[Puppet Users] Re: Official puppetlabs position on cron vs puppet as a service?
Mostly stlll run as cron. Though for some instances we run as a daemon. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/itTFPtfZLocJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Puppet Class execution order
Thanks Ken, Let me look further into the classes and see what's exactly happening. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/E0R0CzeeXwoJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Puppet Class execution order
For the life of me I'm not sure why this isn't working properly but Puppet
appears to execute classes in the order it feels like, not how I'm
specifying it within the language.
I've tried the newer sytax
Class['one'] - Class['two']
Yet, I see Class two get executed first.
I've also tried doing it by defining the class itself.
class { 'one': require = Class['two'] }
I've even gone down to the specific function within the class to see if this
helps ie:
class {'one': require = Exec['withinclasstwo'] }
And the same issue.. what gives?
I haven't looked at the resource graph yet but the amount of modules we use
it's almost readable.
How can I force one class to get executed first before the other? Why in my
case is it not working?
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/JHv2naxKQ2YJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] require vs include?
On a related note to my last post, what is the difference between a require and an include of a class? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/9c4luY2KlDEJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Puppet Class execution order
Sorry the typo:
My examples should read:
class { 'two': require = Class['one'] }
class {'two: require = Exec['withinclassone'] }
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/HIBnBYkxst4J.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] How do you handle deleted nodes with exported resources in this situation?
I have an issue where for a file type of an exported resource I must define as such: force= false, replace = false, Meaning the file is created, but do not replace after it's added. I do this because of the app modifies the config file after (I know bad idea on their part). How can I ensure this file is removed when I remove the node from the storeconfig database? In general, is there a way to trigger a event puppet when a instance is removed? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/NmI1RmUwTXY5YndK. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Single and Double Quotes
Bruce is correct. If you don't need double quotes, don't use them. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/TVNhOGVjTE9wSEFK. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] parameterised classes via LDAP how?
In 2.6 Puppet added parameterised classes, my question is it possible to call them via LDAP? If so how? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/Z3dWYmJhOXFSQVVK. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] finished, yet execution expired
Actually upon further investigation it turned out to be an odd iptables firewall rule, unrelated to puppet. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] finished, yet execution expired
In my case is also happening with 2.6.8. making async_storeconfigs=false Seemed to resolve the issue. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Concat Module posted to Onyx Point Github.
Hi Trevor Thanks for the module. I've been testing out the concat module, thanks, but the only issue I see is files keep getting 'executed successfully' each round. Is there any way to not have it do this? I haven't really looked that your ruby logic yet. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Security of Puppet ACLs..
It's from hostid command. How exactly is it generated I really don't know their info page is a bit vague. -- For example, here's what it prints on one system I use: $ hostid 1bac013d On that system, the 32-bit quantity happens to be closely related to the system's Internet address, but that isn't always the case. An exit status of zero indicates success, and a nonzero value indicates failure. - You could always generate your own md5 number from your own specifications for a custom facter variable. It won't be easy for you to reference the files though. Security via obscurity isn't the best way, but it's better than what's place now. Puppet assumes all hosts are 'friendly' -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Fwd: New York City Puppet presentation Wednesday Nov 18th.
This presentation is perfect for anyone who is just starting out with Puppet or interested in what it can do for you. I assume I'm already talking to users of Puppet so it's easy tell your friends why they should go to this meeting. It's not a sale pitch presentation and if they are in the NYC area tell them about this event. Thanks.. -L On Nov 14, 8:22 pm, Brian Gupta brian.gu...@brandorr.com wrote: -- Forwarded message -- From: bgupta brian.gu...@brandorr.com Date: Sat, Nov 14, 2009 at 8:05 PM Subject: Puppet presentation Wednesday Nov 18th. To: puppet-nyc puppet-...@googlegroups.com Please register here:http://rsvp.nylug.org/ We should be getting together after the preso, if folks want to exchange notes. (Likely at the TGI Fridays near the IBM Building where the NYLUG meeting will be held). Announcement:http://www.nylug.org/home/index.shtml Larry Ludwig - on - Puppet: What it is and how can it make system administration less painful ** Please note important information about: this meeting ** Please join us on Wednesday, November 18th, 2009 for a discussion of Reductive Labs' Centralized configuration management framework, Puppet. Puppet is a model-driven open source framework designed to efficiently manage data center infrastructure. It's the sysadmin's best friend, reducing error counts and downtime, saving countless hours and providing significantly higher service quality. Puppet lets sysadmins spend less time on mundane tasks and instead focus on managing their infrastructure as a whole. System administrators have long written custom scripts and tools to help automate common tasks such as configuration management and system updates. But as networks scale and reach outside the corporate firewall, custom tools become yet another management headache. The benefits of automated infrastructure go beyond policy-enforced consistency and auditing. In conjunction with virtualizaton, the ability to reliably create new systems running consistent services creates auto-scaling applications as well as test systems identical to production environments. Puppet abstracts the system from the system administration, providing developers and system administrators with a simple service- based policy framework that allows for more consistent, transparent and flexible systems. Puppet is currently in use at many organizations, large and small, including: Google, Yahoo, and RedHat. More Information: * Puppet * Reductive Labs * Puppet Wiki * Puppet users discussion * Puppet developers discussion * Puppet NYC User Group About Larry Ludwig: Larry Ludwig is a Solutions Architect at Brandorr Group LLC. Larry has been in the industry for over 15 years as a system administrator, DBA and system programmer. He`s had previous experience working for Fortune 500 corporations and holds a BS in CS from Clemson University. Larry has written over 120 puppet modules. Larry, along with Eric E. Moore and Brian Gupta are founding members of the NYC Puppet Usergroup. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Any ideas about this error with upgrading to 0.25.1?
Hi, Could it be that one of your environment doesn't have network-config? Yes they do not. The 'development' env has newer code. Could it be that in 0.25 the client is in this environment instead of being in the one you think it is in? Checked LDAP config and it is in fact in the correct environment. Again the node works with 0.24.8. BTW, how do you tell the client to be in a particular environment? There is currently a bug report about this (ie environment can only be set on the client and not in external_nodes anymore). via LDAP. then it still works with 0.24.8 nodes on a 0.25.1 client. -L --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Any ideas about this error with upgrading to 0.25.1?
BTW, how do you tell the client to be in a particular environment? There is currently a bug report about this (ie environment can only be set on the client and not in external_nodes anymore). Which ticket # is it? Is it this one? http://projects.reductivelabs.com/issues/2748 having the client set the environment you then will run into the chicken and egg syndrome. ie the first time puppet on the node runs it's assumes 'production' then you set the puppet.conf via some method and then next round runs in the proper environment. So also flipping between env will also have the same issue and be one run behind. Without question it makes sense to have the puppetmaster determine this, not the client. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Any ideas about this error with upgrading to 0.25.1?
Ugh, now I'm getting another error with Puppet. The above node now works, but deploying it on another node I get this error: Could not retrieve catalog from remote server: Could not intern from pson: Could not convert from pson: Could not find relationship target '' I have set the environment variable in the puppet.conf So I assume this is a completely different error. -L -- Larry Ludwig Empowering Media 1-866-792-0489 x600 Managed and Unmanaged Xen VPSes http://www.hostcube.com/ --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Any ideas about this error with upgrading to 0.25.1?
Nope not it. Correct info: Nov 10 22:22:38 archive puppetmasterd[19932]: Not authorized to call find on /file_metadata/network-config/hosts/nsswitch.devcentos5.conf request.node: devcentos5.empoweringmedia.net request.ip: 192.168.10.41 I modified indirection.rb to spew out this output. Keep in mind this node works as a 0.24.8 node and does not once I upgrade to 0.25.1 -L -- Larry Ludwig Empowering Media 1-866-792-0489 x600 Managed and Unmanaged Xen VPSes http://www.hostcube.com --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Any ideas about this error with upgrading to 0.25.1?
