Re: [Puppet Users] Generate Puppet manifiest from server

[Juan Sierra Pons]

Hi,

On the puppet27 Cookbook they talked about the cft tool (but I think
it has been deprecated)

More info can be found on this webpage:
http://fmtyewtk.blogspot.com.es/2011/01/porting-cft-to-debian.html

And on this gitorious.org repo:
https://gitorious.org/cft-debian/cft-debian/source/dd19c6e9f02ebdb58397fee1af96e4cfc4b0a5a8:README

"
This tool (cft, pronounced 'sift') follows a sysadmin as she makes changes
to the system. Its basic workings are inspired by Gnome's sabayon, a tool
that watches a user make configuration changes to their desktop and
collects them into a reusable bundle. Instead of the desktop though, cft is
focused on traditional system admins and how they maintain machines, mostly
with command line tools. Cft uses puppet[2] as its backbone for expressing
the configuration of a system, and for understanding in greater detail what
changes the admin has made to the system.
"

Hope it helps

Best regards
------
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--


2014-09-25 11:43 GMT+02:00 Salvador González González
:
>
>   Hello,
>
>  Anyone knows if there is any possibility to generate a puppet manifiest
> from a server to use it as a template to other servers?.
>
> Thanks in advance.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/164dab93-3316-4bd1-b19f-16a56688c1b6%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9vpwP1Ce%3DibvE8YMrv0e9QF8PtYEmsfBbBXw10coBPSvA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Puppet-dashboard not importing automatically the reports

[Juan Sierra Pons]

Hi,

I have 3 puppet-masters/puppet-dashboards "supposedly" configured
equally but in one of them the reports are not being imported on the
dashboard. The other two work ok.

If in the failing one I run the RAILS_ENV=production rake
reports:import then the reports are imported on the dashboard

[root@ puppet-dashboard]# RAILS_ENV=production rake reports:import
(in /usr/share/puppet-dashboard)
Importing 23 reports from /var/lib/puppet/reports in the background
Importing: 100%
|##|
Time: 00:00:00
23 of 23 reports queued

They can be seen as pending tasks on the dashboard

Then the puppet delayed jobs can process them:

[...]
2014-10-14T15:54:25+0200: [Worker(delayed_job.0 host:puppet-dashboard
pid:5006)] Report.create_from_yaml_file completed after 1.6418
2014-10-14T15:54:25+0200: [Worker(delayed_job.0 host:puppet-dashboard
pid:5034)] Report.create_from_yaml_file completed after 1.7403
[...]

On the other servers all the process is automatic and I have double
checked the configuration. In fact at the beginning this server worked
ok two but one day it stopped.

Any Idea what am I missing?

Best regards

--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9v%3D32d0E6VUN0fFXqzhgLMEEdWsj%2BVAznoBjJHqhQiwdA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Puppet-dashboard not importing automatically the reports

[Juan Sierra Pons]

More info about this issue:

On the working dashboard installation the logs says:
Processing ReportsController#upload (for 10.X.X.X at 2014-10-15 03:28:38) [POST]
  Parameters: {"action"=>"upload", "controller"=>"reports"}
Completed in 40ms (View: 0, DB: 13) | 200 OK
[https://dashboard.example.org/reports/upload]

But I cannot find the same line on the not working dashboard. So I
think the problem is this, the puppetmaster not pushing the reports to
the dashboard. In both cases the puppetmaster and the dashboard live
on the same server.

The puppet.conf on the working one is (this also have the puppetdb):
[...]
reporturl = https://dashboard.example.org/reports/upload
reports = store, http, puppetdb
[...]

The puppet.conf on the not working one is:
[...]
reporturl = https://puppet-dashboard.example.org/reports/upload
reports = store, http
[...]

What I am missing?

Best regards

------
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9vExGYU5-cVvcDwEz3Bfh8jX8Fz%2BxY3%2BHrwjRx630aBYA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Dynamic environments with r10k using svn instead of git

[Juan Sierra Pons]

Hi,

I feel pretty comfortable using dynamic environments using r10k and git.
BUT I have been asked to try using svn instead of git

At the Puppetfile level should be pretty easy as it is well documented [1]

mod 'apache',
  :svn => 'https://github.com/puppetlabs/puppetlabs-apache/trunk',
  :rev => '154'

But I don't know how to (if it is possible) configure the r10k.yaml
file. I have searched on the Internet but I haven't found a valid
example. So I have supposed that the r10k should be like this:

# location for cached repos
:cachedir: '/var/cache/r10k'

:sources:
  :base:
remote: 'https://svnserver/svn/puppet/'
basedir: '/tmp/svn'

# purge non-existing environments found here
:purgedirs:
  - '/tmp/svn'

Then running the deploy command gives the following error

r10k deploy environment --config /etc/r10k-svn.yaml
Faraday: you may want to install system_timer for reliable timeouts
[R10K::TaskRunner - ERROR] Task
# failed
while running: Couldn't update git cache for
https://svnserver/svn/puppet/: "fatal: HTTP request failed"

Does r10k support svn at r10k.yaml level?
Any idea what am I doing wrong?

Thanks for your time

Best regards

[1] https://github.com/adrienthebo/r10k/blob/master/doc/puppetfile.mkd
--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9tr9MdkGQO5RmqtZDT6sJhAS4ZWa2HWMMziW7D24xNQQw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] [SOLVED]Re: Puppet-dashboard not importing automatically the reports

[Juan Sierra Pons]

Hi again,

Finally I have found the problem. When I migrated the dashboard from
webrick to be served by apache I misconfigured the dashboard.conf (at
apache level) so I was restricting the puppetmaster to PUT the reports
on the proper URL.


  
# Configuration restricts HTTP actions to POST only
Order allow,deny
Allow from localhost
Allow from localhost.localdomain
Allow from 127.0.0.1
Satisfy any


So finally I wasn't the puppet.conf configuration but the apache configuration.

I hope it helps to others having same problem on the future.

Best regards

--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9st95K%2Bv%3D3UXf65oZNcgNxgNVoutXOkQcb76bE%2BXyq7qQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: puppetlabs mcollective module + clustering

[Juan Sierra Pons]

El viernes, 10 de enero de 2014 10:44:43 UTC+1, Andrey escribió:
>
> Is anyone using mcollective module from puppetlabs?
> is there built-in way to configure activemq clustering between 2 DCs which 
> I am missing? 
>
>
> Andrey
>

Hi,

I am facing the same issue now: configuring activemq clustering between 
several DCs
Right now I am using puppetlabs-mcolletive to install all nodes (servers, 
clients and middleware) but I haven't seen anything related to clustering 
in modules' option

Andrey, did you get puppetlabs-mcolletive/puppetlabs-activemq modules 
configured in clustering mode? Anyone else has experience on this topic?

Thanks

PD: sorry for reviving the old post

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/55947345-1e12-40b9-bfa3-f73e30c57b2e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: Exported resources from multiple sources?

[Juan Sierra Pons]

>
> Alternatively, the biggest hurdle for establishing related masters in
> separate networks may be the shared CA.  If you can solve that, then you
> could perhaps address the other issues with some form of replication between
> the two environments, but replicating the CA is not appropriate.
>
>
> John
>
About the Shared CA and certificates management, have a look to this
post [1] Sync Puppet Certs between EC2 regions.

Disclaimer: I started to configure the solution explained on it but I
haven't finished it yet

Hope it helps

[1] http://blog.mague.com/?p=468

----------
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9vkx3i-1DkNveSay1Zobs3B4_yDDLCHXV-fb87P%3DGT-DA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] how to use snmp trap command to send to monitoring tool if the node goes to changed state

[Juan Sierra Pons]

Hi,

Probably there is a more straightforward way of doing this. Just my 5 cents

Supposing you have the dashboard installed:

1.- Create a script that checks the msyql db for servers that changed
the state during last run. Check nodes table
2.- Make this script launch the traps you need.
3.- Put this script in a cron job

In less than 10-20 lines/30 minutes you should have a working
solution. Quick and dirty :)

Best regards
--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--


2014-11-18 15:50 GMT+01:00 Spriya :
> Hi ,
>
> How to use snmp trap command if the server goes to changed state in puppet?
>
> Anyone,Please help me
>
> Thank you
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/eec10178-e00d-4492-a89d-c37434f48592%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9tMp0FaZHWzyQVNYsvH3Du-zhg8OTX4U7NtQQtrn_0MAw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] how to use snmp trap command to send to monitoring tool if the node goes to changed state

[Juan Sierra Pons]

2014-11-18 16:47 GMT+01:00 Spriya :
> Hi,
>
> Appreciate your help. Do you have any sample script to just get started
>
> Thank You

Hi,

I wrote this post in Spanish long time ago about connecting to a msyql
DB from a bash script:
http://www.elsotanillo.net/2006/05/linux-acceso-a-una-bbdd-mysql-desde-bash-2/

At least the DB connection step is solved. :)

Hope it helps
------
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9vNwLq9hYqimHmkJyd5Pd-sFXyhLMtqL0OhswLq6dpsPg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] puppetlabs-firewall & rate limit

[Juan Sierra Pons]

2014-12-15 17:19 GMT+01:00 Ciro Iriarte :
> Hi!, anybody know if it's possible to create a rule equivalent to this with
> puppetlabs' firewall module?:
>
> iptables -I INPUT -i eth0 -p  --dport  -m hashlimit
> --hashlimit-mode srcip \
>   --hashlimit-srcmask 32 --hashlimit-above 100/s\
>   --hashlimit-burst 100 --hashlimit-name=bad -j DROP
>
> I've seen some references of rate limiting, but no example on the
> documentation.
>
> Regards,
> Ciro
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/49ede11f-80b9-468f-82fa-403ae63f5b21%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

Hi,

In this cases what I usually do is create the desired state manually
and then use Puppet RAL to get the puppetized version.

1.- Create the iptables rules you want on the command line
2.- use "puppet resource firewall" to get the puppet code

Eg:
[...]
puppet resource firewall
firewall { '000 accept all icmp':
  ensure => 'present',
  action => 'accept',
  chain  => 'INPUT',
  isfragment => 'false',
  proto  => 'icmp',
  random => 'false',
  rdest  => 'false',
  reap   => 'false',
  rsource=> 'false',
  rttl   => 'false',
  socket => 'false',
  table  => 'filter',
}
firewall { '103 allow https':
  ensure => 'present',
  action => 'accept',
  chain  => 'INPUT',
  isfragment => 'false',
  port   => ['443'],
  proto  => 'tcp',
  random => 'false',
  rdest  => 'false',
  reap   => 'false',
  rsource=> 'false',
  rttl   => 'false',
  socket => 'false',
  table  => 'filter',
}
[...]

Best regards
--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9sJsiYp3-zaRcBiGgZnryE43atPAnhqzYK5bPQborqAKQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] puppetlabs-firewall & rate limit

[Juan Sierra Pons]

Hi,

I haven't used a similar rule on IPtables, so I don't know if the puppet
one created is equivalent.

So next step i think would be check different iptables output from the same
rule. The one created by the command line and the one created by puppet.
The steps would be

1.- Flush the iptables table
2.- Create the rule by command line
3.- Save the output of "iptables -L"
4.- Flush the iptables table
5.- Create the the rule again using puppet
puppet apply -e '
firewall { '9001 b869ac85751524ce9edb979d29058969':
  ensure => 'present',
  action => 'drop',
  chain  => '--hashlimit-mode',
  dport  => ['bad-client'],
  iniface=> 'srcip',
  isfragment => 'false',
  proto  => '--hashlimit-name',
  random => 'false',
  rdest  => 'false',
  reap   => 'false',
  rsource=> 'false',
  rttl   => 'false',
  socket => 'false',
  table  => 'filter',
}
'
6.- Save the output of "iptables -L"
7.- Compare both outputs to see if both ways generate the same output

Hope it helps

Best regards

--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9u0MaWNh7pVEyUG1bSig7zXR_%2BoMSbcZ%3DOswSksVy%2BECA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: what gets run when a client can't connect?

[Juan Sierra Pons]

Hi,

Also you can use the pre_run directive on your client puppet.conf to run a
command that check vwdial is nunning and starts it if necessary.

