Re: [Puppet Users] Using Puppetdb-terminus via rubygems...?
I contacted the gem owner requesting that he remove this gem. -- Later, Darin On Tue, Dec 9, 2014 at 12:48 AM, Spencer Krum n...@spencerkrum.com wrote: The gem owner would be the only one who could remote the gem. That, obviously, is not puppetlabs. -- Spencer Krum n...@spencerkrum.com On Mon, Dec 8, 2014, at 09:19 PM, Matt Wise wrote: +1 Matt Wise Sr. Systems Architect Nextdoor.com On Mon, Dec 8, 2014 at 9:34 AM, Darin Perusich da...@darins.net wrote: On Mon, Dec 8, 2014 at 5:01 AM, Ken Barber k...@puppetlabs.com wrote: We have entirely-gem based Puppet masters (no Ubuntu packages installing Puppet)... we're trying to add in the puppetdb-terminus gemfile. We have it configured, and installed: # gem list | grep -i puppet hiera-puppet (1.0.0) puppet (3.7.3) puppet-catalog-test (0.3.1) puppet-lint (1.0.1) puppet-syntax (1.3.0) puppetdb-terminus (1.0) puppetlabs_spec_helper (0.8.2) rspec-hiera-puppet (1.0.0) That is not an official gem for puppetdb-terminus :-). Someone uploaded it in the past, I think its a dud. If this isn't official, would Puppet Labs be willing to have it removed or publish the gem? We don't really ship a rubygem, we do have a gemfile however: https://github.com/puppetlabs/puppetdb/tree/master/contrib/gem That can be used to create your own gem. We're running into a problem with our Unicorn/Nginx config though... puppet-master[17213]: Could not configure routes from /etc/puppet/routes.yaml: Could not find terminus puppetdb for indirection facts Is there something special we need to do to the config.ru or something so that it can find the puppetdb terminus from the gem thats installed? That just looks like the necessary ruby library files aren't in place, probably due to the bad gem. ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNTnH4ZQXnsGJpxB-W6SAypsJAsXtU0F%3DFoFXtcoRmTJbTA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to a topic in the Google Groups Puppet Users group. To unsubscribe from this topic, visit https://groups.google.com/d/topic/puppet-users/830HwH-1JCY/unsubscribe. To unsubscribe from this group and all its topics, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CADaviKuX8s3cUms_d7LP7QHR-dtyT%3DMG%3D%3DPz85WJrohiVPqUJA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAOHkZxOi0g3Ey%3Dj2r0SDAHhgF5JBVX4wLRWLRwOPaBYfd9GmCw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/1418104128.4043275.200558617.75DF529D%40webmail.messagingengine.com. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CADaviKtUS%3DBAprxb%3DegO13Si902Q8F5ZESA25408%2BhLqepw8HQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Using Puppetdb-terminus via rubygems...?
On Mon, Dec 8, 2014 at 5:01 AM, Ken Barber k...@puppetlabs.com wrote: We have entirely-gem based Puppet masters (no Ubuntu packages installing Puppet)... we're trying to add in the puppetdb-terminus gemfile. We have it configured, and installed: # gem list | grep -i puppet hiera-puppet (1.0.0) puppet (3.7.3) puppet-catalog-test (0.3.1) puppet-lint (1.0.1) puppet-syntax (1.3.0) puppetdb-terminus (1.0) puppetlabs_spec_helper (0.8.2) rspec-hiera-puppet (1.0.0) That is not an official gem for puppetdb-terminus :-). Someone uploaded it in the past, I think its a dud. If this isn't official, would Puppet Labs be willing to have it removed or publish the gem? We don't really ship a rubygem, we do have a gemfile however: https://github.com/puppetlabs/puppetdb/tree/master/contrib/gem That can be used to create your own gem. We're running into a problem with our Unicorn/Nginx config though... puppet-master[17213]: Could not configure routes from /etc/puppet/routes.yaml: Could not find terminus puppetdb for indirection facts Is there something special we need to do to the config.ru or something so that it can find the puppetdb terminus from the gem thats installed? That just looks like the necessary ruby library files aren't in place, probably due to the bad gem. ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNTnH4ZQXnsGJpxB-W6SAypsJAsXtU0F%3DFoFXtcoRmTJbTA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CADaviKuX8s3cUms_d7LP7QHR-dtyT%3DMG%3D%3DPz85WJrohiVPqUJA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] how to force a zypper refresh?
Use the zypprepo module to managing your zypper repositories. https://forge.puppetlabs.com/darin/zypprepo puppet module install darin-zypprepo -- Later, Darin On Mon, Aug 25, 2014 at 10:35 AM, randal cobb rco...@gmail.com wrote: Hello all, I'm trying to solve an issue with Puppet and I'm hoping you can help guide me. We have an internal YUM repository that we build/deploy to quite frequently, and several of the artifacts we publish to that repository need to be pushed out (via puppet) to servers a couple of times per day. All of my servers are SLES or openSuse based, and thus use Zypper. My question is, since the repository gets updated frequently and zypper doesn't refresh repository indexes by itself, is there a way to force a zypper refresh ALWAYS as the first task in a manifest? I've tried adding an exec item in a sample machine's manifest and having all the packages require it, but it isn't doing what I expect. It never seems to run the refresh prior to trying to install any packages. Here are a few snippets from my manifest structure: in base.pp: exec { zypper-refresh: command = 'zypper --no-gpg-checks refresh', path = [/usr/bin, /bin, /sbin], } package { puppet: ensure = installed, require = Exec['zypper-refresh'], } package { augeas: ensure = present, require = Package['puppet'], } package { rubygem-ruby-augeas: ensure = present, require = Package['augeas'], } in test-server.pp (which inherits base.pp) package { 'geany': ensure = installed, require = Exec['zypper-refresh'], } package { 'myjavamodule_xx': ensure = installed, require = Exec['zypper-refresh'], } etc. Any suggestions? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/a98d4d09-c0a0-480e-8904-adf075179a8e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CADaviKsO4GOt%3D9v-bQnW3jduAUR_q%2B1BiuUuTcNJDyjAZcuHoQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Encrypting /var/lib/puppet directory on clients
As mentioned, you'll gain no additional security while the volume since anyone who can log into the machine and switch to the root/puppet users will be able to access said data. However there are solutions which provide encryption and fine grained access control which remove the ability for any unauthorized process to access your data, such as the root user. I use one of these solutions to protect ePHI, but am not a fan of it so wont' promote it on this list but ping me off list if you're interested. Personally I'd never use it for my puppet data/config and would think there are other ways of ensuring it's integrity. -- Later, Darin On Wed, Aug 20, 2014 at 1:18 PM, Brian Mathis brian.mat...@betteradmin.com wrote: The only way to mount an encrypted volume on boot is if the password is stored somewhere on the server itself, such as in /etc/crypttab. Maybe you could come up with a system that uses ssh to login and manually mount the volume with a password after the system is booted. One thing to be aware of is that disk encryption at this level provides no additional security within the system -- anyone logged in can see and access all the files (subject to standard file permissions). It does help with data on the underlying disk, which is only really of use when the machine is completely turned off, protecting it from an administrator on the VM host (though they would have full access to your system anyway), or from a SAN admin. ❧ Brian Mathis @orev On Wed, Aug 20, 2014 at 1:07 PM, Eugene Sapozhnikov eugenes...@gmail.com wrote: I have been given a project to secure our client hosts. One of the requirements was to setup an encrypted volume and mount it over /var/puppet/lib . the other requirement was to have the encryption key reside only on the puppet master. I have been able to use cryptsetup to have puppet configure and mount the encrypted volume successfully. But I am running into a roadblock when the client server reboots and the volume is unmounted. I can't use puppet to mount the volume as the puppet agent will not connect successfully without the /var/lib/puppet being mounted so it can use original SSl cert. Wanted to see if anyone here have tried any similar setups to what i am trying to achieve. Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/a532006d-e3cd-4c1b-bd6f-91a388e68fb0%40googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CALKwpEz7kjusMxbqGPDv%2B10u-AwHd2O_xvfMVVvgyweYJjQPrw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CADaviKshwO4sb85qthN7ATJbgtjegpMWCwUizDQ%2BN6o1PnZ9%2Bw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] puppet CLA
I'm trying to sign this new github linked CLA and it's saying the my email address is already taken, which I'm guessing is because my puppetlabs and github accounts share a common email address. How can I get around this annoyance? -- Later, Darin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CADaviKu05tHvBuV2aq5jYN%3Dr2YVLs33xgywiHa6%2BBgk-B9rFcQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] puppet CLA
https://tickets.puppetlabs.com/browse/CLA-4 -- Later, Darin On Thu, Aug 14, 2014 at 8:59 AM, Ken Barber k...@puppetlabs.com wrote: I'm trying to sign this new github linked CLA and it's saying the my email address is already taken, which I'm guessing is because my puppetlabs and github accounts share a common email address. How can I get around this annoyance? Can you try logging a ticket here? https://tickets.puppetlabs.com/browse/CLA ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNTnpy-J33CjSuvJDoNJYky6noROBF0GOc%3DFaJpUuah6cjA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CADaviKuPc_8-Za1NPQJ9Y1Z%3D5Y226mQT%2BJ6Ly%2Bw1auTdgnt%2BLg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] SuSe SLES: error when refreshing puppet yum repository
rubygem-ruby-shadow is available in the repo so I don't know what could be causing that. I just added that repo to a SLES box, installed puppet and it pulled down the dependencies without issue, the the output below. What the output you get from zypper info rubygem-ruby-shadow and zypper lr -d ? slestest:~ # zypper ar http://download.opensuse.org/repositories/systemsmanagement:/puppet/SLE_11_SP3 puppet Adding repository 'puppet' [done] Repository 'puppet' successfully added Enabled: Yes Autorefresh: No GPG check: Yes URI: http://download.opensuse.org/repositories/systemsmanagement:/puppet/SLE_11_SP3 slestest:~ # zypper in puppet Loading repository data... Reading installed packages... Resolving package dependencies... The following NEW packages are going to be installed: facter puppet ruby rubygem-hiera rubygem-json_pure rubygem-ruby-shadow rubygems 7 new packages to install. Overall download size: 4.9 MiB. After the operation, additional 17.8 MiB will be used. Continue? [y/n/? shows all options] (y): Retrieving package ruby-1.8.7.p357-0.9.15.1.x86_64 (1/7), 1.8 MiB (6.4 MiB unpacked) Retrieving: ruby-1.8.7.p357-0.9.15.1.x86_64.rpm [done] Retrieving package facter-2.0.1-2.1.x86_64 (2/7), 80.0 KiB (222.0 KiB unpacked) Retrieving: facter-2.0.1-2.1.x86_64.rpm [done] Retrieving package rubygems-1.8.15-0.14.1.x86_64 (3/7), 181.0 KiB (558.0 KiB unpacked) Retrieving: rubygems-1.8.15-0.14.1.x86_64.rpm [done] Retrieving package rubygem-ruby-shadow-2.3.4-21.1.x86_64 (4/7), 23.0 KiB (89.0 KiB unpacked) Retrieving: rubygem-ruby-shadow-2.3.4-21.1.x86_64.rpm [done] Retrieving package rubygem-json_pure-1.8.1-28.12.x86_64 (5/7), 276.0 KiB (759.0 KiB unpacked) Retrieving: rubygem-json_pure-1.8.1-28.12.x86_64.rpm [done] Retrieving package rubygem-hiera-1.2.1-11.11.x86_64 (6/7), 46.0 KiB (115.0 KiB unpacked) Retrieving: rubygem-hiera-1.2.1-11.11.x86_64.rpm [done] Retrieving package puppet-3.6.2-2.1.x86_64 (7/7), 2.6 MiB (9.6 MiB unpacked) Retrieving: puppet-3.6.2-2.1.x86_64.rpm [done (1.0 MiB/s)] Installing: ruby-1.8.7.p357-0.9.15.1 [done] Installing: facter-2.0.1-2.1 [done] Installing: rubygems-1.8.15-0.14.1 [done] Installing: rubygem-ruby-shadow-2.3.4-21.1 [done] Installing: rubygem-json_pure-1.8.1-28.12 [done] Installing: rubygem-hiera-1.2.1-11.11 [done] Installing: puppet-3.6.2-2.1 [done] Additional rpm output: %{1} puppet.service warning: /etc/puppet/puppet.conf saved as /etc/puppet/puppet.conf.rpmorig %{1} puppet.service -- Later, Darin On Fri, Jun 13, 2014 at 6:03 AM, Torsten Kleiber torsten.klei...@googlemail.com wrote: Thanks for this! zypper refresh with this repo is now successful. But now I get another error: myserver:~ # zypper --non-interactive install --repo puppet puppet Loading repository data... Reading installed packages... Resolving package dependencies... Problem: nothing provides rubygems needed by rubygem-ruby-shadow-2.3.4-21.1.x86_64 Solution 1: do not ask to install a solvable providing puppet Solution 2: break rubygem-ruby-shadow by ignoring some of its dependencies Choose from above solutions by number or cancel [1/2/c] (c): c Am Donnerstag, 12. Juni 2014 18:09:14 UTC+2 schrieb Darin Perusich: build.opensuse.org is the OBS project location where the packages are managed/built. Successfully built packages are published at download.opensuse.org, so for SLES use the below repo URL. http://download.opensuse.org/repositories/systemsmanagement:/puppet/SLE_11_SP3/ -- Later, Darin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/18f47009-68f3-4eb3-9ff4-375da38d7d94%40googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CADaviKvH5dAy%3DRybHqGbrjv-2RE%2B2G49bdgcoo%3Dyj4XgUEq5aQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Could not find or load main class com.puppetlabs.puppetdb.core
Hello, I'm attempting to build puppetdb-2.0.0 from source and the resulting jar fails to start and errors with Could not find or load main class com.puppetlabs.puppetdb.core. When inspecting the puppetdb.jar it doesn't contain any of the classes so it would appear that 'lein uberhar' is failing to build said classes. When listing the content of puppetdb-2.0.0-standalone.jar the do not exist. Also compiling the source, 'lein compile' doesn't appear to be compiling the classes, no Compiling com.puppetlabs.puppetdb.core or Compiling clj-time.core output like when I build 1.6.3 and nothing created under target/classes. Any thoughts on what might be causing this? This system is openSUSE 13.1, puppet-3.0.2, and Oracle java 1.7.0_55-b13. To recreate do: wget https://github.com/puppetlabs/puppetdb/archive/2.0.0/puppetdb-2.0.0.tar.gz tar -zxf puppetdb-2.0.0.tar.gz cd puppetdb-2.0.0/ echo 2.0.0 version lein uberjar Check for puppetdb.core in resulting jar: jar tf target/puppetdb-2.0.0-standalone.jar |grep puppetdb.core com/puppetlabs/puppetdb/core.clj -- Later, Darin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CADaviKv3z69S86eJBzaE%2B5dK%2BOWmGEX_Mc2DQ0O_mV8Yo1tokw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] SuSe SLES: error when refreshing puppet yum repository
