from:"Christopher Johnston"

Re: AW: [Puppet Users] OT: Monitoring solutions

2012-06-25 Thread Christopher Johnston

I use pnp4nagios with icinga, and use the graphite branch (some mods
required).  Otherwise the RRD setup works well too.

On Mon, Jun 25, 2012 at 8:58 AM, Kyle Sexton  wrote:

> Curious if Icinga has integrated graphing or if it's an add-on since it's
> based on Nagios.  Overall you are pleased with the solution?
>
> Sent from my iPhone
>
> On Jun 25, 2012, at 7:45 AM, Bernd Adamowicz 
> wrote:
>
> > We got a totally integrated solution made up with Puppet, Icinga and
> stored resources. When integrating a new host into Puppet, one just has to
> wait until it gets monitored in Icinga - no more work to do. Some details
> are found here: http://www.bernd-adamowicz.de/tag/monitoring/
> >
> > Bernd
> >
> >
> >> -Ursprüngliche Nachricht-
> >> Von: puppet-users@googlegroups.com [mailto:puppet-
> >> us...@googlegroups.com] Im Auftrag von Kyle Sexton
> >> Gesendet: Sonntag, 24. Juni 2012 22:46
> >> An: puppet-users@googlegroups.com
> >> Betreff: [Puppet Users] OT: Monitoring solutions
> >>
> >> All,
> >>
> >> I'm curious what monitoring solutions everyone is using and recommend,
> >> some of the ones I've been looking at recently:
> >>
> >> Nagios: Old stand-by, used quite a bit but doesn't provide a cohesive
> >> solution (have to have add-ons for graphing, etc..)
> >> Zabbix: Currently using, decent but seems to be a bit resource
> >> intenstive
> >> Zenoss: Never used, no opinion yet
> >> Icinga: Never used, Nagios fork that I have no opinion on yet
> >> Shinkin: Never used, no opinion yet
> >> Centreon: Never used, no opinion yet
> >>
> >> There are (lots) more out there, recommendations from someone who has
> >> used the product would be great to hear.  Obviously integration into
> >> puppet would be a great feature to have. :)
> >>
> >> Thanks,
> >> Kyle Sexton
> >>
> >> --
> >> You received this message because you are subscribed to the Google
> >> Groups "Puppet Users" group.
> >> To post to this group, send email to puppet-users@googlegroups.com.
> >> To unsubscribe from this group, send email to puppet-
> >> users+unsubscr...@googlegroups.com.
> >> For more options, visit this group at
> >> http://groups.google.com/group/puppet-users?hl=en.
> >
> > --
> > You received this message because you are subscribed to the Google
> Groups "Puppet Users" group.
> > To post to this group, send email to puppet-users@googlegroups.com.
> > To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> > For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
> >
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet / scalability

2012-05-14 Thread Christopher Johnston

3k? I know of larger but can't comment on who they are, but they are close
to 8-10k nodes AFAIK if not more by now.

On Mon, May 14, 2012 at 2:53 AM, Alex Harvey  wrote:

> Hi list,
>
> I am looking at configuration management tool options.
>
> I have a large fleet (> 3,000 hosts) and highly heterogeneous
> (RHEL3-5, CentOS, 5RH7, Solaris 10 LDOMs/zones, Solaris 8-9, AIX 5.3 &
> 6.1 LPARs, HP-UX & Tru64 + Windows).  We care mainly about RHEL and
> new versions of Solaris & AIX but ability to compile on older versions
> is an advantage.  Probably, the Windows will be managed by SCCM.
>
> I have read that Puppet could have scalability problems to a site as
> large as ours.  To keep this simple, I'd like feedback on whether that
> is likely to be true for us.
>
> A rep from CFengine has told me that ours would be the largest Puppet
> site in the world (I think that's not true).  Could someone confirm?
>
> General feedback also welcome.
>
> Kind regards,
> Alex Harvey
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Facts loading 4-5x

2012-03-28 Thread Christopher Johnston

Is there any reason why my facts are loading 4-5x (I have even seen 6x) on
puppet client runs?  I am running 2.7.9, I remember running 2.6 and seeing
usually 2x.  Is there a known bug here or some configuration problem that
could be causing this?

Some of my facts collect/parse a bunch of data and can be time consuming.
 Adding an extra few seconds may not seem like a lot but when doing that
across several 100 nodes at a time it adds up it seems a bit excessive.

-Chris

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: node regex not working in 2.7.9

2012-02-23 Thread Christopher Johnston

I think I found my issue, we may have had doubling of node types.

One file has node /someregex/, and another has node theactualhost, so could
be that we are duplicating node definition/namespaces.

-Chris


On Thu, Feb 23, 2012 at 1:37 PM, Christopher Johnston wrote:

> John,
>
> Thx for your reply, yea putting notifies in would be useful but simply
> seeing the class not get run or not included in classes.txt is also an
> indicator that its not working.
>
> I actually have a few regex for standard hostnames in our company here,
> simple stuff that is service oriented dev*, etc
>
> node /^dev[1-2]\..*\.(com|int)$/ {
>   include server::dev
> }
>
> That is one node type that is NOT working, the regex is plain/simple and
> looks like it should work to me.  We make a backup of our classes.txt daily
> and I looked at the day from right before the upgrade and it was working
> correctly.  Since the upgrade it fails.
>
> I also just for testing purposes I loaded up the FQDN of the host in the
> regex match and it works fine.  But anything where we are looking for
> complex (well not really) matching it fails.
>
> Putting a node type for every single host is way overkill, regexes should
> just work and are very convenient for our environment as we are very
> particular about hostname standards since our servers are generally service
> oriented and require a specific class for that service.
>
> -Chris
>
>
> On Thu, Feb 23, 2012 at 9:34 AM, jcbollinger wrote:
>
>>
>>
>> On Feb 22, 7:42 pm, Christopher Johnston  wrote:
>> > Anyone know of any issues in 2.7.9 when trying to use a regex pattern
>> for
>> > matching a hostname?  If I specify the following below the client never
>> > loads the proper class, but if I put the fully qualified name in it
>> works
>> > fine.
>> >
>> > Fails:
>> >
>> > node /somehost.*/ {
>> >   include some::class
>> > }
>> >
>> > Works:
>> >
>> > node /somehost.domain.com/ {
>> >   include some::class
>> > }
>>
>>
>> That's very surprising, especially since you are using regex in both
>> cases, and any string matched by the longer should also be matched by
>> the shorter.  Are you sure it's the shorter one that fails?  If it
>> were the longer, then that would make some sense because hostnames are
>> often taken as the *unqualified* names.
>>
>> I'm not aware of any issues with node regexes, and I don't see any
>> open issues on that subject in the bug tracker.
>>
>> It should be possible to strip this down to a very simple test case.
>> For example, make this your whole site.pp:
>> 
>> node /somehost.*/ {
>>  notify { 'node declaration': message => "short regex matches '$
>> {hostname}'" }
>> }
>>
>> node /somehost.somedomain.com/ {
>>  notify { 'node declaration': message => "long regex matches '$
>> {hostname}'" }
>> }
>>
>> node default {
>>  notify { 'node declaration': message => "no regex matches '$
>> {hostname}'" }
>> }
>> 
>>
>> If the first regex matches then that node declaration will be used;
>> otherwise, if the second matches then that declaration will be used.
>> If neither regex matches then the default node declaration will be
>> used.  Putting all those in one place allows you to be certain that
>> the same hostname is being tested against each regex, and whichever
>> node declaration is used, the hostname that was tested will be
>> displayed in the client log.  If that doesn't give you enough to work
>> out the problem then please post the actual test manifest and the
>> resulting client log.
>>
>> Some other things to consider:
>> 1) if you plan to match against actual hostnames then regex is way
>> overkill.  Just use the appropriate hostnames themselves (preferrably
>> quoted).
>> 2) the period is a regex metacharacter, so the difference between /
>> somehost.*/ and /somehost\..*/ may be important to you
>> 3) node regexes are not automatically anchored to the beginning or end
>> of the hostname.  If you want that (and it looks like you probably do)
>> then you must put in the anchors yourself (e.g. /^somehost\..*$/).
>>
>>
>> John
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To post to this group, send email to puppet-users@googlegroups.com.
>> To unsubscribe from this group, send email to
>> puppet-users+unsubscr...@googlegroups.com.
>> For more options, visit this group at
>> http://groups.google.com/group/puppet-users?hl=en.
>>
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: node regex not working in 2.7.9

2012-02-23 Thread Christopher Johnston

John,

Thx for your reply, yea putting notifies in would be useful but simply
seeing the class not get run or not included in classes.txt is also an
indicator that its not working.

I actually have a few regex for standard hostnames in our company here,
simple stuff that is service oriented dev*, etc

node /^dev[1-2]\..*\.(com|int)$/ {
  include server::dev
}

That is one node type that is NOT working, the regex is plain/simple and
looks like it should work to me.  We make a backup of our classes.txt daily
and I looked at the day from right before the upgrade and it was working
correctly.  Since the upgrade it fails.

I also just for testing purposes I loaded up the FQDN of the host in the
regex match and it works fine.  But anything where we are looking for
complex (well not really) matching it fails.

Putting a node type for every single host is way overkill, regexes should
just work and are very convenient for our environment as we are very
particular about hostname standards since our servers are generally service
oriented and require a specific class for that service.

-Chris


On Thu, Feb 23, 2012 at 9:34 AM, jcbollinger wrote:

>
>
> On Feb 22, 7:42 pm, Christopher Johnston  wrote:
> > Anyone know of any issues in 2.7.9 when trying to use a regex pattern for
> > matching a hostname?  If I specify the following below the client never
> > loads the proper class, but if I put the fully qualified name in it works
> > fine.
> >
> > Fails:
> >
> > node /somehost.*/ {
> >   include some::class
> > }
> >
> > Works:
> >
> > node /somehost.domain.com/ {
> >   include some::class
> > }
>
>
> That's very surprising, especially since you are using regex in both
> cases, and any string matched by the longer should also be matched by
> the shorter.  Are you sure it's the shorter one that fails?  If it
> were the longer, then that would make some sense because hostnames are
> often taken as the *unqualified* names.
>
> I'm not aware of any issues with node regexes, and I don't see any
> open issues on that subject in the bug tracker.
>
> It should be possible to strip this down to a very simple test case.
> For example, make this your whole site.pp:
> 
> node /somehost.*/ {
>  notify { 'node declaration': message => "short regex matches '$
> {hostname}'" }
> }
>
> node /somehost.somedomain.com/ {
>  notify { 'node declaration': message => "long regex matches '$
> {hostname}'" }
> }
>
> node default {
>  notify { 'node declaration': message => "no regex matches '$
> {hostname}'" }
> }
> 
>
> If the first regex matches then that node declaration will be used;
> otherwise, if the second matches then that declaration will be used.
> If neither regex matches then the default node declaration will be
> used.  Putting all those in one place allows you to be certain that
> the same hostname is being tested against each regex, and whichever
> node declaration is used, the hostname that was tested will be
> displayed in the client log.  If that doesn't give you enough to work
> out the problem then please post the actual test manifest and the
> resulting client log.
>
> Some other things to consider:
> 1) if you plan to match against actual hostnames then regex is way
> overkill.  Just use the appropriate hostnames themselves (preferrably
> quoted).
> 2) the period is a regex metacharacter, so the difference between /
> somehost.*/ and /somehost\..*/ may be important to you
> 3) node regexes are not automatically anchored to the beginning or end
> of the hostname.  If you want that (and it looks like you probably do)
> then you must put in the anchors yourself (e.g. /^somehost\..*$/).
>
>
> John
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: node regex not working in 2.7.9

2012-02-23 Thread Christopher Johnston

Anyone have any ideas here?  All these manifests worked fine in 2.5 puppet and 
suddenly broke in 2.7.9 when we upgraded.  


On Feb 22, 2012, at 8:42 PM, Christopher Johnston  wrote:

> Anyone know of any issues in 2.7.9 when trying to use a regex pattern for 
> matching a hostname?  If I specify the following below the client never loads 
> the proper class, but if I put the fully qualified name in it works fine.
> 
> Fails:
> 
> node /somehost.*/ {
>   include some::class
> }
> 
> Works:
> 
> node /somehost.domain.com/ {
>   include some::class
> }

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] node regex not working in 2.7.9

2012-02-22 Thread Christopher Johnston

Anyone know of any issues in 2.7.9 when trying to use a regex pattern for
matching a hostname?  If I specify the following below the client never
loads the proper class, but if I put the fully qualified name in it works
fine.

Fails:

node /somehost.*/ {
  include some::class
}

Works:

node /somehost.domain.com/ {
  include some::class
}

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] scaling projections for dashboard database?

2012-01-09 Thread Christopher Johnston

How often are you running puppet?  I have 1200 nodes running a few times a week 
and our growth is nothing like that.

 Original message 
Subject: Re: [Puppet Users] scaling projections for dashboard database? 
From: Jo Rhett  
To: puppet-users@googlegroups.com 
CC:  

On Jan 9, 2012, at 2:16 PM, Stefan Heijmans wrote:
Op maandag 9 januari 2012 19:40:00 UTC+1 schreef Jo het volgende:
2. Are there some database cleanup scripts which I have managed to overlook 
that need to be run?

have you tried this?
Cleaning old 
reports http://docs.puppetlabs.com/dashboard/manual/1.2/maintaining.html

perhaps also give the 'optimize the database' as try.

Yeah I saw these. We had a whopping 3 days of collected reports.  I think we 
want a bit more than that available for browsing ;-)  I was wondering if there 
was some hourly cleanup or something which needed to be done?

Is there any reasonable estimate for what amount of space you expect one system 
to use?  I realize this likely varies with the report size, but the rate of 
growth seems high enough that I'm surprised it wasn't mentioned in the 
installation docs.  I mean, it's grown half a gigabyte in the last 6 hours.  
With that kind of growth rate, you'd expect a warning to provide enough space 
for it and how to estimate your needs.

-- 
Jo Rhett
Net Consonance : consonant endings by net philanthropy, open source and other 
randomness

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] copying file(s) from agent to master??

2012-01-09 Thread Christopher Johnston

I think you want to use the filebucket setup for this, I am not 100%
familiar with it though.

On Mon, Jan 9, 2012 at 10:50 AM, Sans  wrote:

> Is there a way to copy file(s) from the Puppet agent back to the
> master? I know it sounds silly but that's what I need to do. This is
> one of the s/w-tag files, gets created/modified automatically by the
> software installation job and then I want to overwrite the tag files
> on two other agents with this one. Is there a why for doing this?
>
> Cheers,
> San
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet Inventory Service

2012-01-04 Thread Christopher Johnston

That could get ugly, so I would have to create one CA, sign it then
distribute it to all of my masters.  Then also delete my certs on the
clients and re-issue new ones.

Is my thinking correct here?

-Chris

On Wed, Jan 4, 2012 at 3:31 PM, Nan Liu  wrote:

> On Wed, Jan 4, 2012 at 12:12 PM, Christopher Johnston
>  wrote:
> > My inventory server is a puppetmaster, but its master of itself and is
> only
> > being using for inventory services.  If I point new clients to it will
> work
> > fine.
> >
> > So think of my setup like this:
> >
> > puppet1.company.com and puppet2.company.com are two dedicated servers in
> > each datacenter that handle local client connectivity only.  By using
> > certname=puppet I can copy the same CA to puppet2.company.com and
> support
> > failing over if the primary server goes down.  This setup is mimic'ed in
> > about 20 other sites.
> >
> > The inventory server is a remote puppet master sitting in a backoffice
> > datacenter that is setup with mysql and puppet dashboard to receive
> reports
> > and inventory services from all 40 of the masters.
> >
> > So with this current arrangement how would I go about making sure the
> > inventory server has a cert that is signed by the 40 other CAs.
>
> Certificate chain is an outstanding bug, so at the moment one CA sign
> all puppet master + inventory server cert.
>
> Nan
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet Inventory Service

2012-01-04 Thread Christopher Johnston

My inventory server is a puppetmaster, but its master of itself and is only
being using for inventory services.  If I point new clients to it will work
fine.

So think of my setup like this:

puppet1.company.com and puppet2.company.com are two dedicated servers in
each datacenter that handle local client connectivity only.  By using
certname=puppet I can copy the same CA to puppet2.company.com and support
failing over if the primary server goes down.  This setup is mimic'ed in
about 20 other sites.

The inventory server is a remote puppet master sitting in a backoffice
datacenter that is setup with mysql and puppet dashboard to receive reports
and inventory services from all 40 of the masters.

So with this current arrangement how would I go about making sure the
inventory server has a cert that is signed by the 40 other CAs.

On Wed, Jan 4, 2012 at 2:55 PM, Nan Liu  wrote:

> On Wed, Jan 4, 2012 at 11:31 AM, Christopher Johnston
>  wrote:
> > If it is a requirement that I have a signed CA, that could be an issue
> as I
> > have two puppet masters in each datacenter that has its own shared CA
> across
> > those two puppet masters only (certname = puppet).  I don't have one
> signed
> > CA that every master is using.
>
> You don't need a signed CA, but rather the two servers certs are
> signed by the same CA, which is the reason for verifying issuer match.
> If your inventory server is also a puppet master, might be easier to
> get that system working first before trying a remote puppet master.
>
> Thanks,
>
> Nan
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet Inventory Service

2012-01-04 Thread Christopher Johnston

So in my auth.conf I have this currently (below), which I think is supposed
to say allow any traffic in from any master I guess I could put those
hostnames in for the puppet hosts with something like puppet*.company.com.
 Do I require SSL auth here?  I am just sending inventory information to a
designated node which is mostly being used for RO (informational) data so
security is not as critical.

If it is a requirement that I have a signed CA, that could be an issue as I
have two puppet masters in each datacenter that has its own shared CA
across those two puppet masters only (certname = puppet).  I don't have one
signed CA that every master is using.

path /facts
auth any
method save
allow *


On Wed, Jan 4, 2012 at 12:36 PM, Nan Liu  wrote:

> On Tue, Jan 3, 2012 at 10:54 AM, Christopher Johnston
>  wrote:
> > I have multiple masters (40+) that reside in remote locations, I want to
> > have them send puppet inventory data to a central inventory with mysql.
> > Once the data is there I would like puppet dashboard installation use
> that
> > data.  I have not been able to get the remote masters to send their data
> > back to the central server.
> >
> > I keep getting an error:
> >
> > err: Could not retrieve catalog from remote server: Error 400 on eth0:
> > certificate verify failed.  This is often because the time is out of
> sync on
> > the server or client
> >
> > On the remote inventory server node I am seeing an SSL error, SSL is
> being
> > used to authenticate the nodes in order to send the inventory data to the
> > remote inventory server?
>
> Is the inventory server certificate sign by the same CA as the remote
> masters?
>
> puppet cert -p inventory_server_cert
> ...
>Issuer: CN=Puppet CA ...
>
> puppet master --configprint certname
> puppet_master_cert
> puppet cert -p puppet_master_cert
> ...
>Issuer: CN=Puppet CA ...
>
> The puppet_master_cert listed above should be in auth.conf as
> specified in this doc:
> http://docs.puppetlabs.com/pe/1.2/upgrading.html
>
> Specifically:
> # Allow puppet master to save facts to the inventory:
> path /facts
> auth yes
> method save
> allow 
>
> Thanks,
>
> Nan
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Puppet Inventory Service

2012-01-04 Thread Christopher Johnston

Puppet dev can help?  I modified auth.conf and it did not seem to help.

