Re: [Puppet Users] Hiera isn't merging hashes
you need to use hiera 1.2 and enable deep merging
On 26 Feb 2014 22:19, paul.le...@complex.com wrote:
I have been doing some experimenting with Puppet + Hiera with some of my
hashes, but when it is going through my hierarchy it is returning whatever
hash it hits first and skipping the others.
For my node 'sandbox1'
sandbox.pp:
node /^sandbox\d+/ {
class { 'php':}
notify { 'PHP hash':
message = hiera('php::augeas',{})
}
$php_settings = hiera('php::augeas',{})
create_resources('php::augeas',$php_settings)
}
hiera.yaml:
---
:backends:
- json
:json:
:datadir: /etc/puppet/hiera
:merge_behavior: deeper
:hierarchy:
- nodes/%{::hostname}
- roles/%{::role}
- provider/%{::provider}
- provider/%{::provider}/virtual/virtual_%{::is_virtual}
- common
hiera/nodes/sandbox1.json:
{
php::augeas : {
php-allow_url_fopen : {
entry : PHP/allow_url_fopen,
value : On
}
}
}
hiera/roles/sandbox.json:
{
php::augeas : {
php-log_errors : {
entry : PHP/log_errors,
value : On
}
}
}
hiera/common.json:
{
php::augeas : {
php-date_timezone : {
entry : Date/date.timezone,
value : America/New_York
},
php-short_open_tag : {
entry : PHP/short_open_tag,
value : On
},
php-error_log : {
entry : PHP/error_log,
value : /var/log/php/php_error.log
}
}
}
In this configuration, *only php-allow_url_fopen **from the top-level
nodes hash is returned*. If I remove that nodes/sandbox1.json, it only
returns the php-log_errors from the next roles hiera level down.
Finally, if the nodes and roles json's are removed it will apply all three
from the common.json hash.
I have tried both native and deeper merge behaviors with the same result.
The strangest thing is that the hiera command line tool on the master
returns the correct hash:
# hiera -h php::augeas ::hostname=sandbox1 ::role=sandbox -c
/etc/puppet/hiera.yaml
{php-date_timezone=
{entry=Date/date.timezone, value=America/New_York},
php-short_open_tag={entry=PHP/short_open_tag, value=On},
php-error_log=
{entry=PHP/error_log, value=/var/log/php/php_error.log},
php-log_errors={entry=PHP/log_errors, value=On},
php-allow_url_fopen={entry=PHP/allow_url_fopen, value=On}}
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/96454179-6cd7-4c54-9ec2-2bf553e319a9%40googlegroups.com
.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CACzr%3DFdpKn-AdW7Qpc9H43NNZZvNMfV9EOB%3D_ut4KLSxTzt4LA%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] return codes from puppet command
puppet help agent * --detailed-exitcodes: Provide transaction information via exit codes. If this is enabled, an exit code of '2' means there were changes, an exit code of '4' means there were failures during the transaction, and an exit code of '6' means there were both changes and failures. On 19 February 2014 09:28, Mikael Lindqvist li.mik...@gmail.com wrote: Hi, Where are the return codes from the puppet command documented? I have seen 0, 2 and 6 and by the look of it they all seem to signal success, but it would be nice to see a list of them. Thanks! // Mikael -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/13097d50-fbcc-4ba6-9e09-ca19913a34c0%40googlegroups.com . For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CACzr%3DFfx63DUObLDMknDeGOuMiKk9xY9-52MjQRYJFNqcYO%3D3Q%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: Reg : War deployment with Puppet
we used to package into rpms as well On 30 January 2014 11:50, PaulC paul.can...@gmail.com wrote: Must admit i would be interested in seeing what other peoples approaches has been for this, we have been thinking about going down the route of getting the war files and any relevant library files put into a rpm/deb package and getting puppet to install the rpm though the OS package manager. Paul C. On Thursday, 30 January 2014 06:54:26 UTC, krishna bhaskara rao wrote: Hi, Can any one share me sample snippets to deploy war in tomcat. if deployment fails, how to rollback. With Regards, Krishna. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/241ed902-f5c6-4f83-a2de-85a13b1948ed%40googlegroups.com . For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CACzr%3DFcrk1udFVCQTYKF%2BkPPou-1%2Bh9JVpgUY8RyavOjjJb9xQ%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] circular dependency between user/home and parent directory owned by that user
Something like managehome = false ?
On 30 Jan 2014 16:51, David Portabella david.portabe...@gmail.com wrote:
again,
it is a circular dependency.
what you are saying is to first create user and then file.
but to create the user, we need the file first also.
On Thursday, January 30, 2014 5:31:10 PM UTC+1, Arpin Dominique (Nter)
wrote:
Hi,
Simple :
User['david']-File['/haha']
Ref: http://docs.puppetlabs.com/learning/ordering.html
*Dominique Arpin*
Tél. Interne: 140-4156
Tél. 514 285.2929 Poste: 140-4156
*De :* puppet...@googlegroups.com [mailto:puppet...@googlegroups.com] *De
la part de* David Portabella
*Envoyé :* 30 janvier, 2014 11:28
*À :* puppet...@googlegroups.com
*Objet :* [Puppet Users] circular dependency between user/home and
parent directory owned by that user
For illustrating purposes,
I need a *david* user with home directory /haha/david,
and at the same time, the directory /haha also needs to be owned by
*david*.
this code does not work,
because user requires the /haha directory, and the /haha directory
requires the david user,
so we have a circular dependency,
and it seems that puppet does not know how to handle this.
user {'david':
ensure = present,
home= '/haha/david',
managehome = true
}
file {'/haha':
ensure = directory,
owner = 'david'
}
how to solve this?
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/
msgid/puppet-users/da03b929-db57-4964-acf9-060beec69d2c%
40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Mise en garde concernant la confidentialité : Le présent message,
comprenant tout fichier qui y est joint, est envoyé à l'intention exclusive
de son destinataire; il est de nature confidentielle et peut constituer une
information protégée par le secret professionnel. Si vous n'êtes pas le
destinataire, nous vous avisons que toute impression, copie, distribution
ou autre utilisation de ce message est strictement interdite. Si vous avez
reçu ce courriel par erreur, veuillez en aviser immédiatement l'expéditeur
par retour de courriel et supprimer le courriel. Merci!
Confidentiality Warning: This message, including any attachment, is sent
only for the use of the intended recipient; it is confidential and may
constitute privileged information. If you are not the intended recipient,
you are hereby notified that any printing, copying, distribution or other
use of this message is strictly prohibited. If you have received this email
in error, please notify the sender immediately by return email, and delete
it. Thank you!
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/021d8313-7665-44d3-82fd-fe9be08490c9%40googlegroups.com
.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CACzr%3DFfnwNGcBhxYwq7%2Bd7e1kf180mOVv5EinhvOshyr97qnmg%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] hiera suggestion
Yes, I was thinking something like that.
Is there a %{module} variable ?
On 22 Jan 2014 07:39, Jose Luis Ledesma joseluis.lede...@gmail.com
wrote:
Copied from another thread:
:hierarchy:
...
- %{environment}/classes/%{calling_class}
Perhaps it is easier that way.
Regards
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/8f785b3b-ea63-4004-be7b-5810d3fbdd38%40googlegroups.com
.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CACzr%3DFeUuECvH_Dy0eUW%3D2GVQNzRphz5TupdBtYJcCnpfZLCeQ%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] hiera suggestion
Hi community, I need a suggestion.
Some of my modules like nagios or nfs shares are having a lot of static
data which needs to be defined in the bottom of hierarchy.
It makes my file generic.yaml quite massive and not that readable.
What are the options do I have to separate this into more structured tree?
