Re: [Puppet Users] Group ensure value doesn't work like user ensure value
Dominic,
You may be running into some circular reasoning in how you are trying to
setup the group/user. The user if GID is supplied will require the group.
By linking the user as a dependency of the group causes puppet to choke.
http://docs.puppetlabs.com/references/latest/type.html#user
Autorequires: If Puppet is managing the user’s primary group (as provided
in the gid attribute), the user resource will autorequire that group. If
Puppet is managing any role accounts corresponding to the user’s roles, the
user resource will autorequire those role accounts.
On Thu, Oct 31, 2013 at 6:03 PM, Dominic Scheirlinck wrote:
> Here's a bit of manifest code for a user and group. Note the explicit
> ordering between the resources, but also notice we're not explicitly
> specifying the ensure => present for either:
>
> group {
> 'something':;
> } -> user {
> 'something':
> gid=> 'something';
> }
>
> With the explicit ordering, I get:
>
> > Debug: /Group[something]/before: requires User[something]
>
> And without it, I get:
>
> > Debug: /User[something]: Autorequiring Group[something]
>
> So, the ordering at least seems to be noticed. But, regardless (in both
> cases), puppet attempts to add the user first, without attempting to add
> the group:
>
> > Debug: /User[something]: Autorequiring Group[something]
> > Info: Applying configuration version '1383263341'
> > Debug: Executing '/usr/sbin/useradd -g something something'
> > Error: Could not create user something: Execution of '/usr/sbin/useradd
> -g something something' returned 6: useradd: group 'something' does not
> exist
> > Error: /User[something]/ensure: change from absent to present failed:
> Could not create user something: Execution of '/usr/sbin/useradd -g
> something something' returned 6: useradd: group 'something' does not exist
>
> The manifest code above is the only thing in the file, and I'm using
> `puppet apply` to run it to really get it down to a minimal test case.
>
> This seems to be because a group resource without an explicit ensure =>
> 'present' will never be created. However, a user resource without an
> explicit ensure will. This seems weirdly inconsistent, and there's no
> mention of the distinction that I could see in the Type Reference
> documentation. Is it an expected difference between the types? Or just a
> matter of undefined behaviour when ensure isn't given to resources (some
> ensure present, some do nothing)?
>
>
> Regards,
> Dominic
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/47f430b9-7229-401a-80a0-2e9a8f88e2dc%40googlegroups.com
> .
> For more options, visit https://groups.google.com/groups/opt_out.
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAOwhAcq%3D%2BUJsbGxw69nnHMnCB-KNCw1sAvggaKabFyjs_t_GUw%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] On code organization and the deprecation of include
It may be worth it to look more at hiera and adjust your codebase there.
For example my site.pp has one line: hiera_include('classes').
I organize my setup so that hiera looks for my nodes under
hieradata/nodes/certname.yaml I see no reason not to allow further nesting
if needed.
That being said it may be a good time to look into an ENC (External Node
Classifier) like Foreman. I haven't done this yet as I work on a team and
have to take baby steps so everyone keeps up.
On Wed, May 21, 2014 at 10:44 AM, Andre Nathan wrote:
> On Wednesday, May 21, 2014 1:14:31 PM UTC-3, Garrett Honeycutt wrote:
>>
>> I believe you mean the deprecation of 'import'.
>
>
> Woops, indeed.
>
>
>> The easiest way to fix
>> this is to cat all of your files together into one site.pp file.
>>
>
> Now that's even worse than having all node files in a single directory.
>
>
>> Your usage of a base node that other nodes inherit is an anti-pattern
>> though and will cause you grief as you grow.
>
>
> Why is it an anti-pattern? Isn't variable inheritance supported? Why can't
> I organize my nodes in sub-directories? It's something simple that greatly
> enhances code organization.
>
> Best,
> Andre
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/3be8fcd1-0626-4947-bf2b-d9d63475f470%40googlegroups.com
> .
> For more options, visit https://groups.google.com/d/optout.
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAOwhAcq4oYFwk_%3DStwBcftk%2BOMTVWXYrjWLiZUp8%3D5hCwO8saQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Puppet Resources overridden using Hiera
Try getting your user list from hiera. Then it will easily be overridden on
a server basis.
class company::sshkeys ( users, ) {
users.each |$my_user| {
user { $my_user:
ensure => present,
gid => "company",
home=> "/home/${my_user}",
managehome => true,
shell => "/bin/bash",
require => Group["company"]
}
}
}
On Wed, May 21, 2014 at 11:21 AM, Danny Roberts <
dannyroberts.perso...@googlemail.com> wrote:
> I currently have a custom module that applies our companies' standard
> server config across all servers using Hiera. This includes a class called
> company::sshkeys that has various 'user' resource types (the standard
> puppet type) defined for all of our admins, for example:
>
> class company::sshkeys {
>
> user { "jane.doe":
> ensure => present,
> gid => "company",
> home=> "/home/jane.doe",
> managehome => true,
> shell => "/bin/bash",
> require => Group["company"]
> }
>
> }
>
> This is a slight simplification as the same class also includes our SSH
> public keys hence the name.
>
> I now find myself in the situation where I need to deny access to certain
> admins on a single server. We use Hiera in our set-up as much as possible
> and I would like to use Hiera to in the case of a single server tell Puppet
> to not create certain user accounts. I have tried many ways to do this but
> I am unsure on how to call the base resource types even though they are
> embedded in a custom class or even if such a thing is possible.
>
> Any thoughts on the cleanest way to exclude certain users from getting an
> account?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/5d0c1ae8-4c26-4135-b7b0-1146d97c9e53%40googlegroups.com
> .
> For more options, visit https://groups.google.com/d/optout.
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAOwhAcpHVbBHBB6N_rzCo3GFBed6kY6%2BBsUJt8xv4nWhiwSqog%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Puppet Resources overridden using Hiera
My apology the .each functionality is only available if parser=future.
http://docs.puppetlabs.com/puppet/latest/reference/experiments_future.html
On Wed, May 21, 2014 at 12:58 PM, Danny Roberts <
dannyroberts.perso...@googlemail.com> wrote:
> For some reason my Puppet install doesn't like that:
>
> Error: Could not retrieve catalog from remote server: Error 400 on SERVER:
> Syntax error at 'users'; expected ')' at
> /etc/puppet/modules/company/manifests/sshkeys.pp:1 on node puppetmaster
> Warning: Not using cache on failed catalog
> Error: Could not retrieve catalog; skipping run
>
> On Wednesday, 21 May 2014 18:44:00 UTC+1, Doug_F wrote:
>>
>> Try getting your user list from hiera. Then it will easily be overridden
>> on a server basis.
>>
>> class company::sshkeys ( users, ) {
>>
>> users.each |$my_user| {
>> user { $my_user:
>> ensure => present,
>> gid => "company",
>> home=> "/home/${my_user}",
>> managehome => true,
>> shell => "/bin/bash",
>> require => Group["company"]
>> }
>> }
>> }
>>
>>
>>
>> On Wed, May 21, 2014 at 11:21 AM, Danny Roberts > googlemail.com> wrote:
>>
>>> I currently have a custom module that applies our companies' standard
>>> server config across all servers using Hiera. This includes a class called
>>> company::sshkeys that has various 'user' resource types (the standard
>>> puppet type) defined for all of our admins, for example:
>>>
>>> class company::sshkeys {
>>>
>>> user { "jane.doe":
>>> ensure => present,
>>> gid => "company",
>>> home=> "/home/jane.doe",
>>> managehome => true,
>>> shell => "/bin/bash",
>>> require => Group["company"]
>>> }
>>>
>>> }
>>>
>>> This is a slight simplification as the same class also includes our SSH
>>> public keys hence the name.
