[Puppet Users] Re: How to group systems using Puppet and hiera?

[Grant Street]

I am looking to implement puppet coming from cfe2 
I am also finding it hard to make the connection between nodes and groups 
using hiera. I would like a solution where I can define host groups etc on 
the puppet master rather than relying on the client to have a file(s) put 
in particular locations.
It would be good to remove the node configuration from the puppet DSL but I 
am struggling to put this together. 
Any help ?

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/0788d35c-b315-4ae9-aca5-8018427abe87%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Error 400/403 on Windows with mcollective+puppet in large amount of servers deployment

[Peiven Cheng]

Hi all,

We use mcollective to trigger puppet sync in windows servers.
While we send the 'mco puppet runonce' to trigger 8~10 servers doing puppet 
agent apply,
it occasionally happened the error of 
Could not retrieve catalog from remote server: Error 400 on SERVER: Could 
not find class test_1_0_4 
for abc.tsmc at /userap/paas_ap/puppet/manifests/abc.pp:5 on node abc.tsmc
or
Could not evaluate: Error 403 on SERVER: Forbidden request: 
cba.tsmc(10.39.138.57) access to /module/test_dxp_1_0_3/TEST.zip [search] 
authenticated at
 /etc/puppet/auth.conf:99 Could not retrieve file metadata for 
puppet:///modules/test_dxp_1_0_3/TEST.zip: Error 403 on SERVER: Forbidden 
request: 
cba.tsmc(10.39.138.57) access to /module/test_dxp_1_0_3/TEST.zip [search] 
authenticated at /etc/puppet/auth.conf:99

These two errors only occurred in some server and other servers can apply 
the same class normally.
(Therefore, we though that the error was nothing to do with what it shows 
of configuration error since others can executed normally)
In this case, we usually redo puppet sync without doing any change and the 
error would gone.

Does anyone know why this two error exception would be triggered?
Any suggestions?

The auth.conf file line 99 is
*# this one is not stricly necessary, but it has the merit*
*# to show the default policy which is deny everything else*
*path /*
*auth any*

The version we used is 
Puppet master version: 2.7.23
Puppet client version: 3.4.3
mcollective version: 2.5.0

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/7ad0acae-80c4-4e09-b088-26e729c5b8e1%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] How to use variables in a puppet class

[Vikas Kumar]

Hello All,

I have a kickstart server which I use to deploy many minor versions of 
CentOS/RHEL 5 and 6 for both 32 and 64 Bit OS.

I have lots of yum repository files. For. e.g. - RHEL_5.5_64.repo, 
RHEL_5.6_64.repo, RHEL_6.2_32, RHEL_6.5_64, etc. I am looking to use Puppet 
to automatically deploy the required kickstart repos. I tried to follow this 
 
link in vain.

The problem is that I am unable to use facter variables *$lsbdistrelease* 
with something like below.

baseurl=> "http://our-reposrv:8080/dev/RHEL_$lsbdistrelease_64";

Here, the variable does not converts to is value.

Please help me to get this sorted. Am I missing anything ?

Regards,
Vikas

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/59aa2148-3133-48fc-9731-412d8687c4f0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Getting Variables out of define in site.pp

[email]

Hi,

my servers have some kind of "role" like "app1" or "app1,app2" which im 
getting out of a selfmade global facter variable.
Im then going through this list and include classes depending on the 
content of this variable.

# site.pp

define iterateSystemRole {
case $name {
'app1':   {
include app1
$defineVariable = 'content'
}
'app2':   {
include app2
}
default:  { }
}
}

$cur_system_role = split($::system_role, ',')
iterateSystemRole { $cur_system_role: }

node default {
inlude xyz
}

Now i want to work with variables too. Like checking in class 'app1' if 
variable $defineVariable is set to "content".
I would do this like:

# app1.pp

class app1 {
  if $::iterateSystemRole::defineVariable == 'content' {
 doSomething
  }
}

But the variable $::iterateSystemRole::defineVariable is always undefined. 
So i cant get the content from $defineVariable.

How can i get this working?
I googled a lot but did not find a way... I think its an issue with scoping 
but i hope there is a way to get this working...

Best regards!


-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/b042bf85-3a5a-4e50-9513-142348ee3695%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] How to use variables in a puppet class

[Sean Crosby]

Hi Vikas,

Do you have the package 'redhat-lsb' installed? The $lsbdistrelease fact is
only populated when this package is installed

Sean


On 24 July 2014 17:07, Vikas Kumar  wrote:

> Hello All,
>
> I have a kickstart server which I use to deploy many minor versions of
> CentOS/RHEL 5 and 6 for both 32 and 64 Bit OS.
>
> I have lots of yum repository files. For. e.g. - RHEL_5.5_64.repo,
> RHEL_5.6_64.repo, RHEL_6.2_32, RHEL_6.5_64, etc. I am looking to use Puppet
> to automatically deploy the required kickstart repos. I tried to follow
> this
> 
> link in vain.
>
> The problem is that I am unable to use facter variables *$lsbdistrelease*
> with something like below.
>
> baseurl=> "http://our-reposrv:8080/dev/RHEL_$lsbdistrelease_64";
>
> Here, the variable does not converts to is value.
>
> Please help me to get this sorted. Am I missing anything ?
>
> Regards,
> Vikas
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/59aa2148-3133-48fc-9731-412d8687c4f0%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CADg9O%2BN2K138omiTWBJDZhdUR%3DTMz%3Dov_47XbYt3USEgNy_qmA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Getting Variables out of define in site.pp

[Werner Flamme]

em...@benjaminmertens.de [24.07.2014 12:42]:
> 
> # site.pp
> 
> define iterateSystemRole {
> case $name {
> 'app1':   {
> include app1
> $defineVariable = 'content'
> }
> 'app2':   {
> include app2
> }
> default:  { }
> }
> }
> 
> But the variable $::iterateSystemRole::defineVariable is always undefined. 
> So i cant get the content from $defineVariable.
> 
> How can i get this working?
> I googled a lot but did not find a way... I think its an issue with scoping 
> but i hope there is a way to get this working...

Did you try to swap the lines, so that they read

  $defineVariable = 'content'
  include app1

Does this help?

-- 




smime.p7s
Description: S/MIME Cryptographic Signature

[Puppet Users] Hiera - how to include all files inside a directory

[Juan Moreno]

Hi,

I would like to know if exists the possibility to include all the yaml 
files of a directory in hiera.