More info can be found on
https://www.packtpub.com/books/content/puppet-integrating-external-tools

Best regards

--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

2014-12-10 15:10 GMT+01:00 jcbollinger :
>
>
>
> On Tuesday, December 9, 2014 4:05:19 PM UTC-6, JonY wrote:
>>
>> Situation: client insists on ability to use a 3G modem to connect to AWS
>> servers (including puppet). I need a way to ensure that the 'wvdial'
>> process is running. It will lose the carrier and hang-up at times so I
>> wrote a piece of bash that (re)starts it from puppet.. but you see the
>> problem - if wvdial isn't running then the puppet agent will fail so the
>> exec script won't get run.
>>
>> Is there a way around this? Or do i need to use a cron to fix this?
>>
>>
> During the catalog run is too late.  You need the network connection
> available before the catalog request is made, so that a new catalog can be
> retrieved -- not so much to get wvdial running but to ensure that you get
> an up-to-date catalog.  Otherwise, you might *never* get a fresh catalog.
>
> A task scheduler such as cron is a good way to ensure wvdial is running.
> As long as you're doing that, you might as well use the same scheduler, and
> even the same job, to run the agent.  There are considerable advantages to
> running the agent via an external scheduler instead of as a daemon.
>
>
> John
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/c23eb13a-3c56-447e-955b-1c7e7c545e6b%40googlegroups.com
> <https://groups.google.com/d/msgid/puppet-users/c23eb13a-3c56-447e-955b-1c7e7c545e6b%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9tVs74eX8js7NFAN1304cY7qdL%3Di%2B_XLXHZtEr%2BdFHq9w%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Hiera variable interpolation on extra backend

[Juan Sierra Pons]

Hi

I have the hiera_yamlgpg backend up and running working like a charm with 
the following configuration:
:yamlgpg:
:datadir: "/etc/puppet/environments/%{::environment}/hieradata"
:key_dir: "/etc/puppet/keys" # optional, defaults to ~/.gnupg
:fail_on_error: true # optional, defaults to false 

By business requirements I have been asked to use one or another private 
key depending a custom fact. So my hiera.yaml configuration file looks like 
this:
:yamlgpg:
:datadir: "/etc/puppet/environments/%{::environment}/hieradata"
:key_dir: "/etc/puppet/keys/%{::custom_fact}" # optional, defaults to 
~/.gnupg
:fail_on_error: true # optional, defaults to false 

The problem I am facing is that hiera is not interpolating the 
%{::custom_fact} on the :key_dir: line. The error I get is:

WARN: Tue Apr 07 15:41:17 +0200 2015: No usable keys found in 
/etc/puppet/keys/%{::custom_fact}/. Check :key_dir value in hiera.yaml is 
correct
/etc/puppet/environments/production/modules/hiera_yamlgpg/lib/hiera/backend/yamlgpg_backend.rb:102:in
 
`decrypt_ciphertext': No usable keys found in 
/etc/puppet/keys/%{::custom_fact}/. Check :key_dir value in hiera.yaml is 
correct (Hiera::Backend::YamlgpgError) 

Puppetlabs' documentation [1] says " You can also interpolate variables 
into other settings, such as :datadir (in the YAML and JSON backends):" 
which makes sense with the behavior I am getting (Sadly, it doesn't says 
anything about other variables :():
  * The %{::environment} variable on :datadir: line is interpolated
  * But %{::custom_fact} on :key_dir: is not.

Any Idea how to workaround this? 

[1] http://docs.puppetlabs.com/hiera/1/variables.html#in-other-settings

Thank you for your time

Best regards

------
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202  
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--


-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/2f05482d-1452-4f05-aeee-d524d05d7e9a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] PuppetDB remote connection not working with CURL but working with openssl

[Juan Sierra Pons]

Hi,

I am trying to query the puppetdb from a remote server using curl and
https without success.

I have already generated the certificates and move them the remote server.

Using openssl all works ok

First I launch the following command:
openssl s_client -connect puppetdb:8081 -CAfile ca.pem -cert
pentahotest.pem.cer -key pentahotest.pem.priv

Once the connection is stablished I send the url to get the results:
get /v3/nodes
[ {
  "name" : "server1",
  "deactivated" : null,
  "catalog_timestamp" : "2015-08-13T09:12:44.087Z",
  "facts_timestamp" : "2015-08-13T09:12:35.127Z",
  "report_timestamp" : "2015-08-13T09:13:10.401Z"
}
[...]

So certificates are working ok. But If I use CURL with same
certificates it doesn't works

$ curl -vvv -sfG 'https://puppetdb:8081/v3/nodes' --cacert ca_crt.pem
--cert pentahotest.pem.cer --key pentahotest.pem.priv
* STATE: INIT => CONNECT handle 0x600057080; line 1075 (connection #-5000)
* Added connection 0. The cache now contains 1 members
*   Trying X.X.X.X...
* STATE: CONNECT => WAITCONNECT handle 0x600057080; line 1128 (connection #0)
* Connected to puppetdb (X.X.X.X) port 8081 (#0)
* STATE: WAITCONNECT => SENDPROTOCONNECT handle 0x600057080; line 1225
(connection #0)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* error setting certificate verify locations:
  CAfile: ca_crt.pem
  CApath: none
* STATE: SENDPROTOCONNECT => PROTOCONNECT handle 0x600057080; line
1239 (connection #0)
* Expire cleared
* Curl_done
* Closing connection 0
* The cache now contains 0 members

Any idea what am I doing wrong?

Best regards

--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9tJ5321SNXJKTPgHY-5T4vGj19HNhp-_MPfM7QA1njbRw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: PuppetDB remote connection not working with CURL but working with openssl

[Juan Sierra Pons]

The problem was between the seat and the keyboard :P

I was using different ca names (ca_crt.pem != ca.pem)

Now it works perfectly

Best regard
--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--


2015-08-13 11:43 GMT+02:00 Juan Sierra Pons :
> Hi,
>
> I am trying to query the puppetdb from a remote server using curl and
> https without success.
>
> I have already generated the certificates and move them the remote server.
>
> Using openssl all works ok
>
> First I launch the following command:
> openssl s_client -connect puppetdb:8081 -CAfile ca.pem -cert
> pentahotest.pem.cer -key pentahotest.pem.priv
>
> Once the connection is stablished I send the url to get the results:
> get /v3/nodes
> [ {
>   "name" : "server1",
>   "deactivated" : null,
>   "catalog_timestamp" : "2015-08-13T09:12:44.087Z",
>   "facts_timestamp" : "2015-08-13T09:12:35.127Z",
>   "report_timestamp" : "2015-08-13T09:13:10.401Z"
> }
> [...]
>
> So certificates are working ok. But If I use CURL with same
> certificates it doesn't works
>
> $ curl -vvv -sfG 'https://puppetdb:8081/v3/nodes' --cacert ca_crt.pem
> --cert pentahotest.pem.cer --key pentahotest.pem.priv
> * STATE: INIT => CONNECT handle 0x600057080; line 1075 (connection #-5000)
> * Added connection 0. The cache now contains 1 members
> *   Trying X.X.X.X...
> * STATE: CONNECT => WAITCONNECT handle 0x600057080; line 1128 (connection #0)
> * Connected to puppetdb (X.X.X.X) port 8081 (#0)
> * STATE: WAITCONNECT => SENDPROTOCONNECT handle 0x600057080; line 1225
> (connection #0)
> * ALPN, offering http/1.1
> * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
> * error setting certificate verify locations:
>   CAfile: ca_crt.pem
>   CApath: none
> * STATE: SENDPROTOCONNECT => PROTOCONNECT handle 0x600057080; line
> 1239 (connection #0)
> * Expire cleared
> * Curl_done
> * Closing connection 0
> * The cache now contains 0 members
>
> Any idea what am I doing wrong?
>
> Best regards
>
> --
> Juan Sierra Pons j...@elsotanillo.net
> Linux User Registered: #257202
> Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
> GPG key = 0xA110F4FE
> Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
> --

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9vJYN4rQP8b%2Bzsrn6jx8Cp8PJ7uM2p_9KUmntY5_Eg4vw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Trying link to home directory

[Juan Sierra Pons]

2012/6/28 eduardo :
> Dears all,
>
>  I have been master and agent in the same machine, to did it I took
> from http://madduck.net/blog/2010.03.11:splitting-puppetd-from-puppetmaster/,
> so /var/lib/puppetmaster is the puppet working directory for both.
>  I need to have a repository on my $HOME nowadays owned by me, so I
> trying something like :
>
>  root@casa:/# service puppetmaster stop
>  * Stopping puppet
> master                                                [ OK ]
>
> root@casa:/# ln -s /home/era/speedy_repo/puppet-eduardo/puppet/ /etc/
> puppet
>
> root@casa:/# ls -ld /etc/puppet  # LOOKS GOOD .
> lrwxrwxrwx 1 root root 44 2012-06-27 18:12 /etc/puppet -> /home/era/
> speedy_repo/puppet-eduardo/puppet/
>
>
>  But a new directory /etc/puppet is created whenever start
> puppetmaster.
>
>
> root@casa:/# service puppetmaster start
>  * Starting puppet
> master                                                [ OK ]
>
> root@casa:/# ls -ld /etc/puppet  # LOOKS VERY BAD.
> drwxr-xr-x 3 root root 4096 2012-06-27 18:13 /etc/puppet
> root@casa:/#
>
>
>  Is there any way to do it ?.
>
>
>  Thanks in advanced,
>  eduardo.
>
> --
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to 
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.
>

Hi,

Way do you want to do this? Can you explain a little bit more the reason?

Maybe there is another way to achieve your goal but we need to know it

There are some parameters. eg:
vardir=/var/lib/puppet
ssldir=/var/lib/puppet/ssl
rundir=/var/run/puppet

That can be included in the [main] and /or [agent] section of your
puppet.conf that can help in this case

Best regards

--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202   http://www.elsotanillo.net
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Trying link to home directory

[Juan Sierra Pons]

2012/6/28 eduardo :
>  Thanks you Juan for quick answer. You are right, i was not clear.
>
>  I began showing my scenario and the way i found to have master and
> agent in my pc.
>
>  I need to have /etc/puppet tree in my home directory owned by me, we
> are a group having git repositories to development colaboration.
>
>
>  Thanks you,
>  eduardo.
>
>
> On 28 jun, 08:11, Juan Sierra Pons  wrote:
>> 2012/6/28 eduardo :
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> > Dears all,
>>
>> >  I have been master and agent in the same machine, to did it I took
>> > fromhttp://madduck.net/blog/2010.03.11:splitting-puppetd-from-puppetmaster/,
>> > so /var/lib/puppetmaster is the puppet working directory for both.
>> >  I need to have a repository on my $HOME nowadays owned by me, so I
>> > trying something like :
>>
>> >  root@casa:/# service puppetmaster stop
>> >  * Stopping puppet
>> > master                                                [ OK ]
>>
>> > root@casa:/# ln -s /home/era/speedy_repo/puppet-eduardo/puppet/ /etc/
>> > puppet
>>
>> > root@casa:/# ls -ld /etc/puppet  # LOOKS GOOD .
>> > lrwxrwxrwx 1 root root 44 2012-06-27 18:12 /etc/puppet -> /home/era/
>> > speedy_repo/puppet-eduardo/puppet/
>>
>> >  But a new directory /etc/puppet is created whenever start
>> > puppetmaster.
>>
>> > root@casa:/# service puppetmaster start
>> >  * Starting puppet
>> > master                                                [ OK ]
>>
>> > root@casa:/# ls -ld /etc/puppet  # LOOKS VERY BAD.
>> > drwxr-xr-x 3 root root 4096 2012-06-27 18:13 /etc/puppet
>> > root@casa:/#
>>
>> >  Is there any way to do it ?.
>>
>> >  Thanks in advanced,
>> >  eduardo.
>>
>> > --
>> > You received this message because you are subscribed to the Google Groups 
>> > "Puppet Users" group.
>> > To post to this group, send email to puppet-users@googlegroups.com.
>> > To unsubscribe from this group, send email to 
>> > puppet-users+unsubscr...@googlegroups.com.
>> > For more options, visit this group 
>> > athttp://groups.google.com/group/puppet-users?hl=en.
>>
>> Hi,
>>
>> Way do you want to do this? Can you explain a little bit more the reason?
>>
>> Maybe there is another way to achieve your goal but we need to know it
>>
>> There are some parameters. eg:
>> vardir=/var/lib/puppet
>> ssldir=/var/lib/puppet/ssl
>> rundir=/var/run/puppet
>>
>> That can be included in the [main] and /or [agent] section of your
>> puppet.conf that can help in this case
>>
>> Best regards
>>
>> --
>> Juan Sierra Pons                                 j...@elsotanillo.net
>> Linux User Registered: #257202      http://www.elsotanillo.net
>> GPG key = 0xA110F4FE
>> Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
>> --
>
> --
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to 
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.
>
Hi

I think the right (my) approach is having a have a central repository
(doesn't matter if it is you home directory) and deploy to the
puppetmaster on demand using the repository tools: git push/pull, etc.

I mean not allowing the developers to work directly in your
/home/user/etc/puppet

Here is a good example:

* Deploying changes with Rake [1] ( Sign In, Subscribe or Register For
a Free Trial needed)


This way developers have a place to save their work and changes will
be pushed to de puppetmaster on demand.