>>>
>>> I now find myself in the situation where I need to deny access to
>>> certain admins on a single server. We use Hiera in our set-up as much as
>>> possible and I would like to use Hiera to in the case of a single server
>>> tell Puppet to not create certain user accounts. I have tried many ways to
>>> do this but I am unsure on how to call the base resource types even though
>>> they are embedded in a custom class or even if such a thing is possible.
>>>
>>> Any thoughts on the cleanest way to exclude certain users from getting
>>> an account?
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Puppet Users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to puppet-users...@googlegroups.com.
>>> To view this discussion on the web visit https://groups.google.com/d/
>>> msgid/puppet-users/5d0c1ae8-4c26-4135-b7b0-1146d97c9e53%
>>> 40googlegroups.com
>>> .
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
>> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/2cd3f157-32d3-453e-9a5c-66a1c0ed5a86%40googlegroups.com
> .
> For more options, visit https://groups.google.com/d/optout.
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAOwhAcrTVZGeQA_HuzxW6MHrxJdVk82ES0Jmwt-X%2BGzdRjBTYg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Using Hiera to Populate Defined Type in Puppet 3.6
profiles::logstash::config:
input_file:
content: 'this is a test'
order: '10'
Should probably be
profiles::logstash::config:
content: 'this is a test'
order: '10'
On Thu, May 29, 2014 at 10:27 AM, Brian Wilkins wrote:
> I am trying to use hiera to populate a defined type to feed the
> puppet-logstash module. So far, I have been unable to send the data from my
> hiera file to my defined type. I have tested my defined type and it is
> working, I just can't seem to populate the variables. It tells me that
> $content and $order are not set.
>
> /etc/puppet/modules/profiles/manifests/logstash/shipper.pp:
>
> class profiles::logstash::shipper() {
>
> $shipper_config = hiera('profiles::logstash::config')
> create_resources('config', $shipper_config)
>
> notice("${shipper_config[name]}")
> class { 'logstash':
> ensure => 'present',
> version => '1.4.1-1_bd507eb',
> status => 'enabled',
> }
>
> profiles::logstash::config { $name:
>content => $content,
>order => $order,
> }
>
> include logstash
> }
>
> /etc/puppet/modules/profiles/manifests/logstash/config.pp:
>
> define profiles::logstash::config(
> $content = undef,
> $order = undef,
> ) {
> logstash::configfile { $name:
> content => $content,
> order => $order
> }
> }
>
> /etc/puppet/data/node/els4172.els.dev.yaml:
>
> classes:
> - os::repo
> - profiles::logstash::shipper
>
> profiles::logstash::config:
>input_file:
> content: 'this is a test'
> order: '10'
>
>
> My notice is not called, it does not display a thing. Did I use
> create_resources correctly?
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/c162ac6e-257c-4c42-a856-0b2f99dbd7f3%40googlegroups.com
> .
> For more options, visit https://groups.google.com/d/optout.
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAOwhAco%3D8BpMiYopmD2jAVOLZrQDWMBvTqavjUMxb9ZQw-R2vw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Using Hiera to Populate Defined Type in Puppet 3.6
Try setting your notice("${shipper_config}") before create resources and
see what it prints out.
On Thu, May 29, 2014 at 10:47 AM, Brian Wilkins wrote:
> Oh ok, makes sense. I did that and now I get "can't convert String into
> Hash at /etc/puppet/modules/profiles/manifests/logstash/shipper.pp:15"
>
> My shipper.pp
>
> class profiles::logstash::shipper() {
>
> $shipper_config = hiera('profiles::logstash::config', {})
> create_resources('profiles::logstash::config', $shipper_config)
>
>
> notice("${shipper_config[name]}")
> class { 'logstash':
> ensure => 'present',
> version => '1.4.1-1_bd507eb',
> status => 'enabled',
> }
>
> profiles::logstash::config { 'shipper':
>
>content => $content,
>order => $order,
> }
>
> include logstash
> }
>
> Line 15 is the create_resources line.
>
>
> On Thursday, May 29, 2014 12:42:15 PM UTC-4, Doug_F wrote:
>
>> profiles::logstash::config:
>>input_file:
>> content: 'this is a test'
>> order: '10'
>>
>> Should probably be
>> profiles::logstash::config:
>>content: 'this is a test'
>>order: '10'
>>
>>
>>
>> On Thu, May 29, 2014 at 10:27 AM, Brian Wilkins wrote:
>>
>>> I am trying to use hiera to populate a defined type to feed the
>>> puppet-logstash module. So far, I have been unable to send the data from my
>>> hiera file to my defined type. I have tested my defined type and it is
>>> working, I just can't seem to populate the variables. It tells me that
>>> $content and $order are not set.
>>>
>>> /etc/puppet/modules/profiles/manifests/logstash/shipper.pp:
>>>
>>> class profiles::logstash::shipper() {
>>>
>>> $shipper_config = hiera('profiles::logstash::config')
>>> create_resources('config', $shipper_config)
>>>
>>> notice("${shipper_config[name]}")
>>> class { 'logstash':
>>> ensure => 'present',
>>> version => '1.4.1-1_bd507eb',
>>> status => 'enabled',
>>> }
>>>
>>> profiles::logstash::config { $name:
>>>content => $content,
>>>order => $order,
>>> }
>>>
>>> include logstash
>>> }
>>>
>>> /etc/puppet/modules/profiles/manifests/logstash/config.pp:
>>>
>>> define profiles::logstash::config(
>>> $content = undef,
>>> $order = undef,
>>> ) {
>>> logstash::configfile { $name:
>>> content => $content,
>>> order => $order
>>> }
>>> }
>>>
>>> /etc/puppet/data/node/els4172.els.dev.yaml:
>>>
>>> classes:
>>> - os::repo
>>> - profiles::logstash::shipper
>>>
>>> profiles::logstash::config:
>>>input_file:
>>> content: 'this is a test'
>>> order: '10'
>>>
>>>
>>> My notice is not called, it does not display a thing. Did I use
>>> create_resources correctly?
>>>
>>>
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Puppet Users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to puppet-users...@googlegroups.com.
>>>
>>> To view this discussion on the web visit https://groups.google.com/d/
>>> msgid/puppet-users/c162ac6e-257c-4c42-a856-0b2f99dbd7f3%
>>> 40googlegroups.com
>>> .
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
>> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/305d7707-68ca-4814-940e-ef984fcb2c04%40googlegroups.com
> .
>
> For more options, visit https://groups.google.com/d/optout.
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAOwhAcrbYA%2B25RcztxXndi9qdWtHF2RfXM8gQ3A9kMT7vOBV5A%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Using Hiera to Populate Defined Type in Puppet 3.6
Just a thought try changing
$shipper_config = hiera('profiles::logstash::config', {}) =>
$shipper_config = hiera_hash('profiles::logstash::config', {})
On Thu, May 29, 2014 at 11:01 AM, Brian Wilkins wrote:
> It prints out:
>
> order10contentthis is a test
>
> It concatenated it all together.
>
>
>
> On Thursday, May 29, 2014 12:59:09 PM UTC-4, Doug_F wrote:
>
>> Try setting your notice("${shipper_config}") before create resources and
>> see what it prints out.
>>
>>
>> On Thu, May 29, 2014 at 10:47 AM, Brian Wilkins wrote:
>>
>>> Oh ok, makes sense. I did that and now I get "can't convert String into
>>> Hash at /etc/puppet/modules/profiles/manifests/logstash/shipper.pp:15"
>>>
>>> My shipper.pp
>>>
>>> class profiles::logstash::shipper() {
>>>
>>> $shipper_config = hiera('profiles::logstash::config', {})
>>> create_resources('profiles::logstash::config', $shipper_config)
>>>
>>>
>>> notice("${shipper_config[name]}")
>>> class { 'logstash':
>>> ensure => 'present',
>>> version => '1.4.1-1_bd507eb',
>>> status => 'enabled',
>>> }
>>>
>>> profiles::logstash::config { 'shipper':
>>>
>>>content => $content,
>>>order => $order,
>>> }
>>>
>>> include logstash
>>> }
>>>
>>> Line 15 is the create_resources line.
