Re: [Puppet Users] Howto check if augeas is available

2010-12-16 Thread Hubert Krause 
Hello Patrick, hello Martijn,

thank you both for your sugestions:

Am Friday 10 December 2010 21:37:29 schrieb Patrick:
 On Dec 9, 2010, at 7:14 AM, Martijn Grendelman wrote:
  On 09-12-10 15:30, Martijn Grendelman wrote:
  An example: add the following to
 
  puppet_path/modules/modulename/lib/facter/augeas_available.rb
 
  -- cut here --
  require 'facter'
 
  Facter.add(augeas_available) do
 
 setcode do
 
 avail = no
 Dir.glob(/usr/lib/libaugeas*) { |filename|
   avail = yes
 }
 avail
 end
  end
  -- cut here --
 I think this one might be better:
 https://github.com/camptocamp/puppet-augeas/blob/master/lib/facter/augeasve
rsion.rb

 I think it will check if Augeas and the ruby bindings exist.

Both works well. If you modify the glob in Martijns script to:

/usr/lib*/libaugeas*

it works with Debian and CentOS5 (and RedHat5 of course). The other script 
works out of the box on both OS. Only One thing made some trouble for me: You 
have to set executable bits to the fact scripts. May be, this should be 
documentented in the wiki.

Best regards,

Hubert

-- 
Hubert Krause
Risk  Fraud Division
INFORM GmbH, Pascalstraße 23, 52076 Aachen, Germany
Phone: +49 24 08 - 94 56 5145
E-Mail: hubert.kra...@inform-ac.com, Web: http://www.inform-ac.com
INFORM Institut fuer Operations Research und Management GmbH
Registered AmtsG Aachen HRB1144 Gfhr. Adrian Weiler


signature.asc
Description: This is a digitally signed message part.

Re: [Puppet Users] Howto check if augeas is available

2010-12-09 Thread Hubert Krause 
Hello,

Am Wednesday 08 December 2010 22:22:10 schrieb Patrick:
 What distro are you using?

CentOS and Debian. New server will always be Debian. Our Puppet Server is 
CentOS at the moment.

 Why not just install Augeas when you install puppet?  That's usually much
 easier.

Yes, but I want something Idiot proof (I am the idiot in case of doubt). At 
the moment we install our server by hand. In future we want to use some sort 
of automatic install, but not at the moment.

We get errormessages verry instantly If we forget to install augeas, so we 
have not that big pressure to implement automatic augeas detection. But it 
would be nice.

Best regards,

Hubert

-- 
Hubert Krause
Risk  Fraud Division
INFORM GmbH, Pascalstraße 23, 52076 Aachen, Germany
Phone: +49 24 08 - 94 56 5145
E-Mail: hubert.kra...@inform-ac.com, Web: http://www.inform-ac.com
INFORM Institut fuer Operations Research und Management GmbH
Registered AmtsG Aachen HRB1144 Gfhr. Adrian Weiler


signature.asc
Description: This is a digitally signed message part.

[Puppet Users] Howto check if augeas is available

2010-12-08 Thread Hubert Krause 
Hello List,

I have a Problem with classes wich uses augeas. if augeas is not installed, 
The complete catalog will not compile. So I can not install augeas with a 
different class. I have to switch off all classes wich uses augeas, until 
augeas is installed. I solved this Problem by introducing the variable 
$augeas_avail and do a test in my templates with:

if $augeas_avail == 'true' {
include class_using_augeas
}

If there are new machines, I have to put $augeas_avail manually to 'false', 
wait until augeas is installed on every machine and after that set 
$augeas_avail to 'true' for running the class_using_augeas.

I would like to use something like:

if defined(augeas) { ...

To automate augeas detection. Is this somehow possible? or what about a fact 
to determine if augeas is available or not in standart puppet? My 
Clientversion is 0.25.4.

Best regards,

Hubert


signature.asc
Description: This is a digitally signed message part.

Re: [Puppet Users] Howto check if augeas is available

2010-12-08 Thread Hubert Krause 
Hello,

Am Wednesday 08 December 2010 11:00:11 schrieb Patrick:
 The best answer is usually, install Augeas when you install Puppet.  If
 that's not possible, I know of two options: 1) Custom fact wrapper
 2) Use a bootstrap enviroment and don't have your client leave it without
 Augeas.

