KB would be acceptable. Do you think this file rebase puppet recommended size limits for file and it's big enough to use the advices of the following thread?? https://ask.puppetlabs.com/question/627/serving-large-files-formally-code-artifacts-best-practices/ -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/f85ac756-e12b-4e25-af57-1147c012851c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: Announce: Puppet 3.6.2 [ Security and Bug fix Release ]
Aha, experienced the same thing last week, didn't have time to look into it yet... On Monday, June 16, 2014 3:30:31 PM UTC+2, Byron Miller wrote: Running puppet 3.6.2 and disable_warnings = deprecations appears to make no difference to prohibiting the alert about environments. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/163f893b-3f66-497b-8618-a0213583e74e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: Connection timed out - connect(2) when using puppet module
Have nobody a hint? I have set http_proxy and https_proxy. curl -k *https://forgeapi.puppetlabs.com* https://forgeapi.puppetlabs.com/ is succesful. curl https://forgeapi.puppetlabs.com curl: (60) SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed More details here: http://curl.haxx.se/docs/sslcerts.html http://curl.haxx.se/docs/sslcerts.htmlcurl curl http://curl.haxx.se/docs/sslcerts.htmlcurl performs SSL certificate verification by default, using a bundle of Certificate Authority (CA) public keys (CA certs). If the default bundle file isn't adequate, you can specify an alternate file using the --cacert option. If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL). If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/b9289013-7d81-4899-9054-3e2c96c38ed4%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Use external facts inside templetes
I have defined some key value pairs in /etc/facter/facts.d/value.txt file. I could use those keys inside my init.pp script and successfully for the values using *${key1}* I want to get those values inside my template file. I have used *%= @key1 %* but it doesn't give me the value. What is the correct way to get the value of the external fact inside template. Regards, Malintha -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/1e415b28-47f1-4240-bf89-f5eb0372dfc6%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] What is the puppet way to send configuration details along with the request from the puppet ?
Thank you very much. Yes I have strated implementing it using external facts. On Monday, June 16, 2014 7:03:35 PM UTC+5:30, Christopher Wood wrote: It sounds like you want to use facts to make decisions about what configurations to apply: http://docs.puppetlabs.com/puppet/latest/reference/lang_facts_and_builtin_vars.html http://docs.puppetlabs.com/guides/custom_facts.html The usual caveat here tends to be that you should be telling the host what to configure, not configuring based on what the machine thinks. To store configuration details in a straightforward fashion, you should probably be looking into hiera: http://docs.puppetlabs.com/hiera/1/ On Sun, Jun 15, 2014 at 10:40:43PM -0700, Malintha Adikari wrote: Hi, I am new to puppet. In my puppet master side I want to create some configurations dynamically. For that I have to send those configuration details along with the puppet agent request to the master. I have plenty of configurations details to be sent with a request. Does Puppet support this kind of operation. How can I achieve this ? Regards, Malintha Adiakri -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to [1]puppet-users...@googlegroups.com javascript:. To view this discussion on the web visit [2] https://groups.google.com/d/msgid/puppet-users/be2e1f24-1515-4f5e-8c4a-7d488b473d8e%40googlegroups.com. For more options, visit [3]https://groups.google.com/d/optout. References Visible links 1. mailto:puppet-users+unsubscr...@googlegroups.com javascript: 2. https://groups.google.com/d/msgid/puppet-users/be2e1f24-1515-4f5e-8c4a-7d488b473d8e%40googlegroups.com?utm_medium=emailutm_source=footer 3. https://groups.google.com/d/optout -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/6bc7450f-b937-4482-96db-10aecbb484b6%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Package Resource, Versioning and Yum
Joseph, See https://tickets.puppetlabs.com/browse/PUP-682 I'm going to try and get the pull request rebased, but at best this will be in puppet4. -Jason On 06/12/2014 02:44 PM, Joseph Swick wrote: Hi list, I'm working on a little addition to an internal module we use to ensure our puppet clients have a consistent configuration to also ensure the correct version of puppet is installed on the system and run into a bit of semantics issue as I thought that ensure = 'version.num' was a more correct way of specifying the version of a package, rather than doing it in the name of the resource. Here's a few snippets of code: Common class opening: class puppet_mw::client ( ... $manage_versions = true, $puppet_version = '3.6.2', $facter_version = '2.0.2', $hiera_version= '1.3.4', ... ) { This works: if $manage_versions { package { puppet-${puppet_version}: ensure = present, } package { facter-${facter_version}: ensure = present, } package { hiera-${hiera_version}: ensure = present, } } This however, does not: if $manage_versions { package { 'puppet': ensure = ${puppet_version}, } package { 'facter': ensure = ${facter_version}, } package { 'hiera': ensure = ${hiera_version}, } } As it generates this error: Error: Could not update: Failed to update to version 3.6.2, got version 3.6.2-1.el6 instead Wrapped exception: Failed to update to version 3.6.2, got version 3.6.2-1.el6 instead Error: /Stage[main]/Puppet_mw::Client/Package[puppet]/ensure: change from 3.6.2-1.el6 to 3.6.2 failed: Could not update: Failed to update to version 3.6.2, got version 3.6.2-1.el6 instead Error: Could not update: Failed to update to version 2.0.2, got version 2.0.2-1.el6 instead Wrapped exception: Failed to update to version 2.0.2, got version 2.0.2-1.el6 instead Error: /Stage[main]/Puppet_mw::Client/Package[facter]/ensure: change from 1.7.5-1.el6 to 2.0.2 failed: Could not update: Failed to update to version 2.0.2, got version 2.0.2-1.el6 instead Error: Could not update: Failed to update to version 1.3.4, got version 1.3.4-1.el6 instead Wrapped exception: Failed to update to version 1.3.4, got version 1.3.4-1.el6 instead Error: /Stage[main]/Puppet_mw::Client/Package[hiera]/ensure: change from 1.3.2-1.el6 to 1.3.4 failed: Could not update: Failed to update to version 1.3.4, got version 1.3.4-1.el6 instead Which lead me to this, but will get messy to ensure compatibility with different Linux versions: if $manage_versions { case $::osfamily { 'RedHat': { $os_string = -1.el${::operatingsystemmajrelease} } default : { $os_string = undef } } package { 'puppet': ensure = ${puppet_version}${os_string}, } package { 'facter': ensure = ${facter_version}${os_string}, } package { 'hiera': ensure = ${hiera_version}${os_string}, } } Running 'yum install puppet-3.6.2' works as desired, but adding 'allow_virutal = true,' to the package resource doesn't change the previous error. Is this working as designed for the Yum provider for the package resource or is this a bug with the provider? For some reason, I want to think this has been discussed on the list before, but couldn't find the relevant thread. It appears I may be running up against this bug: https://tickets.puppetlabs.com/browse/PUP-1244 TIA. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/53A02951.9030007%40jasonantman.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: Moving from manifest files to ENC script - not working...
Hi, I understood ENC can work without the PuppetDB installation. I cannot make ENC work and I cannot find a log or any way to debug it, so I can find the problem. any idea are welcome. Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/85498348-93a0-49ff-bdc5-589f76e7ee79%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] having issue when trying to install java using rpm
That's not how it works. In the output below, you can clearly see that Puppet is executing `*/bin/rpm -i puppet:///development/java_rpm/files/jdk-7u25-linux-x64.rpm*`. Why would that work? puppet:/// means nothing to RPM, and puppet:/// is not a valid 'source' for the Package type. You have two options: 1) the correct option, create a Yum repository somewhere with the package in it, and install from that. 2) Serve that file over HTTP from somewhere, and install from there. 2) Use a File resource first to put that on the machine, and have the Package resource install that, and reference that path. I'd highly recommend against doing it this way. There's no reason that a giant binary (like an RPM) should be inside a puppet module - it means your source control repo for puppet (or that module) will be huge, and Puppet isn't really designed to serve large files. There are existing methods of deploying RPMs (Yum). -Jason On 06/13/2014 01:17 PM, Supriya Uppalapati wrote: Hi, I am getting the issue when i modifyied the code like this class java_rpm::install { $version = hiera(javaversion) package { $version: provider = rpm, source = puppet:///development/java_rpm/files/$version, ensure = installed, } } MY file is here: pwd /etc/puppetlabs/puppet/environments/development/modules/java_rpm/files *In my /var/lib/hiera* classes: - 'cis' - 'java_versions' - 'java_rpm' javaversion: jdk-7u25-linux-x64.rpm ** ** *Error: Execution of '/bin/rpm -i puppet:///development/java_rpm/files/jdk-7u25-linux-x64.rpm' returned 1: error: open of puppet:///development/java_rpm/files/jdk-7u25-linux-x64.rpm failed: No such file or directory* ** *Error: /Stage[main]/Java_rpm::Install/Package[jdk-7u25-linux-x64.rpm]/ensure: change from absent to present failed: Execution of '/bin/rpm -i puppet:///development/java_rpm/files/jdk-7u25-linux-x64.rpm' returned 1: error: open of puppet:///development/java_rpm/files/jdk-7u25-linux-x64.rpm failed: No such file or directory* Let me know -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com mailto:puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/c25a25f1-2aaa-4596-a8d9-b66a8331fcbc%40googlegroups.com https://groups.google.com/d/msgid/puppet-users/c25a25f1-2aaa-4596-a8d9-b66a8331fcbc%40googlegroups.com?utm_medium=emailutm_source=footer. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/53A02BD1.4090804%40jasonantman.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] PuppetDB connection issue - Failed to connect!!
Hi there, Just started using PuppetDB (using the Puppetlabs' module) and getting issues with connection. First it was giving me server Not Found: Error: Unable to connect to puppetdb server (puppet.internal:8081): [404] Not Found Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Error: Unable to connect to puppetdb server (puppet.internal:8081): [404] Not Found Notice: Failed to connect to puppetdb within timeout window of 15 seconds; giving up. Error: Unable to connect to puppetdb server! (puppet.internal:8081) Error: /Stage[main]/Puppetdb::Master::Config/Puppetdb_conn_validator[puppetdb_conn]/ensure: change from absent to present failed: Unable to connect to puppetdb server! (puppet.internal:8081) but from the puppetdb ssl-setup, it looks okay: root@puppet:/vagrant/PuppetConf/manifests# puppetdb ssl-setup -f PEM files in /etc/puppetdb/ssl already exists, checking integrity. Overwriting existing PEM files due to -f flag Copying files: /var/lib/puppet/ssl/certs/ca.pem, /var/lib/puppet/ssl/private_keys/puppet.internal.pem and /var/lib/puppet/ssl/certs/puppet.internal.pem to /etc/puppetdb/ssl Setting ssl-host in /etc/puppetdb/conf.d/jetty.ini already correct. Setting ssl-port in /etc/puppetdb/conf.d/jetty.ini already correct. Setting ssl-key in /etc/puppetdb/conf.d/jetty.ini already correct. Setting ssl-cert in /etc/puppetdb/conf.d/jetty.ini already correct. Setting ssl-ca-cert in /etc/puppetdb/conf.d/jetty.ini already correct. since then, I'm still getting eventually the same error but with different Notice: Warning: Puppet::Util::SUIDManager.run_and_capture is deprecated; please use Puppet::Util::Execution.execute instead. (at /vagrant/VagrantConf/modules/postgresql/lib/puppet/provider/postgresql_psql/ruby.rb:57:in `run_sql_command') Notice: /Stage[main]/Puppetdb::Server::Jetty_ini/Ini_setting[puppetdb_sslhost]/value: value changed '0.0.0.0' to 'puppet.internal' Info: Class[Puppetdb::Server::Jetty_ini]: Scheduling refresh of Service[puppetdb] Notice: /Stage[main]/Puppetdb::Server/Service[puppetdb]: Triggered 'refresh' from 1 events Notice: Unable to connect to puppetdb server (puppet.internal:8081): #Errno::ECONNREFUSED: Connection refused - connect(2) Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Notice: Unable to connect to puppetdb server (puppet.internal:8081): #Errno::ECONNREFUSED: Connection refused - connect(2) Notice: Failed to connect to puppetdb within timeout window of 15 seconds; giving up. Error: Unable to connect to puppetdb server! (puppet.internal:8081) Error: /Stage[main]/Puppetdb::Master::Config/Puppetdb_conn_validator[puppetdb_conn]/ensure: change from absent to present failed: Unable to connect to puppetdb server! (puppet.internal:8081) Can anyone explain to me what actually going on/wrong please? Why it was Not Found before and now Unable to connect? Any help/pointer would be much appreciated. Best! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/9517f14f-8b38-4243-9aaf-353a27ae8079%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Re: Moving from manifest files to ENC script - not working...