>>>
>>>
>>> On Thursday, May 29, 2014 12:42:15 PM UTC-4, Doug_F wrote:
>>>
profiles::logstash::config:
input_file:
content: 'this is a test'
order: '10'
Should probably be
profiles::logstash::config:
content: 'this is a test'
order: '10'
On Thu, May 29, 2014 at 10:27 AM, Brian Wilkins wrote:
> I am trying to use hiera to populate a defined type to feed the
> puppet-logstash module. So far, I have been unable to send the data from
> my
> hiera file to my defined type. I have tested my defined type and it is
> working, I just can't seem to populate the variables. It tells me that
> $content and $order are not set.
>
> /etc/puppet/modules/profiles/manifests/logstash/shipper.pp:
>
> class profiles::logstash::shipper() {
>
> $shipper_config = hiera('profiles::logstash::config')
> create_resources('config', $shipper_config)
>
> notice("${shipper_config[name]}")
> class { 'logstash':
> ensure => 'present',
> version => '1.4.1-1_bd507eb',
> status => 'enabled',
> }
>
> profiles::logstash::config { $name:
>content => $content,
>order => $order,
> }
>
> include logstash
> }
>
> /etc/puppet/modules/profiles/manifests/logstash/config.pp:
>
> define profiles::logstash::config(
> $content = undef,
> $order = undef,
> ) {
> logstash::configfile { $name:
> content => $content,
> order => $order
> }
> }
>
> /etc/puppet/data/node/els4172.els.dev.yaml:
>
> classes:
> - os::repo
> - profiles::logstash::shipper
>
> profiles::logstash::config:
>input_file:
> content: 'this is a test'
> order: '10'
>
>
> My notice is not called, it does not display a thing. Did I use
> create_resources correctly?
>
>
>
> --
> You received this message because you are subscribed to the Google
> Groups "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to puppet-users...@googlegroups.com.
>
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/puppet-users/c162ac6e-257c-4c42-a856-0b2f99dbd7f3%40goog
> legroups.com
> .
> For more options, visit https://groups.google.com/d/optout.
>
--
>>> You received this message because you are subscribed to the Google
>>> Groups "Puppet Users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to puppet-users...@googlegroups.com.
>>> To view this discussion on the web visit https://groups.google.com/d/
>>> msgid/puppet-users/305d7707-68ca-4814-940e-ef984fcb2c04%
>>> 40googlegroups.com
>>> .
>>>
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
>> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/09cd7ee2-7231-499f-a05e-e4430389956a%40googlegroups.com
Re: [Puppet Users] Using Hiera to Populate Defined Type in Puppet 3.6
FYI this is how I ended up doing my logstash config module. It works but
the content is not in Hiera we have flat files we manage.
$logstash_configs = [
'app1',
'app2',
'app3',
]
logstash::configfile { "Banner":
source => "puppet:///modules/company/logstash/banner",
order => 1
}
$logstash_configs.each |$my_conf| {
logstash::configfile { "${my_conf}_input":
source =>
"puppet:///modules/company/logstash/decc/${my_conf}_input_file",
order => 10
}
logstash::configfile { "${my_conf}__unfiltered":
source =>
"puppet:///modules/company/logstash/decc/${my_conf}_unfiltered_filter",
order => 20
}
logstash::configfile { "${my_conf}_filter":
source =>
"puppet:///modules/company/logstash/decc/${my_conf}_filter",
order => 30
}
}
logstash::configfile { 'output':
source =>
'puppet:///modules/company/logstash/output_elasticsearch_http',
order => 100
}
On Thu, May 29, 2014 at 11:05 AM, Doug Forster wrote:
> Just a thought try changing
> $shipper_config = hiera('profiles::logstash::config', {}) =>
> $shipper_config = hiera_hash('profiles::logstash::config', {})
>
>
> On Thu, May 29, 2014 at 11:01 AM, Brian Wilkins wrote:
>
>> It prints out:
>>
>> order10contentthis is a test
>>
>> It concatenated it all together.
>>
>>
>>
>> On Thursday, May 29, 2014 12:59:09 PM UTC-4, Doug_F wrote:
>>
>>> Try setting your notice("${shipper_config}") before create resources and
>>> see what it prints out.
>>>
>>>
>>> On Thu, May 29, 2014 at 10:47 AM, Brian Wilkins wrote:
>>>
>>>> Oh ok, makes sense. I did that and now I get "can't convert String into
>>>> Hash at /etc/puppet/modules/profiles/manifests/logstash/shipper.pp:15"
>>>>
>>>> My shipper.pp
>>>>
>>>> class profiles::logstash::shipper() {
>>>>
>>>> $shipper_config = hiera('profiles::logstash::config', {})
>>>> create_resources('profiles::logstash::config', $shipper_config)
>>>>
>>>>
>>>> notice("${shipper_config[name]}")
>>>> class { 'logstash':
>>>> ensure => 'present',
>>>> version => '1.4.1-1_bd507eb',
>>>> status => 'enabled',
>>>> }
>>>>
>>>> profiles::logstash::config { 'shipper':
>>>>
>>>>content => $content,
>>>>order => $order,
>>>> }
>>>>
>>>> include logstash
>>>> }
>>>>
>>>> Line 15 is the create_resources line.
>>>>
>>>>
>>>> On Thursday, May 29, 2014 12:42:15 PM UTC-4, Doug_F wrote:
>>>>
>>>>> profiles::logstash::config:
>>>>>input_file:
>>>>> content: 'this is a test'
>>>>> order: '10'
>>>>>
>>>>> Should probably be
>>>>> profiles::logstash::config:
>>>>>content: 'this is a test'
>>>>>order: '10'
>>>>>
>>>>>
>>>>>
>>>>> On Thu, May 29, 2014 at 10:27 AM, Brian Wilkins wrote:
>>>>>
>>>>>> I am trying to use hiera to populate a defined type to feed the
>>>>>> puppet-logstash module. So far, I have been unable to send the data from
>>>>>> my
>>>>>> hiera file to my defined type. I have tested my defined type and it is
>>>>>> working, I just can't seem to populate the variables. It tells me that
>>>>>> $content and $order are not set.
>>>>>>
>>>>>> /etc/puppet/modules/profiles/manifests/logstash/shipper.pp:
>>>>>>
>>>>>> class profiles::logstash::shipper() {
>>>>>>
>>>>>> $shipper_config = hiera('profiles::logstash::config')
>>>>>> create_resources('config', $shipper_config)
>>>>>>
>>>>>> notice("${shipper_config[name]}")
>>>>>> class { 'logstash':
>>>>>> ensure => 'present',
>>>>>> v
Re: [Puppet Users] Using Hiera to Populate Defined Type in Puppet 3.6
If you use hiera on the server does it show up as a hash?
On Thu, May 29, 2014 at 11:08 AM, Brian Wilkins wrote:
> Same problem. I see it concatenated in the notice.
>
>
> On Thursday, May 29, 2014 1:05:39 PM UTC-4, Doug_F wrote:
>
>> Just a thought try changing
>> $shipper_config = hiera('profiles::logstash::config', {}) =>
>> $shipper_config = hiera_hash('profiles::logstash::config', {})
>>
>>
>> On Thu, May 29, 2014 at 11:01 AM, Brian Wilkins wrote:
>>
>>> It prints out:
>>>
>>> order10contentthis is a test
>>>
>>> It concatenated it all together.
>>>
>>>
>>>
>>> On Thursday, May 29, 2014 12:59:09 PM UTC-4, Doug_F wrote:
>>>
Try setting your notice("${shipper_config}") before create resources
and see what it prints out.
