Re: [Puppet Users] Re: Puppetserver performance plummeting a few hours after startup
Hi all, It seems that in fact, setting ReservedCodeCacheSize has had a positive impact on the performance. Since monday, catalog compilation times have been steady at around 10 seconds average. Still not as good as the secondary server, but acceptable! For the record, we are not managing metaspace size or max-requests-per-instance. I'll try to lower the numer of workers and see if that has a positive effect on memory / cpu usage while keeping the compilation times down. Thanks again for all your suggestions!! Best regards, Martijn. Op 10-2-2020 om 19:02 schreef Justin Stoller: > > > On Mon, Feb 10, 2020 at 1:44 AM Martijn Grendelman > mailto:mart...@grendelman.net>> wrote: > > Hi Kevin and others who have responded, > > Thanks all for your tips. Unfortunately, no breakthroughs yet. > > The current state is this: > > * Both Puppetservers typically run at the latest version, > currently both 6.8.0. > * The primary server has 8 virtual cores and 12 GB of physical > (virtualized) RAM, Java is running with -Xms6g -Xmx6g. > * Max-active-instances is currently set to 7. > * This morning, I added -XX:ReservedCodeCacheSize=1g to the JVM > startup config. > * The size of our 'environments' directory is 131 MB. We > currently have 3 environments. > > I've been looking at JVM stats with 'jstat', and the server > doesn't appear to spend any significant amount of time doing GC > (seems to be about 1%). > > > fwiw, gceasy.io <http://gceasy.io> and their family of jvm analysis > reports can be helpful if you have the gc logs, etc available. You > might want to see if you're managing Metaspace (like > -XX:MaxMetaspace=1G). Mostlikely not, and if you were having issues I > think it'd cause full GCs so its not likely a problem, but its a thing > to check. It should, if you have to manage it, have a similar value to > CodeCache. > > > > After a server restart, compilation times typically drop to 9 > seconds on average (on the secondary server, it's 5 seconds > consistently), but after a while, they go back to 30 or 40 seconds. > > > As I noted in my first post, our server has an average of less > than 2 concurrent agents talking to it, so I can't imagine this > happening due to lack of resources. The fact that our secondary > server handles a bigger load than the primary, with a third of the > memory and only 2 cores, seems to confirm this. > > > One thing that gets folks is that each worker instance is pretty > heavy-weight (heap, non-heap, and cpu, even when relatively idle). If > you only need 2 or 3 instances, you should try lowering your max > active instances to that number and see what happens. > > > So: > - enough CPU power (I would think) > - enough memory > - no significant garbage collection > - Puppetserver causing a load of 5 > > > I also asked about max-requests-per-instance, ideally it should be 0 > (ie off) or some very high number (like 100). > > > Any more tips? Would it make sense to run PuppetDB and PostgreSQL > on a different VM? > > > If that's the biggest difference you might want to go in that > direction. I've seen PSQL tuned to where it's different child > processes would consume way more memory than intended. You'd probably > want to confirm that with top, et al. > > > Thanks, > Martijn Grendelman. > > > > > > > > > > > Op 6-2-2020 om 17:43 schreef KevinR: >> Hi Martijn, >> >> it sounds like you have a sub-optimal combination of: >> >> * The amount of JRubies >> * The total amount of java heap memory for puppetserver >> * The size of your code base >> >> This typically causes the kind of problems you're experiencing. >> What's happening in a nutshell is that puppet is loading so much >> code in memory that is starts running out of it and starts >> performing garbage collection more and more aggressively. At the >> end, 95% of all cpu cycles are spent on garbage collection and >> you don't have any cpu cycles left over to actually do work like >> compile catalogs... >> >> To understand how Puppet loads code into memory: >> >> Your code base is: ( [ size of your control-repo ] + [ size of >> all the modules from the Puppetfile ] ) x [ the amount of >> puppet code environments] >> So let's say: >> >> * your control repo is 5MB in size >> * all modules together are 95MB in size >> * you have 4 code environments:
Re: [Puppet Users] Re: Puppetserver performance plummeting a few hours after startup
Hi Kevin and others who have responded, Thanks all for your tips. Unfortunately, no breakthroughs yet. The current state is this: * Both Puppetservers typically run at the latest version, currently both 6.8.0. * The primary server has 8 virtual cores and 12 GB of physical (virtualized) RAM, Java is running with -Xms6g -Xmx6g. * Max-active-instances is currently set to 7. * This morning, I added -XX:ReservedCodeCacheSize=1g to the JVM startup config. * The size of our 'environments' directory is 131 MB. We currently have 3 environments. I've been looking at JVM stats with 'jstat', and the server doesn't appear to spend any significant amount of time doing GC (seems to be about 1%). After a server restart, compilation times typically drop to 9 seconds on average (on the secondary server, it's 5 seconds consistently), but after a while, they go back to 30 or 40 seconds. As I noted in my first post, our server has an average of less than 2 concurrent agents talking to it, so I can't imagine this happening due to lack of resources. The fact that our secondary server handles a bigger load than the primary, with a third of the memory and only 2 cores, seems to confirm this. So: - enough CPU power (I would think) - enough memory - no significant garbage collection - Puppetserver causing a load of 5 Any more tips? Would it make sense to run PuppetDB and PostgreSQL on a different VM? Thanks, Martijn Grendelman. Op 6-2-2020 om 17:43 schreef KevinR: > Hi Martijn, > > it sounds like you have a sub-optimal combination of: > > * The amount of JRubies > * The total amount of java heap memory for puppetserver > * The size of your code base > > This typically causes the kind of problems you're experiencing. What's > happening in a nutshell is that puppet is loading so much code in > memory that is starts running out of it and starts performing garbage > collection more and more aggressively. At the end, 95% of all cpu > cycles are spent on garbage collection and you don't have any cpu > cycles left over to actually do work like compile catalogs... > > To understand how Puppet loads code into memory: > > Your code base is: ( [ size of your control-repo ] + [ size of all > the modules from the Puppetfile ] ) x [ the amount of puppet code > environments] > So let's say: > > * your control repo is 5MB in size > * all modules together are 95MB in size > * you have 4 code environments: development, testing, acceptance and > production > > That's 100MB of code to load in memory, per environment. For 4 > environments, that's 400MB. > A different way to get this amount directly is to run *du -h > /etc/puppetlabs/code/environments* on the puppet master and look at > the size reported for */etc/puppetlabs/code/environments* > > Now every JRuby will load that entire code base into memory. So if you > have 4 JRubies, that's 1600MB of java heap memory that's actually > needed. You can imagine what problems will happen if there isn't this > much heap memory configured... > > If you're using the defaults, Puppet will create the same amount of > JRubies as the number of cpu cores on your master, minus 1, with a > maximum of 4 JRubies for the system. > If you override the defaults, you can specify any number of JRubies > you want with the max-active-instances setting. > > So by default a 2-cpu puppet master will create 1 JRuby, a 4-cpu > puppet master will create 3 JRubies, an 8-cpu puppet master will > create 4 JRubies. > > So now you know how to determine the amount of java heap memory you > need to configure, which you can do by configuring the -Xmx and -Xms > options in the JAVA_ARGS section of the puppetserver startup command. > Then finally make sure the host has enough physical memory available > to provide this increased amount of java heap memory. > > Once enough java heap memory is provided, you'll see the cpu usage > stay stable. > > Kind regards, > > Kevin Reeuwijk > > Principal Sales Engineer @ Puppet > > > On Thursday, February 6, 2020 at 11:51:42 AM UTC+1, Martijn Grendelman > wrote: > > Hi, > > A question about Puppetserver performance. > > For quite a while now, our primary Puppet server is suffering from > severe slowness and high CPU usage. We have tried to tweak its > settings, giving it more memory (Xmx = 6 GB at the moment) and > toying with the 'max-active-instances' setting to no avail. The > server has 8 virtual cores and 12 GB memory in total, to run > Pupperserver, PuppetDB and PostgreSQL. > > Notably, after a restart, the performance is acceptable for a > while (several hours, up to a almost day), but then it plummets again. > > We figured that the
[Puppet Users] Puppetserver performance plummeting a few hours after startup
Hi, A question about Puppetserver performance. For quite a while now, our primary Puppet server is suffering from severe slowness and high CPU usage. We have tried to tweak its settings, giving it more memory (Xmx = 6 GB at the moment) and toying with the 'max-active-instances' setting to no avail. The server has 8 virtual cores and 12 GB memory in total, to run Pupperserver, PuppetDB and PostgreSQL. Notably, after a restart, the performance is acceptable for a while (several hours, up to a almost day), but then it plummets again. We figured that the server was just unable to cope with the load (we had over 270 nodes talking to it in 30 min intervals), so we added a second master that now takes more than half of that load (150 nodes). That did not make any difference at all for the primary server. The secondary server however, has no trouble at all dealing with the load we gave it. In the graph below, that displays catalog compilation times for both servers, you can see the new master in green. It has very constant high performance. The old master is in yellow. After a restart, the compile times are good (not great) for a while.The first dip represents ca. 4 hours, the second dip was 18 hours. At some point, the catalog compilation times sky-rocket, as does the server load. 10 seconds in the graph below corresponds to a server load of around 2, while 40 seconds corresponds to a server load of around 5. It's the Puppetserver process using the CPU. The second server, the green line, has a consistent server load of around 1, with 4 GB memory (2 GB for the Puppetserver JVM) and 2 cores (it's an EC2 t3.medium). If I have 110 nodes, doing two runs per hour, that each take 30 seconds to run, I would still have a concurrency of less than 2, so Puppet causing a consistent load of 5 seems strange. My first thought would be that it's garbage collection or something like that, but the server plenty of memory (OS cache has 2GB). Any ideas on what makes the Puppetserver starting using so much CPU? What can we try to keep it down? Thanks, Martijn Grendelman -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/0f6e7373-404a-45fd-8bc7-5daed3fa67f3%40googlegroups.com.
