[Puppet Users] Re: Is there a way to publish a module via the Forge API?
No I haven't. This looks interesting especially if I could take advantage of it to deploy to private repos too (Gemfury.com or self-hosted Nexus, for instance) On Saturday, 21 May 2016 01:41:24 UTC+10, Corey Osman wrote: > > Have you seen the dpl gem? > > https://github.com/travis-ci/dpl#puppet-forge > > > Corey > > On Thursday, May 19, 2016 at 9:51:38 PM UTC-7, Amos Shapira wrote: >> >> Hello, >> >> I didn't find a way to upload a module to the Forge using the Forge API. >> Is this possible? >> >> I find it a bit weird that a tool which advocates "infrastructure as >> code" doesn't cater for options to script module uploads. >> >> Am I missing something? >> >> Thanks. >> > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/fbfc3056-68f4-4902-81ea-a732a414d06b%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Is there a way to publish a module via the Forge API?
Thanks Rob. We don't use Travis or Github and for now I'm the only one maintaining the module. We use Blackbox (https://github.com/StackExchange/blackbox) and hiera-eyaml-gpg (https://github.com/sihil/hiera-eyaml-gpg) to store shared secrets. If we get to doing this through our self-hosted Jenkins server then I'll probably look at providing the password to the job using the Credentials Plugin (https://cloudbees.zendesk.com/hc/en-us/articles/203802500-Injecting-Secrets-into-Jenkins-Build-Jobs). Cheers. On Friday, 20 May 2016 21:08:14 UTC+10, Rob Nelson wrote: > > I love blacksmith, it's great. It does require the forge password be known > to the person running it, however. > > You can "level up" your deployments to allow others with write access to > your repo, but not the forge credentials, in a mature pipeline with Travis > CI's automated deployments <https://docs.travis-ci.com/user/deployment/>. > Details on puppetforge deploys > <https://github.com/travis-ci/dpl#puppet-forge>, and an example of a > working .travis.yml > <https://github.com/voxpupuli/puppet-archive/blob/master/.travis.yml#L43-L53> > (the secure string is generated by travis encrypt > <https://docs.travis-ci.com/user/encryption-keys/>). This allows any > contributor to create a tag (usually with the voxpupuli-release gem > <https://github.com/voxpupuli/voxpupuli-release-gem> and `rake > travis_release`, but also by creating a tag on GitHub). Travis kicks off a > build on the tag, and if the test specified in the deploy section goes > green, your module is published to the forge. That might be overkill for a > module maintained by one person, but it is pretty neat when you have a > distributed team and can't/don't want to share the forge password with > everyone. > > I'm sure you could get the same thing working with other services than > GitHub/Travis CI, those are just the pair I know. > > On Friday, May 20, 2016 at 3:48:16 AM UTC-4, garethr wrote: >> >> Hi Amos >> >> On 20 May 2016 at 05:51, Amos Shapira wrote: >> > Hello, >> > >> > I didn't find a way to upload a module to the Forge using the Forge >> API. Is >> > this possible? >> > >> > I find it a bit weird that a tool which advocates "infrastructure as >> code" >> > doesn't cater for options to script module uploads. >> > >> >> It is indeed possible. Better that possible, there is even have a >> handy tool that provides a nice user interface for doing so. >> >> https://github.com/voxpupuli/puppet-blacksmith >> >> Blacksmith provides a number of useful commands for determining how >> you want to go about releasing your modules. The simplest is to just >> run: >> >> rake module:release >> >> The README has lots more details. >> >> Gareth >> >> >> > Am I missing something? >> > >> > Thanks. >> > >> > -- >> > You received this message because you are subscribed to the Google >> Groups >> > "Puppet Users" group. >> > To unsubscribe from this group and stop receiving emails from it, send >> an >> > email to puppet-users...@googlegroups.com. >> > To view this discussion on the web visit >> > >> https://groups.google.com/d/msgid/puppet-users/8cbb7e19-dbf8-4f06-9a52-76ebb5c24287%40googlegroups.com. >> >> >> > For more options, visit https://groups.google.com/d/optout. >> >> >> >> -- >> Gareth Rushgrove >> @garethr >> >> devopsweekly.com >> morethanseven.net >> garethrushgrove.com >> > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/8e1f7ffe-3131-4392-8642-304156c895e9%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Is there a way to publish a module via the Forge API?
Hello, I didn't find a way to upload a module to the Forge using the Forge API. Is this possible? I find it a bit weird that a tool which advocates "infrastructure as code" doesn't cater for options to script module uploads. Am I missing something? Thanks. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/8cbb7e19-dbf8-4f06-9a52-76ebb5c24287%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Re: Getting augeas type to working on OS X
Thanks. I'm out of office until Friday, then I'll test that. On Wednesday, 27 April 2016 10:35:06 UTC+10, David Lutterkort wrote: > > On Mon, Apr 25, 2016 at 10:07 PM, Amos Shapira > wrote: > >> Correction - Puppet Agent is version 4.x of Puppet, which we haven't >> migrated to, so I can't use that package yet >> > > That's a bummer ;) > > I've put up a pull request > <https://github.com/hercules-team/ruby-augeas/pull/6> - could you try > that out and let me know if that actually makes ruby-augeas build for you ? > > thanks, > David > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/4a322f9b-7ca1-4ff5-8b4c-43e776583ed4%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: Getting augeas type to working on OS X
Correction - Puppet Agent is version 4.x of Puppet, which we haven't migrated to, so I can't use that package yet. On Sunday, 24 April 2016 12:19:58 UTC+10, Amos Shapira wrote: > > Thanks. > > Since running Puppet is the ultimate goal, I'll try to go that way. They > even provide command-line installation instructions. > > On Saturday, 23 April 2016 03:28:29 UTC+10, David Lutterkort wrote: >> >> Hi Amos, >> >> ruby-augeas is certainly not abandoned, though there has been little >> activity on it. I am not sure what the clone at >> https://github.com/uib/ruby-augeas - this is the first time I've seen >> it. The official upstream of ruby-augeas is >> https://github.com/hercules-team/ruby-augeas; that's not helping you >> much, since it doesn't have support for building on OSX. I'll see if I can >> find somebody who'd like to open a PR there for OSX build support. >> >> As a quick fix, you could install the OSX puppet-agent >> <https://docs.puppet.com/puppet/latest/reference/install_osx.html> >> package - that has ruby-augeas (and all the other goodies that make up >> puppet-agent) in it. >> >> David >> >> On Thursday, April 21, 2016 at 9:28:46 PM UTC-7, Amos Shapira wrote: >>> >>> More updates found just after posting this (why do all the useful links >>> appear only after posting questions, despite digging for them for hours >>> before asking??): >>> >>> "Known Bugs" lists that ruby-augeas is broken (and another link mentions >>> that it haven't been touched since 2013 and might be abandoned): >>> >>> >>> https://github.com/berndmweber/open-source-puppet-master/blob/master/modules/puppet/README.md >>> >>> >>> On Friday, 22 April 2016 14:23:10 UTC+10, Amos Shapira wrote: >>>> >>>> Hello, >>>> >>>> I'm working on automating of OS X vmware build using Puppet. >>>> >>>> I use Packer to build the base image (based on excellent work done in >>>> https://github.com/timsutton/osx-vm-templates) and take the >>>> opportunity to pre-install Puppet, Homebrew and gems used by Puppet itself >>>> like hiera, hiera-eyaml, and augeas. >>>> >>>> The trouble is that although 'augeas' gets installed by Homebrew just >>>> fine, the 'ruby-augeas' gem fails with an error "extconf.rb:27:in >>>> `': augeas-devel not installed (RuntimeError)": >>>> >>>> *# gem install --verbose --no-ri --no-rdoc ruby-augeas* >>>> *HEAD https://rubygems.org/latest_specs.4.8.gz >>>> <https://rubygems.org/latest_specs.4.8.gz>* >>>> *302 Moved Temporarily* >>>> *HEAD https://rubygems.global.ssl.fastly.net/latest_specs.4.8.gz >>>> <https://rubygems.global.ssl.fastly.net/latest_specs.4.8.gz>* >>>> *304 Not Modified* >>>> *GET >>>> https://rubygems.org/quick/Marshal.4.8/ruby-augeas-0.5.0.gemspec.rz >>>> <https://rubygems.org/quick/Marshal.4.8/ruby-augeas-0.5.0.gemspec.rz>* >>>> *302 Moved Temporarily* >>>> *GET >>>> https://rubygems.global.ssl.fastly.net/quick/Marshal.4.8/ruby-augeas-0.5.0.gemspec.rz >>>> >>>> <https://rubygems.global.ssl.fastly.net/quick/Marshal.4.8/ruby-augeas-0.5.0.gemspec.rz>* >>>> *200 OK* >>>> *Installing gem ruby-augeas-0.5.0* >>>> *Downloading gem ruby-augeas-0.5.0.gem* >>>> *GET https://rubygems.org/gems/ruby-augeas-0.5.0.gem >>>> <https://rubygems.org/gems/ruby-augeas-0.5.0.gem>* >>>> *302 Moved Temporarily* >>>> *GET https://rubygems.global.ssl.fastly.net/gems/ruby-augeas-0.5.0.gem >>>> <https://rubygems.global.ssl.fastly.net/gems/ruby-augeas-0.5.0.gem>* >>>> *Fetching: ruby-augeas-0.5.0.gem (100%)* >>>> *200 OK* >>>> */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/Rakefile* >>>> */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/COPYING* >>>> */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/README.rdoc* >>>> */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/NEWS* >>>> */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/ext/augeas/_augeas.c* >>>> */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/ext/augeas/_augeas.h* >>>> */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/lib/augeas.rb* >>>> */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/ext/augeas/extconf.rb* >>&
[Puppet Users] Re: Getting augeas type to working on OS X