Yes, I have an idea. 1) Read the documentation: http://docs.puppetlabs.com/guides/external_nodes.html 2) If that doesn't help, post your ENC code, with specific examples of output and problems that you're having. On 06/17/2014 07:49 AM, shlo.af...@gmail.com wrote: Hi, I understood ENC can work without the PuppetDB installation. I cannot make ENC work and I cannot find a log or any way to debug it, so I can find the problem. any idea are welcome. Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com mailto:puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/85498348-93a0-49ff-bdc5-589f76e7ee79%40googlegroups.com https://groups.google.com/d/msgid/puppet-users/85498348-93a0-49ff-bdc5-589f76e7ee79%40googlegroups.com?utm_medium=emailutm_source=footer. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/53A02D79.50005%40jasonantman.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] SSL
My environment has been working up until mid last week. just doing a puppet agent --test gives me these results... has anyone ran across this. [root@DC01SLE0005 ~]# puppet agent --test Warning: Unable to fetch my node definition, but the agent run will continue: Warning: SSL_connect returned=1 errno=0 state=SSLv3 read server session ticket A: sslv3 alert certificate revoked Info: Retrieving plugin Error: /File[/var/lib/puppet/lib]: Failed to generate additional resources using 'eval_generate': SSL_connect returned=1 errno=0 state=SSLv3 read server session ticket A: sslv3 alert certificate revoked Error: /File[/var/lib/puppet/lib]: Could not evaluate: SSL_connect returned=1 errno=0 state=SSLv3 read server session ticket A: sslv3 alert certificate revoked Could not retrieve file metadata for puppet://puppet.ds.gc.ca/plugins: SSL_connect returned=1 errno=0 state=SSLv3 read server session ticket A: sslv3 alert certificate revoked Info: Loading facts in /var/lib/puppet/lib/facter/puppet_vardir.rb Info: Loading facts in /var/lib/puppet/lib/facter/pe_version.rb Info: Loading facts in /var/lib/puppet/lib/facter/facter_dot_d.rb Info: Loading facts in /var/lib/puppet/lib/facter/root_home.rb Error: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server session ticket A: sslv3 alert certificate revoked Warning: Not using cache on failed catalog Error: Could not retrieve catalog; skipping run Error: Could not send report: SSL_connect returned=1 errno=0 state=SSLv3 read server session ticket A: sslv3 alert certificate revoked -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/a180f269-de1d-4fbc-aa23-a26c8eaf588f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: Use external facts inside templetes
Hi there, First of all, if it's a fact, then you really should be doing *${::key1}* instead. To use it in template, *%= @key1 %* should work just fine. Otherwise, you can have this: *$localkey = ${::key1}* in your init.pp and then *%= @localkey %* in the template but I don't think you gonna get anything thing better. On the agent, if you do: *facter -p key1*, do you get the result that you expect? Best! On Tuesday, June 17, 2014 12:33:06 PM UTC+1, Malintha Adikari wrote: I have defined some key value pairs in /etc/facter/facts.d/value.txt file. I could use those keys inside my init.pp script and successfully for the values using *${key1}* I want to get those values inside my template file. I have used *%= @key1 %* but it doesn't give me the value. What is the correct way to get the value of the external fact inside template. Regards, Malintha -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/35dcdb3b-0209-4b66-a350-42705df5c542%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Is PuppetDB environment aware?
The latest version of PuppetDB (ie. 2.0.0) does support environments. The first line of the release note is 'PuppetDB 2.0.0 is a feature release focusing on environments support'. Here the full link: http://docs.puppetlabs.com/puppetdb/2.0/release_notes.html -- Yanis Guenane On 06/16/2014 10:15 PM, Vadym Chepkov wrote: Greetings, Does PuppetDB support environments similar to puppet? I noticed exported resources are crossing from one environment to another. I would like to prevent this without having to add $environment to every single tag and forge modules don't do it anyway, so there must be a some way to have PuppetDB to segregate environments. Thanks, Vadym -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com mailto:puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/f33befb1-2c44-484b-a815-6f93d0ed232b%40googlegroups.com https://groups.google.com/d/msgid/puppet-users/f33befb1-2c44-484b-a815-6f93d0ed232b%40googlegroups.com?utm_medium=emailutm_source=footer. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/53A03759.1030304%40gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] sshd configuration
Il giorno martedì 17 giugno 2014 10:29:08 UTC+2, alexanderdav ha scritto: You should take a look at https://forge.puppetlabs.com/domcleal/augeasproviders . Wow, that worked great and easy, thanks! I whish I'd found it also before using another puppetforge module for sysctl configuration ;). Bye. Marco -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/a24a140e-d62c-4385-8383-5aaeed9da3ef%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: Connection timed out - connect(2) when using puppet module
On Tuesday, June 17, 2014 4:46:47 AM UTC-5, Torsten Kleiber wrote: Have nobody a hint? I have set http_proxy and https_proxy. You mean you have set these in your puppet.conf or in your environment? If the former then which one (file system path) and which section? Are you running as root or as an unprivileged user? Puppet uses a personal configuration file (~/.puppet/puppet.conf) when run as non-root, unless you explicitly tell it otherwise (e.g. --confdir /etc/puppet). I am uncertain whether it honors proxy settings configured in the environment, but it certainly does offer its own proxy configuration configuration parameters. curl -k *https://forgeapi.puppetlabs.com* https://forgeapi.puppetlabs.com/ is succesful. And that's a useful test, but its success does not necessarily imply that puppet is configured correctly to connect to the same URL from your network. If indeed you do need to connect via a proxy, then I think your problem likely lies there. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/c7210dac-4f24-48aa-90f3-b7acb0bcbd43%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Re: Moving from manifest files to ENC script - not working...
I read the documentation. I send yesterday example of my perl ENC code and the output. I'm sending them again: #!/usr/bin/perl -w use strict; use YAML qw(Dump); my $hostname = shift || die No hostname passed; system(echo $hostname /tmp/llkkll); my ($host, $domain, $net) = ($1, $2, $3); my @classes = (); my %parameters = ( puppetserver = puppetsrv ); @classes = ('class1', 'class2::basic', class3); $parameters{var} = kk1; print Dump({ classes = \@classes, parameters = \%parameters, }); that as output give me: --- classes: - class1 - class2::basic - class3 parameters: puppetserver: puppetsrv var: kk1 The definition of the classes are in manifests under the module directory. My problem: when I run the puppet command on the agent, it look like it *ignore* the classes I define in ENC script and only if I have the node definition in node.pp it try to so something. Maybe I'm missing very basic issue. I'm sorry. Is there any way to debug it? On Tuesday, June 17, 2014 2:58:55 PM UTC+3, Jason Antman wrote: Yes, I have an idea. 1) Read the documentation: http://docs.puppetlabs.com/guides/external_nodes.html 2) If that doesn't help, post your ENC code, with specific examples of output and problems that you're having. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/5a15194a-c44e-4c3b-b62b-cc07e8094bf4%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: Large files over puppet
On Tuesday, June 17, 2014 3:45:57 AM UTC-5, Félix Barbeira wrote: I always heard that serve large files over puppet is a bad practice. But...I guess it depends of what you consider a large file. Everyone agree that serve for example a 25MB file over puppet it's definitely not recommended. It is generally useful in such cases to understand *why* a thing is considered poor practice. Otherwise it's very hard to reason about questions such as the one you are posing. The general advice to avoid serving large files via the Puppet master's built-in file server is based on Puppet's default behavior of using MD5 checksums to determine whether the target file's content is already in sync. Checksumming the source and target files is comparatively expensive, and the master must do it for each catalog request for each client for each File resource in its catalog (that uses the default checksum method). My question is wether a text file of ~7000 lines and ~700KB would be acceptable. Do you think this file rebase puppet recommended size limits for file and it's big enough to use the advices of the following thread?? https://ask.puppetlabs.com/question/627/serving-large-files-formally-code-artifacts-best-practices/ https://www.google.com/url?q=https%3A%2F%2Fask.puppetlabs.com%2Fquestion%2F627%2Fserving-large-files-formally-code-artifacts-best-practices%2Fsa=Dsntz=1usg=AFQjCNEX6OGIKtjD9bPDQi_xRBYq9BN6LA There is no one-size-fits-all answer. If your master can support the combined load, and if the load on your clients (from checksumming on their side) is acceptable, then you are basically ok. Beware, however, of the load creeping up as you add more Files, and mind that your master's client capacity is affected by how much work it must perform for each client. Note, too, that there are multiple possible approaches. If the file(s) you want to serve is static and doesn't change too frequently then packaging it up and managing it via a Package is a good solution, and I would certainly consider that for a 700kB file. Especially so if it's part of a collection that you can package up together. On the other hand, you can also reduce the computational load by switching to a lighter-weight checksum method http://docs.puppetlabs.com/references/3.4.stable/type.html#file-attribute-checksum, at the expense of a greater risk of Puppet mistaking whether the File is already in sync. Or if you put it on a network file server accessible to your clients, then 'source'ing it from there works, and spares the master from checksumming. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/10a91879-762d-4e11-9da3-2c8db95c6af7%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Re: Moving from manifest files to ENC script - not working...
I think, in your yaml, you are missing the name: certname Grts jo On 17/06/14 15:19, shlo.af...@gmail.com wrote: I read the documentation. I send yesterday example of my perl ENC code and the output. I'm sending them again: #!/usr/bin/perl -w use strict; use YAML qw(Dump); my $hostname = shift || die No hostname passed; system(echo $hostname /tmp/llkkll); my ($host, $domain, $net) = ($1, $2, $3); my @classes = (); my %parameters = ( puppetserver = puppetsrv ); @classes = ('class1', 'class2::basic', class3); $parameters{var} = kk1; print Dump({ classes = \@classes, parameters = \%parameters, }); that as output give me: --- classes: - class1 - class2::basic - class3 parameters: puppetserver: puppetsrv var: kk1 The definition of the classes are in manifests under the module directory. My problem: when I run the puppet command on the agent, it look like it *ignore* the classes I define in ENC script and only if I have the node definition in node.pp it try to so something. Maybe I'm missing very basic issue. I'm sorry. Is there any way to debug it? On Tuesday, June 17, 2014 2:58:55 PM UTC+3, Jason Antman wrote: Yes, I have an idea. 1) Read the documentation: http://docs.puppetlabs.com/guides/external_nodes.html http://docs.puppetlabs.com/guides/external_nodes.html 2) If that doesn't help, post your ENC code, with specific examples of output and problems that you're having. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com mailto:puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/5a15194a-c44e-4c3b-b62b-cc07e8094bf4%40googlegroups.com https://groups.google.com/d/msgid/puppet-users/5a15194a-c44e-4c3b-b62b-cc07e8094bf4%40googlegroups.com?utm_medium=emailutm_source=footer. For more options, visit https://groups.google.com/d/optout. -- Johan De Wit Open Source Consultant Red Hat Certified Engineer (805008667232363) Puppet Certified Professional 2013/2014 (PCP006) _ Open-Future Phone +32 (0)2/255 70 70 Zavelstraat 72 Fax +32 (0)2/255 70 71 3071 KORTENBERG Mobile+32 (0)474/42 40 73 BELGIUM http://www.open-future.be _ Next Events: Puppet Advanced Training | https://www.open-future.be/puppet-advanced-training-10-till-12th-june Puppet Introduction Course | https://www.open-future.be/puppet-introduction-course-13th-june Linux Training | https://www.open-future.be/linux-training-16-till-20th-june Subscribe to our newsletter | http://eepurl.com/BUG8H -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/53A04BA6.8070005%40open-future.be. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: Puppet new deployment questions - deployment patterns, sensitivity to network errors, and certificate headaches.
On Monday, June 16, 2014 2:33:12 PM UTC-5, Stephen Morton wrote: I've got some newbie puppet questions. My team has a tremendous amount of linux/computer knowledge, but we're new to Puppet. We recently started using puppet to manage some 100 servers. Their configs are all pretty similar with some small changes. History Prior to Puppet, we already had a management system that involved having config files under revision control and the config file repo checked out on every server and the repo config files symlinked into the appropriate place in the filesystem. Updating the repo would update these files.This was mostly just great, with the following limitations: - If the symlink got broken, it didn't work. - Some files require very specific ownership, or were required not to be symlinks (e.g. /etc/sudoers. /etc/vsftpd/ files I think) - Updating a daemon's config file does not mean that the daemon is restarted. e.g. updating /etc/httpd/conf/httpd.conf does not do a service httpd reload - You can't add a new symlink. - All files must be in revision control to link to. Some security-sensitive files we want to only be available to some servers and something like puppet that can send files over the network is a good solution to this. Puppet to the rescue? So we've tried a very conservative Puppet implementation. We've left our existing infrastructure and we just add new rules in Puppet. So far, we have a single site.pp file and only a dozen or so rules. But already we're seeing problems. 1. Puppet is good for configuring dynamic stuff that changes. But it seems silly to have rules for stuff that will be configured just one time and then will not change. If we set up some files, we don't expect them to disappear. In fact if they do disappear we might not want them silently fixed up we probably want to know what's going on. Puppet is fine for stuff that changes from time to time, but it is even more for stuff that, once configured, is stable for a long time. The core concept around which it is designed is that you describe the state you want your machines to be in, and Puppet will both put them in that state and make sure they stay there (on a per-run basis). If you want Puppet just to check the resources declared for the target node without syncing them, then you can run it in --noop mode, and Puppet will flag resources that are out of sync. Alternatively, your manifests can declare individual resources to managed in noop mode if you want finer granularity. In any case, Puppet certainly notifies you when it syncs an out of sync resource, both in its output and in the reports it sends back to the master (if you enable those). Additionally, you can use the --detailed-exitcodes option to make the agent's return code yield information about whether anything changed and/or whether there were any failed resources. 1. Doing everything in puppet results in ever-growing manifests. I don't know of a way to specify different manifests, e.g. every 30 minutes I want Puppet to run and request the lean and mean regular manifest and then once a week I want it to run the make sure everything is in the right place manifest. Yes, everything you configure for Puppet to manage must be described in a manifest file, therefore the more you bring under Puppet management, the larger the volume of your manifests. That's like saying every time I want a new feature in my program, I have to add source code! Puppet does offer facilities for limiting the scope of runs. The main ones are the --tags agent option to select a subset of the resources that normally would be applied, and schedules http://docs.puppetlabs.com/references/latest/metaparameter.html#schedule to declare master-side limits on when and how frequently particular resources and groups of resources should be applied. 1. 2. Puppet seems very sensitive to network glitches. We run puppet from a cron job and errors were so frequent that we just started sending all output to /dev/null. I'm not sure I understand. What sort of network glitches are we talking about? Are these frequent in your environment? And what sort of errors? 1. 2. Endless certificate issues. It's crazy. So sometimes hosts would get dropped... for unknown reasons their certificates were no longer accepted. Because we'd already stopped output (see previous bullet point) we would not know this and the server would be quietly not updated. And when you get a certificate problem, often simply deleting the cert on the agent and master won't fix it. Sometimes a restart of the master service (or more?) is required. - The solution to this to me is not you should run puppet dashboard, then you'd know. This shouldn't be failing in the first
[Puppet Users] rsync yum.puppetlabs.com failing...