Could it be related the files folder I have has sub directories?? drwxr-xr-x 5 puppet puppet 4096 Apr 21 2009 . drwxr-x--- 4 puppet puppet 4096 Apr 7 2009 .. lrwxrwxrwx 1 root root 6 Apr 7 2009 CentOS - RedHat drwxr-x--- 2 puppet puppet 4096 Apr 7 2009 Debian drwxr-x--- 2 puppet puppet 4096 Jun 1 10:13 RedHat lrwxrwxrwx 1 root root 6 Apr 7 2009 Ubuntu - Debian -rw-r--r-- 1 puppet puppet 269 Apr 7 2009 host.conf drwxr-x--- 2 puppet puppet 4096 Apr 21 2009 hosts -rw-r--r-- 1 puppet puppet 148 Apr 7 2009 hosts.conf -rw-r--r-- 1 puppet puppet 216 Apr 21 2009 resolv.1.conf -rw-r--r-- 1 puppet puppet 216 Apr 21 2009 resolv.2.conf -rw-r--r-- 1 puppet puppet 216 Apr 21 2009 resolv.conf --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Any ideas about this error with upgrading to 0.25.1?
2.2.2 here is the list of: *** LOCAL GEMS *** actionmailer (2.0.2) actionpack (2.0.2) actionwebservice (1.2.6) activerecord (2.0.2) activeresource (2.0.2) activesupport (2.0.2) capistrano (2.5.3) cgi_multipart_eof_fix (2.5.0) daemons (1.0.10) echoe (3.0.2) fastthread (1.0.1) gem2rpm (0.5.3) gem_plugin (0.2.3) haml (2.2.2) highline (1.5.0) hobofields (0.7.5) hobosupport (0.8.5) hoe (1.7.0, 1.5.3) hpricot (0.8.1) mislav-will_paginate (2.2.3) mongrel (1.1.5) mysql (2.7) net-scp (1.0.1) net-sftp (2.0.1) net-ssh (2.0.8) net-ssh-gateway (1.0.0) passenger (2.2.2) rails (2.0.2) rake (0.8.3) rip (0.0.5) rubyforge (1.0.0) RubyRRDtool (0.6.0) sqlite3-ruby (1.2.5) sys-proctable (0.7.6) On Nov 6, 11:10 pm, James Turnbull ja...@lovedthanlost.net wrote: Larry I have a similar configuration to you and run 0.25.1 and don't see this issue. What passenger version? Regards James Turnbullhttp://www.james-turnbull.net On 07/11/2009, at 12:05 PM, Larry Ludwig larry...@gmail.com wrote: On Nov 5, 7:07 am, Larry Ludwig larry...@gmail.com wrote: The error the OP posted comes from the file serving layer, so it's more a fileserver.conf issue. Ok here's my fileserver.conf. [plugins] allow 127.0.0.1/32 allow 192.168.10.0/24 allow 192.168.11.0/24 [modules] allow 127.0.0.1/32 allow 192.168.10.0/24 allow 192.168.11.0/24 Puppet traffic occurs over a private network. This config works with 0.24.8 clients, so why wouldn't it work with 0.25? No one has a solution to my issue? The online docs and ticket system mention nothing about this issue. Then unfortunately I'll have to roll back to 0.24.8 since then it appears 0.25 isn't ready for prime time yet. -- Larry Ludwig Empowering Media 1-866-792-0489 x600 Managed and Unmanaged Xen VPSes http://www.hostcube.com/ --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: What happens if puppet fails half way into processing a catalog?
I think you are alluding to transactions. This feature does not exist currently in Puppet. -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: passenger-status gives error but passenger is working fine
Hmm I would double check your config files and maybe uninstall passenger and try again. -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: What happens if puppet fails half way into processing a catalog?
I think you are alluding to transactions. This feature does not exist currently in Puppet. -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Puppetd downloading sourced file on *every* run
Hmm can you send stats of the how big the file and how long compared from 0.24.8? I know we focused a lot of memory usage on the puppetmaster, and the amount of calls to the puppetmaster, but I don't know if we performed any performance testing. -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Puppet 0.25.0 release - EPEL?
On Sep 8, 2009, at 7:37 PM, Todd Zullinger wrote: Marziani, Michael wrote: Any idea how quickly we'll see this in EPEL? In addition to the link Larry posted for unofficial Fedora/EPEL packages¹, I'd say we probably shouldn't rush this into the EPEL repos. It's a large change and it's probably wise to let it see a bit more testing before we push it to the official repos where folks who don't always expect surprises would find it in an update. That said, getting it into epel-testing before too long seems reasonable. And, of course, this is just my opinion. I've been known to be wrong on occasion. ;) Sorry yes I should have stated this. These are RPMs but NOT the official EPEL version.. -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: upgrading from 0.24 to 0.25 from tar.gz
On Sep 8, 2009, at 9:13 AM, Matt wrote: Has anyone done an upgrade script to upgrade from 0.24 to 0.25? I usually just run ruby install.rb to install from the tar ball, but notice that quite a bit has changed with the 0.25 release and know that much of the 0.24 stuff will still be hanging around. Thanks, Matt Hi Matt, make sure you delete the old items in /usr/bin. They have been moved to /usr/sbin (ie puppetd) To be safe delete the entire puppet ruby library folder. -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Virtual recipe signals hardware nodes as 'openvz'
On Sep 8, 2009, at 6:34 AM, Julien Cornuwel wrote: Hi, Not sure this is the right place to report this. On an OpenVZ HardwareNode, the 'virtual' parameter given by facter says 'openvz'. This is because the /proc/user_beancounters file also exists on the hardware node. This has some bad side-effects as a hardware node should, for example, have a NTP configuration, where a container should not. Regards, If it's a bug open up a ticket here: http://projects.reductivelabs.com/ Regards... -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Puppet 0.25 migration
hmm passenger 2.2.5 is released? hmm I'll have to test it out. -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Puppet 0.25.0 release - EPEL?
http://tmz.fedorapeople.org/repo/puppet/ -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: the same puppetmaster in different subnets/vlan
Hi, The only way to do this is separate puppetmasters. SSL CA - puppetmaster is a one to one relationship. Just curious why do you want separate certs? -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Security with mongrel
On Sep 4, 2009, at 9:56 AM, Štefan Sakalík wrote:
Larry Ludwig wrote:
On Sep 3, 2009, at 6:46 AM, Štefan Sakalík wrote:
I'm using mongrel and these lines in apache config concern me (from
wiki/UsingMongrel):
SSLVerifyClient optional
RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e
So apache gives access to everyone. Does the puppetmaster
additionally
verify client's identity? It's not obvious from the source code.
Hi,
This is so unsigned clients can connect and send their initial info.
(allowing the puppetmaster to sign them)
I see now. I wanted to make sure that client without signed
certificate
can't get access to fileserver. So I assume this is the case.
Correct.
-L
--
Larry Ludwig
Reductive Labs
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---
[Puppet Users] Re: some of the passenger processes not reloading manifests
What version? Sounds like a bug to me to submit. -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Storing puppet info in a database
On Sep 1, 2009, at 3:28 PM, Disconnect wrote: We use iclassify - it works as an external node tool (feeds tags, facts etc to puppetmaster) and clients feed it with automated info (facts) and manual tags/info/descriptions/etc.. Keep in mind while iclassify works, the original developers are no longer working on the product. -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: L.A. Puppet Master Needed for Configuration Management Roundtable at the UNIX Users Association of Southern California
On Aug 28, 2009, at 2:04 AM, Jordan Schwartz wrote: Pardon the semi-spam, but I am hosting a Configuration Management Rountable presentation at the UNIX User Association of Southern California in Los Angeles on the evening of Thurs. Oct. 1st, and we need someone who can speak to puppet. We have speakers for cfengine and chef, and need someone with puppet production deployment experience to represent puppet. If you are interested, contact me at my jordanunix gmail account. There is more info about UUASC at http://uuasc.org . Thanks, Jordan Hi Jordan, I passed the info to the rest of the Reductive Labs team. Unfortunately Puppet Camp is being held that same day: http://reductivelabs.com/2009/10/01/puppet-camp/ -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Redmine not mailing puppet-bugs?