On Thu, May 29, 2014 at 10:47 AM, Brian Wilkins wrote:
> Oh ok, makes sense. I did that and now I get "can't convert String
> into Hash at /etc/puppet/modules/profiles/m
> anifests/logstash/shipper.pp:15"
>
> My shipper.pp
>
> class profiles::logstash::shipper() {
>
> $shipper_config = hiera('profiles::logstash::config', {})
> create_resources('profiles::logstash::config', $shipper_config)
>
>
> notice("${shipper_config[name]}")
> class { 'logstash':
> ensure => 'present',
> version => '1.4.1-1_bd507eb',
> status => 'enabled',
> }
>
> profiles::logstash::config { 'shipper':
>
>content => $content,
>order => $order,
> }
>
> include logstash
> }
>
> Line 15 is the create_resources line.
>
>
> On Thursday, May 29, 2014 12:42:15 PM UTC-4, Doug_F wrote:
>
>> profiles::logstash::config:
>>input_file:
>> content: 'this is a test'
>> order: '10'
>>
>> Should probably be
>> profiles::logstash::config:
>>content: 'this is a test'
>>order: '10'
>>
>>
>>
>> On Thu, May 29, 2014 at 10:27 AM, Brian Wilkins wrote:
>>
>>> I am trying to use hiera to populate a defined type to feed the
>>> puppet-logstash module. So far, I have been unable to send the data
>>> from my
>>> hiera file to my defined type. I have tested my defined type and it is
>>> working, I just can't seem to populate the variables. It tells me that
>>> $content and $order are not set.
>>>
>>> /etc/puppet/modules/profiles/manifests/logstash/shipper.pp:
>>>
>>> class profiles::logstash::shipper() {
>>>
>>> $shipper_config = hiera('profiles::logstash::config')
>>> create_resources('config', $shipper_config)
>>>
>>> notice("${shipper_config[name]}")
>>> class { 'logstash':
>>> ensure => 'present',
>>> version => '1.4.1-1_bd507eb',
>>> status => 'enabled',
>>> }
>>>
>>> profiles::logstash::config { $name:
>>>content => $content,
>>>order => $order,
>>> }
>>>
>>> include logstash
>>> }
>>>
>>> /etc/puppet/modules/profiles/manifests/logstash/config.pp:
>>>
>>> define profiles::logstash::config(
>>> $content = undef,
>>> $order = undef,
>>> ) {
>>> logstash::configfile { $name:
>>> content => $content,
>>> order => $order
>>> }
>>> }
>>>
>>> /etc/puppet/data/node/els4172.els.dev.yaml:
>>>
>>> classes:
>>> - os::repo
>>> - profiles::logstash::shipper
>>>
>>> profiles::logstash::config:
>>>input_file:
>>> content: 'this is a test'
>>> order: '10'
>>>
>>>
>>> My notice is not called, it does not display a thing. Did I use
>>> create_resources correctly?
>>>
>>>
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Puppet Users" group.
>>> To unsubscribe from this group and stop receiving emails from it,
>>> send an email to puppet-users...@googlegroups.com.
>>>
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/puppet-users/c162ac6e-257c
>>> -4c42-a856-0b2f99dbd7f3%40googlegroups.com
>>> .
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
>> --
> You received this message because you are subscribed to the Google
> Groups "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to puppet-users...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/puppet-users/305d7707-68ca-4814-940e-ef984fcb2c04%40goog
> legroups.com
Re: [Puppet Users] Using Hiera to Populate Defined Type in Puppet 3.6
Maybe try your hiera command right inside your create_resources.
On Thu, May 29, 2014 at 11:13 AM, Brian Wilkins wrote:
> On puppetmaster:
>
> $ sudo hiera --debug profiles::logstash::config ::fqdn=hostname
>
> DEBUG: Thu May 29 13:12:56 -0400 2014: Hiera YAML backend starting
> DEBUG: Thu May 29 13:12:56 -0400 2014: Looking up
> profiles::logstash::config in YAML backend
> DEBUG: Thu May 29 13:12:56 -0400 2014: Looking for data source
> node/hostname
> DEBUG: Thu May 29 13:12:56 -0400 2014: Found profiles::logstash::config in
> node/hostname
> {"order"=>"10", "content"=>"this is a test"}
>
>
>
> On Thursday, May 29, 2014 1:11:20 PM UTC-4, Doug_F wrote:
>
>> If you use hiera on the server does it show up as a hash?
>>
>>
>>
>> On Thu, May 29, 2014 at 11:08 AM, Brian Wilkins wrote:
>>
>>> Same problem. I see it concatenated in the notice.
>>>
>>>
>>> On Thursday, May 29, 2014 1:05:39 PM UTC-4, Doug_F wrote:
>>>
Just a thought try changing
$shipper_config = hiera('profiles::logstash::config', {}) =>
$shipper_config = hiera_hash('profiles::logstash::config', {})
On Thu, May 29, 2014 at 11:01 AM, Brian Wilkins wrote:
> It prints out:
>
> order10contentthis is a test
>
> It concatenated it all together.
>
>
>
> On Thursday, May 29, 2014 12:59:09 PM UTC-4, Doug_F wrote:
>
>> Try setting your notice("${shipper_config}") before create resources
>> and see what it prints out.
>>
>>
>> On Thu, May 29, 2014 at 10:47 AM, Brian Wilkins wrote:
>>
>>> Oh ok, makes sense. I did that and now I get "can't convert String
>>> into Hash at /etc/puppet/modules/profiles/m
>>> anifests/logstash/shipper.pp:15"
>>>
>>> My shipper.pp
>>>
>>> class profiles::logstash::shipper() {
>>>
>>> $shipper_config = hiera('profiles::logstash::config', {})
>>> create_resources('profiles::logstash::config', $shipper_config)
>>>
>>>
>>> notice("${shipper_config[name]}")
>>> class { 'logstash':
>>> ensure => 'present',
>>> version => '1.4.1-1_bd507eb',
>>> status => 'enabled',
>>> }
>>>
>>> profiles::logstash::config { 'shipper':
>>>
>>>content => $content,
>>>order => $order,
>>> }
>>>
>>> include logstash
>>> }
>>>
>>> Line 15 is the create_resources line.
>>>
>>>
>>> On Thursday, May 29, 2014 12:42:15 PM UTC-4, Doug_F wrote:
>>>
profiles::logstash::config:
input_file:
content: 'this is a test'
order: '10'
Should probably be
profiles::logstash::config:
content: 'this is a test'
order: '10'
On Thu, May 29, 2014 at 10:27 AM, Brian Wilkins
wrote:
> I am trying to use hiera to populate a defined type to feed the
> puppet-logstash module. So far, I have been unable to send the data
> from my
> hiera file to my defined type. I have tested my defined type and it is
> working, I just can't seem to populate the variables. It tells me that
> $content and $order are not set.
>
> /etc/puppet/modules/profiles/manifests/logstash/shipper.pp:
>
> class profiles::logstash::shipper() {
>
> $shipper_config = hiera('profiles::logstash::config')
> create_resources('config', $shipper_config)
>
> notice("${shipper_config[name]}")
> class { 'logstash':
> ensure => 'present',
> version => '1.4.1-1_bd507eb',
> status => 'enabled',
> }
>
> profiles::logstash::config { $name:
>content => $content,
>order => $order,
> }
>
> include logstash
> }
>
> /etc/puppet/modules/profiles/manifests/logstash/config.pp:
>
> define profiles::logstash::config(
> $content = undef,
> $order = undef,
> ) {
> logstash::configfile { $name:
> content => $content,
> order => $order
> }
> }
>
> /etc/puppet/data/node/els4172.els.dev.yaml:
>
> classes:
> - os::repo
> - profiles::logstash::shipper
>
> profiles::logstash::config:
>input_file:
> content: 'this is a test'
> order: '10'
>
>
> My notice is not called, it does not display a thing. Did I use
> create_resources correctly?