Thanks. Since running Puppet is the ultimate goal, I'll try to go that way. They even provide command-line installation instructions. On Saturday, 23 April 2016 03:28:29 UTC+10, David Lutterkort wrote: > > Hi Amos, > > ruby-augeas is certainly not abandoned, though there has been little > activity on it. I am not sure what the clone at > https://github.com/uib/ruby-augeas - this is the first time I've seen it. > The official upstream of ruby-augeas is > https://github.com/hercules-team/ruby-augeas; that's not helping you > much, since it doesn't have support for building on OSX. I'll see if I can > find somebody who'd like to open a PR there for OSX build support. > > As a quick fix, you could install the OSX puppet-agent > <https://docs.puppet.com/puppet/latest/reference/install_osx.html> > package - that has ruby-augeas (and all the other goodies that make up > puppet-agent) in it. > > David > > On Thursday, April 21, 2016 at 9:28:46 PM UTC-7, Amos Shapira wrote: >> >> More updates found just after posting this (why do all the useful links >> appear only after posting questions, despite digging for them for hours >> before asking??): >> >> "Known Bugs" lists that ruby-augeas is broken (and another link mentions >> that it haven't been touched since 2013 and might be abandoned): >> >> >> https://github.com/berndmweber/open-source-puppet-master/blob/master/modules/puppet/README.md >> >> >> On Friday, 22 April 2016 14:23:10 UTC+10, Amos Shapira wrote: >>> >>> Hello, >>> >>> I'm working on automating of OS X vmware build using Puppet. >>> >>> I use Packer to build the base image (based on excellent work done in >>> https://github.com/timsutton/osx-vm-templates) and take the opportunity >>> to pre-install Puppet, Homebrew and gems used by Puppet itself like hiera, >>> hiera-eyaml, and augeas. >>> >>> The trouble is that although 'augeas' gets installed by Homebrew just >>> fine, the 'ruby-augeas' gem fails with an error "extconf.rb:27:in >>> `': augeas-devel not installed (RuntimeError)": >>> >>> *# gem install --verbose --no-ri --no-rdoc ruby-augeas* >>> *HEAD https://rubygems.org/latest_specs.4.8.gz >>> <https://rubygems.org/latest_specs.4.8.gz>* >>> *302 Moved Temporarily* >>> *HEAD https://rubygems.global.ssl.fastly.net/latest_specs.4.8.gz >>> <https://rubygems.global.ssl.fastly.net/latest_specs.4.8.gz>* >>> *304 Not Modified* >>> *GET https://rubygems.org/quick/Marshal.4.8/ruby-augeas-0.5.0.gemspec.rz >>> <https://rubygems.org/quick/Marshal.4.8/ruby-augeas-0.5.0.gemspec.rz>* >>> *302 Moved Temporarily* >>> *GET >>> https://rubygems.global.ssl.fastly.net/quick/Marshal.4.8/ruby-augeas-0.5.0.gemspec.rz >>> >>> <https://rubygems.global.ssl.fastly.net/quick/Marshal.4.8/ruby-augeas-0.5.0.gemspec.rz>* >>> *200 OK* >>> *Installing gem ruby-augeas-0.5.0* >>> *Downloading gem ruby-augeas-0.5.0.gem* >>> *GET https://rubygems.org/gems/ruby-augeas-0.5.0.gem >>> <https://rubygems.org/gems/ruby-augeas-0.5.0.gem>* >>> *302 Moved Temporarily* >>> *GET https://rubygems.global.ssl.fastly.net/gems/ruby-augeas-0.5.0.gem >>> <https://rubygems.global.ssl.fastly.net/gems/ruby-augeas-0.5.0.gem>* >>> *Fetching: ruby-augeas-0.5.0.gem (100%)* >>> *200 OK* >>> */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/Rakefile* >>> */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/COPYING* >>> */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/README.rdoc* >>> */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/NEWS* >>> */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/ext/augeas/_augeas.c* >>> */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/ext/augeas/_augeas.h* >>> */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/lib/augeas.rb* >>> */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/ext/augeas/extconf.rb* >>> */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/tests/root/etc/group* >>> */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/tests/root/etc/hosts* >>> */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/tests/root/etc/inittab* >>> >>> */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/tests/root/etc/ssh/sshd_config* >>> */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/tests/tc_augeas.rb* >>> *Building native extensions. This could take a while...* >>> */System/Library/Frameworks/Rub
[Puppet Users] Re: Getting augeas type to working on OS X
More updates found just after posting this (why do all the useful links appear only after posting questions, despite digging for them for hours before asking??): "Known Bugs" lists that ruby-augeas is broken (and another link mentions that it haven't been touched since 2013 and might be abandoned): https://github.com/berndmweber/open-source-puppet-master/blob/master/modules/puppet/README.md On Friday, 22 April 2016 14:23:10 UTC+10, Amos Shapira wrote: > > Hello, > > I'm working on automating of OS X vmware build using Puppet. > > I use Packer to build the base image (based on excellent work done in > https://github.com/timsutton/osx-vm-templates) and take the opportunity > to pre-install Puppet, Homebrew and gems used by Puppet itself like hiera, > hiera-eyaml, and augeas. > > The trouble is that although 'augeas' gets installed by Homebrew just > fine, the 'ruby-augeas' gem fails with an error "extconf.rb:27:in > `': augeas-devel not installed (RuntimeError)": > > *# gem install --verbose --no-ri --no-rdoc ruby-augeas* > *HEAD https://rubygems.org/latest_specs.4.8.gz > <https://rubygems.org/latest_specs.4.8.gz>* > *302 Moved Temporarily* > *HEAD https://rubygems.global.ssl.fastly.net/latest_specs.4.8.gz > <https://rubygems.global.ssl.fastly.net/latest_specs.4.8.gz>* > *304 Not Modified* > *GET https://rubygems.org/quick/Marshal.4.8/ruby-augeas-0.5.0.gemspec.rz > <https://rubygems.org/quick/Marshal.4.8/ruby-augeas-0.5.0.gemspec.rz>* > *302 Moved Temporarily* > *GET > https://rubygems.global.ssl.fastly.net/quick/Marshal.4.8/ruby-augeas-0.5.0.gemspec.rz > > <https://rubygems.global.ssl.fastly.net/quick/Marshal.4.8/ruby-augeas-0.5.0.gemspec.rz>* > *200 OK* > *Installing gem ruby-augeas-0.5.0* > *Downloading gem ruby-augeas-0.5.0.gem* > *GET https://rubygems.org/gems/ruby-augeas-0.5.0.gem > <https://rubygems.org/gems/ruby-augeas-0.5.0.gem>* > *302 Moved Temporarily* > *GET https://rubygems.global.ssl.fastly.net/gems/ruby-augeas-0.5.0.gem > <https://rubygems.global.ssl.fastly.net/gems/ruby-augeas-0.5.0.gem>* > *Fetching: ruby-augeas-0.5.0.gem (100%)* > *200 OK* > */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/Rakefile* > */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/COPYING* > */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/README.rdoc* > */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/NEWS* > */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/ext/augeas/_augeas.c* > */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/ext/augeas/_augeas.h* > */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/lib/augeas.rb* > */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/ext/augeas/extconf.rb* > */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/tests/root/etc/group* > */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/tests/root/etc/hosts* > */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/tests/root/etc/inittab* > > */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/tests/root/etc/ssh/sshd_config* > */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/tests/tc_augeas.rb* > *Building native extensions. This could take a while...* > */System/Library/Frameworks/Ruby.framework/Versions/2.0/usr/bin/ruby > extconf.rb* > extconf.rb failed > *Could not create Makefile due to some reason, probably lack of necessary* > *libraries and/or headers. Check the mkmf.log file for more details. You > may* > *need configuration options.* > > *Provided configuration options:* > * --with-opt-dir* > * --without-opt-dir* > * --with-opt-include* > * --without-opt-include=${opt-dir}/include* > * --with-opt-lib* > * --without-opt-lib=${opt-dir}/lib* > * --with-make-prog* > * --without-make-prog* > * --srcdir=.* > * --curdir* > * > --ruby=/System/Library/Frameworks/Ruby.framework/Versions/2.0/usr/bin/ruby* > * --with-augeas-config* > * --without-augeas-config* > * --with-pkg-config* > * --without-pkg-config* > *extconf.rb:27:in `': augeas-devel not installed (RuntimeError)* > *ERROR: Error installing ruby-augeas:* > * ERROR: Failed to build gem native extension.* > > *Building has failed. See above output for more information on the > failure.* > > *Gem files will remain installed in > /Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0 for inspection.* > *Results logged to > /Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/ext/augeas/gem_make.out* > > As much as I researched, I couldn't find any information about this error > for OSX, only a few mentions about old Ubuntu (10.04) and RedHat. Does > anyone know how to make it work? > > Thanks. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/920a0de5-3106-4bbc-b192-a114aba43cc6%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Getting augeas type to working on OS X
Hello, I'm working on automating of OS X vmware build using Puppet. I use Packer to build the base image (based on excellent work done in https://github.com/timsutton/osx-vm-templates) and take the opportunity to pre-install Puppet, Homebrew and gems used by Puppet itself like hiera, hiera-eyaml, and augeas. The trouble is that although 'augeas' gets installed by Homebrew just fine, the 'ruby-augeas' gem fails with an error "extconf.rb:27:in `': augeas-devel not installed (RuntimeError)": *# gem install --verbose --no-ri --no-rdoc ruby-augeas* *HEAD https://rubygems.org/latest_specs.4.8.gz* *302 Moved Temporarily* *HEAD https://rubygems.global.ssl.fastly.net/latest_specs.4.8.gz* *304 Not Modified* *GET https://rubygems.org/quick/Marshal.4.8/ruby-augeas-0.5.0.gemspec.rz* *302 Moved Temporarily* *GET https://rubygems.global.ssl.fastly.net/quick/Marshal.4.8/ruby-augeas-0.5.0.gemspec.rz* *200 OK* *Installing gem ruby-augeas-0.5.0* *Downloading gem ruby-augeas-0.5.0.gem* *GET https://rubygems.org/gems/ruby-augeas-0.5.0.gem* *302 Moved Temporarily* *GET https://rubygems.global.ssl.fastly.net/gems/ruby-augeas-0.5.0.gem* *Fetching: ruby-augeas-0.5.0.gem (100%)* *200 OK* */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/Rakefile* */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/COPYING* */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/README.rdoc* */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/NEWS* */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/ext/augeas/_augeas.c* */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/ext/augeas/_augeas.h* */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/lib/augeas.rb* */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/ext/augeas/extconf.rb* */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/tests/root/etc/group* */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/tests/root/etc/hosts* */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/tests/root/etc/inittab* */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/tests/root/etc/ssh/sshd_config* */Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/tests/tc_augeas.rb* *Building native extensions. This could take a while...* */System/Library/Frameworks/Ruby.framework/Versions/2.0/usr/bin/ruby extconf.rb* extconf.rb failed *Could not create Makefile due to some reason, probably lack of necessary* *libraries and/or headers. Check the mkmf.log file for more details. You may* *need configuration options.* *Provided configuration options:* * --with-opt-dir* * --without-opt-dir* * --with-opt-include* * --without-opt-include=${opt-dir}/include* * --with-opt-lib* * --without-opt-lib=${opt-dir}/lib* * --with-make-prog* * --without-make-prog* * --srcdir=.* * --curdir* * --ruby=/System/Library/Frameworks/Ruby.framework/Versions/2.0/usr/bin/ruby* * --with-augeas-config* * --without-augeas-config* * --with-pkg-config* * --without-pkg-config* *extconf.rb:27:in `': augeas-devel not installed (RuntimeError)* *ERROR: Error installing ruby-augeas:* * ERROR: Failed to build gem native extension.* *Building has failed. See above output for more information on the failure.* *Gem files will remain installed in /Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0 for inspection.* *Results logged to /Library/Ruby/Gems/2.0.0/gems/ruby-augeas-0.5.0/ext/augeas/gem_make.out* As much as I researched, I couldn't find any information about this error for OSX, only a few mentions about old Ubuntu (10.04) and RedHat. Does anyone know how to make it work? Thanks. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/7e781b7e-6a44-4388-b6fa-de147db28e63%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Re: Unplanned outage on apt.puppetlabs.com