I noticed it also... I thought I made a changed to my config and not remembering it. Go back into your config and make sure emailing is re-enabled. I'm not sure if something was changed globally in our redmine config. James any idea? -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: 0.25.0rc1, modules, and custom types
This appears to be a known bug with 0.25. http://projects.reductivelabs.com/issues/2574 -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Could not call puppetmaster.getconfig: #RuntimeError: HTTP-Error: 500 Internal Server Error
Hi, In order to help we need more context to your setup, are you using webrick or Passenger? what happens if you access the puppetmaster via your web browser? -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Bacula Puppet Type
Hi Shawn, I would like to see that type. -L On Aug 25, 2009, at 11:08 AM, S H wrote: I'm putting the finishing touches on a set of native Bacula types for Puppet and was wondering if anybody out there would be interested in giving it a test run. It seems to be running more or less correctly in my configuration, though I still have a few bugs to clean up. Most likely it'll be ready for wider testing in another week or so. Just drop me an email if you'd like to try the plugin once it's finished. -Shawn --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Notify someone on failure
On Aug 25, 2009, at 9:06 PM, Robin Sheat wrote: Op woensdag 26 augustus 2009 12:52:13 schreef chakkerz: I have puppet managing a fair few hosts but because we are still testing (and later for peace of mind) we'd like to hear from hosts that are failing their puppet run. I did this to make it work with Nagios: http://www.kallisti.net.nz/blog/2009/02/monitoring-puppet-with-nagios/ IMHO the nagios method of checking the state.yaml file is the best option to ensure puppet itself is working correctly. To make sure your manifests are applied is a different issue. -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Notify someone on failure
On Aug 25, 2009, at 11:44 PM, chakkerz wrote: Yeah, the timestamp is useful but only shows a complete failure, that is one in which the host didn't make contact (i could be wrong). Communication failure AND a manifest that cannot compile on the puppetmaster will cause the yaml file to get stale. -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: 0.25.0rc1, modules, and custom types
I am also seeing this same issue with a migration config I am testing so the upgrade to 0.25 is a smooth one. -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: facter problems on el5 x86_64
Hi Arnau, I have not seen that error before and have many EL5 installs. -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: passenger vs mongrel performance
Hi All, An update on this thread.. Based upon some real world testing, I've updated the Passenger wiki to give some performance and with memory consumption (one of the main reasons for switching to Passenger right?): http://reductivelabs.com/trac/puppet/wiki/UsingPassenger Let me know if you have any comments, suggestions. -- Suggested Tweaks Based upon my (Larry Ludwig) testing of passenger/puppetmasterd I recommend adjusting these options in your apache configuration. PassengerPoolIdleTime - Set to 5 min or less. The shorting this option allows for puppetmasterd to get refreshed at some interval. This option is also somewhat dependent upon the amount of puppetd nodes connecting and at what interval. PassengerMaxPoolSize - to 15% more instances than what's needed. This will allow idle puppetmasterd to get recycled. The net effect is less memory will be used, not more. PassengerUseGlobalQueue on - Since communication with the puppetmaster from puppetd is a long process (more than 20 seconds in most cases) and will allow for processes to get recycled better PassengerHighPerformance on - The features Passenger offers with this feature disabled are not needed with Puppet. No different than with traditional web servers, once your service starts using swap performance degradation will occur. So be mindful of your memory/swap usage on your Puppetmaster. To monitor the age of your puppetmasterd processes within Passenger, run passenger-status the output you should be concerned with is: ... --- Domains --- /etc/puppet/puppetmasterd: PID: 7355Sessions: 0Processed: 5747Uptime: 1h 3m 30s PID: 9950Sessions: 0Processed: 2941Uptime: 27m 27s PID: 7117Sessions: 0Processed: 7208Uptime: 1h 8m 33s PID: 7575Sessions: 0Processed: 6307Uptime: 57m 19s PID: 9653Sessions: 0Processed: 2525Uptime: 37m 31s My personal preference is I like Passenger recycling puppetmasterd every few hours to ensure memory/garbage collection from Ruby is not a factor. -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Conditional host file entries, Puppet's non-sequential tree
On Aug 22, 2009, at 6:04 AM, Duncan Hill wrote:
2009/8/21 Duncan Hill bajand...@googlemail.com:
2009/8/20 Larry Ludwig la...@reductivelabs.com:
On Aug 19, 2009, at 11:03 AM, Duncan Hill wrote:
why not define the variables per 'node'? Why use inheritance at
all?
Personally I'm not a fan of node inheritance and like putting all of
the classes in another class which then is in included in each node.
node foo {
$ip1 = 1.1.1.1
$ip2 = 2.2.2.2
include host_definitions
}
class host_definitions {
host {
'fred': { ip = $ip1, alias = [ a, b, c ] }
}
}
and more often than not I get an error that $ip1 isn't defined, and
puppet falls over in a heap.
Well, now it works. So I'll spend the weekend refactoring my setup to
behave in this manner, and hopefully lots of problems will go away.
Thanks Larry.
No problem. You will find this methodology works well with external
nodes.
-L
--
Larry Ludwig
Reductive Labs
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---
[Puppet Users] Re: Puppet server recommendations
On Aug 19, 2009, at 10:06 AM, cnjohnson wrote: I have deployed puppet on our test cluster -- 20 identically configured x86_64 and ppc64 compute nodes and their gateways. I now want to move to our production cluster with (say) 800 compute nodes and their gateways. My question is about the puppet server box itself. I am using apache+ssl with passenger and ruby 1.8.6. It was easy to install and set up apache with passenger and to get puppet running maintaining various files and services across the test cluster. The puppet server is a dual-cpu x86 box with 1GB ram. It handles the test cluster without troubles. Any thoughts about what sort of puppet-box I need to manage a cluster of 800 boxes? Hi Charles, It depends upon a number of factors, mostly your Puppet manifests, if you are using storeconfig and how much file handling you are doing. If you are using store config, you may want to think about moving the mysql (or posgresql) onto another server and/or additional CPUs. If the puppetmaster is x86_64 based, I would recommend 4+ GB based upon your node count and they way ruby scales on x86_64 arch. You should at minimum be on 0.24.8 and ideally 0.25 once it's released. Hope this helps.. -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: migating from 0.24.8 to 0.25.0rc1
On Aug 19, 2009, at 3:42 PM, Gustavo Soares wrote: Hi all! I have migrated some machines from puppet 0.24.8 to 0.25.0rc1, mainly because of bug in 0.24.8 when using ssh_authorized_keys and I am getting the following messages when starting the client: Setting the :cacrl to 'false' is deprecated; Puppet will just ignore the crl if yours is missing Starting Puppet client version 0.25.0 Cached certificate_revocation_list for ca failed: Cannot manage the CRL when :cacrl is set to false Could not retrieve catalog from remote server: Could not intern from s: Cannot manage the CRL when :cacrl is set to false Hi Gus, How is your Puppetmaster setup? Passenger? Can you send your apache config? -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Could not find dependency Yumrepo
Hi Douglas, The bigger question, why are you using exec to update via yum?? There is a 'package' type that will do this for you. exec shouldn't be used for what you are trying to do.\ -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Could not find dependency Yumrepo
Going back to your original question, the error you are getting: Means it cannot find Yumrepo[base] in your type list. maybe it was renamed, or not included. -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Could not find dependency Yumrepo
On Aug 13, 2009, at 4:06 PM, Douglas Garstang wrote:
Larry,
if you mean that puppet can't find the 'base' repo, it should be there
and accessible. That's why I posted the contents of the repo file, and
the output of 'yum repolist'. It also sounded like you were saying
that the Yumrepo type wasn't found, which I don't understand, since
it's a standard type.