[1] 
http://my.safaribooksonline.com/book/-/9781849515382/puppet-infrastructure/ch01lvl1sec03

I hope it helps

Best regards
--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202   http://www.elsotanillo.net
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Trying link to home directory

[Juan Sierra Pons]

2012/6/28 eduardo :
>  In development environment the simplest way to work is having git
> repositories on /home directories, not in system directory like /etc/
> puppet. I have setting my home environment to development having
> username 'era'. I have in there git repositories to development and
> that's why I pretend a soft link /etc/puppet to target /home/era/
> speedy_repo/puppet-eduardo/puppet/ files owned by 'era' not by 'root',
> so I can edit then and git operations like 'era'.
>
>
> On 28 jun, 09:46, Juan Sierra Pons  wrote:
>> 2012/6/28 eduardo :
>>
>>
>>
>>
>>
>>
>>
>> >  Thanks you Juan for quick answer. You are right, i was not clear.
>>
>> >  I began showing my scenario and the way i found to have master and
>> > agent in my pc.
>>
>> >  I need to have /etc/puppet tree in my home directory owned by me, we
>> > are a group having git repositories to development colaboration.
>>
>> >  Thanks you,
>> >  eduardo.
>>
>> > On 28 jun, 08:11, Juan Sierra Pons  wrote:
>> >> 2012/6/28 eduardo :
>>
>> >> > Dears all,
>>
>> >> >  I have been master and agent in the same machine, to did it I took
>> >> > fromhttp://madduck.net/blog/2010.03.11:splitting-puppetd-from-puppetmaster/,
>> >> > so /var/lib/puppetmaster is the puppet working directory for both.
>> >> >  I need to have a repository on my $HOME nowadays owned by me, so I
>> >> > trying something like :
>>
>> >> >  root@casa:/# service puppetmaster stop
>> >> >  * Stopping puppet
>> >> > master                                                [ OK ]
>>
>> >> > root@casa:/# ln -s /home/era/speedy_repo/puppet-eduardo/puppet/ /etc/
>> >> > puppet
>>
>> >> > root@casa:/# ls -ld /etc/puppet  # LOOKS GOOD .
>> >> > lrwxrwxrwx 1 root root 44 2012-06-27 18:12 /etc/puppet -> /home/era/
>> >> > speedy_repo/puppet-eduardo/puppet/
>>
>> >> >  But a new directory /etc/puppet is created whenever start
>> >> > puppetmaster.
>>
>> >> > root@casa:/# service puppetmaster start
>> >> >  * Starting puppet
>> >> > master                                                [ OK ]
>>
>> >> > root@casa:/# ls -ld /etc/puppet  # LOOKS VERY BAD.
>> >> > drwxr-xr-x 3 root root 4096 2012-06-27 18:13 /etc/puppet
>> >> > root@casa:/#
>>
>> >> >  Is there any way to do it ?.
>>
>> >> >  Thanks in advanced,
>> >> >  eduardo.
>>
>> >> > --
>> >> > You received this message because you are subscribed to the Google 
>> >> > Groups "Puppet Users" group.
>> >> > To post to this group, send email to puppet-users@googlegroups.com.
>> >> > To unsubscribe from this group, send email to 
>> >> > puppet-users+unsubscr...@googlegroups.com.
>> >> > For more options, visit this group 
>> >> > athttp://groups.google.com/group/puppet-users?hl=en.
>>
>> >> Hi,
>>
>> >> Way do you want to do this? Can you explain a little bit more the reason?
>>
>> >> Maybe there is another way to achieve your goal but we need to know it
>>
>> >> There are some parameters. eg:
>> >> vardir=/var/lib/puppet
>> >> ssldir=/var/lib/puppet/ssl
>> >> rundir=/var/run/puppet
>>
>> >> That can be included in the [main] and /or [agent] section of your
>> >> puppet.conf that can help in this case
>>
>> >> Best regards
>>
>> >> --
>> >> Juan Sierra Pons                                 j...@elsotanillo.net
>> >> Linux User Registered: #257202      http://www.elsotanillo.net
>> >> GPG key = 0xA110F4FE
>> >> Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
>> >> --
>>
>> > --
>> > You received this message because you are subscribed to the Google Groups 
>> > "Puppet Users" group.
>> > To post to this group, send email to puppet-users@googlegroups.com.
>> > To unsubscribe from this group, send email to 
>> > puppet-users+unsubscr...@googlegroups.com.
>>

Re: [Puppet Users] See puppet output in stdout when running --no-daemonize inside a bash script

[Juan Sierra Pons]

On Jul 18, 2012 5:30 PM, "Sam Simmons"  wrote:
>
> I'm simply trying to run puppet inside a bash script but I'm not seeing
any output.
>
> #!/bin/bash
> puppet master --mkusers --autosign --verbose --no-daemonize
>
> Is there an I/O redirection incantation I'm missing?
>
> --
> You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
> To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/H2aXJn59bRQJ.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

Hi,
Add
set -x
in the second line.

This will run you script in verbose mode and see what happen.

Hope it helps

Best regards

Juan

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Could not evaluate: Could not retrieve information from environment production source(s) for one module, for other is ok

[Juan Sierra Pons]

Hi,

I have been fighting this issue without success for several days. I am
sure some of you have dealt with something similar:

I have 2 manifest one for vim which works like a charm :

class vim {
if $operatingsystem == "Debian" {
package {"vim":
ensure => present,
}
package {'vim-puppet':
ensure  => present,
require => Package["vim"],
}
}
file { "/etc/vim/vimrc":
owner   => "root",
group   => "root",
mode=> 0644,
source  =>"puppet://$puppetserver/modules/vim/etc/vim/vimrc",
require => Package["vim"],
}
}

The source file is downloaded ok
Aug  6 20:49:55 virtualito puppet-agent[26967]:
(/Stage[main]/Vim/File[/etc/vim/vimrc]/ensure) defined content as
'{md5}b98e8ce84974ad114ec0e12b8b97fa1f'

BUT I have a similar manifest for ntp:

class ntp {
if $is_virtual == 'false' {
package { 'ntp':
ensure => present,
}
service { 'ntp':
  ensure => 'running',
  enable => 'true',
  hasrestart => 'true',
  require=> Package['ntp']
}
file { "/etc/ntpd.conf":
  owner   => "root",
  group   => "root",
  mode=> 0644,
  require => Package["ntp"],
  source =>
"puppet://$puppetserver/modules/ntp/files/etc/ntp.conf",
}
}
if $is_virtual == 'true' {
package { 'ntp':
ensure => purged,
}
}
}

In this case the source file is not downloaded and the logs show the
following output:

(/Stage[main]/Ntp/File[/etc/ntpd.conf]) Could not evaluate: Could not
retrieve information from environment production source(s)
puppet:///modules/ntp/files/etc/ntp.conf at
/etc/puppet/modules/ntp/manifests/init.pp:19

I have already checked that puppet user can get to the proper file so
is not a issue of FS permission.

Any idea?

Best regards

--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202   http://www.elsotanillo.net
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Could not evaluate: Could not retrieve information from environment production source(s) for one module, for other is ok

[Juan Sierra Pons]

Thank you all for point me in the right direction:

- The problem was the "file" part include in the path. No it works OK
I didn't pay enough attention to it

- http://docs.puppetlabs.com/guides/file_serving.html explains
perfectly how it works

- puppet-lint is an excellent tool too

Best regards

------
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202   http://www.elsotanillo.net
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--


2012/8/7 Josh Cooper :
> On Mon, Aug 6, 2012 at 3:25 PM, jenrzzz  wrote:
>>
>> Your source path should be
>> "puppet://$puppetserver/modules/ntp/etc/ntp.conf". Leave out the 'files'
>> part.
>>
>> -- Jenner
>>
>> On Monday, August 6, 2012 12:01:20 PM UTC-7, Juan Sierra Pons wrote:
>>>
>>> Hi,
>>>
>>> I have been fighting this issue without success for several days. I am
>>> sure some of you have dealt with something similar:
>>>
>>> I have 2 manifest one for vim which works like a charm :
>>>
>>> class vim {
>>> if $operatingsystem == "Debian" {
>>> package {"vim":
>>> ensure => present,
>>> }
>>> package {'vim-puppet':
>>> ensure  => present,
>>> require => Package["vim"],
>>> }
>>> }
>>> file { "/etc/vim/vimrc":
>>> owner   => "root",
>>> group   => "root",
>>> mode=> 0644,
>>> source
>>> =>"puppet://$puppetserver/modules/vim/etc/vim/vimrc",
>>> require => Package["vim"],
>>> }
>>> }
>>>
>>> The source file is downloaded ok
>>> Aug  6 20:49:55 virtualito puppet-agent[26967]:
>>> (/Stage[main]/Vim/File[/etc/vim/vimrc]/ensure) defined content as
>>> '{md5}b98e8ce84974ad114ec0e12b8b97fa1f'
>>>
>>> BUT I have a similar manifest for ntp:
>>>
>>> class ntp {
>>> if $is_virtual == 'false' {
>>> package { 'ntp':
>>> ensure => present,
>>> }
>>> service { 'ntp':
>>>   ensure => 'running',
>>>   enable => 'true',
>>>   hasrestart => 'true',
>>>   require=> Package['ntp']
>>> }
>>> file { "/etc/ntpd.conf":
>>>   owner   => "root",
>>>   group   => "root",
>>>   mode=> 0644,
>>>   require => Package["ntp"],
>>>   source =>
>>> "puppet://$puppetserver/modules/ntp/files/etc/ntp.conf",
>>> }
>>> }
>>> if $is_virtual == 'true' {
>>> package { 'ntp':
>>> ensure => purged,
>>> }
>>> }
>>> }
>>>
>>> In this case the source file is not downloaded and the logs show the
>>> following output:
>>>
>>> (/Stage[main]/Ntp/File[/etc/ntpd.conf]) Could not evaluate: Could not
>>> retrieve information from environment production source(s)
>>> puppet:///modules/ntp/files/etc/ntp.conf at
>>> /etc/puppet/modules/ntp/manifests/init.pp:19
>>>
>>> I have already checked that puppet user can get to the proper file so
>>> is not a issue of FS permission.
>>>
>>> Any idea?
>>>
>>> Best regards
>>>
>>>
>>> --
>>> Juan Sierra Pons j...@elsotanillo.net
>>> Linux User Registered: #257202   http://www.elsotanillo.net
>>> GPG key = 0xA110F4FE
>>> Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
>>>
>>&

Re: [Puppet Users] Puppet Dashboard installation on Debian Wheezy

[Juan Sierra Pons]

Hi

Yesterday I had the same problem. I solved it using this link:

http://docs.puppetlabs.com/dashboard/manual/1.2/bootstrapping.html#installing-dependencies

Install the RubyGems package system with the script provided.

Hope it helps.

Best regards
On Aug 8, 2012 5:59 PM, "Deimos Fr"  wrote:

> Hi,
>
> I've got an issue on installing Puppet Dashboard on Debian wheezy. When I
> launch the db:migrate, I've got an error :
>
>> > rake RAILS_ENV=production db:migrate --trace
>> NOTE: Gem.source_index is deprecated, use Specification. It will be
>> removed on or after 2011-11-01.
>> Gem.source_index called from
>> /usr/share/puppet-dashboard/vendor/rails/railties/lib/rails/gem_dependency.rb:21.
>> NOTE: Gem::SourceIndex#initialize is deprecated with no replacement. It
>> will be removed on or after 2011-11-01.
>> Gem::SourceIndex#initialize called from
>> /usr/share/puppet-dashboard/vendor/rails/railties/lib/rails/vendor_gem_source_index.rb:100.
>> NOTE: Gem::SourceIndex#add_spec is deprecated, use
>> Specification.add_spec. It will be removed on or after 2011-11-01.
>> Gem::SourceIndex#add_spec called from
>> /usr/lib/ruby/1.9.1/rubygems/source_index.rb:91.
>> NOTE: Gem::SourceIndex#add_spec is deprecated, use
>> Specification.add_spec. It will be removed on or after 2011-11-01.
>> Gem::SourceIndex#add_spec called from
>> /usr/lib/ruby/1.9.1/rubygems/source_index.rb:91.
>> NOTE: Gem::SourceIndex#add_spec is deprecated, use
>> Specification.add_spec. It will be removed on or after 2011-11-01.
>> Gem::SourceIndex#add_spec called from
>> /usr/lib/ruby/1.9.1/rubygems/source_index.rb:91.
>> NOTE: Gem::SourceIndex#add_spec is deprecated, use
>> Specification.add_spec. It will be removed on or after 2011-11-01.
>> Gem::SourceIndex#add_spec called from
>> /usr/lib/ruby/1.9.1/rubygems/source_index.rb:91.
>> NOTE: Gem::SourceIndex#add_spec is deprecated, use
>> Specification.add_spec. It will be removed on or after 2011-11-01.
>> Gem::SourceIndex#add_spec called from
>> /usr/lib/ruby/1.9.1/rubygems/source_index.rb:91.
>> NOTE: Gem::SourceIndex#add_spec is deprecated, use
>> Specification.add_spec. It will be removed on or after 2011-11-01.
>> Gem::SourceIndex#add_spec called from
>> /usr/lib/ruby/1.9.1/rubygems/source_index.rb:91.
>> NOTE: Gem::SourceIndex#add_spec is deprecated, use
>> Specification.add_spec. It will be removed on or after 2011-11-01.
>> Gem::SourceIndex#add_spec called from
>> /usr/lib/ruby/1.9.1/rubygems/source_index.rb:91.
>> NOTE: Gem::SourceIndex#add_spec is deprecated, use
>> Specification.add_spec. It will be removed on or after 2011-11-01.
>> Gem::SourceIndex#add_spec called from
>> /usr/lib/ruby/1.9.1/rubygems/source_index.rb:91.
>> NOTE: Gem::SourceIndex#add_spec is deprecated, use
>> Specification.add_spec. It will be removed on or after 2011-11-01.
>> Gem::SourceIndex#add_spec called from
>> /usr/lib/ruby/1.9.1/rubygems/source_index.rb:91.
>> NOTE: Gem::SourceIndex#add_spec is deprecated, use
>> Specification.add_spec. It will be removed on or after 2011-11-01.
>> Gem::SourceIndex#add_spec called from
>> /usr/lib/ruby/1.9.1/rubygems/source_index.rb:91.
>> NOTE: Gem::SourceIndex#add_spec is deprecated, use
>> Specification.add_spec. It will be removed on or after 2011-11-01.
>> Gem::SourceIndex#add_spec called from
>> /usr/lib/ruby/1.9.1/rubygems/source_index.rb:91.
>> NOTE: Gem::SourceIndex#add_spec is deprecated, use
>> Specification.add_spec. It will be removed on or after 2011-11-01.
>> Gem::SourceIndex#add_spec called from
>> /usr/lib/ruby/1.9.1/rubygems/source_index.rb:91.
>> NOTE: Gem::SourceIndex#add_spec is deprecated, use
>> Specification.add_spec. It will be removed on or after 2011-11-01.
>> Gem::SourceIndex#add_spec called from
>> /usr/lib/ruby/1.9.1/rubygems/source_index.rb:91.
>> NOTE: Gem::SourceIndex#add_spec is deprecated, use
>> Specification.add_spec. It will be removed on or after 2011-11-01.
>> Gem::SourceIndex#add_spec called from
>> /usr/lib/ruby/1.9.1/rubygems/source_index.rb:91.
>> NOTE: Gem::SourceIndex#add_spec is deprecated, use
>> Specification.add_spec. It will be removed on or after 2011-11-01.
>> Gem::SourceIndex#add_spec called from
>> /usr/lib/ruby/1.9.1/rubygems/source_index.rb:91.
>> NOTE: Gem::SourceIndex#add_spec is deprecated, use
>> Specification.add_spec. It will be removed on or after 2011-11-01.
>> Gem::SourceIndex#add_spec called from
>> /usr/lib/ruby/1.9.1/rubygems/source_index.rb:91.
>> NOTE: Gem::SourceIndex#add_spec is deprecated, use
>> Specification.add_spec. It will be removed on or after 2011-11-01.
>> Gem::SourceIndex#add_spec called from
>> /usr/lib/ruby/1.9.1/rubygems/source_index.rb:91.
>> NOTE: Gem::SourceIndex#add_spec is deprecated, use
>> Specification.add_spec. It will be removed on or after 2011-11-01.
>> Gem::SourceIndex#add_spec called from
>> /usr/lib/ruby/1.9.1/rubygems/source_index.rb:91.
>> rake aborted!
>> cannot load such file -- ftools
>> /usr/lib/ruby/1.9.1/rubygems/custom_require.rb:36:in `require'
>> /usr/lib/ruby/1

Re: [Puppet Users] Puppet Dashboard installation on Debian Wheezy

[Juan Sierra Pons]

2012/8/13 Deimos Fr :
> Hi,
>
> Thanks for the answer, but still searching as I've got this error now :
>
>> ruby setup.rb
>> /usr/lib/ruby/1.9.1/rubygems.rb:206:in `try_activate': undefined method
>> `find_by_path' for Gem::Specification:Class (NoMethodError)
>> from /usr/lib/ruby/1.9.1/rubygems/custom_require.rb:59:in `rescue in
>> require'
>> from /usr/lib/ruby/1.9.1/rubygems/custom_require.rb:35:in `require'
>> from
>> /tmp/install_rubygems.wX4fqo5x78/rubygems-1.3.7/lib/rubygems/config_file.rb:50:in
>> `'
>> from
>> /tmp/install_rubygems.wX4fqo5x78/rubygems-1.3.7/lib/rubygems/config_file.rb:28:in
>> `'
>> from /usr/lib/ruby/1.9.1/rubygems/custom_require.rb:36:in `require'
>> from /usr/lib/ruby/1.9.1/rubygems/custom_require.rb:36:in `require'
>> from
>> /tmp/install_rubygems.wX4fqo5x78/rubygems-1.3.7/lib/rubygems/gem_runner.rb:8:in
>> `'
>> from /usr/lib/ruby/1.9.1/rubygems/custom_require.rb:36:in `require'
>> from /usr/lib/ruby/1.9.1/rubygems/custom_require.rb:36:in `require'
>> from setup.rb:25:in `'
>
>
>
> Le mercredi 8 août 2012 18:53:30 UTC+2, Juan Sierra Pons a écrit :
>>
>> Hi
>>
>> Yesterday I had the same problem. I solved it using this link:
>>
>>
>> http://docs.puppetlabs.com/dashboard/manual/1.2/bootstrapping.html#installing-dependencies
>>
>> Install the RubyGems package system with the script provided.
>>
>> Hope it helps.
>>
>> Best regards
>>
>> On Aug 8, 2012 5:59 PM, "Deimos Fr"  wrote:
>>>
>>> Hi,
>>>
>>> I've got an issue on installing Puppet Dashboard on Debian wheezy. When I
>>> launch the db:migrate, I've got an error :
>>>>
>>>> > rake RAILS_ENV=production db:migrate --trace
>>>> NOTE: Gem.source_index is deprecated, use Specification. It will be
>>>> removed on or after 2011-11-01.
>>>> Gem.source_index called from
>>>> /usr/share/puppet-dashboard/vendor/rails/railties/lib/rails/gem_dependency.rb:21.
>>>> NOTE: Gem::SourceIndex#initialize is deprecated with no replacement. It
>>>> will be removed on or after 2011-11-01.
>>>> Gem::SourceIndex#initialize called from
>>>> /usr/share/puppet-dashboard/vendor/rails/railties/lib/rails/vendor_gem_source_index.rb:100.
>>>> NOTE: Gem::SourceIndex#add_spec is deprecated, use
>>>> Specification.add_spec. It will be removed on or after 2011-11-01.
>>>> Gem::SourceIndex#add_spec called from
>>>> /usr/lib/ruby/1.9.1/rubygems/source_index.rb:91.
>>>> NOTE: Gem::SourceIndex#add_spec is deprecated, use
>>>> Specification.add_spec. It will be removed on or after 2011-11-01.
>>>> Gem::SourceIndex#add_spec called from
>>>> /usr/lib/ruby/1.9.1/rubygems/source_index.rb:91.
>>>> NOTE: Gem::SourceIndex#add_spec is deprecated, use
>>>> Specification.add_spec. It will be removed on or after 2011-11-01.
>>>> Gem::SourceIndex#add_spec called from
>>>> /usr/lib/ruby/1.9.1/rubygems/source_index.rb:91.
>>>> NOTE: Gem::SourceIndex#add_spec is deprecated, use
>>>> Specification.add_spec. It will be removed on or after 2011-11-01.
>>>> Gem::SourceIndex#add_spec called from
>>>> /usr/lib/ruby/1.9.1/rubygems/source_index.rb:91.
>>>> NOTE: Gem::SourceIndex#add_spec is deprecated, use
>>>> Specification.add_spec. It will be removed on or after 2011-11-01.
>>>> Gem::SourceIndex#add_spec called from
>>>> /usr/lib/ruby/1.9.1/rubygems/source_index.rb:91.
>>>> NOTE: Gem::SourceIndex#add_spec is deprecated, use
>>>> Specification.add_spec. It will be removed on or after 2011-11-01.
>>>> Gem::SourceIndex#add_spec called from
>>>> /usr/lib/ruby/1.9.1/rubygems/source_index.rb:91.
>>>> NOTE: Gem::SourceIndex#add_spec is deprecated, use
>>>> Specification.add_spec. It will be removed on or after 2011-11-01.
>>>> Gem::SourceIndex#add_spec called from
>>>> /usr/lib/ruby/1.9.1/rubygems/source_index.rb:91.
>>>> NOTE: Gem::SourceIndex#add_spec is deprecated, use
>>>> Specification.add_spec. It will be removed on or after 2011-11-01.
>>>> Gem::SourceIndex#add_spec called from
>>>> /usr/lib/ruby/1.9.1/rubygems/source_index.rb:91.
>>>> NOTE: Gem::SourceIndex#add_spec is deprecated, use
>>>> Specification.add_spec. It will be removed on or after 2011-11-01.
>

Re: [Puppet Users] How to syntax debug in puppet 3?

[Juan Sierra Pons]

Hi

I my 5 cents:

I first use vim-puppet (syntax highlighting for puppet manifests in
vim while creating my manifest) To create my manifests

Then I use
- puppet parser validate file.pp (Validate the syntax of one or more
Puppet manifests).

- puppet-lint file.pp (Check that your Puppet manifest conform to the
style guide) this one must installed using gems package manager: gem
install puppet-lint

Usually inside a loop to check many files at a time

Check all .pp files in a directory
find -name '*.pp' | xargs -n 1 -t puppet parser validate
find -name '*.pp' | xargs -n 1 -t puppet-lint

Best regards
----------
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202   http://www.elsotanillo.net
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

2012/8/24 Bernd Adamowicz :
> Hi Sandra,
>
>
>
> Yes, you may either use it as an Eclipse plugin or as a standalone program.
> There’s no link to vi or Emacs at all. I think I know what you mean. My
> absolutely favorite editor is vim. Normally I don’t need anything else but
> the command line and vim. However, when it’s about creating source code
> (Puppet, Java, whatever) I want to have the ability to see my errors while
> I’m typing and that’s why I then move to some GUI stuff like Eclipse. It
> saves me a lot of time. (Not to mention some other advantages like code
> formatting.)
>
>
>
> I know there are also command line tools for validating Puppet code. Maybe
> someone else from this list can provide more information.
>
>
>
> Cheers
>
> Bernd
>
>
>
> From: puppet-users@googlegroups.com [mailto:puppet-users@googlegroups.com]
> On Behalf Of Sandra Schlichting
> Sent: Freitag, 24. August 2012 12:27
> To: puppet-users@googlegroups.com
> Subject: Re: [Puppet Users] How to syntax debug in puppet 3?
>
>
>
> Hi Bernd
>
>
>
> Did you ever try Gepetto (https://github.com/cloudsmith/geppetto)? At least
> in the coming version (3.0) will support Puppet 3. I really do recommend
> Gepetto since I’ve been working with it for more than a year now and it
> helped me a lot creating error free code. You should give it a try. There
> are also current beta releases available which (as far as I know) already do
> support Puppet 3. It’s available as an Eclipse plugin and as a standalone
> program.
>
> Ok, so Gepetto is a plugin for Eclipse?
>
>
>
> I don't suppose it works with either VI or emacs?
>
>
>
> Hugs,
>
> Sandra
>
>
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/puppet-users/-/oljsXv0_ayIJ.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] How to syntax debug in puppet 3?

[Juan Sierra Pons]

Hi

I installed it from puppetlabs repositories (in debian):

Package: vim-puppet
Source: puppet
Version: 2.7.19-1puppetlabs1
Architecture: all
Maintainer: Puppet Labs 
Installed-Size: 332
Recommends: vim-addon-manager
Conflicts: puppet (<< 2.7.19-1puppetlabs1)
Section: admin
Priority: optional
Homepage: http://projects.puppetlabs.com/projects/puppet
Description: syntax highlighting for puppet manifests in vim
 The vim-puppet package provides filetype detection and syntax highlighting for
 puppet manifests (files ending with ".pp").
Filename: pool/squeeze/main/p/puppet/vim-puppet_2.7.19-1puppetlabs1_all.deb
MD5sum: 9a02b144f442b7980e419d26baac09b7
SHA1: 1ff9022b0f416a8cb38bbca3ad0eddbceadd6074
SHA256: bf64cfb4cf9c2711659db7d97c63b380290076c1008eb962c92b2b9b377de658
Size: 260222

So I suppose it must be packaged for other dists: CentOS, RedHat, etc

Best regards

----------
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202   http://www.elsotanillo.net
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Can Puppet alert about dead nodes?

