Re: [Puppet Users] Open puppet port(s) to the internet

2014-06-17 Thread Spencer Krum 
It uses port 8140 and ssl. It is client cert authenticated. So, barring
something like heartbleed, you're about as good as logging in to any
website that uses ssl.
On Jun 17, 2014 10:19 AM, "jmp242"  wrote:

> I probably don't really understand much about how puppet connects to the
> clients, but is there a big security risk about opening it up to the
> internet so laptops can get their configuration... If it's "safe enough"
> for any value of safe, what ports does it use?
>
> Thanks,
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/f85a67b5-96f2-4ffe-a655-5df3ea018ec0%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CADt6FWM%2BCS7xde-C9ZGwzDrXaKQ%2BVEUY7oJd_4izte0p0-K1aA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: Moving from manifest files to ENC script - not working...

2014-06-17 Thread shlo . afgin 

*Thanks for the details response.*

On Tuesday, June 17, 2014 10:28:01 PM UTC+3, jcbollinger wrote:

Probably.  Hooking up an ENC is not very hard.
>
> If the ENC is not running when a catalog request comes in then most likely 
> the ENC it is not properly configured.  Supposing that you are running in 
> agent / master mode, the ENC needs to be set up on the master.  There, the 
> 'node_terminus' configuration parameter must be set to "exec" and the 
> 'external_nodes' configuration parameter must be set to the absolute 
> pathname of the ENC script.
>
> Furthermore, the script must be accessible and executable by the master, 
> which typically does not run as a privileged user.  Not only the script, 
> but also all directories in the path to it must be readable and 
> executable/traversable by the master.  File permissions and other access 
> controls may come into play here.
>
> Also, once it is properly configured, you need to restart the master in 
> order for the new configuration to be noticed.
>
>  
All done already as you describe.
 

> It is highly unlikely that the master is running the ENC successfully, the 
> output is what you say, and yet it is ignored.
>  
>
 
>
>> Is there any way to debug it? 
>>
>>
>
> I would start by looking at the master's log.  If you're not already 
> running the master with --debug output turned on, then I would do that, 
> too, to make the log more informative.  Likewise, look at the agent's log.  
> In particular, make sure the agent successfully retrieved a fresh catalog 
> from the master -- it will complain if it cannot do so, but it may then 
> proceed to use a cached catalog.
>
>
I will try that.

>
> John
>
>
Thanks a lot! 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/491960a1-8081-4835-a18f-c546bc88e988%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: "Connection timed out - connect(2)" when using puppet module

2014-06-17 Thread Torsten Kleiber 
 

Am Dienstag, 17. Juni 2014 15:03:20 UTC+2 schrieb jcbollinger:

> You mean you have set these in your puppet.conf or in your environment?  
> If the former then which one (file system path) and which section?  Are you 
> running as root or as an unprivileged user?
>
 
I run at the moment with root and have set it via export before the call. 
After setting it now in puppet.conf, the error changes similar to curl 
without -k:
 puppet module install rtyler/jenkins --debug
Notice: Preparing to install into /etc/puppet/modules ...
Notice: Downloading from https://forgeapi.puppetlabs.com ...
Debug: HTTP GET 
https://forgeapi.puppetlabs.com/v3/releases?module=rtyler-jenkins
Error: Could not connect via HTTPS to https://forgeapi.puppetlabs.com
  Unable to verify the SSL certificate
The certificate may not be signed by a valid CA
The CA bundle included with OpenSSL may not be valid or up to date
 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/6b0b1c8b-844c-4cf2-b80f-9707a29b6fdc%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Historical reporting, BI from puppetdb?

2014-06-17 Thread Ken Barber 
And others:

http://wiki.pentaho.com/display/EAI/JSON+Input
http://wiki.pentaho.com/display/EAI/HTTP+Client

Perhaps, you could combine the JSON input perhaps on the contents of a
'puppetdb export' tarball if you wanted to analyze the data from a
previous backup :-).

ken.

On Tue, Jun 17, 2014 at 10:01 PM, Ken Barber  wrote:
> Ryan,
>
> What about something like this?
>
> http://wiki.pentaho.com/display/EAI/Rest+Client
>
> This page seems to mix in general actions with integration steps, but
> there are more integration types available here:
>
> http://wiki.pentaho.com/display/EAI/Pentaho+Data+Integration+Steps
>
> ken.
>
> On Tue, Jun 17, 2014 at 9:53 PM, Ken Barber  wrote:
>> Sorry, do you mean Pentaho?
>>
>> On Tue, Jun 17, 2014 at 9:53 PM, Ken Barber  wrote:
 Thanks, good to know. While the REST API would be the method to get at the
 data, my issue is that I'm not capable of writing a web app + data
 repository that can generate web-based reports, etc. I've actually gotten
 into the habit of running one-off queries using the API with curl to get
 YAML-formatted reports, which in part got me wanting more.
>>>
>>> Question, this BI tool Pentah, what formats/apis is it able to ingest
>>> beyond SQL? Are there any ETL capabilities built into this tool?
>>>
>>> Would something like CSV work?
>>>
>>> ken.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAE4bNTmG2ugH4KOp-TsjVC67wUKqJghRDrfHQrpVtcvKV0_yCA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Historical reporting, BI from puppetdb?

2014-06-17 Thread Ken Barber 
Ryan,

What about something like this?

http://wiki.pentaho.com/display/EAI/Rest+Client

This page seems to mix in general actions with integration steps, but
there are more integration types available here:

http://wiki.pentaho.com/display/EAI/Pentaho+Data+Integration+Steps

ken.

On Tue, Jun 17, 2014 at 9:53 PM, Ken Barber  wrote:
> Sorry, do you mean Pentaho?
>
> On Tue, Jun 17, 2014 at 9:53 PM, Ken Barber  wrote:
>>> Thanks, good to know. While the REST API would be the method to get at the
>>> data, my issue is that I'm not capable of writing a web app + data
>>> repository that can generate web-based reports, etc. I've actually gotten
>>> into the habit of running one-off queries using the API with curl to get
>>> YAML-formatted reports, which in part got me wanting more.
>>
>> Question, this BI tool Pentah, what formats/apis is it able to ingest
>> beyond SQL? Are there any ETL capabilities built into this tool?
>>
>> Would something like CSV work?
>>
>> ken.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAE4bNTmkViViz%3D466%3D_rrkiCGF7bRY7GmmcAnq1DYSyX3Ag1Ow%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Historical reporting, BI from puppetdb?

2014-06-17 Thread Ken Barber 
Sorry, do you mean Pentaho?

On Tue, Jun 17, 2014 at 9:53 PM, Ken Barber  wrote:
>> Thanks, good to know. While the REST API would be the method to get at the
>> data, my issue is that I'm not capable of writing a web app + data
>> repository that can generate web-based reports, etc. I've actually gotten
>> into the habit of running one-off queries using the API with curl to get
>> YAML-formatted reports, which in part got me wanting more.
>
> Question, this BI tool Pentah, what formats/apis is it able to ingest
> beyond SQL? Are there any ETL capabilities built into this tool?
>
> Would something like CSV work?
>
> ken.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAE4bNTktZTMegALk8Az6Q6PpoxgSzLUHBmJVL%2BYwBX%3DpF0bVtQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Historical reporting, BI from puppetdb?

2014-06-17 Thread Ken Barber 
> Thanks, good to know. While the REST API would be the method to get at the
> data, my issue is that I'm not capable of writing a web app + data
> repository that can generate web-based reports, etc. I've actually gotten
> into the habit of running one-off queries using the API with curl to get
> YAML-formatted reports, which in part got me wanting more.

Question, this BI tool Pentah, what formats/apis is it able to ingest
beyond SQL? Are there any ETL capabilities built into this tool?

Would something like CSV work?

ken.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAE4bNTkHGudYw9BEUUK2PhemOdB-znzwvaHJ08SU0avBt0yztQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Use external facts inside templetes

2014-06-17 Thread Malintha Adikari 
Hi Sans,

My issue was solved. My actual key name was "portOffset". Note about the 
camel case. (there is a capital 'O'). What I did was changed it to just 
"portoffset" and works fine. Is this a issue ?

Regards,
Malintha Adikari

On Tuesday, June 17, 2014 5:58:29 PM UTC+5:30, Sans wrote:
>
> Hi there,
>
> First of all, if it's a fact, then you really should be doing *${::key1}* 
> instead. 
>
> To use it in template, *<%= @key1 %>* should work just fine.  Otherwise, 
> you can have this: *$localkey = ${::key1}* in your init.pp and then *<%= 
> @localkey %>* in the template but I don't think you gonna get anything 
> thing better.
>
> On the agent, if you do: *facter -p key1*, do you get the result that you 
> expect? Best!
>  
>
> On Tuesday, June 17, 2014 12:33:06 PM UTC+1, Malintha Adikari wrote:
>>
>>
>>   I have defined some key value pairs in /etc/facter/facts.d/value.txt 
>> file. I could use those keys inside my init.pp script and successfully for 
>> the values using
>>
>>*${key1}*
>>  
>>
>> I want to get those values inside my template file. I have used 
>>
>>*<%= @key1 %>*
>>  
>>
>> but it doesn't give me the value. What is the correct way to get the 
>> value of the external fact inside template.
>>
>> Regards,
>>
>> Malintha
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/0dcd6392-30ec-47b9-acd8-a688aef6ddef%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] dynamic hiera_config setting

2014-06-17 Thread Alex Harvey 

On Wednesday, June 18, 2014 10:47:20 AM UTC+10, Alex Harvey wrote:
>
>
> I am also encountering this issue (puppet 3.3.1) - is it still a known 
> issue?
>

Ignore - I found the open Jira ticket here
https://tickets.puppetlabs.com/browse/HI-46 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/06f18960-0a21-4b32-bd2b-88e997b020f5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] dynamic hiera_config setting

2014-06-17 Thread Alex Harvey 


On Wednesday, August 14, 2013 12:57:17 PM UTC+10, Henrik Lindberg wrote:

> I was hoping that it would derive the hiera.yaml path dynamically from 
> > the clients' environment when it checks in, but this seems not to be the 
> > case. 
> > 
> That is correct, it does not do that. 
> - henrik 
>

I am also encountering this issue (puppet 3.3.1) - is it still a known 
issue?

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/203fc18c-9c60-4723-9f01-aab2e99115de%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] PuppetDB connection issue - Failed to connect!!

2014-06-17 Thread Sans 
The puppetdb log is attached in the previous post. 

And, here is the curl output:

root@puppet:~# curl 
> 'http://puppet.internal:8080/v2/metrics/mbean/java.lang:type=Memory'
> {
>   "ObjectPendingFinalizationCount" : 0,
>   "HeapMemoryUsage" : {
> "committed" : 86220800,
> "init" : 8052480,
> "max" : 194641920,
> "used" : 41882456
>   },
>   "NonHeapMemoryUsage" : {
> "committed" : 63504384,
> "init" : 24313856,
> "max" : 224395264,
> "used" : 63257288
>   },
>   "Verbose" : false,
>   "ObjectName" : "java.lang:type=Memory"
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/36c1d8af-e7bb-4d95-960f-f00db7dc460e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] PuppetDB connection issue - Failed to connect!!

2014-06-17 Thread Ken Barber 
> It's very strange: Until I run puppetdb ssl-setup -f, I get
>>
>> Error: Unable to connect to puppetdb server (puppet.internal:8081): [404]
>> Not Found
>
> but after that, I get
>
>
>> Notice: Unable to connect to puppetdb server (puppet.internal:8081):
>> #
>
>
>
> Since, I increased the timeout to 60, it changed into this:
>
>> Info: Class[Puppetdb::Server::Jetty_ini]: Scheduling refresh of
>> Service[puppetdb]
>> Notice: /Stage[main]/Puppetdb::Server/Service[puppetdb]: Triggered
>> 'refresh' from 1 events
>> Notice: Unable to connect to puppetdb server (puppet.internal:8081):
>> #
>> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
>> Notice: Unable to connect to puppetdb server (puppet.internal:8081):
>> #
>> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
>> Notice: Unable to connect to puppetdb server (puppet.internal:8081):
>> #
>> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
>> Notice: Unable to connect to puppetdb server (puppet.internal:8081):
>> #
>> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
>> Notice: Unable to connect to puppetdb server (puppet.internal:8081):
>> #
>> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
>> Notice: Unable to connect to puppetdb server (puppet.internal:8081):
>> #
>> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
>> Notice: Unable to connect to puppetdb server (puppet.internal:8081):
>> #
>> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
>> Notice: Unable to connect to puppetdb server (puppet.internal:8081):
>> #
>> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
>> Notice: Unable to connect to puppetdb server (puppet.internal:8081):
>> #
>> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
>> Notice: Unable to connect to puppetdb server (puppet.internal:8081):
>> #
>> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
>> Notice: Unable to connect to puppetdb server (puppet.internal:8081):
>> #
>> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
>> Error: Unable to connect to puppetdb server (puppet.internal:8081): [404]
>> Not Found
>> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
>> Error: Unable to connect to puppetdb server (puppet.internal:8081): [404]
>> Not Found
>> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
>> .
>> .
>>
>> Error: Unable to connect to puppetdb server (puppet.internal:8081): [404]
>> Not Found
>> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
>> Error: Unable to connect to puppetdb server (puppet.internal:8081): [404]
>> Not Found
>> Notice: Failed to connect to puppetdb within timeout window of 60 seconds;
>> giving up.
>>
>> Error: Unable to connect to puppetdb server! (puppet.internal:8081)
>> Error:
>> /Stage[main]/Puppetdb::Master::Config/Puppetdb_conn_validator[puppetdb_conn]/ensure:
>> change from absent to present failed: Unable to connect to puppetdb server!
>> (puppet.internal:8081)
>
>
>
> I'm  rebuilding the server now.

The connection refused implies the server hasn't opened the port yet
for listening, the progression to 404 is probably the Jetty server
starting up but not yet being ready for serving the URL we test
against.

In particular, we test the URL similar to this curl request, so its
probably worth seeing if it returns anything on the command line:

curl 'http://puppet.local:8080/v2/metrics/mbean/java.lang:type=Memory'

Perhaps 60 seconds isn't enough? Its unlikely but worth trying to bump
it I guess.

Beyond that we'll need to see the puppetdb.log.

ken.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAE4bNTmaavWMEjo9t57d1w80M_c-7rkD4a%2BKeKwQb1sBoKmN%3Dw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] PuppetDB connection issue - Failed to connect!!

2014-06-17 Thread Sans 
This is just after building a new server:


2014-06-17 23:20:05,246 INFO  [p.t.s.w.jetty9-core] Removing buggy security 
> provider SunPKCS11-NSS version 1.7
> 2014-06-17 23:20:06,036 INFO  [p.t.s.w.jetty9-service] Initializing web 
> server.
> 2014-06-17 23:20:06,132 INFO  [p.t.s.w.jetty9-service] Starting web server.
> 2014-06-17 23:20:06,134 INFO  [o.e.j.s.Server] jetty-9.1.z-SNAPSHOT
> 2014-06-17 23:20:06,177 INFO  [o.e.j.s.ServerConnector] Started 
> ServerConnector@5c5a7bf{HTTP/1.1}{0.0.0.0:8080}
> 2014-06-17 23:20:06,437 INFO  [o.e.j.s.ServerConnector] Started 
> ServerConnector@1bfc3437{SSL-HTTP/1.1}{puppet.internal:8081}
> 2014-06-17 23:20:06,531 INFO  [c.p.p.c.services] PuppetDB version 2.0.0
> 2014-06-17 23:20:06,900 WARN  [c.p.p.s.migrate] Adding additional indexes; 
> this may take several minutes, depending on the size of your database. 
> Trust us, it will all be worth it in the end.
> 2014-06-17 23:20:07,004 WARN  [c.p.p.s.migrate] Building resource 
> parameters cache. This make take a few minutes, but faster resource queries 
> are worth it.
> 2014-06-17 23:20:07,140 INFO  [c.p.p.c.services] Starting broker
> 2014-06-17 23:20:07,619 WARN  [o.a.a.b.BrokerService] Store limit is 
> 10 mb, whilst the data directory: /var/lib/puppetdb/mq/localhost/KahaDB 
> only has 73883 mb of usable space
> 2014-06-17 23:20:07,620 INFO  [c.p.p.c.services] Starting 1 command 
> processor threads
> 2014-06-17 23:20:07,639 INFO  [c.p.p.c.services] Starting query server
> 2014-06-17 23:20:07,642 WARN  [o.e.j.s.h.ContextHandler] Empty contextPath
> 2014-06-17 23:20:07,650 INFO  [o.e.j.s.h.ContextHandler] Started 
> o.e.j.s.h.ContextHandler@3a3670a8{/,null,AVAILABLE}
> 2014-06-17 23:20:07,724 INFO  [c.p.p.c.services] Starting sweep of stale 
> reports (threshold: 14 days)
> 2014-06-17 23:20:07,750 INFO  [c.p.p.c.services] Finished sweep of stale 
> reports (threshold: 14 days)
> 2014-06-17 23:20:07,750 INFO  [c.p.p.c.services] Starting database garbage 
> collection
> 2014-06-17 23:20:07,777 INFO  [c.p.p.c.services] Finished database garbage 
> collection
>


-San 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/f7e70e29-10f3-47f7-84a6-5adf74de0205%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Historical reporting, BI from puppetdb?