What are the best practices?
The first thing comes to mind is to add few more files in to hiera:
...
- %{::site}
- generic
- nagios_services
- nfs_shares
etc..
Or is it better to avoid this?
Any thoughts?
--
Andrey
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CACzr%3DFfQtU9Q5rjQT72Qur%2BzTqEcOHbG1x%2Bt5EnL7Bj1Hbv6Bg%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] hiera suggestion
Those are mostly definitions of custom checks to export + templates which
group those checks by server types
On 21 Jan 2014 22:40, Pete Brown rendhal...@gmail.com wrote:
My question would be what are you doing with nagios that need so much
static data?
My monitoring module uses facts and one or two static vars.
I would suggest putting defaults in your modules so you don't need to
set so many variables.
Basing those defaults of custom facts would help reduce your need to
set vars in hiera.
On 21 January 2014 21:28, Andrey Kozichev akozic...@gmail.com wrote:
Hi community, I need a suggestion.
Some of my modules like nagios or nfs shares are having a lot of static
data
which needs to be defined in the bottom of hierarchy.
It makes my file generic.yaml quite massive and not that readable.
What are the options do I have to separate this into more structured
tree?
What are the best practices?
The first thing comes to mind is to add few more files in to hiera:
...
- %{::site}
- generic
- nagios_services
- nfs_shares
etc..
Or is it better to avoid this?
Any thoughts?
--
Andrey
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CACzr%3DFfQtU9Q5rjQT72Qur%2BzTqEcOHbG1x%2Bt5EnL7Bj1Hbv6Bg%40mail.gmail.com
.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAJ8DPF5HDMWKvk9SEcvRbr-38wkvMFk-Ony8PGj6Eac1uZrDfQ%40mail.gmail.com
.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CACzr%3DFdT0zkYNoHO%2B_hQAh%2Bi6oL88%3DwJRn0bPvLUXgZGdWMPwg%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Problems with onlyif in Exec
Onliif looks at exit code, not at echo value.
If you are piping - it will be exit code of the last command.
Use grep -q or something to get a non-zero code
On 20 Jan 2014 13:02, Jan-Frederic Markert
jan-frederic.mark...@codecentric.de wrote:
Hey,
we want to check a condition before executing some commands.
If a line is existing in a list of architectures, the command should not
run - and vice versa.
So we use grep and count the words (wc -l).
The expected behaviour: if the onlyif-command returns 0, execute. If not,
don't.
(according to reference:
http://docs.puppetlabs.com/references/latest/type.html#exec-attribute-onlyif
)
Running the onlyif-command separately from puppet exectution, the return
value is as expected.
But the Exec-command is executed every time, despite the actual return
value.
Also, running echo 0 as well as echo 1 as onlyif triggers an execution.
Here is the code snippet used in our manifest
exec { hammer execution:
command = hammer architecture create --name x86_64 \
hammer environment create --name cloudbox,
path= /usr/local/bin/,
require = [
File[/var/log/foreman/hammer.log],
File[/etc/foreman/cli_config.yml],
Package[hammer_cli_foreman],
],
# onlyif = hammer architecture list | /bin/grep 'x86_64' |
/usr/bin/wc -l,
onlyif = /bin/echo 1,
user= ccka,
environment = [HOME=/home/ccka],
}
Does anyone have an idea what's going wrong?
Regards,
Fredi
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/b44c8522-14e2-48a0-9459-7a2a6b0c3721%40googlegroups.com
.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CACzr%3DFfFAcOSSAVG%3D1EOmw2NJZuze3xhoPUNmQDLpbvkozjsSw%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] puppet user context
Not sure, what is your task. Where are you getting users from? Is it everyone or do you have defined list? Andrey On 17 Jan 2014 07:39, Robert Turk r.t...@reproflex.de wrote: Am 16.01.14 13:50, schrieb Andrey Kozichev: Do you need to run this only for logged in users? No not really... You suggest I could do something like checking which users exist on the machine and then run it for these users ignoring if they are logged in or not? You can use facter fact to return logged in users and use it in your manifest. Do you mean building a custom fact for this value? Robert -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/ msgid/puppet-users/52D8DE22.6050906%40reproflex.de. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CACzr%3DFfwNV0zOcQYVVopck-xC-Rvv_wxnvOXywDXkjZghFA9ww%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Augeas: Duplicate declaration
ah, right you are supplying entire hash in your defined resource. Missed it.
If your defined resource would accept: name, iphost and hostname - then you
can use create_resources to define all 3 entry.
On 17 Jan 2014 15:21, Reinaldo Lima reiml...@gmail.com wrote:
With create_resources the error is:
*Invalid parameter hostName on node*
And including the entry[name] in the resource name:
*Resource title must be a String, not Hash*
=(
On Friday, January 17, 2014 5:10:16 AM UTC-2, Andrew wrote:
another option to use create_resources('hostinclude',$netentry)
On 16 Jan 2014 23:47, Nick Cammorato nick.ca...@gmail.com wrote:
Your augeas resource is always called hosts_include which is why it's
doing that. Try including the entry[name] in that resource name.
On Jan 16, 2014 4:15 PM, Reinaldo Lima reim...@gmail.com wrote:
Hi Everyone,
I'm trying to write a class that put some entries in /etc/hosts file
as follow below:
*class hosts {*
*$netentry = {*
*host01 = { iphost = '192.168.10.1', hostName =
host01 },*
*host02 = { iphost = '192.168.10.2', hostName =
host02 },*
*host03 = { iphost = '192.168.10.3', hostName =
host03 },*
*}*
*define hostsinclude ($entry) {*
* augeas { hosts_include:*
* incl = /etc/hosts,*
* lens = Hosts.lns,*
* changes = [*
* set /files/etc/hosts/01/ipaddr
$entry[$name]['iphost'],*
* set
/files/etc/hosts/01/canonical$entry[$name]['hostName'],*
* ],*
* onlyif = match */ipaddr[ . =
$entry[$name]['iphost'] ] size == 0*
* }*
*}*
*hostsinclude { [*
*'host01',*
*'host02',*
*'host03'*
*]:*
*entry = $netentry*
*}*
*}*
and, when puppet compiles the manifest, I get the following error:
*err: Could not retrieve catalog from remote server: Error 400 on
SERVER: Duplicate declaration: Augeas[hosts_include] is already declared in
file /puppet/environments/production/modules/checklist/manifests/hosts.pp
at line 10; cannot redeclare at
/puppet/environments/production/modules/checklist/manifests/hosts.pp:29 on
node*
Someone can help me?
Thanks
--
You received this message because you are subscribed to the Google
Groups Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send
an email to puppet-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/
msgid/puppet-users/fe9040f2-54de-4f9c-9787-4736b37219d9%
40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google
Groups Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send
an email to puppet-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/
msgid/puppet-users/CAKJ8awc5X%2B97jtxwbe%3DpjqhjqyuF8S_dR_
GvAAXM%2BC8t3FC9xA%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/4f31358c-652d-4afc-9919-aae783afa36c%40googlegroups.com
.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CACzr%3DFdwj-bmkdUzMoutEBLPMa%2BZA%3Dt7v98COQfT%2Bk%2BjBrUzGg%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Puppet Fundamentals training - how fundamental is it?
