Re: [Puppet Users] Re: Announce: Puppet Language Style Guide 2.0
== Section 10.7 Defines can't use inherits for parameter defaults Should this be reduced to only cover classes, or should the description be expanded to cover the style of setting defined resource defaults also? (Which happen to be the bad example; whoops.) The guide's preferred form works for defined types, too, provided the default values are static (but then why would you even consider the other style?). On the other hand, the guide's preferred style does not work even for classes when a parameter's default value needs to be computed from the actual values of other parameters. I think the guideline should be softened to a recommendation, its applicability narrowed to classes only, and the example labels changed from GOOD and BAD to something like Preferred and Discouraged. The non-applicability to defined types should be explicitly called out, for clarity. Okay. == Section 11.2 Recommendation against using include is unclear or harmful I think this was to describe how an over-zealous use of `include` may cause classes to be declared with the default parameters before a user may declare them with parameters. Or it could have been about cross-module class inclusion in public modules. What should we do with this section? I don't think there is any over-zealousness problem associated with using 'include', unless it is with respect to declaring classes that are not directly required in the scope of the declaration. Needed classes *should* be declared, and that generally should be done via an 'include', 'require', or 'contain' call. (And note, too, that 'contain' and 'require' have all the same declaration semantics as 'include', but the current text ignores them.) In fact, I think the guide is almost exactly backward on this matter. The style points that should be recommended are: - Classes and defined types should declare the classes on which they rely - Data should generally be bound to classes via Puppet's Hiera-based automatic data-binding facility, instead of via resource-style class declarations. In particular, - In modules, the resource style should *never* be be used to declare *public* classes of that or any other module. - Everywhere, the 'include', 'require', and / or 'contain' functions should be used instead of resource-style class declarations if at all possible. All that can be well justified based on Puppet's design and implementation, though I grant that if at all possible is pretty wishy-washy. I'd go further with a style guide for my own site, but the things I'd add would be a bit more controversial. Well put :). Re-reading this section makes me think that it was historically about the declare variables then include classes pattern that parameterized classes were created to obviate, but got mashed together with a design pattern for cross-module class inclusion like in a game of telephone. The whole non-deterministic scoping thing is probably irrelevant at this point. == Section 10.4 Chaining arrow syntax with only references, not declarations Agreed. And perhaps that if there are line breaks around arrow syntax, they must only happen to the right of the arrow and not the left so that arrows are not hidden at the end of previous lines. I'm missing it: how does allowing line breaks only to the *right* of a chain operator prevent it from being hidden at the end of a line? Shouldn't that be left? Whoops yes, to the left of the arrow. Perhaps I was thinking with the arrow to the right of the linebreak when I wrote that. IE, https://github.com/puppetlabs/puppetlabs-mysql/blob/3.1.0/manifests/server.pp#L64-L72 is a bad example as the linebreaks are on the right of the arrow :). But anyway... V Chaining resource declarations doesn't actually bother me, personally. I won't particularly resist the style guide discouraging that, but I'd be at least as well satisfied by a softer guideline. For example, a chain operator should appear on the same line as its right-hand operand. Or the still-softer a chain operator should appear either on the same line as its right-hand operand or on a line by itself. I like this more than talking about left/right linebreaks. == Section 12.1 $unique_name = $name is unclear I believe this was to describe how the continued use of $name throughout a define can lead to confusion, as $name has no strong semantic meaning. Thus a good example would be https://github.com/puppetlabs/ puppetlabs-apache/blob/1.2.0/manifests/listen.pp#L2 and a bad example would be... https://github.com/puppetlabs/puppetlabs-apache/blob/1.2.0/ manifests/vhost.pp (because $name is scattered throughout the define and has no definite meaning). I don't think unique_name has any more or less clear of a meaning in such contexts than does name. Any lack of clarity is about which entity the name belongs to, and describing it as unique doesn't really help
Re: [Puppet Users] Re: Announce: Puppet Language Style Guide 2.0