2014-06-17 Thread Ryan Anderson 
Thanks, good to know. While the REST API would be the method to get at the 
data, my issue is that I'm not capable of writing a web app + data 
repository that can generate web-based reports, etc. I've actually gotten 
into the habit of running one-off queries using the API with curl to get 
YAML-formatted reports, which in part got me wanting more.

On Tuesday, June 17, 2014 5:36:07 PM UTC-5, Ken Barber wrote:
>
> > I use puppetdb + puppetboard, which are very useful to see the current 
> state 
> > of my environment. Puppetboard also provides a very nice representation 
> of 
> > each agent's most recent reports. However, I want to take it to the next 
> > level and create custom historical reports for business intelligence (eg 
> How 
> > many changes per day over the last month? How many RHEL5 virtual systems 
> as 
> > of $DATE?). I've looked online and not found many solutions on this. 
> Might 
> > Foreman provide this? Even if it doesI'm not sure I'm ready for that 
> > commitment. Since puppetdb uses PostgreSQL, I'd imagine most any BI tool 
> > that supports it (eg Pentah) could be configured to get what I want. 
> > However, is anyone successfully doing this? 
>
> So something to note, while this is an interesting idea, you have to 
> be careful. We make zero commitments about the stability of the 
> database schema today ... so expect an upgrade to break things, 
> especially if we have a migration. In short, accessing the data 
> directly is not a supported stable API. Not saying it won't work, but 
> just letting you know the risks involved here. 
>
> Not sure how useful it is, we do have a lot of complex query 
> capability just built into PDB via the REST interface which might be 
> able to provide what you need: 
>
> http://docs.puppetlabs.com/puppetdb/2.0/api/query/v4/query.html 
>
> ken. 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/e56002b6-946f-4a30-957c-a45df13a751e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] PuppetDB connection issue - Failed to connect!!

2014-06-17 Thread Sans 
It's very strange: Until I run puppetdb ssl-setup -f, I get 

*Error: Unable to connect to puppetdb server (puppet.internal:8081): [404] 
> Not Found*
>
but after that, I get

Notice: Unable to connect to puppetdb server (puppet.internal:8081): 
> #
>


Since, I increased the timeout to 60, it changed into this:

Info: Class[Puppetdb::Server::Jetty_ini]: Scheduling refresh of 
> Service[puppetdb]
> Notice: /Stage[main]/Puppetdb::Server/Service[puppetdb]: Triggered 
> 'refresh' from 1 events
> Notice: Unable to connect to puppetdb server (puppet.internal:8081): 
> #
> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
> Notice: Unable to connect to puppetdb server (puppet.internal:8081): 
> #
> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
> Notice: Unable to connect to puppetdb server (puppet.internal:8081): 
> #
> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
> Notice: Unable to connect to puppetdb server (puppet.internal:8081): 
> #
> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
> Notice: Unable to connect to puppetdb server (puppet.internal:8081): 
> #
> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
> Notice: Unable to connect to puppetdb server (puppet.internal:8081): 
> #
> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
> Notice: Unable to connect to puppetdb server (puppet.internal:8081): 
> #
> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
> Notice: Unable to connect to puppetdb server (puppet.internal:8081): 
> #
> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
> Notice: Unable to connect to puppetdb server (puppet.internal:8081): 
> #
> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
> Notice: Unable to connect to puppetdb server (puppet.internal:8081): 
> #
> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
> Notice: Unable to connect to puppetdb server (puppet.internal:8081): 
> #
> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
> Error: Unable to connect to puppetdb server (puppet.internal:8081): [404] 
> Not Found
> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
> Error: Unable to connect to puppetdb server (puppet.internal:8081): [404] 
> Not Found
> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
> .
> .
> Error: Unable to connect to puppetdb server (puppet.internal:8081): [404] 
> Not Found
> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
> Error: Unable to connect to puppetdb server (puppet.internal:8081): [404] 
> Not Found
> Notice: Failed to connect to puppetdb within timeout window of 60 seconds; 
> giving up.
> Error: Unable to connect to puppetdb server! (puppet.internal:8081)
> Error: 
> /Stage[main]/Puppetdb::Master::Config/Puppetdb_conn_validator[puppetdb_conn]/ensure:
>  
> change from absent to present failed: Unable to connect to puppetdb server! 
> (puppet.internal:8081) 
>


I'm  rebuilding the server now. 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/a3fd3359-c160-43fa-9f52-9d0615e32214%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Historical reporting, BI from puppetdb?

2014-06-17 Thread Spencer Krum 
You absolutely want to build that against the puppetdb rest interface and
not by hitting postgres directly.

I'd be interested in getting at this data as well, if you find a way or
build a neat little application to do it.


On Tue, Jun 17, 2014 at 3:35 PM, Ken Barber  wrote:

> > I use puppetdb + puppetboard, which are very useful to see the current
> state
> > of my environment. Puppetboard also provides a very nice representation
> of
> > each agent's most recent reports. However, I want to take it to the next
> > level and create custom historical reports for business intelligence (eg
> How
> > many changes per day over the last month? How many RHEL5 virtual systems
> as
> > of $DATE?). I've looked online and not found many solutions on this.
> Might
> > Foreman provide this? Even if it doesI'm not sure I'm ready for that
> > commitment. Since puppetdb uses PostgreSQL, I'd imagine most any BI tool
> > that supports it (eg Pentah) could be configured to get what I want.
> > However, is anyone successfully doing this?
>
> So something to note, while this is an interesting idea, you have to
> be careful. We make zero commitments about the stability of the
> database schema today ... so expect an upgrade to break things,
> especially if we have a migration. In short, accessing the data
> directly is not a supported stable API. Not saying it won't work, but
> just letting you know the risks involved here.
>
> Not sure how useful it is, we do have a lot of complex query
> capability just built into PDB via the REST interface which might be
> able to provide what you need:
>
> http://docs.puppetlabs.com/puppetdb/2.0/api/query/v4/query.html
>
> ken.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/CAE4bNTmU6MhRDXN2mQ0_4T%3DOTpz-ZboWfUeMZ7%3Dzd-V8nW%3DGvg%40mail.gmail.com
> .
> For more options, visit https://groups.google.com/d/optout.
>



-- 
Spencer Krum
(619)-980-7820

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CADt6FWOZV6vF28M1CwWL6sjb_JJJ0x4WXEzojbySnEBMDX%2BeEQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Historical reporting, BI from puppetdb?

2014-06-17 Thread Ken Barber 
> I use puppetdb + puppetboard, which are very useful to see the current state
> of my environment. Puppetboard also provides a very nice representation of
> each agent's most recent reports. However, I want to take it to the next
> level and create custom historical reports for business intelligence (eg How
> many changes per day over the last month? How many RHEL5 virtual systems as
> of $DATE?). I've looked online and not found many solutions on this. Might
> Foreman provide this? Even if it doesI'm not sure I'm ready for that
> commitment. Since puppetdb uses PostgreSQL, I'd imagine most any BI tool
> that supports it (eg Pentah) could be configured to get what I want.
> However, is anyone successfully doing this?

So something to note, while this is an interesting idea, you have to
be careful. We make zero commitments about the stability of the
database schema today ... so expect an upgrade to break things,
especially if we have a migration. In short, accessing the data
directly is not a supported stable API. Not saying it won't work, but
just letting you know the risks involved here.

Not sure how useful it is, we do have a lot of complex query
capability just built into PDB via the REST interface which might be
able to provide what you need:

http://docs.puppetlabs.com/puppetdb/2.0/api/query/v4/query.html

ken.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAE4bNTmU6MhRDXN2mQ0_4T%3DOTpz-ZboWfUeMZ7%3Dzd-V8nW%3DGvg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] PuppetDB connection issue - Failed to connect!!

2014-06-17 Thread Ken Barber 
> Right now I'm creating only one VM, co-locating PuppetMaster and PuppetDB to
> make it simple - destroying and rebuilding. But it always fails - during the
> provisioning/building and also even after if I login to the machine and run
> puppet apply. Telnet works fine:
>
>> root@puppet:~# telnet puppet.internal 8081
>> Trying 127.0.1.1...
>> Connected to puppet.internal.
>> Escape character is '^]'.
>> Connection closed by foreign host.
>
>
> and iptables is not configured at all but here is the output:

Okay, let me zoom out a bit and rethink this. Going back to a point
you made originally:

> Can anyone explain to me what actually going on/wrong please? Why it was "Not 
> Found" before and now "Unable to connect"? Any help/pointer would be much 
> appreciated. Best!

I think the 404 is common while the application is loading within
Jetty. It might be that the timeout we have for waiting for PuppetDB
to be fully available needs to be adjusted? It could also be a legit
problem also.

So lets try a different tactic.

Lets adjust the setting puppetdb_startup_timeout for the
puppetdb::master::config class, and change it to something high, like
60 seconds or so.

If that still fails, I think we should grab the
/var/log/puppetdb/puppetdb.log output, can you put that in a gist or
something? The log immediately after the attempted provision is best -
so don't try to rerun puppet or anything, we want to see if purely
after the provisioning process fails.

ken.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAE4bNT%3Dx5dQEXKt2frzQr6VK0KLYngzWPZr7HRFZU%3DvT%2BSiACQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Historical reporting, BI from puppetdb?

2014-06-17 Thread Ryan Anderson 
I use puppetdb + puppetboard, which are very useful to see the current 
state of my environment. Puppetboard also provides a very nice 
representation of each agent's most recent reports. However, I want to take 
it to the next level and create custom historical reports for business 
intelligence (eg How many changes per day over the last month? How many 
RHEL5 virtual systems as of $DATE?). I've looked online and not found many 
solutions on this. Might Foreman provide this? Even if it doesI'm not 
sure I'm ready for that commitment. Since puppetdb uses PostgreSQL, I'd 
imagine most any BI tool that supports it (eg Pentah) could be configured 
to get what I want. However, is anyone successfully doing this?

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/f434802e-822c-4a69-88a6-c4651e3337f8%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Puppet Certification Testing discount

2014-06-17 Thread Ben Ford 
To make it easier to get more of you certified, we are offering all Puppet
users an automatic 50 percent discount on any Puppet certification,
reducing the exam fee to $100 through August 31, 2014.

Puppet certifications are available in two areas:

   - *Puppet Professional*: This certification validates system
   administrator competencies in using Puppet to manage their infrastructure:
   http://www.puppetlabs.com/services/certification/puppet-professional.
   - *Puppet Developer*: This validates skills and competencies for
   developers using Ruby to extend the functionality of their Puppet
   infrastructure:
   http://www.puppetlabs.com/services/certification/puppet-developer

You can schedule an appointment to take a Puppet certification test at
http://www.pearsonvue.com/puppetlabs/

Get all of the details, including FAQs, step-by-step guides, and more at
http://puppetlabs.com/services/certification

Thanks!

-- 
Ben Ford | Training Solutions Engineer
Puppet Labs, Inc.
926 NW 13th Ave, Suite #210
Portland, OR 97209

509.592.7291
ben.f...@puppetlabs.com

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CACkW_L68s89R9XHb0w0i05H7H_%3DDwZBaVYvJBn0cqusqhHfthw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Chocolatey pre-fetch fails with Puppet - Could not prefetch package provider 'chocolatey': undefined method `each' for nil:NilClass

2014-06-17 Thread Jim Ficarra 

Sorry if this is a duplicate – I tried to send earlier but it didn’t seem to 
hit the distro.  
Also truncating it for readability
=

Hey Rob,

Thanks for the response!

Yes – chocolatey version 0.9.8.23 is installed on both servers (found via choco 
version).  They both respond to choco /?.  This is a customized version that 
has had the install path modified and the default repository restricted to an 
internal Nuget repository.

I can also install chocolatey packages manually on both servers – specifically 
this package that is failing by typing “cinst carbon”.

I am running puppet as a windows service and ran the service with debug/trace 
(sc start puppet –debug –trace) to pull the previous errors from the event log, 
though they were a bit segregated across event entries.

It's also worth noting that there are 4 resource types ahead of the one that's 
failing.  The 4 resourcs types (two files and two execs) are applied 
successfully.  I ran the puppet agent –td –verbose –trace and received a lot of 
output, but essentially the same errors that don't appear to have any new 
information.   The successful output shows that the 4 previous resource types 
ran.  

Included below is the start of when it begins to apply the package with the 
chocolatey provider:

Notice: 
/Stage[main]/Copy_externalfacts/Exec[BuildStatusFacterFile_SetPerms]/returns: 
executed successfully
Debug: /Stage[main]/Copy_externalfacts/Exec[BuildStatusFacterFile_SetPerms]: 
The container Class[Copy_externalfacts] will propagate my refresh event
Debug: Class[Copy_externalfacts]: The container Stage[main] will propagate my 
refresh event
Debug: Prefetching chocolatey resources for package
Debug: Executing 'C:\Tools\Chocolatey\chocolateyInstall\chocolatey.cmd list -lo'
Error: Could not prefetch package provider 'chocolatey': undefined method 
`each' for nil:NilClass
C:/Tools/Puppet/puppet/lib/puppet/provider/package.rb:4:in `prefetch'
C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:277:in `prefetch'
C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:167:in `prefetch_if_necessary'

Debug: Executing 'C:\Tools\Chocolatey\chocolateyInstall\chocolatey.cmd list -lo'
Error: /Stage[main]/Install_carbon/Package[carbon]: Could not evaluate: 
undefined method `each' for nil:NilClass
C:/ProgramData/PuppetLabs/puppet/var/lib/puppet/provider/package/chocolatey.rb:66:in
 `query'
C:/Tools/Puppet/puppet/lib/puppet/provider/package.rb:19:in `properties'
C:/Tools/Puppet/puppet/lib/puppet/type/package.rb:178:in `retrieve'
C:/Tools/Puppet/puppet/lib/puppet/type.rb:1035:in `retrieve'
C:/Tools/Puppet/puppet/lib/puppet/type.rb:1063:in `retrieve_resource'

Notice: /Stage[main]/Install_iis/Windowsfeature[IIS]/Exec[add-feature-IIS]: 
Dependency Package[carbon] has failures: true
Warning: /Stage[main]/Install_iis/Windowsfeature[IIS]/Exec[add-feature-IIS]: 
Skipping because of failed dependencies

(list of failed dependencies go on)






On Tue, Jun 17, 2014 at 4:15 PM, Rob Reynolds  wrote:

  Let's make sure everything is set up correctly. Do you have chocolatey (the 
client tool) already installed on both of those servers? If so what versions of 
chocolatey? 

  Do they both respond to output? (choco /?)

  Moving up the chain to the provider, let's execute puppet agent -td --verbose 
--trace
  This should really get us to what might be causing the error.




  On Tue, Jun 17, 2014 at 12:51 PM, Jim Ficarra  wrote:

Chocolatey is installed as a shared module on the puppet master. Below is 
the specific part of the puppet code that uses the chocolatey provider to 
install a custom package.  


class install_carbon {package {'carbon':ensure => '1.7',provider => 
'chocolatey',}}

This class is part of a larger set of modules and classes that work 
together and execute completely and successfully on another host but fails on a 
second host with the error below.  Same puppet client version (3.4.2 installed 
from an internal NuGet repo).  Chocolatey is also customized to point to an 
internal repo.



Any help/thoughts/insight would be appreciated.


Thanks!