Actually, the docs at
http://reductivelabs.com/trac/puppet/wiki/TypeReference#package say
that the repo's that Yumrepo can see are determined by reposdir in
/etc/yum.conf. Since our production environment doesn't have reposdir
defined, but everything still works fine, I'm wondering if the docs
are out of date. How does yumrepo determine if a repo is available or
not?
The code in your puppet, not what's on the box. Puppet code tells
your server how it should be setup, not the other way around.
Yumrepo[base] means you should have Puppet code that looks like:
yumrepo {'base':
...
}
Regards...
-L
--
Larry Ludwig
Reductive Labs
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---
[Puppet Users] Re: Mongrel Memory Usage
On Aug 13, 2009, at 4:36 PM, Trevor Vaughan wrote: All, I'm trying to figure out the best way to estimate the amount of memory usage that will be taken up by Mongrel and I'm hoping that you have some estimates that can help me. I'm currently estimating the following: Memory Required = Number of running puppetmasters * size of manifests * number of clients managed The mongrel model doesn't seem to *ever* reclaim memory. Suggestions on reclaiming memory welcome though I'm sure most people will just urge me to move to Passenger. Passenger is slowly becoming the 'official' way to run puppetmaster, and is recommended by Reductive Labs. As far as memory, there are many dependancies like 32-bit over 64-bit, the size, amount of files transfered through puppet, your manifests, variables, clients used, etc. Some is also dependent upon the version ruby itself and it's optimizations. Out of all of these variables what I CAN say are most important: - files and the size of files transfered though Puppet - 32 bit over 64 bit. 0.25 will definitely help with the memory consumption with file usage. -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Mongrel Memory Usage
On Aug 13, 2009, at 8:56 PM, Trevor Vaughan wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Interesting, thanks for the information. My only concern with a 32 bit architecture, is that my memory usage may legitimately grow above 2G which would toast the puppetmaster process pretty quickly. The rub is Ruby itself is not optimized for 64 bit. an int for example is double in size. -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Hello,
Postings from new users are moderated - he had previously posted a legitimate Puppet query. So he looked like a normal, valid user. Oh man spammers are resorting to one legit email, and then one spam eh? I wish they would resort to more compute and meatcloud time to better efforts like make Puppet Modules ;-) -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: random number in a file
Here is one method to perform puppet runs via cron: http://reductivelabs.com/trac/puppet/wiki/Recipes/cron It also allows you to manually tweak the times each node runs. -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Puppet cannot find custom functions
Can someone tell me what I'm doing wrong here? According to the link referenced above, puppet should be picking up functions in these directories. Even better, is there an accepted way I can tell puppetmasterd to look for functions in a particular place? Hi I assumed your issue is related to this? http://projects.reductivelabs.com/issues/2494 -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: puppet recipes
Why are you using exec type for user and group, when these types already exist? I didn't read the complete thread so I donno if this was discussed. The exec type should always be used as the last resort. -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Planet Puppet is born!
Thanks Brice! I Did you add the Reductive Labs corporate feeds? -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: sequential change implementation
On Jul 28, 2009, at 9:16 AM, mmalamud wrote: How do I prevent the following: I have several web servers behind the load balancer, how do I make sure that when something changes and web servers need to be restarted that they are not all restarted at the same time but rather one by one. Is there a way to configure sequential push of some kind? schedule metatype option or splay might be random enough. -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: File resource type: critical chmod security issue
Generally speaking they define a few basics: 1. Who is accountable for security 2. What to do if you find a security issue and where to report security issues 3. How security patches are handled 4. The project's disclosure policy Regards James Turnbull This sounds like a page for the wiki no? Any security issues ideally should be reported privately first (at least with white hats). -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: passenger vs mongrel performance
Ohad, Now that we know that passenger is configured in Mark's case, try rubyEE and let us know the result. -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Best Practices Rewrite - First Draft
Hi Paul,
Some comments about the doc.
Use double-quotes around node names I would say using single quotes
is better since the Puppet language does not try to parse it for
variables. I have not done any tests in Puppet of single over double
quotes but have seen other interpreted languages recommend single
quote first over double for performance reasons.
At least for me I tend to make Puppet modules very atomic. Meaning
many smaller modules/classes than one large monolithic module. ie you
want to manage ssh. Perhaps break it up into a client and server
class, but one module.
For multi-platform support I've found the best way to support it is
via case statements at the high level
class openssh {
case $operatingsystem {
centos, redhat: { include openssh::redhat }
debian, ubuntu: { include openssh::debian }
default: { fail(${title} is not defined for operating system
${operatingsystem}.) }
}
}
Any common steps can be included in the class or broken out into a
openssh::base class
In some cases you not only want to install the application, but they
are situations to remove it (in my case had a need to ensure the
package is removed for security) I use the naming convention
cups::disable - To install but disable service (primarily for
dependancy with other packages)
cups::remove - To make sure the package and service are not running
Inheritance is great for creating a generic module and creating a site
module for your specific needs (In my case we have a generic proftpd
but then have a site specific for custom DirectAdmin (a hosting
control panel) configurations )
Teyo's recommends two module folders, one dist and another site. site
folder containing modules specific to your install.
-L
--
Larry Ludwig
Reductive Labs
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---
[Puppet Users] Re: Best Practices Rewrite - First Draft
good idea! Currently I have all site specific stuff in one big module, but like that I might be able to organize it again in modules per each site specific module adaptions. Question: Is autoloading looking in both module directories? so if it's not found in the module in one module directory it's still looking in the other one? I assume so, but as I haven't used it yet I better ask... ;) modulepath option must be set in your puppet.conf file. -L -- Larry Ludwig --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Performance of Passenger vs. Mongrel
An update on this thread working with Mark at USG: The example Apache config file with Puppet is not correct. I have submitted a patch so the example configuration file is correct. http://projects.reductivelabs.com/issues/2430 In communication with USG, once the options were properly set, the load is now much lower and similar with Mongrel but the Puppet compile times are much lower. -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: multi-case selectors
On Jul 21, 2009, at 1:00 PM, jc.listmail wrote:
Hi-
I've been using Puppet for a few months now and am trying to work my
recipes into something a little more elegant and efficient.
One of the things I am trying to do is better selection. What I would
really like to be able to do is sub-selection, but I can't figure out
how it's done. For example, if I am doing a primary selection for
sources on $domain, but would like to treat a sub-category of that
selection differently by $hostname or something, how would that look?
In regular code, it would just be a nested if or something, but I'm
not seeing an easy way to do it in Puppet...
I'm thinking about it like this:
if $domain == something {
if $hostname == some_hostname {
source = some_source
} else {
source = another_source
}
}
Is there a puppet way to do this or am I thinking about this in the
wrong way?
Puppet supports ANDs and ORs if you wish to do it instead of nesting.
http://reductivelabs.com/trac/puppet/wiki/LanguageTutorial#if-else
CASE statements are another method.