Yes thanks I found about this. "apt-get clean" doesn't do it, I have to manually remove the apt.puppetlabs.com index files from the lists and lists/partial directories. On Wednesday, 18 November 2015 09:57:57 UTC+11, Morgan Haskel wrote: > > Amos, > > You need to clean your apt cache. > > Morgan > > On Tue, Nov 17, 2015 at 2:51 PM Amos Shapira > wrote: > >> I arrived to this thread because I was looking for a status update about >> the following "apt-get update" failure on all our servers: >> >> *W: Failed to fetch >> http://apt.puppetlabs.com/dists/trusty/main/source/Sources >> <http://apt.puppetlabs.com/dists/trusty/main/source/Sources> Hash Sum >> mismatch* >> >> *W: Failed to fetch >> http://apt.puppetlabs.com/dists/trusty/main/binary-amd64/Packages >> <http://apt.puppetlabs.com/dists/trusty/main/binary-amd64/Packages> Hash >> Sum mismatch* >> >> *E: Some index files failed to download. They have been ignored, or old >> ones used instead.* >> >> This is as of Tue Nov 17 22:51:24 UTC 2015. >> >> On Wednesday, 18 November 2015 07:52:08 UTC+11, Morgan Haskel wrote: >> >>> Apt.puppetlabs.com is back up at this time. Please let us know if you >>> see any strange behavior. >>> >>> Morgan >>> >>> On Tue, Nov 17, 2015 at 12:43 PM Morgan Haskel >>> wrote: >>> >>>> All, >>>> >>>> We're currently having issues with apt.puppetlabs.com and all of the >>>> repositories hosted there are unavailable at this time. We're aware of >>>> these issues and looking to resolve them, but we don't have an ETA at this >>>> point. >>>> >>>> Updates will be sent here when status changes or we know more. >>>> >>>> Morgan >>>> -- >>>> Morgan Haskel >>>> mor...@puppetlabs.com >>>> Release Engineer >>>> >>> -- >>> Morgan Haskel >>> mor...@puppetlabs.com >>> Release Engineer >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to puppet-users...@googlegroups.com . >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/puppet-users/19fd683d-340b-4c4c-8f62-cf22d2bcaa9b%40googlegroups.com >> >> <https://groups.google.com/d/msgid/puppet-users/19fd683d-340b-4c4c-8f62-cf22d2bcaa9b%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > -- > Morgan Haskel > mor...@puppetlabs.com > Release Engineer > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/a01f5ad7-930d-48f7-9305-ab6fdb93e740%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: Unplanned outage on apt.puppetlabs.com
I arrived to this thread because I was looking for a status update about the following "apt-get update" failure on all our servers: *W: Failed to fetch http://apt.puppetlabs.com/dists/trusty/main/source/Sources Hash Sum mismatch* *W: Failed to fetch http://apt.puppetlabs.com/dists/trusty/main/binary-amd64/Packages Hash Sum mismatch* *E: Some index files failed to download. They have been ignored, or old ones used instead.* This is as of Tue Nov 17 22:51:24 UTC 2015. On Wednesday, 18 November 2015 07:52:08 UTC+11, Morgan Haskel wrote: > > Apt.puppetlabs.com is back up at this time. Please let us know if you see > any strange behavior. > > Morgan > > On Tue, Nov 17, 2015 at 12:43 PM Morgan Haskel > wrote: > >> All, >> >> We're currently having issues with apt.puppetlabs.com and all of the >> repositories hosted there are unavailable at this time. We're aware of >> these issues and looking to resolve them, but we don't have an ETA at this >> point. >> >> Updates will be sent here when status changes or we know more. >> >> Morgan >> -- >> Morgan Haskel >> mor...@puppetlabs.com >> Release Engineer >> > -- > Morgan Haskel > mor...@puppetlabs.com > Release Engineer > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/19fd683d-340b-4c4c-8f62-cf22d2bcaa9b%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: why doesn't 'Package <| provider == "apt" |>' work for me?
On Thursday, 12 March 2015 00:39:53 UTC+11, jcbollinger wrote: > > > > On Tuesday, March 10, 2015 at 10:30:48 PM UTC-5, Amos Shapira wrote: >> >> Hi, >> >> I'm running into the common issue of having to force an "apt-get update" >> before installing packages (in my case - because the base EC2 AMI is old >> and I need it to pick newer package versions). >> >> I ended up doing the usual: >> >> exec { 'apt-get update': >>path => '/usr/bin/', >> } >> -> >> Package <| |> >> >> > > If you are using PuppetLabs's Apt module, then I think setting the > 'always_apt_update => true' on class 'apt' and declaring > > Class['Apt'] -> Package <| |> > > > should take care of it for you. That module's 'apt::update' class is not > really suited to be public, given the way the module uses it. > > Thanks. I'm aware of the "always_apt_update" option but am worried that it means that puppet will force an "apt-get update" every time it runs (every 30 minutes). We will eventually move away from puppet agents to immutable images but until then I'm worried that this could stir up a lot of load on our EC2 instances which we wouldn't want. Perhaps I should reconsider this option. > > >> (I can't use "apt::update" because it creates dependency cycles) and it >> works. >> >> But what baffles me is that I really only need "apt-get update" to >> execute before "apt" packages get installed, like this: >> >> Package <| provider = "apt" |> >> >> But this doesn't trigger the "apt-get update". >> >> Just as an example, I also have a Gem-provider related exec which works >> as expected: >> >> exec { 'Add Ruby Gems repo mirror': >> command => 'gem source --config-file /etc/gemrc -a >> http://production.cf.rubygems.org/', >> unless => 'gem source --config-file /etc/gemrc | fgrep -xq >> http://production.cf.rubygems.org/', >> path=> '/usr/bin:/bin', >> } >> -> >> Package<| provider == 'gem' |> >> >> So why doesn't it work for the "apt" provider? >> >> > > Resource collectors operate during catalog building. Their selection > predicates can see only parameter and property values *explicitly* > declared in your manifests. It does not know what values will be effective > at catalog application time for any other parameters. In particular, it > does not know what provider will be selected during catalog application > unless one is specified in the manifest, which is not usual when the > system's default provider is expected. > > To the best of my knowledge, the "gem" provider is not the default for any > system, so you get it only when you specifically ask for it. That's why > you can reliably select gem Packages by provider. 'Apt' is normally the > default Package provider on systems that support it at all. Your selection > predicate will not match Package resources that rely 'apt' being selected > by default. > Thanks for the explanation. That makes sense. Mystery answered :) > > > John > > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/5b4569a1-b6c5-4d48-8942-70f26e1523ef%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] why doesn't 'Package <| provider == "apt" |>' work for me?
Hi, I'm running into the common issue of having to force an "apt-get update" before installing packages (in my case - because the base EC2 AMI is old and I need it to pick newer package versions). I ended up doing the usual: exec { 'apt-get update': path => '/usr/bin/', } -> Package <| |> (I can't use "apt::update" because it creates dependency cycles) and it works. But what baffles me is that I really only need "apt-get update" to execute before "apt" packages get installed, like this: Package <| provider = "apt" |> But this doesn't trigger the "apt-get update". Just as an example, I also have a Gem-provider related exec which works as expected: exec { 'Add Ruby Gems repo mirror': command => 'gem source --config-file /etc/gemrc -a http://production.cf.rubygems.org/', unless => 'gem source --config-file /etc/gemrc | fgrep -xq http://production.cf.rubygems.org/', path=> '/usr/bin:/bin', } -> Package<| provider == 'gem' |> So why doesn't it work for the "apt" provider? Thanks. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/786ae86e-9ea6-4bd4-a975-e1113740a275%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Is there a way to find unused puppet code (2.7)?
I don't think it'll work, even though my servers do check in every 30 minutes: 1. From what I understand, the puppet master caches the manifest and doesn't re-interpret it unless it changed. 2. I have atime disabled on my servers. It saves tons of disk IO and is even the default on our platform (Ubuntu 12.04 LTS). I have a gut feeling that once Puppet interprets the manifest, it holds a tree of objects somewhere were I can scan and look for mention of every class in my Puppet source. I just found /var/lib/puppet/state/state.yaml, which has an entry for resource, including classes. Perhaps that's the direction to go but I was wondering whether there is already a tool to do that. On Sunday, 9 February 2014 18:42:01 UTC+11, Jose Luis Ledesma wrote: > > I was thinking about this too. > > If your servers checkin every 30 minutos you can do: > find /path/to/modules -amin +30 > > I have not tried it yet,but I suppose it works > > Regards, > El 09/02/2014 02:53, "Amos Shapira" > > escribió: > >> Hello, >> >> Is there a way to systematically find all modules we have which aren't >> used? >> >> Two reasons for this question: >> >>1. We use librarian-puppet to manage "external" modules and would >>like to find which of them can we remove. >>2. We did some major refactoring over the years, in particular we >>moved from a mix of old distribution to a single Ubuntu LTS version, and >>there could be some of our own classes which aren't used. >>3. If it's an automatic way, it will be great to run it as part of >>our Continuous Integration suite to find code which can be removed. >> >> So - is there such a thing? >> >> Cheers, >> >> --Amos >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to puppet-users...@googlegroups.com . >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/puppet-users/3481c943-4b09-4029-ad98-8f2906023340%40googlegroups.com >> . >> For more options, visit https://groups.google.com/groups/opt_out. >> > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/02bfc2de-899b-4e54-a5e2-216bfb205b1b%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Is there a way to find unused puppet code (2.7)?