[Juan Sierra Pons]

Hi,

If you have dashboard installed unresponsive nodes can be seen in the
left panel.

Hope it helps

Best regards
--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202   http://www.elsotanillo.net
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--


2012/10/31 Sandra Schlichting :
> Hi all =)
>
> Can the puppet master tell me which nodes it haven't heard from in X days?
>
> Hugs,
> Sandra =)
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/puppet-users/-/IJO5Osd3rVoJ.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Unable to configure Puppet-dashboard using opensource package

[Juan Sierra Pons]

2012/11/28 Bill :
> Hi
>
> I'm trying to configure Puppet-dashboard after installing Puppet from the
> open source package. But there was no issues when using the Enterprise
> package.
> Do you have any solutions for the below error? I'm trying to configure
> Puppet-dashboard.
>
> # rake RAILS_ENV=production db:migrate
> NOTE: Gem.source_index is deprecated, use Specification. It will be
removed
> on or after 2011-11-01.
> Gem.source_index called from
>
/opt/puppet-dashboard/vendor/rails/railties/lib/rails/gem_dependency.rb:21.
> NOTE: Gem::SourceIndex#initialize is deprecated with no replacement. It
will
> be removed on or after 2011-11-01.
> Gem::SourceIndex#initialize called from
>
/opt/puppet-dashboard/vendor/rails/railties/lib/rails/vendor_gem_source_index.rb:100.
> NOTE: Gem::SourceIndex#add_spec is deprecated, use Specification.add_spec.
> It will be removed on or after 2011-11-01.
> Gem::SourceIndex#add_spec called from
>
/usr/local/rbenv/versions/1.9.3-p194/lib/ruby/1.9.1/rubygems/source_index.rb:91.
> -
> # ruby -v
> ruby 1.9.3p194 (2012-04-20 revision 35410) [i686-linux]
> --
> rack (1.4.1, 1.3.5, 1.1.0)
> rack-cache (1.2)
> rack-openid (1.3.1)
> rack-ssl (1.3.2)
> rack-test (0.6.1)
> rails (3.2.6)
> railties (3.2.6)
> raindrops (0.10.0)
> rake (0.9.2.2)
> rdoc (3.12, 3.9.4)
> ruby-openid (2.1.8)
> rubygems-update (1.6.2)
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/puppet-users/-/qzczRWW_O6YJ.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.

Hi

I think you have the same problem stated in this thread:
https://groups.google.com/forum/?fromgroups=#!topic/puppet-users/pXWR--eezsk

Have a look.

Hope it helps

Best regards
--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202 http://www.elsotanillo.net
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00 6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Unresponsive nodes with no pending task in the dashboard

[Juan Sierra Pons]

Hi,

Since this morning all nodes are showing as unresponsive. I have faced a 
similar error before and the problem was fixed restarting the 
dashboard-workers as there were many pending task in the puppet dashboard.

I am using Puppet Enterprise 2.7.1 version.

I have already checked/done:

* Restarted the puppetmaster server
* Check that puppet-dashboard-workers are working
* Time is synced between servers
* Puppet dashboard doesn't shows any pending task
* Reports are being uploaded from puppet clients to the puppetmaster. I can 
see that this is happening in the web server logs and in the 
/var/opt/lib/pe-puppet/reportsdirectory

The funny thing is the last one. The reports are there but, it seems that 
the puppet-dashboard-workers are not updating the database.

Any idea?

Thank for your time

Best regards

--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202 http://www.elsotanillo.net
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00 6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] [solved] Re: Unresponsive nodes with no pending task in the dashboard

[Juan Sierra Pons]

Hi,

Finally the problem was related with auth.conf, puppet.con & 
fileserver.conf files permissions.

A restore fixed the problem.

Best regards

------
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202 http://www.elsotanillo.net
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00 6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] [OT] Puppet Users group in Alicante (Spain)

[Juan Sierra Pons]

Hello

Any Puppet users located in Alicante (Spain) or  interested in forming a
local Puppet users group?

I am in the process of starting my own small business based mostly in
puppet and would love to help build a strong local community.

Best Regards

--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202   http://www.elsotanillo.net
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Re: [OT] Puppet Users group in Alicante (Spain)

[Juan Sierra Pons]

Hi,

Just in case I have created the Alicante Puppet Users Group [1] in
meetup.com.
So if you live nearby or pass your holidays here you are invited to join
me/us :) to share some beers and knowledge

Best regards

[1] http://www.meetup.com/Alicante-Puppet-Users-Group/

--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202   http://www.elsotanillo.net
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--


2013/8/23 Juan Sierra Pons 

> Hello
>
> Any Puppet users located in Alicante (Spain) or  interested in forming a
> local Puppet users group?
>
> I am in the process of starting my own small business based mostly in
> puppet and would love to help build a strong local community.
>
> Best Regards
>
>
> ------
> Juan Sierra Pons j...@elsotanillo.net
> Linux User Registered: #257202   http://www.elsotanillo.net
> GPG key = 0xA110F4FE
> Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
>
> --
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Run service failed

[Juan Sierra Pons]

El 21/09/2013 01:11, "Pan Luo"  escribió:
>
> I'm trying to setup a service that doesn't support any service script.
Using the following:
>
>  service { 'Rserve':
> ensure => 'running',
> start => '/usr/bin/R CMD Rserve --gui-none',
> provider => 'base',
>   }
>
> When I run puppet agent -t -d, it returns the following:
>
> Debug: Service[Rserve](provider=base): Executing 'ps -ef'
> Debug: Executing '/usr/bin/R CMD Rserve --gui-none'
> Error: Could not start Service[Rserve]: Execution of '/usr/bin/R CMD
Rserve --gui-none' returned 2:
> Error: /Service[Rserve]/ensure: change from stopped to running failed:
Could not start Service[Rserve]: Execution of '/usr/bin/R CMD Rserve
--gui-none' returned 2:
>
>
> It seems the command is failed. However, if I run the same exact command
as root, the command execute fine and return 0. I'm wondering why it's
failed when puppet runs? What's the difference between puppet runs and I
run? Thanks.
>
>
> --
> You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
> To post to this group, send email to puppet-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/puppet-users.
> For more options, visit https://groups.google.com/groups/opt_out.

Hi,

it is necessary any env variable defined to run the command?

My 5 cents ;-)

Regards

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] puppet dashboard with \n\n\n

[Juan Sierra Pons]

El 03/10/2013 14:00, "Matt Zagrabelny"  escribió:
>
> Greetings,
>
> I've setup puppet dashboard 1.2.23 along with puppetmaster 2.7.18.
>
> I am seeing many \n strings all over the place when looking at
> reports. Specifically the \n's are in the Metrics, Log, Events links.
>
> My nodes are showing up okay, and it seems just to be a problem with
> the reports. For instance, a Metrics page starts with:
>
> \n
> \n
> Metrics
> \n
> \n
> Events
>
> \n\n\n\n\n\n\n\n\n
>
> Any advice on where to dig? /usr/share/puppet-dashboard/log/* does not
> yield any hints.
>
> Thanks!
>
> -mz
>
> --
> You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
> To post to this group, send email to puppet-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/puppet-users.
> For more options, visit https://groups.google.com/groups/opt_out.
Hi

I had the same problem and the problem was in the ruby version

Which one are you using?

Check the dashboard webpage to find out wich one is the right one.

Regards

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Re: Nagios & Puppet

[Juan Sierra Pons]

El jueves, 27 de junio de 2013 18:07:03 UTC+2, Christian Reiß escribió:
>
> Hello folks,
>
> I am currently using Puppet to forge the nagios configuration files. Using 
> exported ressources it really works well - to a point.
>
> The one thing I am banging my head against is the service definitions. The 
> services use stuff like remote-nrpe-zombie-procs, which of course, is not 
> defined anywhere:
>
> define service {
> ## --PUPPET_NAME-- (called '_naginator_name' in the 
> manifest)check_zombie_procs_gaming
> useremote-nrpe-zombie-procs
> host_name  gaming.alpha-labs.net
> }
>
> So far I am letting puppet generate the three configs:
>
> nagios_host.cfg
> nagios_hostextinfo.cfg
> nagios_service.cfg
>
> Tho for this to work I would need a corresponding commands.cfg and all the 
> Howtos out there do not seem to have my problem. The important snipplet 
> from my config would be this:
>
>
>  Nagios_host <<||>> {
>  require => File[resource-d],
>  notify => Service[icinga],
>  }
>
>  Nagios_service <<||>> {
>  require => File[resource-d],
>  notify => Service[icinga],
>  }
>
>  Nagios_hostextinfo <<||>> {
>  require => File[resource-d],
>  notify => Service[icinga],
>  }
>
>  Nagios_command <<||>> {
>  require => File[resource-d],
>  notify => Service[icinga],
>  }
>
>
> After banging my head for 3 evenings on this I really need your help.
> Thanks for any pointers.
>
> -Chris.
>
> Hello Chris,

I am facing here the same problem. Did you manage to fix/workaround it?

Thank you

Best regards 


--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202   http://www.elsotanillo.net
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Re: Nagios & Puppet

[Juan Sierra Pons]

Hello,

Right now I am using a workaround similar to Steve's approach and it
works pretty well

Just checking what other people is doing

Thank for your replies and time

Best regards

--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202   http://www.elsotanillo.net
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--


2013/10/17 Gabriel Filion :
> On 17/10/13 07:44 AM, Juan Sierra Pons wrote:
>> El jueves, 27 de junio de 2013 18:07:03 UTC+2, Christian Reiß escribió:
>> The one thing I am banging my head against is the service
>> definitions. The services use stuff like remote-nrpe-zombie-procs,
>> which of course, is not defined anywhere:
>>
>> define service {
>> ## --PUPPET_NAME-- (called '_naginator_name' in the
>> manifest)check_zombie_procs_gaming
>> useremote-nrpe-zombie-procs
>> host_name  gaming.alpha-labs.net
>> <http://gaming.alpha-labs.net>
>> }
>>
>> So far I am letting puppet generate the three configs:
>>
>> nagios_host.cfg
>> nagios_hostextinfo.cfg
>> nagios_service.cfg
>>
>> Tho for this to work I would need a corresponding commands.cfg and
>> all the Howtos out there do not seem to have my problem.
>
>> Hello Chris,
>>
>> I am facing here the same problem. Did you manage to fix/workaround it?
>
> This might be of interest to you two:
>
> https://projects.puppetlabs.com/issues/1180
>
> the way I currently work around the inability to export host/service
> templates is by defining a file resource in which I write the templates.
>
> --
> Gabriel Filion
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Automatic Agent installation from dashboard?

[Juan Sierra Pons]

Hi,

AFAIK not from the dashboard but you can launch remote commands to the
servers to install the puppet client and launch puppet agent --test to
ask the puppetmaster for a signed certificate.

Create a file named RemoteCommands.txt with the following content :
(This is for Debian and puppet community, Adapt to your OS flavor and
puppet version)

wget http://apt.puppetlabs.com/puppetlabs-release-wheezy.deb && \
dpkg -i puppetlabs-release-wheezy.deb && rm -f puppetlabs-release-wheezy.deb \
apt-get update && apt-get -y install puppet
update-alternatives --set ruby /usr/bin/ruby1.8
puppet agent --test

Launch this one for each server
ssh root@remoteserver1 /bin/bash < RemoteCommands.txt

For windows I suppose that similar can be done using powershell.

Hope it helps.

Best regards

------
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202   http://www.elsotanillo.net
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--


2013/12/6 Deep :
> Hi,
>
> Is there an option in puppet to automatically install agent in an unmanaged
> node in the network from the dashboard?
>
> eg: I have a network of windows and linux servers which doesn't have the
> puppet agent installed. Is it possible to push the agent from puppet server
> to these unmanaged nodes by specifying hostname/IP address or some other
> parameters?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/68e31847-0cd2-4870-a1f0-53fe9f0d3aee%40googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9um6byB-fzPyTToL_OL9XoRFSPcLWOYg%3D75x%2B%3Dr8JQ5JA%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] puppet dashboard & ssl database connection

[Juan Sierra Pons]

Hi,

I am configuring my puppet-dasbboard to connect to a ssl encrypted
mysql DB server

The mysql server is configured OK as using the mysql client with the
--ssl-ca works ok

mysql -u dashboard -p -h mysql.example.org --ssl-ca=/etc/mysql/ca.pem
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 103

But modifying the /etc/puppet-dashboard/database.yml and adding the
sslca line doesn't work:
host: mysql.example.org
sslca: /etc/mysql/ROOTCA-eltorete.com-cacert.pem

Any idea what am I missing?