The hiera config looks like:

:hierarchy:
  - %{hostname}
  - secrets
  - customers/*

:backends:
  - yaml
:yaml:
  :datadir: '/etc/puppet/data'

Cheers,
Juan Moreno

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/e069d96d-7ec4-4bb2-bd68-76143609596b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] puppetlabs-mysql

[David Kindle]

Thanks Hunter - this is the info I was looking for.   Now of course I need 
puppet to create this file for me since the idea here is that I dont have 
to touch the node.   Can you be more specific on he "just add your own 
info"   Is the the client/socket/unset info?  can you populate those with 
default typical values so I see exactly what  you mean.

tks again


On Wednesday, July 23, 2014 6:42:07 PM UTC-4, Hunter Haugen wrote:
>
> The module is trying to read the cached password from /root/.my.cnf to 
> connect, and since it's empty it tries with no password. (See 
> https://github.com/puppetlabs/puppetlabs-mysql/blob/master/manifests/server/root_password.pp#L7-L19
>  
> for what puppet is doing with the root_password).
>
> You could create the file /root/.my.cnf with the contents of 
> https://github.com/puppetlabs/puppetlabs-mysql/blob/master/templates/my.cnf.pass.erb
>  
> but just add your own info, then it should work and puppet should be able 
> to manage it from there :).
>
>
>
> -Hunter
>
>
> On Wed, Jul 23, 2014 at 10:07 AM, David Kindle  > wrote:
>
>> based on the below script - My mysql instance has a password of foo 
>> already.   I want this script to use my root password to create a new db 
>> and assign a user with privileges to that db.
>>
>> What is wrong with this code?  Is this trying to SET the root pass vs 
>> just using it to execute the commands?
>>
>> the way this is it throws the error "Access denied for user 
>> 'root'@'localhost' (using password: NO)"
>>
>> any help greatly appreciated
>>
>>
>> class {'mysql::server':
>> root_password => 'foo',
>> }
>>
>>#creates a sample db with user with correct permissions -spade
>>   mysql::db { $dbName:
>>   user => $dbUser,
>>   password => $dbPass,
>>   host => 'localhost',
>>   grant=> ['SELECT', 'INSERT', 'UPDATE', 'CREATE', 'DELETE'],
>> }
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to puppet-users...@googlegroups.com .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/puppet-users/c11bfb37-2621-4662-9a1e-ece61c8023fe%40googlegroups.com
>>  
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/ce0de47d-22a3-4c0c-a4e1-af2b89544e33%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Banned from RHN due to exessive connections; would like opions on my solution.

[jcbollinger]

On Wednesday, July 23, 2014 6:26:00 PM UTC-5, Stack Kororā wrote:
>
> Greetings!
>
> Thank you so much John. I just learned something new about Puppet. Utilizing  
> inline_template is a heck of a lot easier then how I first attempted that 
> variable substitution. I might have to go back and fix some of my older code 
> later
>
>
> Here are a few other notes in response to your email:
> > Have you considered setting up a caching proxy between you and them?
>
> We have discussed doing a caching proxy, but haven't ever had the 
> time/inclination to implement one yet.
>
> 
>
> > What per-package request(s) is yum actually making?
>
> I explored the yum thing a bit more. Running puppet-3.6.2-1.el6.noarch on 
> both server and client using CentOS6 as my test systems. I started a puppet 
> run in one terminal and ran this code in a second:
> $ while [ "$(pgrep puppet)" != "" ]; do pgrep yum; done | uniq
>
> If I just do this:
> package { 'telnet' : ensure=>absent,}
>
> Nothing triggers.
>
> If I do it this way:
> $removethesepackages = [
> 'telnet-server',
> 'telnet',
> ]
> package {$removethesepackages : ensure=>absent,}
>
> Then I get a yum PID per package. For every PID I get a line in the puppet 
> log like this:
> Notice: /Stage[main]/audit::Software_disabled/Package[telnet]/ensure: created
>
> (there is that weird error message again where an absent is "created").
>
> I don't know why. Both work as expected, but the second triggers a yum call 
> the first doesn't.
>
>

I find it surprising -- and in fact unlikely -- that using an array 
resource title produces different behavior than does a sequence of separate 
resource declaration for each of the packages.  If that is in fact the case 
then I encourage you to file a bug report, but I'm pretty sure you're mixed 
up.  In particular, Puppet will *never* invoke 'yum' to ensure a package 
'absent' -- the 'yum' provider intentionally uses 'rpm -e' for that.  
Puppet uses 'yum remove' only to ensure a package 'purged'.

In any case, the issue is not so much whether Puppet spawns yum processes; 
rather it is what yum *does* once spawned.  Yum should not be hitting RHN 
to service a request to remove a package, whether that package is in fact 
installed or not.  Furthermore, the number of RHN requests needed to serve 
all other package management needs should be minimized by yum's metadata 
caching.  Even if you instructed Puppet to clear yum metadata on each run, 
you should hit RHN only once per Puppet run, except when you install or 
update a package.  If you see different behavior then you should 
investigate yum's own configuration.

 

> So I thought, 'Maybe it is hitting local cache and not actually going out to 
> the repo'. I dug around in the logs on our local repo and found this:
> [IP REMOVED] - - [23/Jul/2014:14:07:58 -0500] "GET 
> /puppetlabs/6/products/x86_64/repodata/repomd.xml HTTP/1.1" 200 2529 "-" 
> "urlgrabber/3.9.1 yum/3.2.29"
>
> It isn't one per package, but it is one per puppet run. Something about that 
> method calls yum differently I guess. Not sure why. 
>
>

Puppet executes a "yum list --all" once per run so it can tell what to do 
with packages ensured anything other than 'absent' or 'purged'.  This is 
part of a strategy to avoid needlessly running yum to install packages that 
aren't available or to update a packages that are already at the latest 
available version.  But it should be served from yum's cache most of the 
time.  If you see these frequently going out to RHN, then again, something 
is weird about your yum configuration.

 

> ---
>
> The double notice I was referring to is this:
> Notice: Package telnet is not installed
> Notice: 
> /Stage[main]/audit::Software_disabled/audit::Forbidden_package[telnet]/Notify[Package
>  telnet is not installed]/message: defined 'message' as 'Package telnet is 
> not installed'
>
> I am told three times in two lines (more with wrap around on a console) that 
> telnet isn't installed. I find it annoying and haven't found a solution to 
> removing it yet and leaving just the first Notice. If you know of one I would 
> be /very/ grateful.
>
>

So that's just what I supposed you might be talking about.  Did you try my 
suggestion to set "loglevel => 'debug'" on the Notice resources?