Hello, Is there a way to systematically find all modules we have which aren't used? Two reasons for this question: 1. We use librarian-puppet to manage "external" modules and would like to find which of them can we remove. 2. We did some major refactoring over the years, in particular we moved from a mix of old distribution to a single Ubuntu LTS version, and there could be some of our own classes which aren't used. 3. If it's an automatic way, it will be great to run it as part of our Continuous Integration suite to find code which can be removed. So - is there such a thing? Cheers, --Amos -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/3481c943-4b09-4029-ad98-8f2906023340%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Weird situation - exec fails but Puppet 2.7 exits 2
Hello, We are a long time Puppet 2.7 shop (installing latest Puppet 2.7 gems on deployments. In this particular build it picked up Puppet 2.7.23) and just discovered the following: Executing a psql command like: build 12-Nov-2013 04:30:16debug: /Stage[main]/Buildeng_postgres::Service/Service[postgresql]: The container Class[Buildeng_postgres::Service] will propagate my refresh event build 12-Nov-2013 04:30:16debug: Class[Buildeng_postgres::Service]: The container Stage[main] will propagate my refresh event build 12-Nov-2013 04:30:16debug: Exec[create postgres user](provider=posix): Executing 'psql -U postgres -c "ALTER USER postgres WITH PASSWORD 'password';"' build 12-Nov-2013 04:30:16debug: Executing 'psql -U postgres -c "ALTER USER postgres WITH PASSWORD 'password';"' build 12-Nov-2013 04:30:16notice: /Stage[main]/Buildeng_postgres::Post_service/Buildeng_postgres::Create_user[postgres]/Exec[create postgres user]/returns: psql: FATAL: the database system is starting up build 12-Nov-2013 04:30:16err: /Stage[main]/Buildeng_postgres::Post_service/Buildeng_postgres::Create_user[postgres]/Exec[create postgres user]: Failed to call refresh: psql -U postgres -c "ALTER USER postgres WITH PASSWORD 'password';" returned 2 instead of one of [0] at /home/ubuntu/puppet-cfg/buildeng-modules/buildeng_postgres/manifests/create_user.pp:10 The resource which creates this log is: define buildeng_postgres::create_user ($password=undef) { require buildeng_postgres::service exec { 'create postgres user': subscribe => Service['postgresql'], user=> $buildeng_postgres::params::user, command => "psql -U ${buildeng_postgres::params::postgres_user} -c \"ALTER USER ${buildeng_postgres::params::postgres_user} WITH PASSWORD '${buildeng_postgres::params::postgres_password}';\"", refreshonly => true, } } Puppet registers the failure as an error ("2" is not an expected exit code of this Exec resource) but still exits with exit status "2" (with --detailed-exitcode). I know why psql failed but that's besides the point - Puppet should have failed but it didn't. Any idea why? Thanks. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/3968d231-7a42-45cc-88e0-61bf55e96b4f%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] How to force generation of ca_crl.pem?
I've verified that the "puppet cert generate.." command generates the files which are required to get the Apache daemon up and running. Thanks Ken. On Saturday, 6 July 2013 13:03:12 UTC+10, Amos Shapira wrote: > > Thanks very much Ken, > > I'm away from the comp for the weekend, I'll try these and get back to you > as soon as I can. > > On Friday, 5 July 2013 22:08:37 UTC+10, Ken Barber wrote: >> >> If it helps I did a bit of a Gist walkthrough of the full cert >> recreation etc. using puppet cert generate here: >> https://gist.github.com/kbarber/5934100 ... >> >> On Fri, Jul 5, 2013 at 1:00 PM, Ken Barber wrote: >> >> I have a standard Puppet 2.7 configuration installed from Gem on >> Ubuntu >> >> 12.04, running behind Apache. >> >> >> >> I'm testing the reprovisioning of the puppet master from scratch in >> Vagrant >> >> and ran into a little snug - apache configuration points to a puppet >> >> ca_crl.pem file which doesn't exist, so apache refuses to start. >> > >> > Have you tried just using 'puppet cert generate ' to >> > populate the initial certificates? I don't have a 2.7.x around, but >> > for 3.x it repopulates all the missing certificates it seems including >> > ca_crl.pem. >> > >> >> The puppet master documentation says that it'll automatically generate >> this >> >> file if it isn't present, but I need a way to get it generated >> automatically >> >> before apache tries to start. >> > >> > Yes, and it does - when you start it standalone using webrick (ie. >> > puppet master --no-daemonize --debug --log console ... or something >> > will probably do the trick). But the SSL offloading to Apache kind of >> > breaks this as you've mentioned. >> > >> > ken. >> > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] How to force generation of ca_crl.pem?
Thanks very much Ken, I'm away from the comp for the weekend, I'll try these and get back to you as soon as I can. On Friday, 5 July 2013 22:08:37 UTC+10, Ken Barber wrote: > > If it helps I did a bit of a Gist walkthrough of the full cert > recreation etc. using puppet cert generate here: > https://gist.github.com/kbarber/5934100 ... > > On Fri, Jul 5, 2013 at 1:00 PM, Ken Barber > > wrote: > >> I have a standard Puppet 2.7 configuration installed from Gem on Ubuntu > >> 12.04, running behind Apache. > >> > >> I'm testing the reprovisioning of the puppet master from scratch in > Vagrant > >> and ran into a little snug - apache configuration points to a puppet > >> ca_crl.pem file which doesn't exist, so apache refuses to start. > > > > Have you tried just using 'puppet cert generate ' to > > populate the initial certificates? I don't have a 2.7.x around, but > > for 3.x it repopulates all the missing certificates it seems including > > ca_crl.pem. > > > >> The puppet master documentation says that it'll automatically generate > this > >> file if it isn't present, but I need a way to get it generated > automatically > >> before apache tries to start. > > > > Yes, and it does - when you start it standalone using webrick (ie. > > puppet master --no-daemonize --debug --log console ... or something > > will probably do the trick). But the SSL offloading to Apache kind of > > breaks this as you've mentioned. > > > > ken. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: How to force generation of ca_crl.pem?
BTW - Looking at the source code for Puppet 2.7.22, I see that the method which does all this magic is "setup_ssl" in class Puppet::Applcation::Master. Now if any ruby guru could help me execute this method from the command line I might be set, so far I failed to make this happen. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] How to force generation of ca_crl.pem?
Hello, I have a standard Puppet 2.7 configuration installed from Gem on Ubuntu 12.04, running behind Apache. I'm testing the reprovisioning of the puppet master from scratch in Vagrant and ran into a little snug - apache configuration points to a puppet ca_crl.pem file which doesn't exist, so apache refuses to start. The puppet master documentation says that it'll automatically generate this file if it isn't present, but I need a way to get it generated automatically before apache tries to start. All this is done using a master-less puppet configuration used to bootstrap the Vagrant box. Is there a way for me to trigger automatic generation of the ca_crl.pem file before starting Apache? I tried using generic "openssl ca -gencrl" but failed to find a way to point it to puppet master's "ca/serial" file from the command line. Thanks, --Amos -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Is it possible to pass extra flags to Puppet via rspec?`
Thanks for the tip, Justin and everyone else who replied. I'll try your suggestion. Cheers, --Amos On 27 June 2013 14:28, Justin Stoller wrote: > It's been a while since I jumped into this code and it's late, forgive me > if I say something naive inline. > > > On Wed, Jun 26, 2013 at 8:14 PM, Nan Liu wrote: > >> On Wed, Jun 26, 2013 at 7:23 PM, Amos Shapira wrote: >> >>> I'm writing my first puppet function rspec test and am having a problem >>> which I don't see how to solve. >>> >>> The function (and the test) involve access to files through the File >>> Server. In order for the function (and the test) to work I need to pass >>> "--fileserverconf=fileserver.conf" parameter to Puppet. >>> >>> So far I haven't found a way to do that. >>> >>> If I understand the rspec-puppet source at >>> https://github.com/rodjek/rspec-puppet/blob/master/lib/rspec-puppet.rbcorrectly >>> then the list of parameters I can pass is limited to the ones >>> mentioned in lines 16-22. Am I right? >>> >> > Those are the limit you can pass to the RSpec.configure { ... } block in > your spec helper. > >> >>> Does anyone know how can I pass other parameters, or otherwise affect >>> Puppet's configuration to set this value? >>> >>> Have you tried something like: > > describe 'foo' do > before do > Puppet[:fileserverconfig] = '/my/path/to/fileserver.conf' > end > > your tests > > end > >> >> Oddly enough, you can't depend on rspec-puppet to configure the settings >> for spec test. For example, puppetlab's spec helper configures the >> modulepath [1] to include spec/fixtures/modules, but this does not seem to >> configure Puppet[:modulepath] setting. For whatever reason, puppet loads >> the modules correctly from spec/fixtures/modules, but when you debug the >> spec test, it appears to set the module path to: >> >> (rdb:1) p Puppet[:modulepath] >> "/dev/null/modules:/usr/share/puppet/modules" >> > > Nan - > > In puppetlabs_spec_helper/puppet_spec_helper[1] which was based on a file > in Puppet[2] the confdir and vardir are explicitly set to '/dev/null' which > causes the modulepath you're seeing in Puppet "proper". > > I believe, however the subject catalog/function that is tested in each > example group (unless you explicitly create a subject yourself) should mask > that value with what ever is passed into RSpec.configure (like the > modulepath setting in module_spec_helper) for its > compilation/initialization[3][4]. > > > - Justin > > 1. > https://github.com/puppetlabs/puppetlabs_spec_helper/blob/master/lib/puppetlabs_spec_helper/puppet_spec_helper.rb#L96-L97 > 2. > https://github.com/puppetlabs/puppet/blob/master/lib/puppet/test/test_helper.rb#L142-L156 > 3. > https://github.com/rodjek/rspec-puppet/blob/master/lib/rspec-puppet/example/function_example_group.rb#L10 > 4. > https://github.com/rodjek/rspec-puppet/blob/master/lib/rspec-puppet/support.rb#L80-L97 > >> >> You can do what Wolf suggested. File server conf is somewhat >> inconsistent, since the setting is actually: Puppet[:fileserverconfig]. >> >> HTH, >> >> Nan >> >> >> 1. >> https://github.com/puppetlabs/puppetlabs_spec_helper/blob/master/lib/puppetlabs_spec_helper/module_spec_helper.rb#L21-L24 >> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to puppet-users+unsubscr...@googlegroups.com. >> >> To post to this group, send email to puppet-users@googlegroups.com. >> Visit this group at http://groups.google.com/group/puppet-users. >> For more options, visit https://groups.google.com/groups/opt_out. >> >> >> > > > > -- > > Join us at PuppetConf 2013, August 22-23 in San Francisco - > http://bit.ly/pupconf13 > > -- > You received this message because you are subscribed to a topic in the > Google Groups "Puppet Users" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/puppet-users/ynVp988yEcU/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > puppet-users+unsubscr...@googlegroups.com. > To post to this group, send email to puppet-users@googlegroups.com. > Visit this group at http://groups.google.com/group/puppet-users. > For more options, visit https://groups.google.com/groups/opt_out. > > > -- [image: View my profile on LinkedIn] <http://www.linkedin.com/in/gliderflyer> -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Is it possible to pass extra flags to Puppet via rspec?`
Hello, I'm writing my first puppet function rspec test and am having a problem which I don't see how to solve. The function (and the test) involve access to files through the File Server. In order for the function (and the test) to work I need to pass "--fileserverconf=fileserver.conf" parameter to Puppet. So far I haven't found a way to do that. If I understand the rspec-puppet source at https://github.com/rodjek/rspec-puppet/blob/master/lib/rspec-puppet.rb correctly then the list of parameters I can pass is limited to the ones mentioned in lines 16-22. Am I right? Does anyone know how can I pass other parameters, or otherwise affect Puppet's configuration to set this value? Thanks, --Amos -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: Exec onlyif/unless with internal functions instead of external commands?