Best training you can get: define a task and then try to solve it. On 17 Jan 2014 17:38, David Taylor david.a.tay...@gmail.com wrote: Hi all, I've been playing around with Puppet with a view to implementing it at my workplace. I've already run through the Learning Puppet tutorial on docs.puppetlabs.com and the quizzes in the Puppet Learn Library, and now I'm looking into more formal training to try and get everything nailed down in my head and to get an idea of best practices for module design, environments etc. I was wondering if anyone could advise on whether the Puppet Fundamentals course is the right course to go for, or is it aimed at the complete Puppet novice - i.e. will I find that it just retreads things I already know? Thanks, -- Dave Taylor -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/2252a549-b862-4ffc-ae19-a1b3912b695c%40googlegroups.com . For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CACzr%3DFcHKUfq1OErC1fV9ZxjaGQBKXqxgPDuhbicoC%2BHyucasA%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] puppet user context
Do you need to run this only for logged in users?
You can use facter fact to return logged in users and use it in your
manifest.
Andrey
On 16 January 2014 07:12, Robert Turk r.t...@reproflex.de wrote:
Good morning,
I have a question concerning puppet and modifying user data. I am on Mac
OS X 10.8.5 with puppet 3.4.2.
I would like to run a manifest with the following content:
file { /Users/${id}/Desktop/testfile:
ensure = file,
}
file { /usr/testfile:
ensure = file,
}
For this manifest you need root access and you have to know the current
logged in user.
But the fact $id is, of course, root because I have to run this manifest
as root.
So how can I get the current logged in user as a variable?
Thanks in advance.
Kind regards.
Robert
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/
msgid/puppet-users/52D7866A.1040909%40reproflex.de.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CACzr%3DFe_FOztMPgtqm2-aWWJmB37oi%2BRgGSS26gpa2OKQYMirQ%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] 400 Error on nodes when trying to receive catalog from master
looks like your apache redirect doesn't work. Or puppet master stopped.(if you are using mongrel) check htttpd.conf Andrey On 16 Jan 2014 19:20, Jordan Piel jbenp...@gmail.com wrote: I've dabbled with puppet, but this is my first time setting it up. I'm running RHEL 6.5 on PE 3.1.1 on both my master and my agents. The issue I'm having is the agents throw an error during a normal puppet run. The error I'm seeing when I run 'puppet agent run --test' is... Error: Could not request certificate: Error 400 on SERVER: !DOCTYPE HTML PUBLIC -//IETF//DTD HTML 2.0//EN htmlhead title400 Bad Request/title /headbody h1Bad Request/h1 pYour browser sent a request that this server could not understand.br / /p hr addressApache Server at puppet.my.domain.name Port 8140/address /body/html If I specify the master when I manually run puppet on the agent node 'puppet agent run --test --server puppet.my.domain.name' it runs perfectly fine with 0 hiccups. Has anyone run in to this before? If more information is needed I'm willing to provide it. Thanks in advance! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/8a76c0e0-3f82-4e61-83c6-a64e62b9a2a3%40googlegroups.com . For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CACzr%3DFejYVeFrg-amrH9s9k%3Dap-nYzwKPGgibQaZR2V9aOGb4Q%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Augeas: Duplicate declaration
another option to use create_resources('hostinclude',$netentry)
On 16 Jan 2014 23:47, Nick Cammorato nick.cammor...@gmail.com wrote:
Your augeas resource is always called hosts_include which is why it's
doing that. Try including the entry[name] in that resource name.
On Jan 16, 2014 4:15 PM, Reinaldo Lima reiml...@gmail.com wrote:
Hi Everyone,
I'm trying to write a class that put some entries in /etc/hosts file as
follow below:
*class hosts {*
*$netentry = {*
*host01 = { iphost = '192.168.10.1', hostName = host01
},*
*host02 = { iphost = '192.168.10.2', hostName = host02
},*
*host03 = { iphost = '192.168.10.3', hostName = host03
},*
*}*
*define hostsinclude ($entry) {*
* augeas { hosts_include:*
* incl = /etc/hosts,*
* lens = Hosts.lns,*
* changes = [*
* set /files/etc/hosts/01/ipaddr
$entry[$name]['iphost'],*
* set
/files/etc/hosts/01/canonical$entry[$name]['hostName'],*
* ],*
* onlyif = match */ipaddr[ . =
$entry[$name]['iphost'] ] size == 0*
* }*
*}*
*hostsinclude { [*
*'host01',*
*'host02',*
*'host03'*
*]:*
*entry = $netentry*
*}*
*}*
and, when puppet compiles the manifest, I get the following error:
*err: Could not retrieve catalog from remote server: Error 400 on SERVER:
Duplicate declaration: Augeas[hosts_include] is already declared in file
/puppet/environments/production/modules/checklist/manifests/hosts.pp at
line 10; cannot redeclare at
/puppet/environments/production/modules/checklist/manifests/hosts.pp:29 on
node*
Someone can help me?
Thanks
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/fe9040f2-54de-4f9c-9787-4736b37219d9%40googlegroups.com
.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAKJ8awc5X%2B97jtxwbe%3DpjqhjqyuF8S_dR_GvAAXM%2BC8t3FC9xA%40mail.gmail.com
.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CACzr%3DFemrZtFMUnyU6SUbvFE9KyVrjK7s19YpOFmLnMeJyUE0g%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Replace multiple expression with a variable in a selector
try $VARIABLE ='(host1|host2|host3)'
$testing = $::hostname ? {
/$VARIABLE/ = 'filetest',
default= 'file',
}
On 15 January 2014 11:19, Francisco José Bejarano fjbejar...@gmail.comwrote:
Greetings to all
I have a question about the use of selectors. I am using 3.4.2
I have this selector in my code
$testing = $::hostname ? {
/(host1|host2|host3)/ = 'filetest',
default= 'file',
}
I would like to use a variable as a multiple expression in a selectorlike this
$VARIABLE ='/(host1|host2|host3)/'
$testing = $::hostname ? {
$VARIABLE = 'filetest',
default= 'file',
}
¿Is that possible?
I've tried different ways but does not work. With quotes, without quotes,
etc.. It always select the default file (file) if I put variable, but if I
do not put variable (first code) it works ok and FileTest is used if
hostname is in expression.
I would like to use VARIABLE in hiera to use the name of hosts (not in
hard code)
¿Is that possible?
Thanks in advance :-)
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/5eecc840-5ab9-4636-a9be-492e8f65250c%40googlegroups.com
.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CACzr%3DFfBKjFTXjYq7ODvGSPGJeqRgCbM6-S1W1g8RMAEYvJP4Q%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: I need a virtual exported resource, or something similar
can't seem figure this out. Here is my data: common.yaml nfsshares: nfsshare-public: name: /var/public device: hostname1:/vol/public remounts: true options: 'rw,bg,hard' nfsshare-private: name: /var/private ensure: mounted device: 'hostname2:/var/private' remounts: true options: 'rw,bg,hard' now on the node level: my-test-server.yaml nfs::client::nfs_resouce_name: [ 'nfsshare-public', nfsshare-private ] struggling to make class nfs::client to create resources 'nfsshare-public', nfsshare-private based on the above data in hiera without making create_resources inside of create_resources or run loop on nfs_resouce_name and then create_resource for each item. There must be simpler way. Any hints appreciated. Andrey Andrey On 14 January 2014 02:38, Ian Mortimer i.morti...@uq.edu.au wrote: On 14/01/14 03:49, Andrey Kozichev wrote: This scenario works well if on the class input I just supply single mountpoint - then I do hiera(mountpointname) and create_resources() But if I want to have multiple Mountpoints defined per host I need to supply an Array to the class and then iterate it and fetch details for each mountpoint. I can probably do this by using new 3.2 syntax with each, but I would like to avoid this. Do you have any better way to implement this? If in hiera you define a hash of hashes (instead of an array of hashes) you can pass that to create_resources which will create a resource for each hash. -- Ian i.morti...@uq.edu.au Ian Mortimer Tel: +61 7 3346 8528 Science IT University of Queensland -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/ msgid/puppet-users/52D4A329.9000608%40uq.edu.au. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CACzr%3DFfwC_g0qfdiJrWCG5Ri-zQaY1cez5Jf6_2mzZZyC5-pmA%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: I need a virtual exported resource, or something similar
Thank you John, it looks like what I need.
