[Puppet Users] puppetlabs/mysql won't install MySQL on RHEL9
Hello, I am working on migrating MariaDB/CentOS7 to MySQL/RHEL9. The module puppetlabs/mysql (v15) attempts to install MariaDB v10 on RHEL9 by default but not MySQL v8. Even if I gave the package_name => mysql-server to the class mysql::server, it doesn't work because the post process requires mysql_install_db, which is not in the mysql-server package. Is there still a chance to work with the module puppetlabs/mysql for people who need to install MySQL but not MariaDB on the RHEL9? If not - it is OK. I will re-write the manifest and put a lot of exec resources into it. I wonder if there is a smart way before moving forward the wrong way. Kind regards, Go -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAAyfkv_J8W2MOHyAj%2BcqE4VQ9XA%2BuL9BWeGb8J8OKo4CGr65_g%40mail.gmail.com.
Re: [Puppet Users] Getting the location of the manifest file
Hello Ben, On Wednesday, August 18, 2021 at 2:25:19 AM UTC+9 Ben Ford wrote: > Hiera provides an environment hierarchy. Is that what you're looking for? > https://puppet.com/docs/puppet/latest/hiera_config_yaml_5.html > No, it is not. I know that the environmental hierarchy provided by hiera realise what I want to do but I don't want to do with that. Let me restate the question. How can we get the absolute path of the manifest file in itself? % pwd /xxx/yyy % puppet apply ../zzz/manifest.pp In this example above, I would get the /xxx/zzz/manifest.pp in the manifest somehow. Kind regards, Go -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/1699572d-2c0f-46da-87dd-be36db28cf6dn%40googlegroups.com.
Re: [Puppet Users] Getting the location of the manifest file
Hello Martin, Let's say we have three directories: preproduction/ preproduction/ private/ There are different manifest files saved in the same name, like service-deploy.pp. In the manifest service-deploy.pp, I want to get the absolute path to itself, then determine the variable of env like: $dir = dirname($file) # $file is absolute path to service-deploy.pp like: '/path/to/manifests/preproduction/service-deploy.pp' $env = split($dir, '/')[-1] Then, hiera dynamically maps the correspond yaml file under the $env like: mapped_paths: [services, svc, "environments/%{env}/%{svc}.yaml"] This is what I want to realise. I know puppet has already provided a switch in response to $environment, e.g., /etc/puppetlabs/code/environments/production. In this way, I have to maintain some branches in parallel. That is what I don't want to do. Kind regards, Go On Mon, Aug 16, 2021 at 7:53 PM Martin Alfke wrote: > > Hi Go, > > what do you want to achieve? > When using puppet apply, a manifest can be anywhere on the filesystem. > > Best, > Martin > > > > On 16. Aug 2021, at 03:18, Go Iwai wrote: > > > > Hello, > > > > I want to know the location where puppet-apply locally applied the > > manifest file. > > > > $ pwd > > /path/to/manifests > > $ puppet apply file.pp > > > > In this case above, can I anyhow get the location of > > /path/to/manifests/file.pp within file.pp? > > > > Kind regards, > > Go > > > > -- > > You received this message because you are subscribed to the Google Groups > > "Puppet Users" group. > > To unsubscribe from this group and stop receiving emails from it, send an > > email to puppet-users+unsubscr...@googlegroups.com. > > To view this discussion on the web visit > > https://groups.google.com/d/msgid/puppet-users/CAAyfkv-2dC--QR_1tz1ux%2BrgYaVsqjseB4oTEZ-EnkZPNXnn1w%40mail.gmail.com. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/2E04526A-7F74-4F84-99E4-4C1D675FC67C%40gmail.com. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAAyfkv_qCcfWG5tcqkD%2BTAaSRPhr%3DsfCYYUP3q1MXToULxXyJw%40mail.gmail.com.
[Puppet Users] Getting the location of the manifest file
Hello, I want to know the location where puppet-apply locally applied the manifest file. $ pwd /path/to/manifests $ puppet apply file.pp In this case above, can I anyhow get the location of /path/to/manifests/file.pp within file.pp? Kind regards, Go -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAAyfkv-2dC--QR_1tz1ux%2BrgYaVsqjseB4oTEZ-EnkZPNXnn1w%40mail.gmail.com.