[Puppet Users] Attempt to override an already evaluated resource
Since a recent Puppet update, my logs contain a lot of these warnings:
2017-08-21 14:03:20,146 WARN [qtp2051525912-14813] [puppetserver] Puppet
> Attempt to override an already evaluated resource, defined at
> /etc/puppetlabs/code/environments/production/modules/puppet/manifests/collections.pp:45,
>
> with new values at
> /etc/puppetlabs/code/environments/production/modules/puppet/manifests/collections.pp:40
The code leading to these warnings is this:
if $::operatingsystem == 'Debian' {
> $remove_packages = [
'facter',
'hiera',
'puppet',
'puppet-common'
]
> linux::package { $remove_packages: ensure => purged }
> Linux::Package['puppet-agent'] {
require => Linux::Package[$remove_packages],
}
}
> linux::package { 'puppet-agent':
ensure => installed,
}
I found PUP-6290 , which
seems related to this, but I am not sure the use case described in that
ticket is the same. Also, I don't think that adding a 'require' metaparam
to an already evaluated resource should require a re-evaluation of the
resource body.
If my pattern of conditionally adding to a resource's parameters is wrong,
how should I go about this?
Best regards,
Martijn.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/e3f1b536-8ac3-4d10-bbbf-088e8b9784c3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Defined type parameter defaults not set (undef)
Hi Henrik and Wil,
Is there ANY way that the notifys in the apache::vhost type would
display a different value? Shouldn't $apache::params::priority and
$priority not be the same?
I have a case where on /some/ nodes, $priority (and other parameters
that have defaults from $::apache::params that I omitted here) are
empty (undef). If I access $::apache::params::priority directly, the
correct value is presented.
This code is in use on many nodes, and most don't exhibit the problem.
Any idea what might be the problem here? I've been trying different
things for over an hour, and I'm afraid I'm losing my sanity...
You have an order of evaluation problem primarily. See here for an
explanation of in which order classes and defines are evaluated:
http://puppet-on-the-edge.blogspot.se/2014/04/getting-your-puppet-ducks-in-row.html
The problem is that you have not included the class (and thus not
defined the parameter $::apache::params::priority) at the time
you are instantiating the resource apache::vhost{test: }. If you instead
include the class prior to instantiating the resource it may work better.
(Or organize the thing differently once you read about the order classes
and defines are evaluated.)
Thank you both for helpful tips. I see I need to rethink some stuff :-)
Best regards,
Martijn.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/76e09215-4b09-46cd-bb21-8388e9421b73%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Defined type parameter defaults not set (undef)
On Thursday, December 4, 2014 9:50:56 AM UTC+1, Martijn Grendelman wrote:
Hi Henrik and Wil,
Is there ANY way that the notifys in the apache::vhost type would
display a different value? Shouldn't $apache::params::priority and
$priority not be the same?
I have a case where on /some/ nodes, $priority (and other parameters
that have defaults from $::apache::params that I omitted here) are
empty (undef). If I access $::apache::params::priority directly, the
correct value is presented.
This code is in use on many nodes, and most don't exhibit the problem.
Any idea what might be the problem here? I've been trying different
things for over an hour, and I'm afraid I'm losing my sanity...
You have an order of evaluation problem primarily. See here for an
explanation of in which order classes and defines are evaluated:
http://puppet-on-the-edge.blogspot.se/2014/04/getting-your-puppet-ducks-in-row.html
The problem is that you have not included the class (and thus not
defined the parameter $::apache::params::priority) at the time
you are instantiating the resource apache::vhost{test: }. If you instead
include the class prior to instantiating the resource it may work better.
(Or organize the thing differently once you read about the order classes
and defines are evaluated.)
Thank you both for helpful tips. I see I need to rethink some stuff :-)
Hence the following code in puppetlabs-apache's vhost type:
# The base class must be included first because it is used by parameter
defaults
if ! defined(Class['apache']) {
fail('You must include the apache base class before using any apache
defined resources')
}
I get it now :-)
Thanks again,
Martijn.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/0d0d06d0-7341-4bbd--f22d9a60d334%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Defined type parameter defaults not set (undef)
Hi,
Please consider the following simplified code:
class apache::params {
$priority = 25
}
define apache::vhost (
$priority = $::apache::params::priority
) {
include apache::params
notify { $name prio 1: $apache::params::priority: }
notify { $name prio 2: $priority: }
}
apache::vhost { 'test': }
Is there ANY way that the notifys in the apache::vhost type would display a
different value? Shouldn't $apache::params::priority and $priority not be
the same?
I have a case where on *some* nodes, $priority (and other parameters that
have defaults from $::apache::params that I omitted here) are empty
(undef). If I access $::apache::params::priority directly, the correct
value is presented.
This code is in use on many nodes, and most don't exhibit the problem.
Any idea what might be the problem here? I've been trying different things
for over an hour, and I'm afraid I'm losing my sanity...
Best regards,
Martijn.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/4b344b14-de9b-446c-93e7-110d335f91cd%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Hash iteration order in a template not consistent
Hi,
I did some basic googling, but didn't find an answer yet. I am sorry if
this is a FAQ.
In a manifest for creating an Apache config file, I define a hash like this:
$aliases = {
'/foo/' = '/home/foo/www/',
'/bar/' = '/home/bar/www/',
'/baz/' = '/home/baz/www//'
}
Then, in a template, I have:
% aliases.each_pair do |key, val| -%
Alias %= key % %= val %
% end -%
The result is mostly what I expect, but every once in a while, the order
in which the Aliases are generated from the 'each_pair' loop changes,
resulting in a different file.
The Ruby docs state that hashes enumerate their values in the order that
the corresponding keys were inserted., but is that not true for Puppet
hashes?
I did stumble across this post:
http://serverfault.com/questions/368784/puppet-and-templates-how-to-loop-sequently-and-not-randomly
which suggests to do something like
% aliases.sort_by {|key, value| key}.each_pair do |key, val| -%
% end -%
Will it work? Is that a proper solution?
Thanks!
Martijn Grendelman
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Collecting resources from exporting node
No one? Is my question not clear (TL;DR, perhaps?), or doesn't anyone have
an answer?
Best regards,
Martijn.
On 17-11-11 17:18, Martijn Grendelman wrote:
Hi,
A small addition at the bottom...
I was looking at the basic example for exporting and collecting resources
at http://docs.puppetlabs.com/guides/exported_resources.html :
class ssh {
@@sshkey { $hostname: type = dsa, key = $sshdsakey }
Sshkey | |
}
I quote:
The above code would have every host export its SSH public key, and then
collect every host’s key and install it in the ssh_known_hosts file; this
would include the host doing the exporting.
That last statement seems untrue in my experiments.
I have the following manifest:
# Export a firewall rule, requesting access to DIR/MRC replication ports
@@firewall::rule {xtreemfs-repl-${hostname}:
rule = [
-A firewall-user-app -p tcp -s $primary_ipaddress --dport 35678
-j ACCEPT,
-A firewall-user-app -p tcp -s $primary_ipaddress --dport 35676
-j ACCEPT,
],
}
# Collect all firewall rules from DIR/MRC servers
Firewall::Rule | tag == 'xtreemfs::dir_mrc' |
This class is included on two servers, let's call them serverA and serverB.
On serverA, I do get Firewall::Rule[xtreemfs-repl-serverB], but not
Firewall::Rule[xtreemfs-repl-serverA], and on serverB, it's the other way
around.
When adding the class to a third server, all servers get the
Firewall::Rule from the two others, but never from itself.
So exporting works (confirmed by looking at the database). So does
collecting, only not from the local node. What am I doing wrong?
Most curious...
Best regards,
Martijn Grendelman
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Duplicate definition
On 18-11-11 15:58, Peter Horvath wrote:
Seems i dont understand how get over this.
I have this defined resource type
vhost.pp
define vhost ($docroot = /var/www, $servername =
${hostname}.${domain}, $serveralias = www.${hostname}.${domain},
$inorout = 1) {
file{ 'conf':
So, if you use this define twice, you would end up with two File resources
named 'conf'...
path=
/etc/apache2/sites-available/${servername},
ensure = present,
content =
template('/etc/puppet/modules/apache2/templates/vhost.erb'),
}
file{ 'link':
So, if you use this define twice, you would end up with two File resources
named 'link'...
Etcetera. You have to make sure that your resource names are globally
unique. Why not just do:
file { /etc/apache2/sites-enabled/${servername}: ... }
That would solve most of your problems, but keep on reading...
path= /etc/apache2/sites-enabled/${servername},
ensure = link,
target =
/etc/apache2/sites-available/${servername},
require = File['conf'],
}
file{ ${docroot}:
ensure = directory,
}
If you do this, you have to make sure your $docroot is different for each
vhost.
file{ ${docroot}/${servername}:
ensure = directory,
require = File[${docroot}],
}
file{ ${docroot}/${servername}/html/:
ensure = directory,
require = File[${docroot}/${servername}],
}
file{ 'defrem':
path= '/etc/apache2/sites-enabled/000-default',
ensure = absent,
}
This resource doesn't contain any variable components at all, so this will
always result in a duplicate definition.