On Tue, Jan 3, 2012 at 1:54 PM, Christopher Johnston wrote:

> I have multiple masters (40+) that reside in remote locations, I want to
> have them send puppet inventory data to a central inventory with mysql.
> Once the data is there I would like puppet dashboard installation use that
> data.  I have not been able to get the remote masters to send their data
> back to the central server.
>
> I keep getting an error:
>
> err: Could not retrieve catalog from remote server: Error 400 on eth0:
> certificate verify failed.  This is often because the time is out of sync
> on the server or client
>
> On the remote inventory server node I am seeing an SSL error, SSL is being
> used to authenticate the nodes in order to send the inventory data to the
> remote inventory server?
>
> -Chris
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Puppet Inventory Service

2012-01-03 Thread Christopher Johnston

I have multiple masters (40+) that reside in remote locations, I want to
have them send puppet inventory data to a central inventory with mysql.
Once the data is there I would like puppet dashboard installation use that
data.  I have not been able to get the remote masters to send their data
back to the central server.

I keep getting an error:

err: Could not retrieve catalog from remote server: Error 400 on eth0:
certificate verify failed.  This is often because the time is out of sync
on the server or client

On the remote inventory server node I am seeing an SSL error, SSL is being
used to authenticate the nodes in order to send the inventory data to the
remote inventory server?

-Chris

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: [Puppet-dev] Re: When the lint accumulates...

2011-12-20 Thread Christopher Johnston

Is there a minimum version of ruby or puppet for it to work?  I am open to
running this on my entire puppet tree (close to 53 modules and growing).

puppet-lint /etc/puppet/manifests
/usr/lib/ruby/gems/1.8/gems/puppet-lint-0.1.7/bin/../lib/puppet-lint/plugin.rb:43:
warning: parenthesize argument(s)
/usr/lib/ruby/gems/1.8/gems/puppet-lint-0.1.7/bin/../lib/puppet-lint.rb:28:in
`read': Is a directory - /etc/puppet/mE
from
/usr/lib/ruby/gems/1.8/gems/puppet-lint-0.1.7/bin/../lib/puppet-lint.rb:28:in
`file='
from /usr/lib/ruby/gems/1.8/gems/puppet-lint-0.1.7/bin/puppet-lint:51
from /usr/bin/puppet-lint:19:in `load'
from /usr/bin/puppet-lint:19


On Mon, Dec 19, 2011 at 4:11 PM, Henrik Lindberg <
henrik.lindb...@cloudsmith.com> wrote:

> I am also very interested in this to enable Geppetto to also provide the
> same feedback. One difficulty I have faced is to find good samples that
> should trigger different kinds of warnings and errors. I have collected
> some in Geppetto's tests, and I keep adding more over time.
>
> Biggest difficulty however are unclear language semantics ;) or issues
> like the 'hyphen in variable name'. Anyway...
>
> It may be of value to set up a shared repository at github with samples
> that contains problems for the tools (lint, geppetto, or the puppet
> runtime) to process and where the expected outcome is perhaps described in
> comments (or some other simple mechanism). The various tool projects can
> then use this for their unit tests + naturally learn about tips and tricks.
> It should be really easy for anyone to contribute a sample documented with
> expected outcome.
>
> I think it is also of value to include examples that result in
> errors/warnings at runtime - i.e. not so much a "lint" issue, but various
> real problems and how the are reported. This for the same purpose; unit
> test that the tools find these as expected and report problems in a good
> way.
>
> I can see my self contributing to such a joint effort.
>
> What do you think?
>
> Regards
> - henrik
>
>
> On 2011-19-12 21:00, James Turnbull wrote:
>
>> So some of you may be aware that Tim Sharpe from GitHub wrote a Puppet
>> linting tool:
>>
>> $ gem install puppet-lint
>> $ puppet-lint mymanifest.pp
>>
>> Source: 
>> https://github.com/rodjek/**puppet-lint
>>
>> The linting tool checks Puppet code for "best practice" based on the
>> Puppet Labs Style Guide:
>>
>> http://docs.puppetlabs.com/**guides/style_guide.html
>>
>> A lot of us have been using puppet-lint (and puppet parser validate) to
>> ensure our code is synoptically correct and as "best practice" as
>> possible.
>>
>> We're also aware that there are some strange and odd things in the
>> Puppet language and whilst we can't fix all them right now we'd like to
>> find a way to highlight items and syntax that is sub-optimal for you via
>> linting.
>>
>> So what can you do to help?  Well firstly help us identify any syntax,
>> language constructions, structures etc that have caused issues for you
>> or that when used result in errors or issues. You can let us know about
>> these in three ways:
>>
>> * Submit patches and additions to the linting tool. Patches in the form
>> of failing tests are especially welcome if you aren't comfortable adding
>> new tests yourself.
>> * Email me or the list with tickets containing issues like this.
>> * Send me or the list snippets of Puppet code that cause issues and the
>> output/issue they result in.
>>
>> We'll also look at tracking as many of these as possible and where
>> relevant update the Style Guide with them too.
>>
>> Cheers
>>
>> James
>>
>>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Developers" group.
> To post to this group, send email to puppet-...@googlegroups.com.
> To unsubscribe from this group, send email to puppet-dev+unsubscribe@**
> googlegroups.com .
> For more options, visit this group at http://groups.google.com/**
> group/puppet-dev?hl=en .
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] 2.7.6 yumrepo not working

2011-11-01 Thread Christopher Johnston

That worked, for some reason back referencing did not.  My foolishness I
was overlooking normal variable semantic (like in shell).  Strange thing my
prior setup worked fine in 2.6, 2.7 broke it.

-Chris


On Tue, Nov 1, 2011 at 12:40 PM, Jacob Helwig  wrote:

> It's the "dashes at the end of variable names" problem.  Try
> "...${operatingsystem}-${operatingsystemrelease}-${architecture}" instead.
>
> On 2011-11-01 09:07 , Len Rugen wrote:
> > You probably need to escape some of this, part of ours-
> > .repo/\$releasever/\$basearch
> >
> > puppet/factor shouldn't resolve these variables, they go to the repo
> > file and are resolved by yum or whatever.
> >
> > On Tue, Nov 1, 2011 at 10:45 AM, Christopher Johnston
> > mailto:chjoh...@gmail.com>> wrote:
> >
> > Just upgraded to 2.7.6 and the yumrepo type does not write out our
> > yum configs correctly, anyone experiencing this?  Documentation
> > hasn't changed from what I can tell for this type.
> >
> > # facter -version
> > 1.6.2
> > # puppetd --version
> > 2.7.6
> > # facter architecture
> > x86_64
> > # facter operatingsystem
> > Fedora
> > # facter operatingsystemrelease
> > 14
> >
> >  My manifest 
> >
> >   yumrepo {
> > 'EWT-Base':
> >   descr=> 'Base Repository',
> >   baseurl  =>
> > "
> http://repo:80/$operatingsystem-$operatingsystemrelease-$architecture";,
> >   gpgcheck => 0,
> >   enabled  => 1,
> >   priority => 1;
> >
> > = What gets written out 
> >
> > [Base]
> > name=Base Repository
> > baseurl=http://repo:80/x86_64
> > enabled=1
> > gpgcheck=0
> > priority=1
> >
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] 2.7.6 yumrepo not working

2011-11-01 Thread Christopher Johnston

Just upgraded to 2.7.6 and the yumrepo type does not write out our yum
configs correctly, anyone experiencing this?  Documentation hasn't changed
from what I can tell for this type.

# facter -version
1.6.2
# puppetd --version
2.7.6
# facter architecture
x86_64
# facter operatingsystem
Fedora
# facter operatingsystemrelease
14

 My manifest 

  yumrepo {
'EWT-Base':
  descr=> 'Base Repository',
  baseurl  => "
http://repo:80/$operatingsystem-$operatingsystemrelease-$architecture";,
  gpgcheck => 0,
  enabled  => 1,
  priority => 1;

= What gets written out 

[Base]
name=Base Repository
baseurl=http://repo:80/x86_64
enabled=1
gpgcheck=0
priority=1

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: catalog format

2011-07-21 Thread Christopher Johnston

preferred_serialization_format, found it -- odd I changed it to yaml and I
am seeing this error.. any ideas?

debug: catalog supports formats: b64_zlib_yaml marshal pson raw yaml; using
yaml
err: Could not retrieve catalog from remote server: Error 400 on SERVER:
Could not find node 'testhost'; cannot compile
warning: Not using cache on failed catalog


On Thu, Jul 21, 2011 at 11:58 AM, Christopher Johnston
wrote:

> debug: catalog supports formats: b64_zlib_yaml marshal pson raw yaml; using
> pson
>
> How can I change this to default to yaml?  I didn't see any options in
> puppet.conf.
>
> -Chris
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] catalog format

2011-07-21 Thread Christopher Johnston

debug: catalog supports formats: b64_zlib_yaml marshal pson raw yaml; using
pson

How can I change this to default to yaml?  I didn't see any options in
puppet.conf.

-Chris

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] config_version

2010-12-07 Thread Christopher Johnston

I am on version 0.25.4 of puppet and facter 1.5.2, I don't see the fact nor
the version anywhere in the clients catalog (on the client).  I know its
available via reports to send to a host somewhere but I am curious if this
data is available on the client itself.

# facter config_version
#


On Tue, Dec 7, 2010 at 2:22 PM, Ohad Levy  wrote:

> AFAIK, its also a fact, which makes it really easy to report with Foreman.
>
> Ohad
>
> On Tue, Dec 7, 2010 at 8:41 PM, Christopher Johnston 
> wrote:
>
>> So I got this working by calling an external script to run a git rev-parse
>> and to dump the current revision, looks like it works.  But I think what is
>> of value here is to be able to see what the individual hosts current
>> config_version is currently at since its last run.  This is useful to
>> determine if a host is behind a rev from our git repository.
>>
>> Is this information stored anywhere on the client? can it be extracted
>> from somewhere?
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To post to this group, send email to puppet-us...@googlegroups.com.
>> To unsubscribe from this group, send email to
>> puppet-users+unsubscr...@googlegroups.com
>> .
>> For more options, visit this group at
>> http://groups.google.com/group/puppet-users?hl=en.
>>
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] config_version

2010-12-07 Thread Christopher Johnston

So I got this working by calling an external script to run a git rev-parse
and to dump the current revision, looks like it works.  But I think what is
of value here is to be able to see what the individual hosts current
config_version is currently at since its last run.  This is useful to
determine if a host is behind a rev from our git repository.

Is this information stored anywhere on the client? can it be extracted from
somewhere?

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Facter ignores interfaces with non eth names

2010-10-05 Thread Christopher Johnston

I got this working by modifying the regex which seems to be explicit for a
specific output, but in reality it could be simpler - unless I am missing
something.  This change works for me now and I tested various interface
names (eth0, eth0.100, bond0, eth, WAN, LAN).  Thoughts?

$ git diff ip.rb
diff --git a/lib/facter/util/ip.rb b/lib/facter/util/ip.rb
index 366303c..32d943e 100644
--- a/lib/facter/util/ip.rb
+++ b/lib/facter/util/ip.rb
@@ -56,7 +56,7 @@ module Facter::Util::IP
 # at the end of interfaces.  So, we have to trim those trailing
 # characters.  I tried making the regex better but supporting all
 # platforms with a single regex is probably a bit too much.
-output.scan(/^[-\w]+[.:]?\d+[.:]?\d*[.:]?\w*/).collect { |i|
i.sub(/:$/, '') }.uniq
+output.scan(/^[-\w]\S*/).collect { |i| i.sub(//, '') }.uniq
 end

 def self.get_all_interface_output


On Tue, Oct 5, 2010 at 9:37 AM, Christopher Johnston wrote:

> Yes, but by X you mean they are represented with a digit?  I have systems
> that do not have interfaces represented with the name and then a digit (WAN,
> LAN, BACKUP, etc).  The regex looks to not pick those interfaces up.
>
>
> On Tue, Oct 5, 2010 at 9:31 AM, Joe McDonagh 
> wrote:
>
>> On 10/04/2010 05:35 PM, Christopher Johnston wrote:
>>
>>> Does facter support NICs that are not named ethX? I happen to use custom
>>> names on my systems.  Just a quick look at the code I don't see why it
>>> wouldn't but the behavior I am seeing is very different. --
>>>
>>> You received this message because you are subscribed to the Google Groups
>>> "Puppet Users" group.
>>> To post to this group, send email to puppet-us...@googlegroups.com.
>>> To unsubscribe from this group, send email to
>>> puppet-users+unsubscr...@googlegroups.com
>>> .
>>> For more options, visit this group at
>>> http://groups.google.com/group/puppet-users?hl=en.
>>>
>> On OpenBSD NIC devices are named based on the driver they use, and in some
>> cases the meta-type of the NIC (trunkX, carpX). Those all show up in facter
>> on those machines.
>>
>> --
>> Joe McDonagh
>> AIM: YoosingYoonickz
>> IRC: joe-mac on freenode
>> "When the going gets weird, the weird turn pro."
>>
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To post to this group, send email to puppet-us...@googlegroups.com.
>> To unsubscribe from this group, send email to
>> puppet-users+unsubscr...@googlegroups.com
>> .
>> For more options, visit this group at
>> http://groups.google.com/group/puppet-users?hl=en.
>>
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Facter ignores interfaces with non eth names

2010-10-05 Thread Christopher Johnston

Yes, but by X you mean they are represented with a digit?  I have systems
that do not have interfaces represented with the name and then a digit (WAN,
LAN, BACKUP, etc).  The regex looks to not pick those interfaces up.

On Tue, Oct 5, 2010 at 9:31 AM, Joe McDonagh wrote:

> On 10/04/2010 05:35 PM, Christopher Johnston wrote:
>
>> Does facter support NICs that are not named ethX? I happen to use custom
>> names on my systems.  Just a quick look at the code I don't see why it
>> wouldn't but the behavior I am seeing is very different. --
>>
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To post to this group, send email to puppet-us...@googlegroups.com.
>> To unsubscribe from this group, send email to
>> puppet-users+unsubscr...@googlegroups.com
>> .
>> For more options, visit this group at
>> http://groups.google.com/group/puppet-users?hl=en.
>>
> On OpenBSD NIC devices are named based on the driver they use, and in some
> cases the meta-type of the NIC (trunkX, carpX). Those all show up in facter
> on those machines.
>
> --
> Joe McDonagh
> AIM: YoosingYoonickz
> IRC: joe-mac on freenode
> "When the going gets weird, the weird turn pro."
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Facter ignores interfaces with non eth names

2010-10-04 Thread Christopher Johnston

I am using 1.58, I see the issue though.  I have interfaces called wan and
lan without a \d+ at the end.  Looks they are getting skipped.  I will play
with the regex to see whats up.

On Mon, Oct 4, 2010 at 5:50 PM, Gary Law  wrote:

> On 4 October 2010 22:35, Christopher Johnston  wrote:
> > Does facter support NICs that are not named ethX? I happen to use custom
> > names on my systems.  Just a quick look at the code I don't see why it
> > wouldn't but the behavior I am seeing is very different.
>
> works for me:
>
> g...@sv01:~ $ facter | grep e1000g
> interfaces => lo0_13,e1000g0_13
> ipaddress_e1000g0_13 => x.x.x.x
> netmask_e1000g0_13 => x.x.x.x
> network_e1000g0_13 => x.x.x.x
>
> YMMV
>
>
> --
> Gary Law
> Email: gary...@garylaw.net
> Chat googletalk/messenger: gary@gmail.com
> iChat/jabber/AIM: gary@mac.com
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Facter ignores interfaces with non eth names

2010-10-04 Thread Christopher Johnston

Does facter support NICs that are not named ethX? I happen to use custom
names on my systems.  Just a quick look at the code I don't see why it
wouldn't but the behavior I am seeing is very different.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Parsing yaml report locallly

2010-08-22 Thread Christopher Johnston

Great idea

Sent from my iPhone

On Aug 22, 2010, at 9:58 AM, "R.I.Pienaar"  wrote:

> hello,
> 
> - "Chris"  wrote:
> 
>> Hi
>> 
>> Is there a way to parse the yaml reports on locally on the puppet
>> clients. What I'd like to offer our sysadmins is a command that will
>> give them some info when the last puppetrun was and whether anything
>> has changed. This could be included in .profile/.bashrc. We have an
>> environment where admins look after a their "own" machines. And it is
>> new that something like puppet ist allowed to interfer with "their"
>> systems so we are slowly getting used to the new situation. I do hope
>> that we will eventually move to a centralized reporting UI. We're
>> just
>> not that far yet.
> 
> I made a feature request so the report gets saved locally 
> http://projects.reductivelabs.com/issues/4339 not sure how you'd get this 
> information today
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to 
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.
> 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Debugging errors with external nodes

2010-08-20 Thread Christopher Johnston

Do you have a defaut node in nodes.pp?  