Could not prefetch package provider 'chocolatey': undefined method `each' 
for nil:NilClass
C:/Tools/Puppet/puppet/lib/puppet/provider/package.rb:4:in `prefetch'
C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:277:in `prefetch'
C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:167:in 
`prefetch_if_necessary'
C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:67:in `block in evaluate'
C:/Tools/Puppet/puppet/lib/puppet/graph/relationship_graph.rb:116:in `call'
C:/Tools/Puppet/puppet/lib/puppet/graph/relationship_graph.rb:116:in 
`traverse'
C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:108:in `evaluate'
C:/Tools/Puppet/puppet/lib/puppet/resource/catalog.rb:164:in `block in 
apply'
C:/Tools/Puppet/puppet/lib/puppet/util/log.rb:149:in `with_destination'
C:/Tools/Puppet/puppet/lib/puppet/tra

Re: [Puppet Users] No rubygem-deep-merge RPM in EL7 Yum repo

2014-06-17 Thread Marc Villacorta 
Ok, back in control.
Here it is: https://tickets.puppetlabs.com/browse/PUP-2797

Cheers,
Marc


On Tue, Jun 17, 2014 at 10:22 PM, Marc Villacorta  wrote:

> Hi Melissa,
>
> Somehow I screwed my Jira account :(
> I'll file a ticket as soon as I regain control of it.
> I don't get the reset password link so I contacted the admins.
>
> Shame on me ;)
> Marc
>
>
> On Tue, Jun 17, 2014 at 12:43 AM, Melissa Stone 
> wrote:
>
>> Hey Marc,
>>
>> Thanks for reporting this! Could you file a ticket at
>> https://tickets.puppetlabs.com/browse/CPR with that information? That
>> way we can be sure to get that package up.
>>
>> Thanks!
>>
>>
>> On Sun, Jun 15, 2014 at 11:50 AM, Marc  wrote:
>>
>>> Hi,
>>>
>>> Puppetizing my first Centos7 I realized there is no rubygem-deep-merge
>>> RPM in:
>>> http://yum.puppetlabs.com/el/7/dependencies/x86_64/
>>>
>>> Is this intended?
>>>
>>> Cheers,
>>> Marc
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Puppet Users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to puppet-users+unsubscr...@googlegroups.com.
>>>
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/puppet-users/58643257-4526-4b60-87b3-1586ee09a7a5%40googlegroups.com
>>> 
>>> .
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
>>
>>
>> --
>> Melissa Stone
>> Release Engineer, Puppet Labs
>>
>> *Join us at PuppetConf 2014 , September
>> 20-24 in San Francisco*
>> *Register by June 5th to take advantage of the Early Adopter discount
>>  **—**save $349!*
>>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAGHhR3fJSbU38pVfWsAmuXCmuPmBQo-KiDL2-gB%3DUemVCDBoNg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Chocolatey pre-fetch fails with Puppet - Could not prefetch package provider 'chocolatey': undefined method `each' for nil:NilClass

2014-06-17 Thread Jim Ficarra 
Sorry if this is a duplicate – I tried to send earlier but it didn’t seem to 
hit the distro.
=

Hey Rob,

Thanks for the response!

Yes – chocolatey version 0.9.8.23 is installed on both servers (found via choco 
version).  They both respond to choco /?.  This is a customized version that 
has had the install path modified and the default repository restricted to an 
internal Nuget repository.

I can also install chocolatey packages manually on both servers – specifically 
this package that is failing by typing “cinst carbon”.

I am running puppet as a windows service and ran the service with debug/trace 
(sc start puppet –debug –trace) to pull the previous errors from the event log, 
though they were a bit segregated across event entries.

It's also worth noting that there are 4 resource types ahead of the one that's 
failing.  The 4 resourcs types (two files and two execs) are applied 
successfully.  I ran the puppet agent –td –verbose –trace and received a lot of 
output, but essentially the same errors that don't appear to have any new 
information.   The successful output shows that the 4 previous resource types 
ran.  

Included below is the start of when it begins to apply the package with the 
chocolatey provider:

Notice: 
/Stage[main]/Copy_externalfacts/Exec[BuildStatusFacterFile_SetPerms]/returns: 
executed successfully
Debug: /Stage[main]/Copy_externalfacts/Exec[BuildStatusFacterFile_SetPerms]: 
The container Class[Copy_externalfacts] will propagate my refresh event
Debug: Class[Copy_externalfacts]: The container Stage[main] will propagate my 
refresh event
Debug: Prefetching chocolatey resources for package
Debug: Executing 'C:\Tools\Chocolatey\chocolateyInstall\chocolatey.cmd list -lo'
Error: Could not prefetch package provider 'chocolatey': undefined method 
`each' for nil:NilClass
C:/Tools/Puppet/puppet/lib/puppet/provider/package.rb:4:in `prefetch'
C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:277:in `prefetch'
C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:167:in `prefetch_if_necessary'
C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:67:in `block in evaluate'
C:/Tools/Puppet/puppet/lib/puppet/graph/relationship_graph.rb:116:in `call'
C:/Tools/Puppet/puppet/lib/puppet/graph/relationship_graph.rb:116:in `traverse'
C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:108:in `evaluate'
C:/Tools/Puppet/puppet/lib/puppet/resource/catalog.rb:164:in `block in apply'
C:/Tools/Puppet/puppet/lib/puppet/util/log.rb:149:in `with_destination'
C:/Tools/Puppet/puppet/lib/puppet/transaction/report.rb:108:in 
`as_logging_destination'
C:/Tools/Puppet/puppet/lib/puppet/resource/catalog.rb:163:in `apply'
C:/Tools/Puppet/puppet/lib/puppet/configurer.rb:125:in `block in apply_catalog'
C:/Tools/Puppet/puppet/lib/puppet/util.rb:161:in `block in benchmark'
C:/Tools/Puppet/sys/ruby/lib/ruby/1.9.1/benchmark.rb:295:in `realtime'
C:/Tools/Puppet/puppet/lib/puppet/util.rb:160:in `benchmark'
C:/Tools/Puppet/puppet/lib/puppet/configurer.rb:124:in `apply_catalog'
C:/Tools/Puppet/puppet/lib/puppet/configurer.rb:192:in `run'
C:/Tools/Puppet/puppet/lib/puppet/agent.rb:44:in `block (4 levels) in run'
C:/Tools/Puppet/puppet/lib/puppet/agent/locker.rb:20:in `lock'
C:/Tools/Puppet/puppet/lib/puppet/agent.rb:44:in `block (3 levels) in run'
C:/Tools/Puppet/puppet/lib/puppet/agent.rb:114:in `with_client'
C:/Tools/Puppet/puppet/lib/puppet/agent.rb:41:in `block (2 levels) in run'
C:/Tools/Puppet/puppet/lib/puppet/agent.rb:79:in `run_in_fork'
C:/Tools/Puppet/puppet/lib/puppet/agent.rb:40:in `block in run'
C:/Tools/Puppet/puppet/lib/puppet/application.rb:179:in `call'
C:/Tools/Puppet/puppet/lib/puppet/application.rb:179:in `controlled_run'
C:/Tools/Puppet/puppet/lib/puppet/agent.rb:38:in `run'
C:/Tools/Puppet/puppet/lib/puppet/application/agent.rb:355:in `onetime'
C:/Tools/Puppet/puppet/lib/puppet/application/agent.rb:321:in `run_command'
C:/Tools/Puppet/puppet/lib/puppet/application.rb:364:in `block (2 levels) in 
run'
C:/Tools/Puppet/puppet/lib/puppet/application.rb:470:in `plugin_hook'
C:/Tools/Puppet/puppet/lib/puppet/application.rb:364:in `block in run'
C:/Tools/Puppet/puppet/lib/puppet/util.rb:478:in `exit_on_fail'
C:/Tools/Puppet/puppet/lib/puppet/application.rb:364:in `run'
C:/Tools/Puppet/puppet/lib/puppet/util/command_line.rb:137:in `run'
C:/Tools/Puppet/puppet/lib/puppet/util/command_line.rb:91:in `execute'
C:/Tools/Puppet/puppet/bin/puppet:4:in `'
Debug: Executing 'C:\Tools\Chocolatey\chocolateyInstall\chocolatey.cmd list -lo'
Error: /Stage[main]/Install_carbon/Package[carbon]: Could not evaluate: 
undefined method `each' for nil:NilClass
C:/ProgramData/PuppetLabs/puppet/var/lib/puppet/provider/package/chocolatey.rb:66:in
 `query'
C:/Tools/Puppet/puppet/lib/puppet/provider/package.rb:19:in `properties'
C:/Tools/Puppet/puppet/lib/puppet/type/package.rb:178:in `retrieve'
C:/Tools/Puppet/puppet/lib/puppet/type.rb:1035:in `retrieve'
C:/Tools/Puppet/puppet/li

Re: [Puppet Users] Chocolatey pre-fetch fails with Puppet - Could not prefetch package provider 'chocolatey': undefined method `each' for nil:NilClass

2014-06-17 Thread Jim Ficarra 
Hey Rob,

Thanks for the response!

Yes – chocolatey version 0.9.8.23 is installed on both servers (found via
choco version).  They both respond to choco /?.  This is a customized
version that has had the install path modified and the default repository
restricted to an internal Nuget repository.

I can also install chocolatey packages manually on both servers –
specifically this package that is failing by typing “cinst carbon”.

I am running puppet as a windows service and ran the service with
debug/trace (sc start puppet –debug –trace) to pull the previous errors
from the event log, though they were a bit segregated across event entries.

It's also worth noting that there are 4 resource types ahead of the one
that's failing.  The 4 resourcs types (two files and two execs) are applied
successfully.  I ran the puppet agent –td –verbose –trace and received a
lot of output, but essentially the same errors that don't appear to have
any new information.   The successful output shows that the 4 previous
resource types ran.

Included below is the start of when it begins to apply the package with the
chocolatey provider:

Notice:
/Stage[main]/Copy_externalfacts/Exec[BuildStatusFacterFile_SetPerms]/returns:
executed successfully
Debug:
/Stage[main]/Copy_externalfacts/Exec[BuildStatusFacterFile_SetPerms]: The
container Class[Copy_externalfacts] will propagate my refresh event
Debug: Class[Copy_externalfacts]: The container Stage[main] will propagate
my refresh event
Debug: Prefetching chocolatey resources for package
Debug: Executing 'C:\Tools\Chocolatey\chocolateyInstall\chocolatey.cmd list
-lo'
Error: Could not prefetch package provider 'chocolatey': undefined method
`each' for nil:NilClass
C:/Tools/Puppet/puppet/lib/puppet/provider/package.rb:4:in `prefetch'
C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:277:in `prefetch'
C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:167:in
`prefetch_if_necessary'
C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:67:in `block in evaluate'
C:/Tools/Puppet/puppet/lib/puppet/graph/relationship_graph.rb:116:in `call'
C:/Tools/Puppet/puppet/lib/puppet/graph/relationship_graph.rb:116:in
`traverse'
C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:108:in `evaluate'
C:/Tools/Puppet/puppet/lib/puppet/resource/catalog.rb:164:in `block in
apply'
C:/Tools/Puppet/puppet/lib/puppet/util/log.rb:149:in `with_destination'
C:/Tools/Puppet/puppet/lib/puppet/transaction/report.rb:108:in
`as_logging_destination'
C:/Tools/Puppet/puppet/lib/puppet/resource/catalog.rb:163:in `apply'
C:/Tools/Puppet/puppet/lib/puppet/configurer.rb:125:in `block in
apply_catalog'
C:/Tools/Puppet/puppet/lib/puppet/util.rb:161:in `block in benchmark'
C:/Tools/Puppet/sys/ruby/lib/ruby/1.9.1/benchmark.rb:295:in `realtime'
C:/Tools/Puppet/puppet/lib/puppet/util.rb:160:in `benchmark'
C:/Tools/Puppet/puppet/lib/puppet/configurer.rb:124:in `apply_catalog'
C:/Tools/Puppet/puppet/lib/puppet/configurer.rb:192:in `run'
C:/Tools/Puppet/puppet/lib/puppet/agent.rb:44:in `block (4 levels) in run'
C:/Tools/Puppet/puppet/lib/puppet/agent/locker.rb:20:in `lock'
C:/Tools/Puppet/puppet/lib/puppet/agent.rb:44:in `block (3 levels) in run'
C:/Tools/Puppet/puppet/lib/puppet/agent.rb:114:in `with_client'
C:/Tools/Puppet/puppet/lib/puppet/agent.rb:41:in `block (2 levels) in run'
C:/Tools/Puppet/puppet/lib/puppet/agent.rb:79:in `run_in_fork'
C:/Tools/Puppet/puppet/lib/puppet/agent.rb:40:in `block in run'
C:/Tools/Puppet/puppet/lib/puppet/application.rb:179:in `call'
C:/Tools/Puppet/puppet/lib/puppet/application.rb:179:in `controlled_run'
C:/Tools/Puppet/puppet/lib/puppet/agent.rb:38:in `run'
C:/Tools/Puppet/puppet/lib/puppet/application/agent.rb:355:in `onetime'
C:/Tools/Puppet/puppet/lib/puppet/application/agent.rb:321:in `run_command'
C:/Tools/Puppet/puppet/lib/puppet/application.rb:364:in `block (2 levels)
in run'
C:/Tools/Puppet/puppet/lib/puppet/application.rb:470:in `plugin_hook'
C:/Tools/Puppet/puppet/lib/puppet/application.rb:364:in `block in run'
C:/Tools/Puppet/puppet/lib/puppet/util.rb:478:in `exit_on_fail'
C:/Tools/Puppet/puppet/lib/puppet/application.rb:364:in `run'
C:/Tools/Puppet/puppet/lib/puppet/util/command_line.rb:137:in `run'
C:/Tools/Puppet/puppet/lib/puppet/util/command_line.rb:91:in `execute'
C:/Tools/Puppet/puppet/bin/puppet:4:in `'
Debug: Executing 'C:\Tools\Chocolatey\chocolateyInstall\chocolatey.cmd list
-lo'
Error: /Stage[main]/Install_carbon/Package[carbon]: Could not evaluate:
undefined method `each' for nil:NilClass
C:/ProgramData/PuppetLabs/puppet/var/lib/puppet/provider/package/chocolatey.rb:66:in
`query'
C:/Tools/Puppet/puppet/lib/puppet/provider/package.rb:19:in `properties'
C:/Tools/Puppet/puppet/lib/puppet/type/package.rb:178:in `retrieve'
C:/Tools/Puppet/puppet/lib/puppet/type.rb:1035:in `retrieve'
C:/Tools/Puppet/puppet/lib/puppet/type.rb:1063:in `retrieve_resource'
C:/Tools/Puppet/puppet/lib/puppet/transaction/resource_harness.rb:223:in
`from_resource'
C:/Tools/Puppet/puppet/lib/puppet/transaction/resource

Re: [Puppet Users] No rubygem-deep-merge RPM in EL7 Yum repo

2014-06-17 Thread Marc Villacorta 
Hi Melissa,

Somehow I screwed my Jira account :(
I'll file a ticket as soon as I regain control of it.
I don't get the reset password link so I contacted the admins.

Shame on me ;)
Marc


On Tue, Jun 17, 2014 at 12:43 AM, Melissa Stone 
wrote:

> Hey Marc,
>
> Thanks for reporting this! Could you file a ticket at
> https://tickets.puppetlabs.com/browse/CPR with that information? That way
> we can be sure to get that package up.
>
> Thanks!
>
>
> On Sun, Jun 15, 2014 at 11:50 AM, Marc  wrote:
>
>> Hi,
>>
>> Puppetizing my first Centos7 I realized there is no rubygem-deep-merge
>> RPM in:
>> http://yum.puppetlabs.com/el/7/dependencies/x86_64/
>>
>> Is this intended?
>>
>> Cheers,
>> Marc
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to puppet-users+unsubscr...@googlegroups.com.
>>
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/puppet-users/58643257-4526-4b60-87b3-1586ee09a7a5%40googlegroups.com
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>
>
> --
> Melissa Stone
> Release Engineer, Puppet Labs
>
> *Join us at PuppetConf 2014 , September
> 20-24 in San Francisco*
> *Register by June 5th to take advantage of the Early Adopter discount
>  **—**save $349!*
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAGHhR3cN%3DXHeZm0grHnz4SfLEbbg%3D5_9w9FML1n3Q-dtB58qhQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] PuppetDB connection issue - Failed to connect!!