To fix this, you have to do what John Bollinger explained: move this
resource outside the defined type. You can either make it virtual and
realize() it here, or you can move it to a dedicated class and include the
class here. Both methods will work, but I think that current best
practices prefer the virual resource over the class inclusion.
file{ 'index':
path= ${docroot}/${servername}/html/index.html,
ensure = present,
content = Welcome to hell of ${servername},
}
service{ 'apache2':
ensure = running,
restart = 'service apache2 reload',
require = [ File['conf'], File['link'],
File[${docroot}/${servername}/html/] ],
subscribe = [ File['conf'], File['defrem'] ],
}
}
and this is my node config
node eurwebtest02 {
include apache2
include apache2::mods
include apache2::pringo
import apache2/vhost.pp
vhost { 'local':
}
vhost { 'test':
servername = test.${domain},
serveralias = www.test.${domain},
inorout = '0',
}
}
I tried to virtualize vhost in vhost.pp with @
and realize them in the node config, but seems i cant get a working
solution to use vhost resource type more than 1.
Can you point me to the right direction? How can i create 100 vhost with
that defined class or something like this
Best regards,
Martijn Grendelman
On 18 November 2011 11:19, Peter Horvath peter.horvat...@gmail.com
mailto:peter.horvat...@gmail.com wrote:
As i figured out the source of my problem was that i used the defined
resource type twice in a manifest.
I didn't know that a defined resource type cannot be used twice in the
same manifest as you can use multiple times a built in one.
hmmm
On 17 November 2011 22:14, jcbollinger john.bollin...@stjude.org
mailto:john.bollin...@stjude.org wrote:
On Nov 17, 1:50 pm, Peter Horvath peter.horvat...@gmail.com
mailto:peter.horvat...@gmail.com wrote:
i know all of this and i did grep before i wrote this email :)
There is no other file[conf]
In that case, the one declaration must be processed twice. It must
appear inside a defined type that you instantiate more than once.
If both definition instances are supposed to declare the same file,
then move the declaration outside the definition, make it virtual, and
have the definition 'realize' it instead of declaring it. If the
definitions are each supposed to delare a different file then you have
a bug in your manifest. With respect to the latter possibility, I
observe that the resource title is not an absolute path. That could
be a sign
[Puppet Users] Exported resources: how to avoid duplicate definitions?
Hi, Is there a way to 'unique-ify' a collection of resources? Suppose that nodes export '@@nagios_hostgroup' resources for hostgroups that they want to be a member of. The Nagios server node collect those: Nagios_hostgroup || But many nodes export the same hostgroups, because the whole point of having hostgroups is, that multiple hosts can be a member :-) So, the collection would lead to duplicate definitions. Is there a way to avoid that? Best regards, Martijn Grendelman -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Collecting resources from exporting node
Hi,
I was looking at the basic example for exporting and collecting resources
at http://docs.puppetlabs.com/guides/exported_resources.html :
class ssh {
@@sshkey { $hostname: type = dsa, key = $sshdsakey }
Sshkey | |
}
I quote:
The above code would have every host export its SSH public key, and then
collect every host’s key and install it in the ssh_known_hosts file; this
would include the host doing the exporting.
That last statement seems untrue in my experiments.
I have the following manifest:
# Export a firewall rule, requesting access to DIR/MRC replication ports
@@firewall::rule {xtreemfs-repl-${hostname}:
rule = [
-A firewall-user-app -p tcp -s $primary_ipaddress --dport 35678
-j ACCEPT,
-A firewall-user-app -p tcp -s $primary_ipaddress --dport 35676
-j ACCEPT,
],
}
# Collect all firewall rules from DIR/MRC servers
Firewall::Rule | tag == 'xtreemfs::dir_mrc' |
This class is included on two servers, let's call them serverA and serverB.
On serverA, I do get Firewall::Rule[xtreemfs-repl-serverB], but not
Firewall::Rule[xtreemfs-repl-serverA], and on serverB, it's the other way
around.
So exporting works (confirmed by looking at the database). So does
collecting, only not from the local node. What am I doing wrong?
Best regards,
Martijn Grendelman
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Collecting resources from exporting node
Hi,
A small addition at the bottom...
I was looking at the basic example for exporting and collecting resources
at http://docs.puppetlabs.com/guides/exported_resources.html :
class ssh {
@@sshkey { $hostname: type = dsa, key = $sshdsakey }
Sshkey | |
}
I quote:
The above code would have every host export its SSH public key, and then
collect every host’s key and install it in the ssh_known_hosts file; this
would include the host doing the exporting.
That last statement seems untrue in my experiments.
I have the following manifest:
# Export a firewall rule, requesting access to DIR/MRC replication ports
@@firewall::rule {xtreemfs-repl-${hostname}:
rule = [
-A firewall-user-app -p tcp -s $primary_ipaddress --dport 35678
-j ACCEPT,
-A firewall-user-app -p tcp -s $primary_ipaddress --dport 35676
-j ACCEPT,
],
}
# Collect all firewall rules from DIR/MRC servers
Firewall::Rule | tag == 'xtreemfs::dir_mrc' |
This class is included on two servers, let's call them serverA and serverB.
On serverA, I do get Firewall::Rule[xtreemfs-repl-serverB], but not
Firewall::Rule[xtreemfs-repl-serverA], and on serverB, it's the other way
around.
When adding the class to a third server, all servers get the
Firewall::Rule from the two others, but never from itself.
So exporting works (confirmed by looking at the database). So does
collecting, only not from the local node. What am I doing wrong?
Most curious...
Best regards,
Martijn Grendelman
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Exported resources: how to avoid duplicate definitions?
On 17-11-11 11:51, Martijn Grendelman wrote:
Hi,
Is there a way to 'unique-ify' a collection of resources?
Suppose that nodes export '@@nagios_hostgroup' resources for hostgroups
that they want to be a member of. The Nagios server node collect those:
Nagios_hostgroup ||
But many nodes export the same hostgroups, because the whole point of
having hostgroups is, that multiple hosts can be a member :-) So, the
collection would lead to duplicate definitions. Is there a way to avoid that?
By Googling a bit, and reading some old stuff from the list, I got the
impression that it might be possible to just collect all those resources
without problems. So I set up a simple test case:
class testexport {
@@file {/tmp/blub:
content = fiep\n,
}
}
class testcollect {
File | tag == testexport |
}
node serverA {
include testexport
}
node serverB {
include testexport
}
node serverC {
include testcollect
}
As expected, on serverC, this leads to the following error:
err: Could not retrieve catalog from remote server: Error 400 on SERVER:
Exported resource File[/tmp/blub] cannot override local resource on node
serverC
Is there a way around this?
Best regards,
Martijn Grendelman
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Could not create RRD file
Hi, On 24 Dec 2010, I wrote to the mailing list about an issue with RRD reports: http://www.mail-archive.com/puppet-users@googlegroups.com/msg17209.html Back then, there was no solution. At the time, we were on Puppet 2.6.3. This week, I moved to Puppet 2.7.6rc3, and the problem is still here: Oct 18 09:02:13 dolly puppet-master[31443]: Report processor failed: Could not create RRD file /var/lib/puppet/rrd/server011.dev.iphion.nl/changes.rrd: you must define at least one Data Source Any idea what I could do to fix this? Best regards, Martijn Grendelman -- iphion B.V. TU/e Innovation Lab 1.15 Horsten 1 - 5612 AX Eindhoven - The Netherlands Tel. +31 40 747 0117 CoC-number: 17194147 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Type reference, Puppet versions
On 14-10-11 20:14, Nigel Kersten wrote: On Fri, Oct 14, 2011 at 11:11 AM, Jacob Helwig ja...@puppetlabs.com mailto:ja...@puppetlabs.com wrote: On Fri, 14 Oct 2011 10:04:19 -0700, Nigel Kersten wrote: On Fri, Oct 14, 2011 at 7:05 AM, Martijn Grendelman mart...@iphion.nl mailto:mart...@iphion.nlwrote: Hi, I have no idea if this has come up before, I didn't bother to check the archives or anything, but I was wondering if it would be possible to have Puppet's documentation reflect the version in which a certain feature was added. For example, I just added a user to my catalog using the 'system' parameter, as per http://docs.puppetlabs.com/references/latest/type.html#user: system Whether the user is a system user with lower UID. Valid values are true, false. And now all my 2.6.3 nodes are complaining: Invalid parameter system at /etc/puppet/manifests/... A little digging into the source revealed to me, that this feature is not present in 2.6.3, but it is in 2.7.5. I have no idea in what version it was introduced. It would be nice if the type reference would contain that information. If you go to the Quick Nav menu, you can get to the docs for other versions: http://docs.puppetlabs.com/references/ Then: http://docs.puppetlabs.com/references/2.6.11/type.html should contain what you need I believe ? I think he wants something more along the lines of the since sections you can create with newer versions of YARD when documenting methods. For for example: http://rubydoc.info/gems/octocat_herder/0.1.1/OctocatHerder/PullRequest#diff_text-instance_method That's pretty sweet. Exactly what I meant! FWIW, I knew where to find the docs for my particular version, but I just have 'latest' in my bookmarks. I did not know about 'puppet describe type', which is pretty nice! Thanks! Best regards, Martijn Grendelman -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Variables syntax
Hi,
I am trying to combine some rules from
http://docs.puppetlabs.com/learning/variables.html:
1. Top scope variables are the same, but their scope is nameless. (For
example: $::top_scope_variable.)