I was doing something similar but was getting an error on create_resource,
I think I see now what was wrong. I will try this.
Andrey
On 14 Jan 2014 23:16, jcbollinger john.bollin...@stjude.org wrote:
On Tuesday, January 14, 2014 6:37:56 AM UTC-6, Andrew wrote:
can't seem figure this out.
Here is my data:
common.yaml
nfsshares:
nfsshare-public:
name: /var/public
device: hostname1:/vol/public
remounts: true
options: 'rw,bg,hard'
nfsshare-private:
name: /var/private
ensure: mounted
device: 'hostname2:/var/private'
remounts: true
options: 'rw,bg,hard'
now on the node level:
my-test-server.yaml
nfs::client::nfs_resouce_name: [ 'nfsshare-public', nfsshare-private ]
struggling to make class nfs::client
to create resources 'nfsshare-public', nfsshare-private based on the
above data in hiera without making create_resources inside of
create_resources or run loop on nfs_resouce_name and then
create_resource for each item.
There must be simpler way.
Any hints appreciated.
I'm not altogether clear on what you do or don't want to do, but your data
appear to be pointing in this direction:
class nfs::client (
$nfs_resource_name
) {
nfs::share { ${nfs_resource_name}:
sharedata = hiera('nfsshares')
}
}
define nfs::share (
$sharedata
) {
$my_data = { $title = $sharedata[$title] }
create_resources('mount', $my_data)
# if you don't want to use create_resources()
# then you can put a regular mount declaration
# there. It only needs to handle one resource.
}
I'm assuming there that you must accommodate cases where the 'nfsshares'
data contains more shares than you want to declare for the given node, else
create_resources() could more directly be applied to the problem.
Alternatively, you could write a custom function that creates a hash
containing just the wanted elements by selecting elements from the overall
hash based on array of keys. You could use create_resources() directly on
that without an intervening defined type. Such a function would be
sufficiently general to be reusable, and it could be expressed very
compactly in Ruby.
John
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/c816acf4-26df-4a6d-881c-ed15457eb10a%40googlegroups.com
.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CACzr%3DFcYPGji-Ujfm4BHsqL0rk6HOZPPOS5uoXcFs1VO6uPe0g%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: I need a virtual exported resource, or something similar
Thanks for the link. I will have a look. On 15 Jan 2014 04:16, Garrett Honeycutt g...@garretthoneycutt.com wrote: On Monday, January 13, 2014 9:38:33 PM UTC-5, ianm wrote: On 14/01/14 03:49, Andrey Kozichev wrote: This scenario works well if on the class input I just supply single mountpoint - then I do hiera(mountpointname) and create_resources() But if I want to have multiple Mountpoints defined per host I need to supply an Array to the class and then iterate it and fetch details for each mountpoint. I can probably do this by using new 3.2 syntax with each, but I would like to avoid this. Do you have any better way to implement this? If in hiera you define a hash of hashes (instead of an array of hashes) you can pass that to create_resources which will create a resource for each hash. -- Ian i.mor...@uq.edu.au Ian Mortimer Tel: +61 7 3346 8528 Science IT University of Queensland I have this implemented[1] such that you define a hash of your mounts somewhere in Hiera. If you want to do a merge lookup against Hiera so that if you specify the hash at multiple levels it gets all that it matches (ie: fqdn, profile and environment levels), you can do this by setting nfs::hiera_hash: true [1] - https://github.com/ghoneycutt/puppet-module-nfs -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/3741b3dd-0dbb-4c29-8d58-06250344289e%40googlegroups.com . For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CACzr%3DFeLHfs-xHmzF4Mqfi3rtJFLnXXmsyZsjskua8sUKuqzfg%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: I need a virtual exported resource, or something similar
Hello guys,
I am working on similar task.
Trying to find the way to define all NFS shares somewhere in the high level
of hierarchy and then just add/remove them on the node level just by name.
So I am using the class which accepts mountpoint names, then I want to do
hiera lookup for each name to expand all the options of the mountpoint and
create resources based on that.
This scenario works well if on the class input I just supply single
mountpoint - then I do hiera(mountpointname) and create_resources()
But if I want to have multiple Mountpoints defined per host I need to
supply an Array to the class and then iterate it and fetch details for each
mountpoint. I can probably do this by using new 3.2 syntax with each, but
I would like to avoid this.
Do you have any better way to implement this?
My target is to define Mountpoints in single place in Hiera and then use it
for different hosts using Hiera.
Andrey
On Thursday, January 9, 2014 9:49:35 AM UTC-5, Stephan wrote:
Hi All,
So here's my use case:
I've got an application with multiple environments, say live, qa and dev,
and each environment has multiple servers. The actual application requires
an NFS mount mounted on each of these servers. Each environment has it's
own NFS drive.
I also have a management server which needs to mount all these NFS drives
of every environment.
I use a mount resource included on each environment server to mount each
NFS drive, with the help of an $environment variable, which points it to
the right share on the NFS server, which is all working fine.
Now I want to puppetize the mounts of all NFS shares on the management
server as well, so I thought of using something like this in the actual
environment server manifest:
@@mount { mgmtnfs-$environment:
name = /$path-$environment
fstype = nfs
}
and I wanted to collect that in the management server manifest with
Mount ||
Problem is that each exported resource must be globally unique across
every single *node*, not for every *environment*. That means that if two
servers export this resource to the same nfs mount I'll get an error. I
don't want an individual nfs mount on the mgmt server per node, but per
environment. So I can't use $host instead of $environment
If I would use local resources in the mgmt server manifest I would have to
set up 10 mount resources individually, since that's how many environments
I have. Actually 30, since every environment has not 1 but 3 separate NFS
mounts. Since that would be a manual step for every new environment, and
duplication of code, I consider it bad practice.
In my head the most elegant solution to this would be to have a resource
which is both virtual and exported, so that it can be requested to be
realized by every environment server, but is collected only once. I don't
think that is currently possible (or is it?). My questions are: Would it be
worth a feature request? And are there other ways to get this done in a
tidy manner?
Thanks
Stephan
Hi,
I handle NFS mounts by declaring them as a hash in Hiera. Through the power
of Hiera, you could specify mounts at any level of the hierarchy including
per host and/or per environment. The mount itself is done with the types[1]
module and handling the nfs client portion is handled by the nfs[2] module.