2014-06-17 Thread Sans 
hi Ken,

Right now I'm creating only one VM, co-locating PuppetMaster and PuppetDB 
to make it simple - destroying and rebuilding. But it always fails - during 
the provisioning/building and also even after if I login to the machine and 
run puppet apply. Telnet works fine:

root@puppet:~# telnet puppet.internal 8081
> Trying 127.0.1.1...
> Connected to puppet.internal.
> Escape character is '^]'.
> Connection closed by foreign host.
>

and iptables is not configured at all but here is the output:


root@puppet:~# ufw status
> Status: inactive
>
root@puppet:~# iptables -vnL
> Chain INPUT (policy ACCEPT 349 packets, 47388 bytes)
>  pkts bytes target prot opt in out source   
> destination
>
> Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
>  pkts bytes target prot opt in out source   
> destination
>
> Chain OUTPUT (policy ACCEPT 246 packets, 46964 bytes)
>  pkts bytes target prot opt in out source   
> destination
>

-San


On Tuesday, June 17, 2014 7:16:57 PM UTC+1, Ken Barber wrote:
>
> Oh ... and lets see the output of: 
>
> iptables -vnL 
>
> Perhaps there is a firewall here? Its worth double checking. 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/2bebdfb5-7a16-4238-863f-b112306198c9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Chocolatey pre-fetch fails with Puppet - Could not prefetch package provider 'chocolatey': undefined method `each' for nil:NilClass

2014-06-17 Thread Rob Reynolds 
Let's make sure everything is set up correctly. Do you have chocolatey (the
client tool) already installed on both of those servers? If so what
versions of chocolatey?

Do they both respond to output? (choco /?)

Moving up the chain to the provider, let's execute puppet agent -td
--verbose --trace
This should really get us to what might be causing the error.



On Tue, Jun 17, 2014 at 12:51 PM, Jim Ficarra  wrote:

> Chocolatey is installed as a shared module on the puppet master. Below is
> the specific part of the puppet code that uses the chocolatey provider to
> install a custom package.
>
>
> class install_carbon {
>  package {'carbon':
>  ensure => '1.7',
>  provider => 'chocolatey',
>  }
> }
>
>
> This class is part of a larger set of modules and classes that work
> together and execute completely and successfully on another host but fails
> on a second host with the error below.  Same puppet client version (3.4.2
> installed from an internal NuGet repo).  Chocolatey is also customized to
> point to an internal repo.
>
> Any help/thoughts/insight would be appreciated.
>
> Thanks!
>
> Could not prefetch package provider 'chocolatey': undefined method `each'
> for nil:NilClass
> C:/Tools/Puppet/puppet/lib/puppet/provider/package.rb:4:in `prefetch'
> C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:277:in `prefetch'
> C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:167:in
> `prefetch_if_necessary'
> C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:67:in `block in evaluate'
> C:/Tools/Puppet/puppet/lib/puppet/graph/relationship_graph.rb:116:in `call'
> C:/Tools/Puppet/puppet/lib/puppet/graph/relationship_graph.rb:116:in
> `traverse'
> C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:108:in `evaluate'
> C:/Tools/Puppet/puppet/lib/puppet/resource/catalog.rb:164:in `block in
> apply'
> C:/Tools/Puppet/puppet/lib/puppet/util/log.rb:149:in `with_destination'
> C:/Tools/Puppet/puppet/lib/puppet/transaction/report.rb:108:in
> `as_logging_destination'
> C:/Tools/Puppet/puppet/lib/puppet/resource/catalog.rb:163:in `apply'
> C:/Tools/Puppet/puppet/lib/puppet/configurer.rb:125:in `block in
> apply_catalog'
> C:/Tools/Puppet/puppet/lib/puppet/util.rb:161:in `block in benchmark'
> C:/Tools/Puppet/sys/ruby/lib/ruby/1.9.1/benchmark.rb:295:in `realtime'
> C:/Tools/Puppet/puppet/lib/puppet/util.rb:160:in `benchmark'
> C:/Tools/Puppet/puppet/lib/puppet/configurer.rb:124:in `apply_catalog'
> C:/Tools/Puppet/puppet/lib/puppet/configurer.rb:192:in `run'
> C:/Tools/Puppet/puppet/lib/puppet/agent.rb:44:in `block (4 levels) in run'
> C:/Tools/Puppet/puppet/lib/puppet/agent/locker.rb:20:in `lock'
> C:/Tools/Puppet/puppet/lib/puppet/agent.rb:44:in `block (3 levels) in run'
> C:/Tools/Puppet/puppet/lib/puppet/agent.rb:114:in `with_client'
> C:/Tools/Puppet/puppet/lib/puppet/agent.rb:41:in `block (2 levels) in run'
> C:/Tools/Puppet/puppet/lib/puppet/agent.rb:79:in `run_in_fork'
> C:/Tools/Puppet/puppet/lib/puppet/agent.rb:40:in `block in run'
> C:/Tools/Puppet/puppet/lib/puppet/application.rb:179:in `call'
> C:/Tools/Puppet/puppet/lib/puppet/application.rb:179:in `controlled_run'
> C:/Tools/Puppet/puppet/lib/puppet/agent.rb:38:in `run'
> C:/Tools/Puppet/puppet/lib/puppet/application/agent.rb:355:in `onetime'
> C:/Tools/Puppet/puppet/lib/puppet/application/agent.rb:321:in `run_command'
> C:/Tools/Puppet/puppet/lib/puppet/application.rb:364:in `block (2 levels)
> in run'
> C:/Tools/Puppet/puppet/lib/puppet/application.rb:470:in `plugin_hook'
> C:/Tools/Puppet/puppet/lib/puppet/application.rb:364:in `block in run'
> C:/Tools/Puppet/puppet/lib/puppet/util.rb:478:in `exit_on_fail'
> C:/Tools/Puppet/puppet/lib/puppet/application.rb:364:in `run'
> C:/Tools/Puppet/puppet/lib/puppet/util/command_line.rb:137:in `run'
> C:/Tools/Puppet/puppet/lib/puppet/util/command_line.rb:91:in `execute'
> C:/Tools/Puppet/puppet/bin/puppet:4:in `'
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/ed1ffcb8-f3da-4079-ae8b-d115a08f9d5a%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>



-- 
Rob Reynolds
Developer, Puppet Labs

*Join us at PuppetConf 2014 , September
20-24 in San Francisco*
*Register by July 31st to take advantage of the Early Bird discount
 **--**save $249!*

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussio

Re: [Puppet Users] Re: Moving from manifest files to ENC script - not working...

2014-06-17 Thread jcbollinger 


On Tuesday, June 17, 2014 8:19:59 AM UTC-5, shlo@gmail.com wrote:
>
>
> I read the documentation.
> I send yesterday example of my perl ENC code  and the output.  I'm sending 
> them again:
>
> #!/usr/bin/perl -w
>> use strict;
>> use YAML qw(Dump);
>> 
>> my $hostname = shift || die "No hostname passed";
>> 
>> system("echo $hostname >> /tmp/llkkll");
>> 
>> my ($host, $domain, $net) = ($1, $2, $3);
>> 
>> my @classes = ();
>> my %parameters = (
>> puppetserver => "puppetsrv"
>> );
>> @classes = ('class1', 'class2::basic', "class3");
>> $parameters{var} = "kk1";
>> 
>> 
>> print Dump({
>> classes => \@classes,
>> parameters => \%parameters,
>> }); 
>
>
> that as output give me:
>
> ---
>> classes:
>>   - class1
>>   - class2::basic
>>   - class3
>> parameters:
>>   puppetserver: puppetsrv
>>   var: kk1
>
>  
>
> The definition of the classes are in manifests under the module directory.
>
> My problem: 
> when I run the puppet command on the agent, it look like it *ignore* the 
> classes I define in ENC script
> and only if I have the node definition in node.pp it try to so something.
>
> Maybe I'm missing very basic issue. I'm sorry.
>


Probably.  Hooking up an ENC is not very hard.

If the ENC is not running when a catalog request comes in then most likely 
the ENC it is not properly configured.  Supposing that you are running in 
agent / master mode, the ENC needs to be set up on the master.  There, the 
'node_terminus' configuration parameter must be set to "exec" and the 
'external_nodes' configuration parameter must be set to the absolute 
pathname of the ENC script.

Furthermore, the script must be accessible and executable by the master, 
which typically does not run as a privileged user.  Not only the script, 
but also all directories in the path to it must be readable and 
executable/traversable by the master.  File permissions and other access 
controls may come into play here.

Also, once it is properly configured, you need to restart the master in 
order for the new configuration to be noticed.

It is highly unlikely that the master is running the ENC successfully, the 
output is what you say, and yet it is ignored.

 

> Is there any way to debug it? 
>
>

I would start by looking at the master's log.  If you're not already 
running the master with --debug output turned on, then I would do that, 
too, to make the log more informative.  Likewise, look at the agent's log.  
In particular, make sure the agent successfully retrieved a fresh catalog 
from the master -- it will complain if it cannot do so, but it may then 
proceed to use a cached catalog.


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/760300a8-e0c5-4043-8fb2-bfcd1871af11%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] PuppetDB connection issue - Failed to connect!!

2014-06-17 Thread Ken Barber 
Oh ... and lets see the output of:

iptables -vnL

Perhaps there is a firewall here? Its worth double checking.

On Tue, Jun 17, 2014 at 11:06 AM, Ken Barber  wrote:
> At first glance this all seems correct. Hrm.
>
> Can you do the telnet test?
>
> telnet puppet.internal 8081
>
> Also, are you destroying and rebuilding these VM's each time and then
> its failing? Or are you doing all of this _after_ the vm's are
> launched. Its quite possible there is a race condition/ordering issue
> in how the provisioning is occuring end-to-end.
>
> ken.
>
> On Tue, Jun 17, 2014 at 10:44 AM, Sans  wrote:
>> Hi Ken,
>>
>> Thanks for the heads up!
>> First of all, it's a VBox VM, provisioned by Vigrant. PuppetMaster and
>> PuppetDB are on the same machine.
>> I did go through those basic checks before posting, which appeared fine:
>>
>>
>>> root@puppet:~# telnet puppet.internal 8081
>>> Trying 127.0.1.1...
>>> Connected to puppet.internal.
>>> Escape character is '^]'.
>>
>>
>>> root@puppet:~# netstat -ntpl | grep 80
>>> tcp0  0 0.0.0.0:80  0.0.0.0:*LISTEN
>>> 14345/apache2
>>> tcp6   0  0 :::8080 :::* LISTEN
>>> 16301/java
>>> tcp6   0  0 127.0.1.1:8081  :::* LISTEN
>>> 16301/java
>>
>>
>> This is my jetty.ini:
>>
>>> root@puppet:~# awk '!/^($|#)/ {print}' /etc/puppetdb/conf.d/jetty.ini
>>> [jetty]
>>> host = 0.0.0.0
>>> port = 8080
>>> ssl-host = puppet.internal
>>> ssl-port = 8081
>>> ssl-key = /etc/puppetdb/ssl/private.pem
>>> ssl-cert = /etc/puppetdb/ssl/public.pem
>>> ssl-ca-cert = /etc/puppetdb/ssl/ca.pem
>>
>>
>> Java is also running:
>>
>>> root@puppet:~# ps auxww | grep java
>>> puppetdb 16301  1.0 26.8 1558932 135336 ?  Sl   13:47   2:26
>>> /usr/lib/jvm/java-7-openjdk-amd64/bin/java -XX:OnOutOfMemoryError=kill -9 %p
>>> -Xmx192m -XX:+HeapDumpOnOutOfMemoryError
>>> -XX:HeapDumpPath=/var/log/puppetdb/puppetdb-oom.hprof
>>> -Djava.security.egd=file:/dev/urandom -cp /usr/share/puppetdb/puppetdb.jar
>>> clojure.main -m com.puppetlabs.puppetdb.core services -c
>>> /etc/puppetdb/conf.d
>>
>>
>>
>> ping  can resolve:
>>
>>> root@puppet:~# ping -c2 puppet.internal
>>> PING puppet.internal (127.0.1.1) 56(84) bytes of data.
>>> 64 bytes from puppet.internal (127.0.1.1): icmp_req=1 ttl=64 time=0.023 ms
>>> 64 bytes from puppet.internal (127.0.1.1): icmp_req=2 ttl=64 time=0.032 ms
>>>
>>> --- puppet.internal ping statistics ---
>>> 2 packets transmitted, 2 received, 0% packet loss, time 999ms
>>> rtt min/avg/max/mdev = 0.023/0.027/0.032/0.006 ms
>>
>>
>>
>> but nslookup cannot:
>>
>>> root@puppet:~# nslookup puppet.internal
>>> Server:10.0.2.3
>>> Address:10.0.2.3#53
>>>
>>> ** server can't find puppet.internal: NXDOMAIN
>>
>> (nslookup is fine though with localhost)
>>
>> This is what my /etc/hosts looks like:
>>
>>> 127.0.0.1localhost
>>> 127.0.1.1puppet.internalpuppet
>>
>>
>>
>> It's Ubuntu 12.04 server and I heard that name resolving works differently
>> in this version. I'm lost here. Best!!
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to puppet-users+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/puppet-users/f1f592e5-c15f-407b-bf09-48ee28eb9ab7%40googlegroups.com.
>>
>> For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAE4bNTn4NfvtzLB8cdDUPCCuY0%2Bv-N3YNy-2SKQpCw-fsdyfvQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] PuppetDB connection issue - Failed to connect!!

2014-06-17 Thread Ken Barber 
At first glance this all seems correct. Hrm.

Can you do the telnet test?

telnet puppet.internal 8081

Also, are you destroying and rebuilding these VM's each time and then
its failing? Or are you doing all of this _after_ the vm's are
launched. Its quite possible there is a race condition/ordering issue
in how the provisioning is occuring end-to-end.

ken.

On Tue, Jun 17, 2014 at 10:44 AM, Sans  wrote:
> Hi Ken,
>
> Thanks for the heads up!
> First of all, it's a VBox VM, provisioned by Vigrant. PuppetMaster and
> PuppetDB are on the same machine.
> I did go through those basic checks before posting, which appeared fine:
>
>
>> root@puppet:~# telnet puppet.internal 8081
>> Trying 127.0.1.1...
>> Connected to puppet.internal.
>> Escape character is '^]'.
>
>
>> root@puppet:~# netstat -ntpl | grep 80
>> tcp0  0 0.0.0.0:80  0.0.0.0:*LISTEN
>> 14345/apache2
>> tcp6   0  0 :::8080 :::* LISTEN
>> 16301/java
>> tcp6   0  0 127.0.1.1:8081  :::* LISTEN
>> 16301/java
>
>
> This is my jetty.ini:
>
>> root@puppet:~# awk '!/^($|#)/ {print}' /etc/puppetdb/conf.d/jetty.ini
>> [jetty]
>> host = 0.0.0.0
>> port = 8080
>> ssl-host = puppet.internal
>> ssl-port = 8081
>> ssl-key = /etc/puppetdb/ssl/private.pem
>> ssl-cert = /etc/puppetdb/ssl/public.pem
>> ssl-ca-cert = /etc/puppetdb/ssl/ca.pem
>
>
> Java is also running:
>
>> root@puppet:~# ps auxww | grep java
>> puppetdb 16301  1.0 26.8 1558932 135336 ?  Sl   13:47   2:26
>> /usr/lib/jvm/java-7-openjdk-amd64/bin/java -XX:OnOutOfMemoryError=kill -9 %p
>> -Xmx192m -XX:+HeapDumpOnOutOfMemoryError
>> -XX:HeapDumpPath=/var/log/puppetdb/puppetdb-oom.hprof
>> -Djava.security.egd=file:/dev/urandom -cp /usr/share/puppetdb/puppetdb.jar
>> clojure.main -m com.puppetlabs.puppetdb.core services -c
>> /etc/puppetdb/conf.d
>
>
>
> ping  can resolve:
>
>> root@puppet:~# ping -c2 puppet.internal
>> PING puppet.internal (127.0.1.1) 56(84) bytes of data.
>> 64 bytes from puppet.internal (127.0.1.1): icmp_req=1 ttl=64 time=0.023 ms
>> 64 bytes from puppet.internal (127.0.1.1): icmp_req=2 ttl=64 time=0.032 ms
>>
>> --- puppet.internal ping statistics ---
>> 2 packets transmitted, 2 received, 0% packet loss, time 999ms
>> rtt min/avg/max/mdev = 0.023/0.027/0.032/0.006 ms
>
>
>
> but nslookup cannot:
>
>> root@puppet:~# nslookup puppet.internal
>> Server:10.0.2.3
>> Address:10.0.2.3#53
>>
>> ** server can't find puppet.internal: NXDOMAIN
>
> (nslookup is fine though with localhost)
>
> This is what my /etc/hosts looks like:
>
>> 127.0.0.1localhost
>> 127.0.1.1puppet.internalpuppet
>
>
>
> It's Ubuntu 12.04 server and I heard that name resolving works differently
> in this version. I'm lost here. Best!!
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/f1f592e5-c15f-407b-bf09-48ee28eb9ab7%40googlegroups.com.
>
> For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAE4bNT%3DK4WW1%2BtPv0X5Y8Kan9YhwAUa3HHgkSTtFhKoRoxY_kQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Chocolatey pre-fetch fails with Puppet - Could not prefetch package provider 'chocolatey': undefined method `each' for nil:NilClass

2014-06-17 Thread Jim Ficarra 
Chocolatey is installed as a shared module on the puppet master. Below is 
the specific part of the puppet code that uses the chocolatey provider to 
install a custom package.  


class install_carbon {
 package {'carbon':
 ensure => '1.7',
 provider => 'chocolatey',
 }
}


This class is part of a larger set of modules and classes that work 
together and execute completely and successfully on another host but fails 
on a second host with the error below.  Same puppet client version (3.4.2 
installed from an internal NuGet repo).  Chocolatey is also customized to 
point to an internal repo.