2. To distinguish a ${variable} from the surrounding text, you should wrap
its name in curly braces.
So, to get a fact, I was writing:
${::operatingsystem}
To get a global var from site.pp, I was writing:
${::firewall_etc}
These give me errors like:
Could not parse for environment production: Could not match
${::operatingsystem} at...
Isn't that supposed to work?
Best regards,
Martijn Grendelman
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Type reference, Puppet versions
Hi, I have no idea if this has come up before, I didn't bother to check the archives or anything, but I was wondering if it would be possible to have Puppet's documentation reflect the version in which a certain feature was added. For example, I just added a user to my catalog using the 'system' parameter, as per http://docs.puppetlabs.com/references/latest/type.html#user: system Whether the user is a system user with lower UID. Valid values are true, false. And now all my 2.6.3 nodes are complaining: Invalid parameter system at /etc/puppet/manifests/... A little digging into the source revealed to me, that this feature is not present in 2.6.3, but it is in 2.7.5. I have no idea in what version it was introduced. It would be nice if the type reference would contain that information. Best regards, Martijn Grendelman -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] ssh_authorized_key in 2.7.1 and up
Hi, I am currently testing my catalog, that runs fine with 2.6.3, with Puppet 2.7.4. Now I am running into a problem, and I wonder why this was 'fixed' in Puppet the way it was. Please consider http://projects.puppetlabs.com/issues/7888 In Puppet 2.7.4, there is code [1] that prevents ssh_authorized_key resources to contain whitespace in their names. This is a problem, because I actually have authorized keys with whitespaces in the comments, and these have been added through Puppet without problems. Now, I could just decide to change the name of the keys, but the real problem is, that I cannot use Puppet 2.7.4 to /remove/ the old key names, due to the 'fix' above. That is rather inconvenient. Besides, is there any REAL reason why a key comment (and the resource name with it) can't contain any whitespace? I know that one should be careful how to specify the resource to prevent it being added repeatedly on every catalog run, but apart from that? I have never had any problems with it. If whitespace is permitted from OpenSSH's point of view, shouldn't Puppet allow it too, and fix problems like this the right way? Or am I missing something? Best regards, Martijn Grendelman [1] http://projects.puppetlabs.com/projects/puppet/repository/revisions/1c7f0c3530846d9935bbc13cda33430cf5632975 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] ssh_authorized_key in 2.7.1 and up
On 29-09-11 14:03, Jonathan Stanton wrote: On Sep 29, 2011, at 7:35 AM, Martijn Grendelman wrote: Hi, I am currently testing my catalog, that runs fine with 2.6.3, with Puppet 2.7.4. Now I am running into a problem, and I wonder why this was 'fixed' in Puppet the way it was. Please consider http://projects.puppetlabs.com/issues/7888 In Puppet 2.7.4, there is code [1] that prevents ssh_authorized_key resources to contain whitespace in their names. This is a problem, because I actually have authorized keys with whitespaces in the comments, and these have been added through Puppet without problems. I also have numerous keys with whitespace in the comments and given that this is valid for SSH, I would agree it should work with Puppet. Besides, is there any REAL reason why a key comment (and the resource name with it) can't contain any whitespace? I know that one should be careful how to specify the resource to prevent it being added repeatedly on every catalog run, but apart from that? I have never had any problems with it. The fix for Issue 7888 doesn't require that the 'name' field not have whitespace, only that the 'key' field not have whitespace, so fixing that bug and allowing whitespace in comments seem compatible. I would suggest opening a bug report that the fix to 7888 was overzealous and they should revert the first part of that patch to allow whitespace in the name field. http://projects.puppetlabs.com/issues/9796 If whitespace is permitted from OpenSSH's point of view, shouldn't Puppet allow it too, and fix problems like this the right way? Or am I missing something? +1. Best regards, Martijn Grendelman -- iphion B.V. TU/e Innovation Lab 1.15 Horsten 1 - 5612 AX Eindhoven - The Netherlands Tel. +31 40 747 0117 CoC-number: 17194147 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Bind9 Ubuntu Lucid
Hi,
I have this:
service { bind9:
ensure = running,
hasrestart = true,
pattern = named,
require = Package[bind9],
}
because the process is called 'named'.
Best regards,
Martijn Grendelman
On 31-08-11 22:56, Russell Van Tassell wrote:
Just a couple odd questions... does the status return 0 or 1 when bind is
running? If the process table is used, would you need a name parameter
to differentiate the name versus the process name? And, what version of
puppet? You might need a hasstatus in there, as well?
Ref: http://docs.puppetlabs.com/references/stable/type.html#service
On Wed, Aug 31, 2011 at 1:43 PM, Craig White craig.wh...@ttiltd.com
mailto:craig.wh...@ttiltd.com wrote:
Seems that every cycle, puppet thinks that bind9 service is stopped
and wants to restart...
info: Applying configuration version '1314822598'
notice: /Stage[main]/Bind::Service/Service[bind9]/ensure: ensure
changed 'stopped' to 'running'
notice: Finished catalog run in 3.70 seconds
But it's running and from the logs, puppet doesn't appear to have any
impact at all (bind9 was running, continues to run and is not
restarted by the puppet cycle).
# /etc/init.d/bind9 status
* bind9 is running
# update-rc.d -n bind9 defaults
System start/stop links for /etc/init.d/bind9 already exist.
# ps aux | grep `cat /var/run/named/named.pid`|grep -v grep
bind 21856 0.0 0.2 326644 39664 ?Ssl Aug26 0:17
/usr/sbin/named -u bind
Extremely simple class...
class bind::service {
service { bind9:
ensure = running,
require = Class[bind::install],
}
}
???
--
Craig White ~
craig.wh...@ttiltd.com mailto:craig.wh...@ttiltd.com
1.800.869.6908
tel:1.800.869.6908 ~~
www.ttiassessments.com http://www.ttiassessments.com
Need help communicating between generations at work to achieve your
desired success? Let us help!
--
You received this message because you are subscribed to the Google
Groups Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
mailto:puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
mailto:puppet-users%2bunsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Puppet 2.7.1, variable scoping, best practices
On 02-08-11 17:18, Peter Meier wrote: On 08/02/2011 04:20 AM, Aaron Grewell wrote: I recommend taking a look at R I Pienaar's alternative extlookup implementation. It supports YAML in addition to csv which allows for the full range of available variable types to be pulled in from external sources. I've combined this with a YAML-based ENC to put all variables for a single node into one YAML file. It's working well for me. but then, you should better directly go with hiera. I'm currently checking my mileage with Hiera... Thanks for all your input! Best regards, Martijn Grendelman -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Puppet 2.7.1, variable scoping, best practices
what definition of the variable you're going to get. That's not such a big deal, though, and it could even be considered an advantage -- the external variables a class uses can be considered de facto parameters for it. 2) Classes can be included multiple times, by more than one path, and there is no guarantee that the values they see for unqualified external variable names will be the same at each inclusion. This can result in unintended behavior, but the problem is not so much that dynamic scoping is inherently bad, but rather that it facilitates poor manifest design. Parameterized classes address problem (1) by formalizing class parameterization, and they address problem (2) by making it illegal to include a parameterized class more than once (even with the same parameters). One of my main objections to parameterized classes is that the latter is too far-reaching and constraining. Further, it states: If you need to apply resource defaults more broadly, you can still set them at top scope in your primary site manifest. If you need the resource defaults in a class to change depending on where the class is being declared, you need parameterized classes. And we're back at parameterized classes. And what does 'top scope' mean exactly? I assume that would be in 'site.pp', outside any class or node definition? Outside any class or node definition and inside site.pp or any manifest 'import'ed by it is certainly top-level. Surely someone else around here knows offhand whether anywhere else, such as inside node definitions, is also top-level. Or you can test: the fully-qualified name of a top-level variable $somevar is $::somevar. To make a long question short: what is the recommended way to override values for certain nodes or groups of nodes (by inheritance)? And I'd /really/ prefer to do that without having to pass on each and every value as a parameter to the next included class... Things to consider: 1) I personally recommend avoiding deep node inheritance hierarchies. In fact, I recommend no more than two levels to your node inheritance tree. This may or may not help with your present problem. We have three levels: a basenode in which we set defaults, a level for 'internal' and 'external' servers, since that is the biggest distinction in our server park, and every node definition inherits either 'internal' or 'external'. 2) As I mentioned above, you may be able to just change to fully- qualified variable names. That would be quick and relatively painless. Yes. But it doesn't work ;-) 3) There is another built-in alternative to dynamically-scoped variables: the extlookup() function. Using extlookup() to retrieve data for your resources can allow you to minimize the number of parameters you need to pass, or even to avoid class parameterization altogether. I think this is a great way to go, but Puppetlabs's style guide disfavors it. The big question here is: would that be future-proof?? Best regards, Martijn Grendelman -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] puppet not installing relevant library files
On 26-07-11 06:57, KarthiKeyan. Kesavan wrote: Hi, I tried to exec dpkg cmd to install the deb file in my puppet debian client . I am getting error due to related library files. Please suggest me how to automate the same. Dpkg is not meant to resolve those dependencies for you, it just does what you tell it to: install a single deb package. APT is made for what you want. Due to security reasons i cant enable repo urls in my /etc/apt sources-list file. You could install the dependencies with 'package' resources, and have the dpkg-exec depend on those. Best regards, Martijn Grendelman -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Puppet 2.7.1, variable scoping, best practices
Hi,
Having installed Puppet 2.7.1 on my testserver yesterday, I am now bugged
by log messages, that tell me not to use dynamic variable lookups:
Jun 29 13:31:09 os1 puppet-master[31910]: Dynamic lookup of
$ssh_permitrootlogin at /etc/puppet/templates/etc/ssh/sshd_config.erb:28
is deprecated. Support will be removed in Puppet 2.8. Use a
fully-qualified variable name (e.g., $classname::variable) or
parameterized classes.