Do you know a link to an example for such a Custom fact wrapper?

 Aside from that, your catalog should compile fine without Augeas on the
 client.  Are we talking about the server here?

Hm. I dont know what you mean. If I just do: 

include class_using_augeas

for all clients, those which don't have augeas installed run into the 
error could not run puppet configuration client: could not find a default 
provider for augeas.

I thought that this is a client error message? My Server does have augeas 
installed.

With my solution above I can switch off manually those classes 
like class_using_augeas. But It looks like that it must be easy to 
implement a check for such requirements directly into puppet, maybe with a 
fact (as you mentioned above). Thats why I asked this question, because I 
dislike my manual solution.

Best regards,

Hubert


signature.asc
Description: This is a digitally signed message part.

Re: [Puppet Users] multiple environments different manifests not working: solved!

2010-03-15 Thread Hubert Krause 
Hello James,

Am Friday 12 March 2010 21:49:02 schrieb James Turnbull:
  the reason for ignoring the different manifests was a setting
  in /etc/sysconfig/puppetmaster. The settings name is
  PUPPETMASTER_MANIFEST and was set to my production site.pp. Because
  of my switch back to webbrick while upgrading puppet the Problem occurs
  in conjunction with the update.

[..]

 Is this a default RH/Fedora etc setting on one your site had set
 yourself?

No. Default is is:
#PUPPETMASTER_MANIFEST=/etc/puppet/manifests/site.pp

Every Setting is a comment by default. The Problem was made by myself.

Cheers,

Hubert
-- 
Hubert Krause
Risk  Fraud Division
INFORM GmbH, Pascalstraße 23, 52076 Aachen, Germany
Phone: +49 24 08 - 94 56 5145
E-Mail: hubert.kra...@inform-ac.com, Web: http://www.inform-ac.com
INFORM Institut fuer Operations Research und Management GmbH
Registered AmtsG Aachen HRB1144 Gfhr. Adrian Weiler

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] multiple environments different manifests not working: solved!

2010-03-12 Thread Hubert Krause 
Hello list,

Am Wednesday 10 March 2010 11:07:14 schrieb Hubert Krause:
 I was running Puppet server in version 0.24.8 on Srerver and 0.24.4 up to
 0.24.8 on client and configured multiple environments. The desired behavior
 is to have different sets of manifests and modules for my two
 environments testing and production. But it works only for my modules
 not for my manifests folders.  I discover this behavior because of an

the reason for ignoring the different manifests was a setting 
in /etc/sysconfig/puppetmaster. The settings name is PUPPETMASTER_MANIFEST 
and was set to my production site.pp. Because of my switch back to webbrick 
while upgrading puppet the Problem occurs in conjunction with the update.

Best regards,

Hubert

-- 
Hubert Krause
Risk  Fraud Division
INFORM GmbH, Pascalstraße 23, 52076 Aachen, Germany
Phone: +49 24 08 - 94 56 5145
E-Mail: hubert.kra...@inform-ac.com, Web: http://www.inform-ac.com
INFORM Institut fuer Operations Research und Management GmbH
Registered AmtsG Aachen HRB1144 Gfhr. Adrian Weiler

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] multiple environments different manifests not working

2010-03-10 Thread Hubert Krause 
Hello,

I was running Puppet server in version 0.24.8 on Srerver and 0.24.4 up to 
0.24.8 on client and configured multiple environments. The desired behavior 
is to have different sets of manifests and modules for my two 
environments testing and production. But it works only for my modules not 
for my manifests folders.  I discover this behavior because of an upgraded to 
version 0.25.4 on server and client, but I dont know if it is due to the 
update. For this update, I've changed the access to the puppetserver from 
passenger to the build in webbrick. My Clients are CentOS 5.4 and Debian 
Lenny, my Server is a CentOS 5.4 box.