build.opensuse.org is the OBS project location where the packages are managed/built. Successfully built packages are published at download.opensuse.org, so for SLES use the below repo URL. http://download.opensuse.org/repositories/systemsmanagement:/puppet/SLE_11_SP3/ -- Later, Darin On Thu, Jun 12, 2014 at 9:15 AM, Torsten Kleiber torsten.klei...@googlemail.com wrote: Thank you! But now I get another error: vdu10272:~ # zypper --non-interactive refresh Retrieving repository 'puppet' metadata [/] Download (curl) error for 'https://build.opensuse.org/project/show/systemsmanagement:puppet/repodata/repomd.xml': Error code: Unrecognized error Error message: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed Abort, retry, ignore? [a/r/i/?] (a): a Abort, retry, ignore? [a/r/i/?] (a): a Retrieving repository 'puppet' metadata [error] Repository 'puppet' is invalid. Can't provide /repodata/repomd.xml : Media Exception Please check if the URIs defined for this repository are pointing to a valid repository. Skipping repository 'puppet' because of the above error. Some of the repositories have not been refreshed because of an error. Am Donnerstag, 12. Juni 2014 14:38:43 UTC+2 schrieb Jesse Throwe: Torsten, The puppetlabs yum repository is for EL releases only. Because SLES is 'special' you need to use a repo with RPMS (and metadata) tailored for zypper and its ilk. https://build.opensuse.org/project/show/systemsmanagement:puppet - Jesse -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/d882a8e3-f688-4f61-b733-551b7aba4a90%40googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CADaviKvYN_kBB_rEGHeH0f2Fkg4twAdwd9KgaTpC1_Hgcvk--A%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Heartbleed and Puppet-Supported Operating Systems
You've listed SLES 11 as vulnerable, it is not. However OpenSUSE 12.3 and 13.1 are affected and patches have been released. http://support.novell.com/security/cve/CVE-2014-0160.html http://lists.opensuse.org/opensuse-security-announce/2014-04/msg5.html On Apr 10, 2014 1:22 AM, Eric Sorenson eric.soren...@puppetlabs.com wrote: Like you, we are still learning about the full extent of the OpenSSL security bug dubbed Heartbleed, and what we need to do to help Puppet users remediate the vulnerability. We published step-by-step documentation for remediating yesterday [ http://puppetlabs.com/blog/heartbleed-security-bug-update-puppet-users], and we will continue to update you as we learn more and develop new resources. We've finalized a list of vulnerable operating systems supported by Puppet Enterprise, noting the versions of OpenSSL they shipped with. If you are also running open source Puppet, be aware that the range of operating systems you can use is much wider, so not every vulnerable OS is on this list. Keep in mind, regardless of the OS involved, you must check whether you are running OpenSSL versions 1.0.1 and 1.0.2 on your systems. Both are vulnerable. Documentation for remediating the Heartbleed issue is linked below the lists. For more help, check out the Heartbleed and certificate discussions here on the email list Vulnerable Operating Systems and their versions of OpenSSL Debian Wheezy (stable) * OpenSSL 1.0.1e-2+deb7u4 Ubuntu 12.04.4 (precise) LTS * OpenSSL 1.0.1-4ubuntu5.11 RHEL / CentOS / Scientific 6.5 * OpenSSL 1.0.1e-15 Operating Systems that are Not Vulnerable * RHEL / CentOS / OEL / Scientific 6 (other than 6.5) * RHEL / CentOS / OEL / Scientific 5 (all versions) * RHEL / CentOS 4 * SLES 11 * AIX 5, 6, 7 * Solaris 10, 11 * Windows (all) * Debian Squeeze (old-stable) * Ubuntu 10.04 (Lucid) Step-by-Step Documentation for Remediating the Vulnerability Puppet Enterprise 3.x: Regenerating Certs and Security Credentials in Split Puppet Enterprise Deployments http://docs.puppetlabs.com/pe/3.2/trouble_regenerate_certs_split.html Puppet Enterprise 3.x: Regenerating Certs and Security Credentials in Monolithic Puppet Enterprise Deployments http://docs.puppetlabs.com/pe/latest/trouble_regenerate_certs_monolithic.html Puppet Enterprise 2.x: Regenerating Certs and Security Credentials in Split Puppet Enterprise Deployments http://docs.puppetlabs.com/pe/2.8/trouble_regenerate_certs_split.html Puppet Enterprise 2.x: Regenerating Certs and Security Credentials in Monolithic Puppet Enterprise Deployments http://docs.puppetlabs.com/pe/2.8/trouble_regenerate_certs_monolithic.html Puppet SSL: Regenerating All Certificates in a Puppet Deployment http://docs.puppetlabs.com/puppet/latest/reference/ssl_regenerate_certificates.html Eric Sorenson - eric.soren...@puppetlabs.com - freenode #puppet: eric0 puppet platform // coffee // techno // bicycles -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/86C75987-61F4-4205-AFF5-5AD25A7946F6%40puppetlabs.com . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CADaviKtQGxn41o04-rFdfeU2ewFVAQkNPRrCqmr6OgfSaaTLqw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Ideas to allow users only on certain servers
Use LDAP so you have a single source for users and limit access w/groups and ssh allowgroups. Check out OpenDJ if you need a powerful and easy to setup LDAP server. On Mar 13, 2014 5:52 PM, Philippe Conway philippe.con...@gmail.com wrote: So at my organization, we have different departments that should only have access to certain servers. For example: Dev Team: Dev Servers Tech Support: Production Server Admins: All servers How Puppet manages our users now, is once you add the user to the user manifest, it adds them too *all *the servers. I've tried adding an if/else statement as sort of mentioned here: https://groups.google.com/forum/#!topic/puppet-users/EA1LKmaFFJ4 But I learned that wasn't best practice. I've also tried putting users in different classes such as: users::dev users::ts users::admins However that gets a little redundant...Is there another way to do this through Puppet? Or am I better off using something like Active Directory to authenticate and manage groups? Any advice is much appreciated. Thanks! - Philippe -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/cafd5282-53c2-4d21-a833-6384bbe396c6%40googlegroups.comhttps://groups.google.com/d/msgid/puppet-users/cafd5282-53c2-4d21-a833-6384bbe396c6%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CADaviKsULpvvhQJq3aH74LWVBXBVWANOZyWL10mG%3DKqO5JTcbw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Re: introducing puppetboard 0.0.1
You should SR it for the OpenSUSE systems:management:puppet repo so its available along with puppetdb and puppet. On Feb 13, 2014 5:32 PM, Niels Abspoel abo...@gmail.com wrote: Hi Daniele, Thanks for the update in the Readme with the Archlinux Packages. Would you like to have opensuse/suse support packages as well? I'm building these on opensuse build server: https://build.opensuse.org/project/show/home:aboe76 Please do not link from that repository, it's my own rpm build environment. If you want I can push these into the devel:languages:python repository of opensuse/suse, that way more people can test this software, and from that repository it is even possible to add them to the next version of opensuse in the default repositories. with regards, Niels -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/a0e4ac7d-f470-48ad-8c0e-0ac3817aee40%40googlegroups.com . For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CADaviKvjv7BXk61vE4m4za8Jc1PemNocfO%3DvmeJcp-E5_RDCyA%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Reg : War deployment with Puppet
Usually package into an RPM, but not always, which installs into something like /usr/{lib|share}/package/something.war and then create a link to it from the tomcat webapps directory. Tomcat's autodeploy will take care of unpacking it. -- Later, Darin On Thu, Jan 30, 2014 at 3:13 PM, Matthew Schmitt killas...@gmail.com wrote: We package the war into a RPM and then use an exec statement to extract the war. Matt On Jan 30, 2014, at 3:50 AM, PaulC paul.can...@gmail.com wrote: Must admit i would be interested in seeing what other peoples approaches has been for this, we have been thinking about going down the route of getting the war files and any relevant library files put into a rpm/deb package and getting puppet to install the rpm though the OS package manager. Paul C. On Thursday, 30 January 2014 06:54:26 UTC, krishna bhaskara rao wrote: Hi, Can any one share me sample snippets to deploy war in tomcat. if deployment fails, how to rollback. With Regards, Krishna. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/241ed902-f5c6-4f83-a2de-85a13b1948ed%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/BFC7346E-5E79-480C-B4C1-7B996B34ADDC%40gmail.com. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CADaviKuy%2BSutrtegW0d1LAirTo_8FnT1VpJ377eZGK%2BM0PGZJQ%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Puppet User Administration, set password only at creating of user-accounts
I filed a feature request for this about a year ago. https://tickets.puppetlabs.com/browse/PUP-1331 https://projects.puppetlabs.com/issues/15037 -- Later, Darin On Mon, Jan 13, 2014 at 2:56 PM, Jose Luis Ledesma joseluis.lede...@gmail.com wrote: Would be nice to have something like 'initial_password' in the user resource. Perhaps a solution could be create a custom fact with all the users of the server, and set an 'if' statement before the user resource. Hth -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/bc2b23e8-2020-47e9-a103-794ef3f5cc8b%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CADaviKva1wO-9QdCX1Kn7Szu5K8-o%3DP4SA9bZhBG98umr71ZhA%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Puppetlabs/Apache 0.10.0 Release
On Tue, Dec 10, 2013 at 10:42 PM, William Van Hevelingen wva...@gmail.com wrote: I opened an issue for SUSE/SLES support to track it's progress. https://github.com/puppetlabs/puppetlabs-apache/issues/525 Got some email from github on this early, thanks. Where does discussion on this module take place, this mailing list, dev mailing list, issue system? I just took a look at the module and see a message the a2mod type's being depreciated and to use apache::mod instead. SuSE needs this type/provider as well as another, a2flag which I've written, for managing apache modules and setting command line flags for httpd2. On Tue, Dec 10, 2013 at 5:18 AM, Darin Perusich da...@darins.net wrote: On Tue, Dec 10, 2013 at 3:58 AM, William Van Hevelingen wva...@gmail.com wrote: A couple of days ago we released puppetlabs/apache 0.10.0, and as busy as all involved people were we were to accomplish the release they are now equally busy to do other amazing things. http://forge.puppetlabs.com/puppetlabs/apache/0.10.0 Among the endless (22) features that we've added in this release two big accomplishments shine, making this an important milestone: added FreeBSD as a supported Platform (Special Thanks to ptomulik) made sure that a great number of tests are /actually/ executed (Special Thanks to Aethylred) The latter really guarantees that this release and the ones coming will be truely backwards compatible. Check out the CHANGELOG for all the changes in this release. https://github.com/puppetlabs/puppetlabs-apache/blob/0.10.0/CHANGELOG.md Moving forward tampakrap is working on OpenSuse/SLES and Gentoo osfamily support. I can contribute to openSUSE/SLES support. My apache module is based on the puppetlabs module and fully supports the SUSE osfamily. If there's a forked repo someone could point me at I can compare it with the work I've already done. The module team is working hard on a new systems test framework: [Beaker](https://github.com/puppetlabs/beaker) that will expand upon our rspec-system tests allowing use to support multinode tests, as well as the ability to test platforms that are usually out of reach for normal developers (AIX…). For the bigger changes we need to make some hard decisions. We know that we need to get started on support for httpd 2.4 as more distributions are finally picking it up. But we don't know yet how to get there exactly. We thus want to ask you to participate in discussions on the issue tracker: https://github.com/puppetlabs/puppetlabs-apache/issues/477 https://github.com/puppetlabs/puppetlabs-apache/issues/337 As we approach a 1.0 release we want to know what features we need to support and what breakage you as the user are willing to take. Please send us feedback if you have use cases for the puppetlabs/apache module that we are not aware of: your most treasured feature here Proxy SSL termination Apache HTTPd as Application Container puppetlabs/apache consumed by other modules Cheers, igalic and blkperl -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAEXKxLz1LNPkaK_jtyE6%3DnPJv1hy4zyLK4HVEgRwM_Lk6eWjbw%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CADaviKtGJnOz_85BGxrr3WzdjDWdxaYGumrczBwR8kZs%2B%2BbX8A%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out. -- Thanks, William -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAEXKxLyi9HTZU9dci%2ByB6K%3DzoTNTS9zt7TDTaxXOj0NfzJ7eNQ%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CADaviKtkbUZx%2B7XOnFVQPY6huxHVFb5j7wH7Pd2DhUrBTJDW%3Dg%40mail.gmail.com. For more options, visit https://groups.google.com
Re: [Puppet Users] Puppetlabs/Apache 0.10.0 Release
On Tue, Dec 10, 2013 at 3:58 AM, William Van Hevelingen wva...@gmail.com wrote: A couple of days ago we released puppetlabs/apache 0.10.0, and as busy as all involved people were we were to accomplish the release they are now equally busy to do other amazing things. http://forge.puppetlabs.com/puppetlabs/apache/0.10.0 Among the endless (22) features that we've added in this release two big accomplishments shine, making this an important milestone: added FreeBSD as a supported Platform (Special Thanks to ptomulik) made sure that a great number of tests are /actually/ executed (Special Thanks to Aethylred) The latter really guarantees that this release and the ones coming will be truely backwards compatible. Check out the CHANGELOG for all the changes in this release. https://github.com/puppetlabs/puppetlabs-apache/blob/0.10.0/CHANGELOG.md Moving forward tampakrap is working on OpenSuse/SLES and Gentoo osfamily support. I can contribute to openSUSE/SLES support. My apache module is based on the puppetlabs module and fully supports the SUSE osfamily. If there's a forked repo someone could point me at I can compare it with the work I've already done. The module team is working hard on a new systems test framework: [Beaker](https://github.com/puppetlabs/beaker) that will expand upon our rspec-system tests allowing use to support multinode tests, as well as the ability to test platforms that are usually out of reach for normal developers (AIX…). For the bigger changes we need to make some hard decisions. We know that we need to get started on support for httpd 2.4 as more distributions are finally picking it up. But we don't know yet how to get there exactly. We thus want to ask you to participate in discussions on the issue tracker: https://github.com/puppetlabs/puppetlabs-apache/issues/477 https://github.com/puppetlabs/puppetlabs-apache/issues/337 As we approach a 1.0 release we want to know what features we need to support and what breakage you as the user are willing to take. Please send us feedback if you have use cases for the puppetlabs/apache module that we are not aware of: your most treasured feature here Proxy SSL termination Apache HTTPd as Application Container puppetlabs/apache consumed by other modules Cheers, igalic and blkperl -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAEXKxLz1LNPkaK_jtyE6%3DnPJv1hy4zyLK4HVEgRwM_Lk6eWjbw%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CADaviKtGJnOz_85BGxrr3WzdjDWdxaYGumrczBwR8kZs%2B%2BbX8A%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Problem with PuppetDB and OpenSSL