Best regards

--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9va61b4W4T15gvfXaKO-4b75TqS8B9v1e9PcRsxf2bqXA%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] [SOLVED] Re: puppet dashboard & ssl database connection

[Juan Sierra Pons]

fixed, it was a ca file permissions issue.

Regards

--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--


2013/12/13 Juan Sierra Pons :
> Hi,
>
> I am configuring my puppet-dasbboard to connect to a ssl encrypted
> mysql DB server
>
> The mysql server is configured OK as using the mysql client with the
> --ssl-ca works ok
>
> mysql -u dashboard -p -h mysql.example.org --ssl-ca=/etc/mysql/ca.pem
> Enter password:
> Welcome to the MySQL monitor.  Commands end with ; or \g.
> Your MySQL connection id is 103
>
> But modifying the /etc/puppet-dashboard/database.yml and adding the
> sslca line doesn't work:
> host: mysql.example.org
> sslca: /etc/mysql/ROOTCA-eltorete.com-cacert.pem
>
> Any idea what am I missing?
>
> Best regards
>
> ----------
> Juan Sierra Pons j...@elsotanillo.net
> Linux User Registered: #257202
> Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
> GPG key = 0xA110F4FE
> Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
> --

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9t%3DaU0ukcSeoffWx2xa8Zeht5DAbB8xF-RcK7O68TSWvg%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Single certificate, multiple nodes... or image-based systems

[Juan Sierra Pons]

2014/1/9 jcbollinger :
>
>
> On Thursday, January 9, 2014 6:40:42 AM UTC-6, pablo.f...@cscs.ch wrote:
>>
>> Thanks for your suggestions,
>>
>> Running masterless is a bit too exotic, since we would like to use all
>> those nice features that make a Puppet installation complete: specially
>> hiera searches and PuppetDB. Modules, too, should be compatible with other
>> clusters, so no big deviations can occur.
>>
>> Enabling auto-sign, as Jose Luis suggested, may be a possibility. I have
>> just checked myself if autosign works if the same node was already
>> registered in the CA... but according to the documentation it does not look
>> like it, not to mention the security issues that come with it.
>>
>> Does the certificate name need to match the fqdn for puppet to allow
>> connections?
>>
>
>
> I'm not certain, but even if not, what you propose is dangerous.  The master
> uses the certificate presented by the agent not just to authorize the agent,
> but also to identify it.  If all your nodes present the same certificate to
> the master, then they all claim to be the same machine, which is a lie.  I
> don't foresee any specific failure scenarios associated with that, but it is
> unwise to mess with the system's underlying assumptions in such a way.
>
>
> John
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/3c8f53f8-09a2-4bd8-8fa8-1986efdafeb3%40googlegroups.com.
>
> For more options, visit https://groups.google.com/groups/opt_out.

Hi

Other Idea could be create the signed certificate on the masterserver
and then copy it to the image using scp, libguestfs-tools, etc.

You can have an idea looking the provisioningDO rakefile:
https://github.com/juasiepo/provisioningDO/blob/master/rakefile

Best regards

--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9sEjpSyUCsNCQgebB0Br2OaFxLEGx%2BjbwqebY6%2Bf1mQ%2BQ%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] managing jboss users from puppet

[Juan Sierra Pons]

Hi,

I am testing the puppet-jboss_as. For the moment all is working ok. :)

But I want to go furtther, my goal is to configure jboss users too, so
instead of creating the jboss users manually I want to do this with
puppet.

I have created a test user using the jboss provided script

Enter the details of the new user to add.
Realm (ManagementRealm) :
Username (test) :
Password : tost
Re-enter Password : tost
About to add user 'test' for realm 'ManagementRealm'
Is this correct yes/no? yes
Added user 'test' to file
'/usr/share/jboss-as/standalone/configuration/mgmt-users.properties'
Added user 'test' to file
'/usr/share/jboss-as/domain/configuration/mgmt-users.properties'

At the properties files the following can be read

# By default the properties realm expects the entries to be in the format: -
# username=HEX( MD5( username ':' realm ':' password))

I am trying to create the user/hast tuple  first on the command line
and then by puppet using the following string

test':'ManagementRealm':'tost

The user is created  (by de jboss script ) looks like this:
test=76209d472372fb96109e4347bf9ed3d5

Anyone have faced this before?
Any idea howto proceed?

Thanks for your time

Best regards

------
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9uiGkBUwO3j1EDe%2BFqH1vnHeiquGW92dXm7eSoSvWRsSw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Debian jessie, puppetlabs dist-upgrade problem

[Juan Sierra Pons]

El 20/04/2014 18:29, "Mike R."  escribió:
>
> Using wheezy or unstable puppetlabs release, dist-upgrade wants to remove
puppet and puppet-common to upgrade libruby. Anyone seen this?
>
>
> root@enigma:~# apt-get dist-upgrade
> Reading package lists... Done
> Building dependency tree
> Reading state information... Done
> Calculating upgrade... Done
> The following packages were automatically installed and are no longer
required:
>   facter hiera libaugeas-ruby1.8 libjson-ruby libruby libshadow-ruby1.8
ruby-rgen virt-what
> Use 'apt-get autoremove' to remove them.
> The following packages will be REMOVED:
>   puppet puppet-common
> The following packages will be upgraded:
>   libruby
> 1 upgraded, 0 newly installed, 2 to remove and 0 not upgraded.
> Need to get 7,296 B of archives.
> After this operation, 5,186 kB disk space will be freed.
> Do you want to continue? [Y/n] n
> Abort.
> root@enigma:~#
>
> --
> You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/ce5a9804-9488-4aa0-9a04-f92bb273d962%40googlegroups.com
.
> For more options, visit https://groups.google.com/d/optout.

Hi,

I had the same problem. I installed older package version using the
alternatives proposed by aptitude.

Hope it helps

Best regards

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9tHHKySmJVpNye5QBhnVuvrN_eiB3unHuDREru_jjFi%2BQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] puppet apply stops with message "Killed"

[Juan Sierra Pons]

2014-04-28 17:50 GMT+02:00 Ádám Sándor :
> Viewing the process tree doesn't show anything new, it doesn't look like
> puppet is forking any new processes. It's just using more and more memory
> and 94% of CPU. This happens even if I run the provisioning after everything
> is set up so it doesn't even have to do much.
>
> Something I left out from my original post is that I'm running in a vserver
> environment. When I tried to replicate that environment locally in my
> vagrant box by disabling swap space and setting memory to 512MB puppet
> didn't have a problem, so this could be vserver related. Does anyone have a
> similar experience?
>
> On Monday, April 28, 2014 4:14:45 PM UTC+2, Ádám Sándor wrote:
>>
>> Thanks for the reply. It seems that the Killed message is coming from the
>> vserver manager (or whatever it's called, I don't know much about the
>> technology), because the process is using too much memory. Which is a
>> problem because it means that puppet is using more memory then the
>> application actually needs. I'll look into it more closely and try the stuff
>> you posted see what that shows.
>>
>> On Friday, April 25, 2014 2:38:18 PM UTC+2, Felix.Frank wrote:
>>>
>>> Hi,
>>>
>>> can you find out wether that is reproducible with Puppet 3.4? If not,
>>> you may just want to hold out for 3.6, wait if it works better.
>>>
>>> For debugging this, I would try two things.
>>>
>>> First, keep an eye on 'ps auxwf' output while puppet is seemingly
>>> frozen, see wether and what is being forked.
>>>
>>> If that doesn't help, you can try with `strace -f`, although there's a
>>> fair chance that it won't yield very conclusive traces.
>>>
>>> HTH,
>>> Felix
>>>
>>> On 04/21/2014 12:01 PM, Ádám Sándor wrote:
>>> > Hi,
>>> >
>>> > I'm having a problem with my puppet script hanging for a while then
>>> > dying with the message "Killed" printed to the console. There is no
>>> > further explanation of what happened but I'm suspecting some event
>>> > propagation might get stuck and puppet may have some mechanism to kill
>>> > the process if it hangs for too long. That's just a guess though, so
>>> > please let me know if anyone has some insight on this problem. Thanks!
>>> >
>>> > I'm running on Debian 7, Puppet 3.5.1.
>>> > Tail of the output of "puppet apply --verbose --debug
>>> > --modulepath=/root/puppet/modules /root/puppet/ks-prod.pp" is:
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/e4ebdcdc-4bc2-46d0-8e79-24370336ba17%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

Hi,

I had a similar problem with another software and the reponsible of
killing the process was the "Out-of-Memory Process Killer"

Probably your server has not enough memory and no swap and when the
puppet process runs the Out-of-Memory Process Killer kills it.

Solutions /workarounds:

Add some swap to the server
Add some memory

Hope it helps

Best regards

--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9vh1wo5cZ08a%3DmtBbw0EQc%3DCqCDOqA5yRF93-C%2BVhsd3Q%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] puppetlabs/java_ks modules and puppet:// uri paths

[Juan Sierra Pons]

Hi,

I am recently using the puppetlabs/java_ks module. The documentation
claims that the module supports puppet:// uri path for certificates:

from https://forge.puppetlabs.com/puppetlabs/java_ks:
"
certificate

An already-signed certificate to place in the keystore. Accepts local
file paths or puppet:// uri paths.
"

I am using the following code:

  java_ks {"$hostname-$certificate":
ensure   => latest,
certificate   => "puppet:///extra_files/certificates/mycert.org.crt",
target => hiera('java::keystore::path'),
password=> hiera('java::certificate::password'),
trustcacerts => true,
  }

But when I run the command, the following error appears:

Info: Applying configuration version 'd4944df'
Notice: /Stage[main]/Puppet::Agent::Config/Ini_setting[environment]/value:
value changed 'working_hashes' to 'keystore'
Error: Execution of 'keytool -importcert -noprompt -alias
myserver-mycert.org.crt.org.crt -file
/etc/puppet/files/certificates/mycert.org.crt -keystore /home/devops/
.keystore -trustcacerts' returned 1: Enter keystore password:
Re-enter new password: keytool error: java.io.FileNotFoundException:
/etc/puppet/files/certifi
cates/mycert.org.crt (No such file or directory)

It is referencing the path on the puppet client instead of using the
puppet:/// uri to download the certificate:
keytool -importcert -noprompt -alias myserver-mycert.org.crt.org.crt
-file /etc/puppet/files/certificates/mycert.org.crt -keystore
/home/devops/

Any Idea what I am doing wrong?

Best regards

--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9smEYZNWrH82J2n3JEyEa-UFkrKtneVT2v_Yzg%3D4FEohw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] puppetlabs/java_ks modules and puppet:// uri paths

[Juan Sierra Pons]

Hi Morgan,

Yes, I have configured [extra_files] and it is working ok with other
module. The isue here is that instead of downloading the file
mycert.org.crt and using it while running the local command it
references it as if the certificate were already on the client and
using the [extra_files] actual path (on the puppetmaster)

This is the command (as seen on debug)
keytool -importcert -noprompt -alias myserver-mycert.org.crt.org.crt
-file /etc/puppet/files/certificates/mycert.org.crt -keystore
/home/devops/

/etc/puppet/files/certificates/mycert.org.crt is the actual path but
on the puppetmaster.