On Tuesday, February 3, 2015 at 4:00:19 PM UTC-6, Hunter Haugen wrote: tl;dr Summarizing the feedback from Garrett, Trevor, and John (because email is hard), and see if we have resolution on some points and which ones we still need to clarify. = Questions: These need further discussion and clarification. == Section 10.7 Defines can't use inherits for parameter defaults Should this be reduced to only cover classes, or should the description be expanded to cover the style of setting defined resource defaults also? (Which happen to be the bad example; whoops.) The guide's preferred form works for defined types, too, provided the default values are static (but then why would you even consider the other style?). On the other hand, the guide's preferred style does not work even for classes when a parameter's default value needs to be computed from the actual values of other parameters. I think the guideline should be softened to a recommendation, its applicability narrowed to classes only, and the example labels changed from GOOD and BAD to something like Preferred and Discouraged. The non-applicability to defined types should be explicitly called out, for clarity. == Section 11.2 Recommendation against using include is unclear or harmful I think this was to describe how an over-zealous use of `include` may cause classes to be declared with the default parameters before a user may declare them with parameters. Or it could have been about cross-module class inclusion in public modules. What should we do with this section? I don't think there is any over-zealousness problem associated with using 'include', unless it is with respect to declaring classes that are not directly required in the scope of the declaration. Needed classes *should* be declared, and that generally should be done via an 'include', 'require', or 'contain' call. (And note, too, that 'contain' and 'require' have all the same declaration semantics as 'include', but the current text ignores them.) In fact, I think the guide is almost exactly backward on this matter. The style points that should be recommended are: - Classes and defined types should declare the classes on which they rely - Data should generally be bound to classes via Puppet's Hiera-based automatic data-binding facility, instead of via resource-style class declarations. In particular, - In modules, the resource style should *never* be be used to declare *public* classes of that or any other module. - Everywhere, the 'include', 'require', and / or 'contain' functions should be used instead of resource-style class declarations if at all possible. All that can be well justified based on Puppet's design and implementation, though I grant that if at all possible is pretty wishy-washy. I'd go further with a style guide for my own site, but the things I'd add would be a bit more controversial. = Proposals: If the below changes sound good, then we'll go with that. == Section 5 line length is an issue Managing line lengths in puppet is difficult. This point should change to describe where to do syntax-wise linebreak rather than character-wise breaks (ie, any hashes containing more than a single key/value pair, etc.). Yes. I'd be ok even with setting a soft bound on line length -- e.g. a recommendation / preference that line lengths not exceed (say) 140 characters if it can reasonably be avoided. Emphasize that this is a readability issue. == Section 9.6 symbolic modes This was answered in that symbolic modes can perform operations that numeric modes cannot. The style guide does not dictate which form to use, so this should not be an issue. Ok. == Section 10.6 No required class parameters Some classes just MUST have required parameters and there is no way around it. The style guide should be modified to include should minimize the number of required parameters as a style recommendation. Ok. == Section 10.2 item 7, resource ordering alphabetically Remove the mention of ordering so that it is simply Should declare resources. This also impacts section 9.4 and should be reconciled. Thus the item would designate a location for resource declarations as a group, relative to other statements, but it would not recommend any particular ordering of the resource declarations with respect to each other. That works for me. == Section 10.2 includes vs validation first Validation cannot come at the end of the file due to parse order, but it is possible to allow includes to come before validation, so we should just not dictate this bit of ordering. (This issue will go away entirely after the release of puppet 4, as validation may happen inline with the parameters themselves due to the typing system.) The option to have validation after class declarations works for me. It may, in fact, be necessary under
Re: [Puppet Users] Chicken-Egg Dilemma with network interfaces
As promised, here is my final solution:
Three variables (because this is inside a defined type) :
$service _name like mysql
$interface_name like eth0 or eth0:1
$ip like 192.168.123.100
--
file { /etc/sysconfig/network-scripts/ifcfg-${interface_name} :
# stuff
}
exec { network_interface_${service_name} :
command = /sbin/ifup ${interface_name},
subscribe = File[/etc/sysconfig/network-scripts/ifcfg-${interface_name}],
notify = Service[$service_name],
onlyif = /usr/bin/test `/sbin/ip addr show | /bin/grep ${interface_name} |
/bin/grep ${ip} | /usr/bin/wc -l` -eq 0
}
service { $service_name:
ensure = $service_ensure,
enable = $service_enable,
require = [
Package[ ...],
Package[...],
],
}
I needed to replace the refreshonly parameter with the onlyif command because
it was running ifup every time.