So @ my site we keep a number of software repos mirrored internally (not everything can egress to the net), and a number of these we only sync on demand (say, we want to upgrade puppet, sync the repo is the first step). However, since yesterday morning (24 hours now), I haven't been able to establish a proper rsync connection to yum.puppetlabs.com, because it seems the rsync server is at its connection limit: [root@mirror-proxy yum]# rsync --progress -avSH --partial --delete-delay rsync://yum.puppetlabs.com/packages /n/pkgs_repos/puppetlabs/ @ERROR: max connections (30) reached -- try again later rsync error: error starting client-server protocol (code 5) at main.c(1503) [receiver=3.0.6] Are some other mirrors holding connections open, or is there a way this limit can get bumped? Thanks! -- Matthew Nicholson -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CA%2BnEbkZ-K8saK0DaccnH%2BkFdrB6Dv%3D4Qr1u%2BUHN3%2BQChMpemVg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Is PuppetDB environment aware?
On Jun 17, 2014, at 8:40 AM, Yanis Guenane yguen...@gmail.com wrote: The latest version of PuppetDB (ie. 2.0.0) does support environments. The first line of the release note is 'PuppetDB 2.0.0 is a feature release focusing on environments support'. Here the full link: http://docs.puppetlabs.com/puppetdb/2.0/release_notes.html I guess this means that Puppet Enterprise product currently doesn’t support environments since it includes PuppetDB 1.5.2 No work arounds? Are there any plans to include PuppetDB 2.0.0 in PE any time soon? Thanks, Vadym smime.p7s Description: S/MIME cryptographic signature
Re: [Puppet Users] Puppet new deployment questions - deployment patterns, sensitivity to network errors, and certificate headaches.
Thanks Doug and Rich. Yes, I guess I am using the default webrick server. I just enabled the puppet-master service in init.d and assumed that was enough. We already have an Apache instance and I will look into passenger. Based on what I see on the Passenger page, this alone could be the cause of all my network issues. I *do* know all about organizing puppet manifests into modules. I didn't really want to get into this but, here you go. The idea behind currently having just one site.pp file and that's it is that we're evaluating puppet and don't have many rules. It is just not a good use of anybody's time to have 12 rules split up into 6 modules with 18 (24?) different files when you could do it all in one file. As our puppet rules grow (along with our puppet experience) we will refactor. Good to know that Puppet Dashboard is on the outs and puppetdb+puppetboard is the way to go. Should we need such functionality in the future, I'll (IDE? Vim and emacs do my syntax highlighting just fine thank you. ;-) The last three comments could be summarized by our philosophy here at work that we're lean and mean and we'd never install a framework when a few lines of bash or perl code would do the trick just as well. Yes, we do use custom facts to define a server's geographical location (e.g. important for our NTP and SNMP config) and its internal purpose. Doug hints at using some kind of dynamically generated fact to get a different manifest from the master (e.g. daily vs. weekly manifest); I will investigate that. Puppet being useful for deploying servers. Absolutely, that's a great point. Thing is, we already have a fully functional kickstart + post-install bash script process to do just that already. We *may* replace this with puppet, if we decide we love puppet and can't live without it. But for now, if it ain't broke don't spend weeks coding and debugging up a replacement for it that's no better. Thanks again, Steve On Tuesday, 17 June 2014 01:23:22 UTC-4, Doug_F wrote: Steve, I think you said you put all your configuration in a single site.pp. This is often bad form and limits the flexibility of your deployment. Something we do is layout modules. The common pattern is: /etc/puppet/environments/production - Manifests/site.pp - Hieradata/*.yaml - Modules/foo This keeps everything in the production environment. All of your clients will do this normally. One of the beauties of doing this is you may want to do a cron job weekly that runs with a different environment like weekly. To take advantage of the flexibility you may want to group servers into buckets by sticking custom facts and including modules based off them. As for the Network issues. I think you may be running your puppetmaster with the built in webbrick server. In my experience this offers a single threaded approach to the puppetmaster with it failing if more than one client connects at a time. Setup apache and run Passenger to allow for multiple threads. Info on Environments: http://docs.puppetlabs.com/puppet/latest/reference/environments.html#enabling-directory-environments (note this was introduced in 3.5 so you may want to checkout the legacy way to achieve the same thing. ) Passenger with Apache: http://docs.puppetlabs.com/guides/passenger.html Finally to get visiblity into the network I would strongly suggest setting up PuppetDB with Puppetboard as puppet Dashboard is effectivly dead. Info on PuppetDB http://docs.puppetlabs.com/puppetdb/2.0/install_from_packages.html PuppetBoard module on the forge. https://forge.puppetlabs.com/nibalizer/puppetboard Last tip I would give to someone new is use an IDE that helps you code. Puppetlabs maintains Geppetto for this purpose. http://docs.puppetlabs.com/geppetto/4.0/ On Mon, Jun 16, 2014 at 1:33 PM, Stephen Morton stephen@gmail.com javascript: wrote: I've got some newbie puppet questions. My team has a tremendous amount of linux/computer knowledge, but we're new to Puppet. We recently started using puppet to manage some 100 servers. Their configs are all pretty similar with some small changes. History Prior to Puppet, we already had a management system that involved having config files under revision control and the config file repo checked out on every server and the repo config files symlinked into the appropriate place in the filesystem. Updating the repo would update these files.This was mostly just great, with the following limitations: - If the symlink got broken, it didn't work. - Some files require very specific ownership, or were required not to be symlinks (e.g. /etc/sudoers. /etc/vsftpd/ files I think) - Updating a daemon's config file does not mean that the daemon is restarted. e.g. updating /etc/httpd/conf/httpd.conf does not do a service httpd reload - You can't add a new symlink. - All files must be in
Re: [Puppet Users] Puppet new deployment questions - deployment patterns, sensitivity to network errors, and certificate headaches.
On 6/16/2014 12:33 PM, Stephen Morton wrote: I've got some newbie puppet questions. My team has a tremendous amount of linux/computer knowledge, but we're new to Puppet. We recently started using puppet to manage some 100 servers. Their configs are all pretty similar with some small changes. History Prior to Puppet, we already had a management system that involved having config files under revision control and the config file repo checked out on every server and the repo config files symlinked into the appropriate place in the filesystem. Updating the repo would update these files.This was mostly just great, with the following limitations: * If the symlink got broken, it didn't work. * Some files require very specific ownership, or were required not to be symlinks (e.g. /etc/sudoers. /etc/vsftpd/ files I think) * Updating a daemon's config file does not mean that the daemon is restarted. e.g. updating /etc/httpd/conf/httpd.conf does not do a service httpd reload * You can't add a new symlink. * All files must be in revision control to link to. Some security-sensitive files we want to only be available to some servers and something like puppet that can send files over the network is a good solution to this. Puppet to the rescue? So we've tried a very conservative Puppet implementation. We've left our existing infrastructure and we just add new rules in Puppet. So far, we have a single site.pp file and only a dozen or so rules. But already we're seeing problems. 1. Puppet is good for configuring dynamic stuff that changes. But it seems silly to have rules for stuff that will be configured just one time and then will not change. If we set up some files, we don't expect them to disappear. In fact if they do disappear we might not want them silently fixed up we probably want to know what's going on. Doing everything in puppet results in ever-growing manifests. I don't know of a way to specify different manifests, e.g. every 30 minutes I want Puppet to run and request the lean and mean regular manifest and then once a week I want it to run the make sure everything is in the right place manifest. 2. Puppet seems very sensitive to network glitches. We run puppet from a cron job and errors were so frequent that we just started sending all output to /dev/null. 3. Endless certificate issues. It's crazy. So sometimes hosts would get dropped... for unknown reasons their certificates were no longer accepted. Because we'd already stopped output (see previous bullet point) we would not know this and the server would be quietly not updated. And when you get a certificate problem, often simply deleting the cert on the agent and master won't fix it. Sometimes a restart of the master service (or more?) is required. * The solution to this to me is not you should run puppet dashboard, then you'd know. This shouldn't be failing in the first place. If something is that flaky, I don't want to run it. (We're running version 3.4.2 on CentOS 6.5, 64-bit.) --- Questions. So my questions for the above three issue are I guess as follows 1. Is there a common Puppet pattern to address this? Or am I thinking about things all wrong. 2. Is there a way to get puppet to be more fault-tolerant, or at least complain less? 3. Are endless certificate woes the norm? Once an agent has successfully got its certificates working with the server, is it a known issue that it should sometimes start to subsequently fail? Thanks, Steve 1. I don't think about it as manifests increasing in size, but whether I can completely recreate a server at anytime accurately. Or more importantly can I provision 12 more of any server asap. It's been my experience that active/passive sites usually drift into active/not updated sites. I believe the same would apply to a Puppet install that had one methodology for install and another for updates. That said we do have servers that are usually short lived enough that we run Puppet on install and then run specifically targeted updates when needed using Puppet's --tags feature. http://docs.puppetlabs.com/puppet/latest/reference/lang_tags.html#the-tag-metaparameter 2. I run Puppet masters in one US site and have agent machines is five others including three sites outside of the US. We average roughly one network related problem a month on the 50-100 nodes that aren't in the main site. Without more information, logs, etc it would appear that your the network's stability is the problem. The symptoms you describe might be the result of an overloaded master. If that sounds possible, I'd look at the number of Puppet master processes you've configured in Apache/Passenger (or similar) and the concurrent requests to the master during the day. Agents when left to their own devices like to clump up over time. Additionally if you're still using
Re: [Puppet Users] Package Resource, Versioning and Yum
On 17/06/14 07:41, Jason Antman wrote: Joseph, See https://tickets.puppetlabs.com/browse/PUP-682 I'm going to try and get the pull request rebased, but at best this will be in puppet4. -Jason Thank you, I had come across that bug report as well later on. I wasn't sure originally if this was a known issue or not. We'll see what presents Puppet 4 brings us. -- Joseph Swick joseph.sw...@meltwater.com Operations Engineer Meltwater Group signature.asc Description: OpenPGP digital signature
Re: [Puppet Users] Puppet new deployment questions - deployment patterns, sensitivity to network errors, and certificate headaches.
google-groups appeared to have eaten the first version from yesterday. Pardons if this is sent twice. 1. I don't think about it as manifests increasing in size, but whether I can completely recreate a server at anytime accurately. Or more importantly can I provision 12 more of any server asap. It's been my experience that active/passive sites usually drift into active/not updated sites. I believe the same would apply to a Puppet install that had one methodology for install and another for updates. That said we do have servers that are usually short lived enough that we run Puppet on install and then run specifically targeted updates when needed using Puppet's --tags feature. http://docs.puppetlabs.com/puppet/latest/reference/lang_tags.html#the-tag-metaparameter 2. I run Puppet masters in one US site and have agent machines is five others including three sites outside of the US. We average roughly one network related problem a month on the 50-100 nodes that aren't in the main site. Without more information, logs, etc it would appear that your the network's stability is the problem. The symptoms you describe might be the result of an overloaded master. If that sounds possible, I'd look at the number of Puppet master processes you've configured in Apache/Passenger (or similar) and the concurrent requests to the master during the day. Agents when left to their own devices like to clump up over time. Additionally if you're still using the puppetmasterd startup script your master won't be able to handle more then one concurrent request. 3. I've been running Puppet for over four years and have never had the sort of cert problems you've described. IIRC the cert expire time is five years so that seems unlikely as well. My best guess is time drift though I would expect transactions to remain broken till NTP was updated. Ramin On 6/16/2014 12:33 PM, Stephen Morton wrote: I've got some newbie puppet questions. My team has a tremendous amount of linux/computer knowledge, but we're new to Puppet. We recently started using puppet to manage some 100 servers. Their configs are all pretty similar with some small changes. History Prior to Puppet, we already had a management system that involved having config files under revision control and the config file repo checked out on every server and the repo config files symlinked into the appropriate place in the filesystem. Updating the repo would update these files.This was mostly just great, with the following limitations: * If the symlink got broken, it didn't work. * Some files require very specific ownership, or were required not to be symlinks (e.g. /etc/sudoers. /etc/vsftpd/ files I think) * Updating a daemon's config file does not mean that the daemon is restarted. e.g. updating /etc/httpd/conf/httpd.conf does not do a service httpd reload * You can't add a new symlink. * All files must be in revision control to link to. Some security-sensitive files we want to only be available to some servers and something like puppet that can send files over the network is a good solution to this. Puppet to the rescue? So we've tried a very conservative Puppet implementation. We've left our existing infrastructure and we just add new rules in Puppet. So far, we have a single site.pp file and only a dozen or so rules. But already we're seeing problems. 1. Puppet is good for configuring dynamic stuff that changes. But it seems silly to have rules for stuff that will be configured just one time and then will not change. If we set up some files, we don't expect them to disappear. In fact if they do disappear we might not want them silently fixed up we probably want to know what's going on. Doing everything in puppet results in ever-growing manifests. I don't know of a way to specify different manifests, e.g. every 30 minutes I want Puppet to run and request the lean and mean regular manifest and then once a week I want it to run the make sure everything is in the right place manifest. 2. Puppet seems very sensitive to network glitches. We run puppet from a cron job and errors were so frequent that we just started sending all output to /dev/null. 3. Endless certificate issues. It's crazy. So sometimes hosts would get dropped... for unknown reasons their certificates were no longer accepted. Because we'd already stopped output (see previous bullet point) we would not know this and the server would be quietly not updated. And when you get a certificate problem, often simply deleting the cert on the agent and master won't fix it. Sometimes a restart of the master service (or more?) is required. * The solution to this to me is not you should run puppet dashboard, then you'd know. This shouldn't be failing in the first place. If something is that flaky, I don't want to run it. (We're running version 3.4.2
Re: [Puppet Users] PuppetDB connection issue - Failed to connect!!