Re: [Puppet Users] Looking up the value defined in the hiera.yaml
Hello Martin, Thank you for letting me know of another way. Yes - using the content property within the file resource and interpolate from hiera could be another option for what I want to do. However, I want to change the content property each hostname. Which means every host has individual content. In that context, I have to create very long hiera like: xxx::zzz: host-1: > ENC[...snip # host-2: > ENC[...snip # ...snip ...then lookup(xxx::zzz.%{facts.fqdn}). # this violates in puppet Instead, using eyaml in the exec resource like below is a slightly easy way to write: exec { '/path/to/decrypted': command => "eyaml decrypt --file=/path/to/$::facts['fqdn']/encrypted > /path/to/decrypted'", cwd => '/path/to/dir/to/keys', ...snip } Thank you very much for your help. Kind regards, Go On Tue, Dec 1, 2020 at 3:44 AM Martin Alfke wrote: > > Hi Go, > > > On 24. Nov 2020, at 00:06, Go Iwai wrote: > > > > Hello Dirk, > > > > Thank you for replying to the mail. However, your code doesn't work for the > > resource of exec like below: > > > > exec { '/path/to/decrypted-file': > > command => 'eyaml decrypt --file=/path/to/encrypted-file > > > /path/to/decrypted-file', > > # ...snip > > } > > You want to create a file based on eyaml encrypted content. > That means that you must ensure that eyaml is installed on any system which > receives the exec resource. > > A better solution is to use class parameters: > > class xxx::zzz ( > String $content, > ){ > file { '/path/to/decrypted-file': > ensure => file, > content => $content, > } > } > > And then have the encrypted file content in hiera: > > xxx::zzz::content: > > ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEw > DQYJKoZIhvcNAQEBBQAEggEAmporEXibvTRjR+81UCj7xHmSLk9bQw91jETE > PXcdlpvs6g4YqJUy+D8H0F2puVeVDFcpXBKSzv29NYzjZS7ZiJj/SezB+rRu > 9Duk57tUW2Ly+ECuTwZCwkjKuDuY6XLQXayRGP39dxS+gCvJiNwxHN2i3XRG > m+S/vqkQVJITT6Etra8XWgsVdF0XqBDDcqRnF60xr7vk4sQq/RujFyV9+/hr > gw/qnKFfewdb27TkRCO9eHp00jEfTdHrg/GrhMkv/BfcodMuuqiSh/EfWPfG > 8MPrPmSSAHktgKY81/lPHiz73OAaf7p7HSSclWpCUYUHiHGsi6gPLN9e3PoY > Br4TmjA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBxlWjEC2Ij08R/N7Vo > 63EagBB6T4EMZSB/2E6dW8NFQP7o] > > hth, > Martin > > > > > This generates a notice like: > > > > Notice: /Stage[main]/xxx::zzz/Exec[/path/to/decrypted-file]/returns: > > [hiera-eyaml-core] No such file or directory @ rb_sysopen - > > ./keys/private_key.pkcs7.pem > > > > I can workaround this if I gave the directory, where keys are located, to > > an attribbute of cwd like: > > > > cwd => /etc/puppetlabs/code, > > # pkcs7_private_key: '/etc/puppetlabs/code/keys/private_key.pkcs7.pem' > > # pkcs7_public_key: '/etc/puppetlabs/code/keys/public_key.pkcs7.pem' > > > > I gratefully thank for any further advises. > > > > Kind regards, > > Go > > > > 2020年11月24日火曜日 0:55:31 UTC+9 Dirk Heinrichs: > > Am Montag, den 23.11.2020, 15:23 +0900 schrieb Go Iwai: > > > >> It looks more natural if I could rewrite this line above like below: > >> > >> eyaml decrypt --file=encrypted-file > >> --pkcs7-public-key=%{pkcs7_public_key} > >> --pkcs7-private-key=%{pkcs7_private_key} > > > > I don't think you need to specify these options at all if everything is > > configured correctly. I have the following hiera.yaml in my Puppet > > environments: > > > > --- > > version: 5 > > defaults: > > datadir: hiera > > lookup_key: eyaml_lookup_key > > hierarchy: > > - name: Main > >options: > > pkcs7_private_key: '/etc/puppetlabs/code/keys/private_key.pkcs7.pem' > > pkcs7_public_key: '/etc/puppetlabs/code/keys/public_key.pkcs7.pem' > >paths: > > - ... > > - common.yaml > > > > With this in place I can simply type "eyaml edit common.yaml" or "eyaml > > encrypt -s 'something'", w/o specifying the keys every time. > > > > HTH... > > > > Dirk > > -- > > Dirk Heinrichs > > Senior Systems Engineer, Delivery Pipeline > > OpenText ™ Discovery | Recommind > > Phone: +49 2226 15966 18 > > Email: dhei...@opentext.com > > Website: www.recommind.de > > Recommind GmbH, Von-Liebig-Straße 1, 53359 Rheinbach > > Vertretungsberechtigte Geschäftsführer Gordon Davies, Madhu Ranganathan, > > Christian Waida, Registergericht Amtsgericht Bonn, Registernummer HRB 10646 > > This e-mail may contain confidential and/