-L
--
Larry Ludwig
Reductive Labs
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---
[Puppet Users] Re: Info - crash on RHEL4 w/o swap space
how much memory is on this instance? Swap should ALWAYS be available, general recommendation is 2x actual memory. Once you run out of real memory, you can have a dead machine. -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Puppet meet Uup July 29th NYC 7p
Hi All We are scheduling a NYC Puppet Meet Up. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Puppet User Group July 29th NYC 7p
Hi All We are scheduling a NYC Puppet User Group on July 29th in NYC at 7pm. Location to be determined. If anyone is interested in donating space please let me know. We may have some formal discussions and open to any topics you want discussed. If attending, reply to this thread. -L Larry Ludwig --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Puppet User Group July 29th NYC 7p
On Jul 15, 2009, at 5:48 PM, Teyo Tyree wrote: I will definitely be there. Going to be in town providing Puppet training to the masses. Don't you mean spreading the gospel? :-) -L Cheers, Teyo -- Teyo Tyree :: www.reductivelabs.com --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Puppet Camp
On Apr 19, 2009, at 11:26 PM, Jon Stanley wrote: On Sun, Apr 19, 2009 at 4:34 PM, Paul Nasrat pnas...@googlemail.com wrote: It's probably easier for non-us attendees to get direct flight to the Bay Area (or the east coast - Boston/NY) than to either Portland or Salt Lake City. A city where driving is non-essential would be a plus for me. Hmmm, NYC would be preferable for me (I'm really selfish and don't want to travel) :) Of course for me too, but think SF/SJ is the best bang for your buck. -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Support Expectations (was: Licensing and Copyright)
I also think consultancy at good rates would be a no-brainer - Most companies don't have the time, resource, or expertise to learn/ implement a new tool. What's considered good rates? -L --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Puppet and pushing changes
On Apr 7, 2009, at 11:15 PM, Ohad Levy wrote: On Tue, Apr 7, 2009 at 8:32 PM, Larry Ludwig la...@reductivelabs.com wrote: What xinetd version? I wrote a simple daemon which uses puppet certificates and namespaceauth to allow puppetrun on cron based hosts. Hi Ohad, Can you post this somewhere? This is something I was looking for and/ or was going to develop. -L cheers, Ohad --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: EAL4+ general hardening settings with Puppet
On Apr 6, 2009, at 3:08 PM, Stephen John Smoogen wrote: - The hardening module I would break out each of these services into separate modules, so it's more generic. The hardening class itself I would consider a 'role' that would then include all of these modules (I have roles exist in the manifest folder and called by site.pp) - your logindefs class I would consider part of a shadow module that then has your specific security policy - your modules are very centos/RH specific any plans on making them apply to other OSes? - If you are removing packages I would suggest by default installing the package and then creating an ::absent class to remove or a ::disable to stop the service but have the module installed. This also then allows for keeping the package current via that module. Ah so thats the best practice for that. Keep in mind these are not hardline rules but things I've seen work for others. Also from the module collection I'm creating it seems to work very well. -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Licensing and Copyright
Related to this, I can tell you from personal experience in commercial software: support costs can be an enormously drain. The most effective way to keep them down is with relentless quality improvement: kill bugs, make features more comprehensible, document, make failure modes gentle, make errors clear, etc. (said somewhat tongue and cheek) Hey, isn't that the purpose of commercial software? You need support because while it works in some way, yet does not completely work and must pay for support to get it working? :-) Support most certainly can be a profit center. In a serious note, for an OSS project I would say Puppet has a pretty good development/testing process. Hell I've known commercial products that went through less testing. Can Puppet's development process be improved? Definately yes and is something that will be constantly revisited. -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: A simple function to load external class attributes
On Mar 31, 2009, at 12:26 PM, Luke Kanies wrote: I think you've convinced that a given module should search all of the module path directories, rather than just the first found directory. This would allow you to have your site module dir in front of the dist module dir and override templates or files just by putting them in the earlier path. Explain how this would work in detail? This does not work currently in Puppet does it? -L --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: [Puppet-dev] ANNOUNCE: Puppet 0.24.8 now available!
Thanks Todd, Anyone have an updated facter RPM also? -L -- Larry Ludwig Reductive Labs --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: compressing client/server communications
Hmm interesting idea. While the puppetmaster will work without issue, the issue becomes the client (puppetd) must decode it. I suspect a code change. -L On Mar 25, 2009, at 8:56 PM, Ben wrote: I use, and depend on, puppet extensively and a good portion of the servers (nodes) are remote, across a WAN. I just started a WAN Optimization trial with some Juniper gear, one of the components of WAN optimization is compression and the puppet client/server communication is compressing pretty well. According to the Juniper reporting the puppet data is being compressed between 25-50%. Is puppet using compression between client and server? If it is not, has it been considered? Considering most of the data exchanged between client and server would be text in the form of manifests and config files i think it could achieve good compression with low overhead. I have nginx in front of my puppetmasters, if i enable gzip compression there will the puppet client still work? Any thoughts? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: module dependencies
On Mar 12, 2009, at 10:14 AM, Keith Edmunds wrote: On Thu, 12 Mar 2009 14:37:40 +0100, bell...@nsc.liu.se said: No. You need to let individual resources within that class or module depend on the other class. Thanks Thomas, I suspected as much. Would it be appropriate to create a wishlist item that a module depends on another (module|class)? A bug/feature request. -L --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: puppet and LDAP users (SOLVED)
On Mar 3, 2009, at 12:09 PM, Luke Kanies wrote: On Mar 1, 2009, at 9:27 PM, Larry Ludwig wrote: On Mar 1, 2009, at 9:04 PM, Trevor Hemsley wrote: [puppetd] ldapserver=ldap.myorg.company.com ldapbase=dc=myorg,dc=org ldapuser=cn=admin,dc=myorg,dc=org ldappassword=mysecret In my case it's in [puppetmasterd] but glad it works for you. Heh, both of you should probably put it in main. :) You need to either put it in main, the section named after the environment, or the section named after the executable, and (here's the key) you want it in the most general block possible. If there's no harm in putting it in main, you should *always* do so. Otherwise, only the named executable will have access to those settings. What other app in puppet uses LDAP? -L --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Connection timeout calling fileserver.describe: socket read timeout
On Mar 2, 2009, at 9:48 AM, Arnau Bria wrote: On Mon, 2 Mar 2009 09:29:01 -0500 Larry Ludwig wrote: Hi Larry, That's really odd I'm not sure how you are configured. 3-4 puppetmasterd should be more than enough for your node count. Yes, that's what I heard here, but my experience with 3-4 masters was terrible. Are you managing ~100 hosts? with mongrel? 150, and yes. The obvious question is I assume you are not thrashing to swap and other issues related to the server config itself. Based upon how big puppetmasterd can grow with 20+ puppetmasterd you would need a lot of memory. [r...@gridinstall puppet]# find files|grep -v .svn|wc -l 123 [r...@gridinstall puppet]# du -sh files 3.1M files 123 files and 3 MB. Only that. We are doing much more than that. What version of puppet? -L -- Larry Ludwig --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: puppet and LDAP users
On Mar 1, 2009, at 4:09 PM, Trevor Hemsley wrote: Larry Ludwig wrote: Hi two suggestions: 1. make sure ruby-ldap gem is installed It is. On a different system without ruby-ldap installed I get err: Could not prefetch user provider 'ldap': Could not set up LDAP Connection: Missing ruby/ldap libraries The symptoms that I see are that puppet is not requesting a full DN though. It's 'forgetting' to append ldapbase to the end of the query so it's unsurprising that it is not working. Hmm in my openldap ldap.conf file I defined the base dn, I don't remember if that was done for any specific reason. I would check the source code to see if it helps you determine what the error may be. What version of Puppetmaster are you using on what platform, with what LDAP? At the moment I'm not sure what is the root cause of your error. -L -- Larry Ludwig --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: puppet and LDAP users (SOLVED)
On Mar 1, 2009, at 9:04 PM, Trevor Hemsley wrote: [puppetd] ldapserver=ldap.myorg.company.com ldapbase=dc=myorg,dc=org ldapuser=cn=admin,dc=myorg,dc=org ldappassword=mysecret In my case it's in [puppetmasterd] but glad it works for you. -L -- Larry Ludwig --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Best method to monitor puppetmasterd?