Just started using PuppetDB (using the Puppetlabs' module) and getting issues with connection. First it was giving me server Not Found: Error: Unable to connect to puppetdb server (puppet.internal:8081): [404] Not Found Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Error: Unable to connect to puppetdb server (puppet.internal:8081): [404] Not Found Notice: Failed to connect to puppetdb within timeout window of 15 seconds; giving up. Error: Unable to connect to puppetdb server! (puppet.internal:8081) Error: /Stage[main]/Puppetdb::Master::Config/Puppetdb_conn_validator[puppetdb_conn]/ensure: change from absent to present failed: Unable to connect to puppetdb server! (puppet.internal:8081) This has retried to connect a few times then given up because of ... since then, I'm still getting eventually the same error but with different Notice: Warning: Puppet::Util::SUIDManager.run_and_capture is deprecated; please use Puppet::Util::Execution.execute instead. (at /vagrant/VagrantConf/modules/postgresql/lib/puppet/provider/postgresql_psql/ruby.rb:57:in `run_sql_command') Notice: /Stage[main]/Puppetdb::Server::Jetty_ini/Ini_setting[puppetdb_sslhost]/value: value changed '0.0.0.0' to 'puppet.internal' Info: Class[Puppetdb::Server::Jetty_ini]: Scheduling refresh of Service[puppetdb] Notice: /Stage[main]/Puppetdb::Server/Service[puppetdb]: Triggered 'refresh' from 1 events Notice: Unable to connect to puppetdb server (puppet.internal:8081): #Errno::ECONNREFUSED: Connection refused - connect(2) Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Notice: Unable to connect to puppetdb server (puppet.internal:8081): #Errno::ECONNREFUSED: Connection refused - connect(2) Notice: Failed to connect to puppetdb within timeout window of 15 seconds; giving up. Error: Unable to connect to puppetdb server! (puppet.internal:8081) Error: /Stage[main]/Puppetdb::Master::Config/Puppetdb_conn_validator[puppetdb_conn]/ensure: change from absent to present failed: Unable to connect to puppetdb server! (puppet.internal:8081) Can anyone explain to me what actually going on/wrong please? Why it was Not Found before and now Unable to connect? Any help/pointer would be much appreciated. Best! ... connection refused. This is the key error. Its a common TCP error, and is something all administrators should know, because it doesn't just affect PuppetDB. What it means is that the hostname and port the client is trying to connect to, in this case puppet.internal and 8081 respectively, is either not the correct host or port, PuppetDB is not listening correctly to this host or port because it is down or misconfigured or some firewall is rejecting the connection (less likely, but worth noting). So what you need to check: * From your puppet master try telnetting into the port and show your results. telnet puppet.internal 8081 * Check that the PuppetDB instance is really listening on port 8081 and on a public interface on that host, you can usually check this with netstat -anp | grep 8081 on the PDB host. Provide the results in the thread if you can. * Check the settings in your /etc/puppetdb/conf.d/jetty.ini, and ensure that ssl-host is set to something like 0.0.0.0 to listen on all interfaces. You can always refine this once you have it working, but this is the recommend base setting. If you change it, restart PuppetDB. * Check that the PuppetDB java process is running also. ps auxww | grep java is a good start, provide the results if you like in thread. * Ensure that the hostname 'puppet.internal' resolves to what you think it does. A large amount of these errors are due to assumptions about what hostnames resolve to ... it must resolve to the IP that PuppetDB is listening on. Check /etc/hosts on your puppet master ... Let me know how you go. ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNTkPLDBb7fNAhQBWvpFsn8%3Db6Z6gi2zKhyGddpZc18pJmQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Is PuppetDB environment aware?
The support for environments in PDB is for storing the environment where a catalog/factset/report came from ... and you can certainly query on it, but currently with ordinary resource collection you cannot constrain on environment. There is an open ticket in the Puppet queue to do this in the future: https://tickets.puppetlabs.com/browse/PUP-2217 For now though one can use something like puppetdbquery, and certainly filter on environment. As far as PE inclusion, inclusion of PDB 2.x is slated for PE 3.4 at this point in time. I'm not sure when the dates for that release will be confirmed. ken. On Tue, Jun 17, 2014 at 8:12 AM, Vadym Chepkov vchep...@gmail.com wrote: On Jun 17, 2014, at 8:40 AM, Yanis Guenane yguen...@gmail.com wrote: The latest version of PuppetDB (ie. 2.0.0) does support environments. The first line of the release note is 'PuppetDB 2.0.0 is a feature release focusing on environments support'. Here the full link: http://docs.puppetlabs.com/puppetdb/2.0/release_notes.html I guess this means that Puppet Enterprise product currently doesn’t support environments since it includes PuppetDB 1.5.2 No work arounds? Are there any plans to include PuppetDB 2.0.0 in PE any time soon? Thanks, Vadym -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNTm6c%3DO%3D1rPvcW8W2YPy2%3DTma_5eW5xoq8_6iQ7%2B7yrTJw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: [Puppet-dev] Re: Announce: Puppet 3.6.2 [ Security and Bug fix Release ]
(I clipped puppet-announce from this thread) Hi Byron, Stefan, Which deprecation warning are you continuing to see? There is an open issue with the disable_warnings, which is that static environment blocks in puppet.conf will continue to warn: https://tickets.puppetlabs.com/browse/PUP-2739 Is that the issue you are seeing? thanks, Josh On Tue, Jun 17, 2014 at 2:28 AM, Stefan Heijmans heijm...@gmail.com wrote: Aha, experienced the same thing last week, didn't have time to look into it yet... On Monday, June 16, 2014 3:30:31 PM UTC+2, Byron Miller wrote: Running puppet 3.6.2 and disable_warnings = deprecations appears to make no difference to prohibiting the alert about environments. -- You received this message because you are subscribed to the Google Groups Puppet Developers group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-dev+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-dev/163f893b-3f66-497b-8618-a0213583e74e%40googlegroups.com https://groups.google.com/d/msgid/puppet-dev/163f893b-3f66-497b-8618-a0213583e74e%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- Josh Partlow jpart...@puppetlabs.com Developer, Puppet Labs Join us at PuppetConf 2014, September 20-24 in San Francisco Register by July 31st to take advantage of the Early Bird discount —save $249! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CADxAQ5q3UN1Ry8jbxPGymy5tskMeOuM4AK-t6imaZKe56YwdpA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Open puppet port(s) to the internet
I probably don't really understand much about how puppet connects to the clients, but is there a big security risk about opening it up to the internet so laptops can get their configuration... If it's safe enough for any value of safe, what ports does it use? Thanks, -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/f85a67b5-96f2-4ffe-a655-5df3ea018ec0%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] PuppetDB connection issue - Failed to connect!!
Hi Ken, Thanks for the heads up! First of all, it's a VBox VM, provisioned by Vigrant. PuppetMaster and PuppetDB are on the same machine. I did go through those basic checks before posting, which appeared fine: root@puppet:~# telnet puppet.internal 8081 Trying 127.0.1.1... Connected to puppet.internal. Escape character is '^]'. root@puppet:~# netstat -ntpl | grep 80 tcp0 0 0.0.0.0:80 0.0.0.0:*LISTEN 14345/apache2 tcp6 0 0 :::8080 :::* LISTEN 16301/java tcp6 0 0 127.0.1.1:8081 :::* LISTEN 16301/java This is my jetty.ini: root@puppet:~# awk '!/^($|#)/ {print}' /etc/puppetdb/conf.d/jetty.ini [jetty] host = 0.0.0.0 port = 8080 ssl-host = puppet.internal ssl-port = 8081 ssl-key = /etc/puppetdb/ssl/private.pem ssl-cert = /etc/puppetdb/ssl/public.pem ssl-ca-cert = /etc/puppetdb/ssl/ca.pem Java is also running: root@puppet:~# ps auxww | grep java puppetdb 16301 1.0 26.8 1558932 135336 ? Sl 13:47 2:26 /usr/lib/jvm/java-7-openjdk-amd64/bin/java -XX:OnOutOfMemoryError=kill -9 %p -Xmx192m -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/log/puppetdb/puppetdb-oom.hprof -Djava.security.egd=file:/dev/urandom -cp /usr/share/puppetdb/puppetdb.jar clojure.main -m com.puppetlabs.puppetdb.core services -c /etc/puppetdb/conf.d ping can resolve: root@puppet:~# ping -c2 puppet.internal PING puppet.internal (127.0.1.1) 56(84) bytes of data. 64 bytes from puppet.internal (127.0.1.1): icmp_req=1 ttl=64 time=0.023 ms 64 bytes from puppet.internal (127.0.1.1): icmp_req=2 ttl=64 time=0.032 ms --- puppet.internal ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 999ms rtt min/avg/max/mdev = 0.023/0.027/0.032/0.006 ms but nslookup cannot: root@puppet:~# nslookup puppet.internal Server:10.0.2.3 Address:10.0.2.3#53 ** server can't find puppet.internal: NXDOMAIN (nslookup is fine though with localhost) This is what my /etc/hosts looks like: 127.0.0.1localhost 127.0.1.1puppet.internalpuppet It's Ubuntu 12.04 server and I heard that name resolving works differently in this version. I'm lost here. Best!! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/f1f592e5-c15f-407b-bf09-48ee28eb9ab7%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Chocolatey pre-fetch fails with Puppet - Could not prefetch package provider 'chocolatey': undefined method `each' for nil:NilClass
Chocolatey is installed as a shared module on the puppet master. Below is the specific part of the puppet code that uses the chocolatey provider to install a custom package. class install_carbon { package {'carbon': ensure = '1.7', provider = 'chocolatey', } } This class is part of a larger set of modules and classes that work together and execute completely and successfully on another host but fails on a second host with the error below. Same puppet client version (3.4.2 installed from an internal NuGet repo). Chocolatey is also customized to point to an internal repo. Any help/thoughts/insight would be appreciated. Thanks! Could not prefetch package provider 'chocolatey': undefined method `each' for nil:NilClass C:/Tools/Puppet/puppet/lib/puppet/provider/package.rb:4:in `prefetch' C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:277:in `prefetch' C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:167:in `prefetch_if_necessary' C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:67:in `block in evaluate' C:/Tools/Puppet/puppet/lib/puppet/graph/relationship_graph.rb:116:in `call' C:/Tools/Puppet/puppet/lib/puppet/graph/relationship_graph.rb:116:in `traverse' C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:108:in `evaluate' C:/Tools/Puppet/puppet/lib/puppet/resource/catalog.rb:164:in `block in apply' C:/Tools/Puppet/puppet/lib/puppet/util/log.rb:149:in `with_destination' C:/Tools/Puppet/puppet/lib/puppet/transaction/report.rb:108:in `as_logging_destination' C:/Tools/Puppet/puppet/lib/puppet/resource/catalog.rb:163:in `apply' C:/Tools/Puppet/puppet/lib/puppet/configurer.rb:125:in `block in apply_catalog' C:/Tools/Puppet/puppet/lib/puppet/util.rb:161:in `block in benchmark' C:/Tools/Puppet/sys/ruby/lib/ruby/1.9.1/benchmark.rb:295:in `realtime' C:/Tools/Puppet/puppet/lib/puppet/util.rb:160:in `benchmark' C:/Tools/Puppet/puppet/lib/puppet/configurer.rb:124:in `apply_catalog' C:/Tools/Puppet/puppet/lib/puppet/configurer.rb:192:in `run' C:/Tools/Puppet/puppet/lib/puppet/agent.rb:44:in `block (4 levels) in run' C:/Tools/Puppet/puppet/lib/puppet/agent/locker.rb:20:in `lock' C:/Tools/Puppet/puppet/lib/puppet/agent.rb:44:in `block (3 levels) in run' C:/Tools/Puppet/puppet/lib/puppet/agent.rb:114:in `with_client' C:/Tools/Puppet/puppet/lib/puppet/agent.rb:41:in `block (2 levels) in run' C:/Tools/Puppet/puppet/lib/puppet/agent.rb:79:in `run_in_fork' C:/Tools/Puppet/puppet/lib/puppet/agent.rb:40:in `block in run' C:/Tools/Puppet/puppet/lib/puppet/application.rb:179:in `call' C:/Tools/Puppet/puppet/lib/puppet/application.rb:179:in `controlled_run' C:/Tools/Puppet/puppet/lib/puppet/agent.rb:38:in `run' C:/Tools/Puppet/puppet/lib/puppet/application/agent.rb:355:in `onetime' C:/Tools/Puppet/puppet/lib/puppet/application/agent.rb:321:in `run_command' C:/Tools/Puppet/puppet/lib/puppet/application.rb:364:in `block (2 levels) in run' C:/Tools/Puppet/puppet/lib/puppet/application.rb:470:in `plugin_hook' C:/Tools/Puppet/puppet/lib/puppet/application.rb:364:in `block in run' C:/Tools/Puppet/puppet/lib/puppet/util.rb:478:in `exit_on_fail' C:/Tools/Puppet/puppet/lib/puppet/application.rb:364:in `run' C:/Tools/Puppet/puppet/lib/puppet/util/command_line.rb:137:in `run' C:/Tools/Puppet/puppet/lib/puppet/util/command_line.rb:91:in `execute' C:/Tools/Puppet/puppet/bin/puppet:4:in `main' -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/ed1ffcb8-f3da-4079-ae8b-d115a08f9d5a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] PuppetDB connection issue - Failed to connect!!