BTW: there is an open bug about this:
https://tickets.puppetlabs.com/browse/MODULES-559

Thanks for your time

Best regards
--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--


2014-05-20 22:55 GMT+02:00 Morgan Haskel :
> Juan,
>
> Are you exporting extra_files as a mountpoint in fileserver.conf?  If not
> and extra_files is in a module then the path should be
> puppet:///modules//extra_files/certificates/mycert.org.crt
>
> The documentation at http://docs.puppetlabs.com/guides/file_serving.html
> might help.
>
> Morgan
>
>
> On Tue, May 20, 2014 at 9:30 AM, Juan Sierra Pons 
> wrote:
>>
>> Hi,
>>
>> I am recently using the puppetlabs/java_ks module. The documentation
>> claims that the module supports puppet:// uri path for certificates:
>>
>> from https://forge.puppetlabs.com/puppetlabs/java_ks:
>> "
>> certificate
>>
>> An already-signed certificate to place in the keystore. Accepts local
>> file paths or puppet:// uri paths.
>> "
>>
>> I am using the following code:
>>
>>   java_ks {"$hostname-$certificate":
>> ensure   => latest,
>> certificate   => "puppet:///extra_files/certificates/mycert.org.crt",
>> target => hiera('java::keystore::path'),
>> password=> hiera('java::certificate::password'),
>> trustcacerts => true,
>>   }
>>
>> But when I run the command, the following error appears:
>>
>> Info: Applying configuration version 'd4944df'
>> Notice: /Stage[main]/Puppet::Agent::Config/Ini_setting[environment]/value:
>> value changed 'working_hashes' to 'keystore'
>> Error: Execution of 'keytool -importcert -noprompt -alias
>> myserver-mycert.org.crt.org.crt -file
>> /etc/puppet/files/certificates/mycert.org.crt -keystore /home/devops/
>> .keystore -trustcacerts' returned 1: Enter keystore password:
>> Re-enter new password: keytool error: java.io.FileNotFoundException:
>> /etc/puppet/files/certifi
>> cates/mycert.org.crt (No such file or directory)
>>
>> It is referencing the path on the puppet client instead of using the
>> puppet:/// uri to download the certificate:
>> keytool -importcert -noprompt -alias myserver-mycert.org.crt.org.crt
>> -file /etc/puppet/files/certificates/mycert.org.crt -keystore
>> /home/devops/
>>
>> Any Idea what I am doing wrong?
>>
>> Best regards
>>
>>
>> --
>> Juan Sierra Pons j...@elsotanillo.net
>> Linux User Registered: #257202
>> Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
>> GPG key = 0xA110F4FE
>> Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
>>
>> --
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to puppet-users+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9smEYZNWrH82J2n3JEyEa-UFkrKtneVT2v_Yzg%3D4FEohw%40mail.gmail.com.
>> For more options, visit https://groups.google.com/d/optout.
>
>
>
>
> --
> Morgan Haskel
> mor...@puppetlabs.com
> Module Engineer
>
> Join us at PuppetConf 2014, September 23-24 in San Francisco -
> http://puppetconf.com
>
> --
> You received this message because you are subscribed

Re: [Puppet Users] Execute a class if a file is not present.

[Juan Sierra Pons]

Hi

Another options is to modify another module that  acomplishes your
final goal. For example this one:
https://github.com/7terminals/puppet-java

This one copy the java source code to the agent, then extract it. It
is already idempotent so new puppet run will not do anything.

With a few modifications it should fit your expectations

Best regards

--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--


2014-06-27 6:13 GMT+02:00 Seby :
> Hi Puppet experts,
>
> I'm trying to install tomcat7*tar.gz on few puppet-agent machines. I've
> defined a class that will create a user/group and copy the source file from
> puppet-master then extracts the tomcat*.tar.gz file to its home directory
> and deletes the source file. This seems to be working. But each time when
> the agent runs(on all agents), it will copy the source file from the master
> and then deletes it wasting the bandwidth.
>
> Is there a way to call the tomcat7 class only if the tomcat directory is not
> present?
>
> Regards,
> SFK.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/fc0ef54b-5cdf-4e29-aa3c-8532948fcb49%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9u_nOa8MSYQds7zuDaX%3DFiL6mChwBfTNJinJ_OQXgZAFQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Execute a class if a file is not present.

[Juan Sierra Pons]

Hi,

It keeps the installation source just in case, so if you delete the
installation directory next time puppet agent runs it is not necessary
to download it again as the already download source is used.

I think is a clever idea if you don't have disk space constraints.
Anyway it shouldn't be difficult to change its behavior.

Best regards

--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--


2014-06-27 14:35 GMT+02:00 Seby :
> Juan,
>
> I don't see the puppet-java removing the installation file after the
> deployment.
>
> Regards,
> Seby.
>
>
> On Friday, June 27, 2014 12:20:52 PM UTC+5:30, Seby wrote:
>>
>> Juan,
>>
>> Let me see if I can adapt it to my need. I'll let you know the result.
>>
>> Thanks,
>> SFK.
>>
>> On Friday, June 27, 2014 12:10:46 PM UTC+5:30, Juan Sierra Pons wrote:
>>>
>>> Hi
>>>
>>> Another options is to modify another module that  acomplishes your
>>> final goal. For example this one:
>>> https://github.com/7terminals/puppet-java
>>>
>>> This one copy the java source code to the agent, then extract it. It
>>> is already idempotent so new puppet run will not do anything.
>>>
>>> With a few modifications it should fit your expectations
>>>
>>> Best regards
>>>
>>>
>>> --
>>> Juan Sierra Pons ju...@elsotanillo.net
>>> Linux User Registered: #257202
>>> Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
>>> GPG key = 0xA110F4FE
>>> Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
>>>
>>> --
>>>
>>>
>>> 2014-06-27 6:13 GMT+02:00 Seby :
>>> > Hi Puppet experts,
>>> >
>>> > I'm trying to install tomcat7*tar.gz on few puppet-agent machines. I've
>>> > defined a class that will create a user/group and copy the source file
>>> > from
>>> > puppet-master then extracts the tomcat*.tar.gz file to its home
>>> > directory
>>> > and deletes the source file. This seems to be working. But each time
>>> > when
>>> > the agent runs(on all agents), it will copy the source file from the
>>> > master
>>> > and then deletes it wasting the bandwidth.
>>> >
>>> > Is there a way to call the tomcat7 class only if the tomcat directory
>>> > is not
>>> > present?
>>> >
>>> > Regards,
>>> > SFK.
>>> >
>>> > --
>>> > You received this message because you are subscribed to the Google
>>> > Groups
>>> > "Puppet Users" group.
>>> > To unsubscribe from this group and stop receiving emails from it, send
>>> > an
>>> > email to puppet-users...@googlegroups.com.
>>> > To view this discussion on the web visit
>>> >
>>> > https://groups.google.com/d/msgid/puppet-users/fc0ef54b-5cdf-4e29-aa3c-8532948fcb49%40googlegroups.com.
>>> > For more options, visit https://groups.google.com/d/optout.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/ca6022c6-ace0-4563-a0f9-1933a552b5b5%40googlegroups.com.
>
> For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9uCCUag1ytqaaEx-7Y9Pcb23GqvyE8d7x-EVKhW8TrjKA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] duplicated resource with an exported resource

[Juan Sierra Pons]

2014-07-12 13:05 GMT+02:00 Jose Luis Ledesma :
> Hi all,
>
> I have found a problem setting up exported resources. The problem is
> that for every hosts I want to define in its /etc/hosts the primary ip, but
> I want to export a secondary ip with the same hostname that will be
> collected just by one server. So I defined:
>
>
>
> @@host { $::hostname :
>
>   ensure  => present,
>
>   ip  => $secondary_ip,
>
> }
>
>
>
> host { $::hostname :
>
>   ensure  => present,
>
>   ip  => $primary_ip
>
> }
>
>
>
>
>
> but when I launch puppet a duplicated resource arises:
>
>
>
> # puppet agent -t
>
> Info: Retrieving plugin
>
> Error: Could not retrieve catalog from remote server: Error 400 on SERVER:
> Duplicate declaration: Host[X] is already declared in file
> /etc/puppet/manifests/init.pp:15; cannot redeclare at
> /etc/puppet/manifests/init.pp:5 on node 
>
> Warning: Not using cache on failed catalog
>
> Error: Could not retrieve catalog; skipping run
>
>
>
> I have just implemented a workaround:
>
>
> @@host { "${::hostname}-secondary" :
>
>   ensure  => present,
>
>   ip  => $secondary_ip,
>
>   host_alises => $::hostname,
>
> }
>
>
>
> but I wanted to know if there is a better solution.
>
>
>
> thanks,
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/bc657bc3-9659-46b4-b713-26d9ebea9f64%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

Hi,

I think there is not better soluction as titles must be unique per
resource type [1]

Your solution seems ok for me

[1]http://docs.puppetlabs.com/puppet/latest/reference/lang_resources.html#title

Best regards
--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9tbe939Dd0OG-3r9Dc-%2B3XHFV9TrwDDt8uKDNizE7JPag%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] duplicated resource with an exported resource

[Juan Sierra Pons]

2014-07-14 12:21 GMT+02:00 José Luis Ledesma :
> Hi,
>
>Shall this be a bug? Teorically a exported resource is not applied in the
> managed node if you don't collect it, so it should not collide with an
> "applied" resource. thoughs?
>
> thanks,

Hi

>From [1] Docs: Language: Exported Resources
"
Uniqueness

Every exported resource must be globally unique across every single
node. If two nodes export resources with the same title or same
name/namevar and you attempt to collect both, the compilation will
fail. (Note: Some pre-1.0 versions of PuppetDB will not fail in this
case. This is a bug.)

To ensure uniqueness, every resource you export should include a
substring unique to the node exporting it into its title and
name/namevar. The most expedient way is to use the hostname or fqdn
facts.
"

Have a look to this other link [2] Collecting duplicate resources in puppet

[1] 
http://docs.puppetlabs.com/puppet/latest/reference/lang_exported.html#uniqueness
[2] 
http://ttboj.wordpress.com/2013/06/04/collecting-duplicate-resources-in-puppet/

Hope it helps

Best regards

------
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9ubFT6A-n0Y-KPsGcb3yn7mGQ3acewJwLaJuPx6fY8w0w%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] HA puppetmaster in AWS

[Juan Sierra Pons]

Hi

What about this approach? [1] Sync Puppet Certs between EC2 regions

It seems very easy to implement: unison + incron +  scripts

Disclaimer: not tested yet. Hope to have a prof of concept next week.

Best regards

[1] http://blog.mague.com/?p=468

--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9u8bdyX%3DULxrOzUVd5SshuKJn6-brJq9pnNP2TtwZKexg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: Could not evaluate: Could not retrieve information from environment production source(s) for one module, for other is ok

[Juan Sierra Pons]

Hi

I think you have missed a r in the $puppetserver variable name
puppet://$puppetserve/modules/ntp/etc/ntp.conf
   ^

Best regards
--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9sn9JCeYb0nkbhT_FmAnvXbYihfY1P%2BS3X8SYfyO%3DdcEA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Change Hostname on Puppet Master

[Juan Sierra Pons]

Hi,

Disclaimer: I haven't tested it yet

>on all clients:
> * wipe out /var/lib/puppet/ssl
> * run puppet agent -t --waitforcert 10
> * on master, sign client certificate

If you have mcollective configured you can use [1] mco-removecert tool
in order to simplify the client part:

#!/bin/sh

sslpath="/var/puppet/ssl"
host=$1

mco service -I $host puppet restart | grep "errors" && exit 1
sleep 30 && mco service -I $host puppet stop

echo "$sslpath/certs/ca.pem"
mco filemgr -q -I $host --file $sslpath/certs/ca.pem remove
echo "$sslpath/certs/$host.pem"
mco filemgr -q -I $host --file $sslpath/certs/$host.pem remove
echo "$sslpath/certificate_requiests/$host.pem"
mco filemgr -q -I $host --file $sslpath/certificate_requests/$host.pem remove
echo "$sslpath/crl.pem"
mco filemgr -q -I $host --file $sslpath/crl.pem remove
echo "$sslpath/private_keys/$host.pem"
mco filemgr -q -I $host --file $sslpath/private_keys/$host.pem remove
echo "$sslpath/public_keys/$host.pem"
mco filemgr -q -I $host --file $sslpath/public_keys/$host.pem remove

mco service -I $host puppet start

It should do the dirty job for you :)

[1] https://gist.github.com/lofidellity/1205953

Best regards
--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9unYLGrDPhLdxPmhL6O0hhY6JQjXEryxnp8aHbGe7H5ug%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Change Hostname on Puppet Master

[Juan Sierra Pons]

2014-08-05 23:23 GMT+02:00 Gabriel Filion :
> On 05/08/14 01:28 PM, Nan Liu wrote:
>> Please don't resign all client certificates. All you need to do is
>> recreate a puppet master certificate with dns alt name accepting both
>> the old and new puppet master hostname. Because passenger and other
>> configuration may already refer to the existing pem file name, it's
>> easier to just add the new hostname to the dns_alt_names accept list
>
> ah, thanks a lot for this. I was sure there was a more clever way to do
> this :)
>
> --
> Gabriel Filion
>

Hi,

I didn't know it either. :)

This drive me to ask a related question: Can the same approach be used
when the certificate expires?

I suppose the answer is yes but I haven't got the opportunity to try it

Thank you

Best regards

------
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9uY4Dwb7Fo7oZnkuVj1o_0R1XJWZ-pLcK%3DJV8bi_G6FTQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Failed to connect to PuppetDB. Check settings (hostname does not match the server certificate) but what settings?

[Juan Sierra Pons]

Hi

If you installed puppetdb using puppetlabs-puppetdb. Usually removing
router.yaml and puppetdb.conf on /etc/puppet folder and running Puppet
again fixes it

Disclaimer: I am not in front of the computer so I am not sure if the
files' names are misspelled. Also make a backup just in case.

Hope it helps

Best regards

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9tAf3jN2%2BWkUpqcHV1nQ7%3DJ%3DQHwZaxHgexuQGUDJ6Rvpw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Install puppetDB on already deployed environment

[Juan Sierra Pons]

Hi

Try removing (make a backup first just in case)
/etc/puppet/routes.yaml and /etc/puppet/puppetdb.conf and try again.