On Monday, 24 June 2013 15:40:14 UTC+10, David Schmitt wrote: > Functions are executed on the master, not on the agent, so they won't do > what you need. > Yes I keep forgetting that. > > If you really want to run code on the client it has to be a type/provider. > I was hoping to get something like to be considered to be built into Puppet. > > If it is only "test -e", use "File%creates". > I know about "creates" parameter, but there are other tests which could be easily done with a ruby function/system-call (e.g. file size, type, content etc). > Regards, David > > On 24.06.2013 03:59, Michael Dodwell wrote: > > Take a look at > > http://docs.puppetlabs.com/guides/custom_functions.html you could write > > your own fuctions to give you something like this. > > > > Puppet hasn't really been designed to be low overhead (with more of a > > focus on simplicity) and i think the least of it's performance problems > > come from the fact that it uses an external fork for exec checks. > > > > On Sunday, June 23, 2013 8:39:57 PM UTC+10, Amos Shapira wrote: > > > > Hi, > > > > A little annoyance about "exec" that bothers me is that there is no > > way to use "unless"/"onlyif" except with external commands, even if > > a simple Ruby function could be used to execute the test. > > > > e.g. "onlyif => 'test -d /data'" will fork and exec "test" to do a > > simple stat(2) which can be done with much less overhead with Ruby's > > "File.directory?('/data')". > > > > How about allowing passing a none-string value to Exec's > > onlyif/unless attributes, and consider that as the result? If it's a > > string then it will be treated as today, otherwise it will be > > treated as a boolean. > > > > I don't think this will break any backward compatibility since all > > Exec's currently expect strings to execute. > > > > Cheers, > > > > --Amos > > > > -- > > You received this message because you are subscribed to the Google > > Groups "Puppet Users" group. > > To unsubscribe from this group and stop receiving emails from it, send > > an email to puppet-users...@googlegroups.com . > > To post to this group, send email to > > puppet...@googlegroups.com. > > > Visit this group at http://groups.google.com/group/puppet-users. > > For more options, visit https://groups.google.com/groups/opt_out. > > > > > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Exec onlyif/unless with internal functions instead of external commands?
Response inline. On Monday, 24 June 2013 11:59:06 UTC+10, Michael Dodwell wrote: > > Take a look at http://docs.puppetlabs.com/guides/custom_functions.html you > could write your own fuctions to give you something like this. > > Thanks Michael. I was hoping to add such a functionality to Puppet. > Puppet hasn't really been designed to be low overhead (with more of a > focus on simplicity) and i think the least of it's performance problems > come from the fact that it uses an external fork for exec checks. > I hope that's not Puppetlabs' view on performance. Performance and resource optimisation should be up there at the top of the feature list just like security. > On Sunday, June 23, 2013 8:39:57 PM UTC+10, Amos Shapira wrote: >> >> Hi, >> >> A little annoyance about "exec" that bothers me is that there is no way >> to use "unless"/"onlyif" except with external commands, even if a simple >> Ruby function could be used to execute the test. >> >> e.g. "onlyif => 'test -d /data'" will fork and exec "test" to do a simple >> stat(2) which can be done with much less overhead with Ruby's >> "File.directory?('/data')". >> >> How about allowing passing a none-string value to Exec's onlyif/unless >> attributes, and consider that as the result? If it's a string then it will >> be treated as today, otherwise it will be treated as a boolean. >> >> I don't think this will break any backward compatibility since all Exec's >> currently expect strings to execute. >> >> Cheers, >> >> --Amos >> >> -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Exec onlyif/unless with internal functions instead of external commands?
Hi, A little annoyance about "exec" that bothers me is that there is no way to use "unless"/"onlyif" except with external commands, even if a simple Ruby function could be used to execute the test. e.g. "onlyif => 'test -d /data'" will fork and exec "test" to do a simple stat(2) which can be done with much less overhead with Ruby's "File.directory?('/data')". How about allowing passing a none-string value to Exec's onlyif/unless attributes, and consider that as the result? If it's a string then it will be treated as today, otherwise it will be treated as a boolean. I don't think this will break any backward compatibility since all Exec's currently expect strings to execute. Cheers, --Amos -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: installing carbon / passing PYTHONPATH to pip package provider?
Thanks. This is similar to a solution suggested in https://github.com/graphite-project/carbon/issues/86#issuecomment-16200739 (there he adds a symlink instead of providing a copy). What I don't like about these (practical) solutions is that they are fragile - either the symlink target could change (newer version, for instance) or the content of the copied file could change (and the change could be lost). In the meantime I'm exploring a different direction - there are .deb packages for the version I want in later versions of Ubuntu than 12.04. They install cleanly on 12.04 (I assume this is because they are pure Python) and even if they didn't, I could rebuild them for 12.04 from source-deb. I intend to make them available on our internal repository and install them with the "apt" provider instead. Cheers, --Amos On Thursday, 6 June 2013 23:23:21 UTC+10, Ben Whaley wrote: > > Yep, I ran in to this as well, both with carbon and graphite-web. I solved > it by adding the Python metadata in the appropriate location on my system. > > Check this gist for the code > https://gist.github.com/bwhaley/5721421 > > Hope this helps. > > - Ben > > On Wednesday, June 5, 2013 9:30:56 PM UTC-7, Amos Shapira wrote: >> >> My environment: Ubuntu LTS 12.04, carbon ( >> https://github.com/graphite-project/carbon) 0.9.9 installed using "pip". >> >> I just learned why when I run "pip freeze" on a system I don't see the >> "carbon" package even when it installed successfully - I should run it with >> "PYTHONPATH=/opt/graphite/lib/ pip freeze". >> (ref: https://github.com/graphite-project/carbon/issues/86) >> >> This causes Puppet to re-install the package on every run (and reload >> dependant servers), even though it's already installed and there is nothing >> that really needs to be done. >> >> I guess this is the package's fault, but it made me hit once more a >> limitation in Puppet i.e. that I don't have a way to pass options or >> environment variables to "pip". >> >> Apparently there are already a couple of issues and pull requests for >> this in https://github.com/puppetlabs/puppet/pull/1507 and >> https://projects.puppetlabs.com/issues/18029, but they don't seem likely >> to be accepted. >> >> Alternatively - can anyone point me to how they solved the carbon package >> (or a similar) issue? i.e. that it doesn't get re-installed on every Puppet >> run? >> >> Thanks, >> >> --Amos >> >> -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] installing carbon / passing PYTHONPATH to pip package provider?