At first glance this all seems correct. Hrm. Can you do the telnet test? telnet puppet.internal 8081 Also, are you destroying and rebuilding these VM's each time and then its failing? Or are you doing all of this _after_ the vm's are launched. Its quite possible there is a race condition/ordering issue in how the provisioning is occuring end-to-end. ken. On Tue, Jun 17, 2014 at 10:44 AM, Sans r.santanu@gmail.com wrote: Hi Ken, Thanks for the heads up! First of all, it's a VBox VM, provisioned by Vigrant. PuppetMaster and PuppetDB are on the same machine. I did go through those basic checks before posting, which appeared fine: root@puppet:~# telnet puppet.internal 8081 Trying 127.0.1.1... Connected to puppet.internal. Escape character is '^]'. root@puppet:~# netstat -ntpl | grep 80 tcp0 0 0.0.0.0:80 0.0.0.0:*LISTEN 14345/apache2 tcp6 0 0 :::8080 :::* LISTEN 16301/java tcp6 0 0 127.0.1.1:8081 :::* LISTEN 16301/java This is my jetty.ini: root@puppet:~# awk '!/^($|#)/ {print}' /etc/puppetdb/conf.d/jetty.ini [jetty] host = 0.0.0.0 port = 8080 ssl-host = puppet.internal ssl-port = 8081 ssl-key = /etc/puppetdb/ssl/private.pem ssl-cert = /etc/puppetdb/ssl/public.pem ssl-ca-cert = /etc/puppetdb/ssl/ca.pem Java is also running: root@puppet:~# ps auxww | grep java puppetdb 16301 1.0 26.8 1558932 135336 ? Sl 13:47 2:26 /usr/lib/jvm/java-7-openjdk-amd64/bin/java -XX:OnOutOfMemoryError=kill -9 %p -Xmx192m -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/log/puppetdb/puppetdb-oom.hprof -Djava.security.egd=file:/dev/urandom -cp /usr/share/puppetdb/puppetdb.jar clojure.main -m com.puppetlabs.puppetdb.core services -c /etc/puppetdb/conf.d ping can resolve: root@puppet:~# ping -c2 puppet.internal PING puppet.internal (127.0.1.1) 56(84) bytes of data. 64 bytes from puppet.internal (127.0.1.1): icmp_req=1 ttl=64 time=0.023 ms 64 bytes from puppet.internal (127.0.1.1): icmp_req=2 ttl=64 time=0.032 ms --- puppet.internal ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 999ms rtt min/avg/max/mdev = 0.023/0.027/0.032/0.006 ms but nslookup cannot: root@puppet:~# nslookup puppet.internal Server:10.0.2.3 Address:10.0.2.3#53 ** server can't find puppet.internal: NXDOMAIN (nslookup is fine though with localhost) This is what my /etc/hosts looks like: 127.0.0.1localhost 127.0.1.1puppet.internalpuppet It's Ubuntu 12.04 server and I heard that name resolving works differently in this version. I'm lost here. Best!! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/f1f592e5-c15f-407b-bf09-48ee28eb9ab7%40googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNT%3DK4WW1%2BtPv0X5Y8Kan9YhwAUa3HHgkSTtFhKoRoxY_kQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] PuppetDB connection issue - Failed to connect!!
Oh ... and lets see the output of: iptables -vnL Perhaps there is a firewall here? Its worth double checking. On Tue, Jun 17, 2014 at 11:06 AM, Ken Barber k...@puppetlabs.com wrote: At first glance this all seems correct. Hrm. Can you do the telnet test? telnet puppet.internal 8081 Also, are you destroying and rebuilding these VM's each time and then its failing? Or are you doing all of this _after_ the vm's are launched. Its quite possible there is a race condition/ordering issue in how the provisioning is occuring end-to-end. ken. On Tue, Jun 17, 2014 at 10:44 AM, Sans r.santanu@gmail.com wrote: Hi Ken, Thanks for the heads up! First of all, it's a VBox VM, provisioned by Vigrant. PuppetMaster and PuppetDB are on the same machine. I did go through those basic checks before posting, which appeared fine: root@puppet:~# telnet puppet.internal 8081 Trying 127.0.1.1... Connected to puppet.internal. Escape character is '^]'. root@puppet:~# netstat -ntpl | grep 80 tcp0 0 0.0.0.0:80 0.0.0.0:*LISTEN 14345/apache2 tcp6 0 0 :::8080 :::* LISTEN 16301/java tcp6 0 0 127.0.1.1:8081 :::* LISTEN 16301/java This is my jetty.ini: root@puppet:~# awk '!/^($|#)/ {print}' /etc/puppetdb/conf.d/jetty.ini [jetty] host = 0.0.0.0 port = 8080 ssl-host = puppet.internal ssl-port = 8081 ssl-key = /etc/puppetdb/ssl/private.pem ssl-cert = /etc/puppetdb/ssl/public.pem ssl-ca-cert = /etc/puppetdb/ssl/ca.pem Java is also running: root@puppet:~# ps auxww | grep java puppetdb 16301 1.0 26.8 1558932 135336 ? Sl 13:47 2:26 /usr/lib/jvm/java-7-openjdk-amd64/bin/java -XX:OnOutOfMemoryError=kill -9 %p -Xmx192m -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/log/puppetdb/puppetdb-oom.hprof -Djava.security.egd=file:/dev/urandom -cp /usr/share/puppetdb/puppetdb.jar clojure.main -m com.puppetlabs.puppetdb.core services -c /etc/puppetdb/conf.d ping can resolve: root@puppet:~# ping -c2 puppet.internal PING puppet.internal (127.0.1.1) 56(84) bytes of data. 64 bytes from puppet.internal (127.0.1.1): icmp_req=1 ttl=64 time=0.023 ms 64 bytes from puppet.internal (127.0.1.1): icmp_req=2 ttl=64 time=0.032 ms --- puppet.internal ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 999ms rtt min/avg/max/mdev = 0.023/0.027/0.032/0.006 ms but nslookup cannot: root@puppet:~# nslookup puppet.internal Server:10.0.2.3 Address:10.0.2.3#53 ** server can't find puppet.internal: NXDOMAIN (nslookup is fine though with localhost) This is what my /etc/hosts looks like: 127.0.0.1localhost 127.0.1.1puppet.internalpuppet It's Ubuntu 12.04 server and I heard that name resolving works differently in this version. I'm lost here. Best!! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/f1f592e5-c15f-407b-bf09-48ee28eb9ab7%40googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNTn4NfvtzLB8cdDUPCCuY0%2Bv-N3YNy-2SKQpCw-fsdyfvQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Re: Moving from manifest files to ENC script - not working...
On Tuesday, June 17, 2014 8:19:59 AM UTC-5, shlo@gmail.com wrote: I read the documentation. I send yesterday example of my perl ENC code and the output. I'm sending them again: #!/usr/bin/perl -w use strict; use YAML qw(Dump); my $hostname = shift || die No hostname passed; system(echo $hostname /tmp/llkkll); my ($host, $domain, $net) = ($1, $2, $3); my @classes = (); my %parameters = ( puppetserver = puppetsrv ); @classes = ('class1', 'class2::basic', class3); $parameters{var} = kk1; print Dump({ classes = \@classes, parameters = \%parameters, }); that as output give me: --- classes: - class1 - class2::basic - class3 parameters: puppetserver: puppetsrv var: kk1 The definition of the classes are in manifests under the module directory. My problem: when I run the puppet command on the agent, it look like it *ignore* the classes I define in ENC script and only if I have the node definition in node.pp it try to so something. Maybe I'm missing very basic issue. I'm sorry. Probably. Hooking up an ENC is not very hard. If the ENC is not running when a catalog request comes in then most likely the ENC it is not properly configured. Supposing that you are running in agent / master mode, the ENC needs to be set up on the master. There, the 'node_terminus' configuration parameter must be set to exec and the 'external_nodes' configuration parameter must be set to the absolute pathname of the ENC script. Furthermore, the script must be accessible and executable by the master, which typically does not run as a privileged user. Not only the script, but also all directories in the path to it must be readable and executable/traversable by the master. File permissions and other access controls may come into play here. Also, once it is properly configured, you need to restart the master in order for the new configuration to be noticed. It is highly unlikely that the master is running the ENC successfully, the output is what you say, and yet it is ignored. Is there any way to debug it? I would start by looking at the master's log. If you're not already running the master with --debug output turned on, then I would do that, too, to make the log more informative. Likewise, look at the agent's log. In particular, make sure the agent successfully retrieved a fresh catalog from the master -- it will complain if it cannot do so, but it may then proceed to use a cached catalog. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/760300a8-e0c5-4043-8fb2-bfcd1871af11%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Chocolatey pre-fetch fails with Puppet - Could not prefetch package provider 'chocolatey': undefined method `each' for nil:NilClass
Let's make sure everything is set up correctly. Do you have chocolatey (the client tool) already installed on both of those servers? If so what versions of chocolatey? Do they both respond to output? (choco /?) Moving up the chain to the provider, let's execute puppet agent -td --verbose --trace This should really get us to what might be causing the error. On Tue, Jun 17, 2014 at 12:51 PM, Jim Ficarra jimfica...@gmail.com wrote: Chocolatey is installed as a shared module on the puppet master. Below is the specific part of the puppet code that uses the chocolatey provider to install a custom package. class install_carbon { package {'carbon': ensure = '1.7', provider = 'chocolatey', } } This class is part of a larger set of modules and classes that work together and execute completely and successfully on another host but fails on a second host with the error below. Same puppet client version (3.4.2 installed from an internal NuGet repo). Chocolatey is also customized to point to an internal repo. Any help/thoughts/insight would be appreciated. Thanks! Could not prefetch package provider 'chocolatey': undefined method `each' for nil:NilClass C:/Tools/Puppet/puppet/lib/puppet/provider/package.rb:4:in `prefetch' C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:277:in `prefetch' C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:167:in `prefetch_if_necessary' C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:67:in `block in evaluate' C:/Tools/Puppet/puppet/lib/puppet/graph/relationship_graph.rb:116:in `call' C:/Tools/Puppet/puppet/lib/puppet/graph/relationship_graph.rb:116:in `traverse' C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:108:in `evaluate' C:/Tools/Puppet/puppet/lib/puppet/resource/catalog.rb:164:in `block in apply' C:/Tools/Puppet/puppet/lib/puppet/util/log.rb:149:in `with_destination' C:/Tools/Puppet/puppet/lib/puppet/transaction/report.rb:108:in `as_logging_destination' C:/Tools/Puppet/puppet/lib/puppet/resource/catalog.rb:163:in `apply' C:/Tools/Puppet/puppet/lib/puppet/configurer.rb:125:in `block in apply_catalog' C:/Tools/Puppet/puppet/lib/puppet/util.rb:161:in `block in benchmark' C:/Tools/Puppet/sys/ruby/lib/ruby/1.9.1/benchmark.rb:295:in `realtime' C:/Tools/Puppet/puppet/lib/puppet/util.rb:160:in `benchmark' C:/Tools/Puppet/puppet/lib/puppet/configurer.rb:124:in `apply_catalog' C:/Tools/Puppet/puppet/lib/puppet/configurer.rb:192:in `run' C:/Tools/Puppet/puppet/lib/puppet/agent.rb:44:in `block (4 levels) in run' C:/Tools/Puppet/puppet/lib/puppet/agent/locker.rb:20:in `lock' C:/Tools/Puppet/puppet/lib/puppet/agent.rb:44:in `block (3 levels) in run' C:/Tools/Puppet/puppet/lib/puppet/agent.rb:114:in `with_client' C:/Tools/Puppet/puppet/lib/puppet/agent.rb:41:in `block (2 levels) in run' C:/Tools/Puppet/puppet/lib/puppet/agent.rb:79:in `run_in_fork' C:/Tools/Puppet/puppet/lib/puppet/agent.rb:40:in `block in run' C:/Tools/Puppet/puppet/lib/puppet/application.rb:179:in `call' C:/Tools/Puppet/puppet/lib/puppet/application.rb:179:in `controlled_run' C:/Tools/Puppet/puppet/lib/puppet/agent.rb:38:in `run' C:/Tools/Puppet/puppet/lib/puppet/application/agent.rb:355:in `onetime' C:/Tools/Puppet/puppet/lib/puppet/application/agent.rb:321:in `run_command' C:/Tools/Puppet/puppet/lib/puppet/application.rb:364:in `block (2 levels) in run' C:/Tools/Puppet/puppet/lib/puppet/application.rb:470:in `plugin_hook' C:/Tools/Puppet/puppet/lib/puppet/application.rb:364:in `block in run' C:/Tools/Puppet/puppet/lib/puppet/util.rb:478:in `exit_on_fail' C:/Tools/Puppet/puppet/lib/puppet/application.rb:364:in `run' C:/Tools/Puppet/puppet/lib/puppet/util/command_line.rb:137:in `run' C:/Tools/Puppet/puppet/lib/puppet/util/command_line.rb:91:in `execute' C:/Tools/Puppet/puppet/bin/puppet:4:in `main' -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/ed1ffcb8-f3da-4079-ae8b-d115a08f9d5a%40googlegroups.com https://groups.google.com/d/msgid/puppet-users/ed1ffcb8-f3da-4079-ae8b-d115a08f9d5a%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- Rob Reynolds Developer, Puppet Labs *Join us at PuppetConf 2014 http://www.puppetconf.com/, September 20-24 in San Francisco* *Register by July 31st to take advantage of the Early Bird discount https://puppetconf2014.eventbrite.com/?discount=EarlyBird **--**save $249!* -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit
Re: [Puppet Users] No rubygem-deep-merge RPM in EL7 Yum repo
Hi Melissa, Somehow I screwed my Jira account :( I'll file a ticket as soon as I regain control of it. I don't get the reset password link so I contacted the admins. Shame on me ;) Marc On Tue, Jun 17, 2014 at 12:43 AM, Melissa Stone meli...@puppetlabs.com wrote: Hey Marc, Thanks for reporting this! Could you file a ticket at https://tickets.puppetlabs.com/browse/CPR with that information? That way we can be sure to get that package up. Thanks! On Sun, Jun 15, 2014 at 11:50 AM, Marc marc.villaco...@gmail.com wrote: Hi, Puppetizing my first Centos7 I realized there is no rubygem-deep-merge RPM in: http://yum.puppetlabs.com/el/7/dependencies/x86_64/ Is this intended? Cheers, Marc -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/58643257-4526-4b60-87b3-1586ee09a7a5%40googlegroups.com https://groups.google.com/d/msgid/puppet-users/58643257-4526-4b60-87b3-1586ee09a7a5%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- Melissa Stone Release Engineer, Puppet Labs *Join us at PuppetConf 2014 http://www.puppetconf.com/, September 20-24 in San Francisco* *Register by June 5th to take advantage of the Early Adopter discount http://links.puppetlabs.com/puppetconf-early-adopter **—**save $349!* -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAGHhR3cN%3DXHeZm0grHnz4SfLEbbg%3D5_9w9FML1n3Q-dtB58qhQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] PuppetDB connection issue - Failed to connect!!