Now, I have been reading up on variable scoping and trying to figure out
how to rewrite my manifests to embrace best practices, but I am confused
on how to proceed, and I can't really find any working examples, so I turn
here for help.
My current setup is something like this:
node basenode {
$somevar = defaultvalue
$someothervar = anotherdefault
}
node internal inherits basenode {
$someothervar = internaloverride
}
node external inherits basenode {
}
node myinternalserver inherits internal {
$somevar = nodeoverride
include generic
}
node someexternalserver inherits external {
include generic
}
...another 40 node definitions, inheriting either internal or external...
class generic {
include someclass
include somemodule::anotherclass
...
include a whole bunch of other classes that every node needs
}
In any class or module I use $somevar and $someothervar as I please, and I
understand that this a) is not a recommended practice and b) will stop
working in Puppet 2.8.
So, what should I do?
Switching to parameterized classes sounds nice, but that would mean that
the 'generic' class would have to get /every/ variable I use as a
parameter and pass it on to subsequent classes where needed. That sounds
incredibly clumsy to me.
In http://docs.puppetlabs.com/guides/scope_and_puppet.html I read:
If you’re using dynamic scope to share resource defaults, there’s no
way around it: you’ll have to repeat yourself in each file that the
defaults apply to.
Is this what's biting me here? Well, this sounds like something I can live
with, after all: it's not the default values I care about, it's the
overriding values.
Further, it states:
If you need to apply resource defaults more broadly, you can still set
them at top scope in your primary site manifest. If you need the resource
defaults in a class to change depending on where the class is being
declared, you need parameterized classes.
And we're back at parameterized classes. And what does 'top scope' mean
exactly? I assume that would be in 'site.pp', outside any class or node
definition?
To make a long question short: what is the recommended way to override
values for certain nodes or groups of nodes (by inheritance)? And I'd
/really/ prefer to do that without having to pass on each and every value
as a parameter to the next included class...
Best regards,
Martijn.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] using memorysize fact in manifests
On 30-06-11 11:20, Matthias Saou wrote:
Andreas Kuntzagk andreas.kuntz...@mdc-berlin.de wrote:
I want some config depending on memorysize.
What I tried was
if ($memorysize = 256 * 1024*1024) {
...
}
But this fails because $memorysize is a string (and contains a G)
and can't be compared to an int.
Are all facts strings? How do I work with numbers?
Typical problem. Not to mention that you happen to have G but that
could very easily be M. Here's my workaround for that, which I use
for calculations to then set some sysctl.conf values accordingly :
# This is ugly, but very useful to get a standard kiB total RAM
# to base further calculations upon. Note that we get a string
$mem = inline_template(%
mem,unit = scope.lookupvar('::memorysize').split
mem = mem.to_f
# Normalize mem to KiB
case unit
when nil: mem *= (10)
when 'kB': mem *= (110)
when 'MB': mem *= (120)
when 'GB': mem *= (130)
when 'TB': mem *= (140)
end
%%= mem.to_i %)
I use a custom fact, that returns the amount of system memory in
megabytes. This is, however, Linux-only, since it uses /proc/meminfo:
$ cat modules/common/lib/facter/memorysize_mb.rb
require 'facter'
Facter.add(memorysize_mb) do
confine :kernel = :Linux
ram = 0
# Steal linux's meminfo
File.open( /proc/meminfo , 'r' ) do |f|
f.grep( /^MemTotal:/ ) { |mem|
ram = mem.split( / +/ )[1].to_i / 1024
}
end
setcode do
ram
end
end
Here's an example of how I then use it :
# kernel.shmmax
if $shmmax {
$shmmax_final = $shmmax
} else {
if $oracle {
# For non-shm half the RAM for = 4G, 2G otherwise
if $mem = 4294967296 {
$shmmax_final = $mem / 2
} else {
$shmmax_final = $mem - 2147483648
}
} else {
$shmmax_final = $mem
}
}
Best regards,
Martijn Grendelman
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet managed hosts in multiple nagios hostgroups
On 08-06-11 16:29, Chris Phillips wrote:
updated, and hopefully finished:
Facter.add(:bp_nagios_hostgroups) do
setcode do
if FileTest.exists?(/var/lib/puppet/classes.txt)
bp_nagios_hostgroups =
File.open(/var/lib/puppet/classes.txt) { |file|
file.each { |line|
if line =~ /^(.+)::nagios-client/
bp_nagios_hostgroups $1 +
end
}
}
next bp_nagios_hostgroups if bp_nagios_hostgroups
end
nil
end
end
So, if I understand correctly, you have Nagios hostgroups named exactly
like the Puppet modules, and in the module, you define an empty class
called 'modulename::nagios-client' to do the magic.
Clever, I didn't think of that.
One note: in the code above, you use /var/lib/puppet/classes.txt, but I
think that should be /var/lib/puppet/state/classes.txt, as you correctely
stated in your first mail.
Question: does this solve the 2-run problem on the client? In other words:
during a puppet run, is 'classes.txt' updated before the facts are expanded?
Will explain my setup in a separate mail.
Best regards,
Martijn.
On 8 June 2011 15:18, Chris Phillips ch...@untrepid.com
mailto:ch...@untrepid.com wrote:
Actually, I think I see what you mean here, I have a custom fact mid
write which looks like this:
Facter.add(:nagios_hostgroups) do
setcode do
if FileTest.exists?(/var/lib/puppet/classes.txt)
nagios_hostgroups =
File.open(/var/lib/puppet/classes.txt) { |file|
file.each { |line|
if line =~ /(\S+)::nagios_client/
nagios_hostgroups $1 +
end
}
}
next nagios_hostgroups if nagios_hostgroups
end
nil
end
end
So once finished this fact will return a list of all class names which
are included with the nagios_client namespace. So there's actually
hopefully nothing else to do at all here, no temp files or anything,
it just requires a naming convention in the modules to be followed.
On 8 June 2011 15:00, Brian Gallew g...@gallew.org
mailto:g...@gallew.org wrote:
I solved this in a similar manner. I wrote a custom fact (which
essentially returned /var/lib/puppet/state/classes.txt) and then a
custom function that generated a list of hostgroups based on that.
On Wed, Jun 8, 2011 at 6:47 AM, Chris Phillips ch...@untrepid.com
mailto:ch...@untrepid.com wrote:
On 8 June 2011 13:30, Martijn Grendelman mart...@iphion.nl
mailto:mart...@iphion.nl wrote:
Hi,
i want to archive the following:
i define an exported ressource for HostX to be monitored
in nagios:
@@nagios_host { $fqdn:
ensure = present,
alias = $hostname,
address= $ipadress,
use= generic-host,
hostgroups = ubuntu,
target = $icingahostfile,
}
That fine and works as expected and HostX is in
hostgroup ubuntu.
HostX has included a class ssh which installs the ssh
services and
configures them. Inside this class i want to define that
HostX is also in
hostgroup ssh-server.
And another class, which puts the node in another
environment = there i
want to define, that HostX is in hostgroup
testing-server and so on.
How do i archive that? How must the definition inside
all these classes
look like?
That's a lot more difficult than you might expect.
I recently solved it, by collecting all the necessary
hostgroups for a
host in a file using 'concat', and creating a custom fact
(hostgroups)
that joins all the lines in the hostgroups-file together,
for use with
nagios_host's hostgroups parameter.
The biggest drawback is that it takes two puppet runs on
the target (first
one for populating the hostgroups-file, so that the custom
fact is set
properly on the second run) before the nagios server can
collect
Re: [Puppet Users] extending puppet without hacking puppet
On 09-05-11 14:29, Jeff wrote:
Is it possible to extend 'package' without actually hacking the puppet
code. I'd like to do this:
package { httpd:
name= httpd,
ensure = present,
check = newer,
}
My goal is this. For every package I have in puppet, I'd like to check
to see if I have a newer version in the repository than I have on the
server. If that's the case I'd like to record that. (Probably in a log
file). This will allow me to produce a report of packages that need
upgraded. I can't just ensure = latest because it violates our
change procedure.
You could define a type, that wraps Package and uses an Exec to do
whatever you want.
Best regards,
Martijn.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: What to do if something is not required on the clients?
On 15-04-11 10:20, Sans wrote: Thanks Patrick! Where can I get the list of attributes and their predefined values? Cheers!! The type reference: http://docs.puppetlabs.com/references/latest/type.html On Apr 15, 9:12 am, Patrick kc7...@gmail.com wrote: For the package example, I'd try ensure = absent. I think I remember that works. For the httpd example, I'd try just ensuring that the httpd package isn't installed. Regards, Martijn. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] could not find class
On 14-03-11 22:31, Brandon Metcalf wrote:
I'm using the module https://github.com/sansnoc/puppet/tree/master/users
but running into a problem where puppet can't find a class. In /etc/
puppet/manifests/nodes.pp I have
node basenode {
include hosts
include groups::namidev
include users::people
include users::namidev
}
node 'util1.foo.com' inherits basenode {
}
In /etc/puppet/modules/users/manifests/init.pp I have
class groups::namidev {
@group { namidev: ensure = present, gid = 2001, }
}
class users::namidev {
Useraccount | pgroup == namidev |
}
users::namidev is located fine, but not groups::namidev. What am I
doing wrong?