My environment: Ubuntu LTS 12.04, carbon (https://github.com/graphite-project/carbon) 0.9.9 installed using "pip". I just learned why when I run "pip freeze" on a system I don't see the "carbon" package even when it installed successfully - I should run it with "PYTHONPATH=/opt/graphite/lib/ pip freeze". (ref: https://github.com/graphite-project/carbon/issues/86) This causes Puppet to re-install the package on every run (and reload dependant servers), even though it's already installed and there is nothing that really needs to be done. I guess this is the package's fault, but it made me hit once more a limitation in Puppet i.e. that I don't have a way to pass options or environment variables to "pip". Apparently there are already a couple of issues and pull requests for this in https://github.com/puppetlabs/puppet/pull/1507 and https://projects.puppetlabs.com/issues/18029, but they don't seem likely to be accepted. Alternatively - can anyone point me to how they solved the carbon package (or a similar) issue? i.e. that it doesn't get re-installed on every Puppet run? Thanks, --Amos -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Purge puppet's reports
tmpwatch/tmpreaper (for Ubuntu) is first thing I though about too - but the vagn has a good point about better keeping the latest report from each server, which justifies using his script. On Sunday, 3 February 2013 04:17:30 UTC+11, Ken Barber wrote: > > tmpwatch is also a good approach: > http://linux.about.com/library/cmd/blcmdl8_tmpwatch.htm. Probably > requires less scripting, and its already on most distros, probably > cleaning your /tmp directories already. > > On Sat, Feb 2, 2013 at 6:07 PM, Dan White > > wrote: > > I take back my suggestion. > > LogRotate is not built to handle many little log files with different > names. > > I found out the hard way - I tried to make it work :( > > > > The script by vagn will do the trick. > > > > Another suggestion: put a variable in the line "tail -n +2” in place of > the > > “2” for how-many-files-to-keep+1 -- “2” only keeps one file. Other > folks > > may want to keep more. > > > > On Jan 31, 2013, at 10:23 PM, Dan White wrote: > > > > How about logrotate ? > > > > On Jan 30, 2013, at 11:53 AM, Andrew Sinclair wrote: > > > > Great solution. Simple, effective. Thanks. > > > > On Thursday, 21 July 2011 14:50:32 UTC+1, vagn wrote: > >> > >> On 07/21/2011 08:52 AM, vagn scott wrote: > >> > Thinking about this some more, if you need the reports for dashboard > >> > to work, > >> > then any cleanup script should leave the latest report from any > server, > >> > so that, even if the server has not checked in for a while it won't > >> > disappear. > >> > > >> > Thanks for the question. Clearly I need to revisit this. > >> > > >> > >> So, here is a script that ought to do the job. Not heavily tested yet. > >> Please let me know if you have problems with it. --vagn > >> > >> #! /bin/sh > >> # puppet-reports-stalker > >> # vagn scott, 21-jul-2011 > >> > >> days="+7" # more than 7 days old > >> > >> for d in `find /var/lib/puppet/reports -mindepth 1 -maxdepth 1 -type d` > >> do > >> find $d -type f -name \*.yaml -mtime $days | > >> sort -r | > >> tail -n +2 | > >> xargs -n50 /bin/rm -f > >> done > >> > >> exit 0 > >> > >> > >> And the updated class. > >> > >> class puppet::clean_reports { > >> > >> file { '/usr/local/bin/puppet-reports-stalker': > >> source => > >> 'puppet:///modules/puppet/puppet-reports-stalker', > >> before => Cron[ 'puppet clean reports' ], > >> mode => 755, > >> owner => root, > >> group => root, > >> } > >> > >> cron { 'puppet clean reports': > >>command => '/usr/local/bin/puppet-reports-stalker', > >>user => root, > >>hour => 21, > >>minute => 22, > >>weekday => 0, > >> } > >> } > >> > >> > >> > >> > >> > >> > >> > >> > >> > >> > >> > > > > -- > > You received this message because you are subscribed to the Google > Groups > > "Puppet Users" group. > > To unsubscribe from this group and stop receiving emails from it, send > an > > email to puppet-users...@googlegroups.com . > > To post to this group, send email to > > puppet...@googlegroups.com. > > > Visit this group at http://groups.google.com/group/puppet-users?hl=en. > > For more options, visit https://groups.google.com/groups/opt_out. > > > > > > > > > > > > -- > > You received this message because you are subscribed to the Google > Groups > > "Puppet Users" group. > > To unsubscribe from this group and stop receiving emails from it, send > an > > email to puppet-users...@googlegroups.com . > > To post to this group, send email to > > puppet...@googlegroups.com. > > > Visit this group at http://groups.google.com/group/puppet-users?hl=en. > > For more options, visit https://groups.google.com/groups/opt_out. > > > > > > > > > > -- > > You received this message because you are subscribed to the Google > Groups > > "Puppet Users" group. > > To unsubscribe from this group and stop receiving emails from it, send > an > > email to puppet-users...@googlegroups.com . > > To post to this group, send email to > > puppet...@googlegroups.com. > > > Visit this group at http://groups.google.com/group/puppet-users?hl=en. > > For more options, visit https://groups.google.com/groups/opt_out. > > > > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Installing Microsoft Visual Studio 2010 with Puppet?
Thanks Josh. Yes a colleague who spiked our "Puppet on Windows" has already discovered Chocolatey and I intend to try to use it if I have to implement this myself. Alas so far I haven't found a ready-made package for Visual Studio 2010 but perhaps I can start from the package for Studio 2012. Still waiting to hear whether someone has already solved this. On Wednesday, April 3, 2013 11:53:25 AM UTC+11, Amos Shapira wrote: > > Hello, > > Has anyone here had experience using Puppet (2.7 for now) to install > Microsoft Visual Studio 2010 (or even 2012, for that matter) on Windows > Server 2008? > > So far I didn't find anything on the web, the forge or Github. > > Thanks. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Installing Microsoft Visual Studio 2010 with Puppet?
Hello, Has anyone here had experience using Puppet (2.7 for now) to install Microsoft Visual Studio 2010 (or even 2012, for that matter) on Windows Server 2008? So far I didn't find anything on the web, the forge or Github. Thanks. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: daemontools service provider doesn't support "restart" parameter?
I copied the question to issue http://projects.puppetlabs.com/issues/18021 since I think I stumbled on a bug. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/8Wk9pD2EZ7gJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] daemontools service provider doesn't support "restart" parameter?
Hello, Using Puppet 2.7(.20), I'm trying to override the "restart" command of a service controlled by daemontools provider using: service { 'bamboo-agent': hasrestart => false, provider => 'daemontools', restart => '/bin/touch /var/run/needs-restart', ... } And ... notify => Service['bamboo-agent'] ... But the service keeps being restarted using "svc -t ..." As far as I follow the documents this is supposed to work (http://docs.puppetlabs.com/references/2.7.latest/type.html#service) but as far as I follow the code in ashapira@buildeng-puppet:/usr/lib/ruby/gems/1.8/gems/puppet-2.7.20/lib/puppet/provider/service/daemontools.rb it's not supported: def restart svc "-t", self.service end (i.e. not looking at restartcmd) Am I missing something or is it a bug? How can I get it to work with Puppet 2.7? Thanks, --Amos -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/OHcXX58jEUQJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Selectively sharing stored configuration among puppet masters?
Hello, We've just split off using another groups' puppet master and started using our own master. One thing this limits us with is that we want them to start backing up a couple of our servers using their Bacula server. Their Bacula server is configured using Stored Configuration from their puppet master, but now that our systems configure from our puppet master, their configuration isn't known to their bacula server. The only way I can think of to achieve that without requiring a change in Puppet is to configure our puppet master to use the other teams' stored config db: Pros: no extra work Cons: depends on them agreeing to that (they don't). Means that we share all our stored config with them and vice verse. Otherwise, how about one of the following new features: 1. Allow a puppet master to define multiple stored config db's and let resources specify which of the db's they need to be pushed to. 2. Allow a puppet virtual resource to specify to be read multiple stored config db's. Is there another option? Thanks. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/wv1253gDk8wJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Concatanating result of custom function to a string
Hello, I'm working on execution of puppet's "puppet cert generate ...--dns_alt_names=name1,name2,name2" using Puppet 2.7.19 and didn't find a way to figure out the following: I'd prefer to keep the list of "dns_alt_names" in a puppet array and join() them when I build the command string. E.g. $dns_alt_names = [ 'name1', 'name2', ...] $command = "puppet cert generate ... --dns_alt_names=" join($dns_alt_names, ','). But I didn't find a way to concatenate the output of the join() call to the string before it. A couple of ways I though that might allow this are: 1. Set a temporary variable with the output of join() and interpolate it into the command with "...${temp_var}" 2. Use inline_template() Are these the only viable ways to achieve that? For now I keep the names in a single string, but I think this is less maintainable than using an array. Thanks, --Amos -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/zXOjvdCcUj4J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Removing intermediate variables in calculation
Thanks John. At least I know there is no way to improve my code. I prefer to try to keep logic in the .pp files and out of the templates, just to make it easier to find. On Thursday, October 4, 2012 1:02:35 AM UTC+10, jcbollinger wrote: > > > > On Tuesday, October 2, 2012 10:10:13 AM UTC-5, Guzmán Brasó wrote: >> >> I'm in no way a puppet guru but rewritting it didnt work? from a >> logic point of view this should work: >> >> >> class >> $baseurl, >> $webapp_context_path = '' >> ) { >> if ($webapp_context_path == '') { >> # Try to get value from baseurl >> $webapp_context_path = regsubst($baseurl, '^https?://[^/]+(/.*)', >> '\1') >> if ($webapp_context_path == '') { >> #Set default >> $webapp_context_path = '/' >> } >> } >> notify{"rewritted webapp_context_path='${webapp_context_path}' from >> url='${baseurl}'": } >> } >> >> > > No, that won't work, because Puppet variables, including class and > definition parameters, can be assigned a value at most once. There are > good reasons for that, but they're not really relevant to the present > question. > > Anyway, for that very reason, constructs involving internal variables such > as $int_webapp_context_path are fairly standard practice in Puppet. > Among the alternatives could be to redesign your class parameterization > or to drop the adaptive behavior. Or you could write a custom function > implementing the logic for context path selection, or you could put it into > your template instead of your class. > > (Note, by the way, that because you assign a default value of '/' to > $webapp_context_path in your parameter list, in the class body that > parameter will be observed to have an empty value only if such a value is > explicitly set when the class is declared.) > > > John > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/Bmju_PjXasEJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Removing intermediate variables in calculation