Any help/thoughts/insight would be appreciated.

Thanks!

Could not prefetch package provider 'chocolatey': undefined method `each' 
for nil:NilClass
C:/Tools/Puppet/puppet/lib/puppet/provider/package.rb:4:in `prefetch'
C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:277:in `prefetch'
C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:167:in 
`prefetch_if_necessary'
C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:67:in `block in evaluate'
C:/Tools/Puppet/puppet/lib/puppet/graph/relationship_graph.rb:116:in `call'
C:/Tools/Puppet/puppet/lib/puppet/graph/relationship_graph.rb:116:in 
`traverse'
C:/Tools/Puppet/puppet/lib/puppet/transaction.rb:108:in `evaluate'
C:/Tools/Puppet/puppet/lib/puppet/resource/catalog.rb:164:in `block in 
apply'
C:/Tools/Puppet/puppet/lib/puppet/util/log.rb:149:in `with_destination'
C:/Tools/Puppet/puppet/lib/puppet/transaction/report.rb:108:in 
`as_logging_destination'
C:/Tools/Puppet/puppet/lib/puppet/resource/catalog.rb:163:in `apply'
C:/Tools/Puppet/puppet/lib/puppet/configurer.rb:125:in `block in 
apply_catalog'
C:/Tools/Puppet/puppet/lib/puppet/util.rb:161:in `block in benchmark'
C:/Tools/Puppet/sys/ruby/lib/ruby/1.9.1/benchmark.rb:295:in `realtime'
C:/Tools/Puppet/puppet/lib/puppet/util.rb:160:in `benchmark'
C:/Tools/Puppet/puppet/lib/puppet/configurer.rb:124:in `apply_catalog'
C:/Tools/Puppet/puppet/lib/puppet/configurer.rb:192:in `run'
C:/Tools/Puppet/puppet/lib/puppet/agent.rb:44:in `block (4 levels) in run'
C:/Tools/Puppet/puppet/lib/puppet/agent/locker.rb:20:in `lock'
C:/Tools/Puppet/puppet/lib/puppet/agent.rb:44:in `block (3 levels) in run'
C:/Tools/Puppet/puppet/lib/puppet/agent.rb:114:in `with_client'
C:/Tools/Puppet/puppet/lib/puppet/agent.rb:41:in `block (2 levels) in run'
C:/Tools/Puppet/puppet/lib/puppet/agent.rb:79:in `run_in_fork'
C:/Tools/Puppet/puppet/lib/puppet/agent.rb:40:in `block in run'
C:/Tools/Puppet/puppet/lib/puppet/application.rb:179:in `call'
C:/Tools/Puppet/puppet/lib/puppet/application.rb:179:in `controlled_run'
C:/Tools/Puppet/puppet/lib/puppet/agent.rb:38:in `run'
C:/Tools/Puppet/puppet/lib/puppet/application/agent.rb:355:in `onetime'
C:/Tools/Puppet/puppet/lib/puppet/application/agent.rb:321:in `run_command'
C:/Tools/Puppet/puppet/lib/puppet/application.rb:364:in `block (2 levels) 
in run'
C:/Tools/Puppet/puppet/lib/puppet/application.rb:470:in `plugin_hook'
C:/Tools/Puppet/puppet/lib/puppet/application.rb:364:in `block in run'
C:/Tools/Puppet/puppet/lib/puppet/util.rb:478:in `exit_on_fail'
C:/Tools/Puppet/puppet/lib/puppet/application.rb:364:in `run'
C:/Tools/Puppet/puppet/lib/puppet/util/command_line.rb:137:in `run'
C:/Tools/Puppet/puppet/lib/puppet/util/command_line.rb:91:in `execute'
C:/Tools/Puppet/puppet/bin/puppet:4:in `'

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/ed1ffcb8-f3da-4079-ae8b-d115a08f9d5a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] PuppetDB connection issue - Failed to connect!!

2014-06-17 Thread Sans 
Hi Ken,

Thanks for the heads up!
First of all, it's a VBox VM, provisioned by Vigrant. PuppetMaster and 
PuppetDB are on the same machine.
I did go through those basic checks before posting, which appeared fine:


root@puppet:~# telnet puppet.internal 8081
> Trying 127.0.1.1...
> Connected to puppet.internal.
> Escape character is '^]'.
>

root@puppet:~# netstat -ntpl | grep 80
> tcp0  0 0.0.0.0:80  0.0.0.0:*LISTEN  
> 14345/apache2
> tcp6   0  0 :::8080 :::* LISTEN  
> 16301/java
> tcp6   0  0 127.0.1.1:8081  :::* LISTEN  
> 16301/java
>

This is my jetty.ini:

root@puppet:~# awk '!/^($|#)/ {print}' /etc/puppetdb/conf.d/jetty.ini
> [jetty]
> host = 0.0.0.0
> port = 8080
> ssl-host = puppet.internal
> ssl-port = 8081
> ssl-key = /etc/puppetdb/ssl/private.pem
> ssl-cert = /etc/puppetdb/ssl/public.pem
> ssl-ca-cert = /etc/puppetdb/ssl/ca.pem
>

Java is also running:

root@puppet:~# ps auxww | grep java
> puppetdb 16301  1.0 26.8 1558932 135336 ?  Sl   13:47   2:26 
> /usr/lib/jvm/java-7-openjdk-amd64/bin/java -XX:OnOutOfMemoryError=kill -9 
> %p -Xmx192m -XX:+HeapDumpOnOutOfMemoryError 
> -XX:HeapDumpPath=/var/log/puppetdb/puppetdb-oom.hprof 
> -Djava.security.egd=file:/dev/urandom -cp /usr/share/puppetdb/puppetdb.jar 
> clojure.main -m com.puppetlabs.puppetdb.core services -c 
> /etc/puppetdb/conf.d
>


ping  can resolve:

root@puppet:~# ping -c2 puppet.internal
> PING puppet.internal (127.0.1.1) 56(84) bytes of data.
> 64 bytes from puppet.internal (127.0.1.1): icmp_req=1 ttl=64 time=0.023 ms
> 64 bytes from puppet.internal (127.0.1.1): icmp_req=2 ttl=64 time=0.032 ms
>
> --- puppet.internal ping statistics ---
> 2 packets transmitted, 2 received, 0% packet loss, time 999ms
> rtt min/avg/max/mdev = 0.023/0.027/0.032/0.006 ms
>


but nslookup cannot:

root@puppet:~# nslookup puppet.internal
> Server:10.0.2.3
> Address:10.0.2.3#53
>
> ** server can't find puppet.internal: NXDOMAIN 
>
(nslookup is fine though with localhost)

This is what my /etc/hosts looks like:

127.0.0.1localhost
> 127.0.1.1puppet.internalpuppet
>


It's Ubuntu 12.04 server and I heard that name resolving works differently 
in this version. I'm lost here. Best!!

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/f1f592e5-c15f-407b-bf09-48ee28eb9ab7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Open puppet port(s) to the internet

2014-06-17 Thread jmp242 
I probably don't really understand much about how puppet connects to the 
clients, but is there a big security risk about opening it up to the 
internet so laptops can get their configuration... If it's "safe enough" 
for any value of safe, what ports does it use?

Thanks,

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/f85a67b5-96f2-4ffe-a655-5df3ea018ec0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: [Puppet-dev] Re: Announce: Puppet 3.6.2 [ Security and Bug fix Release ]

2014-06-17 Thread Joshua Partlow 
(I clipped puppet-announce from this thread)

Hi Byron, Stefan,

Which deprecation warning are you continuing to see?  There is an open
issue with the disable_warnings, which is that static environment blocks in
puppet.conf will continue to warn:
https://tickets.puppetlabs.com/browse/PUP-2739

Is that the issue you are seeing?

thanks,
Josh


On Tue, Jun 17, 2014 at 2:28 AM, Stefan Heijmans  wrote:

> Aha, experienced the same thing last week, didn't have time to look into
> it yet...
>
> On Monday, June 16, 2014 3:30:31 PM UTC+2, Byron Miller wrote:
>
>> Running puppet 3.6.2 and disable_warnings = deprecations appears to make
>> no difference to prohibiting the alert about environments.
>>
>  --
> You received this message because you are subscribed to the Google Groups
> "Puppet Developers" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-dev+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-dev/163f893b-3f66-497b-8618-a0213583e74e%40googlegroups.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>



-- 
Josh Partlow
jpart...@puppetlabs.com
Developer, Puppet Labs

Join us at PuppetConf 2014, September 20-24 in San Francisco
Register by July 31st to take advantage of the Early Bird discount —save
$249!

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CADxAQ5q3UN1Ry8jbxPGymy5tskMeOuM4AK-t6imaZKe56YwdpA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Is PuppetDB environment aware?

2014-06-17 Thread Ken Barber 
The support for environments in PDB is for storing the environment
where a catalog/factset/report came from ... and you can certainly
query on it, but currently with ordinary resource collection you
cannot constrain on environment. There is an open ticket in the Puppet
queue to do this in the future:
https://tickets.puppetlabs.com/browse/PUP-2217

For now though one can use something like puppetdbquery, and certainly
filter on environment.

As far as PE inclusion, inclusion of PDB 2.x is slated for PE 3.4 at
this point in time. I'm not sure when the dates for that release will
be confirmed.

ken.

On Tue, Jun 17, 2014 at 8:12 AM, Vadym Chepkov  wrote:
>
> On Jun 17, 2014, at 8:40 AM, Yanis Guenane  wrote:
>
> The latest version of PuppetDB (ie. 2.0.0) does support environments.
>
> The first line of the release note is 'PuppetDB 2.0.0 is a feature release
> focusing on environments support'.
>
> Here the full link:
> http://docs.puppetlabs.com/puppetdb/2.0/release_notes.html
>
>
> I guess this means that Puppet Enterprise product currently doesn’t support
> environments since it includes PuppetDB 1.5.2
> No work arounds?  Are there any plans to include PuppetDB 2.0.0  in PE any
> time soon?
>
> Thanks,
> Vadym
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAE4bNTm6c%3DO%3D1rPvcW8W2YPy2%3DTma_5eW5xoq8_6iQ7%2B7yrTJw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] PuppetDB connection issue - Failed to connect!!

2014-06-17 Thread Ken Barber 
> Just started using PuppetDB (using the Puppetlabs' module) and getting
> issues with connection. First it was giving me server Not Found:
>
>> Error: Unable to connect to puppetdb server (puppet.internal:8081): [404]
>> Not Found
>> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
>> 
>> 
>> Error: Unable to connect to puppetdb server (puppet.internal:8081): [404]
>> Not Found
>> Notice: Failed to connect to puppetdb within timeout window of 15 seconds;
>> giving up.
>> Error: Unable to connect to puppetdb server! (puppet.internal:8081)
>> Error:
>> /Stage[main]/Puppetdb::Master::Config/Puppetdb_conn_validator[puppetdb_conn]/ensure:
>> change from absent to present failed: Unable to connect to puppetdb server!
>> (puppet.internal:8081)

This has retried to connect a few times then given up because of ...

> since then, I'm still getting eventually the same error but with different
> Notice:
>
>> Warning: Puppet::Util::SUIDManager.run_and_capture is deprecated; please
>> use Puppet::Util::Execution.execute instead.
>>(at
>> /vagrant/VagrantConf/modules/postgresql/lib/puppet/provider/postgresql_psql/ruby.rb:57:in
>> `run_sql_command')
>> Notice:
>> /Stage[main]/Puppetdb::Server::Jetty_ini/Ini_setting[puppetdb_sslhost]/value:
>> value changed '0.0.0.0' to 'puppet.internal'
>> Info: Class[Puppetdb::Server::Jetty_ini]: Scheduling refresh of
>> Service[puppetdb]
>> Notice: /Stage[main]/Puppetdb::Server/Service[puppetdb]: Triggered
>> 'refresh' from 1 events
>> Notice: Unable to connect to puppetdb server (puppet.internal:8081):
>> #
>> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
>> 
>> 
>> Notice: Unable to connect to puppetdb server (puppet.internal:8081):
>> #
>> Notice: Failed to connect to puppetdb within timeout window of 15 seconds;
>> giving up.
>> Error: Unable to connect to puppetdb server! (puppet.internal:8081)
>> Error:
>> /Stage[main]/Puppetdb::Master::Config/Puppetdb_conn_validator[puppetdb_conn]/ensure:
>> change from absent to present failed: Unable to connect to puppetdb server!
>> (puppet.internal:8081)
>
>
> Can anyone explain to me what actually going on/wrong please? Why it was
> "Not Found" before and now "Unable to connect"? Any help/pointer would be
> much appreciated. Best!

... connection refused. This is the key error. Its a common TCP error,
and is something all administrators should know, because it doesn't
just affect PuppetDB.

What it means is that the hostname and port the client is trying to
connect to, in this case puppet.internal and 8081 respectively, is
either not the correct host or port, PuppetDB is not listening
correctly to this host or port because it is down or misconfigured or
some firewall is rejecting the connection (less likely, but worth
noting).

So what you need to check:

* From your puppet master try telnetting into the port and show your
results. "telnet puppet.internal 8081"
* Check that the PuppetDB instance is really listening on port 8081
and on a public interface on that host, you can usually check this
with netstat -anp | grep 8081 on the PDB host. Provide the results in
the thread if you can.
* Check the settings in your /etc/puppetdb/conf.d/jetty.ini, and
ensure that ssl-host is set to something like 0.0.0.0 to listen on all
interfaces. You can always refine this once you have it working, but
this is the recommend base setting. If you change it, restart
PuppetDB.
* Check that the PuppetDB java process is running also. "ps auxww |
grep java" is a good start, provide the results if you like in thread.
* Ensure that the hostname 'puppet.internal' resolves to what you
think it does. A large amount of these errors are due to assumptions
about what hostnames resolve to ... it must resolve to the IP that
PuppetDB is listening on. Check /etc/hosts on your puppet master ...

Let me know how you go.

ken.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAE4bNTkPLDBb7fNAhQBWvpFsn8%3Db6Z6gi2zKhyGddpZc18pJmQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Puppet new deployment questions - deployment patterns, sensitivity to network errors, and certificate headaches.

2014-06-17 Thread Ramin K 
google-groups appeared to have eaten the first version from yesterday. 
Pardons if this is sent twice.


1. I don't think about it as manifests increasing in size, but whether I 
can completely recreate a server at anytime accurately. Or more 
importantly can I provision 12 more of any server asap. It's been my 
experience that active/passive sites usually drift into active/not 
updated sites. I believe the same would apply to a Puppet install that 
had one methodology for install and another for updates.