Sent from my iPhone

On Aug 20, 2010, at 5:18 PM, Douglas Garstang  wrote:

> How do I debug errors with external nodes? When my client connects,
> the following appears on the puppetmaster when running in debug mode.
> It's not feasible to always be running the pupeptmaster in debug mode.
> 
> debug: importing '/etc/puppet/modules/yum/manifests/client.pp' in
> environment production
> info: Automatically imported yum::client from yum/client into production
> /usr/lib/ruby/site_ruby/1.8/puppet/parser/compiler.rb:217:in 
> `evaluate_ast_node'
> /usr/lib/ruby/site_ruby/1.8/puppet/parser/compiler.rb:102:in `compile'
> /usr/lib/ruby/site_ruby/1.8/puppet/parser/compiler.rb:18:in `compile'
> /usr/lib/ruby/site_ruby/1.8/puppet/indirector/catalog/compiler.rb:77:in
> `compile'
> /usr/lib/ruby/site_ruby/1.8/puppet/util.rb:175:in `benchmark'
> /usr/lib/ruby/1.8/benchmark.rb:293:in `measure'
> /usr/lib/ruby/1.8/benchmark.rb:307:in `realtime'
> /usr/lib/ruby/site_ruby/1.8/puppet/util.rb:174:in `benchmark'
> /usr/lib/ruby/site_ruby/1.8/puppet/indirector/catalog/compiler.rb:75:in
> `compile'
> /usr/lib/ruby/site_ruby/1.8/puppet/indirector/catalog/compiler.rb:34:in `find'
> /usr/lib/ruby/site_ruby/1.8/puppet/indirector/indirection.rb:193:in `find'
> /usr/lib/ruby/site_ruby/1.8/puppet/indirector.rb:50:in `find'
> /usr/lib/ruby/site_ruby/1.8/puppet/network/http/handler.rb:101:in `do_find'
> /usr/lib/ruby/site_ruby/1.8/puppet/network/http/handler.rb:68:in `send'
> /usr/lib/ruby/site_ruby/1.8/puppet/network/http/handler.rb:68:in `process'
> /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick/rest.rb:23:in 
> `service'
> /usr/lib/ruby/1.8/webrick/httpserver.rb:104:in `service'
> /usr/lib/ruby/1.8/webrick/httpserver.rb:65:in `run'
> /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:45:in `listen'
> /usr/lib/ruby/1.8/webrick/server.rb:173:in `call'
> /usr/lib/ruby/1.8/webrick/server.rb:173:in `start_thread'
> /usr/lib/ruby/1.8/webrick/server.rb:162:in `start'
> /usr/lib/ruby/1.8/webrick/server.rb:162:in `start_thread'
> /usr/lib/ruby/1.8/webrick/server.rb:95:in `start'
> /usr/lib/ruby/1.8/webrick/server.rb:92:in `each'
> /usr/lib/ruby/1.8/webrick/server.rb:92:in `start'
> /usr/lib/ruby/1.8/webrick/server.rb:23:in `start'
> /usr/lib/ruby/1.8/webrick/server.rb:82:in `start'
> /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:42:in `listen'
> /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:41:in `initialize'
> /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:41:in `new'
> /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:41:in `listen'
> /usr/lib/ruby/1.8/thread.rb:135:in `synchronize'
> /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:38:in `listen'
> /usr/lib/ruby/site_ruby/1.8/puppet/network/server.rb:127:in `listen'
> /usr/lib/ruby/site_ruby/1.8/puppet/network/server.rb:142:in `start'
> /usr/lib/ruby/site_ruby/1.8/puppet/daemon.rb:125:in `start'
> /usr/lib/ruby/site_ruby/1.8/puppet/application/master.rb:114:in `main'
> /usr/lib/ruby/site_ruby/1.8/puppet/application/master.rb:46:in `run_command'
> /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:301:in `run'
> /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:398:in `exit_on_fail'
> /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:301:in `run'
> /usr/sbin/puppetmasterd:4
> err: Could not find default node or by name with
> 'app01.pax.livegamer.com, app01.pax.livegamer, app01.pax, app01' on
> node app01.pax.livegamer.com
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to 
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.
> 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Push changes to clients

2010-08-17 Thread Christopher Johnston

Wont that also ignore the scheduled 30min runs?  I believe thats what Craig 
wanted if I'm not mistaken.

Sent from my iPhone

On Aug 13, 2010, at 1:32 PM, Patrick Mohr  wrote:

> 
> On Aug 13, 2010, at 7:21 AM, Christopher Johnston wrote:
>> ignoreschedules = true
> 
> This will cause puppet to ignore schedule resources.  It won't do what you 
> want.
> 
>> 
>> 
>> Cant you just use those two options to allow puppetruns to work and not have 
>> the client attempt to do updates?  
>> 
>> On Fri, Aug 13, 2010 at 6:44 AM, matonb  wrote:
>> Is there a puppet.conf equivalent to --no-client ?
>> 
>>  All the nodes are RHEL and will use the puppet service (init
>> script).  I'd rather not tweak that if possible.
>> 
>> Thanks.
>> 
>> On Aug 13, 11:38 am, Craig Dunn  wrote:
>> > On Fri, Aug 13, 2010 at 10:05 AM, ScubaDude 
>> > wrote:
>> >
>> > > I was wondering how to configure the puppet clients to only listen,
>> > > not to periodically pull configs down from the puppetmaster.
>> >
>> > > I'd rather push the configs out from the puppetmaster with
>> > > puppetrun...
>> >
>> > Running puppetd with --no-client should have this effect.
>> >
>> > Craig
>> 
>> --
>> You received this message because you are subscribed to the Google Groups 
>> "Puppet Users" group.
>> To post to this group, send email to puppet-us...@googlegroups.com.
>> To unsubscribe from this group, send email to 
>> puppet-users+unsubscr...@googlegroups.com.
>> For more options, visit this group at 
>> http://groups.google.com/group/puppet-users?hl=en.
>> 
>> 
>> 
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Puppet Users" group.
>> To post to this group, send email to puppet-us...@googlegroups.com.
>> To unsubscribe from this group, send email to 
>> puppet-users+unsubscr...@googlegroups.com.
>> For more options, visit this group at 
>> http://groups.google.com/group/puppet-users?hl=en.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to 
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Question about types and using a default/inherited value

2010-08-13 Thread Christopher Johnston

I have some types like below that have about 10 files or directories in a
single type to keep my manifests looking clean and easier to maintain.
Since some of them all use the same options (user, group, mode, etc) with
the same values is there a way to set them globally once and have all of
them get inherited so I don't have to repeat entries?

file {
'/etc/nsswitch.conf':
  owner   => root,
  group   => root,
  mode=> 0644,
  file=> 'sssd/files/nsswitch.conf';
'/etc/pam.d/system-auth-ac':
  owner   => root,
  group   => root,
  mode=> 0644,
  file=> 'sssd/files/system-auth-ac';
  }

Thinking something like this, where the value of default forces anything
that does not have user, group or mode specified to inherit those values as
a default.  Then if something is present it will override the default
attributes.  I would imagine this would be a feature request if this is not
supported in some fashion.  Interested to hear peoples thought as this would
save a lot of typing and clutter in the my manifests (which are quite big as
we have some servers that require a tone of directories and symlinks)

file {
'default':
  owner  => root,
  group  => root,
  mode  => 0644;
'/etc/nsswitch.conf':
  source   => 'sssd/files/nsswitch.conf';
  mode  => 0755;
'/etc/pam.d/system-auth-ac':
  source  => 'sssd/files/system-auth-ac';
  }

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Push changes to clients

2010-08-13 Thread Christopher Johnston

listen  = true
ignoreschedules = true


Cant you just use those two options to allow puppetruns to work and not have
the client attempt to do updates?

On Fri, Aug 13, 2010 at 6:44 AM, matonb  wrote:

> Is there a puppet.conf equivalent to --no-client ?
>
>  All the nodes are RHEL and will use the puppet service (init
> script).  I'd rather not tweak that if possible.
>
> Thanks.
>
> On Aug 13, 11:38 am, Craig Dunn  wrote:
> > On Fri, Aug 13, 2010 at 10:05 AM, ScubaDude  >wrote:
> >
> > > I was wondering how to configure the puppet clients to only listen,
> > > not to periodically pull configs down from the puppetmaster.
> >
> > > I'd rather push the configs out from the puppetmaster with
> > > puppetrun...
> >
> > Running puppetd with --no-client should have this effect.
> >
> > Craig
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] variable confusion

2010-08-09 Thread Christopher Johnston

Why can't variables be reassigned with a setup like this?

node /.*mydomain.com/ {
  import mydomain.pp
}

node /*.yourdomain.com/ {
  import yourdomain.pp
}

In manifest mydomain.pp and yourdomain.pp I have variables that are specific
to that site that I want to import only for that site (ie, dns_nameserver
ldap_server).  I get errors that variable cannot be reassigned.  My
reasoning for wanting to separate everything into separate site specific
manifests is mostly because my nodes.pp is getting way too cluttered and
difficult to manage (over 1k lines of code).  It looks like stuff is getting
imported regardless of the node type (case statements also show the same
behavior).

err: Could not retrieve catalog from remote server: Error 400 on SERVER:
Cannot reassign variable site_id at
/etc/puppet/manifests/nodes/mydomain.pp:5 on node host.yourdomain.com

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] puppet 2.6.0 vs apache/mod_passenger

2010-08-02 Thread Christopher Johnston

I have not played with 2.6.0 yet, but I do have it working fine with .25
just fine.

On Mon, Aug 2, 2010 at 1:38 PM, Russell Jackson  wrote:

> On 08/02/2010 10:35 AM, Christopher Johnston wrote:
> > Looks good from what I can tell, did you setup the config.ru?
> >
>
> Can I take this to mean that you have a working passenger installation
> of 2.6.0? Knowing that it can work would at least narrow it down to a
> local installation issue rather than a bug in puppet.
>
> --
> Russell A Jackson 
> Network Analyst
> California State University, Bakersfield
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] puppet 2.6.0 vs apache/mod_passenger

2010-08-02 Thread Christopher Johnston

Looks good from what I can tell, did you setup the config.ru?

On Mon, Aug 2, 2010 at 1:25 PM, Russell Jackson  wrote:

> On 08/02/2010 10:26 AM, Christopher Johnston wrote:
> > Can you paste gem list?
>
> # gem list
>
> *** LOCAL GEMS ***
>
> actionmailer (2.3.8)
> actionpack (2.3.8)
> activerecord (2.3.8)
> activeresource (2.3.8)
> activesupport (2.3.8)
> fastthread (1.0.7)
> passenger (2.2.15)
> rack (1.1.0)
> rails (2.3.8)
> rake (0.8.7)
> ruby-augeas (0.3.0)
> sources (0.0.2)
>
> >
> > On Mon, Aug 2, 2010 at 1:17 PM, Russell Jackson  wrote:
> >
> >> I'm having a hell of a time with mod_passenger. Where would I even begin
> >> to investigate where this exception is coming from? My configuration
> >> works fine with the 2.6.0 webrick server.
> >>
>
>
> --
> Russell A Jackson 
> Network Analyst
> California State University, Bakersfield
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] puppet 2.6.0 vs apache/mod_passenger

2010-08-02 Thread Christopher Johnston

Can you paste gem list?

On Mon, Aug 2, 2010 at 1:17 PM, Russell Jackson  wrote:

> I'm having a hell of a time with mod_passenger. Where would I even begin
> to investigate where this exception is coming from? My configuration
> works fine with the 2.6.0 webrick server.
>
> > [Thu Jul 29 18:03:00 2010] [error] [client 136.168.1.4] Premature end of
> script headers: preamble
> > [ pid=28460 file=ext/apache2/Hooks.cpp:735 time=2010-07-29 18:03:00.77 ]:
> >   The backend application (process 30417) didn't send a valid HTTP
> response. It might have crashed during the middle of sending an HTTP
> response, so please check whether there are crashing problems in your
> application. This is the data that it sent: [Content-Type]
> > *** Exception NoMethodError in PhusionPassenger::Rack::ApplicationSpawner
> (undefined method `each' for 3238:Fixnum) (process 30417):
> > from
> /usr/local/lib/ruby/gems/1.8/gems/passenger-2.2.15/lib/phusion_passenger/rack/request_handler.rb:100:in
> `process_request'
> > from
> /usr/local/lib/ruby/gems/1.8/gems/rack-1.1.0/lib/rack/utils.rb:278:in `each'
> > from
> /usr/local/lib/ruby/gems/1.8/gems/rack-1.1.0/lib/rack/utils.rb:277:in `each'
> > from
> /usr/local/lib/ruby/gems/1.8/gems/passenger-2.2.15/lib/phusion_passenger/rack/request_handler.rb:96:in
> `process_request'
> > from
> /usr/local/lib/ruby/gems/1.8/gems/passenger-2.2.15/lib/phusion_passenger/abstract_request_handler.rb:207:in
> `main_loop'
> > from
> /usr/local/lib/ruby/gems/1.8/gems/passenger-2.2.15/lib/phusion_passenger/rack/application_spawner.rb:120:in
> `run'
> > from
> /usr/local/lib/ruby/gems/1.8/gems/passenger-2.2.15/lib/phusion_passenger/rack/application_spawner.rb:65:in
> `spawn_application'
> > from
> /usr/local/lib/ruby/gems/1.8/gems/passenger-2.2.15/lib/phusion_passenger/utils.rb:252:in
> `safe_fork'
> > from
> /usr/local/lib/ruby/gems/1.8/gems/passenger-2.2.15/lib/phusion_passenger/rack/application_spawner.rb:58:in
> `spawn_application'
> > from
> /usr/local/lib/ruby/gems/1.8/gems/passenger-2.2.15/lib/phusion_passenger/rack/application_spawner.rb:41:in
> `spawn_application'
> > from
> /usr/local/lib/ruby/gems/1.8/gems/passenger-2.2.15/lib/phusion_passenger/spawn_manager.rb:150:in
> `spawn_application'
> > from
> /usr/local/lib/ruby/gems/1.8/gems/passenger-2.2.15/lib/phusion_passenger/spawn_manager.rb:278:in
> `handle_spawn_application'
> > from
> /usr/local/lib/ruby/gems/1.8/gems/passenger-2.2.15/lib/phusion_passenger/abstract_server.rb:352:in
> `__send__'
> > from
> /usr/local/lib/ruby/gems/1.8/gems/passenger-2.2.15/lib/phusion_passenger/abstract_server.rb:352:in
> `main_loop'
> > from
> /usr/local/lib/ruby/gems/1.8/gems/passenger-2.2.15/lib/phusion_passenger/abstract_server.rb:196:in
> `start_synchronously'
> > from
> /usr/local/lib/ruby/gems/1.8/gems/passenger-2.2.15/bin/passenger-spawn-server:61
>
>
> --
> Russell A Jackson 
> Network Analyst
> California State University, Bakersfield
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Bootstrap

2010-08-02 Thread Christopher Johnston

Kinda crazy.  It would be better to just build a custom embedded OS (pxe
boot it), then have a script that kicks off on boot-up to configure the
image then the other way around.  That how I handle it at my company,
stateless.

On Sat, Jul 31, 2010 at 5:30 AM, parag kale  wrote:

> Hey,
> I want the puppet daemon(client) to contact the server and download the OS
> and thn boot it ..
>
>
> On Sat, Jul 31, 2010 at 6:56 AM, Patrick Mohr  wrote:
>
>> Do you want to run it off the server or install it on the client?  What
>> OS?
>>
>> On Jul 29, 2010, at 9:02 PM, parag(PK) wrote:
>>
>> > Can it be possible to boot up a bare metal client ,by downloding the
>> > whole OS from server .when the client is powered on .
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To post to this group, send email to puppet-us...@googlegroups.com.
>> To unsubscribe from this group, send email to
>> puppet-users+unsubscr...@googlegroups.com
>> .
>> For more options, visit this group at
>> http://groups.google.com/group/puppet-users?hl=en.
>>
>>
>  --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] render template

2010-07-29 Thread Christopher Johnston

Is there a way in puppet to make the client render a template from a module
and have it spit the contents of the template to stdout or to a file so it
can be looked at before deploying?

-Chris

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Catching failure with templates

2010-07-28 Thread Christopher Johnston

To solve your pathing issue you could create a define to autocomplete the path 
for you.  

Sent from my iPhone

On Jul 27, 2010, at 11:24 AM, Rob McBroom  wrote:

> So, I’m using templates for the first time and I wanted to test the case 
> where the values used by the template don’t exist. I get an error like this:
> 
>err: Could not retrieve catalog from remote server: Error 400 on SERVER: 
> Failed to parse template slapd_replication.erb: Could not find value for 
> 'slapd_consumer_rid' at 
> /etc/puppet/manifests/experimental/services/ldap.pp:141 on node t-corp-ldap-03
>warning: Not using cache on failed catalog
>err: Could not retrieve catalog; skipping run
> 
> That’s fine. I want it to fail and not touch the target file (which is what 
> happens), but I also want to *know* it failed. The report in Puppet Dashboard 
> shows a successful run. I imagine the report only counts something as a 
> failure if it attempts to do it, but since the template can’t even be parsed, 
> it’s not trying. Is there some clever thing I can do to make it fail in a way 
> that will get reported?
> 
> One possibility I’ve considered is to check for the variable in the template 
> and set an invalid default if it’s missing, which will kill LDAP services on 
> that node. While that would certainly get noticed, I’d prefer something less 
> extreme.
> 
> And a related question: I’d like to store templates in the same directory 
> that 'puppet://puppet/files/' points to, but I don’t want to hard-code the 
> path in my manifests. Is there a variable that refers to that path? (Yeah, I 
> know. Modules. I’m not using them and not planning to any time soon, so any 
> other ideas would be appreciated.)
> 
> Thanks.
> 
> -- 
> Rob McBroom
> 
> 
> Don't try to tell me something is important to you if the whole of your 
> “support” entails getting Congress to force *others* to spend time and money 
> on it.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to 
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.
> 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] manage_internal_file_permissions, /etc/sysconfig, and/or command line startup...

2010-07-28 Thread Christopher Johnston

Try using a bind mount instead of symlink

Sent from my iPhone

On Jul 27, 2010, at 6:48 PM, Tom  wrote:

> Okay, maybe I'm being dense...but I'm missing something here.
> 
> First off, using puppet 2.6 on centos 5.5.
> 
> I want to store /etc/puppet and /var/lib/puppet elsewhere...but have
> symbolic links for /etc/puppet and /var/lib/puppet that point to the
> actual directories.  Puppet obviously rewrites those symlinks when I
> start it up.
> 
> So I read, and saw "manage_internal_file_permissions" - looks like
> just what I want.  But setting it in /etc/puppet/puppet.conf isn't
> working - it's rewritten before it's checked.
> 
> So then I tried setting it on the command line by editing /etc/
> sysconfig/puppetmaster and setting PUPPETMASTER_EXTRA_OPTS to "--
> manage_internal_file_permissions false", but that's not working.  So I
> also tried setting it to "--no-manage_internal_file_permissions", but
> that's not working either.
> 
> What the heck am I doing wrong?
> 
> Thanks-
> 
> Tom
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to 
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.
> 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Management of MySQL grant tables?

2010-07-28 Thread Christopher Johnston

I believe so, have to crack your code open to confirm. But in mysql I see the 
grants listed.

It would also be useful to have an "all_grants" so each one does not have to be 
listed out.  

Sent from my iPhone

On Jul 28, 2010, at 2:58 AM, David Schmitt  wrote:

> On 7/28/2010 12:41 AM, Christopher Johnston wrote:
>> David,
>> 
>> Curious on how you handle doing a grant of *.* (all attributes) I looked
>> through your puppet type and I see you are individually listing every
>> type out but you are missing event_priv and trigger_priv as grant types.
> 
> I haven't worked on those types in a while and it is possible, that those 
> privs only exist in a later version of mysql?
> 
> 
> Best Regards, David
> -- 
> dasz.at OG  Tel: +43 (0)664 2602670 Web: http://dasz.at
> Klosterneuburg UID: ATU64260999
> 
>   FB-Nr.: FN 309285 g  FB-Gericht: LG Korneuburg
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to 
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.
> 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Management of MySQL grant tables?