The double-grep is to tell eth0 from eth0:1
It works when the interface is down and it does nothing if the interface is up
“Sometimes I think the surest sign that intelligent life exists elsewhere in the
universe is that none of it has tried to contact us.” (Bill Waterson: Calvin
Hobbes)
On Jan 31, 2015, at 09:00 PM, Dan White d_e_wh...@icloud.com wrote:
Thanks.
I will report back with my results - good or bad
On Jan 31, 2015, at 8:54 PM, Christopher Wood christopher_w...@pobox.com
wrote:
The service wouldn't start before the exec due to the notify there. The exec
resource will be managed before the service resource. (I don't think it would
mess anything up but I haven't tried adding multiple relationship
metaparameters recently.)
https://docs.puppetlabs.com/puppet/latest/reference/lang_relationships.html#ordering-and-notification
https://docs.puppetlabs.com/references/latest/metaparameter.html#notify
On Sat, Jan 31, 2015 at 11:59:01AM -0500, Dan White wrote:
Another thought :
Unless I chain them together…
file{} - exec{} - service{}
what would keep the service from trying to start before the exec has run ?
Would adding “ require = Exec['/sbin/ifup eth0’], “ to the service
resource mess things up ?
On Jan 30, 2015, at 4:18 PM, Dan White [1]d_e_wh...@icloud.com wrote:
Thanks.
I was not trying it that way, but I believe I will. I see where my
approach was borked.
Unfortunately, it means some non-trivial refactoring.
But (and thanks a second time for an opportunity to use this line)
It's like the chicken said, Launchpad, 'You knew the job was dangerous
when you took it' !
“Sometimes I think the surest sign that intelligent life exists elsewhere in the
universe is that none of it has tried to contact us.” (Bill Waterson: Calvin
Hobbes)
On Jan 30, 2015, at 03:37 PM, Christopher Wood
[2]christopher_w...@pobox.com wrote:
Possibly something like this? If you've already tried this, what was
the result?
file { '/etc/sysconfig/network-scripts/ifcfg-eth0':
# stuff here
}
exec { '/sbin/ifup eth0':
refreshonly = true,
subscribe = File['/etc/sysconfig/network-scripts/ifcfg-eth0'],
notify = Service['mysql'],
}
service { 'mysql':
# stuff
}
(Store the ip information in hiera and template your mysql.cnf as well
as ifcfg-eth0 with the same data.)
On Fri, Jan 30, 2015 at 07:40:38PM +, Dan White wrote:
Red Hat / CentOS 6.x with Puppet 3.7.x
Creating a new network interface is easy:
Create the /etc/sysconfig/network-scripts/ifcfg-eth(whatever) file
and then refresh the network service.
Now the problem: If I want to run something off that new interface
-- like a MySQL server -- how do I express the dependency to get the
interface running before trying to start the service to run on it ?
I have been unsuccessful in making it happen in a single puppet
run.
“Sometimes I think the surest sign that intelligent life exists elsewhere
in the universe is that none of it has tried to contact us.”
Bill Waterson (Calvin Hobbes)
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to [3]puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
[4]https://groups.google.com/d/msgid/puppet-users/BDCDE71E-6838-4EA7-85BB-83BAC8E5B4D9%40icloud.com.
For more options, visit [5]https://groups.google.com/d/optout.
References
Visible links
1. mailto:d_e_wh...@icloud.com
2. mailto:christopher_w...@pobox.com
3. mailto:puppet-users+unsubscr...@googlegroups.com
4. https://groups.google.com/d/msgid/puppet-users/BDCDE71E-6838-4EA7-85BB-83BAC8E5B4D9%40icloud.com?utm_medium=emailutm_source=footer
5. https://groups.google.com/d/optout
--
You received this message because you are subscribed to the Google Groups Puppet
Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/20150201015457.GA24696%40iniquitous.heresiarch.ca.