On Wed, Nov 27, 2013 at 9:55 AM, Ken Barber k...@puppetlabs.com wrote: I run all my Puppetised servers on CentOS 6.4. Overnight there were a load of updates for CentOS including an update to openssl-1.0.1e-15.el6. Since installing the updates, PuppetDB is no longer working and seems to be having troubles with SSL. All my puppet nodes show: Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Failed to submit 'replace facts' command for radius-dev.nomadic-core.bris.ac.uk to PuppetDB at puppetdb.resnet.bris.ac.uk:8081: Connection refused - connect(2) The PuppetDB server shows: 2013-11-27 12:09:58,347 WARN [qtp1710594959-45] [io.nio] javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack? Has anyone else had this problem? Any tips? I recreated the PuppetDB certs but this didn't help. This all sounds pretty serious, but something isn't quite right here with the information you have provided. This error: puppetdb.resnet.bris.ac.uk:8081: Connection refused - connect(2) Its very rare that a bug in a running piece of code/framework whatever will cause a connection refused (destination port unreachable) message on its own, its usually because the port and IP you are connecting to is wrong and your client never got to connect to your application. Thus its the kernel that returns the error, not the application. So generally, this doesn't marry up in my mind with this error message: 2013-11-27 12:09:58,347 WARN [qtp1710594959-45] [io.nio] javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack? This implies you _did_ connect. In short I almost believe these are somehow unrelated, or we're mixing errors here. The SSL error is most definitely concerning, but doesn't make sense with the connection refused message. A connection refused usually happens long before the client gets to the serving application, if you see what I mean :-). Can you test the port with 'telnet puppetdb.resnet.bris.ac.uk 8081' from the puppet master and confirm the connection refused manually? Also - can you make sure these errors truly to correlate? Try to reproduce both at the same time if you can. Also make sure no other traffic is going to the PuppetDB web server at the same time. The details for how the master connects to the PuppetDB instance is in /etc/puppet/puppetdb.conf, double check these are correct and that the hostname resolves to what you think it does. Also check you don't have any firewalling enabled, its rare but firewalls can throw destination port unreachable also. Now the SSL error is valid and concerning to me on a separate level. I have a whole bunch of questions though: * What _exact_ version of the JDK is PuppetDB using? The output of 'jinfo pid' (pid of the jvm process for puppetdb) would be helpful here, and the exact package revision from Centos. * What exact version of PuppetDB are you running? * Are you sure it was just openssl that was upgraded? Not java as well? Double check your yum.log or whatever. * Have you tried downgrading the recently upgraded packages to see if it solves it? If it was an upgrade that caused it, a downgrade and restart of PuppetDB should solve it in theory. I'd be interested if this works, and what packages you downgraded to. * Can you show the full stack trace from the PuppetDB log, if there is more to it. If your runnning jdk 6u26 or older you're probably hitting these bugs. I had this same error with the OpenDJ LDAP server a few years back and upgrading the JDK fixed it. http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6932403 http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7025227 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CADaviKt5DNnOGb31_-1dWeXpEGX7L3eG34RBx5%3DYPGcCwXgDZQ%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] PuppetDB 1.4.0 on OpenSuSE
Jeff, I've packaged puppetdb for OpenSUSE/SLES. all versions, and it's available in the systemsmanagement:puppet repository. It builds puppetdb fully from source, no binary blobs, has SuSE compatible init/systemd scripts, etc. Download Top level for all repos: http://download.opensuse.org/repositories/systemsmanagement:puppet/ Build Project: https://build.opensuse.org/package/show/systemsmanagement:puppet/puppetdb -- Later, Darin On Thu, Sep 26, 2013 at 11:51 AM, Jeffrey Watts jeffrey.w.wa...@gmail.com wrote: I just built the PuppetDB 1.4.0 RPMs on OpenSuSE 12.1. The specfile works much better on OpenSuSE now. Two issues came up, however: The 'BuildRequires:sles-release' needs to have a conditional around it so that it can tell between SLES and OpenSuSE. I think this works (I don't have a SLES box to test against): %if 0%{?sles_version} BuildRequires: sles-release %else BuildRequires: openSUSE-release %endif Lastly, the puppetdb-ssl-setup script still does not work when the PuppetDB does not reside on the Puppetmaster. The fix is pretty simple, and the issue is in the bug tracker. I created a question and answer on ask.puppetlabs.com to try and help others that run into it: https://ask.puppetlabs.com/question//puppetdbs-puppetdb-ssl-setup-script-does-not-work-when-the-puppetdb-is-not-on-the-puppetmaster/ I'd like to thank the PuppetLabs folks for making the specfile MUCH more OpenSuSE friendly. It only took me ten minutes this time to fix the problems in the specfile - 1.3.0 took a lot longer. Thanks! Jeffrey. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Array being flattened
Hello All, I've run into an issue where an array that's being passed into a defined type is being flattened when it's inclosed in double quotes and I'm not sure how to get around this. This is happening a the pdxcat/amanda module and I've raised an github issues for this but wanted to query the community as a whole. The issue and my branch of the code are below. The amanda::server or amanda::configs class/defined type allow you to populate amanda configuration directories from files, /etc/amanda/$configs, by setting configs = [ daily, weekly ] in the manifest. In my defined type, amanda::disklist, the parameter $configs needs to be used to set the correct target path to a file which I'm using contact::fragment to modify. When $configs is a single value, say daily, everything works as expected. But then $configs is an array, daily and weekly, it's flattened to dailyweekly which results in an Invalid relationship: error. Can anyone provide some guidance on how to get around this? I've been banging on this for a few days and my heads really starting to hurt. define amanda::disklist ( $configs, $diskdevice = undef, $dumptype, $ensure = present, $interface = undef, $order = 20, $spindle= undef ) { include amanda::params include amanda::virtual concat::fragment { amanda::disklist/$title: target = $amanda::params::configs_directory/$configs/disklist, ensure = $ensure, order = $order, content = $fqdn $name $diskdevice $dumptype $spindle $interface\n, tag = amanda_dle, } https://github.com/pdxcat/puppet-module-amanda/issues/12 https://github.com/deadpoint/puppet-amanda/tree/disklist -- Later, Darin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: Array being flattened
On Thu, Sep 19, 2013 at 3:33 PM, jcbollinger john.bollin...@stjude.org wrote: On Thursday, September 19, 2013 9:13:59 AM UTC-5, Darin Perusich wrote: Hello All, I've run into an issue where an array that's being passed into a defined type is being flattened when it's inclosed in double quotes and I'm not sure how to get around this. You get around it by not referencing the variable inside double quotes. Putting the variable reference inside double quotes indicates that you want to interpolate its (one) string value into the (one) larger string. Yes I'm aware. This is happening a the pdxcat/amanda module and I've raised an github issues for this but wanted to query the community as a whole. The issue and my branch of the code are below. The amanda::server or amanda::configs class/defined type allow you to populate amanda configuration directories from files, /etc/amanda/$configs, by setting configs = [ daily, weekly ] in the manifest. In my defined type, amanda::disklist, the parameter $configs needs to be used to set the correct target path to a file which I'm using contact::fragment to modify. When $configs is a single value, say daily, everything works as expected. But then $configs is an array, daily and weekly, it's flattened to dailyweekly which results in an Invalid relationship: error. What is the desired behavior in this case? Choose the first element? The last? A random one? Perhaps do something for each element? The desired behavior is to add/remove entries in the disklist file for each $configs specified. For example your daily backups might run weekdays and only do incremental dumps, but the weekly backups run on weekends and are archived and sent off site. Can anyone provide some guidance on how to get around this? I've been banging on this for a few days and my heads really starting to hurt. define amanda::disklist ( $configs, $diskdevice = undef, $dumptype, $ensure = present, $interface = undef, $order = 20, $spindle= undef ) { include amanda::params include amanda::virtual concat::fragment { amanda::disklist/$title: target = $amanda::params::configs_directory/$configs/disklist, ensure = $ensure, order = $order, content = $fqdn $name $diskdevice $dumptype $spindle $interface\n, tag = amanda_dle, } https://github.com/pdxcat/puppet-module-amanda/issues/12 https://github.com/deadpoint/puppet-amanda/tree/disklist Your definition seems generally ill-conceived, or at least ill-named, in the face of a $configs variable containing multiple elements. The only sensible thing I can see in that case would be for multiple files to be managed, whereas your defined type represents only one. I thought about creating multiple files but values in amanda.conf are not managed by puppet, other than being copied to the server, so the admin would need to know to add/set disklist value which is typically not present. I see this as being a future enhancement to the module. What is the relationship between your defined type and amanda::dle? The latter appears to be doing about the same thing, but seems to get it right. The key difference there is that amanda::dle makes use of the $configs array directly as a resource title. When an array literal or an array-valued variable is used as a resource title, it serves as shorthand for multiple resource declarations, one for each array element, all with the same parameters. This behavior is often leveraged for splitting arrays into multiple elements, just as amanda::dle does. With amanda::dle I was trying another approach, but it causes duplicate definitions so I wouldn't say it got it right;-) -- Later, Darin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: SSH configuration Question
I wrote an ssh_config defined type, unpublished, to manage every sshd config value. This allowed me to set custom options like $port, $allowgroups, create $match and $match_conditions, etc, on a server by servers basis. -- Later, Darin On Mon, Sep 16, 2013 at 12:02 PM, jcbollinger john.bollin...@stjude.org wrote: On Sunday, September 15, 2013 10:00:16 PM UTC-5, John.1209 wrote: I'm somewhat new to puppet and I have this issue with SSH. Let's say I have 6 different SSH configurations. How do I get puppet to install or upgrade SSH based on the configurations? Assume the O/S and SSHD versions are all the same. So let's say I have different configurations that run SSHD with the following ports: Port 22 Port Port 1000, and so on. How can I write or modify the puppet openssh module to update the different configurations? Thanks in advance. There are two separate issues here: how to provide for variation in machine-to-machine configuration details within a single module, and how to make Puppet choose the correct configuration for each machine. These are not completely separate. But I will start by focusing on the former. Basically, the problem you are asking about is that of site-specific module data. You need to be able to feed data about your site and the machine being configured into your module in order for the managed resources to be configured correctly. This is where Puppet variables come in. You can rely on variables defined by any declared class (including the one wherein you are declaring the needed resources), by the relevant node block (if any), or at top scope. You can use these variables directly as or in resource parameter values, or you can use them in ERB templates evaluated via the template() or inline_template() functions. Templates are often used for the content of configuration files. The next question, then, is how variables get their values. There are several ways: node facts are exposed as global variables; their values are provided by the client as part of the catalog request node-scope variables are defined by node blocks, typically based on the target node's identity variables at any level can be set to the results of Puppet functions. This is particularly powerful, as functions can compute their results by any means. Some, such as hiera() and its siblings, are specifically designed to look up values in external files. variables that happen to be class or definition parameters can receive their values from explicit class or resource declarations or from default values; class parameters can also receive their values from an external node classifier (ENC) or from automated data binding via the hiera external data subsystem. As far as the module design goes, the best approach would probably be to rely on external data, with sensible default values declared where there are any. For example, class ssh_server::config { # ... $port = hiera('ssh_server::config::port', 22) # ... file { '/etc/ssh/sshd_config': ensure = file, uid = 0, gid = 0, mode = 0600, content = template('sshd_config.tmpl') } } Then, somewhere in the template you have #... Port %= @port % #... Note that it is quite popular these days to make class parameters out of the characteristic data of your classes. The practice is more popular than I think is warranted its technical merits, but if you wanted to go that route then the beginning of the above class might look something like this: class ssh_server::config ( # ... maybe other parameters ... $port = 22 ) { # ... file { '/etc/ssh/sshd_config': #... John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Puppet SSL cipher suites
If you're running your puppet master via apache +passenger set in your apache configuration. On Sep 12, 2013 5:41 PM, Gabriel Filion lelu...@gmail.com wrote: Hey there, I looked up puppet.conf documentation and there doesn't seem to be any option to choose which SSL cipher suites are used for communication. Is there some way to configure which cipher suites are preferred? -- Gabriel Filion -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] migrating to puppetdb
Hi Ken, Adding the storeconfigs setting to [main] got things working. This sounds like an bug/issue to me, or at a minimum something that needs to be specified int he documentation. I'll file and issue. Thanks! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] migrating to puppetdb
Hello All, I'm looking to migrate from ActiveRecord to PuppetDB for storeconfigs and was going to export the existing data with puppet storeconfigs export, sounds simple enough. The problem I'm hitting is the export attempts to connect to a sqlite3 DB but I'm using mysql for storeconfigs. The help and man page for puppet storeconfigs aren't very helpful. Anyone know what's causing this? PuppetDB 1.4.0 Puppet 3.2.4 -- Later, Darin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Announce: Puppet 3.2.3 Available