hi Ken, Right now I'm creating only one VM, co-locating PuppetMaster and PuppetDB to make it simple - destroying and rebuilding. But it always fails - during the provisioning/building and also even after if I login to the machine and run puppet apply. Telnet works fine: root@puppet:~# telnet puppet.internal 8081 Trying 127.0.1.1... Connected to puppet.internal. Escape character is '^]'. Connection closed by foreign host. and iptables is not configured at all but here is the output: root@puppet:~# ufw status Status: inactive root@puppet:~# iptables -vnL Chain INPUT (policy ACCEPT 349 packets, 47388 bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 246 packets, 46964 bytes) pkts bytes target prot opt in out source destination -San On Tuesday, June 17, 2014 7:16:57 PM UTC+1, Ken Barber wrote: Oh ... and lets see the output of: iptables -vnL Perhaps there is a firewall here? Its worth double checking. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/2bebdfb5-7a16-4238-863f-b112306198c9%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Chocolatey pre-fetch fails with Puppet - Could not prefetch package provider 'chocolatey': undefined method `each' for nil:NilClass
Hey Rob, Thanks for the response! Yes – chocolatey version 0.9.8.23 is installed on both servers (found via choco version). They both respond to choco /?. This is a customized version that has had the install path modified and the default repository restricted to an internal Nuget repository. I can also install chocolatey packages manually on both servers – specifically this package that is failing by typing “cinst carbon”. I am running puppet as a windows service and ran the service with debug/trace (sc start puppet –debug –trace) to pull the previous errors from the event log, though they were a bit segregated across event entries. It's also worth noting that there are 4 resource types ahead of the one that's failing. The 4 resourcs types (two files and two execs) are applied successfully. I ran the puppet agent –td –verbose –trace and received a lot of output, but essentially the same errors that don't appear to have any new information. The successful output shows that the 4 previous resource types ran. Included below is the start of when it begins to apply the package with the chocolatey provider: Notice: /Stage[main]/Copy_externalfacts/Exec[BuildStatusFacterFile_SetPerms]/returns: executed successfully Debug: /Stage[main]/Copy_externalfacts/Exec[BuildStatusFacterFile_SetPerms]: The container Class[Copy_externalfacts] will propagate my refresh event Debug: Class[Copy_externalfacts]: The container Stage[main] will propagate my refresh event Debug: Prefetching chocolatey resources for package Debug: Executing 'C:\Tools\Chocolatey\chocolateyInstall\chocolatey.cmd list -lo' Error: Could not prefetch package provider 'chocolatey': undefined method `each' for nil:NilClass C:/Tools/Puppet/puppet/lib/puppet/provider/package.rb:4:in `prefetch' C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:277:in `prefetch' C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:167:in `prefetch_if_necessary' C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:67:in `block in evaluate' C:/Tools/Puppet/puppet/lib/puppet/graph/relationship_graph.rb:116:in `call' C:/Tools/Puppet/puppet/lib/puppet/graph/relationship_graph.rb:116:in `traverse' C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:108:in `evaluate' C:/Tools/Puppet/puppet/lib/puppet/resource/catalog.rb:164:in `block in apply' C:/Tools/Puppet/puppet/lib/puppet/util/log.rb:149:in `with_destination' C:/Tools/Puppet/puppet/lib/puppet/transaction/report.rb:108:in `as_logging_destination' C:/Tools/Puppet/puppet/lib/puppet/resource/catalog.rb:163:in `apply' C:/Tools/Puppet/puppet/lib/puppet/configurer.rb:125:in `block in apply_catalog' C:/Tools/Puppet/puppet/lib/puppet/util.rb:161:in `block in benchmark' C:/Tools/Puppet/sys/ruby/lib/ruby/1.9.1/benchmark.rb:295:in `realtime' C:/Tools/Puppet/puppet/lib/puppet/util.rb:160:in `benchmark' C:/Tools/Puppet/puppet/lib/puppet/configurer.rb:124:in `apply_catalog' C:/Tools/Puppet/puppet/lib/puppet/configurer.rb:192:in `run' C:/Tools/Puppet/puppet/lib/puppet/agent.rb:44:in `block (4 levels) in run' C:/Tools/Puppet/puppet/lib/puppet/agent/locker.rb:20:in `lock' C:/Tools/Puppet/puppet/lib/puppet/agent.rb:44:in `block (3 levels) in run' C:/Tools/Puppet/puppet/lib/puppet/agent.rb:114:in `with_client' C:/Tools/Puppet/puppet/lib/puppet/agent.rb:41:in `block (2 levels) in run' C:/Tools/Puppet/puppet/lib/puppet/agent.rb:79:in `run_in_fork' C:/Tools/Puppet/puppet/lib/puppet/agent.rb:40:in `block in run' C:/Tools/Puppet/puppet/lib/puppet/application.rb:179:in `call' C:/Tools/Puppet/puppet/lib/puppet/application.rb:179:in `controlled_run' C:/Tools/Puppet/puppet/lib/puppet/agent.rb:38:in `run' C:/Tools/Puppet/puppet/lib/puppet/application/agent.rb:355:in `onetime' C:/Tools/Puppet/puppet/lib/puppet/application/agent.rb:321:in `run_command' C:/Tools/Puppet/puppet/lib/puppet/application.rb:364:in `block (2 levels) in run' C:/Tools/Puppet/puppet/lib/puppet/application.rb:470:in `plugin_hook' C:/Tools/Puppet/puppet/lib/puppet/application.rb:364:in `block in run' C:/Tools/Puppet/puppet/lib/puppet/util.rb:478:in `exit_on_fail' C:/Tools/Puppet/puppet/lib/puppet/application.rb:364:in `run' C:/Tools/Puppet/puppet/lib/puppet/util/command_line.rb:137:in `run' C:/Tools/Puppet/puppet/lib/puppet/util/command_line.rb:91:in `execute' C:/Tools/Puppet/puppet/bin/puppet:4:in `main' Debug: Executing 'C:\Tools\Chocolatey\chocolateyInstall\chocolatey.cmd list -lo' Error: /Stage[main]/Install_carbon/Package[carbon]: Could not evaluate: undefined method `each' for nil:NilClass C:/ProgramData/PuppetLabs/puppet/var/lib/puppet/provider/package/chocolatey.rb:66:in `query' C:/Tools/Puppet/puppet/lib/puppet/provider/package.rb:19:in `properties' C:/Tools/Puppet/puppet/lib/puppet/type/package.rb:178:in `retrieve' C:/Tools/Puppet/puppet/lib/puppet/type.rb:1035:in `retrieve' C:/Tools/Puppet/puppet/lib/puppet/type.rb:1063:in `retrieve_resource' C:/Tools/Puppet/puppet/lib/puppet/transaction/resource_harness.rb:223:in `from_resource'
Re: [Puppet Users] Chocolatey pre-fetch fails with Puppet - Could not prefetch package provider 'chocolatey': undefined method `each' for nil:NilClass
Sorry if this is a duplicate – I tried to send earlier but it didn’t seem to hit the distro. = Hey Rob, Thanks for the response! Yes – chocolatey version 0.9.8.23 is installed on both servers (found via choco version). They both respond to choco /?. This is a customized version that has had the install path modified and the default repository restricted to an internal Nuget repository. I can also install chocolatey packages manually on both servers – specifically this package that is failing by typing “cinst carbon”. I am running puppet as a windows service and ran the service with debug/trace (sc start puppet –debug –trace) to pull the previous errors from the event log, though they were a bit segregated across event entries. It's also worth noting that there are 4 resource types ahead of the one that's failing. The 4 resourcs types (two files and two execs) are applied successfully. I ran the puppet agent –td –verbose –trace and received a lot of output, but essentially the same errors that don't appear to have any new information. The successful output shows that the 4 previous resource types ran. Included below is the start of when it begins to apply the package with the chocolatey provider: Notice: /Stage[main]/Copy_externalfacts/Exec[BuildStatusFacterFile_SetPerms]/returns: executed successfully Debug: /Stage[main]/Copy_externalfacts/Exec[BuildStatusFacterFile_SetPerms]: The container Class[Copy_externalfacts] will propagate my refresh event Debug: Class[Copy_externalfacts]: The container Stage[main] will propagate my refresh event Debug: Prefetching chocolatey resources for package Debug: Executing 'C:\Tools\Chocolatey\chocolateyInstall\chocolatey.cmd list -lo' Error: Could not prefetch package provider 'chocolatey': undefined method `each' for nil:NilClass C:/Tools/Puppet/puppet/lib/puppet/provider/package.rb:4:in `prefetch' C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:277:in `prefetch' C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:167:in `prefetch_if_necessary' C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:67:in `block in evaluate' C:/Tools/Puppet/puppet/lib/puppet/graph/relationship_graph.rb:116:in `call' C:/Tools/Puppet/puppet/lib/puppet/graph/relationship_graph.rb:116:in `traverse' C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:108:in `evaluate' C:/Tools/Puppet/puppet/lib/puppet/resource/catalog.rb:164:in `block in apply' C:/Tools/Puppet/puppet/lib/puppet/util/log.rb:149:in `with_destination' C:/Tools/Puppet/puppet/lib/puppet/transaction/report.rb:108:in `as_logging_destination' C:/Tools/Puppet/puppet/lib/puppet/resource/catalog.rb:163:in `apply' C:/Tools/Puppet/puppet/lib/puppet/configurer.rb:125:in `block in apply_catalog' C:/Tools/Puppet/puppet/lib/puppet/util.rb:161:in `block in benchmark' C:/Tools/Puppet/sys/ruby/lib/ruby/1.9.1/benchmark.rb:295:in `realtime' C:/Tools/Puppet/puppet/lib/puppet/util.rb:160:in `benchmark' C:/Tools/Puppet/puppet/lib/puppet/configurer.rb:124:in `apply_catalog' C:/Tools/Puppet/puppet/lib/puppet/configurer.rb:192:in `run' C:/Tools/Puppet/puppet/lib/puppet/agent.rb:44:in `block (4 levels) in run' C:/Tools/Puppet/puppet/lib/puppet/agent/locker.rb:20:in `lock' C:/Tools/Puppet/puppet/lib/puppet/agent.rb:44:in `block (3 levels) in run' C:/Tools/Puppet/puppet/lib/puppet/agent.rb:114:in `with_client' C:/Tools/Puppet/puppet/lib/puppet/agent.rb:41:in `block (2 levels) in run' C:/Tools/Puppet/puppet/lib/puppet/agent.rb:79:in `run_in_fork' C:/Tools/Puppet/puppet/lib/puppet/agent.rb:40:in `block in run' C:/Tools/Puppet/puppet/lib/puppet/application.rb:179:in `call' C:/Tools/Puppet/puppet/lib/puppet/application.rb:179:in `controlled_run' C:/Tools/Puppet/puppet/lib/puppet/agent.rb:38:in `run' C:/Tools/Puppet/puppet/lib/puppet/application/agent.rb:355:in `onetime' C:/Tools/Puppet/puppet/lib/puppet/application/agent.rb:321:in `run_command' C:/Tools/Puppet/puppet/lib/puppet/application.rb:364:in `block (2 levels) in run' C:/Tools/Puppet/puppet/lib/puppet/application.rb:470:in `plugin_hook' C:/Tools/Puppet/puppet/lib/puppet/application.rb:364:in `block in run' C:/Tools/Puppet/puppet/lib/puppet/util.rb:478:in `exit_on_fail' C:/Tools/Puppet/puppet/lib/puppet/application.rb:364:in `run' C:/Tools/Puppet/puppet/lib/puppet/util/command_line.rb:137:in `run' C:/Tools/Puppet/puppet/lib/puppet/util/command_line.rb:91:in `execute' C:/Tools/Puppet/puppet/bin/puppet:4:in `main' Debug: Executing 'C:\Tools\Chocolatey\chocolateyInstall\chocolatey.cmd list -lo' Error: /Stage[main]/Install_carbon/Package[carbon]: Could not evaluate: undefined method `each' for nil:NilClass C:/ProgramData/PuppetLabs/puppet/var/lib/puppet/provider/package/chocolatey.rb:66:in `query' C:/Tools/Puppet/puppet/lib/puppet/provider/package.rb:19:in `properties' C:/Tools/Puppet/puppet/lib/puppet/type/package.rb:178:in `retrieve' C:/Tools/Puppet/puppet/lib/puppet/type.rb:1035:in `retrieve'
Re: [Puppet Users] No rubygem-deep-merge RPM in EL7 Yum repo
Ok, back in control. Here it is: https://tickets.puppetlabs.com/browse/PUP-2797 Cheers, Marc On Tue, Jun 17, 2014 at 10:22 PM, Marc Villacorta marc.villaco...@gmail.com wrote: Hi Melissa, Somehow I screwed my Jira account :( I'll file a ticket as soon as I regain control of it. I don't get the reset password link so I contacted the admins. Shame on me ;) Marc On Tue, Jun 17, 2014 at 12:43 AM, Melissa Stone meli...@puppetlabs.com wrote: Hey Marc, Thanks for reporting this! Could you file a ticket at https://tickets.puppetlabs.com/browse/CPR with that information? That way we can be sure to get that package up. Thanks! On Sun, Jun 15, 2014 at 11:50 AM, Marc marc.villaco...@gmail.com wrote: Hi, Puppetizing my first Centos7 I realized there is no rubygem-deep-merge RPM in: http://yum.puppetlabs.com/el/7/dependencies/x86_64/ Is this intended? Cheers, Marc -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/58643257-4526-4b60-87b3-1586ee09a7a5%40googlegroups.com https://groups.google.com/d/msgid/puppet-users/58643257-4526-4b60-87b3-1586ee09a7a5%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- Melissa Stone Release Engineer, Puppet Labs *Join us at PuppetConf 2014 http://www.puppetconf.com/, September 20-24 in San Francisco* *Register by June 5th to take advantage of the Early Adopter discount http://links.puppetlabs.com/puppetconf-early-adopter **—**save $349!* -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAGHhR3fJSbU38pVfWsAmuXCmuPmBQo-KiDL2-gB%3DUemVCDBoNg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Chocolatey pre-fetch fails with Puppet - Could not prefetch package provider 'chocolatey': undefined method `each' for nil:NilClass
Sorry if this is a duplicate – I tried to send earlier but it didn’t seem to hit the distro. Also truncating it for readability = Hey Rob, Thanks for the response! Yes – chocolatey version 0.9.8.23 is installed on both servers (found via choco version). They both respond to choco /?. This is a customized version that has had the install path modified and the default repository restricted to an internal Nuget repository. I can also install chocolatey packages manually on both servers – specifically this package that is failing by typing “cinst carbon”. I am running puppet as a windows service and ran the service with debug/trace (sc start puppet –debug –trace) to pull the previous errors from the event log, though they were a bit segregated across event entries. It's also worth noting that there are 4 resource types ahead of the one that's failing. The 4 resourcs types (two files and two execs) are applied successfully. I ran the puppet agent –td –verbose –trace and received a lot of output, but essentially the same errors that don't appear to have any new information. The successful output shows that the 4 previous resource types ran. Included below is the start of when it begins to apply the package with the chocolatey provider: Notice: /Stage[main]/Copy_externalfacts/Exec[BuildStatusFacterFile_SetPerms]/returns: executed successfully Debug: /Stage[main]/Copy_externalfacts/Exec[BuildStatusFacterFile_SetPerms]: The container Class[Copy_externalfacts] will propagate my refresh event Debug: Class[Copy_externalfacts]: The container Stage[main] will propagate my refresh event Debug: Prefetching chocolatey resources for package Debug: Executing 'C:\Tools\Chocolatey\chocolateyInstall\chocolatey.cmd list -lo' Error: Could not prefetch package provider 'chocolatey': undefined method `each' for nil:NilClass C:/Tools/Puppet/puppet/lib/puppet/provider/package.rb:4:in `prefetch' C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:277:in `prefetch' C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:167:in `prefetch_if_necessary' truncated Debug: Executing 'C:\Tools\Chocolatey\chocolateyInstall\chocolatey.cmd list -lo' Error: /Stage[main]/Install_carbon/Package[carbon]: Could not evaluate: undefined method `each' for nil:NilClass C:/ProgramData/PuppetLabs/puppet/var/lib/puppet/provider/package/chocolatey.rb:66:in `query' C:/Tools/Puppet/puppet/lib/puppet/provider/package.rb:19:in `properties' C:/Tools/Puppet/puppet/lib/puppet/type/package.rb:178:in `retrieve' C:/Tools/Puppet/puppet/lib/puppet/type.rb:1035:in `retrieve' C:/Tools/Puppet/puppet/lib/puppet/type.rb:1063:in `retrieve_resource' truncated Notice: /Stage[main]/Install_iis/Windowsfeature[IIS]/Exec[add-feature-IIS]: Dependency Package[carbon] has failures: true Warning: /Stage[main]/Install_iis/Windowsfeature[IIS]/Exec[add-feature-IIS]: Skipping because of failed dependencies (list of failed dependencies go on) On Tue, Jun 17, 2014 at 4:15 PM, Rob Reynolds r...