Example Hiera entry using the YAML backend
types::mounts:
/srv/nfs/home:
device: nfsserver:/export/home
fstype: nfs
options: rw,rsize=8192,wsize=8192
[1] - https://github.com/ghoneycutt/puppet-module-types
[2] - https://github.com/ghoneycutt/puppet-module-nfs
BR,
-g
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/1bbdf73d-5b5e-40f3-b6d4-b8e60f89511b%40googlegroups.com
.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CACzr%3DFfw_MGcXQXA956GAg3fCHwEWjv9-%3DxkDtRYEYHSj_W%3DDQ%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] puppetlabs mcollective module + clustering
Is anyone using mcollective module from puppetlabs? is there built-in way to configure activemq clustering between 2 DCs which I am missing? Andrey -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CACzr%3DFdxVDtCAe6LuVyWz8dob7vpX7qeBxOmrUM%3DfkjtSRD_2w%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Single certificate, multiple nodes... or image-based systems
Maybe look into running masterless to avoid problems with certs. Just run puppet apply on the new server. On 9 Jan 2014 09:42, Pablo Fernandez pablo.fernan...@cscs.ch wrote: Dear all, We are thinking about the possibility of using Puppet in an image-based cluster. The compute nodes would boot and load the whole image to a ramdisk, where r/w access is granted afterwards. Our idea is to have a sample compute node running puppet where to create the image from, and periodically extract a new image from it. Nodes that reboot, simply take that image, change the hostname and IP addresses, and little more (typical in image-based systems). The nice thing about this is that, since the source image is from a puppetized host, its clones will be as well! So changes in the puppet configuration will be applied immediately to the nodes. Does it sound right? I currently foresee a problem with the puppet node certificates: is it possible to use a generic certificate, to enable trust between puppet server and clients, but having each node a different fqdn and be treated by puppet as different hosts (including PuppetDB entries)? I saw different facts for each: ::clientcert and ::fqdn, that gave me hopes. Besides that, do you see any other problem with this type of deployment? Does anybody have experience with something similar? Thanks! BR/Pablo -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/52CE6F14.7060508%40cscs.ch. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CACzr%3DFc4fKWeGA%3Dz%2B0taUdCognf7mjoReqCTj-WHm7mvachBvQ%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Single certificate, multiple nodes... or image-based systems
Autosign will be not enough, since if server has already signed - it will show cert mismatch. you can trigger cert clean every time you reimage server. On 9 Jan 2014 12:40, Pablo Fernandez pablo.fernan...@cscs.ch wrote: Thanks for your suggestions, Running masterless is a bit too exotic, since we would like to use all those nice features that make a Puppet installation complete: specially hiera searches and PuppetDB. Modules, too, should be compatible with other clusters, so no big deviations can occur. Enabling auto-sign, as Jose Luis suggested, may be a possibility. I have just checked myself if autosign works if the same node was already registered in the CA... but according to the documentation it does not look like it, not to mention the security issues that come with it. Does the certificate name need to match the fqdn for puppet to allow connections? Thanks! BR/Pablo On 01/09/2014 12:16 PM, Andrey Kozichev wrote: Maybe look into running masterless to avoid problems with certs. Just run puppet apply on the new server. On 9 Jan 2014 09:42, Pablo Fernandez pablo.fernan...@cscs.ch wrote: Dear all, We are thinking about the possibility of using Puppet in an image-based cluster. The compute nodes would boot and load the whole image to a ramdisk, where r/w access is granted afterwards. Our idea is to have a sample compute node running puppet where to create the image from, and periodically extract a new image from it. Nodes that reboot, simply take that image, change the hostname and IP addresses, and little more (typical in image-based systems). The nice thing about this is that, since the source image is from a puppetized host, its clones will be as well! So changes in the puppet configuration will be applied immediately to the nodes. Does it sound right? I currently foresee a problem with the puppet node certificates: is it possible to use a generic certificate, to enable trust between puppet server and clients, but having each node a different fqdn and be treated by puppet as different hosts (including PuppetDB entries)? I saw different facts for each: ::clientcert and ::fqdn, that gave me hopes. Besides that, do you see any other problem with this type of deployment? Does anybody have experience with something similar? Thanks! BR/Pablo -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/52CE6F14.7060508%40cscs.ch . For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CACzr%3DFc4fKWeGA%3Dz%2B0taUdCognf7mjoReqCTj-WHm7mvachBvQ%40mail.gmail.com . For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/52CE98CA.3070206%40cscs.ch. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CACzr%3DFdUOgayb1U9-j0G%3DEHfRuamCqGTtBNBvq9e015ZHAg-og%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Single certificate, multiple nodes... or image-based systems
not entirely image-based, when new server was booted for the first time: 1. it made http call to puppetmaster with it's hostname to do puppet cert clean hostname 2. do puppet run 3. made HTTP call to do puppet cert sign It was kind of autosign + in case of CERT already existed it was removed and re-generated sure security is poor in this approach, but it can be limited to only build vlan. Andrey On 9 January 2014 15:12, Pablo Fernandez pablo.fernan...@cscs.ch wrote: I understand your point. I guess the SSL layer will render the request as illegitimate, but even if it doesn't, it may be playing with fire :) Thanks all for your thoughts, let me then present this as a generic question: did anybody try puppet on image-based systems? It would be wonderful to get some first-hand hints. Thanks again! BR/Pablo On 01/09/2014 04:05 PM, jcbollinger wrote: On Thursday, January 9, 2014 6:40:42 AM UTC-6, pablo.f...@cscs.ch wrote: Thanks for your suggestions, Running masterless is a bit too exotic, since we would like to use all those nice features that make a Puppet installation complete: specially hiera searches and PuppetDB. Modules, too, should be compatible with other clusters, so no big deviations can occur. Enabling auto-sign, as Jose Luis suggested, may be a possibility. I have just checked myself if autosign works if the same node was already registered in the CA... but according to the documentation it does not look like it, not to mention the security issues that come with it. Does the certificate name need to match the fqdn for puppet to allow connections? I'm not certain, but even if not, what you propose is dangerous. The master uses the certificate presented by the agent not just to authorize the agent, but also to *identify* it. If all your nodes present the same certificate to the master, then they all claim to be the same machine, which is a lie. I don't foresee any specific failure scenarios associated with that, but it is unwise to mess with the system's underlying assumptions in such a way. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/3c8f53f8-09a2-4bd8-8fa8-1986efdafeb3%40googlegroups.com . For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/52CEBC6A.3070403%40cscs.ch. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CACzr%3DFcMAcV6BN0ntV2K4ABPQgQco57-XJRyqdbcM7y571F_7A%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Where do custom facter facts go on the Learning VM ? Is that the cause of these behaviors?
i think everything is fine with your code.
Problem might be with location.
Dont know about PE, but for facter if you do export FACTERLIB= you dir,
then you can run facter to see your custom fact
On 8 Jan 2014 21:52, Shark Laser sharklaser1...@gmail.com wrote:
Platform: I've downloaded and installed the learning VM. This system
runs CentOS with Facter v1.7.3 and Puppet v3.3.1 (Puppet Enterprise
3.1.0).
I've created a fact called hello.rb with the following content:
Facter.add(:hello) do
setcode do
Hello world!
end
end
I've placed the file in /etc/puppetlabs/facter/facts.d (I made this
directory since the tutorial said to create it if it did not exist).
I added a line to /etc/puppetlabs/puppet/manifests/site.pp for the default
node: notify { $::hello: } .If I run puppet agent --test, it behaves
as if my custom fact does not exist:
Notice: undef
Notice: /Stage[main]//Node[default]/Notify[undef]/message: defined
'message' as 'undef'
So then the instructions said we could debug the fact by running facter
--debug. If I do this, I see an error:
Fact file /etc/puppetlabs/facter/facts.d/hello.rb was parsed but returned
an empty data set
I thought this meaningful but the same error will occur for any Facter
custom fact I put in there. Even verbatim copy/paste jobs from known
working examples off the tutorial. Does anyone know what is going
on?I can't tell if the fact is in the wrong directory for Puppet when
it uses Facter, but for some reason Facter sees it when run in
standalone?If the latter is the case, why do I get these parse errors
despite having valid source?
Thanks for any help.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/90578665-1151-4df5-8a46-27e03ab877d6%40googlegroups.com
.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CACzr%3DFeponBw8Q3DEM3HXy9FCCDPcszp57ejNyWzSEYSq_r6KQ%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] only subclasses can modify ?
You need to inherit users::local in users::modify
On 7 Jan 2014 10:12, Klavs Klavsen kl...@enableit.dk wrote:
I'm trying to modify certain users, created with by calling the define
users::local.