For more options, visit
[Puppet Users] Apparent unexpectedly synthesized dependency
I am getting a dependency loop when trying to apply my puppet
manifests, however the loop makes little sense to me as one the
dependencies seems to come from no where.
The cycle is this:
Augeas[Change production to development in virtual hosts] =
Exec[re-read apache config] =
Class[App::Apache] =
Augeas[Change production to development in virtual hosts])
This cycle is started with this resource in Class A:
augeas { 'Change production to development in virtual hosts':
context = '/files/etc/httpd/conf.d/httpd-app.conf',
changes = [
set VirtualHost[1]/*[self::directive='SetEnv']/arg[2] development,
set VirtualHost[2]/*[self::directive='SetEnv']/arg[2] development,
],
require = Class['app::apache'],
notify = Exec['re-read apache config'],
}
Exec['re-read apache config'] lives in the class app::apache, and it
looks like:
exec { 're-read apache config':
command = '/sbin/apachectl graceful',
require = Class['app::packages'],
refreshonly = true,
}
So if I were to draw a dep graph I would draw two branches, this one:
Augeas[Change production to development in virtual hosts] =
Class['app::apache']
And this one:
Augeas[Change production to development in virtual hosts] =
Exec['re-read apache config'] =
Class['app::packages']
But I would not draw the one puppet came up with:
Augeas[Change production to development in virtual hosts] =
Exec[re-read apache config] =
Class[App::Apache] =
Augeas[Change production to development in virtual hosts]
In particular I don't see where it is getting that Exec[re-read apache
config] requires Class[App::Apache] (which itself contains
Exec[re-read apache config]). But then it goes a step beyond and
states that Class[App::Apache], the dep I can't explain requires
Augeas[Change production to development in virtual hosts] causing a
loop. Near as I can tell App::Apache makes no requirements that
takes you directly back Augeas[Change production to development in
virtual hosts].
Symbolically, I expect the dependency graphs:
A - B
A - C - D
where B contains C, but in no way expected the graph:
A-C-B-A
Why might this be happening and what am I not understanding?
Thanks...James
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAPWHxfLJPf041A3sonLiyKWgP98H%3DTwy3FLFjos8s7CuC6tmYQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: Augeas fstab - removing all opt nodes then rebuilding
This worked for me, thanks for the help:
if defined(Package['mysql55-server']) {
augeas { 'fstabvarext4entry':
context = '/files/etc/fstab/*[file=/var][vfstype=ext4]',
changes = [
'rm opt',
'ins opt after vfstype[last()]',
'set opt[last()] defaults',
'ins opt after opt[last()]',
'set opt[last()] noatime',
'ins opt after opt[last()]',
'set opt[last()] data',
'set opt[last()]/value writeback',
'ins opt after opt[last()]',
'set opt[last()] barrier',
'set opt[last()]/value 0',
'ins opt after opt[last()]',
'set opt[last()] nobh',
'ins opt after opt[last()]',
'set opt[last()] errors',
'set opt[last()]/value remount-ro',
],
}
}
On Wednesday, February 4, 2015 at 10:37:20 AM UTC-5, jamese wrote:
with augtool you can do the following:
augtool ls /files/etc/fstab/3/
spec = UUID=
file = /boot/efi
vfstype = vfat
opt[1]/ = umask
opt[2]/ = shortname
dump = 0
passno = 0
augtool *rm /files/etc/fstab/3/opt[*]*
rm : /files/etc/fstab/3/opt[*] 4
augtool ls /files/etc/fstab/3/
spec = UUID=
file = /boot/efi
vfstype = vfat
dump = 0
passno = 0
augtool
I believe in the augeas resource you can do rm opt[*] for the same
result. I'd be sure you have a backup of the file before doing this on a
real box :)
On Wednesday, 4 February 2015 15:15:29 UTC, Anthony Clark wrote:
Hello All,
I have a requirement to mount /var with specific options if mysql-server
is installed and the filesystem is ext4. So far I have this:
if defined(Package['mysql55-server']) {
notice found mysql server
augeas { 'fstabvarentry':
context = '/files/etc/fstab/*[file=/var][vfstype=ext4]',
changes = [
'', # remove all opt nodes
'ins opt[1] defaults',
'ins opt[2] noatime',
# etc etc to build
defaults,noatime,data=writeback,barrier=0,nobh,errors=remount-ro
],
onlyif = 'match /files/etc/fstab/*[file=/var][vfstype=ext4]',
}
}
Now, my problem is how to deal with all possible opt entries for the /var
partition. I want to start off by removing *all* opt nodes then adding the
ones I need, but I am having trouble finding the syntax on how to remove
all opt nodes.