Your module is called 'users', so the classes in it should be named
users::something to be found by the autoloading mechanism. groups::namidev
doesn't work, it would only be found in a module named 'groups'.
Best regards,
Martijn.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] schedule is a metaparam; this value will inherit to all contained resources ?
Hi,
I have a type named apt::package, that installs packages on Debian base
systems. By default, it sets the schedule to something I defined, to
prevent package updates from happening outside maintenance hours.
Now, in a specific class, I do this:
# This is normally a manual puppet run, so ignore the maintenance window
Apt::Package {
schedule = common::schedule::always,
}
This results in the following text being written to the log:
puppet-master[30601]: schedule is a metaparam; this value will inherit to
all contained resources
This message doesn't give many results in Google, so I wonder:
What exactly does that mean?
Does it do something unexpected (I expect the default to apply to any
apt::package defined in that specific class, and nothing else)?
Why is it necessary to log this, if nothing is wrong?
Best regards,
Martijn.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Why is it so hard to make a sane nagios server config?
Hi Nick, I've tried to achieve my overall goals with several different features of Puppet, but I've hit a bit of a wall here. I think it's time for me to explain what I'm trying to accomplish: I want the enabling of a service in my manifests to configure the monitoring of that service by a nagios server, without needless repetition. Let me explain how my non-automated nagios3 server is configured: Each service is declared once per type (or type+role, but there are very few types distinguished by role, so we'll ignore that for now). Services are members of hostgroups and servicegroups, and hosts join hostgroups in order to activate monitoring. Servicegroups are mostly used for sorting in the Web UI. Now let's look at how Puppet wants to configure Nagios: Each host exports a unique service for each of the checks it should be subject to. Holy cow! So if I have 25 checks per machine, and a thousand nodes, that's 25,000 entries! We're talking about a nagios_services.cfg measured in the tens of *megabytes*! I'm a little stunned by this pattern. I had created a system whereby nodes exported concat::fragments expressing desired membership in a hostgroup, and defines that created services, hostgroups, and servicegroups only if they hadn't already been made. All this ground to a halt and with only 50 test nodes the compilation of the nagios server's catalog took 3 minutes on a reasonably spec'd machine. I have to assume that the AST's mass of defines-of-defines was partly to blame. I'd like to make it as simple as possible for my module writers: Just use the nagios::nrpe_check define. That'll make the nrpe config locally and export everything needed to ensure this host is checked for your module's behaviors! Forcing them to make a service check *here* and a hostgroup *there* and don't forget to add the hostgroup to the node that used the class *there*… well it just opens up too many opportunities for human fallibility. So what are my options here? I don't want to probe the hosts to determine what should be monitored, because the whole *point* of monitoring is to alert you when your live system state isn't what you asked for. I also worry that this Cartesian product of everything by everyone will not scale acceptably into the future. Fingers crossed that I'm just being dense and missed something big! I'm afraid not. Most of this past week I spent building my Puppet-induced Nagios configuration, and after exploring my options, I decided that the hostgroup-based configuration you describe is the only sensible way. I did exactly what you did: use exported concat-fragments to collect the hostgroups on the puppetmaster and then use generate() to provision the hostgroups parameter of the nagios_host. Catalog runs on the Nagios servers typically take less than a minute to run, but I only have about 50 hosts defined so far. I hope that this scheme will be sustainable. The biggest downside of my system so far, is the fact that, in a worst-case scenario, it takes 90 minutes for a configuration change to propagate to Nagios. Regards, Martijn. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Could not evaluate: undefined method `sort' for :absent:Symbol
Hi, Yesterday I implemented a module for managing Nagios configurations. It has turned out to be quite a complex beast, but in my test environment, it seemed to do everything it should. Now, in production, managing some 30 hosts, I get the following on the node that is both Puppetmaster and Nagios server: Thu Mar 10 12:13:14 +0100 2011 /Stage[main]/Nagios::Server/Nagios_host[server017] (err): Could not evaluate: undefined method `sort' for :absent:Symbol Thu Mar 10 12:13:14 +0100 2011 /Stage[main]/Nagios::Target/Nagios_host[offman01] (err): Could not evaluate: undefined method `sort' for :absent:Symbol Thu Mar 10 12:13:14 +0100 2011 /Stage[main]/Nagios::Server/Nagios_host[server000-vpn] (err): Could not evaluate: undefined method `sort' for :absent:Symbol It does this for all nodes. Unfortunately, I have no idea what that means or where to start looking. Google doesn't give any results when searching for this error. The strange thing that I notice is, that for any 'normal' node, it gives the error as a result of the Nagios::Server class (which is only included on the Nagios server i.e. 'this' node, and collects the Nagios_host resources), but for the node itself (offman01, the middle line in the excerpt above), the error is reported for the Nagios::Target class (which is included on all monitored nodes, including the Nagios server itself, which exports the @@nagios_host definitions). I am not sure what more information to give you, so if anyone has ANY idea, please let me know. Best regards, Martijn. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Could not evaluate: undefined method `sort' for :absent:Symbol
On 10-03-11 12:49, Martijn Grendelman wrote:
Hi,
Yesterday I implemented a module for managing Nagios configurations. It
has turned out to be quite a complex beast, but in my test environment, it
seemed to do everything it should.
Now, in production, managing some 30 hosts, I get the following on the
node that is both Puppetmaster and Nagios server:
Thu Mar 10 12:13:14 +0100 2011
/Stage[main]/Nagios::Server/Nagios_host[server017] (err): Could not
evaluate: undefined method `sort' for :absent:Symbol
Thu Mar 10 12:13:14 +0100 2011
/Stage[main]/Nagios::Target/Nagios_host[offman01] (err): Could not evaluate:
undefined method `sort' for :absent:Symbol
Thu Mar 10 12:13:14 +0100 2011
/Stage[main]/Nagios::Server/Nagios_host[server000-vpn] (err): Could not
evaluate: undefined method `sort' for :absent:Symbol
It does this for all nodes. Unfortunately, I have no idea what that means
or where to start looking. Google doesn't give any results when searching
for this error.
The strange thing that I notice is, that for any 'normal' node, it gives
the error as a result of the Nagios::Server class (which is only included
on the Nagios server i.e. 'this' node, and collects the Nagios_host
resources), but for the node itself (offman01, the middle line in the
excerpt above), the error is reported for the Nagios::Target class (which
is included on all monitored nodes, including the Nagios server itself,
which exports the @@nagios_host definitions).
I am not sure what more information to give you, so if anyone has ANY
idea, please let me know.
Some more information:
The nagios::target class has this:
class nagios::target {
include nagios::common
@@nagios_host { $hostname:
use = generic-host,
address = $fqdn,
alias = $hostname,
ensure = present,
target = $nagios::common::nagios_conf_test/host-$hostname.cfg,
}
$hostgroups_parameter = generate (some command)
if $hostgroups_parameter != {
Nagios_host[$hostname] {
hostgroups = $hostgroups_parameter,
}
}
}
Now, if I comment out the last 'if' with everything inside, the error
gradually disappers, with gradually meaning, that for each node that did a
catalog run /before/ the Nagios server node, the error is gone.
I have verified that 'some command' actually generates valid information,
and it does so for all hosts, or so it seems.
Hm, just wondering right now: could it be because there are no quotes
around $hostgroups_parameter after 'hostgroups = ' ?
Best regards,
Martijn.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Could not evaluate: undefined method `sort' for :absent:Symbol
Hi,
On 10-03-11 13:46, Martijn Grendelman wrote:
Yesterday I implemented a module for managing Nagios configurations. It
has turned out to be quite a complex beast, but in my test environment, it
seemed to do everything it should.
Now, in production, managing some 30 hosts, I get the following on the
node that is both Puppetmaster and Nagios server:
Thu Mar 10 12:13:14 +0100 2011
/Stage[main]/Nagios::Server/Nagios_host[server017] (err): Could not
evaluate: undefined method `sort' for :absent:Symbol
Thu Mar 10 12:13:14 +0100 2011
/Stage[main]/Nagios::Target/Nagios_host[offman01] (err): Could not
evaluate: undefined method `sort' for :absent:Symbol
Thu Mar 10 12:13:14 +0100 2011
/Stage[main]/Nagios::Server/Nagios_host[server000-vpn] (err): Could not
evaluate: undefined method `sort' for :absent:Symbol
It does this for all nodes. Unfortunately, I have no idea what that means
or where to start looking. Google doesn't give any results when searching
for this error.
The strange thing that I notice is, that for any 'normal' node, it gives
the error as a result of the Nagios::Server class (which is only included
on the Nagios server i.e. 'this' node, and collects the Nagios_host
resources), but for the node itself (offman01, the middle line in the
excerpt above), the error is reported for the Nagios::Target class (which
is included on all monitored nodes, including the Nagios server itself,
which exports the @@nagios_host definitions).
I am not sure what more information to give you, so if anyone has ANY
idea, please let me know.