FWIW Puppet Labs could really simplify the creation of packages for linux distributions by leveraging the Open Build Service, formerly OpenSUSE Build Service. All you need to do to add a distribution is check a box and which architectures and the systems will automagically build and deploy the packages for you. For a company that deals in automation I'd think such a tool would be right up your alley;-) You can find the documentation and software http://openbuildservice.org/ -- Later, Darin On Fri, Jul 19, 2013 at 11:21 AM, Moses Mendoza mo...@puppetlabs.com wrote: Hi Justin, Yes, I'll try to get those up today. Moses On Wed, Jul 17, 2013 at 3:37 PM, Justin Brown justin.br...@fandingo.org wrote: Moses, The Fedora 19 packages have not been updated. Could you issue packages for http://yum.puppetlabs.com/fedora/f19/? Thanks, Justin On Mon, Jul 15, 2013 at 2:18 PM, Moses Mendoza mo...@puppetlabs.com wrote: 3.2.3 is a bugfix release of the Puppet 3.2 series. It fixes some Windows bugs introduced in 3.2.0, as well as a few performance problems and miscellaneous bugs. === ## Puppet 3.2.3 Downloads ## === Source: https://downloads.puppetlabs.com/puppet/puppet-3.2.3.tar.gz RPM and deb packages available in the Puppet Labs repositories at: http://yum.puppetlabs.com and http://apt.puppetlabs.com Gems are available via rubygems at https://rubygems.org/downloads/puppet-3.2.3.gem or by using `gem install puppet` Mac package is available at https://downloads.puppetlabs.com/mac/puppet-3.2.3.dmg Windows package is available at https://downloads.puppetlabs.com/windows/puppet-3.2.3.msi Please report feedback via the Puppet Labs Redmine site, using an affected puppet version of 3.2.3: https://projects.puppetlabs.com/projects/puppet/ ## Puppet 3.2.3 Contributors ## Adrien Thebo, Andrew Parker, Dustin J. Mitchell, Josh Cooper, Josh Partlow, Justin Stoller, Matthaus Owens, Moses Mendoza, Nick Fagerlund, Patrick Carlisle = ## Puppet 3.2.3 Release Notes ## = ### Windows Fixes This release fixes several Windows bugs that couldn't be targeted for earlier 3.2 releases. * [#20768: windows user provider can not manage password or home directory](https://projects.puppetlabs.com/issues/20768) --- This was a regression in 3.2.0/3.2.1. * [#21043: setting in puppet.conf ignored on Windows in Puppet 3.2.1](https://projects.puppetlabs.com/issues/21043) --- This was a regression in 3.2.0/3.2.1. * [#16080: Service provider broken in Windows Server 2012](https://projects.puppetlabs.com/issues/16080) --- This affected all previous Puppet versions. * [#20787: 'puppet resource group' takes incredibly long on Windows](https://projects.puppetlabs.com/issues/20787) --- This affected all previous Puppet versions. * [#20302: Windows File.executable? now returns false on ruby 1.9](https://projects.puppetlabs.com/issues/20302) * [#21280: Don't create c:\dev\null in windows specs](https://projects.puppetlabs.com/issues/21280) --- This was only relevant to Puppet developers. ### Logging and Reporting Fixes * [#20383: Bring back helpful error messages like prior to Puppet 3](https://projects.puppetlabs.com/issues/20383) --- This was a regression from 3.0.0, which caused file names and line numbers to disappear from duplicate resource declaration errors. * [#20900: tagmail triggers in --onetime mode without changes after upgrade from 3.1.1 to 3.2.1](https://projects.puppetlabs.com/issues/20900) --- This was a regression in 3.2.0/3.2.1. * [#20919: Logging behaviour issues in 3.2.1](https://projects.puppetlabs.com/issues/20919) --- This was a regression in 3.2.0/3.2.1, which caused noisy logging to the console even if the `--logdest` option was set. ### Performance Fixes * [#21376: Stack level too deep after updating from 3.1.1 to 3.2.2](https://projects.puppetlabs.com/issues/21376) --- This would sometimes cause total failures when importing a large number of manifest files (such as with the `import nodes/*.pp` idiom). * [#21320: Puppet daemon may sleep for 100 years after receiving USR1 on 64 bit systems](https://projects.puppetlabs.com/issues/21320) --- MCollective's Puppet plugin uses puppet agent's USR1 signal to trigger a run if the agent is running; on 64-bit systems, this could cause puppet agent to keep running, but stop doing scheduled configuration runs. This was caused by a bug in Ruby \ 2.0, but we modified Puppet to work around it. * [#20901: `puppet --version` is unnecessarily slow](https://projects.puppetlabs.com/issues/20901) --- This was a regression in 3.2.0/3.2.1. ### Misc Fixes * [#21264: parser = future breaks executing functions as class defaults](https://projects.puppetlabs.com/issues/21264) ### All 3.2.3 Changes [See here for a list of all changes in the 3.2.3
[Puppet Users] [Announce] Puppet Request Tracker Module
This is a cross-list post. I'd like to announce the initial release of a puppet request-tracker module, darin-rt, for managing Request Tracker. The module will install request-tracker and database packages, install request-tracker extensions (if packages are available in the repo), and create basic request-tracker queues. This is also a request for help in extending the module to support more operating systems! Currently it only supports SuSE systems, my distro of choice, so I'm hopeful people from the community who use RT and Puppet will extend this module to support a more verbose set of operating systems. If you're interested in contributing please contact me off-list and I'll help get you up to speed. Enjoy! Puppet Forge: http://forge.puppetlabs.com/darin/rt GitHub: https://github.com/deadpoint/puppet-rt Installation: puppet module install darin-rt -- Later, Darin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: Installing on SLES 11.2?
There should be no reason to add any repo's other then systemsmanagement:puppet for dependencies. The deps should be created as packages links to the which ever development repo they reside in. Any discussion regarding this should be taken off the puppet list and moved onto the opensuse-buildservice list or directed at the repository maintainers. -- Later, Darin On Fri, Feb 15, 2013 at 1:46 AM, Niels Abspoel abo...@gmail.com wrote: For the ruby depencies you need the following repositories on SLE_11_SP2: devel:languages:ruby:backports/SLE_11_SP2 and of course: SUSE:SLE-11:SP2/standard See for more information: https://build.opensuse.org/project/repositories?project=systemsmanagement%3Apuppet Hope this helps. Op vrijdag 15 februari 2013 02:18:33 UTC+1 schreef JB Bell het volgende: I've been unable to get puppet installed on SLES 11.2 by the recommended method. I've set up the repo at http://download.opensuse.org/repositories/systemsmanagement:/puppet/SLE_11_SP2/, but when I do zypper install puppet I get multiple dependency errors, e.g.: Problem: nothing provides rubygems needed by rubygem-hiera-1.1.2-8.1.x86_64 I had a prior install of puppet kind of working without that repo, but I need to have the ruby-shadow package. A good number of articles and bug reports online talk about this, and supposedly that repo is the solution. I don't find any docs at all on the official puppetlabs site, and the old wiki references a repo that doesn't seem to exist anymore; at any rate, it's for SLES 10.2. Any clues? I don't want to have to install from source--we have dozens of SLES servers. Thanks for any help you can provide. Ideally I'd like a step-by-step for SLES, but anything would be good. J B Bell Test Environment Professional Ericsson ITTE 4333 Still Creek Drive Burnaby, BC V5C 6S6, Canada Phone +1 778.373.7150 jb@ericsson.com www.ericsson.com -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] shared header across multiple defined types via concat
Hi Felix, On Thu, Feb 14, 2013 at 7:07 AM, Felix Frank felix.fr...@alumni.tu-berlin.de wrote: So basically you want all generated files to use the same header template? Hmm. This is correct. I believe what you want is another defined type that represents the header snippet for a specific pam config file and declares a concat::fragment $name-header or somesuch. Each of the other defined types then contains an instance of this new type, probably not passing more than the name. I've tried this approach and the problem you run into is when defining multiple pam::limits you create a duplicate declaration caused by pam::header being called for each instance. It attempts to create multiple headers. -- Later, Darin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] shared header across multiple defined types via concat
On Fri, Feb 15, 2013 at 10:12 AM, Felix Frank felix.fr...@alumni.tu-berlin.de wrote: Hi, it's paramount that you generate a unique $name for each invocation of your defined type, e.g. pam::header { limits-$name: } You can take advantage of the fact that the calling defines have unique names of their own. Right, that was my dump mistake. It still doesn't take away from the fact that the header will be added multiple times. HTH, Felix On 02/15/2013 03:31 PM, Darin Perusich wrote: I believe what you want is another defined type that represents the header snippet for a specific pam config file and declares a concat::fragment $name-header or somesuch. Each of the other defined types then contains an instance of this new type, probably not passing more than the name. I've tried this approach and the problem you run into is when defining multiple pam::limits you create a duplicate declaration caused by pam::header being called for each instance. It attempts to create multiple headers. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] shared header across multiple defined types via concat
Hello All, I have two defined types which I'd like to share a common, realized header concat resource but when both are declared in a manifest the header is only applied to one of the types. When the headers are declared independently for each type the work but that's is a bunch of nearly identical code that should be able to be reused, but i'm missing whatever magic is needed to accomplish it. The class is pam and the defined types are pam::access and pam::limits. I've only included init.pp and limits.pp since access.pp is nearly identical but the full module can be found at https://github.com/deadpoint/puppet-module-pam. Any thoughts on how to accomplish this? init.pp: class pam { include concat::setup $access_conf = '/etc/security/access.conf' $limits_conf = '/etc/security/limits.conf' @concat { $limits_conf: owner = 'root', group = 'root', mode = '0644', } # header @concat::fragment { header: target = undef, name= undef, order = 01, content = template(pam/header.erb), } } limits.pp: define pam::limits ( $domain, $type, $item, $value, $ensure = present, $priority = '10' ) { include pam $limits_conf = $pam::limits_conf realize ( Concat[$limits_conf] ) Concat::Fragment | title == 'header' | { target = $limits_conf, name = limits } concat::fragment { pam::limits ${domain}-${type}-${item}-${value}: ensure = $ensure, target = $limits_conf, content = ${domain} ${type} ${item} ${value}\n, order = $priority, } } -- Later, Darin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] changing the root password on PUPPET master and init.pp
You need to supply the encrypted password in the manifest. -- Later, Darin On Thu, Jan 10, 2013 at 4:55 PM, DJames dominicrja...@gmail.com wrote: I understand that you must change the password on the host itself first, then change the password in /etc/puppet/modules/users/manifests/init.pp what makes the password encrypted? Do i just put the non-encrypted new root password in the following sections? then puppet encrypts it? lass users { case $operatingsystem { 'RedHat', 'CentOS': { user { root: comment = '[ROOT]', uid = 0, gid = root, home = /root, password = $ ? { 4 = '', 5 = '', 6 = '', -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/mEeGNkFMgusJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Splunk Module Development Recommendations
I've broken my splunk module in splunk::client for the forwarder and splunk::server for the server. Both inherit splunk which realizes the user and group, i don't let the splunk packages create them cuz they're created as non-system accounts which collide with ldap accounts, and creates the init script, again modified since I don't like the supplied one. The client also creates the deploymentclient.conf so we can push what to monitor from the splunk server. No need to add forward-server or any of that other stuff. -- Later, Darin On Tue, Jan 8, 2013 at 10:01 AM, Brendan Murtagh brendan.r.murt...@gmail.com wrote: Good morning, We've been testing PE and beginning developing modules for our infrastructure. One of the modules I'm looking to create is an installation for Splunk, with the primary focus at this time, on the Forwarder. I already have the splunkforwarder-5.0.1-143156-linux-2.6-amd64.deb package being fetched from the Master and also performing the installation via dpkg. I need help brainstorming/figuring out the best way to handle the rest of the installation/configuration commands. Here is the guide I was given to complete the installation for the Splunk Forwarder: dpkg -i splunkforwarder-5.0.1-143156-linux-2.6-amd64.deb source /opt/splunkforwarder/bin/setSplunkEnv splunk start splunk add forward-server 10.1.1.45:9996 Splunk username: admin Password: password splunk restart splunk enable boot-start cd /data/apps/ror/pws/current/log splunk add monitor . edit /opt/splunkforwarder/etc/apps/search/local/inputs.conf Add the following lines: inputs.conf for the web servers [monitor:///var/log] disabled = false [monitor:///data/apps/ror/pws/shared/log/leads.log] disabled = false sourcetype = est_appts [monitor:///data/apps/ror/pws/shared/log/audit.log] disabled = false sourcetype = salesbooks [monitor:///data/apps/ror/pws/shared/log/production.log] disabled = false sourcetype = rails [monitor:///data/apps/ror/pws/shared/log/call_attempts.log] disabled = false sourcetype = call_attempts [monitor:///data/apps/ror/pws/shared/log/call_selection.log] disabled = false sourcetype = call_selection I'm ok using a template/content parameter for handling the /opt/splunkforwarder/etc/apps/search/local/inputs.conf file. What are some of the recommended ways for handling the install steps prior to the inputs.conf edits? Thanks, Brendan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/J01GCHL_T7MJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] puppetlabs-mysql module
Hello All, I'm never really sure whether to email the maintainers for modules or the list so I figure posting to the list is a good place to start;-) So I've started testing out the puppetlabs-mysql module today and I like what I'm seeing but have a few questions/critiques/concerns regarding the types/providers. I'm finding the names, database, database_user, and database_grant rather generic. Unless there are plans to merge mysql, postgresql, etc, into a single database module shouldn't they be a bit more specific like mysql_db, mysql_user, and mysql_grant? Also, what about supplying my.cnf instead of creating from a template which is the default action? I see you can use mysql::server::config, which I haven't tried yet, to add additional params but I'm thinking that could lead to a rather large/unwieldy manifest given the vast number of options available. Nice work and I hope to see my pull request for SuSE support accepted soon;-) -- Later, Darin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Problems building puppet 3.x for SLES