How can I write rm opt* ?
Thanks!
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/af3ab010-e4b0-4e90-8ec5-75efc2905d36%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Re: Bootstrap puppet client
Hello Aries: The root user would execute this or standard user using sudo. This also depends on how its run. If ran during a Kickstart it would be run by the root user. If you setup the machine, then ssh into the server, it would be run by your user you ssh'd into the box with. If that is the case, you might want to run the command with sudo privileges. Thanks Joseph On Tue, Feb 3, 2015 at 8:23 PM, aries arie...@gmail.com wrote: Hi Joseph: Thanks your help. I have a question about the command. Who is executing the command ? Puppet server or client ? I need execute some Puppet tools from server. It can login client and do some script. (client is only OS and SSH) The Chef knife tools can do. Thanks Aries aries於 2015年2月3日星期二 UTC+8下午5時50分06秒寫道: Hi ~ I use chef knife bootstrap a new chef client. It use ssh method to login my client and run script to do any thing. # sudo knife bootstrap $CLIENT_IP -x $USER_NAME -P $PASSWORD -d $ERB_FILE Is there like tools for puppet ? thanks Aries -- You received this message because you are subscribed to a topic in the Google Groups Puppet Users group. To unsubscribe from this topic, visit https://groups.google.com/d/topic/puppet-users/wfy19TmLwZ0/unsubscribe. To unsubscribe from this group and all its topics, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/be07cc95-df74-43a9-be3d-1ff754dbf46e%40googlegroups.com https://groups.google.com/d/msgid/puppet-users/be07cc95-df74-43a9-be3d-1ff754dbf46e%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- Mr. Joseph Karns, RHCSA -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAFC11G%2Bwz5QA87hOeQn%2BqUtzDb5UC0THwkVvNtt0-cK8kucAjA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: Bootstrap puppet client
Hello Aries: The root user would execute this or standard user using sudo. This also depends on how its run. If ran during a Kickstart it would be run by the root user. If you setup the machine, then ssh into the server, it would be run by your user you ssh'd into the box with. If that is the case, you might want to run the command with sudo privileges. Thanks Joseph On Tuesday, February 3, 2015 at 4:50:06 AM UTC-5, aries wrote: Hi ~ I use chef knife bootstrap a new chef client. It use ssh method to login my client and run script to do any thing. # sudo knife bootstrap $CLIENT_IP -x $USER_NAME -P $PASSWORD -d $ERB_FILE Is there like tools for puppet ? thanks Aries -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/324ce448-6f46-4e14-8e83-45da9d50cc36%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: Puppet Dashboard/console
On Tuesday, February 3, 2015 at 4:23:05 PM UTC-6, PierreR wrote: There's a good roundup of the options here: http://www.olindata.com/blog/2014/01/puppet-management-gui-comparison Puppet Enterprise Console is arguably the best, but that's not available if you're using the free open source option. If you want something similar you are probably best looking at Foreman or Puppet Dashboard. Both are in development, though Foreman may be seeing more attention as Red Hat have started using it in their Satellite product. Is Puppet Dashboard really deprecated as mentioned in the link ? It seems more active than both Puppetboard and Puppet Explorer. This last one looks promising but completely inactive apparently. Dashboard was once a PuppetLabs project, but PL no longer maintains it. It is open-source, though, and I think there is now another maintainer. I'm uncertain how active the project now is, or whether it is or will be ready for Puppet 4. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/047a8802-6e5d-4989-99b8-7736f24b1f4f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Re: Announce: Native Facter (cfacter) 0.3.0 is available!