2010-07-27 Thread Christopher Johnston

David,

Curious on how you handle doing a grant of *.* (all attributes) I looked
through your puppet type and I see you are individually listing every type
out but you are missing event_priv and trigger_priv as grant types.

-Chris

On Mon, Jun 21, 2010 at 11:51 AM, David Schmitt  wrote:

> On 5/19/2010 5:44 PM, Ken wrote:
>
>> I found a github reference to a package that might do it
>>> (http://github.com/camptocamp/puppet-mysql) but I can't understand
>>> what it is, how it works, or even what to do with it.
>>>
>>
>> Hmm. How familiar are you with puppet modules? Not quite clear how
>> detailed we need to be here :-). Here is a doc that outlines them:
>> http://docs.puppetlabs.com/guides/modules.html
>>
>> Ordinarily you would drop this code into your 'module path' (by
>> default this is often /etc/puppet/modules). This would make it
>> available then for use in other code/manifests.
>>
>> Assuming you are already okay with these aspects of puppet - here is
>> a sample manifest on how to use it for 1 system. I have a fork of
>> that code (its been around - I'm not even clear who wrote it first -
>> could have been David Schmidt:
>> http://git.black.co.at/?p=module-mysql;a=summary) so it may not work
>> exactly the same :-).
>>
>
>
> Indeed, the mysql_* types were originially written by me.
>
>
> Best Regards, David
> --
> dasz.at OG  Tel: +43 (0)664 2602670 Web: http://dasz.at
> Klosterneuburg UID: ATU64260999
>
>   FB-Nr.: FN 309285 g  FB-Gericht: LG Korneuburg
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Creating a directory fails

2010-07-15 Thread Christopher Johnston

Sure!

On Thu, Jul 15, 2010 at 11:27 AM, Peter Meier wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> > One minor complaint, the debug output from puppetd doesn't really explain
> > what the exact issue is and where its failing.  ie, would be good if it
> said
> > it was attempting to chown/chmod a directory or file.
>
> can you file a bug/feature request for that? thx!
>
> cheers pete
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.10 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAkw/KPkACgkQbwltcAfKi3+fJQCffafePve/B+9LSKbwvHMAiBXC
> 2HwAoJ2eMXtkfIvxCC97EHrwGJnD5r7U
> =xMiB
> -END PGP SIGNATURE-
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Creating a directory fails

2010-07-15 Thread Christopher Johnston

Its possible, I realized I had a recurse => true when I removed it seems to
work.  In my email I just typed it up real quick and didnt paste the actual
type I have in my manifest.  So that would explain it as under that
directory there are device files and recursively is failing to set the
perms.

One minor complaint, the debug output from puppetd doesn't really explain
what the exact issue is and where its failing.  ie, would be good if it said
it was attempting to chown/chmod a directory or file.

Thx for the assistance.

-Chris

On Thu, Jul 15, 2010 at 10:59 AM, Patrick Mohr  wrote:

> I might know the problem.  Do you have device files or sockets in
> /var/named/chroot?  If so puppet might be trying to manage the permissions
> on stuff in that folder and failing the sanity check when is sees they
> aren't regular files.
>
>
> On Jul 15, 2010, at 7:21 AM, Christopher Johnston wrote:
>
> They exist for sure..
>
> # ls -ld /var/named/
> drwxr-x--- 6 root named 4096 2010-07-15 06:20 /var/named/
> # ls -ld /var/named/chroot/
> drwxr-xr-x 5 named named 4096 2010-07-15 06:20 /var/named/chroot/
>
>
> On Thu, Jul 15, 2010 at 12:09 AM, Patrick Mohr  wrote:
>
>> I'd check to see if /var/named exists or if /var/named/chroot is a
>> symlink.
>>
>> On Jul 14, 2010, at 2:24 PM, Christopher Johnston wrote:
>>
>> > I don't see anything out of the ordinary here, seems like its not
>> honoring the type as a directory but as a file any ideas?
>> >
>> > err: //bind::slave/File[/var/named/chroot]: Failed to generate
>> additional resources using 'eval_generate': Cannot manage files of type
>> characterSpecial
>> >
>> > file { '/var/named/chroot':
>> > ensure=> directory,
>> > owner => named,
>> > group => named,
>> > mode  => 0755,
>> > require   => Package['bind-chroot'];
>> > }
>> >
>> >
>> > --
>> > You received this message because you are subscribed to the Google
>> Groups "Puppet Users" group.
>> > To post to this group, send email to puppet-us...@googlegroups.com.
>> > To unsubscribe from this group, send email to
>> puppet-users+unsubscr...@googlegroups.com
>> .
>> > For more options, visit this group at
>> http://groups.google.com/group/puppet-users?hl=en.
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To post to this group, send email to puppet-us...@googlegroups.com.
>> To unsubscribe from this group, send email to
>> puppet-users+unsubscr...@googlegroups.com
>> .
>> For more options, visit this group at
>> http://groups.google.com/group/puppet-users?hl=en.
>>
>>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Creating a directory fails

2010-07-15 Thread Christopher Johnston

They exist for sure..

# ls -ld /var/named/
drwxr-x--- 6 root named 4096 2010-07-15 06:20 /var/named/
# ls -ld /var/named/chroot/
drwxr-xr-x 5 named named 4096 2010-07-15 06:20 /var/named/chroot/


On Thu, Jul 15, 2010 at 12:09 AM, Patrick Mohr  wrote:

> I'd check to see if /var/named exists or if /var/named/chroot is a symlink.
>
> On Jul 14, 2010, at 2:24 PM, Christopher Johnston wrote:
>
> > I don't see anything out of the ordinary here, seems like its not
> honoring the type as a directory but as a file any ideas?
> >
> > err: //bind::slave/File[/var/named/chroot]: Failed to generate additional
> resources using 'eval_generate': Cannot manage files of type
> characterSpecial
> >
> > file { '/var/named/chroot':
> > ensure=> directory,
> > owner => named,
> > group => named,
> > mode  => 0755,
> > require   => Package['bind-chroot'];
> > }
> >
> >
> > --
> > You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> > To post to this group, send email to puppet-us...@googlegroups.com.
> > To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> > For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Creating a directory fails

2010-07-14 Thread Christopher Johnston

I don't see anything out of the ordinary here, seems like its not honoring
the type as a directory but as a file any ideas?

err: //bind::slave/File[/var/named/chroot]: Failed to generate additional
resources using 'eval_generate': Cannot manage files of type
characterSpecial

file { '/var/named/chroot':
ensure=> directory,
owner => named,
group => named,
mode  => 0755,
require   => Package['bind-chroot'];
}

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] sysctl

2010-06-25 Thread Christopher Johnston

There was one just posted on the list 2 days ago if you do a search.  Works
well.  There is this one too.

http://git.puppet.immerda.ch/?p=module-sysctl.git;a=summary

On Fri, Jun 25, 2010 at 10:19 AM, nottings wrote:

> Does anyone out there have a module or type for managing sysctl?
> Where can I download it?
>
> I've seen and old one out there that doesn't seem to work with version
> 0.25.x, so I'm hoping to find one that has been kept up to date
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Storeconfigs connection pool problem

2010-06-21 Thread Christopher Johnston

Any findings?  From what I can tell it defaults to sqlite leaving me with an
issue of my hosts bombing out when more then 6 runs are happening.  I would
prefer to have it use mysql for a cache then let the queuing daemon fwd its
data to a central mysql server.


On Thu, Jun 10, 2010 at 1:39 PM, Jason Koppe
wrote:

> I'm not sure, I can't seem to find README.queuing or much documentation
> about how it's supposed to work.  I'll checkout the code this weekend if
> there aren't responses here.
>
>
> On Thu, Jun 10, 2010 at 9:32 AM, Christopher Johnston 
> wrote:
>
>> I have the same issue as well, seems puppetqd uses sqlite for caching?
>>
>>
>> On Wed, Jun 9, 2010 at 4:11 PM, Jason Koppe > > wrote:
>>
>>> Queuing support from ActiveMQ doesn't even make a difference for me -- I
>>> thought the purpose of adding the queuing support was to queue the data in
>>> puppetqd's memory and let that flush out to the database when it could.  I'm
>>> still seeing this error from the puppetmaster (not puppetqd).
>>>
>>> err: could not obtain a database connection within 5 seconds.  The max
>>> pool size is currently 5; consider increasing it.
>>>
>>> Am I misunderstanding how puppetmasterd+puppetqd is supposed to function?
>>>
>>>
>>> On Wed, Jun 9, 2010 at 3:51 AM, Dan Carley  wrote:
>>>
>>>> On 9 June 2010 06:09, Jason Koppe  wrote:
>>>>
>>>>>  On Fri, Feb 12, 2010 at 12:28 AM, Joe McDonagh <
>>>>> joseph.e.mcdon...@gmail.com> wrote:
>>>>>
>>>>>> Daniel Kerwin wrote:
>>>>>>
>>>>>> > Hi list,
>>>>>> >
>>>>>> > i just enabled storeconfigs and cannot use puppetrun on more than 5
>>>>>> > hosts. When i try 6+ i get the error message:
>>>>>> >
>>>>>> > puppetmasterd[16209]: could not obtain a database connection within
>>>>>> 5
>>>>>> > seconds.  The max pool size is currently 5; consider increasing it.
>>>>>> >
>>>>>> > My Mysql setup allows a lot more connections (500). Any suggestions?
>>>>>>
>>>>>> Do you have the proper rubygem for mysql installed? I think on
>>>>>> deb/ubuntu it's something like libmysql-ruby1.8.
>>>>>>
>>>>>
>>>>> I'm having the same problem with the mysql gem installed and the gem
>>>>> appears to be in-use
>>>>>
>>>>
>>>> The gem version is a bit of a red herring, so long are using the gem and
>>>> not Ruby's own connector. As the warning suggests, ActiveRecord's pool
>>>> option simply needs raising if it's to be put under any strain at all. 
>>>> There
>>>> is a bug/feature ticket as #2568 [0] which exposes this option to Puppet's
>>>> configuration. But it's not due to be delivered until 2.6/rowlf.
>>>>
>>>> I've been slipstreaming the patch into 0.25 myself because storeconfigs
>>>> grinds to a halt without it in my environment. Given the simplicity of the
>>>> diff and that it seems to be affecting a number of people I think it
>>>> probably warrants being brought forward to 0.25.
>>>>
>>>> [0] http://projects.puppetlabs.com/issues/2568
>>>>
>>>> --
>>>> You received this message because you are subscribed to the Google
>>>> Groups "Puppet Users" group.
>>>> To post to this group, send email to puppet-us...@googlegroups.com.
>>>> To unsubscribe from this group, send email to
>>>> puppet-users+unsubscr...@googlegroups.com
>>>> .
>>>> For more options, visit this group at
>>>> http://groups.google.com/group/puppet-users?hl=en.
>>>>
>>>
>>>
>>>
>>> --
>>> Jason Koppe
>>> jason.robert.ko...@gmail.com
>>> Cell (210) 445-8242
>>>
>>> --
>>> You received this message because you are subscribed to the Google Groups
>>> "Puppet Users" group.
>>> To post to this group, send email to puppet-us...@googlegroups.com.
>>> To unsubscribe from this group, send email to
>>> puppet-users+unsubscr...@googlegroups.com
>>> .
>>> For more options, visit this group at
>>> http://groups.google.com/group/puppet-users?hl=en.
>>>
>>
>>  --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To post to this group, send email to puppet-us...@googlegroups.com.
>> To unsubscribe from this group, send email to
>> puppet-users+unsubscr...@googlegroups.com
>> .
>> For more options, visit this group at
>> http://groups.google.com/group/puppet-users?hl=en.
>>
>
>
>
> --
> Jason Koppe
> jason.robert.ko...@gmail.com
> Cell (210) 445-8242
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Management of MySQL grant tables?

2010-06-21 Thread Christopher Johnston

Module works great!  Thx!  I made some slight mods to it for my environment
but works great.

On Wed, May 19, 2010 at 11:44 AM, Ken  wrote:

> > I found a github reference to a package that might do it (
> http://github.com/camptocamp/puppet-mysql) but I can't understand
> > what it is, how it works, or even what to do with it.
>
> Hmm. How familiar are you with puppet modules? Not quite clear how
> detailed we need to be here :-). Here is a doc that outlines them:
> http://docs.puppetlabs.com/guides/modules.html
>
> Ordinarily you would drop this code into your 'module path' (by
> default this is often /etc/puppet/modules). This would make it
> available then for use in other code/manifests.
>
> Assuming you are already okay with these aspects of puppet - here is a
> sample manifest on how to use it for 1 system. I have a fork of that
> code (its been around - I'm not even clear who wrote it first - could
> have been David Schmidt: http://git.black.co.at/?p=module-mysql;a=summary)
> so it may not work exactly the same :-).
>
>mysql_database {
>"drupal":
>ensure => present;
>"bugzilla":
>ensure => present;
>"wpmu":
>ensure => present;
>}
>mysql_user {
>"dru...@localhost":
>password_hash => mysql_password("foo");
>"bugzi...@localhost":
>password_hash => mysql_password("foo");
>"w...@localhost":
>password_hash => mysql_password("foo");
>}
>mysql_grant {
>"dru...@localhost/drupal":
>privileges => [
>"select_priv", "insert_priv",
> "update_priv", "delete_priv",
>"create_priv", "drop_priv",
> "index_priv", "alter_priv",
>],
>require => Mysql_user["dru...@localhost"];
>"bugzi...@localhost/bugzilla":
>privileges => [
>"select_priv", "insert_priv",
> "update_priv", "delete_priv",
>"create_priv", "drop_priv",
> "index_priv", "alter_priv",
>],
>require => Mysql_user["bugzi...@localhost"];
>"w...@localhost/wpmu":
>privileges => [
>"select_priv", "insert_priv",
> "update_priv", "delete_priv",
>"create_priv", "drop_priv",
> "index_priv", "alter_priv",
>],
>require => Mysql_user["w...@localhost"];
>}
>
> This would in effect:
>
> * create 3 databases - drupal, bugzilla, wpmu
> * create 3 users - drupal, bugzilla, wpmu
> * assign grant access for the users to the db's of the same name
>
> ken.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] header for puppet managed files

2010-06-21 Thread Christopher Johnston

Similar setup as well:

# pwd
/etc/puppet/templates
# cat header.erb
##
#
#
# This file is centrally managed, any manual changes will be
OVERWRITTEN   #
#
#
##

I then use a define called get::template which ensure that the header.erb is
applied to every template that is created.

On Mon, Jun 21, 2010 at 10:33 AM, Disconnect wrote:

> That is what we do (and we enforce it by convention rather than
> technically.)
>
> # MANAGED BY PUPPET!
> # /modules/foo/templates/bar.conf
> # ..any associated warnings, weirdness (eg template called from other
> module) etc
>
> On files that other groups might be touching, we add something like:
> # Changes WILL BE overwritten every 30 mins! Any permanent changes must be
> checked
> # into git under "foo/puppet/".
>
> On Mon, Jun 21, 2010 at 10:16 AM, Joe McDonagh <
> joseph.e.mcdon...@gmail.com> wrote:
>
>> On 06/20/2010 03:37 PM, Psyber wrote:
>>
>>> Anyone have any ideas on adding a default header to puppet managed
>>> files and templates?
>>> This might be tricky because of the different methods of adding
>>> comments for different types of files but I'm certainly open to
>>> suggestions that would enforce the existence of a header.
>>>
>>>
>>>
>> Generally I add in by hand, and I make sure it says whether this is
>> managed as a template or plain file, and what module it can be found in.
>>
>>
>> --
>> Joe McDonagh
>> Operations Engineer
>> AIM: YoosingYoonickz
>> IRC: joe-mac on freenode
>> "When the going gets weird, the weird turn pro."
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To post to this group, send email to puppet-us...@googlegroups.com.
>> To unsubscribe from this group, send email to
>> puppet-users+unsubscr...@googlegroups.com
>> .
>> For more options, visit this group at
>> http://groups.google.com/group/puppet-users?hl=en.
>>
>>
>  --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] augeas and sendmail aliases

2010-06-17 Thread Christopher Johnston

I was never able to get this working properly for /etc/services, there is
support in augeas now to do the matches properly but I think the ruby
bindings are not up to date with the new changes which ended up making
puppet fail.



On Thu, Jun 17, 2010 at 9:06 AM, Rob McBroom wrote:

> On Jun 16, 2010, at 5:42 PM, Silviu Paragina wrote:
>
> >> set /files/etc/aliases/*[name = ‘ftp’]/name ftp
> >>
> > I've actually tried this in augtool and puppet and it didn't work. In
> puppet it fails silently and on first sight you would believe everything
> went ok. In augtool it simply fails.
>
> So it does. It works with “print”, so I thought it would work with “set” as
> well. That was my experience with `/etc/services` and `/etc/passwd`. At this
> point, I’d look at all the possible path expressions and play around a bit.
>
>  http://augeas.net/page/Path_expressions
>
> You may be stuck doing an “onlyif” after all.
>
> You might also try the native mail alias type, as someone else suggested.
>
> http://docs.puppetlabs.com/references/latest/type.html#mailalias
>
> --
> Rob McBroom
> 
>
> Don't try to tell me something is important to you if the whole of your
> “support” entails getting Congress to force *others* to spend time and money
> on it.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Provisioning VM in Xen via Puppet - Howto??

2010-06-14 Thread Christopher Johnston

My git clone was failing, will try again

On Mon, Jun 14, 2010 at 9:33 AM, Thomas Bellman  wrote:

> On 2010-06-11 21:20, Christopher Johnston wrote:
>
>  Thomas I don't see your GIT repo, looks to be offline.
>>
>
> I don't see any problems when I check now.  A git clone of
> http://www.nsc.liu.se/~bellman/nsc-puppet-utils.git works
> fine for me.  (Note, however, that you can't point a normal
> web browser to that URL; you must use git-clone(1).)
>
>
>/Bellman
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Provisioning VM in Xen via Puppet - Howto??

2010-06-11 Thread Christopher Johnston

Thomas I don't see your GIT repo, looks to be offline.

On Fri, May 14, 2010 at 5:11 AM, Dan Carley  wrote:

> On 12 May 2010 16:13, Thomas Bellman  wrote:
>
>> [..]
>> I don't create the logical volumes automatically, nor do I
>> partition or create filesystems on them automatically, to lessen
>> the risk of destroying important data.
>>
>
> Good info. I do much the same - logical vols are managed by hand first.
>
> Then initial booting of the domU is handled automatically with notify's to
> some exec{}'s so I don't have to log back in. Like:
>
> exec { "xm_create_${domu_name}":
> command => "/usr/sbin/xm create /etc/xen/auto/${domu_name}",
> unless  => "/usr/sbin/xm list ${domu_name} > /dev/null",
> refreshonly => true,
> }
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Storeconfigs connection pool problem

2010-06-10 Thread Christopher Johnston

I have the same issue as well, seems puppetqd uses sqlite for caching?