On Feb 13, 6:45 am, Trevor Vaughan peiriann...@gmail.com wrote: Just out of curiosity, is there a problem with good old fashioned log monitoring and cron? I.e. logwatch - email - poke puppetmaster combined with cron to check if puppetmaster is still rolling along. That is definitely an option and easier to implement. Though I do like monitoring off server, via nagios in this case. Also looking at the logs won't tell ya if some stupid change was made like blocking the port via a firewall rule, or other network related problems. I look at it from the angle checks should occur at the same level you need the service to operate. Other checks like memory leaks I do consider important if the daemon has a known issue otherwise overall memory and swap usage monitoring should be enough. In the case of PHP, it makes sense to monitor the page, however the puppetmaster is a system daemon that should have things checking into it and should be regularly generating logs like compiled manifest for blah.foo. I could actually do via log files also, but choose to do it this way for the same reasons above. If you wanted to tie that into cacti, you could watch the heuristics graph and see if there is a drop in trending. Yea I'm wondering out loud to the group what metrics should be graphed with Puppetmaster. Maybe per time period (ie 5min) - Avg time to store acatalog - Avg time to compile a catalog - amount of nodes connected - Amount of modules Maybe some other things related to the internals of puppetmaster itself? Of course, this could also mean that your client networks all just blew up but, either way, you have a serious problem. Trevor On Thu, Feb 12, 2009 at 21:19, Larry Ludwig larry...@gmail.com wrote: Yea I want to make sure puppetmaster returns some sort of valid result. Though the monit for memory leaks is not a bad idea. More than just pinging a port. For example in our case we monitor PHP. We've had PHP crap out for a few customers, so we monitor a phpinfo page to make sure php returns a valid result. I also mentioned to Luke about getting some metrics out of puppetmaster at least via command line. I would LOVE to be able to monitor it via Cacti to see how performance is going. Not sure what the metrics would be, but something to help with when to scale to bigger hardware. At least from the baseline graphs we do (CPU, disk IO, memory, bandwidth) the Puppetmaster appears to be primarily CPU bound first, memory second. -L --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Best method to monitor puppetmasterd?
Hmm interesting... I'll check it out. -L On Feb 13, 1:07 pm, James Bellenger ja...@forwardcamegrendel.org wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Nigel Kersten wrote: I've got a background job of working on trying to fake out a proper getconfig request for a catalog to check timing data, but that's not functional yet. I have a tool that does this in javascript here:http://www.forwardcamegrendel.org/puppet-request-generator It's pretty handy as is and I make use of it pretty often, though it's simple enough to rip out the javascript and reimplement in a different language. James Bellenger. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.7 (GNU/Linux) iD8DBQFJlbbI8TYLVDRcCYURAgGmAJoDt4PKbhENSEpzF7WUYZvczKbUKwCeP/RY ImZg1Rkkln8zrkIuZVZmkgg= =Y8Zg -END PGP SIGNATURE- --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Best method to monitor puppetmasterd?
Yea I want to make sure puppetmaster returns some sort of valid result. Though the monit for memory leaks is not a bad idea. More than just pinging a port. For example in our case we monitor PHP. We've had PHP crap out for a few customers, so we monitor a phpinfo page to make sure php returns a valid result. I also mentioned to Luke about getting some metrics out of puppetmaster at least via command line. I would LOVE to be able to monitor it via Cacti to see how performance is going. Not sure what the metrics would be, but something to help with when to scale to bigger hardware. At least from the baseline graphs we do (CPU, disk IO, memory, bandwidth) the Puppetmaster appears to be primarily CPU bound first, memory second. -L --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Best practices question
Sorry $operatingsystem not $lsbdistid for the variable.
-L
On Feb 9, 6:54 pm, Larry Ludwig larry...@gmail.com wrote:
Hi Eric,
I tend to think of modules as a method to encapsulate a package or
even larger service. If you needed to develop for a specific OS you
could break down into seperate classes.
If you created a module named network it could be more generic and
apply to other OSes.
ie:
class network {
case $lsbdistid: {
centos: { include network::centos }
debian: { include network::debian }
}
Hope this helps.
-L
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---
[Puppet Users] Re: Testing puppet manifests
The structure itself is complicated, however the usage is quite simple if you understand the structure. nevertheless, if you have any better/simpler idea - I would really love to hear it.. I'm starting to look into what other users of Puppet are doing before I draw any conclusions/recommendations. I would like to hear of any other users and their comments. In order for Puppet to really work it must not only scale to large amounts of computers but also a large amount of administrations/system programmers working on recipes. I'm not sure I understood your question...What do you mean module syntax? (the define?) we are only using the puppet language (with a special directory structure in scm). Ok really Class statement, other than file structure there is no Module statement in the language itself. Maybe this is part of the problem :-) I'm thinking: - module version should not be managed by puppet - puppet is not a scm not scm, but the module state it's version info. Kinda like Ruby gems. So you can require a specific version of a module when running your app. Also have the ability to have multiple versions with Puppet. - dependencies needed to get the module working (with version info) thats easy to achieve if you save the version number as a variable - nevertheless, usually you dont care about a specific module version, you care about a mix of modules. Well it can be both. For example (puppetshow as for one) how many times you an app develop in Ruby and you need a specific version of Rails?? Use the latest and boom! Not nice in a production enviroment. It is also possible in the existing Puppet world that one person has a module that overlaps another module developed by someone else. Yes it can be a variable but it's not forced on the module creator. Putting it into the language forces this on the developer. In order for Puppet to allow easy sharing of modules something like this needs to happen. I would really love to have a public repo (and if I'm allowed, I would love to publish our manifests) I know that there was a try to get a public repo - is it still around? As I am getting ready to release some Puppet modules, I'm realizing the current limitations of Puppet and sharing modules with the general public. IMHO this is also one of the reasons why the public module list in the wiki is so small. Puppet so far has changed the way we perform administration, what it hasn't done yet is make it easy to share 'the secret sauce with other administrators. Once this happens on large scale I think some interesting things will happen. -L --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Testing puppet manifests
I would really love to have a public repo (and if I'm allowed, I would love to publish our manifests) I know that there was a try to get a public repo - is it still around? I know about: http://projects.reductivelabs.com/projects/show/pcm But I haven't seen much action with this yet.. -L --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Testing puppet manifests
module_dir { /etc/puppet/env/global_puppetmaster:}
# Stable service modules #
modules { PP-host-base: module = host-base, site =
global_puppetmaster, type = services, version = 0.12}
modules { PP-sudo: module = sudo, site =
global_puppetmaster, type = services, version = 0.1 }
modules { PP-ssh: module = ssh, site =
global_puppetmaster, type = services, version = 0.1 }
modules { PP-sendmail: module = sendmail, site =
global_puppetmaster, type = services, version = 0.14}
modules { PP-ldap: module = ldap, site =
global_puppetmaster, type = services, version = 0.11}
modules { PP-redhat: module = redhat, site =
global_puppetmaster, type = services, version = 0.12}
modules { PP-autofs: module = autofs, site =
global_puppetmaster, type = services, version = 0.1 }
modules { PP-apache2: module = apache2, site =
global_puppetmaster, type = services, version = 0.1 }
modules { PP-subversion:module = subversion,site =
global_puppetmaster, type = services, version = 0.11}
modules { PP-syslog-ng: module = syslog-ng, site =
global_puppetmaster, type = services, version = 0.11}
modules { PP-monit: module = monit, site =
global_puppetmaster, type = services, version = 0.1 }
modules { PP-munin: module = munin, site =
global_puppetmaster, type = services, version = 0.1 }
stable host types modules #
modules { PP-puppetmaster: site = global_puppetmaster, module
= host-puppetmaster, version = 0.21 }
}
using this syntax it creates all the necessary environment modules which
are basically links to the version of the stable/testing module.
Hmm some comments to this...
This sounds like a bear to maintain, while I think it's important to
do in a complex environment like you have.
I'm wishing the info you are doing is more included in the module
syntax of Puppet's language itself.
It's interesting to see you don't use Puppet's built in tagging (ie
development, staging, production). Just curious why?
What would you consider needed in Puppet to make your development
easier?
I'm thinking:
- module version
- dependencies needed to get the module working (with version info)
- some sort of naming convention to allow modules to be shareable, and
cannot overlap (ie one person has a openssh-server module that does
one thing, yet another person uses the same name but does something
different) This is needed so modules can be shared in some sort of
public repository.
-L
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---
[Puppet Users] Re: Thanks for coming out last night, and sorry for the venue confusion. Planning future meetings.