@puppetlabs.com wrote: Let's make sure everything is set up correctly. Do you have chocolatey (the client tool) already installed on both of those servers? If so what versions of chocolatey? Do they both respond to output? (choco /?) Moving up the chain to the provider, let's execute puppet agent -td --verbose --trace This should really get us to what might be causing the error. On Tue, Jun 17, 2014 at 12:51 PM, Jim Ficarra jimfica...@gmail.com wrote: Chocolatey is installed as a shared module on the puppet master. Below is the specific part of the puppet code that uses the chocolatey provider to install a custom package. class install_carbon {package {'carbon':ensure = '1.7',provider = 'chocolatey',}} This class is part of a larger set of modules and classes that work together and execute completely and successfully on another host but fails on a second host with the error below. Same puppet client version (3.4.2 installed from an internal NuGet repo). Chocolatey is also customized to point to an internal repo. Any help/thoughts/insight would be appreciated. Thanks! Could not prefetch package provider 'chocolatey': undefined method `each' for nil:NilClass C:/Tools/Puppet/puppet/lib/puppet/provider/package.rb:4:in `prefetch' C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:277:in `prefetch' C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:167:in `prefetch_if_necessary' C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:67:in `block in evaluate' C:/Tools/Puppet/puppet/lib/puppet/graph/relationship_graph.rb:116:in `call' C:/Tools/Puppet/puppet/lib/puppet/graph/relationship_graph.rb:116:in `traverse' C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:108:in `evaluate' C:/Tools/Puppet/puppet/lib/puppet/resource/catalog.rb:164:in `block in apply' C:/Tools/Puppet/puppet/lib/puppet/util/log.rb:149:in
[Puppet Users] Puppet Certification Testing discount
To make it easier to get more of you certified, we are offering all Puppet users an automatic 50 percent discount on any Puppet certification, reducing the exam fee to $100 through August 31, 2014. Puppet certifications are available in two areas: - *Puppet Professional*: This certification validates system administrator competencies in using Puppet to manage their infrastructure: http://www.puppetlabs.com/services/certification/puppet-professional. - *Puppet Developer*: This validates skills and competencies for developers using Ruby to extend the functionality of their Puppet infrastructure: http://www.puppetlabs.com/services/certification/puppet-developer You can schedule an appointment to take a Puppet certification test at http://www.pearsonvue.com/puppetlabs/ Get all of the details, including FAQs, step-by-step guides, and more at http://puppetlabs.com/services/certification Thanks! -- Ben Ford | Training Solutions Engineer Puppet Labs, Inc. 926 NW 13th Ave, Suite #210 Portland, OR 97209 509.592.7291 ben.f...@puppetlabs.com -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CACkW_L68s89R9XHb0w0i05H7H_%3DDwZBaVYvJBn0cqusqhHfthw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Historical reporting, BI from puppetdb?
I use puppetdb + puppetboard, which are very useful to see the current state of my environment. Puppetboard also provides a very nice representation of each agent's most recent reports. However, I want to take it to the next level and create custom historical reports for business intelligence (eg How many changes per day over the last month? How many RHEL5 virtual systems as of $DATE?). I've looked online and not found many solutions on this. Might Foreman provide this? Even if it doesI'm not sure I'm ready for that commitment. Since puppetdb uses PostgreSQL, I'd imagine most any BI tool that supports it (eg Pentah) could be configured to get what I want. However, is anyone successfully doing this? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/f434802e-822c-4a69-88a6-c4651e3337f8%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] PuppetDB connection issue - Failed to connect!!
Right now I'm creating only one VM, co-locating PuppetMaster and PuppetDB to make it simple - destroying and rebuilding. But it always fails - during the provisioning/building and also even after if I login to the machine and run puppet apply. Telnet works fine: root@puppet:~# telnet puppet.internal 8081 Trying 127.0.1.1... Connected to puppet.internal. Escape character is '^]'. Connection closed by foreign host. and iptables is not configured at all but here is the output: Okay, let me zoom out a bit and rethink this. Going back to a point you made originally: Can anyone explain to me what actually going on/wrong please? Why it was Not Found before and now Unable to connect? Any help/pointer would be much appreciated. Best! I think the 404 is common while the application is loading within Jetty. It might be that the timeout we have for waiting for PuppetDB to be fully available needs to be adjusted? It could also be a legit problem also. So lets try a different tactic. Lets adjust the setting puppetdb_startup_timeout for the puppetdb::master::config class, and change it to something high, like 60 seconds or so. If that still fails, I think we should grab the /var/log/puppetdb/puppetdb.log output, can you put that in a gist or something? The log immediately after the attempted provision is best - so don't try to rerun puppet or anything, we want to see if purely after the provisioning process fails. ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNT%3Dx5dQEXKt2frzQr6VK0KLYngzWPZr7HRFZU%3DvT%2BSiACQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Historical reporting, BI from puppetdb?
I use puppetdb + puppetboard, which are very useful to see the current state of my environment. Puppetboard also provides a very nice representation of each agent's most recent reports. However, I want to take it to the next level and create custom historical reports for business intelligence (eg How many changes per day over the last month? How many RHEL5 virtual systems as of $DATE?). I've looked online and not found many solutions on this. Might Foreman provide this? Even if it doesI'm not sure I'm ready for that commitment. Since puppetdb uses PostgreSQL, I'd imagine most any BI tool that supports it (eg Pentah) could be configured to get what I want. However, is anyone successfully doing this? So something to note, while this is an interesting idea, you have to be careful. We make zero commitments about the stability of the database schema today ... so expect an upgrade to break things, especially if we have a migration. In short, accessing the data directly is not a supported stable API. Not saying it won't work, but just letting you know the risks involved here. Not sure how useful it is, we do have a lot of complex query capability just built into PDB via the REST interface which might be able to provide what you need: http://docs.puppetlabs.com/puppetdb/2.0/api/query/v4/query.html ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNTmU6MhRDXN2mQ0_4T%3DOTpz-ZboWfUeMZ7%3Dzd-V8nW%3DGvg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Historical reporting, BI from puppetdb?
You absolutely want to build that against the puppetdb rest interface and not by hitting postgres directly. I'd be interested in getting at this data as well, if you find a way or build a neat little application to do it. On Tue, Jun 17, 2014 at 3:35 PM, Ken Barber k...@puppetlabs.com wrote: I use puppetdb + puppetboard, which are very useful to see the current state of my environment. Puppetboard also provides a very nice representation of each agent's most recent reports. However, I want to take it to the next level and create custom historical reports for business intelligence (eg How many changes per day over the last month? How many RHEL5 virtual systems as of $DATE?). I've looked online and not found many solutions on this. Might Foreman provide this? Even if it doesI'm not sure I'm ready for that commitment. Since puppetdb uses PostgreSQL, I'd imagine most any BI tool that supports it (eg Pentah) could be configured to get what I want. However, is anyone successfully doing this? So something to note, while this is an interesting idea, you have to be careful. We make zero commitments about the stability of the database schema today ... so expect an upgrade to break things, especially if we have a migration. In short, accessing the data directly is not a supported stable API. Not saying it won't work, but just letting you know the risks involved here. Not sure how useful it is, we do have a lot of complex query capability just built into PDB via the REST interface which might be able to provide what you need: http://docs.puppetlabs.com/puppetdb/2.0/api/query/v4/query.html ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNTmU6MhRDXN2mQ0_4T%3DOTpz-ZboWfUeMZ7%3Dzd-V8nW%3DGvg%40mail.gmail.com . For more options, visit https://groups.google.com/d/optout. -- Spencer Krum (619)-980-7820 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CADt6FWOZV6vF28M1CwWL6sjb_JJJ0x4WXEzojbySnEBMDX%2BeEQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] PuppetDB connection issue - Failed to connect!!
It's very strange: Until I run puppetdb ssl-setup -f, I get *Error: Unable to connect to puppetdb server (puppet.internal:8081): [404] Not Found* but after that, I get Notice: Unable to connect to puppetdb server (puppet.internal:8081): #Errno::ECONNREFUSED: Connection refused - connect(2) Since, I increased the timeout to 60, it changed into this: Info: Class[Puppetdb::Server::Jetty_ini]: Scheduling refresh of Service[puppetdb] Notice: /Stage[main]/Puppetdb::Server/Service[puppetdb]: Triggered 'refresh' from 1 events Notice: Unable to connect to puppetdb server (puppet.internal:8081): #Errno::ECONNREFUSED: Connection refused - connect(2) Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Notice: Unable to connect to puppetdb server (puppet.internal:8081): #Errno::ECONNREFUSED: Connection refused - connect(2) Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Notice: Unable to connect to puppetdb server (puppet.internal:8081): #Errno::ECONNREFUSED: Connection refused - connect(2) Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Notice: Unable to connect to puppetdb server (puppet.internal:8081): #Errno::ECONNREFUSED: Connection refused - connect(2) Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Notice: Unable to connect to puppetdb server (puppet.internal:8081): #Errno::ECONNREFUSED: Connection refused - connect(2) Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Notice: Unable to connect to puppetdb server (puppet.internal:8081): #Errno::ECONNREFUSED: Connection refused - connect(2) Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Notice: Unable to connect to puppetdb server (puppet.internal:8081): #Errno::ECONNREFUSED: Connection refused - connect(2) Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Notice: Unable to connect to puppetdb server (puppet.internal:8081): #Errno::ECONNREFUSED: Connection refused - connect(2) Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Notice: Unable to connect to puppetdb server (puppet.internal:8081): #Errno::ECONNREFUSED: Connection refused - connect(2) Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Notice: Unable to connect to puppetdb server (puppet.internal:8081): #Errno::ECONNREFUSED: Connection refused - connect(2) Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Notice: Unable to connect to puppetdb server (puppet.internal:8081): #Errno::ECONNREFUSED: Connection refused - connect(2) Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Error: Unable to connect to puppetdb server (puppet.internal:8081): [404] Not Found Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Error: Unable to connect to puppetdb server (puppet.internal:8081): [404] Not Found Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry . . Error: Unable to connect to puppetdb server (puppet.internal:8081): [404] Not Found Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Error: Unable to connect to puppetdb server (puppet.internal:8081): [404] Not Found Notice: Failed to connect to puppetdb within timeout window of 60 seconds; giving up. Error: Unable to connect to puppetdb server! (puppet.internal:8081) Error: /Stage[main]/Puppetdb::Master::Config/Puppetdb_conn_validator[puppetdb_conn]/ensure: change from absent to present failed: Unable to connect to puppetdb server! (puppet.internal:8081) I'm rebuilding the server now. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/a3fd3359-c160-43fa-9f52-9d0615e32214%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Historical reporting, BI from puppetdb?
Thanks, good to know. While the REST API would be the method to get at the data, my issue is that I'm not capable of writing a web app + data repository that can generate web-based reports, etc. I've actually gotten into the habit of running one-off queries using the API with curl to get YAML-formatted reports, which in part got me wanting more. On Tuesday, June 17, 2014 5:36:07 PM UTC-5, Ken Barber wrote: I use puppetdb + puppetboard, which are very useful to see the current state of my environment. Puppetboard also provides a very nice representation of each agent's most recent reports. However, I want to take it to the next level and create custom historical reports for business intelligence (eg How many changes per day over the last month? How many RHEL5 virtual systems as of $DATE?). I've looked online and not found many solutions on this. Might Foreman provide this? Even if it doesI'm not sure I'm ready for that commitment. Since puppetdb uses PostgreSQL, I'd imagine most any BI tool that supports it (eg Pentah) could be configured to get what I want. However, is anyone successfully doing this? So something to note, while this is an interesting idea, you have to be careful. We make zero commitments about the stability of the database schema today ... so expect an upgrade to break things, especially if we have a migration. In short, accessing the data directly is not a supported stable API. Not saying it won't work, but just letting you know the risks involved here. Not sure how useful it is, we do have a lot of complex query capability just built into PDB via the REST interface which might be able to provide what you need: http://docs.puppetlabs.com/puppetdb/2.0/api/query/v4/query.html ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/e56002b6-946f-4a30-957c-a45df13a751e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] PuppetDB connection issue - Failed to connect!!