That said we do have servers that are usually short lived enough that we 
run Puppet on install and then run specifically targeted updates when 
needed using Puppet's --tags feature.


http://docs.puppetlabs.com/puppet/latest/reference/lang_tags.html#the-tag-metaparameter

2. I run Puppet masters in one US site and have agent machines is five 
others including three sites outside of the US. We average roughly one 
network related problem a month on the 50-100 nodes that aren't in the 
main site. Without more information, logs, etc it would appear that your 
the network's stability is the problem.


The symptoms you describe might be the result of an overloaded 
master. If that sounds possible, I'd look at the number of Puppet master 
processes you've configured in Apache/Passenger (or similar) and the 
concurrent requests to the master during the day. Agents when left to 
their own devices like to clump up over time. Additionally if you're 
still using the puppetmasterd startup script your master won't be able 
to handle more then one concurrent request.


3. I've been running Puppet for over four years and have never had the 
sort of cert problems you've described. IIRC the cert expire time is 
five years so that seems unlikely as well.


My best guess is time drift though I would expect transactions to 
remain broken till NTP was updated.


Ramin


On 6/16/2014 12:33 PM, Stephen Morton wrote:

I've got some newbie puppet questions.
My team has a tremendous amount of linux/computer knowledge, but we're
new to Puppet.
We recently started using puppet to manage some 100 servers. Their
configs are all pretty similar with some small changes.


History

Prior to Puppet, we already had a management system that involved having
config files under revision control and the config file repo checked out
on every server and the repo config files symlinked into the appropriate
place in the filesystem. Updating the repo would update these files.This
was mostly just great, with the following limitations:

  * If the symlink got broken, it didn't work.
  * Some files require very specific ownership, or were required not to
be symlinks (e.g. /etc/sudoers. /etc/vsftpd/ files I think)
  * Updating a daemon's config file does not mean that the daemon is
restarted. e.g. updating /etc/httpd/conf/httpd.conf does not do a
"service httpd reload"
  * You can't add a new symlink.
  * All files must be in revision control to link to. Some
security-sensitive files we want to only be available to some
servers and something like puppet that can send files over the
network is a good solution to this.



Puppet to the rescue?

So we've tried a very conservative Puppet implementation. We've left our
existing infrastructure and we just add new rules in Puppet. So far, we
have a single site.pp file and only a dozen or so rules. But already
we're seeing problems.

 1. Puppet is good for configuring dynamic stuff that changes. But it
seems silly to have rules for stuff that will be configured just one
time and then will not change. If we set up some files, we don't
expect them to disappear. In fact if they do disappear we might not
want them silently fixed up we probably want to know what's going
on.  Doing everything in puppet results in ever-growing manifests. I
don't know of a way to specify different manifests, e.g. every 30
minutes I want Puppet to run and request the lean and mean regular
manifest and then once a week I want it to run the "make sure
everything is in the right place" manifest.
 2. Puppet seems very sensitive to network glitches. We run puppet from
a cron job and errors were so frequent that we just started sending
all output to /dev/null.
 3. Endless certificate issues. It's crazy. So sometimes hosts would get
"dropped"... for unknown reasons their certificates were no longer
accepted. Because we'd already stopped output (see previous bullet
point) we would not know this and the server would be quietly not
updated. And when you get a certificate problem, often simply
deleting the cert on the agent and master won't fix it. Sometimes a
restart of the master service (or more?) is required.
  * The solution to this to me is not "you should run puppet
dashboard, then you'd know". This shouldn't be failing in the
first place. If something is that flaky, I don't want to run it.

(We're running versio

Re: [Puppet Users] Package Resource, Versioning and Yum

2014-06-17 Thread Joseph Swick 
On 17/06/14 07:41, Jason Antman wrote:
> Joseph,
> 
> See https://tickets.puppetlabs.com/browse/PUP-682
> 
> I'm going to try and get the pull request rebased, but at best this will
> be in puppet4.
> 
> -Jason
> 

Thank you, I had come across that bug report as well later on.  I wasn't
sure originally if this was a known issue or not.  We'll see what
presents Puppet 4 brings us.

-- 
Joseph Swick 
Operations Engineer
Meltwater Group



signature.asc
Description: OpenPGP digital signature

Re: [Puppet Users] Puppet new deployment questions - deployment patterns, sensitivity to network errors, and certificate headaches.

2014-06-17 Thread Ramin K 

On 6/16/2014 12:33 PM, Stephen Morton wrote:

I've got some newbie puppet questions.
My team has a tremendous amount of linux/computer knowledge, but we're
new to Puppet.
We recently started using puppet to manage some 100 servers. Their
configs are all pretty similar with some small changes.


History

Prior to Puppet, we already had a management system that involved having
config files under revision control and the config file repo checked out
on every server and the repo config files symlinked into the appropriate
place in the filesystem. Updating the repo would update these files.This
was mostly just great, with the following limitations:

  * If the symlink got broken, it didn't work.
  * Some files require very specific ownership, or were required not to
be symlinks (e.g. /etc/sudoers. /etc/vsftpd/ files I think)
  * Updating a daemon's config file does not mean that the daemon is
restarted. e.g. updating /etc/httpd/conf/httpd.conf does not do a
"service httpd reload"
  * You can't add a new symlink.
  * All files must be in revision control to link to. Some
security-sensitive files we want to only be available to some
servers and something like puppet that can send files over the
network is a good solution to this.



Puppet to the rescue?

So we've tried a very conservative Puppet implementation. We've left our
existing infrastructure and we just add new rules in Puppet. So far, we
have a single site.pp file and only a dozen or so rules. But already
we're seeing problems.

 1. Puppet is good for configuring dynamic stuff that changes. But it
seems silly to have rules for stuff that will be configured just one
time and then will not change. If we set up some files, we don't
expect them to disappear. In fact if they do disappear we might not
want them silently fixed up we probably want to know what's going
on.  Doing everything in puppet results in ever-growing manifests. I
don't know of a way to specify different manifests, e.g. every 30
minutes I want Puppet to run and request the lean and mean regular
manifest and then once a week I want it to run the "make sure
everything is in the right place" manifest.
 2. Puppet seems very sensitive to network glitches. We run puppet from
a cron job and errors were so frequent that we just started sending
all output to /dev/null.
 3. Endless certificate issues. It's crazy. So sometimes hosts would get
"dropped"... for unknown reasons their certificates were no longer
accepted. Because we'd already stopped output (see previous bullet
point) we would not know this and the server would be quietly not
updated. And when you get a certificate problem, often simply
deleting the cert on the agent and master won't fix it. Sometimes a
restart of the master service (or more?) is required.
  * The solution to this to me is not "you should run puppet
dashboard, then you'd know". This shouldn't be failing in the
first place. If something is that flaky, I don't want to run it.

(We're running version 3.4.2 on CentOS 6.5, 64-bit.)

---

Questions.

So my questions for the above three issue are I guess as follows

 1. Is there a common Puppet pattern to address this? Or am I thinking
about things all wrong.
 2. Is there a way to get puppet to be more fault-tolerant, or at least
complain less?
 3. Are endless certificate woes the norm? Once an agent has
successfully got its certificates working with the server, is it a
known issue that it should sometimes start to subsequently fail?

Thanks,
Steve


1. I don't think about it as manifests increasing in size, but whether I 
can completely recreate a server at anytime accurately. Or more 
importantly can I provision 12 more of any server asap. It's been my 
experience that active/passive sites usually drift into active/not 
updated sites. I believe the same would apply to a Puppet install that 
had one methodology for install and another for updates.


That said we do have servers that are usually short lived enough that we 
run Puppet on install and then run specifically targeted updates when 
needed using Puppet's --tags feature.


http://docs.puppetlabs.com/puppet/latest/reference/lang_tags.html#the-tag-metaparameter

2. I run Puppet masters in one US site and have agent machines is five 
others including three sites outside of the US. We average roughly one 
network related problem a month on the 50-100 nodes that aren't in the 
main site. Without more information, logs, etc it would appear that your 
the network's stability is the problem.


	The symptoms you describe might be the result of an overloaded master. 
If that sounds possible, I'd look at the number of Puppet master 
processes you've configured in Apache/Passenger (or similar) and the 
concurrent requests to the master during the day. Agents when left to 
their own devices like to clump up over time. Additionally if you're 
still

Re: [Puppet Users] Puppet new deployment questions - deployment patterns, sensitivity to network errors, and certificate headaches.

2014-06-17 Thread Stephen Morton 
Thanks Doug and Rich.

Yes, I guess I am using the default webrick server. I just enabled the 
puppet-master service in init.d and assumed that was enough. We already 
have an Apache instance and I will look into passenger. Based on what I see 
on the Passenger page, this alone could be the cause of all my network 
issues.

I *do* know all about organizing puppet manifests into modules. I didn't 
really want to get into this but, here you go. The idea behind currently 
having just one site.pp file and that's it is that we're evaluating puppet 
and don't have many rules. It is just not a good use of anybody's time to 
have 12 rules split up into 6 modules with 18 (24?) different files when 
you could do it all in one file. As our puppet rules grow (along with our 
puppet experience) we will refactor.
   Good to know that Puppet Dashboard is on the outs and 
puppetdb+puppetboard is the way to go. Should we need such functionality in 
the future, I'll 
   (IDE? Vim and emacs do my syntax highlighting just fine thank you. ;-)
   The last three comments could be summarized by our philosophy here at 
work that we're lean and mean and we'd never install a "framework" when a 
few lines of bash or perl code would do the trick just as well.

Yes, we do use custom facts to define a server's geographical location 
(e.g. important for our NTP and SNMP config) and its internal purpose. Doug 
hints at using some kind of dynamically generated fact to get a different 
manifest from the master (e.g. daily vs. weekly manifest); I will 
investigate that.

Puppet being useful for deploying servers. Absolutely, that's a great 
point. Thing is, we already have a fully functional kickstart + 
post-install bash script process to do just that already. We *may* replace 
this with puppet, if we decide we love puppet and can't live without it. 
But for now, if it ain't broke don't spend weeks coding and debugging up a 
replacement for it that's no better.

Thanks again,

Steve

On Tuesday, 17 June 2014 01:23:22 UTC-4, Doug_F wrote:
>
> Steve, 
>
> I think you said you put all your configuration in a single site.pp. This 
> is often bad form and limits the flexibility of your deployment. Something 
> we do is layout modules. 
>
> The common pattern is:
> /etc/puppet/environments/production 
> -> Manifests/site.pp
> -> Hieradata/*.yaml
> -> Modules/foo
>
> This keeps everything in the production environment. All of your clients 
> will do this normally. One of the beauties of doing this is you may want to 
> do a cron job weekly that runs with a different environment like "weekly".  
> To take advantage of the flexibility you may want to group servers into 
> buckets by sticking custom facts and including modules based off them. 
>
> As for the Network issues. I think you may be running your puppetmaster 
> with the built in webbrick server. In my experience this offers a single 
> threaded approach to the puppetmaster with it failing if more than one 
> client connects at a time. Setup apache and run Passenger to allow for 
> multiple threads. 
>
> Info on Environments: 
>
> http://docs.puppetlabs.com/puppet/latest/reference/environments.html#enabling-directory-environments
>  
> (note this was introduced in 3.5 so you may want to checkout the legacy way 
> to achieve the same thing. )
> Passenger with Apache: 
> http://docs.puppetlabs.com/guides/passenger.html
>
> Finally to get visiblity into the network I would strongly suggest setting 
> up PuppetDB with Puppetboard as puppet Dashboard is effectivly dead. 
>
> Info on PuppetDB
> http://docs.puppetlabs.com/puppetdb/2.0/install_from_packages.html
> PuppetBoard module on the forge. 
> https://forge.puppetlabs.com/nibalizer/puppetboard
>
> Last tip I would give to someone new is use an IDE that helps you code. 
> Puppetlabs maintains Geppetto for this purpose. 
> http://docs.puppetlabs.com/geppetto/4.0/
>
> On Mon, Jun 16, 2014 at 1:33 PM, Stephen Morton  > wrote:
>
>> I've got some newbie puppet questions.
>> My team has a tremendous amount of linux/computer knowledge, but we're 
>> new to Puppet. 
>> We recently started using puppet to manage some 100 servers. Their 
>> configs are all pretty similar with some small changes.
>>
>> 
>> History
>>
>> Prior to Puppet, we already had a management system that involved having 
>> config files under revision control and the config file repo checked out on 
>> every server and the repo config files symlinked into the appropriate place 
>> in the filesystem. Updating the repo would update these files.This was 
>> mostly just great, with the following limitations:
>>
>>  
>>- If the symlink got broken, it didn't work. 
>>- Some files require very specific ownership, or were required not to 
>>be symlinks (e.g. /etc/sudoers. /etc/vsftpd/ files I think) 
>>- Updating a daemon's config file does not mean that the daemon is 
>>restarted. e.g. updating /etc/httpd/conf/httpd.conf does not do a 
>> "service 
>>httpd reload

Re: [Puppet Users] Is PuppetDB environment aware?

2014-06-17 Thread Vadym Chepkov 

On Jun 17, 2014, at 8:40 AM, Yanis Guenane  wrote:

> The latest version of PuppetDB (ie. 2.0.0) does support environments.
> 
> The first line of the release note is 'PuppetDB 2.0.0 is a feature release 
> focusing on environments support'.
> 
> Here the full link: http://docs.puppetlabs.com/puppetdb/2.0/release_notes.html
> 

I guess this means that Puppet Enterprise product currently doesn’t support 
environments since it includes PuppetDB 1.5.2
No work arounds?  Are there any plans to include PuppetDB 2.0.0  in PE any time 
soon?

Thanks,
Vadym




smime.p7s
Description: S/MIME cryptographic signature

[Puppet Users] rsync yum.puppetlabs.com failing...

2014-06-17 Thread Matthew Nicholson 
So @ my site we keep a number of software repos mirrored internally (not
everything can egress to the net), and a number of these we only sync on
demand (say, we want to upgrade puppet, sync the repo is the first step).

However, since yesterday morning (24 hours now), I haven't been able to
establish a proper rsync connection to yum.puppetlabs.com, because it seems
the rsync server is at its connection limit:

[root@mirror-proxy yum]# rsync --progress -avSH --partial --delete-delay
rsync://yum.puppetlabs.com/packages /n/pkgs_repos/puppetlabs/

@ERROR: max connections (30) reached -- try again later
rsync error: error starting client-server protocol (code 5) at main.c(1503)
[receiver=3.0.6]


Are some other mirrors holding connections open, or is there a way this
limit can get bumped?

Thanks!

-- 
Matthew Nicholson

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CA%2BnEbkZ-K8saK0DaccnH%2BkFdrB6Dv%3D4Qr1u%2BUHN3%2BQChMpemVg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Puppet new deployment questions - deployment patterns, sensitivity to network errors, and certificate headaches.

2014-06-17 Thread jcbollinger 


On Monday, June 16, 2014 2:33:12 PM UTC-5, Stephen Morton wrote:
>
> I've got some newbie puppet questions.
> My team has a tremendous amount of linux/computer knowledge, but we're new 
> to Puppet. 
> We recently started using puppet to manage some 100 servers. Their configs 
> are all pretty similar with some small changes.
>
> 
> History
>
> Prior to Puppet, we already had a management system that involved having 
> config files under revision control and the config file repo checked out on 
> every server and the repo config files symlinked into the appropriate place 
> in the filesystem. Updating the repo would update these files.This was 
> mostly just great, with the following limitations:
>
>  
>- If the symlink got broken, it didn't work. 
>- Some files require very specific ownership, or were required not to 
>be symlinks (e.g. /etc/sudoers. /etc/vsftpd/ files I think) 
>- Updating a daemon's config file does not mean that the daemon is 
>restarted. e.g. updating /etc/httpd/conf/httpd.conf does not do a "service 
>httpd reload" 
>- You can't add a new symlink.
>- All files must be in revision control to link to. Some 
>security-sensitive files we want to only be available to some servers and 
>something like puppet that can send files over the network is a good 
>solution to this.
>
> 
>
> Puppet to the rescue?
>
> So we've tried a very conservative Puppet implementation. We've left our 
> existing infrastructure and we just add new rules in Puppet. So far, we 
> have a single site.pp file and only a dozen or so rules. But already we're 
> seeing problems.
>
>1. Puppet is good for configuring dynamic stuff that changes. But it 
>seems silly to have rules for stuff that will be configured just one time 
>and then will not change. If we set up some files, we don't expect them to 
>disappear. In fact if they do disappear we might not want them silently 
>fixed up we probably want to know what's going on.
>
>
Puppet is fine for stuff that changes from time to time, but it is even 
more for stuff that, once configured, is stable for a long time.  The core 
concept around which it is designed is that you describe the state you want 
your machines to be in, and Puppet will both put them in that state and 
make sure they stay there (on a per-run basis).