My configuration looks as follows:

There are two folders in /etc/puppet: testing and production. On my server the 
puppet.conf looks like:

[main]
vardir = /var/lib/puppet
logdir = /var/log/puppet
rundir = /var/run/puppet
ssldir = $vardir/ssl
environments = production,testing
[production]
manifestdir = /etc/puppet/production/manifests
modulepath = /etc/puppet/production/modules
manifest = /etc/puppet/production/manifests/site.pp
[testing]
manifestdir = /etc/puppet/testing/manifests
modulepath = /etc/puppet/testing/modules
manifest = /etc/puppet/testing/manifests/site.pp
[puppetmasterd]
certdnsnames=puppet-server.fe.example.com:puppet-server.be.example.com:puppet-server.bla.example.com:puppet-server.test-frontend.example.com:puppet-server.test-backend.example.com
[puppetd]
classfile = $vardir/classes.txt
localconfig = $vardir/localconfig
server=puppet-server.fe.example.com
environment = production

On my Clients for the testing environment the puppet.conf file looks like:

[main]
vardir = /var/lib/puppet
logdir = /var/log/puppet
rundir = /var/run/puppet
ssldir = $vardir/ssl
environment=testing
environments=testing
[puppetd]
classfile = $vardir/classes.txt
localconfig = $vardir/localconfig
server=puppet-server.fe.example.com

Did someone have an idea what is going on in my case?

best regards,

Hubert

-- 
Hubert Krause
Risk  Fraud Division
INFORM GmbH, Pascalstraße 23, 52076 Aachen, Germany
Phone: +49 24 08 - 94 56 5145
E-Mail: hubert.kra...@inform-ac.com, Web: http://www.inform-ac.com
INFORM Institut fuer Operations Research und Management GmbH
Registered AmtsG Aachen HRB1144 Gfhr. Adrian Weiler

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: SSL Makes My Brain Bleed

2009-11-23 Thread Hubert Krause 
Hello Mark Christian,

Am Thursday 19 November 2009 03:10:38 schrieb Mark Christian:
 I am keen to get this to work, but can't seem to.  Will this work with
 Mongrel and Apache as described at
 http://reductivelabs.com/trac/puppet/wiki/UsingMongrel ?  Im using the EPEL
 puppet package versions 24.8-4 and simply can't get the client to retrieve
 the catalog from the Development server.

 Could not retrieve catalog: Certificates were not trusted: tlsv1 alert
 unknown ca

I' ve run into ssl Problems too a few days before. Check the following:

hostname -f on the client and host client-ip-adress on the server are 
the same?

openssl s_client -showcerts -connect myProduction.Server.com:8140 shows a 
line like:

subject=/CN=myProduction.Server.com

If there is some mismatch, configure hostnames that they will work and 
recreate ssl certs by removing /var/lib/puppet/ssl/* and run puppetmaster (or 
puppetd on the client) to recreate certs. (at first the server of course).

If this test show no Problems I have no idea...

Hope that helps,

Hubert

-- 
Hubert Krause
Risk  Fraud Division
INFORM GmbH, Pascalstraße 23, 52076 Aachen, Germany
Phone: +49 24 08 - 94 56 188
E-Mail: hubert.kra...@inform-ac.com, Web: http://www.inform-ac.com
INFORM Institut fuer Operations Research und Management GmbH
Registered AmtsG Aachen HRB1144 Gfhr. Adrian Weiler

--

You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=.

[Puppet Users] Multihomed puppet-server Multidomain SSL Problem

2009-11-13 Thread Hubert Krause 

Hello List,

I have a problem with the CA on my Puppetmaster. This Puppetmaster is 
connected to different Networks with different sub domainnames. The Puppet 
clients connecting via different Interfaces. There is no routing between 
subnets. Only one subnet can connect successfully. This is because the 
subject in the Certificate is the name of this subnet. All other clients get:

Could not retrieve catalog: Certificates were not trusted: hostname not match 
with the server certificate

If I use just the hostname, no client can connect successfully. It seems to 
be, that there is allways the need for a single fqdn.

The puttemaster is served via Passenger and Apache2.

Is there a way to use the nice to use puppetca tool in this szenario or do I 
have to provide as much CAs as I have subnets and do cert signing by hand? Or 
is there another solution?

Any hints will be very welcome.

Cheers,

Hubert
-- 
Hubert Krause
Risk  Fraud Division
INFORM GmbH, Pascalstraße 23, 52076 Aachen, Germany
Phone: +49 24 08 - 94 56 188
E-Mail: hubert.kra...@inform-ac.com, Web: http://www.inform-ac.com
INFORM Institut fuer Operations Research und Management GmbH
Registered AmtsG Aachen HRB1144 Gfhr. Adrian Weiler

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---