Working packages for SLES, and all current SuSE releases, are available in open build service. These are the packages that feed the distributions. https://build.opensuse.org/package/show?package=puppetproject=systemsmanagement%3Apuppet -- Later, Darin On Wed, Dec 26, 2012 at 10:53 PM, Jagga Soorma jagg...@gmail.com wrote: Hi Guys, I am new to puppet and have a mix of both RHEL5.x and SLES11.x servers in my environment. I have been able to build the puppet client with some modifications on RHEL5.x with the spec files just fine but can't seem to build for SLES11.x. I was wondering if anyone here is using the puppet 3.x client with SLES11 yet? If so, do you know what the best way is to install all the dependencies and the puppet client for SLES11.x. Any help would be appreciated. Thanks, -J -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/UrZPC54IbswJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet on OpenSuSE SLES
EOL distro's can be enabled manually but you'll need to contact one of the the repo maintainers to do so. Click on the users tab in the webui and email one or all of the maintainers. -- Later, Darin On Fri, Nov 30, 2012 at 7:08 PM, Ashley Gould ago...@ucop.edu wrote: On Mon, Nov 26, 2012 at 10:35:55PM -0800, Niels Abspoel wrote: Darin has given the right answer, Just branch the package, and submit a request. Don't forget to add a comment in puppet.changes file before you submit it. Thank you for this tip. OBS is sweet, but I'm still feeling my way around. I have branched and built locally with modified puppet-3.0.1-init.diff. I will let my patched init script run in the wild for a week or so and then (figure out how to) submit. Are you aware of anyone building puppet 3.0.* for SLES10? Can we add a SLES10 repo to the systemsmanagement:puppet project? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet on OpenSuSE SLES
Ashley, One of the nice things about OBS is you can branch the package, update it, and submit your changes back and if/once accepted they'll be built, packed and available in the repo for general consumption. -- Later, Darin On Wed, Nov 21, 2012 at 3:59 PM, Ashley Gould ago...@ucop.edu wrote: Hello Niels, I found this thread and I am installing puppet-3.0.1-2.1.x86_64.rpm from http://download.opensuse.org/repositories/systemsmanagement:/puppet/SLE_11_SP2/ The init script /etc/init.d/puppet in this rpm has an error and will not run on puppet 3.0, because the script sets the puppet binary to /usr/sbin/puppetd, which no longer is used. I have revised the script for my site, but I would like to see this fixed in the OBS repo as well. Who should I contact to help contribute changes? I have not use OBS before to maintain packages. On Mon, Oct 22, 2012 at 08:08:50AM -0700, Niels Abspoel wrote: If you don't want to compile it yourself: Look at these: home project: https://build.opensuse.org/package/show?package=puppetproject=home%3Aaboe76%3Abranches%3Asystemsmanagement%3Apuppet%3Adevel devel project maintainer opensuse https://build.opensuse.org/project/show?project=systemsmanagement%3Apuppet%3Adevel official maintainer project: https://build.opensuse.org/package/show?package=puppetproject=systemsmanagement%3Apuppet Op donderdag 29 maart 2012 15:03:36 UTC+2 schreef Darin Perusich het volgende: You can grab the .spec from the build service project or the srpm links below. http://download.opensuse.org/repositories/home:/eclipseagent:/puppet/ https://build.opensuse.org/project/show?project=home%3Aeclipseagent%3Apuppet -- Later, Darin On Thu, Mar 29, 2012 at 5:03 AM, r0k5t4r oliver_...@gmx.de javascript: wrote: Hi, would you mind sharing the specfile you have used to build ruby-shadow? Regards, Oliver Am Montag, 12. März 2012 17:46:17 UTC+1 schrieb Jeffrey Watts: I took the RHEL/EPEL RPMs for ruby-shadow and puppet and rebuilt them for SLES. There are very few things that need changing. The RHEL/EPEL RPMs have really well put together SPECfiles. I believe I posted the SPECfile diff for puppet to this list a month or so ago. You might search the archives. Mostly what I did was comment out the Red Hat specific dependencies - it was really easy. You can build without Augeas if you're not using it. Good luck. Jeffrey. On Mon, Mar 12, 2012 at 5:19 AM, Julien C. corn...@gmail.comjavascript: wrote: Hi, I'm a big fan of Puppet and managed to have my company accept it. However, I'm having issues deploying it (I'm used to the debian version which works perfectly out of the box) : - There doesn't seem to be an official repository for Suse (I've seen it mentionned in the bugtracker but yum.puppetlabs.com doesn't contain SUSE packages). - I can't find a package for ruby-shadow. - I can't find a package for augeas either. I circumvented these problems by installing Puppet by hand (tarball) and writing ugly code (execs) to manage config files and user passwords. However, I'd like to know if I missed anything or if you can suggest solutions for any of these 3 issues... -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/z_oXvCuaLJsJ. To post to this group, send email to puppet...@googlegroups.comjavascript: . To unsubscribe from this group, send email to puppet-users...@googlegroups.com javascript:. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/jTcQeG0uAvwJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- -ashley Did you try poking at it with a stick? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http
Re: [Puppet Users] Puppet client won't autostart
This is systemd weirdness. I've run into this error before on SuSE with other init scripts and the fix was to reboot the machine. Then you won't get the Loaded: error (Reason: No such file or directory) anymore. -- Later, Darin On Tue, Nov 13, 2012 at 9:29 AM, Bret Wortman b...@thewortmans.org wrote: It does not (and this is odd since I'm using F17): # service puppet status Redirecting to /bin/systemctl status puppet.service puppet.service Loaded: error (Reason: No such file or directory) Active: inactive (dead) and yet ps still shows it running. But with your help, this at least starts it now, but I can't get the ensure bit working, and that's the really critical piece for us. Looks like Puppet is expecting to chkconfig this and that's not working. I also have no file in /etc/init.d at all, so there's apparently no start script on my system at all. I installed from the Puppetlabs repos. # puppet resource service puppet hasstatus=false ensure=running enable=true Error: Could not enable puppet: Execution of '/sbin/chkconfig puppet on' returned 1: error reading information on service puppet: No such file or directory : : service { 'puppet': ensure = running, enable = false, } # On Tuesday, November 13, 2012 8:40:08 AM UTC-5, Martin Alfke wrote: Hi Bret, On 13.11.2012, at 13:18, Bret Wortman wrote: I'm getting this problem on all the puppet client's I've been setting up and it's got me both scratching my head (because I'm not seeing anything obvious in any system logs) and pausing in my rollout until I get it solved: # puppet resource service puppet ensure=running enable=true does the service script has a status option and does the status deliver proper results? service puppet status Some service scripts do not check properly for the status or they deliver wrong exit codes. If this is the case you can set hasstatus = false hth, Martin Error: Could not start Service[puppet]: Execution of '/sbin/service puppet start' returned 1: Error: /Service[puppet]/ensure: change from stopped to running failed: Could not start Service[puppet]: Execution of '/sbin/service puppet start' returned 1: service { 'puppet': ensure = 'stopped', enable = 'false', } # ps aux | grep 'puppet agent' | grep -v grep # puppet agent # ps aux | grep 'puppet agent' | grep -v grep root 55055 12.4 0.1 383924 45928 ? Ssl 07:150:01 /usr/bin/ruby /bin/puppet agent # Where should I look first? I'm not sure why this will start for me interactively but not from the agent (this also fails if the agent is already running in exactly the same fashion). Thanks! Bret Wortman -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/Craxa7MPMXUJ. To post to this group, send email to puppet...@googlegroups.com. To unsubscribe from this group, send email to puppet-users...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/62Ns4IuyUJgJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] puppet modules for suse / sles !!!
Here's a couple types that you'll find useful. The puppet-apache-modules type provides support for adding/removing apache flags and modules on SuSE, you'll need to write an apache module but I'm sure you can merge it into other modules. Any of the puppet modules on my github have been had suse support added and pushed upstream. https://github.com/deadpoint/puppet-zypprepo https://github.com/deadpoint/puppet-apache-modules -- Later, Darin On Fri, Nov 2, 2012 at 5:55 AM, Rakesh Kathpal rkath...@gmail.com wrote: Hi, I am a sysadmin and currently evaluating puppet. I am not a programmer so generally use ready modules from Lab42 or other contributors on puppet forge / github. Currently I am looking for Apache / Mysql and Php puppet modules for SLES, I have got the modules working for rhel/ububtu and centos. Really appreciate any help on this. Thanks Regards, Rakesh K. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet on OpenSuSE SLES
Why did they put it in systemsmanagement:puppet:devel instead of systemsmanagement:puppet? Having a separate devel project seems kinda fragmented and unnecessary to me. Is the a reason for packaging it as a gem? I haven't done any ruby packaging in OBS, only perl, so i dont' know if that's preferred. The spec should also be updated with a Provides: ruby-shadow so any systems that have a ruby-shadow package installed trigger a conflict. -- Later, Darin On Mon, Oct 29, 2012 at 2:32 AM, Niels Abspoel abo...@gmail.com wrote: Hi Darin, The puppet package has been updated in systemsmanagement:puppet:devel in opensuse build service to include ruby-shadow. Hope this package will become the new puppet package in opensuse 12.3. en SLES. It works great on my own machine. Maybe we can update the spec file with the spec file from opensuse build service? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/LujHjEL98JwJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet on OpenSuSE SLES
Hi Niels, The only thing those SuSE packages are missing, imo, is the ruby-shadow packages and dependency. I've been meaning to submit ruby-shadow and an updated spec to systemsmanagement:puppet just haven't had the time. -- Later, Darin On Mon, Oct 22, 2012 at 1:18 AM, Niels Abspoel abo...@gmail.com wrote: Or you can go to https://build.opensuse.org/ They have two projects running: 2.7.19: systemsmanagement-puppet 3.0.0: systemsmanagement-puppet-devel-package=puppet and my own 3.0.1: home-Aaboe76-branches-systemsmanagement-puppet-devel These are packages build for suse and tested on my machine. Greetz, Niels Op donderdag 29 maart 2012 15:03:36 UTC+2 schreef Darin Perusich het volgende: You can grab the .spec from the build service project or the srpm links below. http://download.opensuse.org/repositories/home:/eclipseagent:/puppet/ https://build.opensuse.org/project/show?project=home%3Aeclipseagent%3Apuppet -- Later, Darin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/-vYDo6vaqmIJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: how to stop puppet from checking a service
On Mon, Oct 1, 2012 at 6:03 PM, jcbollinger john.bollin...@stjude.org wrote: On Monday, October 1, 2012 3:56:42 PM UTC-5, Darin Perusich wrote: Is there an way for puppet to not check whether a service is running or not? I'm basically looking for the equivalent of enable = manual for Linux systems, I think. This would be useful when the service itself is under the control of a CRM like Pacemaker or I want to give control of the service to an end user, say both tomcat and glassfish are on the same box and they want to run one instead of the other. I suspect it's not possible to prevent Puppet from checking whether a managed service is running, but it may be possible to prevent it from managing whether the service is running. Try omitting the 'ensure' parameter altogether. You are correct...by omitting the ensure the service is no longer checked to if it's running or not. Thanks! Note that if you're not managing whether the service is running, then the only other thing about it you can be managing is whether it starts at boot (via the 'enable' parameter). If you don't want to manage that either, then just don't declare a Service resource in the first place. Supposedly the Example42 modules support this by disableboot=true, but that doesn't appear to do anything other than set enable = false for the service and I don't see how that stops Puppet from checking whether the service is up or down. It doesn't, but what's the harm in just checking? I haven't looked at the modules you're talking about, but perhaps they do as I suggested? It would be fairly easy to overlook complete omission of a parameter -- much more so than to overlook a special parameter value. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/GdMKCawsHsoJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] how to stop puppet from checking a service
Is there an way for puppet to not check whether a service is running or not? I'm basically looking for the equivalent of enable = manual for Linux systems, I think. This would be useful when the service itself is under the control of a CRM like Pacemaker or I want to give control of the service to an end user, say both tomcat and glassfish are on the same box and they want to run one instead of the other. Supposedly the Example42 modules support this by disableboot=true, but that doesn't appear to do anything other than set enable = false for the service and I don't see how that stops Puppet from checking whether the service is up or down. Thanks! -- Later, Darin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] writing providers
Hello All, Does anyone have any good documentation, with examples, on writing providers? I have both the puppet books and I've been reviewing the various providers that are distributed w/puppet and modules but I'm not seeing things like how to properly execute commands, best way to parse output, or how to debug them during development. Thanks! -- Later, Darin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] writing providers
HI Justin, I have reviewed those documents and the Provider Development doc doesn't tell me much more than what a provider does. There are no example other than how to set a command or limit to a certain system type. Take for example the docs on Using Parameterized Classes. I can take that document and after reading it can start writing a parameterized class to fit most situations, you can't do that with the provider docs. -- Later, Darin On Tue, Sep 25, 2012 at 2:14 PM, Justin Stoller jus...@puppetlabs.com wrote: I know that yours was more a question for the community but have you checked out: http://docs.puppetlabs.com/puppet/#hacking-and-extending If those aren't super helpful we'd love to make them better. HTH, Justin On Tue, Sep 25, 2012 at 10:47 AM, Jakov Sosic jso...@srce.hr wrote: On 09/25/2012 05:09 PM, Darin Perusich wrote: Hello All, Does anyone have any good documentation, with examples, on writing providers? I have both the puppet books and I've been reviewing the various providers that are distributed w/puppet and modules but I'm not seeing things like how to properly execute commands, best way to parse output, or how to debug them during development. Thanks! I can send you my providers for Cobbler that I am writing. They are kinda simple so you can get around? Drop me a private mail if you want. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Nagios and www-data users.