 

> 
> I implemented your code and it is working brilliantly. I made two changes.
> 1) I placed the define in init.pp so I can reference it anywhere in the audit 
> class easily.
>
>

Sorry, I didn't intend to imply a specific file to put the define in.  The 
standard place for a define named audit::forbidden_package would be /audit/manifests/forbidden_package.pp (same rule as for classes).  
Putting it there is even more likely to ensure that Puppet can always find 
it.  If you follow that pattern systematically then it also helps *you* 
find it.

 

> 2) I changed:
>  '<%= scope.lookupvar('::pkg_' + @title.gsub('-', '_')) %>')
> to:
>  "<%= s

Re: [Puppet Users] Getting Variables out of define in site.pp

[Henrik Lindberg]

On 2014-24-07 14:27, Werner Flamme wrote:

em...@benjaminmertens.de [24.07.2014 12:42]:


# site.pp

define iterateSystemRole {
 case $name {
 'app1':   {
 include app1
 $defineVariable = 'content'
 }
 'app2':   {
 include app2
 }
 default:  { }
 }
}

But the variable $::iterateSystemRole::defineVariable is always undefined.
So i cant get the content from $defineVariable.

How can i get this working?
I googled a lot but did not find a way... I think its an issue with scoping
but i hope there is a way to get this working...


Did you try to swap the lines, so that they read

   $defineVariable = 'content'
   include app1

Does this help?

That does not work because the variables set in a define are local and 
private, there is no way that variable can be accessed from within an 
included class.


Depending on puppet version, the scoping rules are slightly different 
wrt. what can be accessed. In older versions you could use dynamic 
scoping by changing your define to a class, but that does not work in 
newer versions (dynamic scoping has been deprecated and removed because 
of its many bad side effects).


You may instead want to use parameterized classes, and instead of an 
include do this:


   class { app1: defined_variable => 'content' }

and define the class like this:

   class app1($defined_variable) {
 # ...
   }

This also has the advantage that you can control the configuration using 
external data lookup via hiera instead of having your own logic

in puppet for this.

- henrik
--

Visit my Blog "Puppet on the Edge"
http://puppet-on-the-edge.blogspot.se/

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/lqr4uj%24v7f%241%40ger.gmane.org.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] not able to comment line using file_line resource

[Supriya Uppalapati]

Hi,
 
I did like this using file_line resource



*file_line { 'replace a line to /home/infauser/.bash_profile':  path => 
'/home/infauser/.bash_profile',  line => 'export 
INFA_CODEPAGENAME=UTF-8',  #match => '^# export 
INFA_CODEPAGENAME=UTF-8.*',*
 
*But it is giving me an error:*
 


*Error: Failed to apply catalog: Validation of File_line[replace a line to 
/home/infauser/.bash_profile] failed: When providing a 'match' parameter, 
the value must be a regex that matches against the value of your 'line' 
parameter at 
/etc/puppetlabs/puppet/environments/development/modules/powercenter/manifests/init.pp:75Wrapped
 
exception:When providing a 'match' parameter, the value must be a regex 
that matches against the value of your 'line' parameter*
 
 
*It is not adding # to the starting of the line.*
 
*Please help me*

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/fa0e5bc7-854b-4f5a-8e1b-67b8b654513c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Auditing users (AD+local) and groups

[Eduardo A Muñoz]

Hi,  for this problem you would be better off with other tools.

Nevertheless you could create a facter thar list all the users in the
system and use that information in a class to check and save against a
centralized db.
On Jul 23, 2014 4:35 PM, "huhm4n"  wrote:

> I'm trying to audit local users and groups in linux and ad,local
> users,groups on windows using puppet? I looked over, all i can find is to
> audit permission of file, service status, package installation and all..is
> there a a way i can get the list of users and have module to see if there
> is new user or group added/deleted against the list? thanks in advance
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/ce7c6e00-7e5a-4745-a5da-20b464b75eed%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAOA_E9JJuNSN_LvyAa2eeiqd%3D_Q7OFwFBv1%3DLnh%2BeiUUfP68cw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: How to group systems using Puppet and hiera?

[Atom Powers]

Grant,

You probably want to use an ENC, which will allow you to define any fact
from a specified datasource.
In a simple implementation I use an ENC to read the node's hiera file and
output a few facts, such as a node's role/group, which are then used by
hiera to define additional information for Puppet.


On Thu, Jul 24, 2014 at 12:49 AM, Grant Street 
wrote:

> I am looking to implement puppet coming from cfe2
> I am also finding it hard to make the connection between nodes and groups
> using hiera. I would like a solution where I can define host groups etc on
> the puppet master rather than relying on the client to have a file(s) put
> in particular locations.
> It would be good to remove the node configuration from the puppet DSL but
> I am struggling to put this together.
> Any help ?
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/0788d35c-b315-4ae9-aca5-8018427abe87%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>



-- 
Perfection is just a word I use occasionally with mustard.
--Atom Powers--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAF-H%3DOn8tKh342SCwiJL1et_eRxQnp3JXzm3m1af%2B3coW7XGng%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] scheduling refresh event BEFORE dependent object

[Dimitris Stafylarakis]

Hi all,

I have a question for the experts in the group:

say there's an exec resource dependent on some other resource and 
refreshonly=> true. As we know already, a change in the dependent resource 
will send a refresh event to the exec resource. This will however be 
scheduled for AFTER the change in the dependent resource (e.g. change a 
configuration file for apache and then reload the service). I'd like to 
know if it's possible to schedule the exec resource BEFORE the change (e.g. 
run apt-get update before upgrading a package).

Any insights? Thanks in advance

Best regards,
Dimitris

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/6e39d56f-234c-4e30-a645-b2c941020bc3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: How to use variables in a puppet class

[Juan Moreno]

Hi,

You can try to execute facter in the nodes, with this you can see the 
facter availables.

It's posibble that *lsbdistrelease *is not available, but 
*operatingsystemrelease* works properly.