On Wed, Jun 9, 2010 at 4:11 PM, Jason Koppe wrote:

> Queuing support from ActiveMQ doesn't even make a difference for me -- I
> thought the purpose of adding the queuing support was to queue the data in
> puppetqd's memory and let that flush out to the database when it could.  I'm
> still seeing this error from the puppetmaster (not puppetqd).
>
> err: could not obtain a database connection within 5 seconds.  The max pool
> size is currently 5; consider increasing it.
>
> Am I misunderstanding how puppetmasterd+puppetqd is supposed to function?
>
>
> On Wed, Jun 9, 2010 at 3:51 AM, Dan Carley  wrote:
>
>> On 9 June 2010 06:09, Jason Koppe  wrote:
>>
>>>  On Fri, Feb 12, 2010 at 12:28 AM, Joe McDonagh <
>>> joseph.e.mcdon...@gmail.com> wrote:
>>>
 Daniel Kerwin wrote:

 > Hi list,
 >
 > i just enabled storeconfigs and cannot use puppetrun on more than 5
 > hosts. When i try 6+ i get the error message:
 >
 > puppetmasterd[16209]: could not obtain a database connection within 5
 > seconds.  The max pool size is currently 5; consider increasing it.
 >
 > My Mysql setup allows a lot more connections (500). Any suggestions?

 Do you have the proper rubygem for mysql installed? I think on
 deb/ubuntu it's something like libmysql-ruby1.8.

>>>
>>> I'm having the same problem with the mysql gem installed and the gem
>>> appears to be in-use
>>>
>>
>> The gem version is a bit of a red herring, so long are using the gem and
>> not Ruby's own connector. As the warning suggests, ActiveRecord's pool
>> option simply needs raising if it's to be put under any strain at all. There
>> is a bug/feature ticket as #2568 [0] which exposes this option to Puppet's
>> configuration. But it's not due to be delivered until 2.6/rowlf.
>>
>> I've been slipstreaming the patch into 0.25 myself because storeconfigs
>> grinds to a halt without it in my environment. Given the simplicity of the
>> diff and that it seems to be affecting a number of people I think it
>> probably warrants being brought forward to 0.25.
>>
>> [0] http://projects.puppetlabs.com/issues/2568
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To post to this group, send email to puppet-us...@googlegroups.com.
>> To unsubscribe from this group, send email to
>> puppet-users+unsubscr...@googlegroups.com
>> .
>> For more options, visit this group at
>> http://groups.google.com/group/puppet-users?hl=en.
>>
>
>
>
> --
> Jason Koppe
> jason.robert.ko...@gmail.com
> Cell (210) 445-8242
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: puppetqd and remote mysql server

2010-06-09 Thread Christopher Johnston

I don't want to use sqllite... puppetqd doesn't leave me much of a choice
since it will default to it even if you tell it to use mysql as your
storedconfig DB since thats needed for the centraldb.  Ultimately I think
puppetqd needs support for keeping a cached copy of various database flavors
(mysql, sqllite, etc).  If mysql was supported for puppetqd then my remote
masters would always have a local cached copy of their stored configs for
the servers they manage and we would be able to eliminate the locking
issue.  They can then asyncronously replicate the data back to the central
DB.

# enables storedconfig support, supposed to speed things up
storeconfigs = true
dbadapter = mysql
dbuser = puppet
dbpassword = puppet
dbserver = centraldb
dbsocket = /var/run/mysqld/mysqld.sock

# use queuing
queue_type = stomp
queue_source = stomp://localhost:61613
async_storeconfigs = true


On Wed, Jun 9, 2010 at 11:57 AM, Ohad Levy  wrote:

> I evaluated this scenario a couple of years ago (before puppetq), and it
> was never a feasible solution due to a. latency (e.g. everything is much
> slower), b. if wan goes down, your master wont work.
>
> One of the reasons that I've developed Foreman, is to overcome this
> problem, the way I do it is:
> - I keep one central database, but don't use it directly with puppet,
> rather import the data i need (e.g. for facts see the import_facts script in
> foreman extras dir)
> - I query the database using puppet functions (e.g. using foreman query
> interface) - providing similar functionality to export / collection with
> storeconfig.
>
> in order to avoid the single point of failure, my function caches the
> output locally, so if the db (foreman) is not reachable, it uses the last
> known cache.
> in any case, sqlite will never really work with many processes trying to
> lock the file (it is a file after all), so you should really evaluate it
> with some other db engine.
>
> hope this helps,
> Ohad
>
> On Wed, Jun 9, 2010 at 11:50 PM, Christopher Johnston 
> wrote:
>
>> I have about a dozen sites with puppet masters in each.  They are
>> geographically located with some slow network links between them.  The setup
>> I was evaluating is to have a centralized stored config server running mysql
>> with all of my remote masters sending their locations data back to the
>> central server.  Now on my fast links remote connectivity is OK if I just
>> point a master right to the database (eliminate puppetqd, etc), albeit still
>> slower then if I were to have it local but I was hoping I could use a
>> stomp+puppetqd to handle caching and asyncronously update my central mysql
>> database.  In my tests this seems to work however it looks like puppetdq is
>> using sqllite to keep a cached copy.  If I have 100 servers and I am doing a
>> mass update  during maintenance window I am seeing timeouts once we hit 5-6
>> servers which is likely sqllite.
>>
>> Perhaps this solution is not the most viable right now?  I am OK with
>> running a local mysql instance instead of sqllite if it is supported but I
>> would like to get all of my stored config data in one location (using facter
>> data, reporting is of great value to us).  This would be useful as we can
>> plugin foreman on top of that database for a central dashboard instead of
>> having dozens of dashboards for each location.
>>
>> -Chris
>>
>>
>> On Tue, Jun 8, 2010 at 2:40 PM, donavan  wrote:
>>
>>>
>>> On Jun 7, 1:00 pm, Christopher Johnston  wrote:
>>> > Think I found the issue from an strace, the rubygems-sqlit3 rpm was
>>> > missing.. still curious on where the logs end up for it though.  The
>>> fact
>>> > that its using sqllite also doesn't help as I think I am running into
>>> > locking issues if I try to run a cross environment update.
>>>
>>>
>>> Chris, were you using sqlite or mysql as the backend store when you
>>> had issues?
>>>
>>> Evaluating remote sites with central storeconfigs is on the todo list
>>> for me. Currently have it working just peachy with mysql, straight
>>> storeconfig no puppetqd.
>>>
>>> --
>>> You received this message because you are subscribed to the Google Groups
>>> "Puppet Users" group.
>>> To post to this group, send email to puppet-us...@googlegroups.com.
>>> To unsubscribe from this group, send email to
>>> puppet-users+unsubscr...@googlegroups.com
>>> .
>>> For more options, visit this group at
>>> http://groups.google.com/group/puppet-users?hl=en.
>>>
>>>
>>  --
&g

Re: [Puppet Users] Re: puppetqd and remote mysql server

2010-06-09 Thread Christopher Johnston

I have about a dozen sites with puppet masters in each.  They are
geographically located with some slow network links between them.  The setup
I was evaluating is to have a centralized stored config server running mysql
with all of my remote masters sending their locations data back to the
central server.  Now on my fast links remote connectivity is OK if I just
point a master right to the database (eliminate puppetqd, etc), albeit still
slower then if I were to have it local but I was hoping I could use a
stomp+puppetqd to handle caching and asyncronously update my central mysql
database.  In my tests this seems to work however it looks like puppetdq is
using sqllite to keep a cached copy.  If I have 100 servers and I am doing a
mass update  during maintenance window I am seeing timeouts once we hit 5-6
servers which is likely sqllite.

Perhaps this solution is not the most viable right now?  I am OK with
running a local mysql instance instead of sqllite if it is supported but I
would like to get all of my stored config data in one location (using facter
data, reporting is of great value to us).  This would be useful as we can
plugin foreman on top of that database for a central dashboard instead of
having dozens of dashboards for each location.

-Chris

On Tue, Jun 8, 2010 at 2:40 PM, donavan  wrote:

>
> On Jun 7, 1:00 pm, Christopher Johnston  wrote:
> > Think I found the issue from an strace, the rubygems-sqlit3 rpm was
> > missing.. still curious on where the logs end up for it though.  The fact
> > that its using sqllite also doesn't help as I think I am running into
> > locking issues if I try to run a cross environment update.
>
>
> Chris, were you using sqlite or mysql as the backend store when you
> had issues?
>
> Evaluating remote sites with central storeconfigs is on the todo list
> for me. Currently have it working just peachy with mysql, straight
> storeconfig no puppetqd.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: puppetqd and remote mysql server

2010-06-07 Thread Christopher Johnston

Think I found the issue from an strace, the rubygems-sqlit3 rpm was
missing.. still curious on where the logs end up for it though.  The fact
that its using sqllite also doesn't help as I think I am running into
locking issues if I try to run a cross environment update.

How to deal with sqllite locking as well as I see this quite a bit if I am
using puppetqd/mysql combination or a local sqlite setup (without the
queing).

Got 1 failure(s) while initializing: change from 664 to 660 failed: failed
to chmod /var/lib/puppet/state/clientconfigs.sqlite3: Operation not
permitted - /var/lib/puppet/state/clientconfigs.sqlite3

On Mon, Jun 7, 2010 at 3:22 PM, Christopher Johnston wrote:

> Has anyone been using this in production to store facts remotely in a
> distributed environment?  I have been testing it in my lab where latency and
> bandwith to a remote mysql server is very good so it works well.  But if I
> attempt to use it across a wan with ~150ms puppetqd seems to die.  If I
> don't have it running the stompserver/activemq looks to be in the path but
> trying to debug why puppetqd would fail.
>
> Also where is it logging?  I don't see anything for it in /var/log/messages
> or with apache..
>
>
>
> -Chris
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] puppetqd and remote mysql server

2010-06-07 Thread Christopher Johnston

Has anyone been using this in production to store facts remotely in a
distributed environment?  I have been testing it in my lab where latency and
bandwith to a remote mysql server is very good so it works well.  But if I
attempt to use it across a wan with ~150ms puppetqd seems to die.  If I
don't have it running the stompserver/activemq looks to be in the path but
trying to debug why puppetqd would fail.

Also where is it logging?  I don't see anything for it in /var/log/messages
or with apache..



-Chris

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] augeas type and /etc/services

2010-06-04 Thread Christopher Johnston

Yup, I am on the latest and greatest as well as an attempted git checkout of
ruby-augeas, still no good.  Also on the latest .25.5 stable of puppet.

ruby-augeas-0.3.0-1.fc10.x86_64
augeas-0.7.1-1.fc10.x86_64
augeas-libs-0.7.1-1.fc10.x86_64


On Fri, Jun 4, 2010 at 1:16 PM, Rob McBroom wrote:

> On Jun 4, 2010, at 1:03 PM, Christopher Johnston wrote:
>
> > I tested the new version from the CLI, I noticed it is quite different
> and more powerful features.  But I wonder if puppet has caught to support
> them in the augeas provider.  If I set this below it fails and either
> operation.
>
> Be sure to update augeas-libs and ruby-augeas too. (Those are the names of
> the packages from EPEL. You may have them under different names.) Puppet
> doesn't use `augtool`.
>
> --
> Rob McBroom
> <http://www.skurfer.com/>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] augeas type and /etc/services

2010-06-04 Thread Christopher Johnston

I tested the new version from the CLI, I noticed it is quite different and
more powerful features.  But I wonder if puppet has caught to support them
in the augeas provider.  If I set this below it fails and either operation.


changes => ["set service-name[port = '7302'][protocol = 'tcp']/port
7302",

or

changes => ["set service-name[port = '7302' and protocol = 'tcp']/port
7302",

On Fri, Jun 4, 2010 at 12:58 PM, Rob McBroom wrote:

> On Jun 4, 2010, at 11:55 AM, Christopher Johnston wrote:
>
> > What version of augeas are you using?  I am on 0.5.3 I don't think
> support has been added to do some of that functionality I am going to
> upgrade
>
> 0.7.0
>
> --
> Rob McBroom
> <http://www.skurfer.com/>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] augeas type and /etc/services

2010-06-04 Thread Christopher Johnston

What version of augeas are you using?  I am on 0.5.3 I don't think support
has been added to do some of that functionality I am going to upgrade

On Fri, Jun 4, 2010 at 10:33 AM, Rob McBroom wrote:

> On Jun 4, 2010, at 10:20 AM, Christopher Johnston wrote:
>
> > I tried using the "alias" option as an identifier, but have not been
> succesful with it.  I will play that a little bit more as I think that may
> be the only way to do it that I know of.
>
> It looks like you can use the port/protocol combination. At least it works
> for printing. I haven't tested it to create a new entry.
>
>augtool> print /files/etc/services/service-name[port = '443'][protocol =
> 'tcp']
>/files/etc/services/service-name[161] = "https"
>/files/etc/services/service-name[161]/port = "443"
>/files/etc/services/service-name[161]/protocol = "tcp"
>/files/etc/services/service-name[161]/#comment = "MCom"
>
> --
> Rob McBroom
> <http://www.skurfer.com/>
>
> Don't try to tell me something is important to you if the whole of your
> “support” entails getting Congress to force *others* to spend time and money
> on it.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] augeas type and /etc/services

2010-06-04 Thread Christopher Johnston

Let me give this a whirl will let you know how I make out

On Fri, Jun 4, 2010 at 10:42 AM, Rob McBroom wrote:

> These types of paths seem to match the correct thing as well:
>
>/files/etc/services/service-name[port = '443' and protocol = 'tcp']
>/files/etc/services/*[port = '443' and protocol = 'tcp']
>
> Maybe you should just take a look at <
> http://augeas.net/page/Path_expressions>.
>
> --
> Rob McBroom
> 
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] augeas type and /etc/services

2010-06-04 Thread Christopher Johnston

I tried using the "alias" option as an identifier, but have not been
succesful with it.  I will play that a little bit more as I think that may
be the only way to do it that I know of.

On Thu, Jun 3, 2010 at 10:55 PM, Rob McBroom wrote:

> On Jun 3, 2010, at 3:05 PM, Christopher Johnston wrote:
>
> > You know what the problem was, my ordering.  I had app_tcp first and not
> port 1002 so thats likely why it was not getting picked up.  Worked, but hit
> another snag.  Now try adding another app name, same port but for udp, it
> will just get overwritten.
>
> I addressed both of those things in my initial reply.
>
> On the order of `set` statements:
>
> > Setting the “name” doesn't seem to work until after the thing exists,
> which is why it appears second on the list.
>
> On adding both TCP and UDP entries:
>
> > So, if you can find something that makes an item unique, you can use that
> to specify a path.
>
> If two entries are using the same port number, that obviously won't work as
> a unique identifier. You could maybe use a unique comment on each one, but
> there seems to be that bug where no space appears between protocol and
> comment. Perhaps there's a way to specify a path using more than one
> component. A combination of port and protocol should be unique, for example.
>
> --
> Rob McBroom
> <http://www.skurfer.com/>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] augeas type and /etc/services

2010-06-03 Thread Christopher Johnston

HA, yes I added commas.  You know what the problem was, my ordering.  I had
app_tcp first and not port 1002 so thats likely why it was not getting
picked up.  Worked, but hit another snag.  Now try adding another app name,
same port but for udp, it will just get overwritten.

-Chris


On Thu, Jun 3, 2010 at 2:40 PM, Rob McBroom wrote:

> You had to make me actually try it in Puppet, huh? ;)
>
> My original example was missing commas after the various set statements.
> Not sure if you fixed that. It also specified the full path, even though the
> context should have taken care of most of it. That didn't seem to hurt, but
> to be safe, I took it out. I'm also using 0.25.4 and this worked:
>
>augeas { 'app_tcp':
>  context => '/files/etc/services',
>  changes => [
> "set service-name[port = '1002']/port 1002",
>"set service-name[port = '1002'] app_tcp",
>"set service-name[port = '1002']/protocol tcp",
># "set service-name[port = '1002']/#comment foo",
>  ],
>}
>
> I disabled the comment because the line ended up looking like this:
>
>app_tcp 1002/tcp# foo
>
> But that's probably a bug in the Agueas lens, not Puppet.
>
> --
> Rob McBroom
> 
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] augeas type and /etc/services

2010-06-03 Thread Christopher Johnston

I am on 25.4...

On Thu, Jun 3, 2010 at 1:59 PM, Rob McBroom wrote:

> On Jun 3, 2010, at 1:40 PM, Christopher Johnston wrote:
>
> > Now if I single quote the port number in the [] I get another error..
> which likely means using the '' is not correct.
> >
> > err: //Augeas[cti-p01-dgw_tcp]/returns: change from need_to_run to 0
> failed: Save failed with return code false
>
> Ah, then I suspect you're using 0.24.x.
>
> http://projects.reductivelabs.com/issues/2141
>
> I wouldn't even bother with Augeas until you go to 0.25.x where this bug
> was fixed.
>
> --
> Rob McBroom
> <http://www.skurfer.com/>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] augeas type and /etc/services

2010-06-03 Thread Christopher Johnston

I tried mixing/matching quotes, if I double quote just the set statement and
quote nothing else it goes through but nothing gets changed.

for eg: "set service-name[port = 7302]/port 7302",

"debug: Augeas[cti-p01-dgw_udp](provider=augeas): Skipping becuase no files
were changed"

Now if I single quote the port number in the [] I get another error.. which
likely means using the '' is not correct.

err: //Augeas[cti-p01-dgw_tcp]/returns: change from need_to_run to 0 failed:
Save failed with return code false

Getting closer...

On Thu, Jun 3, 2010 at 12:57 PM, Rob McBroom wrote:

> On Jun 3, 2010, at 12:04 PM, Christopher Johnston wrote:
>
> > # puppet -ddd foo1.pp
> > Could not parse for environment production: Syntax error at 'set
> /files/etc/services/service-name[port = '1002'] app_tcp'; expected ']' at
> /data/foo1.pp:5
>
> It looks like you're trying to use single-quotes (for the port number)
> inside of single-quotes (for the entire set statement). You'll have to use
> double-quotes in one place or the other, or escaping the inner single-quotes
> might also work.
>
> I tested it using `augtool`, so it works. It's just a matter of translating
> it and quoting it correctly for Puppet.
>
> --
> Rob McBroom
> <http://www.skurfer.com/>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] augeas type and /etc/services

2010-06-03 Thread Christopher Johnston

Duh sorry I added commas for the array... stil the same error.  I dont think
that will work since the entries in the services file are usually like this:

augtool> print /files/etc/services/service-name[1]
/files/etc/services/service-name[1] = "tcpmux"
/files/etc/services/service-name[1]/port = "1"
/files/etc/services/service-name[1]/protocol = "tcp"
/files/etc/services/service-name[1]/#comment = "TCP port service
multiplexer"

So for the heck of it I replaced the [port = 1002] with something like
01 and that just ended up replacing the first entry in the file (by
removing it).  So still not the behavior I am looking for.  I should be able
to append to the bottom of the file but have onlyif() sort through the
entire file and verify a match.