On Feb 4, 1:59 pm, Joel Merrick joel.merr...@gmail.com wrote: On Wed, Feb 4, 2009 at 6:53 PM, Brian Gupta brian.gu...@gmail.com wrote: It would be good to hear people's thoughts on what kind of meetings we should be having. (I'm thinking maybe alternating technical/social, with the occasional outreach meeting with another user group - e.g. - We haven't presented with NYLUG yet.) Do you record the meetings at all? At the moment no. Based upon the type of meet up it was it would have been very hard to get all of the conversations. -- $ echo kpfmAdpoofdufevq/dp/vl | perl -pe 's/(.)/chr(ord($1)-1)/ge' --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: puppetshow with puppetmaster 0.24.6
That did the trick. I thought you can have multiple versions of the same gem installed and if it's locked in the RoR app it shouldn't matter. -L On Feb 3, 5:56 am, Rodney Quillo imco...@gmail.com wrote: Hi Larry, Install the older gems I've listed above using the command: $ sudo gem install rails --version='2.0.2' $ sudo gem install hobofields --version='0.7.5' $ sudo gem install hobosupport etc Also remove the newer version of rails 2.2.x and other dependency. See man page for gems. Let us know how it goes. Good luck, Rodney -http://imcocoy.blogspot.com On Feb 3, 11:16 am, Larry Ludwig larry...@gmail.com wrote: On Jan 13, 3:00 am, Rodney Quillo imco...@gmail.com wrote: Hi Blake and others, I got it running with the following gems: actionmailer (2.0.2) actionpack (2.0.2) activerecord (2.0.2) activeresource (2.0.2) activesupport (2.0.2) daemons (1.0.10) gem_plugin (0.2.3) hobofields (0.7.5) hobosupport (0.8.5) rails (2.0.2) rake (0.8.3) It only needs the hobofields since hobo and others were already in the plugin directory. What did you do to fix the uninitialized constant ActiveSupport::Dependencies error? I'm still getting this error with the above gems. -L --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Puppet can't find Augeas (now with RPMs)
David Lutterkort wrote:
On Mon, 2009-02-02 at 12:51 -0800, Larry Ludwig wrote:
Hi all I'm getting this same error with the Puppet RPMs from EPEL.
I have installed:
puppet-0.24.7-4.el4
ruby-augeas-0.2.0-3.el4
augeas-0.3.5-2.el4
augeas-libs-0.3.5-2.el4
facter-1.5.2-1.el4
on a 64 bit CentOS 4.7.
but I'm getting this error with this code:
augeas { augeas-sshd_config:
context = /files/etc/ssh/sshd_config,
changes = set Protocol 2,
require = File[sshd_config],
notify= Service[sshd],
}
and get this error
puppetd[17297]: Could not create augeas-sshd_config: Could not find a
default provider for augeas
puppetd[17297]: Configuration could not be instantiated: Could not
find a default provider for augeas
Do you have ruby-augeas installed on your puppetmaster ? You'll need
that, too for things to work out.
Yup.
[root@ manifests]# rpm -q ruby-augeas
ruby-augeas-0.2.0-3.el4
Is there a path issue in one of the rpms with 64 bit OS??
Only if you have noarch RPM's - as long as all the RPM's you list above
have the same arch (all i386 or all x86_64), you should be fine.
Yup:
[root@ RPMS]# ls -al facter-1.5.2-1.el4.x86_64.rpm
-rw-r--r-- 1 yum yum 41207 Sep 10 11:03 facter-1.5.2-1.el4.x86_64.rpm
[root@ RPMS]# ls -al puppet-0.24.7-4.el4.x86_64.rpm
-rw-r--r-- 1 yum yum 545547 Jan 28 12:23 puppet-0.24.7-4.el4.x86_64.rpm
[root@ RPMS]# ls -al ruby-augeas-0.2.0-3.el4.x86_64.rpm
-rw-r--r-- 1 yum yum 17462 Jan 28 12:23 ruby-augeas-0.2.0-3.el4.x86_64.rpm
[root@ RPMS]# ls -al augeas-libs-0.3.5-2.el4.x86_64.rpm
-rw-r--r-- 1 yum yum 186675 Jan 28 12:23 augeas-libs-0.3.5-2.el4.x86_64.rpm
Then I'm not sure what's the issue.
-L
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---
[Puppet Users] Puppet can't find Augeas (now with RPMs)
Hi all I'm getting this same error with the Puppet RPMs from EPEL.
I have installed:
puppet-0.24.7-4.el4
ruby-augeas-0.2.0-3.el4
augeas-0.3.5-2.el4
augeas-libs-0.3.5-2.el4
facter-1.5.2-1.el4
on a 64 bit CentOS 4.7.
but I'm getting this error with this code:
augeas { augeas-sshd_config:
context = /files/etc/ssh/sshd_config,
changes = set Protocol 2,
require = File[sshd_config],
notify= Service[sshd],
}
and get this error
puppetd[17297]: Could not create augeas-sshd_config: Could not find a
default provider for augeas
puppetd[17297]: Configuration could not be instantiated: Could not
find a default provider for augeas
Is there a path issue in one of the rpms with 64 bit OS??
This does not happen on the 32 bit CentOS 3 machines I have that we
compiled inhouse the RPMs.
Though the error does seem to occur on both 32 and 64 bit CentOS 4 and
5 but the RPMs are not complied by us.
-L
On Jan 15, 8:28 pm, Robin Lee Powell rlpow...@digitalkingdom.org
wrote:
On Thu, Jan 15, 2009 at 05:17:37PM -0800, Robin Lee Powell wrote:
I've set up this machine, I think, like my two others. I've
compiled and installed:
facter-1.5.2
puppet-0.24.7
augeas-0.3.5
Also, done gem install ruby-augeas-0.2.0.gem
All of it seemed to work, but:
$ /usr/bin/puppetd -t --noop
err:Couldnotcreate no usecacheonfailure:Couldnotfinda default provider
foraugeas
warning:Notusing cache on failed catalog
warning: Configurationcouldnotbe instantiated:Couldnotfinda default
provider foraugeas
That'snotan especially helpful error message; can someone give me
a hint?
strace and I found the problem; I needed /usr/local/lib in my
ld.so.conf. Puppet wasn't looking there for libaugeas.so.0
-Robin
--
They say: The first AIs will be built by the military as weapons.
And I'm thinking: Does it even occur to you to try for something
other than the default outcome?
--http://shorl.com/tydruhedufogrehttp://www.digitalkingdom.org/~rlpowell/***http://www.lojban.org/
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---
[Puppet Users] Re: pushing puppet.conf files and other questions
On Jan 30, 8:04 am, Dan Bode bod...@gmail.com wrote:
Hi all,
Is there a way to push out the puppet.conf file from puppet?
Puppet CAN update itself. It will restart when a new puppet.conf is
found.
Use the File type.
If I change report = true in a manifest, then will the current run be
reported?
I believe it's after the current run it restarts.
Also, I saw something interesting when I ran
puppetd --genmanifest
It has a class called
class reporting {
file { '/var/lib/puppet/reports':
loglevel = 'debug',
backup = 'false',
owner = 'puppet',
group = 'puppet',
mode = '488',
ensure = 'directory'
}}
(there are lots of other interesting things in this output as well)
two questions related to this file.
1. Do I have access to all of these classes for puppet runs, can I set
reporting per client in the manifests?
per client via the puppet.conf file
2. How does puppet know to execute all of these things before the manifests
on the server? Does this imply that there is a way to run init tasks (before
everything else) without creating tons of dependencies?