Thanks Guzman, as John pointed out that won't work (I think this is because Puppet's language is declarative, even if it resembles procedural language in many ways). On Wednesday, October 3, 2012 1:10:13 AM UTC+10, Guzmán Brasó wrote: > > I'm in no way a puppet guru but rewritting it didnt work? from a logic > point of view this should work: > > > class > $baseurl, > $webapp_context_path = '' > ) { > if ($webapp_context_path == '') { > # Try to get value from baseurl > $webapp_context_path = regsubst($baseurl, '^https?://[^/]+(/.*)', '\1') > if ($webapp_context_path == '') { > #Set default > $webapp_context_path = '/' > } > } > notify{"rewritted webapp_context_path='${webapp_context_path}' from > url='${baseurl}'": } > } > > But as I said I'm fairly new with puppet, did not tried above code. > > On Mon, Oct 1, 2012 at 10:28 PM, Amos Shapira > > > wrote: > >> Hello, >> >> I have a small Puppet 2.7 module to configure Sonatype Nexus >> Professional. The module takes, among other things, a baseurl in the form >> of "http://example.com/path"; and I'd like it to extract the "/path" from >> that variable into a separate variable IF an optional "path" variable >> haven't been supplied. >> >> Here is an extract: >> class nexus::config( >> ... >> $baseurl, >> $webapp_context_path = '' >> ) { >> if ($webapp_context_path == '') >> { >> $webapp_context_path = regsubst($baseurl, '^https?://[^/]+(/.*)', >> '\1') >> > >$webapp_context_path = regsubst($baseurl, '^https?://[^/]+(/.*)', '\1') > > if ($extracted_url_path) >> { >> $int_webapp_context_path = $extracted_url_path >> } >> else >> { >> # in case we were given a $baseurl without the tailing "/" >> $int_webapp_context_path = '/' >> } >> notify{"extracted int_webapp_context_path >> \"${int_webapp_context_path}\" from url \"${baseurl}\"": } >> } >> >> # use $int_webapp_context_path in the .erb template file >> >> My question - this use of $int_webapp_context_path and >> $extracted_url_path looks a bit shabby. But I didn't find a way to use >> conditional assignments to remove these intermediate variables and either: >> 1. Assign the value I want to $webapp_context_path if it's not set yet. >> 2. Or at least get rid of the $extracted_url_path >> >> Is there a nicer way to achieve the above? >> >> Thanks. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To view this discussion on the web visit >> https://groups.google.com/d/msg/puppet-users/-/rNRGRX2LrzkJ. >> To post to this group, send email to puppet...@googlegroups.com >> . >> To unsubscribe from this group, send email to >> puppet-users...@googlegroups.com . >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en. >> > > > > -- > GuruHub - Guzmán Brasó > http://www.guruhub.com.uy - +59898674020 > Rivera 3565 - CP11400 - Montevideo, Uruguay > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/sM14FzeDd3AJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Removing intermediate variables in calculation
Hello, I have a small Puppet 2.7 module to configure Sonatype Nexus Professional. The module takes, among other things, a baseurl in the form of "http://example.com/path"; and I'd like it to extract the "/path" from that variable into a separate variable IF an optional "path" variable haven't been supplied. Here is an extract: class nexus::config( ... $baseurl, $webapp_context_path = '/' ) { if ($webapp_context_path != '') { $int_webapp_context_path = $webapp_context_path notify{"using webapp_context_path \"${webapp_context_path}\"":} } else { $extracted_url_path = regsubst($baseurl, '^https?://[^/]+(/.*)', '\1') if ($extracted_url_path) { $int_webapp_context_path = $extracted_url_path } else { # in case we were given a $baseurl without the tailing "/" $int_webapp_context_path = '/' } notify{"extracted int_webapp_context_path \"${int_webapp_context_path}\" from url \"${baseurl}\"": } } # use $int_webapp_context_path in the .erb template file My question - this use of $int_webapp_context_path and $extracted_url_path looks a bit shabby. But I didn't find a way to use conditional assignments to remove these intermediate variables and either: 1. Assign the value I want to $webapp_context_path if it's not set yet. 2. Or at least get rid of the $extracted_url_path Is there a nicer way to achieve the above? Thanks. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/rNRGRX2LrzkJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] A simple solution to the "deep directory tree" problem
Hello, Like many others, I once again had to deal with creation of deep directory trees with puppet. I did the usual: file { [ "/a", "/a/b/", "/a/b/c"...]: ensure => directory } And again got sick of it. I still didn't find a good answer for it on the web so here is what I came up with in a moment of despair: define core::mkdirp($owner = undef, $group = undef) { exec { "mkdir -p ${name}": creates => $name, } file { $name: ensure => 'directory', require => Exec["mkdir -p ${name}"], owner => $owner, group => $group, } } Usage: core::mkdirp { "/a/b/c/d": owner => $user, group => $group, } file { "/a/b/c/d/file.txt": require => Core::Mkdirp["/a/b/c/d"], ... } So far it works beautifully for me but I want to hear what the community thinks of it and whether there is a nicer solution I'm missing. Thanks. --Amos -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/ozFNn2oUGCQJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Suggestion - puppet preload stage?
Thanks Ken, I think I may have been confused with the pre-2.7.8 puppet still being installed before this upgrade was pushed out. Once the later version was installed the manifest seemed to work right. For instance the first opsview run on a server will complain about the missing config file but still work after all since it re-reads the configuration file when it's actually used, whereas it used to just fail on 2.6.x. I still ended up using polysh to do the initial "yum upgrade puppet" on all servers but hopefully that won't have to be repeated too much. For puppet upgrade itself - a possible, untested, work-around could be to Exec[] something which will restart the puppet agent if puppet was upgraded. Risky and ugly but might save someone from having to do this manually many servers. For now I guess you can ignore my request. Cheers, --Amos -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/FbkwosHxJ0EJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Suggestion - puppet preload stage?
Thanks Luke (and sorry for late reply). This sort of addresses another question I haven't got around to investigate - the question is whether Puppet has functions/facts to tell me things like whether a particular provider is available or not. I guess it can be somehow scripted. But as you say - your hack won't avoid re-runs, it might allow cleaner messages, though. Cheers, --Amos -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/gkjGeEs-Bq8J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Suggestion - puppet preload stage?
Thanks for the pointer, Gary. It seems to address the issue of missing providers, even better than my suggestion. However, I'm not sure if/how it addresses other situations, e.g.: 1. Provider exists but has to be updated. 2. Puppet version update. 3. Configuration files - missing or have to be updated. 4. Other types of configurations which have to take place, e.g. add a network link (e.g. VPN, proxy), or make any other arbitrary change which can affect the rest of the puppet run (or future puppet runs). What I'm thinking about is a generic way to say "OK, now I'm finished doing all sorts of tweaks to the system, please start puppet and take these tweaks into consideration". Is that possible? Cheers, --Amos On Wednesday, March 21, 2012 1:51:48 PM UTC+11, Gary Larizza wrote: > > > > On Wed, Mar 21, 2012 at 1:11 PM, Amos Shapira wrote: > >> Hello, >> >> I encounter issues regarding puppet "self update" that I'm sure are >> not uncommon: >> 1. When puppet version updates it doesn't restart to run the rest of >> the manifest with the new version. >> 2. When a new provider is installed (or extra configuration is done to >> enable an existing provider), puppet still won't make it available. >> >> example for (1): Our vagrant (http://vagrantup.com/) dev base boxes >> still come with Puppet 2.6.3 while the manifest depends on Puppet 2.7 >> features. I can manually upgrade puppet manually (and that's what I do >> on dev), but when the time to deploy to production comes it >> practically means that I have to manually upgrade Puppet to 2.7 on all >> hosts before I push the change. >> >> example for (2): We use daemontools >> (http://cr.yp.to/daemontools.html<http://cr.yp.to/daemontools.html> >> ) >> to monitor some of our servers. Puppet comes with a "daemontools" >> Service type provider but since the daemontools package isn't >> installed yet the provider is made unavailable for the rest of the >> run. A second puppet run, assuming it managed to install daemontools >> in the first one before it failed on other things, succeeds in picking >> up the daemontools as a provider. >> >> another example for (2): I use opsview (https://github.com/dpeters/ >> puppet-opsview <https://github.com/dpeters/puppet-opsview>) to monitor >> hosts. When the type is loaded by puppet it >> looks for a file called /etc/puppet/opsview.conf to find URL/username/ >> password of the opsview REST server. This file doesn't exist (or can >> be out of date) in the first run causing the Type to fail. >> >> > Amos, have you seen this feature --> > http://projects.puppetlabs.com/issues/6907<http://projects.puppetlabs.com/issues/6907> > > > > >> My suggestion - >> >> Define a new "preload" stage - resources which can affect puppet's own >> execution (e.g. types, config files, puppet version updates) can be >> placed in that stage and eventually a specific function call (or a >> special built-in trigger inside the Puppet code?) will cause Puppet to >> drop everything at the end of this stage and start from fresh. >> >> The mechanism has to be careful to limit potential inifinite loops - >> e.g. if nothing was changed during the stage then don't re-run, or if >> the stage keeps changing things and puppet re-starts more than a set >> limit then fail. >> >> What do you think about this? Is there another solution/work-around/ >> standard-best-practice I'm not aware of? >> >> Thanks. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To post to this group, send email to puppet-users@googlegroups.com. >> To unsubscribe from this group, send email to >> puppet-users+unsubscribe@googlegroups.com >> . >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en<http://groups.google.com/group/puppet-users?hl=en> >> . >> >> > > > -- > > Gary Larizza > Professional Services Engineer > Puppet Labs > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/XUeixQ5zq7sJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Suggestion - puppet preload stage?