Any other ideas?



On Thu, Jun 3, 2010 at 12:04 PM, Christopher Johnston wrote:

> # puppet -ddd foo1.pp
> Could not parse for environment production: Syntax error at 'set
> /files/etc/services/service-name[port = '1002'] app_tcp'; expected ']' at
> /data/foo1.pp:5
>
>
> I don't believe that works...
>
> On Wed, Jun 2, 2010 at 10:59 PM, Rob McBroom wrote:
>
>> On Jun 2, 2010, at 4:03 PM, Christopher Johnston wrote:
>>
>> > Has anyone attempted to use the augeas type to add a service?  I got the
>> service to add no problem, but having some difficulties to get the match to
>> work to prevent duplicate entries from adding.  Since the service-name[*]
>> has endless number of entries I used a glob so it checks all the entries but
>> that does not seem to work.  Any ideas on how to proceed?
>> >
>> >   augeas { app_tcp':
>> > context => '/files/etc/services',
>> > changes => ['insert service-name after service-name[last()]',
>> > 'set service-name[last()] app_tcp',
>> > 'set service-name[last()]/port 1002',
>> > 'set service-name[last()]/protocol tcp'],
>> > onlyif  => "match service-name[.*] != '[port = 1002][protocol =
>> tcp]'"
>> >   }
>>
>> I'm no expert, but I've messed with Augeas a bit and you can make it
>> harder than it needs to be without even trying. I haven't done anything in
>> `/etc/services`, but I had a similar issue with `sudoers`. A trick to keep
>> in mind is that if you set something on a path that doesn't exist, Augeas
>> will create it. So, if you can find something that makes an item unique, you
>> can use that to specify a path. In this case, the port number will probably
>> work.
>>
>>augeas { 'app_tcp':
>>  context => '/files/etc/services',
>>  changes => [
>> "set /files/etc/services/service-name[port = '1002']/port 1002"
>>"set /files/etc/services/service-name[port = '1002'] app_tcp"
>>"set /files/etc/services/service-name[port = '1002']/protocol tcp"
>>"set /files/etc/services/service-name[port = '1002']/#comment foo"
>>  ],
>>}
>>
>> This should create the line in `/etc/services` if it doesn't exist, but if
>> it does exist and nothing has changed, Puppet won't do anything to the line
>> (which is generally what you want). Setting the “name” doesn't seem to work
>> until after the thing exists, which is why it appears second on the list.
>>
>> --
>> Rob McBroom
>> <http://www.skurfer.com/>
>>
>> It's not that I think guns, drugs, prostitution, swimming, eating and
>> reading should be legal. It's just that no one on Earth has the authority to
>> make them illegal.
>>
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To post to this group, send email to puppet-us...@googlegroups.com.
>> To unsubscribe from this group, send email to
>> puppet-users+unsubscr...@googlegroups.com
>> .
>> For more options, visit this group at
>> http://groups.google.com/group/puppet-users?hl=en.
>>
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] augeas type and /etc/services

2010-06-03 Thread Christopher Johnston

# puppet -ddd foo1.pp
Could not parse for environment production: Syntax error at 'set
/files/etc/services/service-name[port = '1002'] app_tcp'; expected ']' at
/data/foo1.pp:5


I don't believe that works...

On Wed, Jun 2, 2010 at 10:59 PM, Rob McBroom wrote:

> On Jun 2, 2010, at 4:03 PM, Christopher Johnston wrote:
>
> > Has anyone attempted to use the augeas type to add a service?  I got the
> service to add no problem, but having some difficulties to get the match to
> work to prevent duplicate entries from adding.  Since the service-name[*]
> has endless number of entries I used a glob so it checks all the entries but
> that does not seem to work.  Any ideas on how to proceed?
> >
> >   augeas { app_tcp':
> > context => '/files/etc/services',
> > changes => ['insert service-name after service-name[last()]',
> > 'set service-name[last()] app_tcp',
> > 'set service-name[last()]/port 1002',
> > 'set service-name[last()]/protocol tcp'],
> > onlyif  => "match service-name[.*] != '[port = 1002][protocol =
> tcp]'"
> >   }
>
> I'm no expert, but I've messed with Augeas a bit and you can make it harder
> than it needs to be without even trying. I haven't done anything in
> `/etc/services`, but I had a similar issue with `sudoers`. A trick to keep
> in mind is that if you set something on a path that doesn't exist, Augeas
> will create it. So, if you can find something that makes an item unique, you
> can use that to specify a path. In this case, the port number will probably
> work.
>
>augeas { 'app_tcp':
>  context => '/files/etc/services',
>  changes => [
> "set /files/etc/services/service-name[port = '1002']/port 1002"
>"set /files/etc/services/service-name[port = '1002'] app_tcp"
>"set /files/etc/services/service-name[port = '1002']/protocol tcp"
>"set /files/etc/services/service-name[port = '1002']/#comment foo"
>  ],
>}
>
> This should create the line in `/etc/services` if it doesn't exist, but if
> it does exist and nothing has changed, Puppet won't do anything to the line
> (which is generally what you want). Setting the “name” doesn't seem to work
> until after the thing exists, which is why it appears second on the list.
>
> --
> Rob McBroom
> <http://www.skurfer.com/>
>
> It's not that I think guns, drugs, prostitution, swimming, eating and
> reading should be legal. It's just that no one on Earth has the authority to
> make them illegal.
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] augeas type and /etc/services

2010-06-02 Thread Christopher Johnston

Has anyone attempted to use the augeas type to add a service?  I got the
service to add no problem, but having some difficulties to get the match to
work to prevent duplicate entries from adding.  Since the service-name[*]
has endless number of entries I used a glob so it checks all the entries but
that does not seem to work.  Any ideas on how to proceed?

  augeas { app_tcp':
context => '/files/etc/services',
changes => ['insert service-name after service-name[last()]',
'set service-name[last()] app_tcp',
'set service-name[last()]/port 1002',
'set service-name[last()]/protocol tcp'],
onlyif  => "match service-name[.*] != '[port = 1002][protocol = tcp]'"
  }

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Six Puppet Questions

2010-05-19 Thread Christopher Johnston

Yup certname = puppet on both masters (primary/secondary).  Yea if you are
setting up a fresh server I usually clear all the pem files under
/var/lib/puppet/ssl then restart puppetmasterd so it generated a fresh new
cert.  I then rsync the tree over to the secondary.

I have most of this in a dumb script, but hopefully you get the idea.

For your fileserver question.. I don't believe thats needed, at least I dont
have anything in there for that. I only have [configs] [plugins] [facts].

I think the new version of 25+ now uses auth.conf for access the certificate
directories.

-Chris

On Wed, May 19, 2010 at 12:30 PM, Matt Juszczak  wrote:

> Makes sense.
>
> So that's just a certname setting inside the [puppetmasterd] config section
> of /etc/puppet.conf on the master, correct?  But that needs to be set as
> puppet before the puppetmaster is started and any certificates are signed.
>
> Keeping on this same subject, perhaps you can answer the fileserver.conf
> question as well - if a node does not have a signed cert, can it still
> access the fileserver, regardless of the allow/deny rules inside
> fileserver.conf?
>
> -Matt
>
>
> On Wed, 19 May 2010, Christopher Johnston wrote:
>
>  The masters would get certname = puppet, so the cert filename would end up
>> being puppet.pem.  You can then create a DNS
>> entry for the VIP called puppet...  You just have to copy
>> that cert to the secondary nodes as well as
>> keeping the client certs in sync so when a failover happens you have the
>> client certs on the failover node.
>>
>> -Chris
>>
>> On Wed, May 19, 2010 at 11:45 AM, Matt Juszczak  wrote:
>>* keepalived to carry the vip
>>* certname = puppet
>>* copy the cert from the primary to the secondary
>>* use a tool to keep /var/lib/puppet/ssl sync'd between the
>> nodes (cron? rsnapshot?)
>>
>>Might have to get a little creative.. I think you can also do a
>> common CA, but that wasn't a
>>requirement for my
>>environment.
>>
>>
>> So I assume you're only talking about certname = puppet on the master,
>> correct?  The clients would still generate
>> hostname based certs?
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To post to this group, send email to puppet-us...@googlegroups.com.
>> To unsubscribe from this group, send email to
>> puppet-users+unsubscr...@googlegroups.com
>> .
>> For more options, visit this group at
>> http://groups.google.com/group/puppet-users?hl=en.
>>
>>
>> --
>>
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To post to this group, send email to puppet-us...@googlegroups.com.
>> To unsubscribe from this group, send email to
>> puppet-users+unsubscr...@googlegroups.com
>> .
>> For more options, visit this group at
>> http://groups.google.com/group/puppet-users?hl=en.
>>
>>
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Six Puppet Questions

2010-05-19 Thread Christopher Johnston

The masters would get certname = puppet, so the cert filename would end up
being puppet.pem.  You can then create a DNS entry for the VIP called
puppet...  You just have to copy that cert to the secondary
nodes as well as keeping the client certs in sync so when a failover happens
you have the client certs on the failover node.

-Chris

On Wed, May 19, 2010 at 11:45 AM, Matt Juszczak  wrote:

> * keepalived to carry the vip
>> * certname = puppet
>> * copy the cert from the primary to the secondary
>> * use a tool to keep /var/lib/puppet/ssl sync'd between the nodes (cron?
>> rsnapshot?)
>>
>> Might have to get a little creative.. I think you can also do a common CA,
>> but that wasn't a requirement for my
>> environment.
>>
>
> So I assume you're only talking about certname = puppet on the master,
> correct?  The clients would still generate hostname based certs?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Six Puppet Questions

2010-05-19 Thread Christopher Johnston

"4) Failover: What are people doing these days for puppet failover?  My gut
says to keep the configs in SVN, and always have another host on stand by.
However, there's an issue with that: the puppet nodes wouldn't be able to
just be re-pointed, because the client SSL certificates would be validated
by the failover server (and therefore, there would be certificate validation
errors)."

* keepalived to carry the vip
* certname = puppet
* copy the cert from the primary to the secondary
* use a tool to keep /var/lib/puppet/ssl sync'd between the nodes (cron?
rsnapshot?)

Might have to get a little creative.. I think you can also do a common CA,
but that wasn't a requirement for my environment.

-Chris

On Wed, May 19, 2010 at 11:22 AM, Dean Wilson wrote:

> On Wed, May 19, 2010 at 11:14:41AM -0400, Matt Juszczak wrote:
> > That makes sense, but do you then manage your puppetmaster via puppet as
> > a normal client from then on?  It would make me nervous.
>
> I do. Although rather than use environments we have a number of different
> puppetmasters, one per location (which is a logical collection of
> servers for us) and puppet changes get pushed from staging to live in
> the same way as everything else does in our workflow. But with even more
> scrutiny ;)
>
> In theory that catches any puppet issues in my personal dev environment or
> early staging and way before they could break production. Anything that
> slips through is my own fault for not testing it enough.
>
>  Dean
> --
> Dean Wilson http://www.unixdaemon.net
> Profanity is the one language all programmers understand
>  --- Anon
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] autosigning - restart required?

2010-05-19 Thread Christopher Johnston

Doesn't seem to be consistent... Have tried this on a few of my masters and
it works sometimes, and sometimes not.,..

On Wed, May 19, 2010 at 9:18 AM, Ohad Levy  wrote:

> not required :)
>
> On Wed, May 19, 2010 at 9:07 PM, Christopher Johnston 
> wrote:
>
>> Is a restart of puppet required for autosgining to take effect?  I have
>> added a dozen or so new host entries and they don;t seem to take effect
>> unless I restart puppet (in this case I am using passenger so makes it a bit
>> difficult).  Seems this is a bug of some sort.
>>
>> -Chris
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To post to this group, send email to puppet-us...@googlegroups.com.
>> To unsubscribe from this group, send email to
>> puppet-users+unsubscr...@googlegroups.com
>> .
>> For more options, visit this group at
>> http://groups.google.com/group/puppet-users?hl=en.
>>
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] autosigning - restart required?

2010-05-19 Thread Christopher Johnston

Is a restart of puppet required for autosgining to take effect?  I have
added a dozen or so new host entries and they don;t seem to take effect
unless I restart puppet (in this case I am using passenger so makes it a bit
difficult).  Seems this is a bug of some sort.

-Chris

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] puppet for switches

2010-05-05 Thread Christopher Johnston

That would be very cool indeed, manifests would get quite big though  
in really large environments (think 100k end points).  Juniper and  
Cisco support would be great.


Sent from my iPhone

On May 5, 2010, at 4:15 AM, Nicolas Szalay  wrote:


- "Geoff Crompton"  a écrit :

| This might be a crazy idea, but it just popped into my head, and I
| wanted to know if it's possible. Perhaps not possible right now, but
| possible in a theoretical sense.
|
| Is it possible that puppet could be modified to be used to manage
| switches that have a command line based interface?
|
| When I manage our Allied Telesis switches (which have a CLI similar
| to
| cisco IOS) I wonder if I could control it via a puppet-like node:
|
| node 'switch-101' {
|vlan { storage:
|  id => 1234,
|  untagged_ports => "3/e1, 4/e3",
|  tagged_ports => "1/e1-2/e48",
|}
|include gvrp
|include stp::rstp
|stp::portfast { "1/e1-e48,2/e1-48",3/e1-48": }
| }
|
|
| Now I know we probably can't get puppet to run on the switch, but we
| can
| get a host to ssh or telnet to the switch, and to download the
| current
| configuration of the switch.

Funny, Brice and I had talked about this a while ago :) Obviously  
you could use a host as "proxy" to get facts and then decide what  
hooks to run. I (re)wrote a little ruby lib [1] thinking about this,  
still need some work btw


--
You received this message because you are subscribed to the Google  
Groups "Puppet Users" group.

To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com 
.
For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en 
.




--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] best way to disable a class

2010-05-03 Thread Christopher Johnston

I figured it out I think by inheriting package::stable and then using the
Package resource (note cap P) to override it.

Thx!

On Mon, May 3, 2010 at 7:04 PM, Russ Allbery  wrote:

> Christopher Johnston  writes:
>
> > Say I have two classes:
>
> > package::stable  -- installs a specific version of a pkg
> > package::devel   -- installs the latest version in the repo
>
> > The class package::stable would be specific for 90% of my machines in my
> > environment, but on occasion we have to override the package version we
> want
> > to install to grab the latest version.  Is there a way to "disable" the
> > package::stable class if say package::devel is assigned to a node?
>
> I may be misunderstanding, but it sounds like package::devel should be
> inheriting from package::stable and overriding the ensure type (to latest
> instead of present).  If you do that, you don't need to disable
> package::stable.
>
> --
> Russ Allbery (r...@stanford.edu) <http://www.eyrie.org/~eagle/>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] best way to disable a class

2010-05-03 Thread Christopher Johnston

Say I have two classes:

package::stable  -- installs a specific version of a pkg
package::devel   -- installs the latest version in the repo

The class package::stable would be specific for 90% of my machines in my
environment, but on occasion we have to override the package version we want
to install to grab the latest version.  Is there a way to "disable" the
package::stable class if say package::devel is assigned to a node?

-Chris

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Replacing a puppet server

2010-04-14 Thread Christopher Johnston

Can you describe how to set this up?


On Wed, Mar 31, 2010 at 11:23 AM, Ohad Levy  wrote:

> LOhit,
>
> The main two things to take into account are:
>
>1. keep your manifests elsewhere, IMHO puppetmasters always gets RO
>copy of your puppet data (e.g. from a VCS).
>2. Solve the SSL hell, then everything is simple.
>
> I've been using in my setup (with approx 15 productive puppetmasters and
> about 20 development puppetmasters) a chained CA.
>
> What it means is that you have one puppet master, which signs other puppet
> masters.
> in turn, the masters sign the clients, and as they are trusting each other,
> you can connect from any server (or client) to any other server without SSL
> errors.
>
> the top level CA can be shut down (even better to keep the SSL data some
> where offline) and use it only when you need to sign a new puppet master.
>
> I find this way relatively clean, and nothing usually happens if i end up
> blowing up a puppet master or killing its certificate (as currently 025.4 is
> doing but its already fixed for 025.5).
>
> Ohad
>
>
> On Wed, Mar 31, 2010 at 6:52 PM, LOhit  wrote:
>
>> Hi,
>>
>> Since puppet doesn't have HA/fail over capabilities as of now. How does
>> one mitigate a puppet master failure( Ex. Hardware). When you replace the
>> server and configure the Puppet masterd, the clients may no longer be able
>> to communicate with the server, since the server's SSL certificates would
>> have changed.
>>
>> BTW, I am using puppet to manage about 700+ hosts, I am beginning to worry
>> about the scenario as mentioned above. I definitely don't want to login to
>> each host to clear the "ssl" directory to make it request new certificate.
>>
>> Thanks,
>> --
>> LOhit
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To post to this group, send email to puppet-us...@googlegroups.com.
>> To unsubscribe from this group, send email to
>> puppet-users+unsubscr...@googlegroups.com
>> .
>> For more options, visit this group at
>> http://groups.google.com/group/puppet-users?hl=en.
>>
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet high-availability

2010-04-14 Thread Christopher Johnston

I have two servers in every site that are dedicated for infrastructure
servers, but they run in active/passive state with a VIP IP that floats
between the two of them.  That IP is used for DNS, Cobbler, Puppet, ftp,
http, etc etc.  What I would like is to have SSL certs work between the two
nodes but obviously only use the floating VIP.  I am not 100% sure on how to
accomplish this, as well doing it an automated fashion.

I read the puppet scalibility setup on the wiki, assuming thats a chained
certificate setup?