>
>
>
> --
> You received this message because you are subscribed to the Google
> Groups "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it,
> send an email to puppet-users...
Re: [Puppet Users] Using Hiera to Populate Defined Type in Puppet 3.6
I think I figured out what was wrong. Dynamic data bindings may be mapping
the inputs to the profiles::logstash::config defined type. Also I was in
error in modifying your hiera data.
Try this:
create_resources('profiles::logstash::config',
hiera_hash('profiles::logstash::config_settings'))
In Hiera:
profiles::logstash::config_settings:
input_file:
content: 'this is a test'
order: '10'
Add a notice line in your profiles::logstash::config type to:
notify("name is ${name}")
notify("content is ${content}")
notify("order is ${order}")
On Thu, May 29, 2014 at 11:25 AM, Brian Wilkins wrote:
> Same problem. It seems like I am close. If only it didn't put all the data
> together as one string.
>
>
> On Thursday, May 29, 2014 1:17:07 PM UTC-4, Doug_F wrote:
>
>> Maybe try your hiera command right inside your create_resources.
>>
>>
>> On Thu, May 29, 2014 at 11:13 AM, Brian Wilkins wrote:
>>
>>> On puppetmaster:
>>>
>>> $ sudo hiera --debug profiles::logstash::config ::fqdn=hostname
>>>
>>> DEBUG: Thu May 29 13:12:56 -0400 2014: Hiera YAML backend starting
>>> DEBUG: Thu May 29 13:12:56 -0400 2014: Looking up
>>> profiles::logstash::config in YAML backend
>>> DEBUG: Thu May 29 13:12:56 -0400 2014: Looking for data source
>>> node/hostname
>>> DEBUG: Thu May 29 13:12:56 -0400 2014: Found profiles::logstash::config
>>> in node/hostname
>>> {"order"=>"10", "content"=>"this is a test"}
>>>
>>>
>>>
>>> On Thursday, May 29, 2014 1:11:20 PM UTC-4, Doug_F wrote:
>>>
If you use hiera on the server does it show up as a hash?
On Thu, May 29, 2014 at 11:08 AM, Brian Wilkins wrote:
> Same problem. I see it concatenated in the notice.
>
>
> On Thursday, May 29, 2014 1:05:39 PM UTC-4, Doug_F wrote:
>
>> Just a thought try changing
>> $shipper_config = hiera('profiles::logstash::config', {}) =>
>> $shipper_config = hiera_hash('profiles::logstash::config', {})
>>
>>
>> On Thu, May 29, 2014 at 11:01 AM, Brian Wilkins wrote:
>>
>>> It prints out:
>>>
>>> order10contentthis is a test
>>>
>>> It concatenated it all together.
>>>
>>>
>>>
>>> On Thursday, May 29, 2014 12:59:09 PM UTC-4, Doug_F wrote:
>>>
Try setting your notice("${shipper_config}") before create
resources and see what it prints out.
On Thu, May 29, 2014 at 10:47 AM, Brian Wilkins
wrote:
> Oh ok, makes sense. I did that and now I get "can't convert String
> into Hash at /etc/puppet/modules/profiles/m
> anifests/logstash/shipper.pp:15"
>
> My shipper.pp
>
> class profiles::logstash::shipper() {
>
> $shipper_config = hiera('profiles::logstash::config', {})
> create_resources('profiles::logstash::config', $shipper_config)
>
>
> notice("${shipper_config[name]}")
> class { 'logstash':
> ensure => 'present',
> version => '1.4.1-1_bd507eb',
> status => 'enabled',
> }
>
> profiles::logstash::config { 'shipper':
>
>content => $content,
>order => $order,
> }
>
> include logstash
> }
>
> Line 15 is the create_resources line.
>
>
> On Thursday, May 29, 2014 12:42:15 PM UTC-4, Doug_F wrote:
>
>> profiles::logstash::config:
>>input_file:
>> content: 'this is a test'
>> order: '10'
>>
>> Should probably be
>> profiles::logstash::config:
>>content: 'this is a test'
>>order: '10'
>>
>>
>>
>> On Thu, May 29, 2014 at 10:27 AM, Brian Wilkins <
>> bwil...@gmail.com> wrote:
>>
>>> I am trying to use hiera to populate a defined type to feed the
>>> puppet-logstash module. So far, I have been unable to send the data
>>> from my
>>> hiera file to my defined type. I have tested my defined type and it
>>> is
>>> working, I just can't seem to populate the variables. It tells me
>>> that
>>> $content and $order are not set.
>>>
>>> /etc/puppet/modules/profiles/manifests/logstash/shipper.pp:
>>>
>>> class profiles::logstash::shipper() {
>>>
>>> $shipper_config = hiera('profiles::logstash::config')
>>> create_resources('config', $shipper_config)
>>>
>>> notice("${shipper_config[name]}")
>>> class { 'logstash':
>>> ensure => 'present',
>>> version => '1.4.1-1_bd507eb',
>>> status => 'enabled',
>>> }
>>>
>>> profiles::logstash::config { $name:
>>>content => $content,
>>>order => $order,
>>> }
Re: [Puppet Users] Using Hiera to Populate Defined Type in Puppet 3.6
Does it show up properly if you lookup on the server?
On Thu, May 29, 2014 at 12:09 PM, Brian Wilkins wrote:
> Hmm, that's not working either. Doesn't look like it is populating my
> define now. Hmm
>
>
> On Thursday, May 29, 2014 1:56:43 PM UTC-4, Doug_F wrote:
>
>> I think I figured out what was wrong. Dynamic data bindings may be
>> mapping the inputs to the profiles::logstash::config defined type. Also I
>> was in error in modifying your hiera data.
>>
>> Try this:
>>
>> create_resources('profiles::logstash::config', hiera_hash('profiles::
>> logstash::config_settings'))
>>
>> In Hiera:
>> profiles::logstash::config_settings:
>>input_file:
>> content: 'this is a test'
>> order: '10'
>>
>> Add a notice line in your profiles::logstash::config type to:
>> notify("name is ${name}")
>> notify("content is ${content}")
>> notify("order is ${order}")
>>
>>
>> On Thu, May 29, 2014 at 11:25 AM, Brian Wilkins wrote:
>>
>>> Same problem. It seems like I am close. If only it didn't put all the
>>> data together as one string.
>>>
>>>
>>> On Thursday, May 29, 2014 1:17:07 PM UTC-4, Doug_F wrote:
>>>
Maybe try your hiera command right inside your create_resources.
On Thu, May 29, 2014 at 11:13 AM, Brian Wilkins wrote:
> On puppetmaster:
>
> $ sudo hiera --debug profiles::logstash::config ::fqdn=hostname
>
> DEBUG: Thu May 29 13:12:56 -0400 2014: Hiera YAML backend starting
> DEBUG: Thu May 29 13:12:56 -0400 2014: Looking up
> profiles::logstash::config in YAML backend
> DEBUG: Thu May 29 13:12:56 -0400 2014: Looking for data source
> node/hostname
> DEBUG: Thu May 29 13:12:56 -0400 2014: Found
> profiles::logstash::config in node/hostname
> {"order"=>"10", "content"=>"this is a test"}
>
>
>
> On Thursday, May 29, 2014 1:11:20 PM UTC-4, Doug_F wrote:
>
>> If you use hiera on the server does it show up as a hash?
>>
>>
>>
>> On Thu, May 29, 2014 at 11:08 AM, Brian Wilkins wrote:
>>
>>> Same problem. I see it concatenated in the notice.