There should be a nagcmd group which both nagios and your apache user are members of. The nagios.cmd pipe should have permission of 0660 and ownership of nagios:nagcmd. If you were using check_mk livestatus then the livestatus.cmd socket would have the same perms and ownership. Usually this is taken care of by the nagios packages. -- Later, Darin On Wed, Sep 5, 2012 at 12:33 PM, Douglas Garstang doug.garst...@gmail.com wrote: I'm sure people have hit this problem before. In my nagios module, the nagios command pipe file at /var/lib/nagios3/rw/nagios.cmd is owned by the nagios user, but needs to be written to by the www-data user. Adding the www-user to the nagios group is one solution, but that requires that the nagios module potentially modify the www-data user, which seems bad. What's the best way to do this? I tried to explicitly define the www-data user in it's own class, and then create another nagios class that inherits from that so that I could do plusignment, but I obviously have the syntax wrong. Puppet doesn't like this. class nagios::users inherits users::www-data { User['www-data'] { group + ['nagios'] } } Doug -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Determining the syslog provider
On SuSE systems the init script determines which syslog daemon by the value of SYSLOG_DAEMON in /etc/sysconfig/syslog, the values can be syslogd, syslog-ng, rsyslogd or for autodetect. You should be able to leverage those to determine which logger to use. -- Later, Darin On Tue, Jun 12, 2012 at 8:45 AM, Julien C. cornu...@gmail.com wrote: Thanks to both of you for your answers. I am aware of the operatingsystem and release variables, but I can't rely on them because servers don't always use the default syslog provider, as stated in my original post. I can't enforce the same provider on every node because it would destroy any customization made in the original provider's configuration. I need to know which is the running logger and add my configuration in its config files. The first step to do this is to identify it, hence this post's title. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/9J4Tgh7fTUAJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Trying to get tagmail to work
Add tagmail to reports in puppet.conf on the server. -- Later, Darin On Tue, Jun 12, 2012 at 2:49 PM, Jason Knudsen jason.knud...@gmail.com wrote: Hey guys, Relatively new to Puppet and I'm trying to setup tagmail to send all emails to me: at one point I'll filter that down to errors and whatnot (based on tags) but for now I just want to get it working. Master Puppet server is setup with Passengers, all works well: /etc/puppet/puppet.conf [main] # The Puppet log directory. # The default value is '$vardir/log'. logdir = /var/log/puppet # Where Puppet PID files are kept. # The default value is '$vardir/run'. rundir = /var/run/puppet # Where SSL certificates are kept. # The default value is '$confdir/ssl'. ssldir = /etc/puppet/ssl [agent] # The file in which puppetd stores a list of the classes # associated with the retrieved configuratiion. Can be loaded in # the separate ``puppet`` executable using the ``--loadclasses`` # option. # The default value is '$confdir/classes.txt'. classfile = $vardir/classes.txt # Where puppetd caches the local configuration. An # extension indicating the cache format is added automatically. # The default value is '$confdir/localconfig'. localconfig = $vardir/localconfig # Turn on Reporting report = true [master] reports = tagmail ssl_client_header = SSL_CLIENT_S_DN ssl_client_verify_header = SSL_CLIENT_VERIFY And my /etc/puppet/tagmail.conf: all: m...@email.com On the slave, I have this setup in my puppet.conf: [main] # The Puppet log directory. # The default value is '$vardir/log'. logdir = /var/log/puppet # Where Puppet PID files are kept. # The default value is '$vardir/run'. rundir = /var/run/puppet # Where SSL certificates are kept. # The default value is '$confdir/ssl'. ssldir = $vardir/ssl # Stuff server = puppet [agent] # The file in which puppetd stores a list of the classes # associated with the retrieved configuratiion. Can be loaded in # the separate ``puppet`` executable using the ``--loadclasses`` # option. # The default value is '$confdir/classes.txt'. classfile = $vardir/classes.txt # Where puppetd caches the local configuration. An # extension indicating the cache format is added automatically. # The default value is '$confdir/localconfig'. localconfig = $vardir/localconfig # Enable Reporting report = true The reporting seems to work fine, my /var/lib/puppet/reports directory is populated every time the agent is run. But I never receive an email, and I've checked the /var/log/maillog (no event occurs). I'm sure I'm missing something stupid here -- been banging my head on it for awhile. Any idea? Thanks, Jason -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/i1l6ylp8XXsJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] puppetdb build fails on OpenSUSE systems with undefined method
Hello All, I'm attempting to build puppetdb on opensuse it's failing with the error undefined method `downcase' for nil:NilClass. The Rakefile is setting @plibdir based on osfamily = Facter.value(:osfamily).downcase and osfamily is not a fact on OpenSUSE/SUSE systems. How should I work around this? Code block from Rakefile: require 'facter' osfamily = Facter.value(:osfamily).downcase if osfamily.downcase =~ /debian/and PE_BUILD == '' @plibdir = '/usr/lib/ruby/1.8' elsif osfamily.downcase =~ /debian/ and PE_BUILD.downcase == true @plibdir = '/opt/puppet/lib/ruby/1.8' elsif osfamily.downcase =~ /redhat/ and PE_BUILD == '' @plibdir = '/usr/lib/ruby/site_ruby/1.8' elsif osfamily.downcase =~ /redhat/ and PE_BUILD.downcase == true @plibdir = '/opt/puppet/lib/ruby/site_ruby/1.8' end -- Later, Darin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] puppetdb build fails on OpenSUSE systems with undefined method
Hi Deepak, On Mon, May 21, 2012 at 12:28 PM, Deepak Giridharagopal dee...@puppetlabs.com wrote: Hi Darin, On Mon, May 21, 2012 at 9:39 AM, Darin Perusich da...@darins.net wrote: Hello All, I'm attempting to build puppetdb on opensuse it's failing with the error undefined method `downcase' for nil:NilClass. The Rakefile is setting @plibdir based on osfamily = Facter.value(:osfamily).downcase and osfamily is not a fact on OpenSUSE/SUSE systems. How should I work around this? Code block from Rakefile: require 'facter' osfamily = Facter.value(:osfamily).downcase if osfamily.downcase =~ /debian/ and PE_BUILD == '' @plibdir = '/usr/lib/ruby/1.8' elsif osfamily.downcase =~ /debian/ and PE_BUILD.downcase == true @plibdir = '/opt/puppet/lib/ruby/1.8' elsif osfamily.downcase =~ /redhat/ and PE_BUILD == '' @plibdir = '/usr/lib/ruby/site_ruby/1.8' elsif osfamily.downcase =~ /redhat/ and PE_BUILD.downcase == true @plibdir = '/opt/puppet/lib/ruby/site_ruby/1.8' end That sounds like a bug to me! I've file http://projects.puppetlabs.com/issues/14607 to track the issue. A few questions: I've updated the ticket with this info already, but for those on the list. 1) Is there a different fact we should be using on SUSE that mentions that the box is actually a SUSE system? Here are the facts which mention suse on an OpenSUSE and SLES, and a SLES for vmware system. Looks like OpenSuSE is missing osfamily which seems odd. This is the case on OpenSUSE 11.3 (facter 1.5.7) and 12.1 (facter 1.6.0) using the stock facter. Looks like lsbdistid is the only commonality across the systems. OpenSuSE: facter |grep -i suse lsbdistdescription = openSUSE 12.1 (i586) lsbdistid = SUSE LINUX operatingsystem = OpenSuSE SLES: facter | grep -i suse lsbdistdescription = SUSE Linux Enterprise Server 11 (x86_64) lsbdistid = SUSE LINUX osfamily = Suse SLES for VMWARE: facter |grep -i suse lsbdistdescription = SUSE Linux Enterprise Server 11 (x86_64) lsbdistid = SUSE LINUX 2) What is the ruby library path on a SUSE system using the stock ruby packages? The ruby library path from the stock package depends on architecture but will be one of the following: i586: /usr/lib/ruby/site_ruby/1.8/ x86_64: /usr/lib64/ruby/site_ruby/1.8/ Thanks! deepak -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Regression in SUSE package for puppet-dashboard-1.2.7
Actually ruby(abi) is defined as a Provides in ruby.spec for SuSE, see link below, but I don't know why it fails to pick it up. You can simply force the puppet-dashboard package with --nodeps and it works just fine. https://build.opensuse.org/package/view_file?file=ruby.specpackage=rubyproject=openSUSE%3A12.1%3AUpdaterev=dbf21799e3d1bb8b3b21b5aa109d7530 -- Later, Darin On Fri, Apr 20, 2012 at 11:54 AM, Jeffrey Watts jeffrey.w.wa...@gmail.com wrote: SuSE doesn't use the ruby(abi) dependencies. That's a Red Hat thing. The good news is that it's trivial to rebuild the RPM so that it works with SLES. I posted a diff a while back on this list - it's what I use. Keep in mind that this was for an older version, so YMMV. Good luck. Jeffrey. $ diff puppet-dashboard.spec puppet-dashboard.spec-sles 2c2 %global initrddir /etc/rc.d/init.d --- %global initrddir /etc/init.d 9c9 Release: 1%{?dist} --- Release: 2%{?dist} 17,18c17,18 Requires: ruby(abi) = 1.8, rubygems, ruby-mysql Requires: ruby 1.8.7, rubygem(rake) --- Requires: rubygems, ruby-mysql Requires: ruby 1.8.7, rubygem-rake 22,25d21 Requires(post): chkconfig Requires(preun): chkconfig Requires(preun): initscripts Requires(postun): initscripts 137a134,136 * Wed Dec 07 2011 Jeffrey Watts jwa...@adknowledge.com - 1.2.3-2 - Modified it to work on SLES On Fri, Apr 20, 2012 at 2:44 AM, Julien C. cornu...@gmail.com wrote: Hi, I'm using the following repository : http://download.opensuse.org/repositories/home:/eclipseagent:/puppet/openSUSE_12.1/ And I'm having a weird error when I try to update puppet-dashboard : Problem: nothing provides ruby(abi) = 1.8.7 needed by puppet-dashboard-1.2.7-6.1.noarch My ruby (1.8.7.p357-2.3.1.i586) seems up-to-date and I didn't have this message when I installed 1.2.6 Any idea what I'm missing ? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet on OpenSuSE SLES
You can grab the .spec from the build service project or the srpm links below. http://download.opensuse.org/repositories/home:/eclipseagent:/puppet/ https://build.opensuse.org/project/show?project=home%3Aeclipseagent%3Apuppet -- Later, Darin On Thu, Mar 29, 2012 at 5:03 AM, r0k5t4r oliver_weinm...@gmx.de wrote: Hi, would you mind sharing the specfile you have used to build ruby-shadow? Regards, Oliver Am Montag, 12. März 2012 17:46:17 UTC+1 schrieb Jeffrey Watts: I took the RHEL/EPEL RPMs for ruby-shadow and puppet and rebuilt them for SLES. There are very few things that need changing. The RHEL/EPEL RPMs have really well put together SPECfiles. I believe I posted the SPECfile diff for puppet to this list a month or so ago. You might search the archives. Mostly what I did was comment out the Red Hat specific dependencies - it was really easy. You can build without Augeas if you're not using it. Good luck. Jeffrey. On Mon, Mar 12, 2012 at 5:19 AM, Julien C. cornu...@gmail.com wrote: Hi, I'm a big fan of Puppet and managed to have my company accept it. However, I'm having issues deploying it (I'm used to the debian version which works perfectly out of the box) : - There doesn't seem to be an official repository for Suse (I've seen it mentionned in the bugtracker but yum.puppetlabs.com doesn't contain SUSE packages). - I can't find a package for ruby-shadow. - I can't find a package for augeas either. I circumvented these problems by installing Puppet by hand (tarball) and writing ugly code (execs) to manage config files and user passwords. However, I'd like to know if I missed anything or if you can suggest solutions for any of these 3 issues... -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/z_oXvCuaLJsJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet on OpenSuSE SLES
The package has been updated to 2.7.14 in the repo. -- Later, Darin On Tue, Mar 13, 2012 at 7:38 AM, Julien C. cornu...@gmail.com wrote: By the way, I just noticed the version in your repo is 2.7.10, which shouldn't be used according to puppetlabs. Any chance you can make the time to push a new version ? Le lundi 12 mars 2012 15:26:19 UTC+1, Darin Perusich a écrit : You can still build for unsupported SuSE distro's via the build service, we're doing this in the server:monitoring repo for SLES10, you just need to manually add. them. It shouldn't be a problem as long as all the ruby requirements are there. I'll take a look at enabling this. -- Later, Darin On Mon, Mar 12, 2012 at 9:47 AM, Julien C. cornu...@gmail.com wrote: Hi, thank you for your answer, I didn't know about your repository. It will definitely help on my most recent servers. However, that only solves part of my problem : about two thirds of my servers still run SLES 10. Even if SLES 10 isn't listed in the Supported Operating Systems page, puppet (installed by hand) runs fine on it. Le lundi 12 mars 2012 14:03:20 UTC+1, Darin Perusich a écrit : http://download.opensuse.org/repositories/home:/eclipseagent:/puppet/ http://download.opensuse.org/repositories/systemsmanagement/ http://forge.puppetlabs.com/darin/zypprepo -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/viotSZofy8MJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/yfkT93nEabAJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Mcollective for OpenSUSE
There's a .spec in the tarball that builds cleanly when you comment out the two %defines and manually set the version and release. The %defines cause a Too many levels of recursion in macro expansion. error. -- Later, Darin On Wed, Mar 14, 2012 at 12:25 PM, Douglas Garstang doug.garst...@gmail.com wrote: Sorry if there's an mcollective mailing list... So, I'm working for a company that using OpenSUSE, which in my opinion is a very bad idea. Anyway, how can I get collective for OpenSUSE that doesn't involve using tarballs? It's not in the standard OpenSUSE repo's. Does someone else have a repo? Are there spec files for building RPM's in the tarball? Doug. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Mcollective for OpenSUSE
Hi Douglas, On Wed, Mar 14, 2012 at 3:22 PM, Douglas Garstang doug.garst...@gmail.com wrote: On Wed, Mar 14, 2012 at 9:59 AM, Darin Perusich da...@darins.net wrote: There's a .spec in the tarball that builds cleanly when you comment out the two %defines and manually set the version and release. The %defines cause a Too many levels of recursion in macro expansion. error. Darin, I haven't gone backed and looked at the spec file, but when you attempt to install mcollective-common, it barfs because it can't find the rubygems-stomp dependency, which doesn't seem to exist on OpenSUSE. Since OpenSUSE also uses RPM's, it would be nice if the people that wrote the spec file could have written to build clean RPM's, not just RPM's that work only on CentOS/Redhat. rubygems-stomp is available in the devel:languages:ruby:extensions repository, link below, so you can download/install the rpm from there or add the repo to you system. I have this repo installed on the system I built mcollective on so stomp was available. Also, you can search all the available opensuse repo's for packages at http://software.opensuse.org/search. http://download.opensuse.org/repositories/devel:/languages:/ruby:/extensions/ -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet on OpenSuSE SLES
Hi Julien, While there is no official repo from puppet labs for OpenSuSE/SuSE systems, there is an up to date repo in OBS, home:/eclipseagent:/puppet, see link below. Ben, the maintainer, and I make a pretty good effort to ensure the packages are updated, tested, and include all those dependencies not distributes to SuSE. We've also had some minimal discussion about pushing these packages into the sysetmsmanagement OBS repo but we just haven't had the time. I also maintain the zypprepo module which can be gotten from Puppet Forge, again link below. I build the srpm's and deploy from a local repo to all my hosts, instead of pointing them at OBS. It's a little more work on my part, but it affords me tighter control on the packages so I can test things before I deploy. http://download.opensuse.org/repositories/home:/eclipseagent:/puppet/ http://download.opensuse.org/repositories/systemsmanagement/ http://forge.puppetlabs.com/darin/zypprepo -- Later, Darin On Mon, Mar 12, 2012 at 6:19 AM, Julien C. cornu...@gmail.com wrote: Hi, I'm a big fan of Puppet and managed to have my company accept it. However, I'm having issues deploying it (I'm used to the debian version which works perfectly out of the box) : - There doesn't seem to be an official repository for Suse (I've seen it mentionned in the bugtracker but yum.puppetlabs.com doesn't contain SUSE packages). - I can't find a package for ruby-shadow. - I can't find a package for augeas either. I circumvented these problems by installing Puppet by hand (tarball) and writing ugly code (execs) to manage config files and user passwords. However, I'd like to know if I missed anything or if you can suggest solutions for any of these 3 issues... Cheers, -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/vbFHM5R8Q_4J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet on OpenSuSE SLES