On Wed, Apr 14, 2010 at 10:34 AM, Michael DeHaan wrote:

> It would do for active/passive though.How about setting up an
> alias for ca that moved when the ca wasn't accessible (using
> --certname), and load balance the puppet serving parts since there's
> no race issues there.
>
> --Michael
>
>
>
> On Wed, Apr 14, 2010 at 10:06 AM, David Schmitt  wrote:
> > On 4/14/2010 3:42 PM, Michael DeHaan wrote:
> >>
> >> On Tue, Apr 13, 2010 at 7:39 PM, Christopher Johnston
> >>   wrote:
> >>>
> >>> How to deal with ssl certs, I have a similar situation where I have two
> >>> puppetmasters per site and I would like  to see them both handle
> serving
> >>> puppet data at anytime from a VIP (primary/failover) type of operation.
> >>>
> >>
> >> How about shared storage for the SSL dir?
> >
> > Would that be race-free with regards to updating the serial number and
> > stuff?
> >
> >
> > Best Regards, David
> > --
> > dasz.at OG  Tel: +43 (0)664 2602670 Web: http://dasz.at
> > Klosterneuburg UID: ATU64260999
> >
> >   FB-Nr.: FN 309285 g  FB-Gericht: LG Korneuburg
> >
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Puppet Users" group.
> > To post to this group, send email to puppet-us...@googlegroups.com.
> > To unsubscribe from this group, send email to
> > puppet-users+unsubscr...@googlegroups.com
> .
> > For more options, visit this group at
> > http://groups.google.com/group/puppet-users?hl=en.
> >
> >
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet high-availability

2010-04-14 Thread Christopher Johnston

The environments that I am dealing with are very stripped down and self
contained (no NFS or shared storage to attach to).  I have considered using
rsnapshot to keep the certificates in sync.  I am going to look for the
email that Ohad mentions from lohit on how to deal with certificates.

-Chris

On Wed, Apr 14, 2010 at 9:42 AM, Michael DeHaan wrote:

> On Tue, Apr 13, 2010 at 7:39 PM, Christopher Johnston
>  wrote:
> > How to deal with ssl certs, I have a similar situation where I have two
> > puppetmasters per site and I would like  to see them both handle serving
> > puppet data at anytime from a VIP (primary/failover) type of operation.
> >
>
> How about shared storage for the SSL dir?
>
> --Michael
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet high-availability

2010-04-13 Thread Christopher Johnston

How to deal with ssl certs, I have a similar situation where I have  
two puppetmasters per site and I would like  to see them both handle  
serving puppet data at anytime from a VIP (primary/failover) type of  
operation.


Sent from my iPhone

On Apr 13, 2010, at 7:26 PM, Patrick  wrote:



On Apr 13, 2010, at 3:26 PM, SyRenity wrote:


Hi.

I asked this question in past on this list, and now working to set it
running.

My idea is to have 2 Puppet servers, who are also the DNS servers.
Each one would have itself as the puppet hostname.
Both of the servers will pull the manifests from external git repo.


I've heard of people using one DNS server and then telling the DNS  
server to do whatever magic is needed to make both puppet servers as  
part of a pool.  That will also give you a performance boost.


--
You received this message because you are subscribed to the Google  
Groups "Puppet Users" group.

To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com 
.
For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en 
.




--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] dependencies

2010-04-08 Thread Christopher Johnston

What is the best way to map out all my depencies (is there a way to chart
them somehow?)  I am finding no matter how many places I put notifies,
requires, etc.  I still end up having to two 2-3 runs of puppet.  Very
frustrating.

On Thu, Mar 18, 2010 at 11:57 AM, Nigel Kersten  wrote:

> On Thu, Mar 18, 2010 at 8:49 AM, Christopher Johnston
>  wrote:
> > Yup the yum manifest sets up my configuration files for the various repos
> > (ie, we have a development repos for our lab that only goes on lab
> systems
> > and production hosts the production repo).
> >
> > Package { require => Class["yum::base"] }
> >
> > I guess I could put that in every manifest at the top that is doing
> package
> > installs.  Is there one place I could put this so it applies to ALL
> modules,
> > perhaps site.pp?
>
> Yep. Either put it in site.pp (although you may want to match
> $operatingsystem or something) or some parent class that includes your
> other classes.
>
> Our site.pp looks like:
>
> node default { include base }
>
> and our base module/class includes all the other ones, so we set it in
> modules/base/manifests/init.pp
>
> (actually we set it in class base::debian and base::mac and
> base::solaris for our different platforms)
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] File Size

2010-04-07 Thread Christopher Johnston

Nfs is not always feasible in controlled environments.  I run kernels  
with the nfs stack completely removed to cut out kernel bloat (for  
size).


Rsync integration into puppet directly would be attractive and very  
useful.


Sent from my iPhone

On Apr 7, 2010, at 8:07 PM, Michael DeHaan   
wrote:



On Wed, Apr 7, 2010 at 1:38 PM, Patrick  wrote:
I second this.  Puppet will load the whole file into ram, and  
puppet never deallocates memory.  It's almost always better to move  
big files by putting them into a package or using an "Exec" type  
with "creates."





Just to be clear, the deallocation beyond a threshold is largely a
present-version-of Ruby limitation.   That isn't to say there aren't
some other things we can do to make fileserving better -- such as the
streaming improvements in the next release (this should help a fair
amount!)

As I just mentioned one of them on the list, there are a couple
alternatives to fileserving you can look at now if you want to
transfer content.

One (not so suitable for binary content) is something like
http://github.com/reductivelabs/puppet-vcsrepo using source control.

Another recommended approach, and really it's the right thing to do in
many cases, are read only NFS mounts with copies sourcing of those
locations.   You could also, if you really wanted, use an Exec+rsync,
though I'd go the NFS (or samba, etc) approach first.

Fileserving is definitely something you'd continue to want to do with
templates and such, but not so much for app deployment.

Moving forward, I think you'll see more support and features around
alternative ways to deploy files, such as vcsrepo.   If there's
another use case around this that I'm missing, where NFS or source
control won't work, let me know.

--Michael


On Apr 7, 2010, at 10:21 AM, Daniel Kerwin wrote:


Not sure about a limit but puppet isn't very good at transfering
really big files. This may lead to memory problems afaik



--
You received this message because you are subscribed to the Google  
Groups "Puppet Users" group.

To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com 
.
For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en 
.




--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: pluginsync in 0.25

2010-04-01 Thread Christopher Johnston

Maybe I sent this without fully testing, looks like plugins are now per
module?  I created the directory plugiins under one of my modules and I dont
see the error anymore.  Behaviour doesnt seem 100% correct (I am on .25.4)

-Chris

On Thu, Apr 1, 2010 at 4:44 PM, Christopher Johnston wrote:

> Seeing an error that I didn't get in .24 since my recent upgrade today.  I
> have pluginsync set to true, my fileserver conf is pointing to
> /etc/puppet/plugins and my config file is using the default pluginsource of
> puppet://puppet/plugins yet the client fails saying it can't find it.  Did
> the behaviour change in .25 from .24?
>
> [puppetd]
> pluginsync  = true
> pluginsource= puppet://puppet/plugins
>
> [plugins]
>   path /etc/puppet/plugins
>   allow domain.com
>
> err: /File[/var/lib/puppet/lib]: Failed to retrieve current state of
> resource: Could not retrieve information from source(s)
> puppet://puppet/plugins
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] pluginsync in 0.25

2010-04-01 Thread Christopher Johnston

Seeing an error that I didn't get in .24 since my recent upgrade today.  I
have pluginsync set to true, my fileserver conf is pointing to
/etc/puppet/plugins and my config file is using the default pluginsource of
puppet://puppet/plugins yet the client fails saying it can't find it.  Did
the behaviour change in .25 from .24?

[puppetd]
pluginsync  = true
pluginsource= puppet://puppet/plugins

[plugins]
  path /etc/puppet/plugins
  allow domain.com

err: /File[/var/lib/puppet/lib]: Failed to retrieve current state of
resource: Could not retrieve information from source(s)
puppet://puppet/plugins

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] preferred serialization format

2010-04-01 Thread Christopher Johnston

Which is the preferred serialization format with puppet .25?  I have read
that marshal can be the fastest, curious.

-Chris

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] "Failed to retrieve current state of resource" messages

2010-03-23 Thread Christopher Johnston


Are you using webrick, mongrel, or passenger?

Sent from my iPhone

On Mar 23, 2010, at 5:32 PM, Kent Rankin  wrote:


I've sent one in for this... we're running the client every 30 minutes
via cron, and we probably get ten reports a day (per node) just like
this one.  It started once we went from EPEL's v0.24 to v0.25.  I've
sent one message like this to the group, but didn't get a response.

Tue Mar 23 12:06:43 -0400 2010 ///File[/etc/init.d/] (err):
Failed to retrieve current state of resource: end of file reached
Could not retrieve file metadata for puppet:///modules//: end
of file reached at /etc/puppet/modules//manifests/init.pp:45

The stanza that it's referencing is:

 file { "/etc/init.d/":
   owner   => root,
   group   => root,
   mode=> 700,
   source  => "puppet:///modules//",
 }

Any ideas?

Thanks for the help.

--  
You received this message because you are subscribed to the Google  
Groups "Puppet Users" group.

To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com 
.
For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en 
.




--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: reporting error

2010-03-18 Thread Christopher Johnston

Nevermind, I had a config error its "report = true" and not "reports =
true".

-Chris

On Thu, Mar 18, 2010 at 4:03 PM, Christopher Johnston wrote:

> I enabled reports on my puppetmaster and client.  I am getting the
> following error when ever I run pupetd --test.I am using v 0.24.8 on
> both the client and the server.
>
> err: Reporting failed: private method `gsub' called for true:TrueClass
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] reporting error

2010-03-18 Thread Christopher Johnston

I enabled reports on my puppetmaster and client.  I am getting the following
error when ever I run pupetd --test.I am using v 0.24.8 on both the
client and the server.

err: Reporting failed: private method `gsub' called for true:TrueClass

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] subscribe require

2010-03-18 Thread Christopher Johnston

This answered all my questions, thx!  Should hopefully clean up my manifests
a bit those execs were overkill.

On Thu, Mar 18, 2010 at 11:51 AM, Michael DeHaan
wrote:

> On Thu, Mar 18, 2010 at 10:21 AM, Christopher Johnston
>  wrote:
> > I keep writing these exec types to things like service 
> restart,
> > sounds like I dont need them and could just use subscribe which will in
> > effect do the same thing.
> >   exec { 'sssd-restart':
> > command => '/sbin/service sssd restart',
> > refreshonly => true,
> > require => File['/etc/sssd/sssd.conf']
> >   }
> > It sounds like I just need to make my server subscribe to the file and
> > eliminate the exec.
> > -Chris
> >
>
> Exactly.
>
> It looks like this:
>
> package {'ntp': ensure => present }
> file {'/etc/ntp.conf':
>  owner   => 'root',
>  group   => 'root',
>  mode=> '644',
>  source  => '/etc/puppet/files/ntp/ntp.conf',
>  require => Package['ntp'],
> }
> service {'ntpd':
>  enable=> true,
>  ensure=> running,
>  subscribe => File['/etc/ntp.conf'],
> }
>
> --Michael
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] dependencies

2010-03-18 Thread Christopher Johnston

Yup the yum manifest sets up my configuration files for the various repos
(ie, we have a development repos for our lab that only goes on lab systems
and production hosts the production repo).

Package { require => Class["yum::base"] }

I guess I could put that in every manifest at the top that is doing package
installs.  Is there one place I could put this so it applies to ALL modules,
perhaps site.pp?

-Chris

On Thu, Mar 18, 2010 at 11:43 AM, Michael DeHaan
wrote:

> On Thu, Mar 18, 2010 at 10:32 AM, Christopher Johnston
>  wrote:
> > Majority of the time rpm deps in fedora are good, so thats not that big
> of a
> > concern.  I am just overly anal about stuff where if I install the ldap
> > client I also make sure pam is there also (yet you would expect the rpm
> dep
> > to satisfy it).
> > Hmm, maybe you are misunderstanding me.  The NTPD class/module has the
> > required packages in there, but if my yum.conf is not setup or the class
> > dependency is not defined for it then the pkg install will fail for
> obvious
> > reasons.  So the only way I know how to make every one of my modules (I
> have
> > over a dozen of them now) that install packages is to make sure they have
> a
> > direct dependency on the yum class/module to run before.
> > What I want to do is enforce a global dependency perhaps, or a way of
> ensure
> > that yum is the very first thing that gets setup on my system before any
> > other module is run due to the direct dependency on a proper yum.conf.
>  Make
> > sense now?  Because of this direct dependency and no proper ordering with
> > puppet without it, I have to sometimes to do two puppet runs.
>
> I haven't tried it yet, but ...
>
> Package {
>require +> Class['yum']
> }
>
> And in there you include the yum configuration for /etc/yum.repos.d/ ?
>
>
>
>
> > -Chris
> >
> > On Thu, Mar 18, 2010 at 10:14 AM, Michael DeHaan <
> mich...@reductivelabs.com>
> > wrote:
> >>
> >> On Thu, Mar 18, 2010 at 10:03 AM, Christopher Johnston
> >>  wrote:
> >> > Being able to install yum groups would be a nice value add.  Sucks
> >> > having to
> >> > list out 8-9 packages and hope rpm/yum deps get sorted out.  But what
> I
> >> > am
> >> > really griping about though is something like this.
> >>
> >> Well, if the packages *do* have proper dependencies, installing one
> >> will install the dependencies.  I would hope there's no hoping on
> >> that, though it may be you have packages that don't have good
> >> dependencies yet.   In that case, fix the packages and that problem
> >> goes away :)
> >>
> >>
> >> > Say you have 2 modules, one called ntpd and one called snmpd.  Two
> >> > totally
> >> > different types of configurations because not every system might get
> >> > ntpd
> >> > configured (only my DNS servers do).  In each of my manifests they
> have
> >> > to
> >> > install packages, but both modules have a direct dependency on my yum
> >> > module
> >> > to have been run and successfully setup in order to get packages from
> >> > the
> >> > right repo.  It gets a little out of control to have to remember to
> put
> >> > a
> >> > require for the yum module every time I call a package type.
> >>
> >> Modelling it as a "yum module" seems a little weird to me (though I
> >> can see where it would save typing in fairly homogenous environments),
> >> I'd think it might work better if you keep the package requirements
> >> inside the modules that need them.   That is to say, if you have an
> >> NTP class/module, require the packages needed for NTP there?
> >>
> >> --Michael
> >>
> >> --
> >> You received this message because you are subscribed to the Google
> Groups
> >> "Puppet Users" group.
> >> To post to this group, send email to puppet-us...@googlegroups.com.
> >> To unsubscribe from this group, send email to
> >> puppet-users+unsubscr...@googlegroups.com
> .
> >> For more options, visit this group at
> >> http://groups.google.com/group/puppet-users?hl=en.
> >>
> >
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Puppet Users" group.
> > To post to this group, send email to puppet-us...@googlegroups.com.
> > To unsubscribe from this group, send email to
> > puppet-us

Re: [Puppet Users] dependencies

2010-03-18 Thread Christopher Johnston

Majority of the time rpm deps in fedora are good, so thats not that big of a
concern.  I am just overly anal about stuff where if I install the ldap
client I also make sure pam is there also (yet you would expect the rpm dep
to satisfy it).

Hmm, maybe you are misunderstanding me.  The NTPD class/module has the
required packages in there, but if my yum.conf is not setup or the class
dependency is not defined for it then the pkg install will fail for obvious
reasons.  So the only way I know how to make every one of my modules (I have
over a dozen of them now) that install packages is to make sure they have a
direct dependency on the yum class/module to run before.

What I want to do is enforce a global dependency perhaps, or a way of ensure
that yum is the very first thing that gets setup on my system before any
other module is run due to the direct dependency on a proper yum.conf.  Make
sense now?  Because of this direct dependency and no proper ordering with
puppet without it, I have to sometimes to do two puppet runs.

-Chris

On Thu, Mar 18, 2010 at 10:14 AM, Michael DeHaan
wrote:

> On Thu, Mar 18, 2010 at 10:03 AM, Christopher Johnston
>  wrote:
> > Being able to install yum groups would be a nice value add.  Sucks having
> to
> > list out 8-9 packages and hope rpm/yum deps get sorted out.  But what I
> am
> > really griping about though is something like this.
>
> Well, if the packages *do* have proper dependencies, installing one
> will install the dependencies.  I would hope there's no hoping on
> that, though it may be you have packages that don't have good
> dependencies yet.   In that case, fix the packages and that problem
> goes away :)
>
>
> > Say you have 2 modules, one called ntpd and one called snmpd.  Two
> totally
> > different types of configurations because not every system might get ntpd
> > configured (only my DNS servers do).  In each of my manifests they have
> to
> > install packages, but both modules have a direct dependency on my yum
> module
> > to have been run and successfully setup in order to get packages from the
> > right repo.  It gets a little out of control to have to remember to put a
> > require for the yum module every time I call a package type.
>
> Modelling it as a "yum module" seems a little weird to me (though I
> can see where it would save typing in fairly homogenous environments),
> I'd think it might work better if you keep the package requirements
> inside the modules that need them.   That is to say, if you have an
> NTP class/module, require the packages needed for NTP there?
>
> --Michael
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] subscribe require

2010-03-18 Thread Christopher Johnston

I keep writing these exec types to things like service  restart,
sounds like I dont need them and could just use subscribe which will in
effect do the same thing.

  exec { 'sssd-restart':
command => '/sbin/service sssd restart',
refreshonly => true,
require => File['/etc/sssd/sssd.conf']
  }

It sounds like I just need to make my server subscribe to the file and
eliminate the exec.

-Chris

On Thu, Mar 18, 2010 at 10:11 AM, Michael DeHaan
wrote:

> On Thu, Mar 18, 2010 at 10:07 AM, Daniel Kerwin 
> wrote:
> > On Thu, Mar 18, 2010 at 2:57 PM, Christopher Johnston
> >  wrote:
> >> Can some help explain the differences and use cases of subscribe and
> >> require.  They seem to have a bit overlap in the sense that they do the
> same
> >> thing almost.  I understand a require sets up a dependency.  So for eg
> the
> >> following below would setup a dependency on the package pam to be
> installed
> >> in order for the file type to run.
> >> package { 'pam':
> >>   ensure = > latest,
> >> }
> >> file { '/etc/pam.d/system-auth':
> >>   ensure  => symlink,
> >>   target  => 'system-auth-ac',
> >>   require => Package['pam']
> >> }
> >> But what I am confused about is how is subscribe different?  Doesn't
> that
> >> handle the same relationship of saying that you are "subscribing"
> (and/or)
> >> requiring something?
> >
> > Subscribe and notify are responsible for notifying resources of
> > changes in another resource. For example:
> >
> > file { "/etc/apache2/httpd.conf";
> >   ...
> >   require => Package["apache"],
> >   notify => Service["apache"],
> > }
> >
> > The require statement ensures that the package apache is installed
> > before the file is managed. When the file httpd.conf is updated the
> > service apache is notified to restart/reload.
> >
> > Hope this helps
> >
>
> To put it another way, subscribe is a special case of require with
> added magic in it.They both imply the same ordering relationship,
> but require adds the additional 'restart if this is changed' logic.
>
> Similarly, notify is like before, with that same extra magic, just
> specified in a different way.It does the same thing. You could
> write all of your Puppet language with 'subscribe' and 'require'
> instead of 'notify' and 'before' if it made it simpler for you.
> You can think of 'require' as reading like 'after'.
>
> --Michael
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] subscribe require

2010-03-18 Thread Christopher Johnston

Ok, that helped a lot.  I read the documentation which is helpful, but the
way you described it here made it easier to understand the use cases.