This is because *lsbdistrelease *uses a package and *operatingsystemrelease* 
read from a file /etc/redhat-release in RedHat distros

for instance, in my machine, I obtain the two values:

$ facter | egrep 'lsbdistrelease|operatingsystemrelease'
lsbdistrelease => 14.04
operatingsystemrelease => 14.04

cheers,
Juan Moreno

El jueves, 24 de julio de 2014 09:07:51 UTC+2, Vikas Kumar escribió:
>
> Hello All,
>
> I have a kickstart server which I use to deploy many minor versions of 
> CentOS/RHEL 5 and 6 for both 32 and 64 Bit OS.
>
> I have lots of yum repository files. For. e.g. - RHEL_5.5_64.repo, 
> RHEL_5.6_64.repo, RHEL_6.2_32, RHEL_6.5_64, etc. I am looking to use Puppet 
> to automatically deploy the required kickstart repos. I tried to follow 
> this 
>  
> link in vain.
>
> The problem is that I am unable to use facter variables *$lsbdistrelease* 
> with something like below.
>
> baseurl=> "http://our-reposrv:8080/dev/RHEL_$lsbdistrelease_64";
>
> Here, the variable does not converts to is value.
>
> Please help me to get this sorted. Am I missing anything ?
>
> Regards,
> Vikas
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/a4098dfc-d213-46d5-9a48-3ddd174d1af9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: puppet md5 checksum changed

[Lunixer]

Does anyone have a tip regarding this?
How do I stop it?

I know that the "audit=>all" is causing this.
It recorded the MD5 sum of the file when the audit ran for the first time.
But a newer file was created as a result of patching the client machine.
Is there a command I could rerun on the client or the server to make puppet
aware of the new MD5 sum?


Lun.



On Wed, Jul 23, 2014 at 3:58 PM, Lunixer  wrote:

>
> I have an entry for a file in a puppet manifest that checks file
> properties. One is the MD5 checksum.
>
> /etc/puppet/modules/Solaris/manifests/init.pp
> file {"/etc/logadm.conf": mode=>"644", owner=>"root", group=>"sys",
> checksum=>"md5", audit=>all; }
>
> Wed Jul 23 03:31:41 -0700 2014
> /Stage[main]/Solaris/File[/etc/logadm.conf]/content (notice): audit change:
> previously recorded value {md5}4313e436be52ffe7a8296aec05612c0b has been
> changed to {md5}fee96725c6872531af6e65b410f62a3d
>
> How do you make the message go away?
>
> --
>
> thanks,
> [ Lunixer ]
>



-- 

thanks,
[ Lunixer ]

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CACZbbm6YkUdV9XiEq7tgKt%3Dj9zK2_K2A8G3yGH_6c3dU4-qSZQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: puppet md5 checksum changed

[Christopher Wood]

I was vaguely nosy, and found a note that the checksum is stored in state.yaml. 
Maybe stop puppet, nuke the state file, and start puppet?

http://puppetlabs.com/blog/all-about-auditing-with-puppet

/var/lib/puppet/state/state.yaml

NB: Untested advice, potentially dangerous, use at your own risk.

On Thu, Jul 24, 2014 at 11:35:14AM -0700, Lunixer wrote:
>Does anyone have a tip regarding this?
>How do I stop it?
> 
>I know that the "audit=>all" is causing this.
>It recorded the MD5 sum of the file when the audit ran for the first time.
>But a newer file was created as a result of patching the client machine.
>Is there a command I could rerun on the client or the server to make
>puppet aware of the new MD5 sum?
> 
>Lun.
> 
>On Wed, Jul 23, 2014 at 3:58 PM, Lunixer <[1]luni...@gmail.com> wrote:
> 
>  I have an entry for a file in a puppet manifest that checks file
>  properties. One is the MD5 checksum.
> 
>  /etc/puppet/modules/Solaris/manifests/init.pp
>  file {"/etc/logadm.conf": mode=>"644", owner=>"root", group=>"sys",
>  checksum=>"md5", audit=>all; }
> 
>  Wed Jul 23 03:31:41 -0700 2014
>  /Stage[main]/Solaris/File[/etc/logadm.conf]/content (notice): audit
>  change: previously recorded value {md5}4313e436be52ffe7a8296aec05612c0b
>  has been changed to {md5}fee96725c6872531af6e65b410f62a3d
> 
>  How do you make the message go away?
> 
>  --
>  thanks,
>  [ Lunixer ]
> 
>--
>thanks,
>[ Lunixer ]
> 
>--
>You received this message because you are subscribed to the Google Groups
>"Puppet Users" group.
>To unsubscribe from this group and stop receiving emails from it, send an
>email to [2]puppet-users+unsubscr...@googlegroups.com.
>To view this discussion on the web visit
>
> [3]https://groups.google.com/d/msgid/puppet-users/CACZbbm6YkUdV9XiEq7tgKt%3Dj9zK2_K2A8G3yGH_6c3dU4-qSZQ%40mail.gmail.com.
>For more options, visit [4]https://groups.google.com/d/optout.
> 
> References
> 
>Visible links
>1. mailto:luni...@gmail.com
>2. mailto:puppet-users+unsubscr...@googlegroups.com
>3. 
> https://groups.google.com/d/msgid/puppet-users/CACZbbm6YkUdV9XiEq7tgKt%3Dj9zK2_K2A8G3yGH_6c3dU4-qSZQ%40mail.gmail.com?utm_medium=email&utm_source=footer
>4. https://groups.google.com/d/optout

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/20140724184814.GA23659%40iniquitous.heresiarch.ca.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Exported resouces, ceph

[M. Piscaer]

Hi,

I have two ceph clusters 'ceph_prod_cluster' and 'OSC_acc_storage'

For the OSC_acc_storage cluster I have 3 ceph monitor nodes
isp-oscaccstormon-01, isp-oscaccstormon-02 and isp-oscaccstormon-03. I
deploy the nodes with puppet-ceph. Like you can see on
https://github.com/mpiscaer/puppet-ceph I made an exported resources in
file
https://github.com/mpiscaer/puppet-ceph/blob/master/manifests/conf/mon.pp.

  @@concat::fragment { "ceph-mon-${ceph_cluster}-${name}.conf":
target => '/etc/ceph/ceph.conf',
order => '50',
content => template('ceph/ceph.conf-mon.erb'),
tag => "$ceph_cluster"
  }


The collect resources are run on the same three nodes via
https://github.com/mpiscaer/puppet-ceph/blob/master/manifests/conf.pp.