This is just after building a new server: 2014-06-17 23:20:05,246 INFO [p.t.s.w.jetty9-core] Removing buggy security provider SunPKCS11-NSS version 1.7 2014-06-17 23:20:06,036 INFO [p.t.s.w.jetty9-service] Initializing web server. 2014-06-17 23:20:06,132 INFO [p.t.s.w.jetty9-service] Starting web server. 2014-06-17 23:20:06,134 INFO [o.e.j.s.Server] jetty-9.1.z-SNAPSHOT 2014-06-17 23:20:06,177 INFO [o.e.j.s.ServerConnector] Started ServerConnector@5c5a7bf{HTTP/1.1}{0.0.0.0:8080} 2014-06-17 23:20:06,437 INFO [o.e.j.s.ServerConnector] Started ServerConnector@1bfc3437{SSL-HTTP/1.1}{puppet.internal:8081} 2014-06-17 23:20:06,531 INFO [c.p.p.c.services] PuppetDB version 2.0.0 2014-06-17 23:20:06,900 WARN [c.p.p.s.migrate] Adding additional indexes; this may take several minutes, depending on the size of your database. Trust us, it will all be worth it in the end. 2014-06-17 23:20:07,004 WARN [c.p.p.s.migrate] Building resource parameters cache. This make take a few minutes, but faster resource queries are worth it. 2014-06-17 23:20:07,140 INFO [c.p.p.c.services] Starting broker 2014-06-17 23:20:07,619 WARN [o.a.a.b.BrokerService] Store limit is 10 mb, whilst the data directory: /var/lib/puppetdb/mq/localhost/KahaDB only has 73883 mb of usable space 2014-06-17 23:20:07,620 INFO [c.p.p.c.services] Starting 1 command processor threads 2014-06-17 23:20:07,639 INFO [c.p.p.c.services] Starting query server 2014-06-17 23:20:07,642 WARN [o.e.j.s.h.ContextHandler] Empty contextPath 2014-06-17 23:20:07,650 INFO [o.e.j.s.h.ContextHandler] Started o.e.j.s.h.ContextHandler@3a3670a8{/,null,AVAILABLE} 2014-06-17 23:20:07,724 INFO [c.p.p.c.services] Starting sweep of stale reports (threshold: 14 days) 2014-06-17 23:20:07,750 INFO [c.p.p.c.services] Finished sweep of stale reports (threshold: 14 days) 2014-06-17 23:20:07,750 INFO [c.p.p.c.services] Starting database garbage collection 2014-06-17 23:20:07,777 INFO [c.p.p.c.services] Finished database garbage collection -San -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/f7e70e29-10f3-47f7-84a6-5adf74de0205%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] PuppetDB connection issue - Failed to connect!!
It's very strange: Until I run puppetdb ssl-setup -f, I get Error: Unable to connect to puppetdb server (puppet.internal:8081): [404] Not Found but after that, I get Notice: Unable to connect to puppetdb server (puppet.internal:8081): #Errno::ECONNREFUSED: Connection refused - connect(2) Since, I increased the timeout to 60, it changed into this: Info: Class[Puppetdb::Server::Jetty_ini]: Scheduling refresh of Service[puppetdb] Notice: /Stage[main]/Puppetdb::Server/Service[puppetdb]: Triggered 'refresh' from 1 events Notice: Unable to connect to puppetdb server (puppet.internal:8081): #Errno::ECONNREFUSED: Connection refused - connect(2) Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Notice: Unable to connect to puppetdb server (puppet.internal:8081): #Errno::ECONNREFUSED: Connection refused - connect(2) Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Notice: Unable to connect to puppetdb server (puppet.internal:8081): #Errno::ECONNREFUSED: Connection refused - connect(2) Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Notice: Unable to connect to puppetdb server (puppet.internal:8081): #Errno::ECONNREFUSED: Connection refused - connect(2) Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Notice: Unable to connect to puppetdb server (puppet.internal:8081): #Errno::ECONNREFUSED: Connection refused - connect(2) Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Notice: Unable to connect to puppetdb server (puppet.internal:8081): #Errno::ECONNREFUSED: Connection refused - connect(2) Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Notice: Unable to connect to puppetdb server (puppet.internal:8081): #Errno::ECONNREFUSED: Connection refused - connect(2) Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Notice: Unable to connect to puppetdb server (puppet.internal:8081): #Errno::ECONNREFUSED: Connection refused - connect(2) Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Notice: Unable to connect to puppetdb server (puppet.internal:8081): #Errno::ECONNREFUSED: Connection refused - connect(2) Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Notice: Unable to connect to puppetdb server (puppet.internal:8081): #Errno::ECONNREFUSED: Connection refused - connect(2) Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Notice: Unable to connect to puppetdb server (puppet.internal:8081): #Errno::ECONNREFUSED: Connection refused - connect(2) Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Error: Unable to connect to puppetdb server (puppet.internal:8081): [404] Not Found Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Error: Unable to connect to puppetdb server (puppet.internal:8081): [404] Not Found Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry . . Error: Unable to connect to puppetdb server (puppet.internal:8081): [404] Not Found Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry Error: Unable to connect to puppetdb server (puppet.internal:8081): [404] Not Found Notice: Failed to connect to puppetdb within timeout window of 60 seconds; giving up. Error: Unable to connect to puppetdb server! (puppet.internal:8081) Error: /Stage[main]/Puppetdb::Master::Config/Puppetdb_conn_validator[puppetdb_conn]/ensure: change from absent to present failed: Unable to connect to puppetdb server! (puppet.internal:8081) I'm rebuilding the server now. The connection refused implies the server hasn't opened the port yet for listening, the progression to 404 is probably the Jetty server starting up but not yet being ready for serving the URL we test against. In particular, we test the URL similar to this curl request, so its probably worth seeing if it returns anything on the command line: curl 'http://puppet.local:8080/v2/metrics/mbean/java.lang:type=Memory' Perhaps 60 seconds isn't enough? Its unlikely but worth trying to bump it I guess. Beyond that we'll need to see the puppetdb.log. ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNTmaavWMEjo9t57d1w80M_c-7rkD4a%2BKeKwQb1sBoKmN%3Dw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] PuppetDB connection issue - Failed to connect!!
The puppetdb log is attached in the previous post. And, here is the curl output: root@puppet:~# curl 'http://puppet.internal:8080/v2/metrics/mbean/java.lang:type=Memory' { ObjectPendingFinalizationCount : 0, HeapMemoryUsage : { committed : 86220800, init : 8052480, max : 194641920, used : 41882456 }, NonHeapMemoryUsage : { committed : 63504384, init : 24313856, max : 224395264, used : 63257288 }, Verbose : false, ObjectName : java.lang:type=Memory -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/36c1d8af-e7bb-4d95-960f-f00db7dc460e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] dynamic hiera_config setting
On Wednesday, August 14, 2013 12:57:17 PM UTC+10, Henrik Lindberg wrote: I was hoping that it would derive the hiera.yaml path dynamically from the clients' environment when it checks in, but this seems not to be the case. That is correct, it does not do that. - henrik I am also encountering this issue (puppet 3.3.1) - is it still a known issue? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/203fc18c-9c60-4723-9f01-aab2e99115de%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] dynamic hiera_config setting
On Wednesday, June 18, 2014 10:47:20 AM UTC+10, Alex Harvey wrote: I am also encountering this issue (puppet 3.3.1) - is it still a known issue? Ignore - I found the open Jira ticket here https://tickets.puppetlabs.com/browse/HI-46 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/06f18960-0a21-4b32-bd2b-88e997b020f5%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: Use external facts inside templetes
Hi Sans, My issue was solved. My actual key name was portOffset. Note about the camel case. (there is a capital 'O'). What I did was changed it to just portoffset and works fine. Is this a issue ? Regards, Malintha Adikari On Tuesday, June 17, 2014 5:58:29 PM UTC+5:30, Sans wrote: Hi there, First of all, if it's a fact, then you really should be doing *${::key1}* instead. To use it in template, *%= @key1 %* should work just fine. Otherwise, you can have this: *$localkey = ${::key1}* in your init.pp and then *%= @localkey %* in the template but I don't think you gonna get anything thing better. On the agent, if you do: *facter -p key1*, do you get the result that you expect? Best! On Tuesday, June 17, 2014 12:33:06 PM UTC+1, Malintha Adikari wrote: I have defined some key value pairs in /etc/facter/facts.d/value.txt file. I could use those keys inside my init.pp script and successfully for the values using *${key1}* I want to get those values inside my template file. I have used *%= @key1 %* but it doesn't give me the value. What is the correct way to get the value of the external fact inside template. Regards, Malintha -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/0dcd6392-30ec-47b9-acd8-a688aef6ddef%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Historical reporting, BI from puppetdb?
Thanks, good to know. While the REST API would be the method to get at the data, my issue is that I'm not capable of writing a web app + data repository that can generate web-based reports, etc. I've actually gotten into the habit of running one-off queries using the API with curl to get YAML-formatted reports, which in part got me wanting more. Question, this BI tool Pentah, what formats/apis is it able to ingest beyond SQL? Are there any ETL capabilities built into this tool? Would something like CSV work? ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNTkHGudYw9BEUUK2PhemOdB-znzwvaHJ08SU0avBt0yztQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Historical reporting, BI from puppetdb?
Sorry, do you mean Pentaho? On Tue, Jun 17, 2014 at 9:53 PM, Ken Barber k...@puppetlabs.com wrote: Thanks, good to know. While the REST API would be the method to get at the data, my issue is that I'm not capable of writing a web app + data repository that can generate web-based reports, etc. I've actually gotten into the habit of running one-off queries using the API with curl to get YAML-formatted reports, which in part got me wanting more. Question, this BI tool Pentah, what formats/apis is it able to ingest beyond SQL? Are there any ETL capabilities built into this tool? Would something like CSV work? ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNTktZTMegALk8Az6Q6PpoxgSzLUHBmJVL%2BYwBX%3DpF0bVtQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Historical reporting, BI from puppetdb?
Ryan, What about something like this? http://wiki.pentaho.com/display/EAI/Rest+Client This page seems to mix in general actions with integration steps, but there are more integration types available here: http://wiki.pentaho.com/display/EAI/Pentaho+Data+Integration+Steps ken. On Tue, Jun 17, 2014 at 9:53 PM, Ken Barber k...@puppetlabs.com wrote: Sorry, do you mean Pentaho? On Tue, Jun 17, 2014 at 9:53 PM, Ken Barber k...@puppetlabs.com wrote: Thanks, good to know. While the REST API would be the method to get at the data, my issue is that I'm not capable of writing a web app + data repository that can generate web-based reports, etc. I've actually gotten into the habit of running one-off queries using the API with curl to get YAML-formatted reports, which in part got me wanting more. Question, this BI tool Pentah, what formats/apis is it able to ingest beyond SQL? Are there any ETL capabilities built into this tool? Would something like CSV work? ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNTmkViViz%3D466%3D_rrkiCGF7bRY7GmmcAnq1DYSyX3Ag1Ow%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Historical reporting, BI from puppetdb?
And others: http://wiki.pentaho.com/display/EAI/JSON+Input http://wiki.pentaho.com/display/EAI/HTTP+Client Perhaps, you could combine the JSON input perhaps on the contents of a 'puppetdb export' tarball if you wanted to analyze the data from a previous backup :-). ken. On Tue, Jun 17, 2014 at 10:01 PM, Ken Barber k...@puppetlabs.com wrote: Ryan, What about something like this? http://wiki.pentaho.com/display/EAI/Rest+Client This page seems to mix in general actions with integration steps, but there are more integration types available here: http://wiki.pentaho.com/display/EAI/Pentaho+Data+Integration+Steps ken. On Tue, Jun 17, 2014 at 9:53 PM, Ken Barber k...@puppetlabs.com wrote: Sorry, do you mean Pentaho? On Tue, Jun 17, 2014 at 9:53 PM, Ken Barber k...@puppetlabs.com wrote: Thanks, good to know. While the REST API would be the method to get at the data, my issue is that I'm not capable of writing a web app + data repository that can generate web-based reports, etc. I've actually gotten into the habit of running one-off queries using the API with curl to get YAML-formatted reports, which in part got me wanting more. Question, this BI tool Pentah, what formats/apis is it able to ingest beyond SQL? Are there any ETL capabilities built into this tool? Would something like CSV work? ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNTmG2ugH4KOp-TsjVC67wUKqJghRDrfHQrpVtcvKV0_yCA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: Connection timed out - connect(2) when using puppet module
Am Dienstag, 17. Juni 2014 15:03:20 UTC+2 schrieb jcbollinger: You mean you have set these in your puppet.conf or in your environment? If the former then which one (file system path) and which section? Are you running as root or as an unprivileged user? I run at the moment with root and have set it via export before the call. After setting it now in puppet.conf, the error changes similar to curl without -k: puppet module install rtyler/jenkins --debug Notice: Preparing to install into /etc/puppet/modules ... Notice: Downloading from https://forgeapi.puppetlabs.com ... Debug: HTTP GET https://forgeapi.puppetlabs.com/v3/releases?module=rtyler-jenkins Error: Could not connect via HTTPS to https://forgeapi.puppetlabs.com Unable to verify the SSL certificate The certificate may not be signed by a valid CA The CA bundle included with OpenSSL may not be valid or up to date -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/6b0b1c8b-844c-4cf2-b80f-9707a29b6fdc%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.