On Thu, Mar 18, 2010 at 10:10 AM, Peter Meier wrote:

> But what I am confused about is how is subscribe different?  Doesn't that
>> handle the same relationship of saying that you are "subscribing" (and/or)
>> requiring something?
>>
>
> there is subscribe/notify and require/before. The last 2 simply order
> resources and the first two either listen on events or fire events.
>
> this means that if a service requires a file, puppet will only ensure that
> the service is managed after the file. However if the service subscribes to
> the file the service will restart itself when the file fires an event on
> change.
>
> for further information have a look at
> http://docs.reductivelabs.com/references/stable/metaparameter.html
>
> cheers pete
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] dependencies

2010-03-18 Thread Christopher Johnston

Being able to install yum groups would be a nice value add.  Sucks having to
list out 8-9 packages and hope rpm/yum deps get sorted out.  But what I am
really griping about though is something like this.

Say you have 2 modules, one called ntpd and one called snmpd.  Two totally
different types of configurations because not every system might get ntpd
configured (only my DNS servers do).  In each of my manifests they have to
install packages, but both modules have a direct dependency on my yum module
to have been run and successfully setup in order to get packages from the
right repo.  It gets a little out of control to have to remember to put a
require for the yum module every time I call a package type.

The only potential work around I can think of is to create a define that
puts the require in place..

define install::pkg($ensure) {
  package { $pkg:
ensure => $ensure,
require => Class["yum"]
  }
}

On Thu, Mar 18, 2010 at 9:46 AM, Michael DeHaan
wrote:

> On Wed, Mar 17, 2010 at 7:35 PM, Christopher Johnston
>  wrote:
> > I guess my only gripe here is I have about 2 dozen modules most of
> install
> > some form of a pkg from yum.  So they all have a direct dependency on my
> yum
> > module to do the right thing.  I would hate to have to put a require in
> > every single instance that I call the method to install a pkg.  Any ideas
> on
> > on how to simplify this to ensure yum is the very first thing that gets
> > configured on my system?
> >require => [ Class["yum"],
> >
>
> What if we taught the yum provider to know about "yum groupinstall" ?
>
> That way you could add packages into comps.xml and reference them
> together, which would also be faster than referencing each one by one.
>
> While it would not technically be a 'package' this might be also a
> decent workaround solution to the 'yum transactions are not batched'
> problem.
>
> package {   "stuff"
> ensure => latest,
> is_group => true,
> ...
> }
>
> Thoughts?
>
> --Michael
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] subscribe require

2010-03-18 Thread Christopher Johnston

Can some help explain the differences and use cases of subscribe and
require.  They seem to have a bit overlap in the sense that they do the same
thing almost.  I understand a require sets up a dependency.  So for eg the
following below would setup a dependency on the package pam to be installed
in order for the file type to run.

package { 'pam':
  ensure = > latest,
}

file { '/etc/pam.d/system-auth':
  ensure  => symlink,
  target  => 'system-auth-ac',
  require => Package['pam']
}

But what I am confused about is how is subscribe different?  Doesn't that
handle the same relationship of saying that you are "subscribing" (and/or)
requiring something?

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] dependencies

2010-03-17 Thread Christopher Johnston

The only potential solution I see right now is to put the require in a  
define (which i have) that will do a require check on the class.  I  
would expect this would add some extensive overhead on ever package run.


Sent from my iPhone

On Mar 17, 2010, at 9:09 PM, Ashley Penney  wrote:

Put in a feature question for global dependencies like I hassle  
people about from time to time!  We really do need them for setting  
some site specific stuff.


On Wed, Mar 17, 2010 at 7:35 PM, Christopher Johnston > wrote:
I guess my only gripe here is I have about 2 dozen modules most of  
install some form of a pkg from yum.  So they all have a direct  
dependency on my yum module to do the right thing.  I would hate to  
have to put a require in every single instance that I call the  
method to install a pkg.  Any ideas on on how to simplify this to  
ensure yum is the very first thing that gets configured on my system?


   require => [ Class["yum"],

On Tue, Mar 9, 2010 at 5:51 PM, Patrick  wrote:

On Mar 9, 2010, at 5:26 AM, Christopher Johnston wrote:

> For example I have a yum module that sets yum configs up, but  
obviously I have other modules that depend on the installation of  
that yum module in order to use it to install rpms.


I do the same thing with apt.  To solve this, I set the files that  
need to be set at the global dependency for all packages.  Here's an  
example.


Package { require => Exec["post-proxy-update"] }

   file { "/etc/apt/apt.conf.d/01proxy":
   owner   => root,
   group   => root,
   mode=> 644,
   source  => "puppet:///aptcacher-client/01proxy",
   }

   exec { "/usr/bin/apt-get update":
   alias   => "post-proxy-update",
   subscribe   => [ File["/etc/apt/apt.conf.d/01proxy"], File["/ 
etc/apt/sources.list.d/simba.list"] ],
   require => [ File["/etc/apt/apt.conf.d/01proxy"], File["/ 
etc/apt/sources.list.d/simba.list"] ],

   refreshonly => true,
   }

   file { "/etc/apt/sources.list.d/simba.list":
   owner   => root,
   group   => root,
   mode=> 644,
   source  => "puppet:///local-apt/simba.list",
   }

--
You received this message because you are subscribed to the Google  
Groups "Puppet Users" group.

To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com 
.
For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en 
.



--
You received this message because you are subscribed to the Google  
Groups "Puppet Users" group.

To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com 
.
For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en 
.


--
You received this message because you are subscribed to the Google  
Groups "Puppet Users" group.

To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com 
.
For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en 
.


--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] dependencies

2010-03-17 Thread Christopher Johnston

I guess my only gripe here is I have about 2 dozen modules most of install
some form of a pkg from yum.  So they all have a direct dependency on my yum
module to do the right thing.  I would hate to have to put a require in
every single instance that I call the method to install a pkg.  Any ideas on
on how to simplify this to ensure yum is the very first thing that gets
configured on my system?

   require => [ Class["yum"],

On Tue, Mar 9, 2010 at 5:51 PM, Patrick  wrote:

>
> On Mar 9, 2010, at 5:26 AM, Christopher Johnston wrote:
>
> > For example I have a yum module that sets yum configs up, but obviously I
> have other modules that depend on the installation of that yum module in
> order to use it to install rpms.
>
> I do the same thing with apt.  To solve this, I set the files that need to
> be set at the global dependency for all packages.  Here's an example.
>
> Package { require => Exec["post-proxy-update"] }
>
>file { "/etc/apt/apt.conf.d/01proxy":
>owner   => root,
>group   => root,
>mode=> 644,
>source  => "puppet:///aptcacher-client/01proxy",
>}
>
>exec { "/usr/bin/apt-get update":
>alias   => "post-proxy-update",
>subscribe   => [ File["/etc/apt/apt.conf.d/01proxy"],
> File["/etc/apt/sources.list.d/simba.list"] ],
>require => [ File["/etc/apt/apt.conf.d/01proxy"],
> File["/etc/apt/sources.list.d/simba.list"] ],
>refreshonly => true,
>}
>
>file { "/etc/apt/sources.list.d/simba.list":
>owner   => root,
>group   => root,
>mode=> 644,
>source  => "puppet:///local-apt/simba.list",
> }
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] passenger errors

2010-03-17 Thread Christopher Johnston

Hmm I have rack installed, perhaps a broken RPM in the fedora repos.  I
upgraded to the latest 1.1.0 (via gem install rack).  Is there a version
requirement perhaps?

rubygem-rack-0.4.0-2.fc10.noarch


On Wed, Mar 17, 2010 at 4:21 PM, Ben Lovell wrote:

> On 17 March 2010 19:50, Christopher Johnston  wrote:
>
>> Hmmm I have all the goodies installed, rubygem-rails, rubygem-passenger,
>> mod_passenger, etc.  It looks like mod_passenger seems to be working
>> correctly (passenger-status reports good and I can see processes running).
>>  Sorry for my ignorance ruby and passenger is new to me, but I thought
>> mod_rails was passenger.
>>
>> # cat mod_passenger.conf
>>
>> LoadModule passenger_module modules/mod_passenger.so
>> PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-2.2.5
>> PassengerRuby /usr/bin/ruby
>>
>> # find /usr -name mod_passenger.so
>> /usr/lib64/httpd/modules/mod_passenger.so
>>
>>
>
> You're missing the rack gem somehow.
>
> `gem install rack`
>
> And all will be well.
>
> Cheers,
> Ben
>
>
>>
>> On Wed, Mar 17, 2010 at 12:20 PM, Nigel Kersten wrote:
>>
>>> On Wed, Mar 17, 2010 at 9:16 AM, Christopher Johnston
>>>  wrote:
>>> > Has anyone seen this come up, I am using 0.24.8 version of puppet.  I
>>> > followed the directions on the wiki and installed passenger correctly
>>> from
>>> > what I can tell.
>>> >
>>> >
>>> > [Wed Mar 17 09:07:56 2010] [notice] Apache/2.2.14 (Unix) DAV/2
>>> > Phusion_Passenger/2.2.5 mod_python/3.3.1 Python/2.5.2 mod_ssl/2.2.14
>>> > OpenSSL/0.9.8g mod_perl/2.0.4 Perl/v5.10.0 configured -- resuming
>>> normal
>>> > operations
>>> > /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
>>> > `gem_original_require': no such file to load -- rack (LoadError)
>>>
>>> It's not finding the rack install.
>>>
>>>
>>>
>>> > from
>>> /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
>>> > `require'
>>> > from
>>> >
>>> /usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/rack/application_spawner.rb:26
>>> > from
>>> /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
>>> > `gem_original_require'
>>> > from
>>> /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
>>> > `require'
>>> > from
>>> >
>>> /usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/spawn_manager.rb:157:in
>>> > `spawn_application'
>>> > from
>>> >
>>> /usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/spawn_manager.rb:287:in
>>> > `handle_spawn_application'
>>> > from
>>> >
>>> /usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/abstract_server.rb:352:in
>>> > `__send__'
>>> > from
>>> >
>>> /usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/abstract_server.rb:352:in
>>> > `main_loop'
>>> > from
>>> >
>>> /usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/abstract_server.rb:196:in
>>> > `start_synchronously'
>>> > from
>>> >
>>> /usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/bin/passenger-spawn-server:61
>>> > /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
>>> > `gem_original_require': no such file to load -- rack (LoadError)
>>> > from
>>> /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
>>> > `require'
>>> > from
>>> >
>>> /usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/rack/application_spawner.rb:26
>>> > from
>>> /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
>>> > `gem_original_require'
>>> > from
>>> /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
>>> > `require'
>>> > from
>>> >
>>> /usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/spawn_manager.rb:157:in
>>> > `spawn_application'
>>> > from
>>> >
>>> /usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/spawn_manager.rb:287:in
>>> > `han

Re: [Puppet Users] passenger errors

2010-03-17 Thread Christopher Johnston

Hmmm I have all the goodies installed, rubygem-rails, rubygem-passenger,
mod_passenger, etc.  It looks like mod_passenger seems to be working
correctly (passenger-status reports good and I can see processes running).
 Sorry for my ignorance ruby and passenger is new to me, but I thought
mod_rails was passenger.

# cat mod_passenger.conf

LoadModule passenger_module modules/mod_passenger.so
PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-2.2.5
PassengerRuby /usr/bin/ruby

# find /usr -name mod_passenger.so
/usr/lib64/httpd/modules/mod_passenger.so





On Wed, Mar 17, 2010 at 12:20 PM, Nigel Kersten  wrote:

> On Wed, Mar 17, 2010 at 9:16 AM, Christopher Johnston
>  wrote:
> > Has anyone seen this come up, I am using 0.24.8 version of puppet.  I
> > followed the directions on the wiki and installed passenger correctly
> from
> > what I can tell.
> >
> >
> > [Wed Mar 17 09:07:56 2010] [notice] Apache/2.2.14 (Unix) DAV/2
> > Phusion_Passenger/2.2.5 mod_python/3.3.1 Python/2.5.2 mod_ssl/2.2.14
> > OpenSSL/0.9.8g mod_perl/2.0.4 Perl/v5.10.0 configured -- resuming normal
> > operations
> > /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
> > `gem_original_require': no such file to load -- rack (LoadError)
>
> It's not finding the rack install.
>
>
>
> > from /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
> > `require'
> > from
> >
> /usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/rack/application_spawner.rb:26
> > from /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
> > `gem_original_require'
> > from /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
> > `require'
> > from
> >
> /usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/spawn_manager.rb:157:in
> > `spawn_application'
> > from
> >
> /usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/spawn_manager.rb:287:in
> > `handle_spawn_application'
> > from
> >
> /usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/abstract_server.rb:352:in
> > `__send__'
> > from
> >
> /usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/abstract_server.rb:352:in
> > `main_loop'
> > from
> >
> /usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/abstract_server.rb:196:in
> > `start_synchronously'
> > from
> > /usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/bin/passenger-spawn-server:61
> > /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
> > `gem_original_require': no such file to load -- rack (LoadError)
> > from /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
> > `require'
> > from
> >
> /usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/rack/application_spawner.rb:26
> > from /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
> > `gem_original_require'
> > from /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
> > `require'
> > from
> >
> /usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/spawn_manager.rb:157:in
> > `spawn_application'
> > from
> >
> /usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/spawn_manager.rb:287:in
> > `handle_spawn_application'
> > from
> >
> /usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/abstract_server.rb:352:in
> > `__send__'
> > from
> >
> /usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/abstract_server.rb:352:in
> > `main_loop'
> > from
> >
> /usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/abstract_server.rb:196:in
> > `start_synchronously'
> > from
> > /usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/bin/passenger-spawn-server:61
> > [ pid=5466 file=ext/apache2/Hooks.cpp:725 time=2010-03-17 09:08:30.832 ]:
> >   Unexpected error in mod_passenger: Cannot spawn application
> > '/usr/share/puppet/rack/puppetmasterd': The spawn server has exited
> > unexpectedly.
> >   Backtrace:
> >  in 'virtual boost::shared_ptr
> > Passenger::ApplicationPoolServer::Client::get(const
> > Passenger::PoolOptions&)' (ApplicationPoolServer.h:471)
> >  in 'int Hooks::handleRequest(request_rec*)' (Hooks.cpp:521)
> > /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
> > `gem_original_require':

[Puppet Users] passenger errors

2010-03-17 Thread Christopher Johnston

Has anyone seen this come up, I am using 0.24.8 version of puppet.  I
followed the directions on the wiki and installed passenger correctly from
what I can tell.



[Wed Mar 17 09:07:56 2010] [notice] Apache/2.2.14 (Unix) DAV/2
Phusion_Passenger/2.2.5 mod_python/3.3.1 Python/2.5.2 mod_ssl/2.2.14
OpenSSL/0.9.8g mod_perl/2.0.4 Perl/v5.10.0 configured -- resuming normal
operations
/usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
`gem_original_require': no such file to load -- rack (LoadError)
from /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
`require'
from
/usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/rack/application_spawner.rb:26
from /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
`gem_original_require'
from /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
`require'
from
/usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/spawn_manager.rb:157:in
`spawn_application'
from
/usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/spawn_manager.rb:287:in
`handle_spawn_application'
from
/usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/abstract_server.rb:352:in
`__send__'
from
/usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/abstract_server.rb:352:in
`main_loop'
from
/usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/abstract_server.rb:196:in
`start_synchronously'
from
/usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/bin/passenger-spawn-server:61
/usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
`gem_original_require': no such file to load -- rack (LoadError)
from /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
`require'
from
/usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/rack/application_spawner.rb:26
from /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
`gem_original_require'
from /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
`require'
from
/usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/spawn_manager.rb:157:in
`spawn_application'
from
/usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/spawn_manager.rb:287:in
`handle_spawn_application'
from
/usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/abstract_server.rb:352:in
`__send__'
from
/usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/abstract_server.rb:352:in
`main_loop'
from
/usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/abstract_server.rb:196:in
`start_synchronously'
from
/usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/bin/passenger-spawn-server:61
[ pid=5466 file=ext/apache2/Hooks.cpp:725 time=2010-03-17 09:08:30.832 ]:
  Unexpected error in mod_passenger: Cannot spawn application
'/usr/share/puppet/rack/puppetmasterd': The spawn server has exited
unexpectedly.
  Backtrace:
 in 'virtual boost::shared_ptr
Passenger::ApplicationPoolServer::Client::get(const
Passenger::PoolOptions&)' (ApplicationPoolServer.h:471)
 in 'int Hooks::handleRequest(request_rec*)' (Hooks.cpp:521)

/usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
`gem_original_require': no such file to load -- rack (LoadError)
from /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
`require'
from
/usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/rack/application_spawner.rb:26
from /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
`gem_original_require'
from /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
`require'
from
/usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/spawn_manager.rb:157:in
`spawn_application'
from
/usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/spawn_manager.rb:287:in
`handle_spawn_application'
from
/usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/abstract_server.rb:352:in
`__send__'
from
/usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/abstract_server.rb:352:in
`main_loop'
from
/usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/lib/phusion_passenger/abstract_server.rb:196:in
`start_synchronously'
from
/usr/lib/ruby/gems/1.8/gems/passenger-2.2.5/bin/passenger-spawn-server:61
[ pid=5467 file=ext/apache2/Hooks.cpp:725 time=2010-03-17 09:08:30.959 ]:
  Unexpected error in mod_passenger: Cannot spawn application
'/usr/share/puppet/rack/puppetmasterd': The spawn server has exited
unexpectedly.
  Backtrace:
 in 'virtual boost::shared_ptr
Passenger::ApplicationPoolServer::Client::get(const
Passenger::PoolOptions&)' (ApplicationPoolServer.h:471)
 in 'int Hooks::handleRequest(request_rec*)' (Hooks.cpp:521)

/usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in
`gem_original_require': no such file to load -- rack (LoadError)
f

Re: [Puppet Users] Choosing the web server

2010-03-17 Thread Christopher Johnston

I just installed passenger from his repo, clean install thus far.

On Wed, Mar 17, 2010 at 11:42 AM, Todd Zullinger  wrote:

> Christopher Johnston wrote:
> > http://www.kanarip.com/custom/
> >
> > Someone pointed me to this repo the other day, havn't tested
> > anything in or know who is maintaining it though.
>
> Those packages are done by Jeroen van Meeuwen, the same fellow who's
> trying to get passenger into Fedora and EPEL.  Some might recognize
> the name from checking the Fedora/EPEL puppet package changelog too.
> He's the current maintainer for the puppet packages (which I help
> co-maintain). :)
>
> --
> ToddOpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
> ~~
> Even if you're on the right track, you'll get run over if you just sit
> there.
>-- Will Rogers
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

1 2 >

1 - 100 of 129 matches

Mail list logo