On Tue, Feb 3, 2015 at 5:37 AM, Paul Seymour paul.seym...@ig.com wrote: Thanks for this. Just put the RHEL7 x86_64 on a puppet client and it complains:- Error: Could not initialize global default settings: cfacter version 0.2.0 or later is not installed. Tracing it through it is looking for the libraries in /usr/lib64 and they are installed via the RPM in /usr/lib this doesn't happen when running via the command line so maybe something with my environment. Could you give us a little more information about how you're running cfacter? It sounds like puppet isn't playing with cfacter as well as it should, but I'd like to confirm that. Can you also let us know what version of the puppet you're running? Linking/Copying the libs to /usr/lib64 and all is well with Puppet agent Thanks Paul -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/0ec19a79-5507-4a09-827d-40758e37078c%40googlegroups.com https://groups.google.com/d/msgid/puppet-users/0ec19a79-5507-4a09-827d-40758e37078c%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- Melissa Stone Release Engineer, Puppet Labs -- *Join us at **PuppetConf 2015, October 5-9 in Portland, OR - * http://2015.puppetconf.com. *Register early to save 40%!* -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAHEe_kod0pRsY5dz1M82dk8%2BnyqZF4NvnE8WnkdVYfJi3OpiRA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] how to prevent certificate revocation list (CRL) from expiring
I've noticed that if a Puppet agent happens to contact the master after the next update time listed in the CRL openssl crl -in `puppet master --configprint hostcrl` -noout -nextupdate that the master has most recently read on startup, then it will fail with the message: Error: /File[/var/opt/lib/pe-puppet/lib]: Failed to generate additional resources using 'eval_generate': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [CRL has expired for /O=*redacted*/CN=*redacted*] I'm using FreeIPA as a certificate authority, and it uses that field to communicate to users when the next update will be ready. It seems to like to update it a few times a day. The trouble is, there is always going to be a moment *after* the update is ready but *before* a script has had a chance to update the CRL and restart the Puppetmaster. During this time, Puppet agent runs will fail. Is there any way to tell Puppet that slightly out-of-date CRLs are okay? Otherwise, I think the next step is to try disabling checks to the CRL, but I like the fact that Puppet checks it by default. - Josh Bronson -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/ec8b1227-6435-487a-af9a-ef1e5bb87199%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Re: Announce: Native Facter (cfacter) 0.3.0 is available!
On Wednesday, 4 February 2015 23:07:46 UTC, Melissa Stone wrote: On Tue, Feb 3, 2015 at 5:37 AM, Paul Seymour paul.s...@ig.com javascript: wrote: Thanks for this. Just put the RHEL7 x86_64 on a puppet client and it complains:- Error: Could not initialize global default settings: cfacter version 0.2.0 or later is not installed. Tracing it through it is looking for the libraries in /usr/lib64 and they are installed via the RPM in /usr/lib this doesn't happen when running via the command line so maybe something with my environment. Could you give us a little more information about how you're running cfacter? It sounds like puppet isn't playing with cfacter as well as it should, but I'd like to confirm that. Can you also let us know what version of the puppet you're running? Sure the version is 3.7.1, being meaning to bump up to 3.7.4 to play with Puppet Server but not there just yet. Thanks -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/34365526-b1b2-4997-8cdb-306bab6220c5%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Exporting resource to a particular host
Hi I am using puppetdb and exported resource to manage autmatic nagios setup. It works very well. Now I want to setup another nagios server for another set of machines using same puppetdb and puppet master. As for I understand, a client exports @@nagios_host and nagios server collect it by Nagios_host | | I want some Nagios_host to be collected by different nagios server. Is it possible ? I was thinking about 'tag' but am not sure how to use with exported resources. Thanks Kashif -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CADXPHmuT5_R2z4gmSpnhjPUxANvF8sLWJ8NUXi21oJC7in6okQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Augeas fstab - removing all opt nodes then rebuilding
Hello All,
I have a requirement to mount /var with specific options if mysql-server is
installed and the filesystem is ext4. So far I have this:
if defined(Package['mysql55-server']) {
notice found mysql server
augeas { 'fstabvarentry':
context = '/files/etc/fstab/*[file=/var][vfstype=ext4]',
changes = [
'', # remove all opt nodes
'ins opt[1] defaults',
'ins opt[2] noatime',
# etc etc to build
defaults,noatime,data=writeback,barrier=0,nobh,errors=remount-ro
],
onlyif = 'match /files/etc/fstab/*[file=/var][vfstype=ext4]',
}
}
Now, my problem is how to deal with all possible opt entries for the /var
partition. I want to start off by removing *all* opt nodes then adding the
ones I need, but I am having trouble finding the syntax on how to remove
all opt nodes.