If you want Puppet just to check the resources declared for the target node 
without syncing them, then you can run it in --noop mode, and Puppet will 
flag resources that are out of sync.  Alternatively, your manifests can 
declare individual resources to managed in noop mode if you want finer 
granularity.  In any case, Puppet certainly notifies you when it syncs an 
out of sync resource, both in its output and in the reports it sends back 
to the master (if you enable those).  Additionally, you can use the 
--detailed-exitcodes option to make the agent's return code yield 
information about whether anything changed and/or whether there were any 
failed resources.
 

>
>1.   Doing everything in puppet results in ever-growing manifests. I 
>don't know of a way to specify different manifests, e.g. every 30 minutes 
> I 
>want Puppet to run and request the lean and mean regular manifest and then 
>once a week I want it to run the "make sure everything is in the right 
>place" manifest. 
>
>
Yes, everything you configure for Puppet to manage must be described in a 
manifest file, therefore the more you bring under Puppet management, the 
larger the volume of your manifests.  That's like saying "every time I want 
a new feature in my program, I have to add source code!"

Puppet does offer facilities for limiting the scope of runs.  The main ones 
are the --tags agent option to select a subset of the resources that 
normally would be applied, and schedules 
 
to declare master-side limits on when and how frequently particular 
resources and groups of resources should be applied.

 

>
>1. 
>2. Puppet seems very sensitive to network glitches. We run puppet from 
>a cron job and errors were so frequent that we just started sending all 
>output to /dev/null.
>
>
I'm not sure I understand.  What sort of network glitches are we talking 
about?  Are these frequent in your environment?  And what sort of errors?
 

>
>1. 
>2. Endless certificate issues. It's crazy. So sometimes hosts would 
>get "dropped"... for unknown reasons their certificates were no longer 
>accepted. Because we'd already stopped output (see previous bullet point) 
>we would not know this and the server would be quietly not updated. And 
>when you get a certificate problem, often simply deleting the cert on the 
>agent and master won't fix it. Sometimes a restart of the master service 
>(or more?) is required.
>- The solution to this to me is not "you should run pupp

Re: [Puppet Users] Re: Moving from manifest files to ENC script - not working...

2014-06-17 Thread Johan De Wit 

I think, in your yaml, you are missing the name: 

Grts

jo

On 17/06/14 15:19, shlo.af...@gmail.com wrote:


I read the documentation.
I send yesterday example of my perl ENC code  and the output.  I'm 
sending them again:


#!/usr/bin/perl -w
  use strict;
  use YAML qw(Dump);

  my $hostname = shift || die "No hostname passed";

  system("echo $hostname >> /tmp/llkkll");

  my ($host, $domain, $net) = ($1, $2, $3);

  my @classes = ();
  my %parameters = (
  puppetserver => "puppetsrv"
  );
  @classes = ('class1', 'class2::basic', "class3");
  $parameters{var} = "kk1";


  print Dump({
  classes => \@classes,
  parameters => \%parameters,
  }); 



that as output give me:

---
classes:
- class1
- class2::basic
- class3
parameters:
puppetserver: puppetsrv
var: kk1


The definition of the classes are in manifests under the module directory.

My problem:
when I run the puppet command on the agent, it look like it 
*ignore* the classes I define in ENC script

and only if I have the node definition in node.pp it try to so something.

Maybe I'm missing very basic issue. I'm sorry.
Is there any way to debug it?

On Tuesday, June 17, 2014 2:58:55 PM UTC+3, Jason Antman wrote:

Yes, I have an idea.

1) Read the documentation:
http://docs.puppetlabs.com/guides/external_nodes.html

2) If that doesn't help, post your ENC code, with specific
examples of output and problems that you're having.

--
You received this message because you are subscribed to the Google 
Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send 
an email to puppet-users+unsubscr...@googlegroups.com 
.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/5a15194a-c44e-4c3b-b62b-cc07e8094bf4%40googlegroups.com 
.

For more options, visit https://groups.google.com/d/optout.



--
Johan De Wit

Open Source Consultant

Red Hat Certified Engineer  (805008667232363)
Puppet Certified Professional 2013/2014 (PCP006)
_
 
Open-Future Phone +32 (0)2/255 70 70

Zavelstraat 72  Fax   +32 (0)2/255 70 71
3071 KORTENBERG Mobile+32 (0)474/42 40 73
BELGIUM http://www.open-future.be
_
 



Next Events:
Puppet Advanced Training | 
https://www.open-future.be/puppet-advanced-training-10-till-12th-june
Puppet Introduction Course | 
https://www.open-future.be/puppet-introduction-course-13th-june
Linux Training | https://www.open-future.be/linux-training-16-till-20th-june
Subscribe to our newsletter | http://eepurl.com/BUG8H

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/53A04BA6.8070005%40open-future.be.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Large files over puppet

2014-06-17 Thread jcbollinger 


On Tuesday, June 17, 2014 3:45:57 AM UTC-5, Félix Barbeira wrote:
>
> I always heard that serve large files over puppet is a bad practice. 
> But...I guess it depends of what you consider a large file. Everyone agree 
> that serve for example a 25MB file over puppet it's definitely not 
> recommended.
>
>
It is generally useful in such cases to understand *why* a thing is 
considered poor practice.  Otherwise it's very hard to reason about 
questions such as the one you are posing.

The general advice to avoid serving "large" files via the Puppet master's 
built-in file server is based on Puppet's default behavior of using MD5 
checksums to determine whether the target file's content is already in 
sync.  Checksumming the source and target files is comparatively expensive, 
and the master must do it for each catalog request for each client for each 
File resource in its catalog (that uses the default checksum method).

 

> My question is wether a text file of ~7000 lines and ~700KB would be 
> acceptable. Do you think this file rebase "puppet recommended size limits 
> for file" and it's big enough to use the advices of the following thread??
>
>
> https://ask.puppetlabs.com/question/627/serving-large-files-formally-code-artifacts-best-practices/
>  
> 
>


There is no one-size-fits-all answer.  If your master can support the 
combined load, and if the load on your clients (from checksumming on their 
side) is acceptable, then you are basically ok.  Beware, however, of the 
load creeping up as you add more Files, and mind that your master's client 
capacity is affected by how much work it must perform for each client.

Note, too, that there are multiple possible approaches.  If the file(s) you 
want to serve is static and doesn't change too frequently then packaging it 
up and managing it via a Package is a good solution, and I would certainly 
consider that for a 700kB file.  Especially so if it's part of a collection 
that you can package up together.  On the other hand, you can also reduce 
the computational load by switching to a lighter-weight checksum method 
,
 
at the expense of a greater risk of Puppet mistaking whether the File is 
already in sync.  Or if you put it on a network file server accessible to 
your clients, then 'source'ing it from there works, and spares the master 
from checksumming.


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/10a91879-762d-4e11-9da3-2c8db95c6af7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: Moving from manifest files to ENC script - not working...

2014-06-17 Thread shlo . afgin 

I read the documentation.
I send yesterday example of my perl ENC code  and the output.  I'm sending 
them again:

#!/usr/bin/perl -w
> use strict;
> use YAML qw(Dump);
> 
> my $hostname = shift || die "No hostname passed";
> 
> system("echo $hostname >> /tmp/llkkll");
> 
> my ($host, $domain, $net) = ($1, $2, $3);
> 
> my @classes = ();
> my %parameters = (
> puppetserver => "puppetsrv"
> );
> @classes = ('class1', 'class2::basic', "class3");
> $parameters{var} = "kk1";
> 
> 
> print Dump({
> classes => \@classes,
> parameters => \%parameters,
> }); 


that as output give me:

---
> classes:
>   - class1
>   - class2::basic
>   - class3
> parameters:
>   puppetserver: puppetsrv
>   var: kk1

 

The definition of the classes are in manifests under the module directory.

My problem: 
when I run the puppet command on the agent, it look like it *ignore* the 
classes I define in ENC script
and only if I have the node definition in node.pp it try to so something.

Maybe I'm missing very basic issue. I'm sorry.
Is there any way to debug it? 

On Tuesday, June 17, 2014 2:58:55 PM UTC+3, Jason Antman wrote:
>
>  Yes, I have an idea.
>
> 1) Read the documentation: 
> http://docs.puppetlabs.com/guides/external_nodes.html
> 2) If that doesn't help, post your ENC code, with specific examples of 
> output and problems that you're having.
>
>  

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/5a15194a-c44e-4c3b-b62b-cc07e8094bf4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: "Connection timed out - connect(2)" when using puppet module

2014-06-17 Thread jcbollinger 


On Tuesday, June 17, 2014 4:46:47 AM UTC-5, Torsten Kleiber wrote:
>
> Have nobody a hint?
>  
> I have set http_proxy and https_proxy.
>


You mean you have set these in your puppet.conf or in your environment?  If 
the former then which one (file system path) and which section?  Are you 
running as root or as an unprivileged user?

Puppet uses a personal configuration file (~/.puppet/puppet.conf) when run 
as non-root, unless you explicitly tell it otherwise (e.g. --confdir 
/etc/puppet).  I am uncertain whether it honors proxy settings configured 
in the environment, but it certainly does offer its own proxy configuration 
configuration parameters.

 

>  
> curl -k *https://forgeapi.puppetlabs.com* 
>  is succesful.
>


And that's a useful test, but its success does not necessarily imply that 
puppet is configured correctly to connect to the same URL from your 
network.  If indeed you do need to connect via a proxy, then I think your 
problem likely lies there.


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/c7210dac-4f24-48aa-90f3-b7acb0bcbd43%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] sshd configuration

2014-06-17 Thread zerozerounouno 
Il giorno martedì 17 giugno 2014 10:29:08 UTC+2, alexanderdav ha scritto:

>
> You should take a look at 
> https://forge.puppetlabs.com/domcleal/augeasproviders .
>

Wow, that worked great and easy, thanks!
I whish I'd found it also before using another puppetforge module for 
sysctl configuration ;).

Bye.
Marco

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/a24a140e-d62c-4385-8383-5aaeed9da3ef%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Is PuppetDB environment aware?

2014-06-17 Thread Yanis Guenane 

The latest version of PuppetDB (ie. 2.0.0) does support environments.

The first line of the release note is 'PuppetDB 2.0.0 is a feature 
release focusing on environments support'.


Here the full link: 
http://docs.puppetlabs.com/puppetdb/2.0/release_notes.html


--
Yanis Guenane

On 06/16/2014 10:15 PM, Vadym Chepkov wrote:

Greetings,

Does PuppetDB support "environments" similar to puppet?
I noticed exported resources are "crossing" from one environment to 
another.
I would like to prevent this without having to add $environment to 
every single tag and
forge modules don't do it anyway, so there must be a some way to have 
PuppetDB to segregate environments.


Thanks,
Vadym

--
You received this message because you are subscribed to the Google 
Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send 
an email to puppet-users+unsubscr...@googlegroups.com 
.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/f33befb1-2c44-484b-a815-6f93d0ed232b%40googlegroups.com 
.

For more options, visit https://groups.google.com/d/optout.


--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/53A03759.1030304%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Use external facts inside templetes

2014-06-17 Thread Sans 
Hi there,

First of all, if it's a fact, then you really should be doing *${::key1}* 
instead. 

To use it in template, *<%= @key1 %>* should work just fine.  Otherwise, 
you can have this: *$localkey = ${::key1}* in your init.pp and then *<%= 
@localkey %>* in the template but I don't think you gonna get anything 
thing better.

On the agent, if you do: *facter -p key1*, do you get the result that you 
expect? Best!
 

On Tuesday, June 17, 2014 12:33:06 PM UTC+1, Malintha Adikari wrote:
>
>
>   I have defined some key value pairs in /etc/facter/facts.d/value.txt 
> file. I could use those keys inside my init.pp script and successfully for 
> the values using
>
>*${key1}*
>  
>
> I want to get those values inside my template file. I have used 
>
>*<%= @key1 %>*
>  
>
> but it doesn't give me the value. What is the correct way to get the value 
> of the external fact inside template.
>
> Regards,
>
> Malintha
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/35dcdb3b-0209-4b66-a350-42705df5c542%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] SSL

2014-06-17 Thread Don Dorman 
My environment has been working up until mid last week.

just doing a puppet agent --test gives me these results... has anyone ran 
across this.

[root@DC01SLE0005 ~]# puppet agent --test
Warning: Unable to fetch my node definition, but the agent run will 
continue:
Warning: SSL_connect returned=1 errno=0 state=SSLv3 read server session 
ticket A: sslv3 alert certificate revoked
Info: Retrieving plugin
Error: /File[/var/lib/puppet/lib]: Failed to generate additional resources 
using 'eval_generate': SSL_connect returned=1 

errno=0 state=SSLv3 read server session ticket A: sslv3 alert certificate 
revoked
Error: /File[/var/lib/puppet/lib]: Could not evaluate: SSL_connect 
returned=1 errno=0 state=SSLv3 read server session ticket 

A: sslv3 alert certificate revoked Could not retrieve file metadata for 
puppet://puppet.ds.gc.ca/plugins: SSL_connect 

returned=1 errno=0 state=SSLv3 read server session ticket A: sslv3 alert 
certificate revoked
Info: Loading facts in /var/lib/puppet/lib/facter/puppet_vardir.rb
Info: Loading facts in /var/lib/puppet/lib/facter/pe_version.rb
Info: Loading facts in /var/lib/puppet/lib/facter/facter_dot_d.rb
Info: Loading facts in /var/lib/puppet/lib/facter/root_home.rb
Error: Could not retrieve catalog from remote server: SSL_connect 
returned=1 errno=0 state=SSLv3 read server session ticket 

A: sslv3 alert certificate revoked
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Error: Could not send report: SSL_connect returned=1 errno=0 state=SSLv3 
read server session ticket A: sslv3 alert 

certificate revoked

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/a180f269-de1d-4fbc-aa23-a26c8eaf588f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: Moving from manifest files to ENC script - not working...

2014-06-17 Thread Jason Antman 

Yes, I have an idea.

1) Read the documentation: 
http://docs.puppetlabs.com/guides/external_nodes.html
2) If that doesn't help, post your ENC code, with specific examples of 
output and problems that you're having.


On 06/17/2014 07:49 AM, shlo.af...@gmail.com wrote:


Hi,

I understood  ENC can work without the PuppetDB installation.
I cannot make ENC work and I cannot find a log or any way to debug it, 
so I can find the problem.


any idea are welcome.
Thanks.
--
You received this message because you are subscribed to the Google 
Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send 
an email to puppet-users+unsubscr...@googlegroups.com 
.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/85498348-93a0-49ff-bdc5-589f76e7ee79%40googlegroups.com 
.

For more options, visit https://groups.google.com/d/optout.


--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/53A02D79.50005%40jasonantman.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] PuppetDB connection issue - Failed to connect!!