Concat::Fragment <<| target == '/etc/ceph/ceph.conf' and tag ==
"$ceph_cluster" |>>

The problem is that only from the other two nodes the exported resource
are collected. When I remove the tag in the collector everythings are go
right and the resources got collected from all the three nodes. ( Even
more because of the extra cluster. But when I have only one cluster I
see the the 3 nodes )

What is going wrong?

Kind regards,

Michiel Piscaer

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/53D15E9B.7090300%40masterpe.nl.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Auditing users (AD+local) and groups

[huhm4n]

Thanks a lot for the idea. I'll be creating a facter and see how it works 
or what i can do with it

On Thursday, July 24, 2014 8:25:21 AM UTC-7, showy wrote:
>
> Hi,  for this problem you would be better off with other tools.
>
> Nevertheless you could create a facter thar list all the users in the 
> system and use that information in a class to check and save against a 
> centralized db.
> On Jul 23, 2014 4:35 PM, "huhm4n" > wrote:
>
>> I'm trying to audit local users and groups in linux and ad,local 
>> users,groups on windows using puppet? I looked over, all i can find is to 
>> audit permission of file, service status, package installation and all..is 
>> there a a way i can get the list of users and have module to see if there 
>> is new user or group added/deleted against the list? thanks in advance 
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to puppet-users...@googlegroups.com .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/puppet-users/ce7c6e00-7e5a-4745-a5da-20b464b75eed%40googlegroups.com
>>  
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/b9aaac1f-f94e-4534-8be2-93656ce4e113%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Auditing users (AD+local) and groups

[Josh Cooper]

On Thu, Jul 24, 2014 at 1:22 PM, huhm4n  wrote:

> Thanks a lot for the idea. I'll be creating a facter and see how it works
> or what i can do with it
>
>
> On Thursday, July 24, 2014 8:25:21 AM UTC-7, showy wrote:
>
>> Hi,  for this problem you would be better off with other tools.
>>
>> Nevertheless you could create a facter thar list all the users in the
>> system and use that information in a class to check and save against a
>> centralized db.
>> On Jul 23, 2014 4:35 PM, "huhm4n"  wrote:
>>
>>> I'm trying to audit local users and groups in linux and ad,local
>>> users,groups on windows using puppet? I looked over, all i can find is to
>>> audit permission of file, service status, package installation and all..is
>>> there a a way i can get the list of users and have module to see if there
>>> is new user or group added/deleted against the list? thanks in advance
>>>
>>
Why just run `puppet resource user` which will output the list of local
users (and the groups they belong to), or `puppet resource group` which
outputs the list of local groups (and its members)?

Josh

-- 
Josh Cooper
Developer, Puppet Labs

*Join us at PuppetConf 2014 , September
20-24 in San Francisco*
*Register by July 31st to take advantage of the Early Bird discount
 **—**save $249!*

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CA%2Bu97un7-Xuk3%2BLB6z%3D8uRF9DzpwxR1z5JU4Vqjsb2ZfcmwrSg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Error 400/403 on Windows with mcollective+puppet in large amount of servers deployment

[Pete Brown]

On 24 Jul 2014 21:50, "Peiven Cheng"  wrote:
>
> Hi all,
>
> We use mcollective to trigger puppet sync in windows servers.
> While we send the 'mco puppet runonce' to trigger 8~10 servers doing puppet 
> agent apply,
> it occasionally happened the error of
> Could not retrieve catalog from remote server: Error 400 on SERVER: Could not 
> find class test_1_0_4
> for abc.tsmc at /userap/paas_ap/puppet/manifests/abc.pp:5 on node abc.tsmc
> or
> Could not evaluate: Error 403 on SERVER: Forbidden request: 
> cba.tsmc(10.39.138.57) access to /module/test_dxp_1_0_3/TEST.zip [search] 
> authenticated at
>  /etc/puppet/auth.conf:99 Could not retrieve file metadata for 
> puppet:///modules/test_dxp_1_0_3/TEST.zip: Error 403 on SERVER: Forbidden 
> request:
> cba.tsmc(10.39.138.57) access to /module/test_dxp_1_0_3/TEST.zip [search] 
> authenticated at /etc/puppet/auth.conf:99
>
> These two errors only occurred in some server and other servers can apply the 
> same class normally.
> (Therefore, we though that the error was nothing to do with what it shows of 
> configuration error since others can executed normally)
> In this case, we usually redo puppet sync without doing any change and the 
> error would gone.
>
> Does anyone know why this two error exception would be triggered?
> Any suggestions?
>
> The auth.conf file line 99 is
> # this one is not stricly necessary, but it has the merit
> # to show the default policy which is deny everything else
> path /
> auth any
>
> The version we used is
> Puppet master version: 2.7.23
> Puppet client version: 3.4.3
> mcollective version: 2.5.0

I am not sure about your error but I am sure your puppetmaster needs
to be at least the same version as your agents.
A 2.7 master will have definitely have issues talking to a 3.4 client.

I would suggest upgrading puppet on your puppet master to 3.4.3 and
seeing if that fixes your issue.

> --
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/7ad0acae-80c4-4e09-b088-26e729c5b8e1%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAJ8DPF7PwLfD22y412A6Gm%3DeN0B_z4VYW7T0oJwHR4YWu-nQhw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Hiera - how to include all files inside a directory

[Pete Brown]

I don't believe that is possible.
You will probably need to collate all the files in customers/ into one file.

I am going to hazard a guess that you have data relating to your
customers in that directory.
If the data in those files is specific to each customer and each of
your nodes had only one customer on it you could set a custom fact and
use that to as a lookup in your hiera tree.
Does that make sense?


On 24 Jul 2014 22:29, "Juan Moreno"  wrote:
>
> Hi,
>
> I would like to know if exists the possibility to include all the yaml files 
> of a directory in hiera.
>
> The hiera config looks like:
>
> :hierarchy:
>   - %{hostname}
>   - secrets
>   - customers/*
>
> :backends:
>   - yaml
> :yaml:
>   :datadir: '/etc/puppet/data'
>
> Cheers,
> Juan Moreno
>
> --
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/e069d96d-7ec4-4bb2-bd68-76143609596b%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAJ8DPF56iNxvMGnfap3JmG7qm-%3DGFBrsfrkwxkXDDUoAR%2B3dYw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Hiera - how to include all files inside a directory

[John Warburton]

I presume you just want the information for the one customer, and not all
customers?