How can I write rm opt* ?
Thanks!
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/156ba202-76f4-4d91-8e92-dfed187da948%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Exporting resource to a particular host
I am using puppetdb and exported resource to manage autmatic nagios setup. It works very well. Now I want to setup another nagios server for another set of machines using same puppetdb and puppet master. As for I understand, a client exports @@nagios_host and nagios server collect it by Nagios_host | | I want some Nagios_host to be collected by different nagios server. Is it possible ? I was thinking about 'tag' but am not sure how to use with exported resources. It's pretty easy: Nagios_host | tag == 'nagios1' | See: https://docs.puppetlabs.com/puppet/latest/reference/lang_collectors.html ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNTk0U3%3Dww_06rRFUoosVjJzsPWffQE-1BD0_b%3DuqdUvzaQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Re: puppet cron help
You can also try this:
https://groups.google.com/forum/#!topic/puppet-users/PZMv4hGpKiM
Cool! Thank you, Keith!
On Tue, Feb 3, 2015 at 7:34 PM, keith.sta...@gmail.com wrote:
On Monday, February 2, 2015 at 5:55:58 PM UTC-5, bluethundr wrote:
Hey all,
I'm attempting to setup a cron job via the cron resource in puppet.
This is what I'm trying to express via puppet:
*/30 * * * * /usr/bin/facter -y /etc/mcollective/facts.yaml
This is what I've tried:
cron { facts-cron:
command = /usr/bin/facter -y /etc/mcollective/facts.yaml,
user= 'root',
hour= 0,
minute = '0/30'
}
And this is the error I'm getting:
Error: Failed to apply catalog: Parameter minute failed on
Cron[facts-cron]: 0/30 is not a valid minute at /etc/puppet/environments/
production/modules/mcollective/manifests/config.pp:18
Wrapped exception:
0/30 is not a valid minute
What's the best way to ask for a cron job to run every 30 minutes in
pupppet-ese?
Thank you,
Tim
--
GPG me!!
gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
You can also try this:
https://groups.google.com/forum/#!topic/puppet-users/PZMv4hGpKiM
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/cea5b350-c2bd-4575-86bb-8eb5111aed4c%40googlegroups.com
https://groups.google.com/d/msgid/puppet-users/cea5b350-c2bd-4575-86bb-8eb5111aed4c%40googlegroups.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.
--
GPG me!!
gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAOZy0ek9qwvo3ooeq2e88iX1ycpUA%2BiLnEAA-V%3DET1T3D_A6Tw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: Augeas fstab - removing all opt nodes then rebuilding
with augtool you can do the following:
augtool ls /files/etc/fstab/3/
spec = UUID=
file = /boot/efi
vfstype = vfat
opt[1]/ = umask
opt[2]/ = shortname
dump = 0
passno = 0
augtool *rm /files/etc/fstab/3/opt[*]*
rm : /files/etc/fstab/3/opt[*] 4
augtool ls /files/etc/fstab/3/
spec = UUID=
file = /boot/efi
vfstype = vfat
dump = 0
passno = 0
augtool
I believe in the augeas resource you can do rm opt[*] for the same
result. I'd be sure you have a backup of the file before doing this on a
real box :)
On Wednesday, 4 February 2015 15:15:29 UTC, Anthony Clark wrote:
Hello All,
I have a requirement to mount /var with specific options if mysql-server
is installed and the filesystem is ext4. So far I have this:
if defined(Package['mysql55-server']) {
notice found mysql server
augeas { 'fstabvarentry':
context = '/files/etc/fstab/*[file=/var][vfstype=ext4]',
changes = [
'', # remove all opt nodes
'ins opt[1] defaults',
'ins opt[2] noatime',
# etc etc to build
defaults,noatime,data=writeback,barrier=0,nobh,errors=remount-ro
],
onlyif = 'match /files/etc/fstab/*[file=/var][vfstype=ext4]',
}
}
Now, my problem is how to deal with all possible opt entries for the /var
partition. I want to start off by removing *all* opt nodes then adding the
ones I need, but I am having trouble finding the syntax on how to remove
all opt nodes.
How can I write rm opt* ?
Thanks!
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/beba8a33-ffb2-4c43-b99f-d9f30bf9f460%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: Augeas fstab - removing all opt nodes then rebuilding
Running the following gives me an error:
augeas { 'fstabvarentry':
context = '/files/etc/fstab/*[file=/var][vfstype=ext4]',
changes = [
'set opt[1] default',
'set opt[2] noatime',
'set opt[3] data',
'set opt[3]/value writeback',
'set opt[4] barrier',
'set opt[4]/value 0',
'set opt[5] nobh',
'set opt[6] errors',
'set opt[6]/value remount-ro',
],
#onlyif = 'match /files/etc/fstab/*[file=/var][vfstype=ext4]',
}
Debug: Augeas[fstabvarentry](provider=augeas): /augeas/files/etc/fstab/error
/message = Failed to match
{ /spec/ = /[^\001-\004\t\n #,][^\001-\004\t\n ]*/ }{ /file/ =
/[^\001-\004\t\n
#]+/ }{ /vfstype/ = /[^\001-\004\t\n #,=]+/ }({ /vfstype/ = /[^\001-\004\t\n
#,=]+/ })*({ /opt/ = /[^\001-\004\t\n #,=]+/ }({ /opt/ = /[^\001-\004\t\n
#,=]+/ })*({ /dump/ = /[0-9]+/ }({ /passno/ = /[0-9]+/ })?)?)?({ /#comment/
= /[^\001-\004\t\n\r ][^\001-\004\n]*[^\001-\004\t\n\r ]|[^\001-\004\t\n\r
]/ } | ())
with tree
{ spec = /dev/mapper/vg_01-lv_var01 } { file = /var } {
vfstype = ext4 } { opt = default } { dump = 1 } { passno = 2
} { opt = noatime } { opt = data } { opt = barrier } { opt =
nobh } { opt = errors }
Debug: Augeas[fstabvarentry](provider=augeas): Closed the augeas connection
Error: /Stage[main]/Wnp::Fusion::Mysql_server55/Augeas[fstabvarentry]: Could
not evaluate: Saving failed, see debug
On Wednesday, February 4, 2015 at 10:15:29 AM UTC-5, Anthony Clark wrote:
Hello All,
I have a requirement to mount /var with specific options if mysql-server
is installed and the filesystem is ext4. So far I have this:
if defined(Package['mysql55-server']) {
notice found mysql server
augeas { 'fstabvarentry':
context = '/files/etc/fstab/*[file=/var][vfstype=ext4]',
changes = [
'', # remove all opt nodes
'ins opt[1] defaults',
'ins opt[2] noatime',
# etc etc to build
defaults,noatime,data=writeback,barrier=0,nobh,errors=remount-ro
],
onlyif = 'match /files/etc/fstab/*[file=/var][vfstype=ext4]',
}
}
Now, my problem is how to deal with all possible opt entries for the /var
partition. I want to start off by removing *all* opt nodes then adding the
ones I need, but I am having trouble finding the syntax on how to remove
all opt nodes.
How can I write rm opt* ?
Thanks!
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/3244a696-aeef-43bb-8bc7-7180de45131f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