I tried to do it, by calling users::local::modify - but then puppet
complains that only subclasses may modify.. :(
What am I doing wrong here?
Code:
define users::local
($uid,$gid,$realname,$groups=[],$pass='',$sshkey=,$shell=/bin/bash,$home=/home/$title)
{
user { $title:
ensure = present,
uid = $uid,
gid = $gid,
groups = $groups,
shell = $shell,
home= $home,
comment = $realname,
password = $pass ? {
'' = undef,
default = $pass
},
managehome = true,
}
if ( $sshkey != ) {
ssh_authorized_key { $title:
ensure = present,
type= dsa,
key = $sshkey,
user= $title,
require = User[$title],
name= $title,
}
}
}
define users::local::modify
($uid='',$gid='',$realname='',$groups=[],$pass='',$sshkey=,$shell=/bin/bash,$home=/home/$title)
{
if ( ! empty($groups) ) {
User[$title] { groups = $groups }
}
}
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/77b419a4-e8da-42e8-921e-72156b1816ba%40googlegroups.com
.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CACzr%3DFdHA_avBvxioueMqbn5UzaxoEGCHVo%2BxmwCNqvu0BBrBw%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Hiera and puppet apply/puppet agent
Content of the yaml file - any quotes there which might cause issues?
Try puppet master compile for the node - is it failing as well?
What version of Puppet are you running?
*3.4.1 for both master and agent*
As what user is the master running? (Typically an unprivileged user named
'puppet'.)
*The master is running as user puppet*
As what user are you running the agent in your tests?
*I am running the agent and the apply commands on the master as the root
user*
As what user are you running puppet apply in your tests?
*root*
What are the ownership and permissions of /etc/puppet/data/loc.example.
com/production/Debian/wheezy.yaml and all the directories in the path to
it? Do any of those have extended ACLs set on them?
*The permissions of the directory and the yaml file are root:root. No
ALC's. I chown-ed then to puppet:puppet with the same result.*
Are you running SELinux in enforcing mode? If so, then do you see
relevant AVC messages in the system log?
*This is a Debian Wheezy, so no selinux or apparmor on it.*
The bellow works fine with this:
$ puppet apply --debug --environment=production -e '$test =
hiera('ssh_service_config') notify { $::test: }'
Debug: hiera(): Hiera YAML backend starting
Debug: hiera(): Looking up ssh_service_config in YAML backend
Debug: hiera(): Looking for data source defaults
Debug: hiera(): Looking for data source puppetmaster.iad3.example.com
Debug: hiera(): Cannot find datafile
/etc/puppet/data/puppetmaster.iad3.example.com.yaml, skipping
Debug: hiera(): Looking for data source production/Debian/wheezy
*Debug: hiera(): Found ssh_service_config in production/Debian/wheezy*
but not with
$ pupept agent -tv
*Error: Could not retrieve catalog from remote server: Error 400 on SERVER:
Could not find data item ssh_package_name in any Hiera data file and no
default supplied at
/srv/puppet/environments/production/modules/ssh/manifests/install.pp:2 on
node puppetmaster.iad3.example.com http://puppetmaster.iad3.example.com*
:hierarchy:
- %{::environment}/%{::osfamily}/%{::lsbdistcodename} --- This
works with puppet apply, but not puppet agent -tv
This is really strange, any help will be greatly appreciated. (Appending
the domain fact produces the same result)
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/2df4b281-7a41-4f16-a59f-34c574ae985f%40googlegroups.com
.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CACzr%3DFfVASm%3DOU7ep70th5Pqzrsht0VDo7M-yd7T60cBBrxkJA%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] dashed by dashboard
Yum expects to find rpm package and you installed it from gem. On 6 Jan 2014 18:36, Stuart Cracraft smcracr...@gmail.com wrote: So I have decided to give Foreman a try. Yet, the following occurred when I tried to install It. Ruby enthusiasts, any thoughts? The rest-client installed is 1.6.7 but the foreman installer install doesn't see it. # gem list | grep rest rest-client (1.6.7) # yum -y install foreman-installer Loaded plugins: product-id, rhnplugin, security, subscription-manager, : versionlock This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register. This system is receiving updates from RHN Classic or RHN Satellite. Setting up Install Process Resolving Dependencies -- Running transaction check --- Package foreman-installer.noarch 1:1.3.1-1.el6 will be installed -- Processing Dependency: rubygem-foreman_api = 0.1.4 for package: 1:foreman-installer-1.3.1-1.el6.noarch -- Processing Dependency: rubygem-kafo for package: 1:foreman-installer-1.3.1-1.el6.noarch -- Processing Dependency: rubygem-highline for package: 1:foreman-installer-1.3.1-1.el6.noarch -- Running transaction check --- Package rubygem-foreman_api.noarch 0:0.1.9-1.el6 will be installed -- Processing Dependency: rubygem(rest-client) = 1.6.1 for package: rubygem-foreman_api-0.1.9-1.el6.noarch -- Processing Dependency: rubygem(oauth) for package: rubygem-foreman_api-0.1.9-1.el6.noarch --- Package rubygem-highline.noarch 0:1.4.0-2.el6 will be installed --- Package rubygem-kafo.noarch 0:0.2.2-1.el6 will be installed -- Processing Dependency: rubygem(rdoc) for package: rubygem-kafo-0.2.2-1.el6.noarch -- Processing Dependency: rubygem(powerbar) for package: rubygem-kafo-0.2.2-1.el6.noarch -- Processing Dependency: rubygem(logging) for package: rubygem-kafo-0.2.2-1.el6.noarch -- Processing Dependency: rubygem(clamp) for package: rubygem-kafo-0.2.2-1.el6.noarch -- Running transaction check --- Package rubygem-clamp.noarch 0:0.6.1-9.el6 will be installed --- Package rubygem-foreman_api.noarch 0:0.1.9-1.el6 will be installed -- Processing Dependency: rubygem(rest-client) = 1.6.1 for package: rubygem-foreman_api-0.1.9-1.el6.noarch --- Package rubygem-logging.noarch 0:1.8.1-25.el6 will be installed -- Processing Dependency: rubygem(multi_json) = 1.3.6 for package: rubygem-logging-1.8.1-25.el6.noarch -- Processing Dependency: rubygem(little-plugger) = 1.1.3 for package: rubygem-logging-1.8.1-25.el6.noarch --- Package rubygem-oauth.noarch 0:0.4.7-5.el6 will be installed --- Package rubygem-powerbar.noarch 0:1.0.11-7.el6 will be installed -- Processing Dependency: rubygem(hashie) = 1.1.0 for package: rubygem-powerbar-1.0.11-7.el6.noarch -- Processing Dependency: rubygem(ansi) = 1.4.0 for package: rubygem-powerbar-1.0.11-7.el6.noarch --- Package rubygem-rdoc.x86_64 0:3.12-12.el6 will be installed -- Running transaction check --- Package rubygem-ansi.noarch 0:1.4.3-0.el6 will be installed --- Package rubygem-foreman_api.noarch 0:0.1.9-1.el6 will be installed -- Processing Dependency: rubygem(rest-client) = 1.6.1 for package: rubygem-foreman_api-0.1.9-1.el6.noarch --- Package rubygem-hashie.noarch 0:2.0.5-0.el6 will be installed --- Package rubygem-little-plugger.noarch 0:1.1.3-17.el6 will be installed --- Package rubygem-multi_json.noarch 0:1.3.6-11.el6 will be installed -- Finished Dependency Resolution Error: Package: rubygem-foreman_api-0.1.9-1.el6.noarch (foreman) Requires: rubygem(rest-client) = 1.6.1 You could try using --skip-broken to work around the problem You could try running: rpm -Va --nofiles --nodigest # On Monday, December 30, 2013 3:22:07 PM UTC-8, Stuart Cracraft wrote: I would take any reasonable console as long as it has a very visual operation and is trivial to install. Dashboard definitely is not the latter in my 'umble opinion. On Dec 30, 2013, at 3:17 PM, Felix Frank felix.fr...@alumni.tu-berlin.de wrote: 3. What can you rule out as possible causes by now? ++ While I appreciate this approach, I don't think it will help. I followed as much ++ as possible with: http://docs.puppetlabs.com/dashboard/manual/1.2/bootstrapping.html but it blows up at Preparing Schema. That sounds like useful info. I hope someone can help you from there - never played with dashboard myself. There may be other aspects that don't spring to my mind right now. I recommend reviewing the community guideline. ++ Be glad to. Where is it posted? http://docs.puppetlabs.com/community/community_guidelines.html Regards -- You received this message because you are subscribed to a topic in the Google Groups Puppet Users group. To unsubscribe from this topic, visit https://groups.google.com/d/ topic/puppet-users/XYf9pNGRVmY/unsubscribe. To unsubscribe from this group and all its topics, send an email to
Re: [Puppet Users] Hiera and puppet apply/puppet agent
I assume ssh_service_config is indeed defined in your yaml file?