If the first, I assume you set the customer name, and you just dump the
information in a file named after the customer. If you want all customers,
dump it all in one common file.

Whilst, we're still using extlookup, the idea is the same (and we set the
client name in our node classifier). We have client information based on
location or just general, with global overrides in "common"

$extlookup_precedence = ["host_%{fqdn}",
 "%{client}.location_%{location}",
 "%{client}",
 "location_%{location}",
 "common"]

John


On 24 July 2014 22:27, Juan Moreno  wrote:

> Hi,
>
> I would like to know if exists the possibility to include all the yaml
> files of a directory in hiera.
>
> The hiera config looks like:
>
> :hierarchy:
>   - %{hostname}
>   - secrets
>   - customers/*
>
> :backends:
>   - yaml
> :yaml:
>   :datadir: '/etc/puppet/data'
>
> Cheers,
> Juan Moreno
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/e069d96d-7ec4-4bb2-bd68-76143609596b%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>



-- 
John Warburton
Ph: 0417 299 600
Email: jwarbur...@gmail.com

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAAJLFxWfCgBCZJg58kY4HLj5GNu6PV%2Bd5sAtscmYu%3DGhDODx6w%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: How to use variables in a puppet class

[Vikas Kumar]

Hi Sean/Juan,

Yes, the redhat-lsb package is installed on my RedHat 6.4 machine which is 
my Puppet Client server. Puppet server is Ubuntu 14.04.

root@box27:~# rpm -qa | grep redhat-lsb
redhat-lsb-graphics-4.0-7.el6.x86_64
redhat-lsb-compat-4.0-7.el6.x86_64
redhat-lsb-core-4.0-7.el6.x86_64
redhat-lsb-4.0-7.el6.x86_64
redhat-lsb-printing-4.0-7.el6.x86_64
root@box27:~#


Also, facter is also displaying desired values.

root@box27:~# facter | egrep 'lsbdistrelease|operatingsystemrelease'
lsbdistrelease => 6.4

operatingsystemrelease => 6.4
root@box27:~#

And, I am using puppet v3.6.2-1 (installed through RPMs).

Not sure what I am missing. I have also tried to use file resource with 
various combinations to make the variables work as below in vain.

file {'/etc/yum.repos.d/RHEL-6.4.repo':
ensure => present,
mode   => '0644',
owner  => 'root',
group  => 'root',
source => 'puppet:///modules/repo/rhel-${lsbdistrelease}_64.repo',
or
source => 'puppet:///modules/repo/rhel-$lsbdistrelease_64.repo',
or
source 
=> 'puppet:///modules/repo/rhel-'$lsbdistrelease'_64.repo',
or
source 
=> 'puppet:///modules/repo/rhel-"$lsbdistrelease"_64.repo',
}

Any other ideas. 

Regards,
Vikas

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/3f42cef1-c4ff-400d-aaee-c530028c82c9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Deploying HA cluster with pacemaker using Puppet

[CD]

Dear friends,

I wonder whether anyone have any experience deploying a Linux HA cluster 
using Puppet. I would like to automate the deployment of HA cluster 
(http://clusterlabs.org/doc/en-US/Pacemaker/1.1-pcs/html/Clusters_from_Scratch/index.html)
 
in a Puppet master-agent model.

These are the challenges I am facing.
1. In the cluster (not individual node) services cman, clvmd and pacemaker 
need to start one after the other to form the cluster. So nodes in the 
cluster need to aware the status of the other nodes in the cluster (Ex a 
node start cman and wait for all other nodes to complete the cmand start). 
It may be possible to achieve this using resource exporter but could not 
figured this out so far

2. Once the cluster is up, resource related operations only need to be 
performed in a single cluster. How can we manage something like this with 
Puppet.


If anyone has automated cluster deployment with Puppet would you share that 
information please.

Thanks,
CD

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/d057a016-6806-4f94-8ef9-7c29e5e424f2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: puppet md5 checksum changed

[Lunixer]

Thanks for the pointer. I believe this does it.

No need to stop the puppet agent. Just two things:
- blank the /var/lib/puppet/state/state.yaml file
- run the puppet agent
New values are recorded.


Blank the file.
#  cp /dev/null state.yaml

Run the agent.

# /opt/puppet/bin/puppet agent --test
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/ensure: audit change:
newly-recorded value file
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/content: audit change:
newly-recorded value {md5}e08b47228d3d97a3dbe2004d821500b2
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/target: audit change:
newly-recorded value notlink
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/owner: audit change:
newly-recorded value 0
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/group: audit change:
newly-recorded value 3
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/mode: audit change:
newly-recorded value 644
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/type: audit change:
newly-recorded value file
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/seluser: audit change:
newly-recorded value
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/selrole: audit change:
newly-recorded value
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/seltype: audit change:
newly-recorded value
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/selrange: audit change:
newly-recorded value
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/ctime: audit change:
newly-recorded value Thu Jul 24 03:10:00 -0700 2014
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/mtime: audit change:
newly-recorded value Thu Jul 24 03:10:00 -0700 2014

Next run is  normal

# /opt/puppet/bin/puppet agent --test
warning: iconv couldn't be loaded, which is required for UTF-8/UTF-16
conversions
info: Caching catalog for host.example.com
info: Applying configuration version '1406237846'
notice: Finished catalog run in 0.42 second

The puppet agent writes the information to state.yaml.

# ls -l /var/lib/puppet/state
total 370
drwxr-xr-x   2 root root   5 Oct 25  2012 graphs
-rw-rw   1 root root  420363 Jul 24 14:19 last_run_report.yaml
-rw-rw   1 root root 243 Jul 24 14:19 last_run_summary.yaml
-rw-r--r--   1 root root2825 Jul 24 14:19 resources.txt
-rw-rw   1 root root   42639 Jul 24 14:19 state.yaml

The file state.yaml records the MD5 sum.

# view /var/lib/puppet/state/state.yaml
  "File[/etc/logadm.conf]":
!ruby/sym type: file
!ruby/sym checked: 2014-07-24 15:14:08.612241 -07:00
!ruby/sym target: !ruby/sym notlink
!ruby/sym owner: 0
!ruby/sym seltype:
!ruby/sym group: 3
!ruby/sym selrange:
!ruby/sym mode: "644"
!ruby/sym seluser:
!ruby/sym mtime: 2014-07-24 03:10:00.00 -07:00
!ruby/sym ensure: !ruby/sym file
!ruby/sym content: "{md5}e08b47228d3d97a3dbe2004d821500b2"
!ruby/sym selrole:
!ruby/sym ctime: 2014-07-24 03:10:00.00 -07:00

The last run is recorded in the file below.