Re: [Puppet Users] Looking up the value defined in the hiera.yaml
Hello Dirk, Thank you for replying to the mail. However, your code doesn't work for the resource of exec like below: exec { '/path/to/decrypted-file': command => 'eyaml decrypt --file=/path/to/encrypted-file > /path/to/decrypted-file', # ...snip } This generates a notice like: Notice: /Stage[main]/xxx::zzz/Exec[/path/to/decrypted-file]/returns: [hiera-eyaml-core] No such file or directory @ rb_sysopen - ./keys/private_key.pkcs7.pem I can workaround this if I gave the directory, where keys are located, to an attribbute of cwd like: cwd => /etc/puppetlabs/code, # pkcs7_private_key: '/etc/puppetlabs/code/keys/private_key.pkcs7.pem' # pkcs7_public_key: '/etc/puppetlabs/code/keys/public_key.pkcs7.pem' I gratefully thank for any further advises. Kind regards, Go 2020年11月24日火曜日 0:55:31 UTC+9 Dirk Heinrichs: > Am Montag, den 23.11.2020, 15:23 +0900 schrieb Go Iwai: > > It looks more natural if I could rewrite this line above like below: > > eyaml decrypt --file=encrypted-file > --pkcs7-public-key=%{pkcs7_public_key} > --pkcs7-private-key=%{pkcs7_private_key} > > > I don't think you need to specify these options at all if everything is > configured correctly. I have the following hiera.yaml in my Puppet > environments: > > --- > version: 5 > defaults: > datadir: hiera > lookup_key: eyaml_lookup_key > hierarchy: > - name: Main >options: > pkcs7_private_key: '/etc/puppetlabs/code/keys/private_key.pkcs7.pem' > pkcs7_public_key: '/etc/puppetlabs/code/keys/public_key.pkcs7.pem' >paths: > - ... > - common.yaml > > With this in place I can simply type "eyaml edit common.yaml" or "eyaml > encrypt -s 'something'", w/o specifying the keys every time. > > HTH... > > Dirk > > -- > > *Dirk Heinrichs* > Senior Systems Engineer, Delivery Pipeline > OpenText ™ Discovery | Recommind > *Phone*: +49 2226 15966 18 <+49%202226%201596618> > *Email*: dhei...@opentext.com > *Website*: www.recommind.de > Recommind GmbH, Von-Liebig-Straße 1, 53359 Rheinbach > Vertretungsberechtigte Geschäftsführer Gordon Davies, Madhu Ranganathan, > Christian Waida, Registergericht Amtsgericht Bonn, Registernummer HRB 10646 > This e-mail may contain confidential and/or privileged information. If you > are not the intended recipient (or have received this e-mail in error) > please notify the sender immediately and destroy this e-mail. Any > unauthorized copying, disclosure or distribution of the material in this > e-mail is strictly forbidden > Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte > Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail > irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und > vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte > Weitergabe dieser Mail sind nicht gestattet. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/8e51cbb0-02bd-4999-b89b-ea656c139018n%40googlegroups.com.
[Puppet Users] Looking up the value defined in the hiera.yaml
Hello, I am writing this to ask you if/how I can lookup values defined in the hiera.yaml. My hiera.yaml looks like: hierarchy: - name: "sensitive data" lookup_key: eyaml_lookup_key path: sensitive.eyaml options: pkcs7_public_key: /etc/puppetlabs/puppet/keys/public_key.pkcs7.pem pkcs7_private_key: /etc/puppetlabs/puppet/keys/private_key.pkcs7.pem I would like to lookup the location for the keys from the yaml file. Because I need to decrypt some files like: eyaml decrypt --file=encrypted-file --pkcs7-public-key=/etc/puppetlabs/puppet/keys/public_key.pkcs7.pem --pkcs7-private-key=/etc/puppetlabs/puppet/keys/private_key.pkcs7.pem It looks more natural if I could rewrite this line above like below: eyaml decrypt --file=encrypted-file --pkcs7-public-key=%{pkcs7_public_key} --pkcs7-private-key=%{pkcs7_private_key} Please let me know if there is any way to realise this. I would appreciate so much if anybody could give me advice or suggestion. Kind regards, Go -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAAyfkv_UWyZ51uBZfVRt0AaKXdc3_wu1_ES5AcHgd%3Dfnvq7pwA%40mail.gmail.com.