I would suggest to define it in the top level hierarchy in defaults and
then gradually move 1 level down until you find when it disappears.
Andrey
On 6 January 2014 19:20, kai kaiva...@gmail.com wrote:
I have the following hiera.yaml file:
---
:backends:
- yaml
- file
:hierarchy:
- defaults
- %{clientcert}
* - %{::domain}/%{::environment}/%{::osfamily}/%{::lsbdistcodename}*
- global
:yaml:
:datadir: /etc/puppet/data
and the following in /etc/puppet/data:
*loc.example.com/production/Debian/wheezy.yaml
http://loc.example.com/production/Debian/wheezy.yaml*
The domain fact returns loc.example.com, the osfamily fact returns Debian
and the lsbdistcodename returns wheezy.
When I run
puppet apply --environment=production -e '$test =
hiera('ssh_service_config') notify { $test: }'
I get the ssh_service_config variable from the /etc/puppet/data/
loc.example.com/production/Debian/wheezy.yaml file, which in my mind
means that the correct file was chosen based on the 3 facts (environment.
osfamily and lsbdistcodename), which is what I want.
However if I run:
$ puppet agent -tv --environment=production
Info: Retrieving plugin
Error: Could not retrieve catalog from remote server: Error 400 on SERVER:
Could not find data item ssh_package_name in any Hiera data file and no
default supplied at
/srv/puppet/environments/production/modules/ssh/manifests/install.pp:2 on
node puppetmaster.iad3.example.com
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Or:
$ hiera -d ssh_service_config environment=production osfamily=Debian
lsbdistcodename=wheezy
DEBUG: 2014-01-06 19:18:08 +: Hiera YAML backend starting
DEBUG: 2014-01-06 19:18:08 +: Looking up ssh_service_config in YAML
backend
DEBUG: 2014-01-06 19:18:08 +: Looking for data source defaults
DEBUG: 2014-01-06 19:18:08 +: Looking for data source global
DEBUG: 2014-01-06 19:18:08 +: Hiera File backend starting
DEBUG: 2014-01-06 19:18:08 +: Looking up ssh_service_config in File
backend
DEBUG: 2014-01-06 19:18:08 +: Hiera File_backend: looking for data
source 'defaults'
DEBUG: 2014-01-06 19:18:08 +: Cannot find datafile
/var/lib/hiera/defaults.d, skipping
DEBUG: 2014-01-06 19:18:08 +: Hiera File_backend: looking for data
source 'global'
DEBUG: 2014-01-06 19:18:08 +: Cannot find datafile
/var/lib/hiera/global.d, skipping
nil
Any idea what is going on? I would like to have a simple hierarchy like
the one in the hiera.yaml file, based on the three facts.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/f139fb4c-92f2-4616-a522-6bd69ecfd9fb%40googlegroups.com
.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CACzr%3DFeuv1muX5AkGraxVf6d8E9m0x3HSuZX6hR5%3Dnmj9%2B%2Bp8w%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Hiera and puppet apply/puppet agent
Anything in the puppet master logs?
Not sure, but i think puppet apply - hiera lookup is done by client,
puppet agent - lookup is done by puppet master.
Andrey
On 6 Jan 2014 21:33, kai kaiva...@gmail.com wrote:
Yes it's defined in :
*%{::domain}/%{::environment}/%{::osfamily}/%{::lsbdistcodename}*
which is expanded to loc.example.com/production/Debian/wheezy.yaml
The problem is that when I run:
$ puppet apply --environment=production -e '$test =
hiera('ssh_service_config') notify { $test: }'
Debug: hiera(): Looking for data source
loc.example.com/production/Debian/wheezy
Debug: hiera(): Found ssh_service_config in
loc.example.com/production/Debian/wheezy
it works just fine, but when I use:
$ puppet agent -tv
it fails to find the variable. If I remove the *%{::domain} *however then
it works with puppet agent as well.
$ facter domain
loc.example.com
On Monday, January 6, 2014 2:34:00 PM UTC-6, Andrew wrote:
I assume ssh_service_config is indeed defined in your yaml file?
I would suggest to define it in the top level hierarchy in defaults and
then gradually move 1 level down until you find when it disappears.
Andrey
On 6 January 2014 19:20, kai kaiv...@gmail.com wrote:
I have the following hiera.yaml file:
---
:backends:
- yaml
- file
:hierarchy:
- defaults
- %{clientcert}
* - %{::domain}/%{::environment}/%{::osfamily}/%{::lsbdistcodename}*
- global
:yaml:
:datadir: /etc/puppet/data
and the following in /etc/puppet/data:
*loc.example.com/production/Debian/wheezy.yaml
http://loc.example.com/production/Debian/wheezy.yaml*
The domain fact returns loc.example.com, the osfamily fact returns
Debian and the lsbdistcodename returns wheezy.
When I run
puppet apply --environment=production -e '$test =
hiera('ssh_service_config') notify { $test: }'
I get the ssh_service_config variable from the /etc/puppet/data/
loc.example.com/production/Debian/wheezy.yaml file, which in my mind
means that the correct file was chosen based on the 3 facts (environment.
osfamily and lsbdistcodename), which is what I want.
However if I run:
$ puppet agent -tv --environment=production
Info: Retrieving plugin
Error: Could not retrieve catalog from remote server: Error 400 on
SERVER: Could not find data item ssh_package_name in any Hiera data file
and no default supplied at /srv/puppet/environments/
production/modules/ssh/manifests/install.pp:2 on node
puppetmaster.iad3.example.com
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Or:
$ hiera -d ssh_service_config environment=production osfamily=Debian
lsbdistcodename=wheezy
DEBUG: 2014-01-06 19:18:08 +: Hiera YAML backend starting
DEBUG: 2014-01-06 19:18:08 +: Looking up ssh_service_config in YAML
backend
DEBUG: 2014-01-06 19:18:08 +: Looking for data source defaults
DEBUG: 2014-01-06 19:18:08 +: Looking for data source global
DEBUG: 2014-01-06 19:18:08 +: Hiera File backend starting
DEBUG: 2014-01-06 19:18:08 +: Looking up ssh_service_config in File
backend
DEBUG: 2014-01-06 19:18:08 +: Hiera File_backend: looking for data
source 'defaults'
DEBUG: 2014-01-06 19:18:08 +: Cannot find datafile
/var/lib/hiera/defaults.d, skipping
DEBUG: 2014-01-06 19:18:08 +: Hiera File_backend: looking for data
source 'global'
DEBUG: 2014-01-06 19:18:08 +: Cannot find datafile
/var/lib/hiera/global.d, skipping
nil
Any idea what is going on? I would like to have a simple hierarchy like
the one in the hiera.yaml file, based on the three facts.