I had a similar problem time ago and starting from scratch fixed it

Best Regards
--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9vc7M0rO%3D-D%3DjQQwTD1V3j5cnhFzXY4cM2tAvGCTg4%3D-A%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Install puppetDB on already deployed environment

[Juan Sierra Pons]

Hi,

I am using puppetlabs-puppetdb module too.
Can you install puppetdb manually using your os package tool (apt/yum)?

Regards

--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9vM_F_%3DWt09BfQZOj_JDLu63g-rPkFfu1dTg4JHpYTcsQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Install puppetDB on already deployed environment

[Juan Sierra Pons]

Hi,

Check again your config as puppetlabs-puppetdb should install the
binary and then configure it.

Best Regards
--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9um2mWrenMbUx%2BF3oj-EwMfuJxrzAyc3siZi3MN3RgJUw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] puppet dashboard not processing reports after https is enabled and shows this error message: Report processor failed: undefined method `+' for nil:NilClass

[Juan Sierra Pons]

Hi

I have been using puppet-dashboard for a long time over http without problem
Today I have configured the https creating the ssl certificate, etc.

puppetmaster, dashboard and workers have been restarted

Also I have already changed the reporturl to https on the puppet.conf
reporturl = https//dashboard.example.org:443/reports/upload

The dashboard works as expected BUT the reports are not being processed.

On the puppetmaster logs the following can be seen:
"
Aug 19 18:20:38 server3 puppet-agent[11671]: Stored state in 0.09 seconds
Aug 19 18:20:38 server3 puppet-agent[11671]: Finished catalog run in
8.66 seconds
Aug 19 18:20:40 server3 puppet-master[10313]: Report processor failed:
undefined method `+' for nil:NilClass
"
 And on the apache+passenger+puppetmaster logs the following appears:
"
server3.example.org:8140 X.X.X.X - - [19/Aug/2014:18:20:37 +0200] "GET
/production/file_metadata/modules/puppetdb/routes.yaml?links=manage&source_permissions=use
HTTP/1.1" 200 6181 "-" "-"
server3.example.org:8140 X.X.X.X - - [19/Aug/2014:18:20:39 +0200] "PUT
/production/report/server3.example.org HTTP/1.1" 200 5865 "-" "-"
"

So as far as i know the report is been pushed to the puppetmaster but
the dashboard is not able to process it

puppetmaster and puppet-dashboard are the same server with aliases:
server3.example.org
puppet -> server3.example.org
dashboard-> server3.example.org

Any idea what am I missing?

Thanks for your time

Best regards

------
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9sGgtDLKcmakHYPVpUm018%2BGkG4LdEyFbVxAra-0c%2BWcw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: puppet dashboard not processing reports after https is enabled and shows this error message: Report processor failed: undefined method `+' for nil:NilClass

[Juan Sierra Pons]

2014-08-19 18:40 GMT+02:00 Juan Sierra Pons :
> Hi
>
> I have been using puppet-dashboard for a long time over http without problem
> Today I have configured the https creating the ssl certificate, etc.
>
> puppetmaster, dashboard and workers have been restarted
>
> Also I have already changed the reporturl to https on the puppet.conf
> reporturl = https//dashboard.example.org:443/reports/upload
>
> The dashboard works as expected BUT the reports are not being processed.
>
> On the puppetmaster logs the following can be seen:
> "
> Aug 19 18:20:38 server3 puppet-agent[11671]: Stored state in 0.09 seconds
> Aug 19 18:20:38 server3 puppet-agent[11671]: Finished catalog run in
> 8.66 seconds
> Aug 19 18:20:40 server3 puppet-master[10313]: Report processor failed:
> undefined method `+' for nil:NilClass
> "
>  And on the apache+passenger+puppetmaster logs the following appears:
> "
> server3.example.org:8140 X.X.X.X - - [19/Aug/2014:18:20:37 +0200] "GET
> /production/file_metadata/modules/puppetdb/routes.yaml?links=manage&source_permissions=use
> HTTP/1.1" 200 6181 "-" "-"
> server3.example.org:8140 X.X.X.X - - [19/Aug/2014:18:20:39 +0200] "PUT
> /production/report/server3.example.org HTTP/1.1" 200 5865 "-" "-"
> "
>
> So as far as i know the report is been pushed to the puppetmaster but
> the dashboard is not able to process it
>
> puppetmaster and puppet-dashboard are the same server with aliases:
> server3.example.org
> puppet -> server3.example.org
> dashboard-> server3.example.org
>
> Any idea what am I missing?
>
> Thanks for your time
>
> Best regards
>
> --
> Juan Sierra Pons j...@elsotanillo.net
> Linux User Registered: #257202
> Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
> GPG key = 0xA110F4FE
> Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
> ----------

Hi

I have also checked that the yaml reports are being created on the
filesystem without any problem

Best regards

--
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9v0EZjFM3OuM-2WrfCMVqWdqGxR2o0NXj_Qes-9wSjjuw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: puppet dashboard not processing reports after https is enabled and shows this error message: Report processor failed: undefined method `+' for nil:NilClass

[Juan Sierra Pons]

Hi

Finally I've found the bug... between the keyboard and the seat :)
 A missing ":" between https and //
reporturl = https://dashboard.example.org:443/reports/upload

Regards
------
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9uyp4Vy_jSc2aoiREdK-LgjfWLPK%2B8vr%2BkgRn5FWmGFUw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] How can we satisfy goals of having all data in hiera and not modifying the module code?

[Juan Sierra Pons]

Hi,

You can create another abstration level and put all your specific
logic inside. Have a look to the roles & profiles literature on the
Internet.

For example create a apache profile (eg: webserver.pp) with the following:

include apache
create_resources(apache::my_vhosts,hiera_hash('apache::my_vhosts'))

This way you accomplishes the two requirements: do not touch the
module and put all your data on hiera :)

Best regards
------
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9uC-AGkfQ%2B%3DW_Paf508Y4QGpEKNQ_fLy0tsbY2p2SmVzw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] erb tempate issue

[Juan Sierra Pons]

Hi

I am creating a module to populate a file. The result should be like this:

uri ldap://10.10.10.1 ldap://10.10.10.2 ldap://10.10.10.3

To achieve this I am using an array with the IPs declared on the
ldap_servers array and the following erb template:

uri <% if !@ldap_servers.empty? -%>
ldap://<%= @ldap_servers %>
<% end -%>

The ouput I get is like this:

uri ldap://10.10.10.1ldap://10.10.10.2lado://10.10.10.3

Without the space between the ips.

I have also tried this (with no success):

uri <% if !@ldap_servers.empty? -%>
ldap://<%= @ldap_servers %> <%= %>
<% end -%>

I think this is an easy one but after several tries I have decided to ask here.

Thank you for your time

Best regards

------
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9uyA_pwZdbgxa0m2x4K0uVWybR_YWpy6_1ACe1oQf7n1g%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] erb tempate issue

[Juan Sierra Pons]

>
> Just add a space in front of ldap://<%= 
>


Hi

I have tried this before but I get and extra espace between uri and ldap

uri  ldap://http://10.10.10.1http://10.10.10.2http://10.10.10.2

Thank you for your time
------
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9u3-ik206G1qa0ZZM8wPKGvTUfar4DsmQGXGz4zphQYvw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] erb tempate issue

[Juan Sierra Pons]

Hi

Finally I have changed to another kind on loop that works for my case

uri<% @ldap_servers.each do |server| -%>
 ldap://<%= server -%>
<% end %>

Thank you for your time

Best regards

------
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9svBfBfX7si%2BydWV7Cc5ME9LR%3DLfM86egwmaMpo2qGB%2Bg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] [Error after after upgrading to 3.7] Evaluation Error: Illegal Resource Type expression, expected result to be a type name, or untitled Resource, got Type[Class]

[Juan Sierra Pons]

Hi,

I am using a mix of the following two blog post:

[1] A modern Puppet Master from scratch

[2] Puppet Infrastructure

After upgrading to 3.7 I am getting the following error message

Error: Could not retrieve catalog from remote server: Error 400 on
SERVER: Evaluation Error: Illegal Resource Type expression, expected
result to be a type name, or untitled Resource, got Type[Class] at
/etc/puppet/environments/production/site/profiles/manifests/base.pp:5:3
on node server3.example.com
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run

With 3.6 it worked like a charm.

The base.pp is like this:

class profiles::base {
   anchor { 'profiles::base': }
  Class { require => Anchor['profiles::base'] }
  users { users: }
}

Is anyone getting the similar errors?

Thanks for your time

Best regards

[1] http://stdout.no/a-modern-puppet-master-from-scratch/

[2] http://terrarum.net/blog/puppet-infrastructure.html

------
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9uMF7Y3XuAxcTGeb_XymquBwd2C4bu6kgGJ%2BT1Js2NX6g%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] [Error after after upgrading to 3.7] Evaluation Error: Illegal Resource Type expression, expected result to be a type name, or untitled Resource, got Type[Class]

[Juan Sierra Pons]

Hi guys,

>From your comments I see that there are 2 issues here the parser and
the anchor. For clarity shake I have deleted the anchor resources and
Class defaults as I don't fully understand the purpose of if they have
meaning on my environment, even after reading the link you provided.
After this all the manifest seem to behave as before.

My puppet.conf working configuration with 3.6 was like this:

[...]
parser   = future
evaluator   = current
[...]

I needed the parser and the evaluator set like this to get some piece
of code from the [1] terrarum blog to work:

$trusted_networks = hiera_array('trusted_networks')
$trusted_networks.each |$network| {
  firewall { "003 allow all traffic from ${network}":
proto  => 'all',
source => $network,
action => 'accept',
  }
}

On the other side I have comment out the parser and evaluator lines
because they are giving  problems with other modules too:

Error: Could not retrieve catalog from remote server: Error 400 on
SERVER: This Type-Name is not productive. A non productive construct
may only be placed last in a block/sequence at
/etc/puppet/environments/production/modules/postgresql/manifests/server/database.pp:73:3
on node server.example.com

So as far as I know my systems is as it was with 3.6 but the
trusted_networks are not being applied as they need the parser =
future.

Thank your for your time

Best regards

[1] http://terrarum.net/blog/puppet-infrastructure.html
------
Juan Sierra Pons j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--


2014-09-15 17:32 GMT+02:00 jcbollinger :
>
>
> On Monday, September 15, 2014 9:23:08 AM UTC-5, Henrik Lindberg wrote:
>>
>> On 2014-12-09 14:57, Juan Sierra Pons wrote:
>> > Hi,
>> >
>> > I am using a mix of the following two blog post:
>> >
>> > [1] A modern Puppet Master from scratch
>> >
>> > [2] Puppet Infrastructure
>> >
>> > After upgrading to 3.7 I am getting the following error message
>> >
>> > Error: Could not retrieve catalog from remote server: Error 400 on
>> > SERVER: Evaluation Error: Illegal Resource Type expression, expected
>> > result to be a type name, or untitled Resource, got Type[Class] at
>> > /etc/puppet/environments/production/site/profiles/manifests/base.pp:5:3
>> > on node server3.example.com
>> > Warning: Not using cache on failed catalog
>> > Error: Could not retrieve catalog; skipping run
>> >
>> > With 3.6 it worked like a charm.
>> >
>
>
>
> In the sense that catalogs were compiled without error, perhaps.  The
> example does not perform proper containment, however: to do containment with
> Anchor resources you need two per containing class, one to serve as a lower
> bound and another to serve as an upper bound (see Henrik's link).  The
> example code and the terrarun tutorial on which it is based miss the latter,
> leaving no containment whatever.  You could just delete the anchor resources
> and Class defaults without meaningfully changing the semantics of the
> manifests.
>
> Furthermore, using resource defaults for this purpose is tricky and prone to
> failure because the default is ignored for any class that is declared with
> its own specific require parameter.
>
>
>>
>>  From the error message, I think you are using the future parser.
>> Did you use the future parser on 3.6 as well?
>>
>> > The base.pp is like this:
>> >
>> > class profiles::base {
>> > anchor { 'profiles::base': }
>> >Class { require => Anchor['profiles::base'] }
>> >users { users: }
>> > }
>> >
>>
>> It looks like your intention is to set the default for every class in
>> the entire system to have a require of Anchor['profiles::base']. Is that
>> true, or are you trying to achieve something else?
>>
>
>
> Remember that resource defaults are dynamically scoped.  The code is trying
> to make every class declared by the given profile class have have the Anchor
> as a require.  The model on which it is based proposes that several of these
> classes might be declared, all chained together.  I think the idea is that
> they could thereby get away with only one anchor apiece, but that doesn't
> work.  For example, Puppet could choose to ap