# view /var/lib/puppet/state/last_run_report.yaml
"File[/etc/logadm.conf]": !ruby/object:Puppet::Resource::Status
  change_count: 0
  changed: false
  evaluation_time: 0.000796
  events: []
  failed: false
  file: *id001
  line: 73
  out_of_sync: false
  out_of_sync_count: 0
  resource: "File[/etc/logadm.conf]"
  resource_type: File
  skipped: false
  tags:
- file
- class
- Solaris
  time: 2014-07-24 15:14:08.611898 -07:00
  title: /etc/logadm.conf

Thanks,
Lun


On Thu, Jul 24, 2014 at 11:48 AM, Christopher Wood <
christopher_w...@pobox.com> wrote:

> I was vaguely nosy, and found a note that the checksum is stored in
> state.yaml. Maybe stop puppet, nuke the state file, and start puppet?
>
> http://puppetlabs.com/blog/all-about-auditing-with-puppet
>
> /var/lib/puppet/state/state.yaml
>
> NB: Untested advice, potentially dangerous, use at your own risk.
>
> On Thu, Jul 24, 2014 at 11:35:14AM -0700, Lunixer wrote:
> >Does anyone have a tip regarding this?
> >How do I stop it?
> >
> >I know that the "audit=>all" is causing this.
> >It recorded the MD5 sum of the file when the audit ran for the first
> time.
> >But a newer file was created as a result of patching the client
> machine.
> >Is there a command I could rerun on the client or the server to make
> >puppet aware of the new MD5 sum?
> >
> >Lun.
> >
> >On Wed, Jul 23, 2014 at 3:58 PM, Lunixer <[1]luni...@gmail.com>
> wrote:
> >
> >  I have an entry for a file in a puppet manifest that checks file
> >  properties. One is the MD5 checksum.
> >
> >  /etc/puppet/modules/Solaris/manifests/init.pp
> >  file {"/etc/logadm.conf": mode=>"644", owner=>"root", group=>"sys",
> >  checksum=>"md5", audit=>all; }
> >
> >  Wed Jul 23 03:31:41 -0700 2014
> >  /Stage[main]/Solaris/File[/etc/logadm.conf]/content (notice): audit
> >  change: pr

[Puppet Users] Re: puppet time stamp check

[Lunixer]

Adding this for informational purposes.
This problem was related to the one I posted in another thread. The fix is
below.

Blank the file.
#  cp /dev/null /var/lib/puppet/state/state.yaml

Run the agent.

# /opt/puppet/bin/puppet agent --test
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/ensure: audit change:
newly-recorded value file
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/content: audit change:
newly-recorded value {md5}e08b47228d3d97a3dbe2004d821500b2
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/target: audit change:
newly-recorded value notlink
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/owner: audit change:
newly-recorded value 0
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/group: audit change:
newly-recorded value 3
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/mode: audit change:
newly-recorded value 644
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/type: audit change:
newly-recorded value file
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/seluser: audit change:
newly-recorded value
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/selrole: audit change:
newly-recorded value
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/seltype: audit change:
newly-recorded value
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/selrange: audit change:
newly-recorded value
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/*ctime*: audit change:
newly-recorded value Thu Jul 24 03:10:00 -0700 2014
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/*mtime*: audit change:
newly-recorded value Thu Jul 24 03:10:00 -0700 2014

Lun.


On Wed, Jul 23, 2014 at 3:44 PM, Lunixer  wrote:

> Greetings,
>
> I have an entry for a file in a puppet manifest that checks file
> properties.
>
> /etc/puppet/modules/Linux/manifests/init.pp
> file {"/etc/ld.so.conf": mode=>"644", owner=>"root", group=>"root",
> checksum=>"md5", audit=>all; }
>
> An admin patched the server and several file checksums changed. Now the
> puppet client keeps sending messages like the one below.
>
> Tue Jul 22 20:25:15 -0700 2014
> /Stage[main]/Linux/File[/etc/ld.so.conf]/ctime (notice): audit change:
> previously recorded value Wed Aug 21 14:52:17 -0700 2013 has been changed
> to Tue Jul 22 20:25:10 -0700 2014
>
> I was just given this task to solve but don't have much puppet knowledge.
> I could not find much information by searching the web except for some bug
> related threads.
> Could you advice me how to fix that?
>
>
> --
>
> thanks,
> [ Lunixer ]
>



-- 

thanks,
[ Lunixer ]

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CACZbbm5G-TWV%3D1oB6q_tT2kvivnh7X13uYyZ%3Dnuu37nZDMisYQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: How to use variables in a puppet class

[CD]

Hi Vikas,

This is not the solution to your question but possibly alternative option.

It seems you want to generate a yum repo url for specific OS version so 
that it picks-up correct version arch etc.

How about if you use following and set up repos to match. 
baseurl=http:///centos/$releasever/os/$basearch/

Regards,
CD

On Thursday, July 24, 2014 5:07:51 PM UTC+10, Vikas Kumar wrote:
>
> Hello All,
>
> I have a kickstart server which I use to deploy many minor versions of 
> CentOS/RHEL 5 and 6 for both 32 and 64 Bit OS.
>
> I have lots of yum repository files. For. e.g. - RHEL_5.5_64.repo, 
> RHEL_5.6_64.repo, RHEL_6.2_32, RHEL_6.5_64, etc. I am looking to use Puppet 
> to automatically deploy the required kickstart repos. I tried to follow 
> this 
>  
> link in vain.
>
> The problem is that I am unable to use facter variables *$lsbdistrelease* 
> with something like below.
>
> baseurl=> "http://our-reposrv:8080/dev/RHEL_$lsbdistrelease_64";
>
> Here, the variable does not converts to is value.
>
> Please help me to get this sorted. Am I missing anything ?
>
> Regards,
> Vikas
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/da859571-0c6f-4c22-b1e2-c17426d59a76%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: How to use variables in a puppet class

[Vikas Kumar]

Hi CD,

Just tried these too, but somehow puppet is not honoring any variables in 
the resources. 

baseurl => http://192.168.1.100/centos/$releasever/os/$basearch,
and
baseurl => "http://192.168.1.100/centos/$releasever/os/$basearch";,

Somehow, notify is working fine.

notify {'FYI': message => "Setting up Repo for a $operatingsystem 
$lsbdistrelease system", }


Regards,
Vikas


On Friday, 25 July 2014 09:37:17 UTC+10, CD wrote:
>
> Hi Vikas,
>
> This is not the solution to your question but possibly alternative option.
>
> It seems you want to generate a yum repo url for specific OS version so 
> that it picks-up correct version arch etc.
>
> How about if you use following and set up repos to match. 
> baseurl=http:///centos/$releasever/os/$basearch/
>
> Regards,
> CD
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/c6a8075c-7596-4d16-bae5-21fa0d99a520%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] using a template, how do you create multiple files whose names come from an array?