Hello, I encounter issues regarding puppet "self update" that I'm sure are not uncommon: 1. When puppet version updates it doesn't restart to run the rest of the manifest with the new version. 2. When a new provider is installed (or extra configuration is done to enable an existing provider), puppet still won't make it available. example for (1): Our vagrant (http://vagrantup.com/) dev base boxes still come with Puppet 2.6.3 while the manifest depends on Puppet 2.7 features. I can manually upgrade puppet manually (and that's what I do on dev), but when the time to deploy to production comes it practically means that I have to manually upgrade Puppet to 2.7 on all hosts before I push the change. example for (2): We use daemontools (http://cr.yp.to/daemontools.html) to monitor some of our servers. Puppet comes with a "daemontools" Service type provider but since the daemontools package isn't installed yet the provider is made unavailable for the rest of the run. A second puppet run, assuming it managed to install daemontools in the first one before it failed on other things, succeeds in picking up the daemontools as a provider. another example for (2): I use opsview (https://github.com/dpeters/ puppet-opsview) to monitor hosts. When the type is loaded by puppet it looks for a file called /etc/puppet/opsview.conf to find URL/username/ password of the opsview REST server. This file doesn't exist (or can be out of date) in the first run causing the Type to fail. My suggestion - Define a new "preload" stage - resources which can affect puppet's own execution (e.g. types, config files, puppet version updates) can be placed in that stage and eventually a specific function call (or a special built-in trigger inside the Puppet code?) will cause Puppet to drop everything at the end of this stage and start from fresh. The mechanism has to be careful to limit potential inifinite loops - e.g. if nothing was changed during the stage then don't re-run, or if the stage keeps changing things and puppet re-starts more than a set limit then fail. What do you think about this? Is there another solution/work-around/ standard-best-practice I'm not aware of? Thanks. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] re-colorise puppet logs
Hi, We find the "color-coded" puppet logs very useful, but they are not coloured when logged to a file. Here is a small Perl script to add the color back when reading that file. I'd like to upload it to the Wiki but not sure where would it fit (and didn't find the way to add a new page). I offer it under GPL v3. #!/usr/bin/perl # colorpuppetlog: colorise puppet log according to the severity mentioned in the message # Copyright (c) Amos Shapira, September 8th 2010. # Licence: GPLv3 use strict; use warnings; use Term::ANSIColor; my %colormap = ( 'info' => 'green', 'notice' => 'cyan', 'err' => 'magenta', 'warning' => 'yellow'); my $color = 'reset'; while (<>) { my $newcolor; if (/ \((info|notice|err|warning)\): /) { $newcolor = $colormap{$1}; } else { $newcolor = 'reset'; } if ($newcolor ne $color) { $color = $newcolor; print color($color); } print; } print color 'reset'; exit 0; -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: quoting special characters in puppet.conf
I tried that: diff_args = -ubB -I \\\$HeadURL and still get: err: ...: Failed to retrieve current state of resource: Could not find value for $HeadURL Does anyone knows what kind of code parses this? Is it passed through the shell? How many "levels of quoting" does it go through before reaching "diff" and by which programs? Thanks, --Amos On Aug 27, 9:42 pm, Darren Chamberlain wrote: > * Amos Shapira [2010/08/27 01:06]: > > > e.g. here is what I tested again right now: > > > diff_args = -ubB -I \$HeadURL > > > and here are the errors that I get: > > > err: /File[/usr/lib64/nagios/plugins/check_state_file.pl]: Failed to > > retrieve current state of resource: Could not find value for $HeadURL > > In many config files, such as mutt's, you need to double all the > backslashes, to protect them from the dereferencing that happens > during parsing. So, in \\\$HeadURL, the first \ would escape the > second \, and the third \ would escape the $, so that what gets > passed through is \$HeadURL. > > Thus, this is untested speculation, but it can't hurt to try: > > diff_args = -ubB -I \\\$HeadURL > > -- > Darren Chamberlain -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: quoting special characters in puppet.conf
Hi Tom, That's what I tried but it doesn't help. e.g. here is what I tested again right now: diff_args = -ubB -I \$HeadURL and here are the errors that I get: err: /File[/usr/lib64/nagios/plugins/check_state_file.pl]: Failed to retrieve current state of resource: Could not find value for $HeadURL Thanks, --Amos On Aug 25, 11:15 pm, Tom Duckering wrote: > I believe the escape character is simply \ > > I use it to escape quotes - \" > > On 25 Aug 2010, at 12:35, Amos Shapira wrote: > > > Patrick, > > > I see only a quote of my question in your reply. > > > Do you have an answer? > > > Thanks. > > > --Amos > > > On Aug 25, 6:28 pm, Patrick wrote: > >> On Aug 24, 2010, at 11:52 PM, Amos Shapira wrote: > > >>> Hello, > > >>> I'd like to pass the following flags to diff through puppet: > > >>> -urbB -I $Id -I $HeadURL -I $URL > > >>> But when I try to set diff_args in /etc/puppet/puppet.conflike this: > > >>> diff_args = -ubB -I \$Id -I \$HeadURL -I \$URL > > >>> Puppet tries to interpolate the $Id and fails. > > >>> How can I quote the '$' sign so puppet will pass it as-is to diff? > > >>> I'm using puppet 0.25.4 on CentOS 5.5 x64_86. > > >>> Thanks. > > >>> -- > >>> You received this message because you are subscribed to the Google Groups > >>> "Puppet Users" group. > >>> To post to this group, send email to puppet-us...@googlegroups.com. > >>> To unsubscribe from this group, send email to > >>> puppet-users+unsubscr...@googlegroups.com. > >>> For more options, visit this group > >>> athttp://groups.google.com/group/puppet-users?hl=en. > > > -- > > You received this message because you are subscribed to the Google Groups > > "Puppet Users" group. > > To post to this group, send email to puppet-us...@googlegroups.com. > > To unsubscribe from this group, send email to > > puppet-users+unsubscr...@googlegroups.com. > > For more options, visit this group > > athttp://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: quoting special characters in puppet.conf
Patrick, I see only a quote of my question in your reply. Do you have an answer? Thanks. --Amos On Aug 25, 6:28 pm, Patrick wrote: > On Aug 24, 2010, at 11:52 PM, Amos Shapira wrote: > > > Hello, > > > I'd like to pass the following flags to diff through puppet: > > > -urbB -I $Id -I $HeadURL -I $URL > > > But when I try to set diff_args in /etc/puppet/puppet.conf like this: > > > diff_args = -ubB -I \$Id -I \$HeadURL -I \$URL > > > Puppet tries to interpolate the $Id and fails. > > > How can I quote the '$' sign so puppet will pass it as-is to diff? > > > I'm using puppet 0.25.4 on CentOS 5.5 x64_86. > > > Thanks. > > > -- > > You received this message because you are subscribed to the Google Groups > > "Puppet Users" group. > > To post to this group, send email to puppet-us...@googlegroups.com. > > To unsubscribe from this group, send email to > > puppet-users+unsubscr...@googlegroups.com. > > For more options, visit this group > > athttp://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] quoting special characters in puppet.conf
Hello, I'd like to pass the following flags to diff through puppet: -urbB -I $Id -I $HeadURL -I $URL But when I try to set diff_args in /etc/puppet/puppet.conf like this: diff_args = -ubB -I \$Id -I \$HeadURL -I \$URL Puppet tries to interpolate the $Id and fails. How can I quote the '$' sign so puppet will pass it as-is to diff? I'm using puppet 0.25.4 on CentOS 5.5 x64_86. Thanks. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Configuring DRBD
Hello, Does anyone here have a module to configure DRBD (http:// www.drbd.org/) using puppet? It's not supposed to be too complicated, but I'd rather not re-invent this wheel if possible. The module should probably allow passing all the parameters available in drbd.conf, and/or possibly allow quoting entire "stanzas" to go into drbd.conf. Thanks, -Amos --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Certificates were not trusted: certificate verify failed
Oops. Replying to my own post, after re-reading one of the messages in this group a few more times (http://groups.google.com/group/puppet- users/msg/559819ffc956337e) while waiting for my experiments to run I finally realised that it's relevant to my too. It turned out that the $fileserver and $urlbase were still pointing to the other server (ds501). So I think what happened is that ds502 got the certificate request, I signed it, then the puppet clients accessed it, got hold of the manifests and even the templates, but they tried to fetch the files from ds501 (the "working" server) which didn't recognise the client certificate and refused access. Once we fixed $fileserver to point to the right server things started dancing again. TAKE AWAY from this (and other tackles by puppet problems): PLEASE make it clear in the log messages where they are coming from and what they complain about - is this error printed bythe puppet master? the puppet client? Which host name? What string did it see in the certificate vs. what did it expect? Thanks. --Amos --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Certificates were not trusted: certificate verify failed
Hello, We are installing some Xen guests using puppet 0.24.5-1.el5 (from http://people.redhat.com/dlutter/yum/rhel/5/x86_64/) on CentOS 5. The Xen host is also a CentOS 5 running the same version for a puppet master. We have two such identical Xen hosts (running puppet master each). The first one works perfectly for a while and we are not trying to deploy the second one for redundancy. The first Xen guest which tries to use puppet hits this apparently familiar problem. Here is a sample output: Wed Jan 14 11:25:32 +1100 2009 //Node[portal2-prod- ascent.threatmetrix.com]/portal-prod-ascent/portal-ks/common-ks/File[/ etc/ssh/sshd_config] (err): Failed to retrieve current state of resource: Certificates were not trusted: certificate verify failed Could not describe /files/common/sshd_config: Certificates were not trusted: certificate verify failed at /etc/puppet/svn/manifests/common- ks.pp:78 We've been googl'ing this for two days now, we found both old and recent threads about this error as well as the page at http://reductivelabs.com/trac/puppet/wiki/RubySSL-2007-006 but even though we follow all the advise there and see the expected output (the certificate verifies well using "openssl verify ...") we can't convince puppet to accept the certificate. One thing where our output doesn't match the one in the instructions on Wiki page are that the wiki page says: "Look for subject=/C=US/ST=Ohio/O=The Ohio State University/ OU=Department of Mathematics/CN=puppet.math.ohio-state.edu" but I'm not sure whether this is just an example or we should really have this specific CN in the certificate. We receive identical output on the working server. Instead, we have output as follows: # openssl s_client -connect ds502.blueboxgrid.com:8140 CONNECTED(0003) depth=0 /CN=ds502.blueboxgrid.com verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 /CN=ds502.blueboxgrid.com verify error:num=21:unable to verify the first certificate verify return:1 --- Certificate chain 0 s:/CN=ds502.blueboxgrid.com i:/CN=ds502.blueboxgrid.com --- Server certificate -BEGIN CERTIFICATE- [deleted] -END CERTIFICATE- subject=/CN=ds502.blueboxgrid.com issuer=/CN=ds502.blueboxgrid.com --- No client certificate CA names sent --- SSL handshake has read 1244 bytes and written 343 bytes --- New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA Server public key is 1024 bit Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher: DHE-RSA-AES256-SHA Session-ID: 0F117816A195A5791AC317D30F6489E4874815B83DF734933A2B5B58DB9FC6F5 Session-ID-ctx: Master-Key: E1DF12E889C1D3C5215EF451FD229BC29864666EF247789FE5179758C8018EF84D45AA6B9B552890110765BD71B65E64 Key-Arg : None Krb5 Principal: None Start Time: 1231893176 Timeout : 300 (sec) Verify return code: 21 (unable to verify the first certificate) --- What else can we do? We are stuck in deployment of production system because of this and can't find what makes the first host tick while the second one won't accept anything. I've tried also to completely remove and re-install puppet and puppet- master (and remove the /var/lib/puppet and /etc/puppet directories) but still get the same results. Thanks., --Amos --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---