>>>
>>>
>>> On Thursday, May 29, 2014 1:05:39 PM UTC-4, Doug_F wrote:
>>>
Just a thought try changing
$shipper_config = hiera('profiles::logstash::config', {}) =>
$shipper_config = hiera_hash('profiles::logstash::config', {})
On Thu, May 29, 2014 at 11:01 AM, Brian Wilkins
wrote:
> It prints out:
>
> order10contentthis is a test
>
> It concatenated it all together.
>
>
>
> On Thursday, May 29, 2014 12:59:09 PM UTC-4, Doug_F wrote:
>
>> Try setting your notice("${shipper_config}") before create
>> resources and see what it prints out.
>>
>>
>> On Thu, May 29, 2014 at 10:47 AM, Brian Wilkins <
>> bwil...@gmail.com> wrote:
>>
>>> Oh ok, makes sense. I did that and now I get "can't convert
>>> String into Hash at /etc/puppet/modules/profiles/m
>>> anifests/logstash/shipper.pp:15"
>>>
>>> My shipper.pp
>>>
>>> class profiles::logstash::shipper() {
>>>
>>> $shipper_config = hiera('profiles::logstash::config', {})
>>> create_resources('profiles::logstash::config',
>>> $shipper_config)
>>>
>>>
>>> notice("${shipper_config[name]}")
>>> class { 'logstash':
>>> ensure => 'present',
>>> version => '1.4.1-1_bd507eb',
>>> status => 'enabled',
>>> }
>>>
>>> profiles::logstash::config { 'shipper':
>>>
>>>content => $content,
>>>order => $order,
>>> }
>>>
>>> include logstash
>>> }
>>>
>>> Line 15 is the create_resources line.
>>>
>>>
>>> On Thursday, May 29, 2014 12:42:15 PM UTC-4, Doug_F wrote:
>>>
profiles::logstash::config:
input_file:
content: 'this is a test'
order: '10'
Should probably be
profiles::logstash::config:
content: 'this is a test'
order: '10'
On Thu, May 29, 2014 at 10:27 AM, Brian Wilkins <
bwil...@gmail.com> wrote:
> I am trying to use hiera to populate a defined type to feed
> the puppet-logstash module. So far, I have been unable to send
> the data
> from my hiera file to my defined type. I have tested my defined
> type and it
> is working, I just can't seem to populate the variables. It tells
> me that
> $content and $order are not set.
>
> /etc/puppet/modules/profiles/manifest
Re: [Puppet Users] Puppet + hiera file backend problem
Look at the error.
Error 400 on Server: could not find template
'accounts.victorbuckservices.com.conf' at
/etc/puppet/modules/apache/manifests/config.pp:9 on node puppetclient
Do you have a file in
/etc/puppet/templates/accounts.victorbuckservices.com.conf Or does it have
a .erb ending?
On Fri, Jun 6, 2014 at 10:10 AM, Christian Charpentier
wrote:
> Hi,
>
> I'm using hiera with puppet and i want to store my resources out from the
> modules, in hieradata directory.
>
> Here is my hiera.yaml file:
>
> ---
> :hierarchy:
> - common
> #- %{operatingsystem}
> - %{::hostname}
>
> :backends:
> - yaml
> - file
>
> :yaml:
> :datadir: '/etc/puppet/hieradata'
>
> :file:
> :datadir: '/etc/puppet/hieradata'
>
> :logger: console
>
> The common.yaml file:
>
> ---
> apache_packages_list:
> - apr-1.4.8
> - apr-devel-1.4.8
> - apr-util-1.5.2
> - apr-util-devel-1.5.2
> - distcache-1.4.5
> - distcache-devel-1.4.5
> - httpd-2.4.6
> - httpd-tools-2.4.6
> - mod_ssl-2.4.6
>
> accounts_conf_filename: accounts.victorbuckservices.com.conf
> accounts_conf_balancer_filename:
> accounts.victorbuckservices.com.balancer.conf
> certificate_filename: all.dev.victorbuckservices.com.crt
> key_filename: all.dev.victorbuckservices.com.key
>
>
> My site.pp call a role which call itself a profile which uses a module to
> install apache.
> Here is the config..p of apache module:
>
> class apache::config {
> $accounts_conf_filename = hiera('accounts_conf_filename')
> $accounts_conf_balancer_filename =
> hiera('accounts_conf_balancer_filename')
> $crt_filename = hiera('certificate_filename')
> $key_filename = hiera('key_filename')
>
> file {'/etc/httpd/conf.d/accounts.victorbuckservices.com.conf':
> ensure => file,
> content => template($accounts_conf_filename),
> }
>
> file {'/etc/httpd/conf.d/$accounts_conf_balancer_filename':
> ensure => file,
> content => template($accounts_conf_balancer_filename),
> }
>
> file {'/etc/pki/tls/certs/$crt_filename':
> ensure => file,
> content => template($crt_filename),
> }
>
> file {'/etc/pki/tls/private/$key_filename':
> ensure => file,
> content => template($key_filename),
> }
>
> }
>
> I put data and resource files in /etc/puppet/hieradata/ and when i use the
> command line on the client:
> puppet agent --server=d0puppet.victor-buck.com --debug --verbose --noop
> --test
> I got the following error :
> Error 400 on Server: could not find template
> 'accounts.victorbuckservices.com.conf' at
> /etc/puppet/modules/apache/manifests/config.pp:9 on node puppetclient
>
> Someone to help to figure out what happen?
> If there are some information missing to make easier to understand what's
> going on feel free to ask me.
>
> Thanks.
>
> Christian
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/00bf537c-6ac1-4351-b4c3-e4f99bdda189%40googlegroups.com
>
> .
> For more options, visit https://groups.google.com/d/optout.
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAOwhAcppb%2BRoE-QEhu%3DvtNssCZKtDdZ-ZBDLZiMk08eK5j2h-A%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Puppet new deployment questions - deployment patterns, sensitivity to network errors, and certificate headaches.