You can still build for unsupported SuSE distro's via the build service, we're doing this in the server:monitoring repo for SLES10, you just need to manually add. them. It shouldn't be a problem as long as all the ruby requirements are there. I'll take a look at enabling this. -- Later, Darin On Mon, Mar 12, 2012 at 9:47 AM, Julien C. cornu...@gmail.com wrote: Hi, thank you for your answer, I didn't know about your repository. It will definitely help on my most recent servers. However, that only solves part of my problem : about two thirds of my servers still run SLES 10. Even if SLES 10 isn't listed in the Supported Operating Systems page, puppet (installed by hand) runs fine on it. Le lundi 12 mars 2012 14:03:20 UTC+1, Darin Perusich a écrit : http://download.opensuse.org/repositories/home:/eclipseagent:/puppet/ http://download.opensuse.org/repositories/systemsmanagement/ http://forge.puppetlabs.com/darin/zypprepo -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/viotSZofy8MJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] limiting definition variable values
Hello, Can you limit the values which might be passed to a definition? I haven't been able to find any examples and anything I've tried based on reading the docs has been fruitless. I'm creating some templates for config files and certainly values are only allowed limited values. like ipv4, ipv6, any, etc. I could always add a note saying see manpage for proper values but I'm just trying to add some sanity checks. simple example: class config ( $protocol = any or ipv4 or ipv6 ) { #pass to a template } -- Later, Darin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] puppet on solaris 11
Puppet package for solaris are available from OpenCSW.org and are kept up to date by the maintainer. You may find this easier and cleaner then mucking around with source and gem installs. -- Later, Darin On Wed, Feb 15, 2012 at 4:40 PM, Tim Dunphy bluethu...@gmail.com wrote: hello, I've been asked to install puppet client onto a solaris 11 machine. I found some instructions that referenced a website called 'codenursary.com' however that website does not appear to be online anymore. http://projects.puppetlabs.com/projects/1/wiki/Puppet_Solaris codenursery.com However I attempted both a gem install of puppet as well as a source install with ./install.rb and I get the same results whenever I try to run a puppet foo command: root@sol3:/opt/puppet-2.7.10# puppet file /etc/hosts /usr/ruby/1.8/lib/ruby/site_ruby/1.8/puppet/application.rb:219:in `find': undefined method `join' for Puppet::Application::File:Class (NoMethodError) from /usr/ruby/1.8/lib/ruby/site_ruby/1.8/puppet/util/command_line.rb:60:in `execute' from /usr/ruby/1.8/bin/puppet:4 So kind puppeteers I would like to know what on earth I am doing wrong and how can I get a working puppet installation under Solaris 11 x86? Thanks you tim tim -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Announce: zypprepo module
Hello All, I'd like to announce the release of 'zypprepo', a client-side description of a zypper repository type. This Puppet type is a port of the 'yumrepo' type from the Puppet 2.7 code based and is available from Puppet Forge, link below. For those using puppet-module it can be easily installed via puppet-module install darin/zypprepo. I've been using it successfully on my systems but I'd be very interested in receiving some feedback from others. http://forge.puppetlabs.com/darin/zypprepo Quick note about puppet-module. I've created an puppet-module rpm package to simplify it's installation as well. It's available from my OBS repository for all current OpenSUSE releases, but I'm sure it can be easily built to support other systems as well. http://download.opensuse.org/repositories/home:/deadpoint/openSUSE_12.1/ -- Later, Darin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Announce: zypprepo module
Hello All, I'd like to announce the release of 'zypprepo', a client-side description of a zypper repository type. This Puppet type is a port of the 'yumrepo' type from the Puppet 2.7 code based and is available from Puppet Forge, link below. For those using puppet-module it can be easily installed via puppet-module install darin/zypprepo. I've been using it successfully on my systems but I'd be very interested in receiving some feedback from others. http://forge.puppetlabs.com/darin/zypprepo Quick note about puppet-module. I've created an puppet-module rpm package to simplify it's installation as well. It's available from my OBS repository for all current OpenSUSE releases, but I'm sure it can be easily built to support other systems as well. http://download.opensuse.org/repositories/home:/deadpoint/openSUSE_12.1/ -- Later, Darin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] puppet-module-tool question
On Fri, Feb 10, 2012 at 9:05 AM, Kelsey Hightower kel...@puppetlabs.com wrote: On Feb 10, 2012, at 8:41 AM, Darin Perusich wrote: The puppet-module-tool GIT pages says it's been converted into a puppet face and merged into puppet core. Does this make puppet-module obsolete or does it still need to be installed? The puppet module tool still needs to be installed, sorry for the confusion. If you would like to use it right now, please following the installation instructions on the github page (gem install puppet-module). Once the new version of the module tool is ready for release, we will deprecate the current stand-alone version, but it will stay around to support users running older versions of Puppet. Thanks for the clarification Kelsey. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] scaling projections for dashboard database?
Hi Jo, The ibdata1 file only grows and never shrinks so I'd recommend setting/adding innodb_file_per_table in /etc/my.cnf. You'll need to go through the steps to purge it first, google is your friend, first but you'll now longer have the ever growing idbata1 file. You probably have a bunch of old mysql-bin.0* replication logs that can be nuked as well. I'll be happy once the dashboard support PostgreSQL -- Later, Darin On Mon, Jan 9, 2012 at 1:40 PM, Jo Rhett jrh...@netconsonance.com wrote: So I got dashboard up and running on our production system on Thursday before I left. Within 48 hours it had completed filled the /var filesystem. The ibdata1 file is currently at 8GB in size. 1. What size should I expect for ~500 nodes reporting every 30 minutes? 2. Are there some database cleanup scripts which I have managed to overlook that need to be run? -- Jo Rhett Net Consonance : consonant endings by net philanthropy, open source and other randomness -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] scaling projections for dashboard database?
When mysql is running with innodb_file_per_table enabled you can use OPTIMIZE TABLE free space in the table files. When you have a single ibdata file it does not. I'm not aware of any cleanup scripts or what size you should expect the db to grow to. -- Later, Darin On Mon, Jan 9, 2012 at 3:43 PM, Jo Rhett jrh...@netconsonance.com wrote: On Jan 9, 2012, at 11:30 AM, Darin Perusich wrote: The ibdata1 file only grows and never shrinks so I'd recommend setting/adding innodb_file_per_table in /etc/my.cnf. You'll need to go through the steps to purge it first, google is your friend, first but you'll now longer have the ever growing idbata1 file. I'm not tracking this answer. I'm familiar with that option, and it means that instead of one I will have eighteen ever-growing files, right? How does this change the total space used? I have no problem with the database size never getting smaller on disk, I'm just curious what size is expected for it to grow to, and are there any cleanup scripts should should be done to free rows? -- Jo Rhett Net Consonance : consonant endings by net philanthropy, open source and other randomness -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] debugging ldap enc
Hello All, I'm trying to get LDAP Nodes working but it's failing on my puppet master with err: Could not find default node or by name with 'node.example.com, node.example, node,' on node node.example.com, the client of course error's with Could not retrieve catalog from remote server:. A review of the ldap server access log shows a successfully query, log entries below, so I'm really at a loss as to why things are failing. I've pretty much set things up as detail in the LDAP_Nodes wiki page and from the Pulling strings book. I'm running Puppet via mod_passenger and I've set rails_loglevel = debug but it doesn't provide any messages related to why the ldap lookup is failing. I've start tried starting puppetmasterd with --no-daemonize --verbose --debug but it also tells me nothing to point me in the right direction. I've also tried strace'ing puppetmasterd but again nothing. Is there anyway I can get some useful debugging enabled? Puppet 2.7.9 (both client and server) ruby-ldap 0.9.9 % ruby -rldap -e 'puts :installed' installed % ruby -rpuppet -e 'p Puppet.features.ldap?' true ldapsearch -x -LLL -h 1.1.1.2 -b ou=hosts,dc=example,dc=com ((objectclass=puppetClient)(cn=*)) dn: cn=default,ou=hosts,dc=example,dc=com cn: default puppetClass: common objectClass: device objectClass: puppetClient objectClass: top dn: cn=node.example.com,ou=hosts,dc=example,dc=com parentNode: basenode objectClass: device objectClass: puppetClient objectClass: ipHost objectClass: top ipHostNumber: 1.1.1.6 cn: node.example.com dn: cn=basenode,ou=hosts,dc=example,dc=com cn: basenode puppetClass: common objectClass: device objectClass: puppetClient objectClass: top LDAP Access log entry: [06/Jan/2012:11:33:12 -0500] CONNECT conn=170 from=1.1.1.6:44213 to=1.1.1.2:389 protocol=LDAP [06/Jan/2012:11:33:12 -0500] BIND REQ conn=170 op=0 msgID=1 type=SIMPLE dn= [06/Jan/2012:11:33:12 -0500] BIND RES conn=170 op=0 msgID=1 result=0 authDN= etime=0 [06/Jan/2012:11:33:12 -0500] SEARCH REQ conn=170 op=1 msgID=2 base=ou=hosts,dc=example,dc=com scope=wholeSubtree filter=((objectclass=puppetClient)(cn=node.example.com)) attrs=ALL [06/Jan/2012:11:33:12 -0500] SEARCH RES conn=170 op=1 msgID=2 result=0 nentries=1 etime=1 [06/Jan/2012:11:33:12 -0500] SEARCH REQ conn=170 op=2 msgID=3 base=ou=hosts,dc=example,dc=com scope=wholeSubtree filter=((objectclass=puppetClient)(cn=basenode)) attrs=ALL [06/Jan/2012:11:33:12 -0500] SEARCH RES conn=170 op=2 msgID=3 result=0 nentries=1 etime=0 [06/Jan/2012:11:33:16 -0500] UNBIND REQ conn=170 op=3 msgID=4 [06/Jan/2012:11:33:16 -0500] DISCONNECT conn=170 reason=Client Unbind Thanks! -- Later, Darin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: debugging ldap enc
I just added node default {} to the site.pp and LDAP ENC has magically started working. This is not mentioned nowhere in Pulling strings, I can't comment on Pro Puppet since I don't have it, and based on my reading of the LDAP_Nodes wiki page I took the default nodes section to mean this was only necessary if a node wasn't note defined, which mine are in LDAP. It's very frustrating to have wasted hours of time trying to debug a non-issue when simply stating that you must set node default {} in site.pp order for this to work. I will clarify this note in the wiki w/the hopes it will save other such frustrations. -- Later, Darin On Fri, Jan 6, 2012 at 11:56 AM, Darin Perusich da...@darins.net wrote: Hello All, I'm trying to get LDAP Nodes working but it's failing on my puppet master with err: Could not find default node or by name with 'node.example.com, node.example, node,' on node node.example.com, the client of course error's with Could not retrieve catalog from remote server:. A review of the ldap server access log shows a successfully query, log entries below, so I'm really at a loss as to why things are failing. I've pretty much set things up as detail in the LDAP_Nodes wiki page and from the Pulling strings book. I'm running Puppet via mod_passenger and I've set rails_loglevel = debug but it doesn't provide any messages related to why the ldap lookup is failing. I've start tried starting puppetmasterd with --no-daemonize --verbose --debug but it also tells me nothing to point me in the right direction. I've also tried strace'ing puppetmasterd but again nothing. Is there anyway I can get some useful debugging enabled? Puppet 2.7.9 (both client and server) ruby-ldap 0.9.9 % ruby -rldap -e 'puts :installed' installed % ruby -rpuppet -e 'p Puppet.features.ldap?' true ldapsearch -x -LLL -h 1.1.1.2 -b ou=hosts,dc=example,dc=com ((objectclass=puppetClient)(cn=*)) dn: cn=default,ou=hosts,dc=example,dc=com cn: default puppetClass: common objectClass: device objectClass: puppetClient objectClass: top dn: cn=node.example.com,ou=hosts,dc=example,dc=com parentNode: basenode objectClass: device objectClass: puppetClient objectClass: ipHost objectClass: top ipHostNumber: 1.1.1.6 cn: node.example.com dn: cn=basenode,ou=hosts,dc=example,dc=com cn: basenode puppetClass: common objectClass: device objectClass: puppetClient objectClass: top LDAP Access log entry: [06/Jan/2012:11:33:12 -0500] CONNECT conn=170 from=1.1.1.6:44213 to=1.1.1.2:389 protocol=LDAP [06/Jan/2012:11:33:12 -0500] BIND REQ conn=170 op=0 msgID=1 type=SIMPLE dn= [06/Jan/2012:11:33:12 -0500] BIND RES conn=170 op=0 msgID=1 result=0 authDN= etime=0 [06/Jan/2012:11:33:12 -0500] SEARCH REQ conn=170 op=1 msgID=2 base=ou=hosts,dc=example,dc=com scope=wholeSubtree filter=((objectclass=puppetClient)(cn=node.example.com)) attrs=ALL [06/Jan/2012:11:33:12 -0500] SEARCH RES conn=170 op=1 msgID=2 result=0 nentries=1 etime=1 [06/Jan/2012:11:33:12 -0500] SEARCH REQ conn=170 op=2 msgID=3 base=ou=hosts,dc=example,dc=com scope=wholeSubtree filter=((objectclass=puppetClient)(cn=basenode)) attrs=ALL [06/Jan/2012:11:33:12 -0500] SEARCH RES conn=170 op=2 msgID=3 result=0 nentries=1 etime=0 [06/Jan/2012:11:33:16 -0500] UNBIND REQ conn=170 op=3 msgID=4 [06/Jan/2012:11:33:16 -0500] DISCONNECT conn=170 reason=Client Unbind Thanks! -- Later, Darin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: File dependency not found when specified in a define
In the first place, your definition is a bit screwey in that it cannot be instantiated more than once (you would get a duplicate resource error on File['sshd_config']). A definition creates a resource *type* but you're using it as if it created a single resource. And that leads directly to the crux of your problem: at the point where your service resource is parsed, no instance of the definition can yet have been created, and therefore File['sshd_config'] cannot yet have been declared. The service cannot declare a dependency on an undeclared resource. Since you would prefer to put the definition in its own file anyway, I recommend you do so. Then, add include 'ssh' at the beginning of its body and re-enable the 'notify' parameter in the file resource. Remove the 'subscribe' from the service resource, but add require = Package['ssh']. Then you should be good to go. I'll give these changes a try and let you know how things turn out. I've updated the module using your recommendations and it is working nicely, however I do get the duplicate resource on File['sshd_config'] if/when it's set multiple times. What would be the recommended way to of handling this? Other than not duplicating the resource. Thanks! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] LDAP Authentication and puppet?
On Mon, Dec 12, 2011 at 3:24 PM, Peter Berghold salty.cowd...@gmail.comwrote: Has anybody managed to come up with a class or define that would query an LDAP server for a hostgroup and create the home directories and apply a skeleton to those directories based on the users in the host group? If you're not using autofs for home directories then you'll want to configure pam_mkhomedir so you're ldap users homedirs are autocreated on first login. It take care of populating from a skel, sets umask, etc. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet Dashboard or Forman on SLES?