Some more information:
The nagios::target class has this:
class nagios::target {
include nagios::common
@@nagios_host { $hostname:
use = generic-host,
address = $fqdn,
alias = $hostname,
ensure = present,
target = $nagios::common::nagios_conf_test/host-$hostname.cfg,
}
$hostgroups_parameter = generate (some command)
if $hostgroups_parameter != {
Nagios_host[$hostname] {
hostgroups = $hostgroups_parameter,
}
}
}
Now, if I comment out the last 'if' with everything inside, the error
gradually disappers, with gradually meaning, that for each node that did a
catalog run /before/ the Nagios server node, the error is gone.
I have verified that 'some command' actually generates valid information,
and it does so for all hosts, or so it seems.
Hm, just wondering right now: could it be because there are no quotes
around $hostgroups_parameter after 'hostgroups = ' ?
No, that's not it, the error is back, even with quotes.
Pointers still very much appreciated!!
Best regards,
Martijn.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Could not evaluate: undefined method `sort' for :absent:Symbol
Hi,
Yesterday I implemented a module for managing Nagios configurations. It
has turned out to be quite a complex beast, but in my test environment, it
seemed to do everything it should.
Now, in production, managing some 30 hosts, I get the following on the
node that is both Puppetmaster and Nagios server:
Thu Mar 10 12:13:14 +0100 2011
/Stage[main]/Nagios::Server/Nagios_host[server017] (err): Could not
evaluate: undefined method `sort' for :absent:Symbol
Thu Mar 10 12:13:14 +0100 2011
/Stage[main]/Nagios::Target/Nagios_host[offman01] (err): Could not
evaluate: undefined method `sort' for :absent:Symbol
Thu Mar 10 12:13:14 +0100 2011
/Stage[main]/Nagios::Server/Nagios_host[server000-vpn] (err): Could not
evaluate: undefined method `sort' for :absent:Symbol
It does this for all nodes. Unfortunately, I have no idea what that means
or where to start looking. Google doesn't give any results when searching
for this error.
The strange thing that I notice is, that for any 'normal' node, it gives
the error as a result of the Nagios::Server class (which is only included
on the Nagios server i.e. 'this' node, and collects the Nagios_host
resources), but for the node itself (offman01, the middle line in the
excerpt above), the error is reported for the Nagios::Target class (which
is included on all monitored nodes, including the Nagios server itself,
which exports the @@nagios_host definitions).
I am not sure what more information to give you, so if anyone has ANY
idea, please let me know.
Some more information:
The nagios::target class has this:
class nagios::target {
include nagios::common
@@nagios_host { $hostname:
use = generic-host,
address = $fqdn,
alias = $hostname,
ensure = present,
target = $nagios::common::nagios_conf_test/host-$hostname.cfg,
}
$hostgroups_parameter = generate (some command)
if $hostgroups_parameter != {
Nagios_host[$hostname] {
hostgroups = $hostgroups_parameter,
}
}
}
I now changed it to:
$hostgroups_parameter = generate (some command)
@@nagios_host { $hostname:
use = generic-host,
address = $fqdn,
alias = $hostname,
ensure = present,
target = $nagios::common::nagios_conf_test/host-$hostname.cfg,
hostgroups = $hostgroups_parameter ? {
= undef,
default = $hostgroups_parameter,
},
}
but the error remains.
Pointers still very much appreciated!!
Best regards,
Martijn.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Could not evaluate: undefined method `sort' for :absent:Symbol
On 10-03-11 14:39, Martijn Grendelman wrote: but the error remains. Pointers still very much appreciated!! I am very sorry for the noise. The error was the result of a patch that I recently added to my Puppetmaster, to allow Nagios_* parameters to be specified as arrays. Stupid. Best regards, Martijn. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Storeconfigs: facts not updated
Hi, I run the Puppetmaster with storeconfigs = true thin_storeconfigs = true dbadapter = mysql So far, this has been working perfectly, but today I noticed something odd. Yesterday, I upgraded one of my nodes from Ubuntu Jaunty to Lucid, but the facts from this node aren't updated in the database. For example, the database still said (and notice the timestamps, they are current!): 2011-03-04 11:39:05 kernelrelease 2.6.28-17-server 2011-03-04 11:39:05 lsbdistcodename jaunty 2011-03-04 11:39:05 lsbdistdescription Ubuntu 9.04 While 'facter' on the machine itself correctly reports: kernelrelease = 2.6.32-29-generic-pae lsbdistcodename = lucid lsbdistdescription = Ubuntu 10.04.2 LTS Then I thought I'd just remove all the facts from the database, to have Puppet refresh them, so I did delete FROM `fact_values` where host_id=27. On the next Puppet run, I got: err: Could not retrieve catalog from remote server: Error 400 on SERVER: No matching value for selector param 'undef' at /etc/puppet/manifests/site.pp:37 on node abcxyz. This error refers to a selector that uses the fact $operatingsystem, which now appears to be 'undef'. Now, if I completely disable storeconfigs on the master, a Puppet run succeeds like ever before, but as soon as storeconfigs is re-enabled, the 'undef' error returns. What could be the cause of this? One thing possibly worth mentioning: this node runs the Puppetmaster. No idea if that makes a difference. Everything is version 2.6.3. Regards, Martijn. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Storeconfigs: facts not updated
After completely deleting the node from the database's 'host' table and resources that referenced its host_id, a following catalog run refreshed the database, adding all facts with their current values... Best regards, Martijn. On 04-03-11 12:43, Martijn Grendelman wrote: Hi, I run the Puppetmaster with storeconfigs = true thin_storeconfigs = true dbadapter = mysql So far, this has been working perfectly, but today I noticed something odd. Yesterday, I upgraded one of my nodes from Ubuntu Jaunty to Lucid, but the facts from this node aren't updated in the database. For example, the database still said (and notice the timestamps, they are current!): 2011-03-04 11:39:05 kernelrelease 2.6.28-17-server 2011-03-04 11:39:05 lsbdistcodename jaunty 2011-03-04 11:39:05 lsbdistdescriptionUbuntu 9.04 While 'facter' on the machine itself correctly reports: kernelrelease = 2.6.32-29-generic-pae lsbdistcodename = lucid lsbdistdescription = Ubuntu 10.04.2 LTS Then I thought I'd just remove all the facts from the database, to have Puppet refresh them, so I did delete FROM `fact_values` where host_id=27. On the next Puppet run, I got: err: Could not retrieve catalog from remote server: Error 400 on SERVER: No matching value for selector param 'undef' at /etc/puppet/manifests/site.pp:37 on node abcxyz. This error refers to a selector that uses the fact $operatingsystem, which now appears to be 'undef'. Now, if I completely disable storeconfigs on the master, a Puppet run succeeds like ever before, but as soon as storeconfigs is re-enabled, the 'undef' error returns. What could be the cause of this? One thing possibly worth mentioning: this node runs the Puppetmaster. No idea if that makes a difference. Everything is version 2.6.3. Regards, Martijn. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Nagios configuration arrays
Hi, A question for the devs. Will this: http://projects.puppetlabs.com/issues/4020 make it into a release any time soon? Best regards, Martijn. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Nagios configuration arrays
On 02-03-11 14:49, Brian Gallew wrote:
Sadly, signs point to no.
Too bad. But since I run a patched Puppetmaster anyway, I can do what I
want :-)
Unfortunately, it doesn't solve my problem.
I am trying to do the same thing as Gabriel Filion in this post:
http://groups.google.com/group/puppet-users/browse_thread/thread/276e6e694520224d
So, I have a nagios-target class, that defines a virtual resource:
@@nagios_host { $hostname:
use = generic-host,
address = $fqdn,
alias = $hostname,
ensure = present,
hostgroups = [],
}
and I would like to do something along the lines of this: in a different
class (not a subclass of nagios-target), for example in the class that
configures the MTA:
Nagios_host [$hostname] {
hostgroups + mail-satellite-servers,
}
which results in this error:
Only subclasses can override parameters at ...
which sounds logical, but...
Is there any way to do what I want? I can't really think of anything,
since (variable) scoping will always be in my way, as far as I can see...
Best regards,
Martijn.
On Wed, Mar 2, 2011 at 5:15 AM, Martijn Grendelman mart...@iphion.nl
mailto:mart...@iphion.nl wrote:
Hi,
A question for the devs. Will this:
http://projects.puppetlabs.com/issues/4020
make it into a release any time soon?
Best regards,
Martijn.
--
You received this message because you are subscribed to the Google
Groups Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
mailto:puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
mailto:puppet-users%2bunsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Class inheritance (was Re: Nagios configuration arrays)
Hi,
After some reading and experimenting, I thought I had found the solution
to the problem below in class inheritance, but again... I'm stuck.
As said, I have class nagios-target, defined as listed below.
I now have this:
class mta inherits nagios-target {
Nagios_host [$hostname] {
hostgroups + mail-satellite-servers,
}
}
This works; I get a Nagios host definition with the expected 'hostgroups'
setting.
Now I add a second class:
class snmp inherits nagios-target {
Nagios_host [$hostname] {
hostgroups + snmp-servers,
}
}
but now I get:
Error 400 on SERVER: Parameter 'hostgroups' is already set on
Nagios_host[martijn] at /etc/puppet/manifests/classes/mta.pp:43; cannot
redefine at /etc/puppet/manifests/classes/snmp.pp:4 on node martijn.
What part of overriding parameters and the '+' operator am I missing here?
Best regards,
Martijn.
On 02-03-11 15:55, Martijn Grendelman wrote:
On 02-03-11 14:49, Brian Gallew wrote:
Sadly, signs point to no.