(ex: configure yum-repos)
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---
[Puppet Users] Re: Can't connect to LDAP server
On Jan 30, 10:33 am, s...@imperial.ac.uk s...@imperial.ac.uk wrote: Hi appreciate your help. I am new to puppet. I have taken over a system. Running Debian v4.0 Puppetmaster puppet v0.20.1-1 I keep getting the following error from puppetmaster Could not connect to LDAP: Can't contact LDAP server. Please advise me how to analyse and work through this problem. Thanks John do you have ruby's LDAP gem installed? Did you follow the Wiki? http://reductivelabs.com/trac/puppet/wiki/LDAPNodes From the puppetmaster does ldapsearch work? Make sure it works at that level first before in the puppetmaster. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Can't connect to LDAP server
Running Debian v4.0 Puppetmaster puppet v0.20.1-1 Also seeing how old of puppetmaster you are using, I would suggest upgrading to the latest version of Puppet and facter. There have been a few bug and improvements in LDAP code since then. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: suitability for puppet with read-only file system
Thanks for the info on memory requirements. I shouldn't run into problems as they have 512MB (less 64MB for the video card). If using 32 bit (I assume based upon memory usage) you may be able to even have puppet as a daemon. -L --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Stoking a Religious War: Why Did You Go With Puppet Over Other Options?
On Jan 27, 9:47 am, Evan Hisey ehi...@gmail.com wrote: On Tue, Jan 27, 2009 at 8:04 AM, Jonathan Share jon.sh...@gmail.com wrote: 2009/1/27 tomcat akocu...@mun.ca: Hi, Gang.. The Subject: line says it all. My organisation is looking at selecting a configuration management system. Any comments about why you chose Puppet over other options would be very helpful to us. Well, there are basicly 4 options really in this area. 1) roll-your-own 2) cfengine 3) puppet and now 4) Chef Don't forget Capistrano which some use for administration (I think it's better suited for app deployment) The reasons why we chose Puppet - Language is easy to understand, read and learn - Self healing in the sense if something is borked it will try to make it the state you specify - Template options are pretty flexible. - Language is abstract for the resources you choose (makes it easier to implement multiple OSes) Hope this helps. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Chef?
I read the reason that Chef does not have dependency management because it makes the code hard to read is just plain silly. The way I ALWAYS code my Puppet recipes is in the order of dependency. What's so hard about that? My question about Chef is how can it handle multiple dependencies? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Using deb package management for gems (was Re: NYC Puppet Meetup)
Brian Gupta wrote: On Sun, Jan 18, 2009 at 1:15 PM, Larry Ludwig larry...@gmail.com wrote: Also, I am looking to explore: debgem vs dpkg-tools (Two tools to make deploying gems via Debian packages easier)http://www.debgem.com/ andhttp://reprocessed.org/tags/dpkg-tools Why not let Puppet install via ruby's gems? I started down a similar path with CentOS/RH creating RPMs for gems and felt using the native 'gem install' was better, especially when using different architectures (ie i386 and x86_64). In addition, if you use the puppet's type the recipe install is the exactly the same for any platform or operating system. Speed. Speed? Speed to install or speed to run? -L -- Larry Ludwig Empowering Media 1-866-792-0489 x600 Managed and Unmanaged Xen VPSes http://www.hostcube.com/ --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Using deb package management for gems (was Re: NYC Puppet Meetup)
Keep in mind we spin up and down virtual nodes regularly, so that anything we can do to optimize deployment speed of a full rails stack is helpful. (When not anything, we are avoiding baking the gems into our base OS install image). Yea obviously in binary form is the fastest. I didn't realize you create/destroy a lot of instances. I would think in your case a few months is at least the minimum lifecycle for an instance. I assume you do to quickly create more capacity? Are you doing it on some automated basis to add/remove more resources? http://broadcast.oreilly.com/2008/12/why-i-dont-like-cloud-auto-scaling.html I'm somewhat for not completely taking the man out of the loop. We have our control panel setup (DirectAdmin) take over 1 hour to build with Puppet because of the control panel loves to compile so many things :-(. We kept it that way since by default that's how it works. The inertia is too great to change their (stupid) methodology. -L -- Larry Ludwig Empowering Media 1-866-792-0489 x600 Managed and Unmanaged Xen VPSes http://www.hostcube.com/ -L -- Larry Ludwig Empowering Media 1-866-792-0489 x600 Managed and Unmanaged Xen VPSes http://www.hostcube.com/ --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Using deb package management for gems (was Re: NYC Puppet Meetup)
Brian Gupta wrote: Mostly we want the ability, to leverage the micro-accounting EC2 offers us. (To lower operational costs). Since EC2 bills by the hour, wouldn't it be prudent to be able to spin down idling webservers during the evening, and spin up extra ones when you know there are upcoming high traffic website events? Currently we have this ability. For now it is still a manual process, in that we have to say please spin up X webserver nodes now in the xyz environment, but they do autoconfigure themselves, update DNS, and even adjust the load balancer config. We are still working on the scheduling ability, but our puppet code and ec2 glue are all complete, if should be fairly straightforward to throw something together. (We might even leverage the OS scheduler.) Hmm this brings up an interesting discussion. It depends... if a no-op CPU command is billable to EC2 and they are truly sitting idle does Amazon charge for it? Obliviously a running instance will have CPU cycles, but not much if idle. Also the build process of a new instance I suspect has a decent amount of CPU time (obviously less if you are using binaries) I'm sure there is some point where it makes more sense to leave the instance running for X amount of hours, instead of regening it. (meaning it costs more to build a new EC2 instance, than just leave an existing one active) The other issues related to re-gening is new IP address and the time for EC2 to have your new instance ready (ie 10 min) Have you done any investigation on the cost benefits? If so what were the results? I'm obviously all for the automating the build of a new instance, and also automatically adding it to the pool of resources. I'm not so sure the next level of automation. Auto-scaling without any human interaction. The issue I have with most auto-scaling is the very basic metrics used to measure when to add/remove resources.I believe the issues are very customer/app specific and while with one customer X metric might be valid, with another you need X, Y and Z in some formula to determine when to go to the next level. The other issue related to this is the application itself. What may have allowed a customer app to scale to one level, may require code changes to scale effectively at a much higher level. This is something auto-scaling could never do. Vertical scaling is ALWAYS easier than going horizontal. Puppet is great at the automation of administration. To me auto-scaling could be a different tool and write high level rules on when to scale and what part to scale. Do I hear another tool in the making? :-) -L Our eventual goal has always been *being able* to autoscale. Realistically though, since unexpected load is fairly uncommon, we still want a human in the scaling feedback loop. (So basically we want autoscaling with a Human! Press this button! step in the autoscaling process.) Cheers, Brian -L -- Larry Ludwig Empowering Media 1-866-792-0489 x600 Managed and Unmanaged Xen VPSes http://www.hostcube.com/ -L -- Larry Ludwig Empowering Media 1-866-792-0489 x600 Managed and Unmanaged Xen VPSes http://www.hostcube.com/ --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Using deb package management for gems (was Re: NYC Puppet Meetup)
One major reason to not use gems (or CPAN for Perl), is that it doesn't play together with the OS packaging system. If an RPM (for example) has installed a file, gems and CPAN will happily overwrite it, without recording in the RPM database that the file is now owned by another package. If you install an updated RPM, it will happily overwrite the gem/CPAN installed file. Yes this is true. To me it's about being consistent. If you are going the (rpm/deb packages) route keep using that for perl/CPAN. If not do all in CPAN or gem package management, not mixing two package managers. For CPAN, there's the cpan2rpm program, which can create an RPM from a CPAN package, which you can then install using the rpm or yum commands, and I believe there's a cpan2deb program for Debian/Ubuntu. That gives me the proper interaction with the normal package system. I see there's a gem2rpm command available also. I haven't tried using that, though. If there's a gem2deb command, I'd suggest the OP to try using that. cpan2rpm works great for the most part and use that quite a bit. gem2rpm I personally had very mixed results (many things didn't compile) and oped to using gem directly (at least on centos/RH) On centos/RH there are very few pre-built gem rpms out there and was another decision maker. CPAN rpms on the other hand there are many available (DAG for example - http://dag.wieers.com/rpm/) -L --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