Mike, I'd recommend pulling down the SRPM from the Open(SuSE) Build Service if you're thinking about at building packages for SuSE. Ben has put a lot of work and effort into packaging for Puppet and the dashboard on SuSE systems. We've SuSE'fied the init scripts, added them for the dashboard worker processes, etc. Also using the magic of the build service it's trivial to build the packages for other distributions. http://download.opensuse.org/repositories/home:/eclipseagent:/puppet/openSUSE_12.1/src/ https://build.opensuse.org/package/show?package=puppet-dashboardproject=home%3Aeclipseagent%3Apuppet -- Later, Darin On Fri, Dec 9, 2011 at 10:18 PM, Michael Stahnke stah...@puppetlabs.comwrote: Thanks. I'll tackle this next week. Mike On Fri, Dec 9, 2011 at 2:42 PM, Jeffrey Watts jeffrey.w.wa...@gmail.com wrote: Here you go: $ diff puppet-dashboard.spec puppet-dashboard.spec-sles 2c2 %global initrddir /etc/rc.d/init.d --- %global initrddir /etc/init.d 9c9 Release:1%{?dist} --- Release:2%{?dist} 17,18c17,18 Requires: ruby(abi) = 1.8, rubygems, ruby-mysql Requires: ruby 1.8.7, rubygem(rake) --- Requires: rubygems, ruby-mysql Requires: ruby 1.8.7, rubygem-rake 22,25d21 Requires(post): chkconfig Requires(preun): chkconfig Requires(preun): initscripts Requires(postun): initscripts 137a134,136 * Wed Dec 07 2011 Jeffrey Watts jwa...@adknowledge.com - 1.2.3-2 - Modified it to work on SLES Jeffrey. On Fri, Dec 9, 2011 at 3:35 PM, Michael Stahnke stah...@fedoraproject.org wrote: If somebody has a spec file that is working pretty well for SLES and/or OpenSUSE we'd be glad to look at it and potentially host packages for it. It's on the list of things to do, it just hasn't made it to the top yet. Mike -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet Dashboard or Forman on SLES?
You can grab puppet-dashboard RPMs/SRPMs from the OpenSuSE build service for SLES and OpenSUSE. I build and deploy these from a local repository and they work great. I'm also in contact with the upstream OBS package maintainer providing patches, scripts, feedback, etc to ensure they're stable and working as advertised on SuSE/OpenSuSE systems. http://download.opensuse.org/repositories/home:/eclipseagent:/puppet/ I've recently started porting the foreman and foreman-proxy packages to SuSE/OpenSuSE. They're not available yet but once they're ready they'll be available from my personal repo. https://build.opensuse.org/project/show?project=home%3Adeadpoint http://download.opensuse.org/repositories/home:/deadpoint/ -- Later, Darin On Thu, Dec 8, 2011 at 5:53 AM, Wiesel82 wiese...@gmx.ch wrote: Hi all, i planned for a startup to install one of this gui tools. But if i look in the documentation, or google it, i find no results which helps. If i would like to install the rpm package i get the following dependencies problems rpm -i puppet-dashboard-1.2.3-1.el6.noarch.rpm warning: puppet-dashboard-1.2.3-1.el6.noarch.rpm: Header V4 RSA/SHA1 signature: NOKEY, key ID 4bd6ec30 error: Failed dependencies: chkconfig is needed by puppet-dashboard-1.2.3-1.el6.noarch initscripts is needed by puppet-dashboard-1.2.3-1.el6.noarch rpmlib(FileDigests) = 4.6.0-1 is needed by puppet- dashboard-1.2.3-1.el6.noarch ruby(abi) = 1.8 is needed by puppet-dashboard-1.2.3-1.el6.noarch ruby-mysql is needed by puppet-dashboard-1.2.3-1.el6.noarch rubygem(rake) is needed by puppet-dashboard-1.2.3-1.el6.noarch rpmlib(PayloadIsXz) = 5.2-1 is needed by puppet- dashboard-1.2.3-1.el6.noarch and for foreman rpm -i foreman-0.4-0.2.noarch.rpm error: Failed dependencies: chkconfig is needed by foreman-0.4-0.2.noarch initscripts is needed by foreman-0.4-0.2.noarch ruby(abi) = 1.8 is needed by foreman-0.4-0.2.noarch rubygem(json) is needed by foreman-0.4-0.2.noarch rubygem(rake) = 0.8.3 is needed by foreman-0.4-0.2.noarch rubygem(rest-client) is needed by foreman-0.4-0.2.noarch rubygem(sqlite3-ruby) is needed by foreman-0.4-0.2.noarch I don't find some packages for Sles 11 SP1. Did anybody installed one of this tools on Sles 11 SP1? Best regards Wiesel -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: File dependency not found when specified in a define
Hi John, On Wed, Dec 7, 2011 at 4:58 PM, jcbollinger john.bollin...@stjude.orgwrote: On Dec 6, 7:59 am, Darin Perusich da...@darins.net wrote: I have tried this by placing the 'define sshd_config' into a separate file, /etc/puppet/modules/ssh/manifests/sshd_config.pp, and using include ssh. I prefer this method but I get the same error. I've merged the define back into init.pp thinking I wouldn't need to explicitly declare the ssh class within ssh::sshd_config because of it's inclusion.- Hide quoted text - In the first place, your definition is a bit screwey in that it cannot be instantiated more than once (you would get a duplicate resource error on File['sshd_config']). A definition creates a resource *type* but you're using it as if it created a single resource. This is my first attempt at setting up a dynamic template so i'm not surprised it's screwy. It's loosely based on similar modules I've seen online and what I've gathered from read the documentation. Basically what i want is to specify a 'default' sshd_config, based on the template, with the ability to change things like AllowGroups/User, sftp-server options, etc. And that leads directly to the crux of your problem: at the point where your service resource is parsed, no instance of the definition can yet have been created, and therefore File['sshd_config'] cannot yet have been declared. The service cannot declare a dependency on an undeclared resource. Since you would prefer to put the definition in its own file anyway, I recommend you do so. Then, add include 'ssh' at the beginning of its body and re-enable the 'notify' parameter in the file resource. Remove the 'subscribe' from the service resource, but add require = Package['ssh']. Then you should be good to go. I'll give these changes a try and let you know how things turn out. Thanks! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] File dependency not found when specified in a define
Hi Phillip, On Mon, Dec 5, 2011 at 4:26 PM, Phillip Frost ind...@bitglue.com wrote: On Dec 5, 2011, at 4:21 PM, Darin Perusich wrote: Hello All, I'm working on an ssh module and using a define to specify non-standard sshd_config options via templates. I basically want to add additional entries to the AllowGroups, set or unset Subsystem options, etc. Whenever I run puppet agent --test --noop against this modules is fails with err: Failed to apply catalog: Could not find dependency File[sshd_config] for Service[sshd] at /etc/puppet/modules/ssh/manifests/init.pp:42. [...] http://pastebin.com/dGwtEEzB How are you declaring this ssh::sshd_config resource or the ssh class? I suspect you are declaring ssh:sshd_config but not the class, so the sshd service and sshd_config file declared therein aren't declared, thus the error. The ssh class, as posted in the pastebin link, is defined in /etc/puppet/modules/ssh/manifests/init.pp, and given that the ssh:sshd_config is defined within said init.pp I didn't think I needed to do anything else. If that's the case, one solution is to add include ssh inside ssh::ssh_config. This will implicitly declare the ssh class whenever you declare a ssh::sshd_config. The other solution (which I'd prefer, because explicit is better than implicit) is to declare the ssh class explicitly before you declare an ssh:ssh_config, with either: include ssh or class { 'ssh': } I have tried this by placing the 'define sshd_config' into a separate file, /etc/puppet/modules/ssh/manifests/sshd_config.pp, and using include ssh. I prefer this method but I get the same error. I've merged the define back into init.pp thinking I wouldn't need to explicitly declare the ssh class within ssh::sshd_config because of it's inclusion. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] File dependency not found when specified in a define
Hello All, I'm working on an ssh module and using a define to specify non-standard sshd_config options via templates. I basically want to add additional entries to the AllowGroups, set or unset Subsystem options, etc. Whenever I run puppet agent --test --noop against this modules is fails with err: Failed to apply catalog: Could not find dependency File[sshd_config] for Service[sshd] at /etc/puppet/modules/ssh/manifests/init.pp:42. I've reviewed/compared this modules against other modules which are using define in the way and have following http://docs.puppetlabs.com/learning/definedtypes.html but I have no idea what's causing the client/agent side error. puppet parser --debug --verbose validate init.pp doesn't return any errors, or debugging/verbosity for that matter, so it's syntactically sound. Puppet version is 2.7.6 on both the client and server. My ssh class/module can be found at this link. If anyone can provide any insight as to what the problem is I'd really appreciate it. I've been banging my head on this for far to long. http://pastebin.com/dGwtEEzB -- Later, Darin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] storeconfgs not initializing database
Hi Bernd, I've tried with and without dbsocket being set but it has no affect. -- Later, Darin On Wed, Nov 30, 2011 at 3:53 AM, Bernd Adamowicz bernd.adamow...@esailors.de wrote: Did you try uncommenting the ‘dbsocket’ line? Maybe you should check where the ‘mysql.sock’ file is actually located – it might not be default. For me this works pretty good: ** ** [master] user = puppet group = puppet reports = puppet_dashboard storeconfigs = true dbadapter = mysql dbuser = puppet dbpassword = xxx dbserver = localhost dbsocket = /var/lib/mysql/mysql.sock ** ** Bernd ** ** *Von:* puppet-users@googlegroups.com [mailto:puppet-users@googlegroups.com] *Im Auftrag von *Darin Perusich *Gesendet:* Dienstag, 29. November 2011 22:49 *An:* puppet-users@googlegroups.com *Betreff:* [Puppet Users] storeconfgs not initializing database ** ** Hello, I'm attempting to setup puppet 2.7.6 to use the storeconfigs but it's failing to create the database and I'm not seeing any error or messages in the logs related to initializing the database. I'm using mysql and have created the user/role and the database and I'm able to connect successfully on both localhost and remotely. I'm running the dashboard on the same system and it's able to connect to it's db without issue. When I run lsof against the master process it hasn't loaded the ruby mysql library, which I can see when I lsof the dashboard process. Any thoughts? System: OpenSUSE 11.3 puppet 2.7.6 apache2 + passenger-3.0.9 [master] # required for Apache with Passenger (aka mod_rails) ssl_client_header = SSL_CLIENT_S_DN ssl_client_verify_header = SSL_CLIENT_VERIFY #dbmigrate = true dbadapter = mysql dbname = puppet dbuser = puppet dbpassword = password #dbsocket = /var/run/mysql/mysql.sock dbserver = localhost storeconfigs = true -- Later, Darin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] storeconfgs not initializing database
Ok, I've resolved this. The reason puppet wasn't able to make the database connections, any database for that matter, was the rubygem-activerecord package wasn't installed. I figured this out by switching back to puppetmasterd and running with --debug --no-daemonize --verbose and seeing the message ActiveRecord 2.1 or later required for StoreConfigs in the output. Running puppet via Passenger really didn't provide any useful logs. FYI...I getting this packages from this, and Passenger, from the OBS devel:/languages:/ruby:/extensions repository. http://download.opensuse.org/repositories/devel:/languages:/ruby:/extensions/openSUSE_11.3/ Thanks! -- Later, Darin On Wed, Nov 30, 2011 at 8:44 AM, Darin Perusich da...@darins.net wrote: Hi Bernd, I've tried with and without dbsocket being set but it has no affect. -- Later, Darin On Wed, Nov 30, 2011 at 3:53 AM, Bernd Adamowicz bernd.adamow...@esailors.de wrote: Did you try uncommenting the ‘dbsocket’ line? Maybe you should check where the ‘mysql.sock’ file is actually located – it might not be default. For me this works pretty good: ** ** [master] user = puppet group = puppet reports = puppet_dashboard storeconfigs = true dbadapter = mysql dbuser = puppet dbpassword = xxx dbserver = localhost dbsocket = /var/lib/mysql/mysql.sock ** ** Bernd ** ** *Von:* puppet-users@googlegroups.com [mailto: puppet-users@googlegroups.com] *Im Auftrag von *Darin Perusich *Gesendet:* Dienstag, 29. November 2011 22:49 *An:* puppet-users@googlegroups.com *Betreff:* [Puppet Users] storeconfgs not initializing database ** ** Hello, I'm attempting to setup puppet 2.7.6 to use the storeconfigs but it's failing to create the database and I'm not seeing any error or messages in the logs related to initializing the database. I'm using mysql and have created the user/role and the database and I'm able to connect successfully on both localhost and remotely. I'm running the dashboard on the same system and it's able to connect to it's db without issue. When I run lsof against the master process it hasn't loaded the ruby mysql library, which I can see when I lsof the dashboard process. Any thoughts? System: OpenSUSE 11.3 puppet 2.7.6 apache2 + passenger-3.0.9 [master] # required for Apache with Passenger (aka mod_rails) ssl_client_header = SSL_CLIENT_S_DN ssl_client_verify_header = SSL_CLIENT_VERIFY #dbmigrate = true dbadapter = mysql dbname = puppet dbuser = puppet dbpassword = password #dbsocket = /var/run/mysql/mysql.sock dbserver = localhost storeconfigs = true -- Later, Darin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] storeconfgs not initializing database
Hello, I'm attempting to setup puppet 2.7.6 to use the storeconfigs but it's failing to create the database and I'm not seeing any error or messages in the logs related to initializing the database. I'm using mysql and have created the user/role and the database and I'm able to connect successfully on both localhost and remotely. I'm running the dashboard on the same system and it's able to connect to it's db without issue. When I run lsof against the master process it hasn't loaded the ruby mysql library, which I can see when I lsof the dashboard process. Any thoughts? System: OpenSUSE 11.3 puppet 2.7.6 apache2 + passenger-3.0.9 [master] # required for Apache with Passenger (aka mod_rails) ssl_client_header = SSL_CLIENT_S_DN ssl_client_verify_header = SSL_CLIENT_VERIFY #dbmigrate = true dbadapter = mysql dbname = puppet dbuser = puppet dbpassword = password #dbsocket = /var/run/mysql/mysql.sock dbserver = localhost storeconfigs = true -- Later, Darin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.