--
You received this message because you are subscribed to the Google
Groups Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send
an email to puppet-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/
msgid/puppet-users/f139fb4c-92f2-4616-a522-6bd69ecfd9fb%
40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/126d00bd-2254-49a0-938b-db55a828a702%40googlegroups.com
.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CACzr%3DFf5QvFxJZkOqA-0CZHLnPyQViN7F4hhOYdGK8EVAAkv-g%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] sudo class not found
init.pp should be inside the manifests folder.
On 7 Jan 2014 07:03, Tim Dunphy bluethu...@gmail.com wrote:
Hey all,
I'm attempting to follow along with the puppet pro book. And I'm trying
to create my first module without much success.
This is the error that I'm getting when I do a puppet run:
[root@puppet:/etc/puppet] #puppet agent --test
Info: Retrieving plugin
Error: Could not retrieve catalog from remote server: Error 400 on SERVER:
Could not find class sudo for puppet.jokefire.com on node
puppet.jokefire.com
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
This is where I'm setting my modules directory to be stored in the
puppet.conf file:
## Where puppet keeps it's modules
modulepath = $confdir/modules
This is my modules dir
root@puppet:/etc/puppet] #ls -ld /etc/puppet/modules
drwxr-xr-x 5 puppet puppet 4096 Jan 7 01:33 /etc/puppet/modules
And the contents thereof:
[root@puppet:/etc/puppet] #ls -l /etc/puppet/modules
total 8
drwxr-xr-x 3 puppet puppet 4096 Jan 7 01:33 mysql
drwxr-xr-x 6 puppet puppet 4096 Jan 7 01:54 sudo
Contents of sudo
[root@puppet:/etc/puppet] #ls -l modules/sudo/
total 16
drwxr-xr-x 4 puppet puppet 4096 Jan 7 01:33 files
-rw-r--r-- 1 puppet puppet 399 Jan 7 01:54 init.pp
drwxr-xr-x 3 puppet puppet 4096 Jan 7 01:33 manifests
drwxr-xr-x 3 puppet puppet 4096 Jan 7 01:33 templates
And this is what /etc/puppet/modules/sudo/init.pp looks like:
[root@puppet:/etc/puppet] #cat modules/sudo/init.pp
class sudo {
package { sudo:
ensure = present,
}
if $operatingsystem == Ubuntu {
package { sudo-ldap:
ensure = present,
require = Package[sudo],
}
}
file { /etc/sudoers:
owner = root,
group = root,
mode = 0440,
source = puppet:///modules/sudo/etc/sudoers,
require = Package[sudo],
}
}
I'm on puppet 3.4.1 and CentOS release 6.5
Can anyone please help me out as to why my puppet server isn't finding
this module?
Thanks
Tim
--
GPG me!!
gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAOZy0emU2Sx-MLxjn%3D_qRQyF4GURgUucKvzUrVi%3DCARs62hBtw%40mail.gmail.com
.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CACzr%3DFfKSBzMaeGPUaerNAM%3DuBTaL3y1eC%2B_DHnPT2HcPozp9Q%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Hiera + parametrised classes
Hi!
Couldn't find the answer in the documentation.
Is it possible to source data from Hiera directly into parametrised classes?
To explain:
I have class mcollective(type,middleware_hosts,securityprovider )
Can I define all arguments for this class in Hiera and fetch them all in
one Hiera call and then use to declare the class?
Similar what is done with create_resources for defined type but for Class?
Just seems waste to me doing individually:
$type = hiera('mcollective::type')
$middleware_hosts = hiera('mcollective::middleware_hosts')
and then in the class declaration:
class { '::mcollective':
type = $type
middleware_hosts = $middleware_hosts
Andrey
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CACzr%3DFf9kEP7nzX8D72Kw2Uj_J%3DTgyMO5jkckuYz60qDJE%2BB2A%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Hiera + parametrised classes
dahhh, tried to invent a bicycle, thanks :) On 3 January 2014 15:08, Felix Frank felix.fr...@alumni.tu-berlin.dewrote: Hi, you didn't look hard enough ;-) http://docs.puppetlabs.com/hiera/1/puppet.html#automatic-parameter-lookup HTH, Felix On 01/03/2014 03:54 PM, Andrey Kozichev wrote: Hi! Couldn't find the answer in the documentation. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/52C6D281.607%40alumni.tu-berlin.de . For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CACzr%3DFf6zWuQ8qcv-Ly4gsF2rYMVNsk2d_Bf3o%2B4vCve8SmxNg%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Hiera + parametrised classes
Thanks, interesting.
Do you use this instead of hiera_include + automatic lookups?
Andrey
On 3 January 2014 16:23, Fabrice Bacchella fbacche...@spamcop.net wrote:
I defined a custom ruby function called create_type
Then if in my hiera, I define :
localclasses:
- class1:
arg1: value
arg2: value
- class2:
arg1: value
arg2: value
- class3
A simple call to :
$localclasses = hiera_array(localclasses, [])
create_type(class, $localclasses) will do the trick.
I use hiera_array to merge many hiera files.
It allows to have very readable hiera files to my taste.
I wrote create_type to have a ressource creation that was not too picky
about the way it's called.
You need to put create_type.rb in modules/lib/puppet/parser/functions
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/0C0BCC51-CB2A-4E74-AA7A-B027B5FC1DB2%40spamcop.net
.
For more options, visit https://groups.google.com/groups/opt_out.
Le 3 janv. 2014 à 15:54, Andrey Kozichev akozic...@gmail.com a écrit :
Hi!
Couldn't find the answer in the documentation.
Is it possible to source data from Hiera directly into parametrised
classes?
To explain:
I have class mcollective(type,middleware_hosts,securityprovider )
Can I define all arguments for this class in Hiera and fetch them all in
one Hiera call and then use to declare the class?
Similar what is done with create_resources for defined type but for Class?
Just seems waste to me doing individually:
$type = hiera('mcollective::type')
$middleware_hosts = hiera('mcollective::middleware_hosts')
and then in the class declaration:
class { '::mcollective':
type = $type
middleware_hosts = $middleware_hosts
Andrey
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CACzr%3DFf9kEP7nzX8D72Kw2Uj_J%3DTgyMO5jkckuYz60qDJE%2BB2A%40mail.gmail.com
.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CACzr%3DFc0Y0dZgFfWAJZyn-nLnSBp4F-%2BOnR%2BvNQJp3%3DP%2BF5AMQ%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] run puppet for few modules only, not for all catalogue
Thanks a lot Martin! This is exactly what I need. On 19 Jul 2012, at 12:44, Martin Alfke tux...@gmail.com wrote: Hi On 19.07.2012, at 11:52, Andrew wrote: I am looking the way to apply only few selected modules to the puppet node instead of all catalogue. I need this step to be done as the part of the maintenance. If you are using modules you can use tags. Each module is also a tag. Example you have three modules: moduledir/apache/manifests... moduledir/mysql/manifests... moduledir/base/manifests... you can use tags to run one or some modules only: puppet agent --test --tags=apache puppet agent --test --tags=apache,mysql hth, Martin As of now the only idea I have - is to expose puppet tree via nfs or HTTP, download/mount only modules I need and run puppet in standalone mode like puppet --apply. Just wandering if there are a better way to do it? PS: sent it by email, but don't see my post, sorry if it will be duplicate -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/1u_WWKkrWKkJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