[senorsmile]

For example, I have an array like this: 

clusters => [
  'cluster1',
  'cluster2',
  'cluster3',
  'cluster4',
]



I then have a cluster.init.erb that looks soemthing like this: 

start on runlevel [2345]
stop on runlevel [!2345]

expect fork
respawn

<% @clusters.each do | cluster | -%>
env PIDFILE="/var/run/${cluster}.pid"

exec /usr/sbin/program_name --pid-file=$PIDFILE
<% end -%>


That is all theoretical at this point since it doesn't work. 
What I need it to do is dynamically generate a certain number of files, 
equal to the number of files in the array "clusters", whose names I will 
not know beforehand, and changes from host to host.  





-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/8959bc99-9944-4676-ae0f-3c834e74cc37%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] not able to comment line using file_line resource

[Joachim Schrod]

On 07/24/14 17:17, Supriya Uppalapati wrote:
>  
> I did like this using file_line resource
> file_line { 'replace a line to /home/infauser/.bash_profile':
>   path => '/home/infauser/.bash_profile',
>   line => 'export INFA_CODEPAGENAME=UTF-8',
>   #match => '^# export INFA_CODEPAGENAME=UTF-8.*',*

Your "match" regexp must match the line *both* before *and* after
the change.

I.e.,

match => 'export INFA_CODEPAGENAME=UTF-8',

will probably work. If .bash_profile doesn't have that line yet, it
is added.

HTH,
Joachim

-- 
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Joachim Schrod, Roedermark, Germany
Email: jsch...@acm.org

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/lqsbns%24i96%241%40ger.gmane.org.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: How to group systems using Puppet and hiera?

[Grant Street]

Hey 
Thanks for the reply 

I want the ENC to pass on variables or the like so that these can be used 
by hiera to apply roles/profiles etc. 

eg 
ENC returns a nodes software role eg role: desktop_software
Then hiera can load the desktop_software.yaml file to apply that software 
role as part of it's normal hierarchy. 

Is that possible? What would it envolve?

Grant  


On Friday, July 25, 2014 1:34:10 AM UTC+10, Atom Powers wrote:
>
> Grant,
>
> You probably want to use an ENC, which will allow you to define any fact 
> from a specified datasource.
> In a simple implementation I use an ENC to read the node's hiera file and 
> output a few facts, such as a node's role/group, which are then used by 
> hiera to define additional information for Puppet.
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/e811237c-edfc-4eb3-b19a-af4f6e182f8b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: How to group systems using Puppet and hiera?

[Atom Powers]

The ENC can pass on any variable you wish to define and they can be used by
Hiera.
I haven't got around to implementing a true CMDB yet so I use a very simple
ruby script as my ENC. It reads the hieradata/nodes/fqdn.yaml file for a
"role" value and returns that in the output to puppet. My hiera.yaml
hierarchy includes "hieradata/roles/%role"
The output of the ENC is very specific, if you can't find the information
you need to get it to work I'll find out if I can share my ENC script with
you off-list.


On Thu, Jul 24, 2014 at 9:23 PM, Grant Street 
wrote:

> Hey
> Thanks for the reply
>
> I want the ENC to pass on variables or the like so that these can be used
> by hiera to apply roles/profiles etc.
>
> eg
> ENC returns a nodes software role eg role: desktop_software
> Then hiera can load the desktop_software.yaml file to apply that software
> role as part of it's normal hierarchy.
>
> Is that possible? What would it envolve?
>
> Grant
>
>
> On Friday, July 25, 2014 1:34:10 AM UTC+10, Atom Powers wrote:
>>
>> Grant,
>>
>> You probably want to use an ENC, which will allow you to define any fact
>> from a specified datasource.
>> In a simple implementation I use an ENC to read the node's hiera file and
>> output a few facts, such as a node's role/group, which are then used by
>> hiera to define additional information for Puppet.
>>
>>
>>  --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/e811237c-edfc-4eb3-b19a-af4f6e182f8b%40googlegroups.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>



-- 
Perfection is just a word I use occasionally with mustard.
--Atom Powers--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAF-H%3DO%3DfKbZcWyxwxSQwPX_YdwUi%2BuT9RLrUchOK0x2CuaA8ug%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] scheduling refresh event BEFORE dependent object

[Pete Brown]

If you are actually managing apt and need to trigger an apt-update
before a package install I can highly recommend the puppetlabs/apt
module on puppet forge I am using it in my environments and it does a
very good job at managing all of apt and friends.
https://forge.puppetlabs.com/puppetlabs/apt

If that really isn't the case and that was just an example the require
metaparameter is probably what you are looking for.
http://docs.puppetlabs.com/references/stable/metaparameter.html#require

On 25 July 2014 01:42, Dimitris Stafylarakis  wrote:
> Hi all,
>
> I have a question for the experts in the group:
>
> say there's an exec resource dependent on some other resource and
> refreshonly=> true. As we know already, a change in the dependent resource
> will send a refresh event to the exec resource. This will however be
> scheduled for AFTER the change in the dependent resource (e.g. change a
> configuration file for apache and then reload the service). I'd like to know
> if it's possible to schedule the exec resource BEFORE the change (e.g. run
> apt-get update before upgrading a package).
>
> Any insights? Thanks in advance
>
> Best regards,
> Dimitris
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/6e39d56f-234c-4e30-a645-b2c941020bc3%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAJ8DPF79GAigC1P5%2BcGnLtH8RUi5cXqviQpvck7KTBc%3DZk4YYw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.