2014-06-17 Thread Sans 
Hi there,

Just started using PuppetDB (using the Puppetlabs' module) and getting 
issues with connection. First it was giving me server Not Found:

Error: Unable to connect to puppetdb server (puppet.internal:8081): [404] 
> Not Found
> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
> 
> 
> Error: Unable to connect to puppetdb server (puppet.internal:8081): [404] 
> Not Found
> Notice: Failed to connect to puppetdb within timeout window of 15 seconds; 
> giving up.
> Error: Unable to connect to puppetdb server! (puppet.internal:8081)
> Error: 
> /Stage[main]/Puppetdb::Master::Config/Puppetdb_conn_validator[puppetdb_conn]/ensure:
>  
> change from absent to present failed: Unable to connect to puppetdb server! 
> (puppet.internal:8081)
>

but from the puppetdb ssl-setup, it looks okay:

root@puppet:/vagrant/PuppetConf/manifests# puppetdb ssl-setup -f
> PEM files in /etc/puppetdb/ssl already exists, checking integrity.
> Overwriting existing PEM files due to -f flag
> Copying files: /var/lib/puppet/ssl/certs/ca.pem, 
> /var/lib/puppet/ssl/private_keys/puppet.internal.pem and 
> /var/lib/puppet/ssl/certs/puppet.internal.pem to /etc/puppetdb/ssl
> Setting ssl-host in /etc/puppetdb/conf.d/jetty.ini already correct.
> Setting ssl-port in /etc/puppetdb/conf.d/jetty.ini already correct.
> Setting ssl-key in /etc/puppetdb/conf.d/jetty.ini already correct.
> Setting ssl-cert in /etc/puppetdb/conf.d/jetty.ini already correct.
> Setting ssl-ca-cert in /etc/puppetdb/conf.d/jetty.ini already correct.
>

 
since then, I'm still getting eventually the same error but with different 
Notice:

Warning: Puppet::Util::SUIDManager.run_and_capture is deprecated; please 
> use Puppet::Util::Execution.execute instead.
>(at 
> /vagrant/VagrantConf/modules/postgresql/lib/puppet/provider/postgresql_psql/ruby.rb:57:in
>  
> `run_sql_command')
> Notice: 
> /Stage[main]/Puppetdb::Server::Jetty_ini/Ini_setting[puppetdb_sslhost]/value: 
> value changed '0.0.0.0' to 'puppet.internal'
> Info: Class[Puppetdb::Server::Jetty_ini]: Scheduling refresh of 
> Service[puppetdb]
> Notice: /Stage[main]/Puppetdb::Server/Service[puppetdb]: Triggered 
> 'refresh' from 1 events
> Notice: Unable to connect to puppetdb server (puppet.internal:8081): 
> #
> Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry
> 
> 
> Notice: Unable to connect to puppetdb server (puppet.internal:8081): 
> #
> Notice: Failed to connect to puppetdb within timeout window of 15 seconds; 
> giving up.
> Error: Unable to connect to puppetdb server! (puppet.internal:8081)
> Error: 
> /Stage[main]/Puppetdb::Master::Config/Puppetdb_conn_validator[puppetdb_conn]/ensure:
>  
> change from absent to present failed: Unable to connect to puppetdb server! 
> (puppet.internal:8081)
>

Can anyone explain to me what actually going on/wrong please? Why it was "Not 
Found" before and now "Unable to connect"? Any help/pointer would be much 
appreciated. Best!

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/9517f14f-8b38-4243-9aaf-353a27ae8079%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] having issue when trying to install java using rpm

2014-06-17 Thread Jason Antman 

"That's not how it works".

In the output below, you can clearly see that Puppet is executing 
`*/bin/rpm -i 
puppet:///development/java_rpm/files/jdk-7u25-linux-x64.rpm*`. Why would 
that work? "puppet:///" means nothing to RPM, and "puppet:///" is not a 
valid 'source' for the Package type.


You have two options:
1) the correct option, create a Yum repository somewhere with the 
package in it, and install from that.

2) Serve that file over HTTP from somewhere, and install from there.
2) Use a File resource first to put that on the machine, and have the 
Package resource install that, and reference that path.


I'd highly recommend against doing it this way. There's no reason that a 
giant binary (like an RPM) should be inside a puppet module - it means 
your source control repo for puppet (or that module) will be huge, and 
Puppet isn't really designed to serve large files. There are existing 
methods of deploying RPMs (Yum).


-Jason

On 06/13/2014 01:17 PM, Supriya Uppalapati wrote:


Hi,

I am getting the issue when i modifyied the code like this

class java_rpm::install {
$version = hiera("javaversion")

package { $version:
provider => rpm,
source => "puppet:///development/java_rpm/files/$version",
ensure => installed,
}
}
MY file is here:
pwd
/etc/puppetlabs/puppet/environments/development/modules/java_rpm/files

*In my /var/lib/hiera*

classes:
- 'cis'
- 'java_versions'
- 'java_rpm'

javaversion: jdk-7u25-linux-x64.rpm

**

**

*Error: Execution of '/bin/rpm -i 
puppet:///development/java_rpm/files/jdk-7u25-linux-x64.rpm' returned 
1: error: open of 
puppet:///development/java_rpm/files/jdk-7u25-linux-x64.rpm failed: No 
such file or directory*


**

*Error: 
/Stage[main]/Java_rpm::Install/Package[jdk-7u25-linux-x64.rpm]/ensure: 
change from absent to present failed: Execution of '/bin/rpm -i 
puppet:///development/java_rpm/files/jdk-7u25-linux-x64.rpm' returned 
1: error: open of 
puppet:///development/java_rpm/files/jdk-7u25-linux-x64.rpm failed: No 
such file or directory*


Let me know

--
You received this message because you are subscribed to the Google 
Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send 
an email to puppet-users+unsubscr...@googlegroups.com 
.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/c25a25f1-2aaa-4596-a8d9-b66a8331fcbc%40googlegroups.com 
.

For more options, visit https://groups.google.com/d/optout.


--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/53A02BD1.4090804%40jasonantman.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Moving from manifest files to ENC script - not working...

2014-06-17 Thread shlo . afgin 

Hi,

I understood  ENC can work without the PuppetDB installation. 
I cannot make ENC work and I cannot find a log or any way to debug it, so I 
can find the problem.

any idea are welcome.
Thanks.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/85498348-93a0-49ff-bdc5-589f76e7ee79%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Package Resource, Versioning and Yum

2014-06-17 Thread Jason Antman 

Joseph,

See https://tickets.puppetlabs.com/browse/PUP-682

I'm going to try and get the pull request rebased, but at best this will 
be in puppet4.


-Jason

On 06/12/2014 02:44 PM, Joseph Swick wrote:

Hi list,
I'm working on a little addition to an internal module we use to ensure
our puppet clients have a consistent configuration to also ensure the
correct version of puppet is installed on the system and run into a bit
of semantics issue as I thought that "ensure => 'version.num'" was a
more correct way of specifying the version of a package, rather than
doing it in the name of the resource.

Here's a few snippets of code:

Common class opening:

class puppet_mw::client (
   ...
   $manage_versions  = true,
   $puppet_version   = '3.6.2',
   $facter_version   = '2.0.2',
   $hiera_version= '1.3.4',
   ...
) {

This works:

   if $manage_versions {
 package { "puppet-${puppet_version}":
   ensure => present,
 }
 package { "facter-${facter_version}":
   ensure => present,
 }
 package { "hiera-${hiera_version}":
   ensure => present,
 }
   }


This however, does not:

   if $manage_versions {
 package { 'puppet':
   ensure => ${puppet_version},
 }
 package { 'facter':
   ensure => ${facter_version},
 }
 package { 'hiera':
   ensure => ${hiera_version},
 }
   }

As it generates this error:

Error: Could not update: Failed to update to version 3.6.2, got version
3.6.2-1.el6 instead
Wrapped exception:
Failed to update to version 3.6.2, got version 3.6.2-1.el6 instead
Error: /Stage[main]/Puppet_mw::Client/Package[puppet]/ensure: change
from 3.6.2-1.el6 to 3.6.2 failed: Could not update: Failed to update to
version 3.6.2, got version 3.6.2-1.el6 instead
Error: Could not update: Failed to update to version 2.0.2, got version
2.0.2-1.el6 instead
Wrapped exception:
Failed to update to version 2.0.2, got version 2.0.2-1.el6 instead
Error: /Stage[main]/Puppet_mw::Client/Package[facter]/ensure: change
from 1.7.5-1.el6 to 2.0.2 failed: Could not update: Failed to update to
version 2.0.2, got version 2.0.2-1.el6 instead
Error: Could not update: Failed to update to version 1.3.4, got version
1.3.4-1.el6 instead
Wrapped exception:
Failed to update to version 1.3.4, got version 1.3.4-1.el6 instead
Error: /Stage[main]/Puppet_mw::Client/Package[hiera]/ensure: change from
1.3.2-1.el6 to 1.3.4 failed: Could not update: Failed to update to
version 1.3.4, got version 1.3.4-1.el6 instead

Which lead me to this, but will get messy to ensure compatibility with
different Linux versions:

   if $manage_versions {
 case $::osfamily {
   'RedHat': { $os_string = "-1.el${::operatingsystemmajrelease}" }
   default : { $os_string = undef }
 }

 package { 'puppet':
   ensure => "${puppet_version}${os_string}",
 }
 package { 'facter':
   ensure => "${facter_version}${os_string}",
 }
 package { 'hiera':
   ensure => "${hiera_version}${os_string}",
 }
   }

Running 'yum install puppet-3.6.2' works as desired, but adding
'allow_virutal => true,' to the package resource doesn't change the
previous error.

Is this working as designed for the Yum provider for the package
resource or is this a bug with the provider?  For some reason, I want to
think this has been discussed on the list before, but couldn't find the
relevant thread.

It appears I may be running up against this bug:

https://tickets.puppetlabs.com/browse/PUP-1244

TIA.



--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/53A02951.9030007%40jasonantman.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] What is the puppet way to send configuration details along with the request from the puppet ?

2014-06-17 Thread Malintha Adikari 
Thank you very much. Yes I have strated implementing it using external 
facts. 

On Monday, June 16, 2014 7:03:35 PM UTC+5:30, Christopher Wood wrote:
>
> It sounds like you want to use facts to make decisions about what 
> configurations to apply: 
>
>
> http://docs.puppetlabs.com/puppet/latest/reference/lang_facts_and_builtin_vars.html
>  
> http://docs.puppetlabs.com/guides/custom_facts.html 
>
> The usual caveat here tends to be that you should be telling the host what 
> to configure, not configuring based on what the machine thinks. 
>
> To store configuration details in a straightforward fashion, you should 
> probably be looking into hiera: 
>
> http://docs.puppetlabs.com/hiera/1/ 
>
>
>
> On Sun, Jun 15, 2014 at 10:40:43PM -0700, Malintha Adikari wrote: 
> >Hi, 
> >I am new to puppet. In my puppet master side I want to create some 
> >configurations dynamically. For that I have to send those 
> configuration 
> >details along with the puppet agent request to the master. I have 
> plenty 
> >of configurations details to be sent with a request. Does Puppet 
> support 
> >this kind of operation. How can I achieve this ? 
> >Regards, 
> >Malintha Adiakri 
> > 
> >-- 
> >You received this message because you are subscribed to the Google 
> Groups 
> >"Puppet Users" group. 
> >To unsubscribe from this group and stop receiving emails from it, 
> send an 
> >email to [1]puppet-users...@googlegroups.com . 
> >To view this discussion on the web visit 
> >[2]
> https://groups.google.com/d/msgid/puppet-users/be2e1f24-1515-4f5e-8c4a-7d488b473d8e%40googlegroups.com.
>  
>
> >For more options, visit [3]https://groups.google.com/d/optout. 
> > 
> > References 
> > 
> >Visible links 
> >1. mailto:puppet-users+unsubscr...@googlegroups.com  
> >2. 
> https://groups.google.com/d/msgid/puppet-users/be2e1f24-1515-4f5e-8c4a-7d488b473d8e%40googlegroups.com?utm_medium=email&utm_source=footer
>  
> >3. https://groups.google.com/d/optout 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/6bc7450f-b937-4482-96db-10aecbb484b6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Use external facts inside templetes

2014-06-17 Thread Malintha Adikari 
 
  I have defined some key value pairs in /etc/facter/facts.d/value.txt 
file. I could use those keys inside my init.pp script and successfully for 
the values using

   *${key1}*
 

I want to get those values inside my template file. I have used 

   *<%= @key1 %>*
 

but it doesn't give me the value. What is the correct way to get the value 
of the external fact inside template.

Regards,

Malintha

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/1e415b28-47f1-4240-bf89-f5eb0372dfc6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: "Connection timed out - connect(2)" when using puppet module

2014-06-17 Thread Torsten Kleiber 
Have nobody a hint?
 
I have set http_proxy and https_proxy.
 
curl -k *https://forgeapi.puppetlabs.com*  
is succesful.
 
curl https://forgeapi.puppetlabs.com
curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify 
failed
More details here: http://curl.haxx.se/docs/sslcerts.html 

curl

performs SSL certificate verification by default, using a "bundle"
 of Certificate Authority (CA) public keys (CA certs). If the default
 bundle file isn't adequate, you can specify an alternate file
 using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
 the bundle, the certificate verification probably failed due to a
 problem with the certificate (it might be expired, or the name might
 not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
 the -k (or --insecure) option.
 

>  
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/b9289013-7d81-4899-9054-3e2c96c38ed4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Announce: Puppet 3.6.2 [ Security and Bug fix Release ]

2014-06-17 Thread Stefan Heijmans 
Aha, experienced the same thing last week, didn't have time to look into it 
yet...

On Monday, June 16, 2014 3:30:31 PM UTC+2, Byron Miller wrote:

> Running puppet 3.6.2 and disable_warnings = deprecations appears to make 
> no difference to prohibiting the alert about environments.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/163f893b-3f66-497b-8618-a0213583e74e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Large files over puppet

2014-06-17 Thread Félix Barbeira 
I always heard that serve large files over puppet is a bad practice. 
But...I guess it depends of what you consider a large file. Everyone agree 
that serve for example a 25MB file over puppet it's definitely not 
recommended.

My question is wether a text file of ~7000 lines and ~700KB would be 
acceptable. Do you think this file rebase "puppet recommended size limits 
for file" and it's big enough to use the advices of the following thread??

https://ask.puppetlabs.com/question/627/serving-large-files-formally-code-artifacts-best-practices/

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/f85ac756-e12b-4e25-af57-1147c012851c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] sshd configuration

2014-06-17 Thread José Luis Ledesma 
I found that in order to change just some options it is far easier just to
write a little ssh module with a template with only the parameters you want
yo change.

Regards,
El 17/06/2014 10:29, "Alexander Holte-Davidsen" <
alexander.david...@gmail.com> escribió:

> Hi Marco,
>
> You should take a look at
> https://forge.puppetlabs.com/domcleal/augeasproviders .
>
> Regards,
> Alexander
>
>
> On Tue, Jun 17, 2014 at 9:59 AM,  wrote:
>
>> Hi,
>> what's the best module/way to change some options in the sshd_config file?
>>
>> I just have to change a couple of options from their OS defaults.
>>
>> I searched in the forge but, apart from the fact that I often find it
>> hard to understand how to use some of the contributed modules, it looks
>> like ssh-related modules tend to completely rewrite the config file.
>> For example, I tried ghoneycutt-ssh but it completely replaces
>> sshd_config with its own defaults, so also other options are changed from
>> the OS default.
>>
>> Do I really have to use Augeas?
>>
>> Thanks.
>> Marco
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to puppet-users+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/puppet-users/9454a535-f6b0-4e77-b267-2005812dc933%40googlegroups.com
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/CAFdJyc3z90imiQtvsXyXYsQBHY9x8q3%3DPO1scY2niWk5SPGWfQ%40mail.gmail.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAF_B3ddOapy%2Bd5D7UGvooaBs6g_a%3Du9JGYnpjTJsFsMYFWCm6g%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] sshd configuration

2014-06-17 Thread Alexander Holte-Davidsen 
Hi Marco,

You should take a look at
https://forge.puppetlabs.com/domcleal/augeasproviders .

Regards,
Alexander


On Tue, Jun 17, 2014 at 9:59 AM,  wrote:

> Hi,
> what's the best module/way to change some options in the sshd_config file?
>
> I just have to change a couple of options from their OS defaults.
>
> I searched in the forge but, apart from the fact that I often find it hard
> to understand how to use some of the contributed modules, it looks like
> ssh-related modules tend to completely rewrite the config file.
> For example, I tried ghoneycutt-ssh but it completely replaces
> sshd_config with its own defaults, so also other options are changed from
> the OS default.
>
> Do I really have to use Augeas?
>
> Thanks.
> Marco
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/9454a535-f6b0-4e77-b267-2005812dc933%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAFdJyc3z90imiQtvsXyXYsQBHY9x8q3%3DPO1scY2niWk5SPGWfQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] sshd configuration

2014-06-17 Thread zerozerounouno 
Hi,
what's the best module/way to change some options in the sshd_config file?

I just have to change a couple of options from their OS defaults.

I searched in the forge but, apart from the fact that I often find it hard 
to understand how to use some of the contributed modules, it looks like 
ssh-related modules tend to completely rewrite the config file.
For example, I tried ghoneycutt-ssh but it completely replaces sshd_config 
with its own defaults, so also other options are changed from the OS 
default.

Do I really have to use Augeas?

Thanks.
Marco

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/9454a535-f6b0-4e77-b267-2005812dc933%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.