Steve, I think you said you put all your configuration in a single site.pp. This is often bad form and limits the flexibility of your deployment. Something we do is layout modules. The common pattern is: /etc/puppet/environments/production -> Manifests/site.pp -> Hieradata/*.yaml -> Modules/foo This keeps everything in the production environment. All of your clients will do this normally. One of the beauties of doing this is you may want to do a cron job weekly that runs with a different environment like "weekly". To take advantage of the flexibility you may want to group servers into buckets by sticking custom facts and including modules based off them. As for the Network issues. I think you may be running your puppetmaster with the built in webbrick server. In my experience this offers a single threaded approach to the puppetmaster with it failing if more than one client connects at a time. Setup apache and run Passenger to allow for multiple threads. Info on Environments: http://docs.puppetlabs.com/puppet/latest/reference/environments.html#enabling-directory-environments (note this was introduced in 3.5 so you may want to checkout the legacy way to achieve the same thing. ) Passenger with Apache: http://docs.puppetlabs.com/guides/passenger.html Finally to get visiblity into the network I would strongly suggest setting up PuppetDB with Puppetboard as puppet Dashboard is effectivly dead. Info on PuppetDB http://docs.puppetlabs.com/puppetdb/2.0/install_from_packages.html PuppetBoard module on the forge. https://forge.puppetlabs.com/nibalizer/puppetboard Last tip I would give to someone new is use an IDE that helps you code. Puppetlabs maintains Geppetto for this purpose. http://docs.puppetlabs.com/geppetto/4.0/ On Mon, Jun 16, 2014 at 1:33 PM, Stephen Morton wrote: > I've got some newbie puppet questions. > My team has a tremendous amount of linux/computer knowledge, but we're new > to Puppet. > We recently started using puppet to manage some 100 servers. Their configs > are all pretty similar with some small changes. > > > History > > Prior to Puppet, we already had a management system that involved having > config files under revision control and the config file repo checked out on > every server and the repo config files symlinked into the appropriate place > in the filesystem. Updating the repo would update these files.This was > mostly just great, with the following limitations: > > >- If the symlink got broken, it didn't work. >- Some files require very specific ownership, or were required not to >be symlinks (e.g. /etc/sudoers. /etc/vsftpd/ files I think) >- Updating a daemon's config file does not mean that the daemon is >restarted. e.g. updating /etc/httpd/conf/httpd.conf does not do a "service >httpd reload" >- You can't add a new symlink. >- All files must be in revision control to link to. Some >security-sensitive files we want to only be available to some servers and >something like puppet that can send files over the network is a good >solution to this. > > > > Puppet to the rescue? > > So we've tried a very conservative Puppet implementation. We've left our > existing infrastructure and we just add new rules in Puppet. So far, we > have a single site.pp file and only a dozen or so rules. But already we're > seeing problems. > >1. Puppet is good for configuring dynamic stuff that changes. But it >seems silly to have rules for stuff that will be configured just one time >and then will not change. If we set up some files, we don't expect them to >disappear. In fact if they do disappear we might not want them silently >fixed up we probably want to know what's going on. Doing everything in >puppet results in ever-growing manifests. I don't know of a way to specify >different manifests, e.g. every 30 minutes I want Puppet to run and request >the lean and mean regular manifest and then once a week I want it to run >the "make sure everything is in the right place" manifest. >2. Puppet seems very sensitive to network glitches. We run puppet from >a cron job and errors were so frequent that we just started sending all >output to /dev/null. >3. Endless certificate issues. It's crazy. So sometimes hosts would >get "dropped"... for unknown reasons their certificates were no longer >accepted. Because we'd already stopped output (see previous bullet point) >we would not know this and the server would be quietly not updated. And >when you get a certificate problem, often simply deleting the cert on the >agent and master won't fix it. Sometimes a restart of the master service >(or more?) is required. >- The solution to this to me is not "you should run puppet dashboard, > then you'd know". This shouldn't be failing in the first place. If > something is that flaky, I don't want to run it. > > (We're running version 3.4.2 on CentOS 6.5, 64-bit.) > > --- >
Re: [Puppet Users] Puppet, Vagrant and repos
Max,
I do a single module for each repo that I want added. In some cases I
combine it with a repo to manage the service. IE mysql* repos would be
managed via the mysql module.
As for making sure they are all up to date I might just create an
exec {my_check_update:
refreshonly => true,
command => "yum check-update",
}
I might even try to setup a global dependency in your site.pp. Someone else
probably has a smarter idea though.
Yumrepo { notify => Exec[my_check_update] }
In case you may have missed it on all my vagrant boxes I run a yum
check-update each time they are provisioned.
Vagrant.configure("2") do |config|
config.vm.provision "shell",
inline: "yum check-update"
end
Hope it helps. :)
Doug
On Mon, Jul 7, 2014 at 9:35 AM, Andrei Maxim wrote:
> Hi,
>
> I've been looking into Puppet recently and I'm trying to setup a couple of
> virtual machines that should mimick what's in production. I'm pretty much a
> developer trying to lean towards DevOps :-)
>
> Locally, I'm using Vagrant and the CentOS 6.5 64-bit box with Puppet 3.4.3
> that was published by Puppetlabs, which should somewhat mirror what's on
> the servers (a custom AMI based on CentOS 6.5).
>
> What I'm trying to do right now -- and I've found a bunch of ways to do
> this -- is to setup a couple of repositories (EPEL and MySQL Community
> being the most important ones). I've noticed that people do this in a
> number of ways, from grabbing the RPM package to using the 'yumrepo' type
> to adding a custom module for each repo or by using a general purpose Yum
> module (like the one from example42) and specifying the repos there.
>
> Normally, when I install those repos, I download the RPM locally and
> install it using the command line, for example:
>
> yum install http://dev.mysql.com/get/
> mysql-community-release-el6-5.noarch.rpm
>
> That RPM will create a number of entries in the /etc/yum.repos.d/, which
> seems odd to add each one by hand using the `yumrepo` type.
>
> I've seen this example given a number of times (it's also the correct
> answer to a similar question on SO):
>
> node default {
> include base
> }
>
> class base {
> yumrepo { "IUS":
> baseurl => "http://dl.iuscommunity.org/pub/ius/stable/$
> operatingsystem/$operatingsystemrelease/$architecture",
> descr => "IUS Community repository",
> enabled => 1,
> gpgcheck => 0
> }
> }
>
> Then, for any node that extends base you can say
> class foo {
> package { "bar": ensure => installed, require => Yumrepo["IUS"] }
> }
>
> Going back to the example with the MySQL Community RPM, I would have to
> manually do this for three repos (the other two are disabled):
>
> * mysql-connectors-community
> * mysql-tools-community
> * mysql56-community
>
> Is this still the accepted solution in the Puppet community? If so, how
> would you organize those repositories? Create a module for each repository?
> Create a repository module with all the sources?
>
> And, somewhat related to this subject, I've noticed that I might get some
> errors when provisioning my VMs because the base system wasn't up to date.
> I was planning to add a `yum update` command to my setup, but I realize
> that this might not be the best solution because I might not want to update
> the base system everytime I run puppet.
>
> What's the best way to update the system only when running Puppet for the
> first time?
>
> Thanks,
> Max
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/puppet-users/lpeenc%243ai%241%40ger.gmane.org.
> For more options, visit https://groups.google.com/d/optout.
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAOwhAcq7_DyNaNo8ahYT%3DS0j5LW5BvcvznU3n%2BgP0_s-SruMcA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Re: how to change root password for all nodes
Mahesh,
While your setup may vary I cannot think of an easy way to accomplish all
your goals.
Goals:
1 Change when 60 days old
2 Each server gets a unique
3 Passwords are encrypted en escrow
Something we do is setup a user definition with a shared root password hash
stored in hiera. We then rotate the password in hiera which gets pushed to
all servers. This accomplishes goal 1 and possibly 2 if you create hashes
for each server and stick them in hiera. This is also not an automated
process as password hashes need to be generated and placed into hiera.
Something else you may want to do is generate some random password in a
script save it to a gpg encrypted file. You could then use an ssh_key and
copy it to some storage server. I might do this with some exec.
exec {'change_roots_password':
unless => 'command to see if roots password is old enough',
command => 'command or script to change roots password to something
random and save encrypted form of random data',
notify => Exec['send_roots_password'],
# require => File['some_script_to_change_root_password'],
}
exec {'send_roots_password':
refreshonly => true,
command => 'command to copy encrypted file to central server using an
ssh_key.',
}
references to get you started:
http://docs.puppetlabs.com/references/latest/type.html#exec
http://docs.puppetlabs.com/references/latest/type.html#sshauthorizedkey
http://docs.puppetlabs.com/references/latest/type.html#file
Hope this helps,
Doug
On Wed, Jul 9, 2014 at 9:53 AM, mahesh vijapure
wrote:
> Please tell me any puppet module that can automatically resets the root
> password when they are >60 days old, and stores the new password in a
> central encrypted location
> Thanks in advance for all your valuable inputs.
>
> On Wednesday, July 9, 2014 8:51:30 PM UTC+5:30, mahesh vijapure wrote:
>
>> I want to update root password for all vms registered with Puppet. Please
>> someone assist me here.
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/21396634-c470-4cbf-bd76-19cd8657e672%40googlegroups.com
>
> .
>
> For more options, visit https://groups.google.com/d/optout.
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAOwhAcoxCPc4KGQw6672Y2yTh4Gnpbhtz-6NhUJc%3D-XUhx3r7Q%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
[Puppet Users] puppetsever fails where puppet master --compile suceeds
Puppet Users,
I am in the process of finally upgrading from puppet 3.x to puppet 4.10.1.
As a part of that I am finding I need to update several pieces of my code
but the most confusing one is this:
When I run puppet master --compile I get this resource:
{
"type": "Package",
"title": "java_properties",
"tags": ["package","java_properties","class","linux_common"],
"file":
"/etc/puppetlabs/code/environments/production/modules/linux_common/manifests/init.pp",
"line": 47,
"exported": false,
"parameters": {
"ensure": "present",
"provider": "gem",
"install_options": [
[
"--clear-sources",
{
"--source": "http://geminabox.example.com:8008/";
}
]
],
"allow_virtual": false
}
},
When I try to run this same host against the puppetserver I get this error:
Error: Failed to apply catalog: Parameter install_options failed on
Package[java_properties]: Expected either a string or hash of options at
/etc/puppetlabs/code/environments/production/modules/linux_common/manifests/init.pp:47
Any ideas?
This used to work under the old puppetserver I was running with puppet 3.8.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/335e2a63-bec0-448f-ba4e-1132ed49a0e5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] How to manage a lab with puppet? (how does puppet scale?)
The idea is that you setup a class for each node function. If you have a bunch of nodes that need this one program create a class for it and add it to their profile. Some people actually use an External Node Classifier like Hiera, Puppet enterprise console, or forman. Some people find it helpful to setup a custom fact to determine what "roles and profiles" it gets. Puppet does indeed scale if you listen to one of the recent puppet podcasts you will know Cern <http://feedproxy.google.com/~r/PuppetLabsPodcast/~3/MABv_Q4-Hfw/podcast-cern-and-puppet> manages many computers in a lab environment with puppet. Here is a puppet vid on the reasons and how to get your applications into a role and profile pattern. This will probably be one of the better places to start. https://puppetlabs.com/presentations/designing-puppet-rolesprofiles-pattern Forman Info <http://projects.theforeman.org/projects/foreman/wiki/External_Nodes> Hope this helps. Doug Forster On Mon, Oct 27, 2014 at 9:46 AM, Nic Scott wrote: > I'm evaluating puppet to see if it can work in our environment and I have > to admit the the learning cure with the puppet "terms" are giving me > issues. I keep reading documentation into circles. I'm familiar with > python, bash scripting, and use munki in my labs, but I'm stilling trying > to understand manifest, modules, classes, etc. > > > What I have is a Master and a 1 node setup. They are talking and the > Puppet Master is pushing configurations to the node. That's perfect. I > handle this by having two manifest on the Master. A puppet_client_1.pp and > my site.pp. My site.pp looks like this: > > import "puppet_client_1" > > Next step ... manage two nodes. I have this working by creating a new .pp > file called puppet_client_2.pp. I then updated my site.pp to include the > second nodes manifest. > > import "puppet_client_1" > import "puppet_client_2" > > > My question is ... is this the best practice to manage multiple nodes? > What if I have a lab of 20 machines and I want the same configuration on > all 20? Can I do a nested manifest somehow, or do I have to create a > separate manifest for each node and then copy and paste my configuration > into each manifest? > > That seems like a lot of work to manage hundreds of nodes. I have to > believe puppet scales better then that, but I've having a hard time finding > examples. > > Can anyone share an example of how they are managing multiple nodes? > Perhaps point me to an online resource or documentation? > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/5f21984a-dc7e-45d2-880c-adb24400361f%40googlegroups.com > <https://groups.google.com/d/msgid/puppet-users/5f21984a-dc7e-45d2-880c-adb24400361f%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAOwhAcqPkfebQ9B_b3186GKJpU%2BZYby3RwhTZ-McUCZNNGFjhg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Create resource if it doesn't exist, but do not update it if it does already exist
The best option I have found is creating a custom fact for local users.
# This custom fact pulls out all local users from the /etc/passwd file
# and returns the collection as a comma-separated list.
Facter.add(:local_users) do
setcode do
users = Array.new
File.open("/etc/passwd").each do |line|
next if line.match(/^\s|^#|^$/)
users << line.split(':').first
end
users.join(',')
end
end
Then you can find out if the user is on the box in your manifest with:
$user_exists = $name in split($::local_users, ',')
The other added benefit is you now have a custom fact for all servers that
gets stored in puppetdb.
On Thu, Nov 13, 2014 at 10:00 AM, Kris Knigga
wrote:
> I've been poring through documentation and haven't found anything yet, so
> I'll throw the question out here.
>
> With puppet, is there a way to define a resource in such a way that when
> applied to a client for the first time it is created, but if the resource
> already exists on the client nothing is changed? Specifically, I'd like to
> do this with users.
>
> Here is my situation: in the past my organization has poorly managed user
> UIDs across machines (multiple users in puppet with the same UID, creating
> users in puppet that conflict with system users' UIDs, etc). This resulted
> in numerous, frustrating UID conflicts. I've been working on cleaning this
> up, but the mass renumbering of important existing users has all sorts of
> production-impacting risks. What I'd like to do is tell puppet to create
> these users with their new, conflict-free UIDs on new machines but have it
> not touch users that are already created on existing machines. This will
> allow us to use a slow, methodical approach to fixing the UIDs on old
> machines to help mitigate the risks.
>
> Any thoughts are appreciated.
>
> Kris
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/b64d9e28-e58d-46de-b1ea-a5db0b2890fd%40googlegroups.com
>
> .
> For more options, visit https://groups.google.com/d/optout.
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAOwhAcqOajQYuREMsxC2kUcyPWC2_vCthJ2EQ39VMYOOHOhJaA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Create resource if it doesn't exist, but do not update it if it does already exist
Sorry that fact tells you the users with set passwords. You get the idea
though.
On Thu, Nov 13, 2014 at 10:21 AM, Doug Forster wrote:
> The best option I have found is creating a custom fact for local users.
>
> # This custom fact pulls out all local users from the /etc/passwd file
> # and returns the collection as a comma-separated list.
>
> Facter.add(:local_users) do
> setcode do
> users = Array.new
> File.open("/etc/passwd").each do |line|
> next if line.match(/^\s|^#|^$/)
> users << line.split(':').first
> end
> users.join(',')
> end
> end
>
> Then you can find out if the user is on the box in your manifest with:
> $user_exists = $name in split($::local_users, ',')
>
> The other added benefit is you now have a custom fact for all servers that
> gets stored in puppetdb.
>
>
> On Thu, Nov 13, 2014 at 10:00 AM, Kris Knigga
> wrote:
>
>> I've been poring through documentation and haven't found anything yet, so
>> I'll throw the question out here.
>>
>> With puppet, is there a way to define a resource in such a way that when
>> applied to a client for the first time it is created, but if the resource
>> already exists on the client nothing is changed? Specifically, I'd like to
>> do this with users.
>>
>> Here is my situation: in the past my organization has poorly managed user
>> UIDs across machines (multiple users in puppet with the same UID, creating
>> users in puppet that conflict with system users' UIDs, etc). This resulted
>> in numerous, frustrating UID conflicts. I've been working on cleaning this
>> up, but the mass renumbering of important existing users has all sorts of
>> production-impacting risks. What I'd like to do is tell puppet to create
>> these users with their new, conflict-free UIDs on new machines but have it
>> not touch users that are already created on existing machines. This will
>> allow us to use a slow, methodical approach to fixing the UIDs on old
>> machines to help mitigate the risks.
>>
>> Any thoughts are appreciated.
>>
>> Kris
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to puppet-users+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/puppet-users/b64d9e28-e58d-46de-b1ea-a5db0b2890fd%40googlegroups.com
>> <https://groups.google.com/d/msgid/puppet-users/b64d9e28-e58d-46de-b1ea-a5db0b2890fd%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAOwhAcrHbzYond1rqTr2BbJcB-NetmXZXu1oBAVow3u%3DHY2W7A%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