Too bad. But since I run a patched Puppetmaster anyway, I can do what I
want :-)
Unfortunately, it doesn't solve my problem.
I am trying to do the same thing as Gabriel Filion in this post:
http://groups.google.com/group/puppet-users/browse_thread/thread/276e6e694520224d
So, I have a nagios-target class, that defines a virtual resource:
@@nagios_host { $hostname:
use = generic-host,
address = $fqdn,
alias = $hostname,
ensure = present,
hostgroups = [],
}
and I would like to do something along the lines of this: in a different
class (not a subclass of nagios-target), for example in the class that
configures the MTA:
Nagios_host [$hostname] {
hostgroups + mail-satellite-servers,
}
which results in this error:
Only subclasses can override parameters at ...
which sounds logical, but...
Is there any way to do what I want? I can't really think of anything,
since (variable) scoping will always be in my way, as far as I can see...
Best regards,
Martijn.
On Wed, Mar 2, 2011 at 5:15 AM, Martijn Grendelman mart...@iphion.nl
mailto:mart...@iphion.nl wrote:
Hi,
A question for the devs. Will this:
http://projects.puppetlabs.com/issues/4020
make it into a release any time soon?
Best regards,
Martijn.
--
You received this message because you are subscribed to the Google
Groups Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
mailto:puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
mailto:puppet-users%2bunsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Nagios configuration arrays
On 03-03-11 08:04, Gabriel Filion wrote: On 11-03-02 02:27 PM, Brian Gallew wrote: I've found that Puppet/Naginator has the bad habit of occasionally breaking the Nagios config. Here's how I worked around this: 1) When you collect your Nagios resource, store them all in a temporary directory (in my case, ~nagios/var/tmp) 2) Purge that directory with a cron job every night (so deleted resources disappear) 3) Create an exec that creates a ~nagios/etc/nagios-tmp.cfg by running sed on ~nagios/etc/nagios.cfg and changing directories appropriately. 4) Create an exec that pre-flights Nagios using the nagios-tmp.cfg (which checks the tmp dir) and, if successful, sync the files over into the real Nagios config directory. It's a little clunky, but Nagios doesn't ever break anymore. Remember that your pre-flight exec should require all the Nagios resources (so the files get updated first), and should always run if the contents of the tmp dir vary at all from the real target (diff is your friend here). Otherwise, the preflight may fail once and then never run again until the next time you make a substantive server change. hmm, that's an interesting approach. it sounds like it requires a lot of exec magic but it does cover for the config breakages and also for purging resources. When I finally get some free time, I'll look into implementing that. Thanks for the hint. Nice! Currently, our Nagios config lives in a Git repository. Before pulling changes to /etc/nagios3 and restarting Nagios, we pull them to a temp dir, and with a nagios.conf with adapted paths, we test the config, just like you describe. This is all pretty much automated, so it's something I have been thinking about, how to implement that in Puppet. Step 3 in your description is -in our setup- unnecessary, we just keep the test-config in our repo as well. Thanks. Best regards, Martijn. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Puppetd sometimes not surviving a reload
Hi, I have one Puppet agent (2.6.3 on Ubuntu) that sometimes does not seem to survive a reload (SIGHUP). The agent is reloaded by 'logrotate' every morning, and usually this works OK, but just sometimes, puppetd gives up, without writing anything extraordinary to syslog (without any debug options). The strange coincidence is, that this only happens to the puppetd running on the puppet master. I haven't investigated the cause yet, I am curious if anyone else is seeing this. Best regards, Martijn. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] CIDR-matching in puppet manifests?
On 27-01-11 22:21, Nick Moffitt wrote: Mohamed Lrhazi: I guess my answer was: you can use ruby's library ipaddr inside templates, not sure about manifests. That is an interesting approach, and suggests possible inline_template() hacks. I note that of course Puppet itself can do CIDR tests in various conf file settings, so clearly the underlying ruby makes this possible. I'll think about this code you've pasted. Thanks! Would you be so kind to post the solution you cho(o)se in the end? I am interested in this too.. Thank you! Best regards, Martijn Grendelman -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] REMOVE ME
Please step into my office, and I'll remove you :-) Or look at the mail headers and take appropriate action: List-Unsubscribe: http://groups.google.com/group/puppet-users/subscribe?hl=en_US, mailto:puppet-users+unsubscr...@googlegroups.com Regards, Martijn. On 25-01-11 07:48, ralph.gro...@itdz-berlin.de wrote: -- *From:* puppet-users@googlegroups.com [mailto:puppet-users@googlegroups.com] *On Behalf Of *puppet-users+nore...@googlegroups.com *Sent:* Monday, January 24, 2011 1:00 PM *To:* Abridged Recipients *Subject:* [Puppet Users] Abridged summary of puppet-users@googlegroups.com - 45 Messages in 9 Topics Today's Topic Summary Group: http://groups.google.com/group/puppet-users/topics * scheduler problem? #group_thread_0 [1 Update] * Do we need a new name for --test? #group_thread_1 [34 Updates] * mcollective for rhel 4 #group_thread_2 [2 Updates] * Puppet dashboard don't show current day #group_thread_3 [2 Updates] * Behavior of local modules and their included facts #group_thread_4 [1 Update] * problems with dependencies #group_thread_5 [2 Updates] * high 500 error rate on file metadata operations #group_thread_6 [1 Update] * PSA: Please use pre tags when reporting bugs. #group_thread_7 [1 Update] * another 2.6 question... stages #group_thread_8 [1 Update] Topic: scheduler problem? http://groups.google.com/group/puppet-users/t/e00eda15de69b533 Antony Mayi antonym...@yahoo.com Jan 24 11:29AM ^ #digest_top Hi Nan, thanks. I have removed the schedule (re)definition but it does still the same - the tidy is called on every run (every 30 minutes). the state.yaml after a typical run has following more... http://groups.google.com/group/puppet-users/msg/7199a3f934647c02 Topic: Do we need a new name for --test? http://groups.google.com/group/puppet-users/t/fbe7bcfe04b5f657 Nigel Kersten ni...@puppetlabs.com Jan 23 01:33PM -0800 ^ #digest_top https://projects.puppetlabs.com/issues/2476 This does seem to confuse a fair few new users. What would be a better name for --test? more... http://groups.google.com/group/puppet-users/msg/d3dd3cbe311368e8 Adam Nielsen a.niel...@shikadi.net Jan 24 07:50AM +1000 ^ #digest_top https://projects.puppetlabs.com/issues/2476 This does seem to confuse a fair few new users. What would be a better name for --test? Using Gentoo's emerge as an example, how about more... http://groups.google.com/group/puppet-users/msg/4f4c6c8b58c491c2 Nigel Kersten ni...@puppetlabs.com Jan 23 02:15PM -0800 ^ #digest_top This does seem to confuse a fair few new users. What would be a better name for --test? Using Gentoo's emerge as an example, how about --oneshot? It's more than that though. more... http://groups.google.com/group/puppet-users/msg/69a330193ef7d96d Denmat tu2bg...@gmail.com Jan 24 09:35AM +1100 ^ #digest_top I was thinking '--update' as that is what it does but then that doesn't describe the '--one-time' nature of it explicitly. I always felt funny updating hosts with 'test' though :) Hard one. more... http://groups.google.com/group/puppet-users/msg/1313878342cdbaa7 Patrick kc7...@gmail.com Jan 23 02:44PM -0800 ^ #digest_top On Jan 23, 2011, at 1:50 PM, Adam Nielsen wrote: This does seem to confuse a fair few new users. What would be a better name for --test? Using Gentoo's emerge as an example, how more... http://groups.google.com/group/puppet-users/msg/32700f78acf03e7 Daniel Pittman dan...@puppetlabs.com Jan 23 03:35PM -0800 ^ #digest_top My inclination is to say that ontime or verbose have stolen the name for another concept; perhaps interactive covers the standard use-case well enough? Daniel What would be a better more... http://groups.google.com/group/puppet-users/msg/ba3086cb22134102 Dan Bode d...@puppetlabs.com Jan 23 03:38PM -0800 ^ #digest_top
Re: [Puppet Users] Check version of installed RPM
Hi, All that being said, if its just one or two packages you care about you can simply add a fact for the package versions, but this fact will only show the version on the next puppet run not the one during which you install said package since the compile stage of the puppet run is happening on the master prior to installing the package. Merely from an 'inventory' point of view, I felt the need to have facts for reporting versions of installed packages. I wrote the following code, that creates facts for package versions, based on a file that lists the packages I am interested in on a particular server. This file can, of course, be managed by puppet. martijn:puppet cat modules/common/lib/facter/package_versions.rb require 'puppet' package_list = /etc/facter/package_versions_list if File.exist?(package_list) File.readlines(package_list).each do |l| l.strip! @pname = l.split.each do |p| if @pname.eql? @pname = p end pkg = Puppet::Type.type(:package).new(:name = p) v = pkg.retrieve[pkg.property(:ensure)].to_s if !v.eql? purged and !v.eql? absent Facter.add(pkg_ + @pname + _version) do setcode do v end end end end end end martijn@server002:~ cat /etc/facter/package_versions_list postgresql php5-common mysql-server mysql-server-5.1 mysql-server-5.0 Regards, Martijn. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppetmaster 2.6.x on Ubuntu Lucid
Hi, On 10-01-11 14:34, Adam Ryczkowski wrote: I like the idea of parametrized classes very much, and I would like to use them. Unfortunately Ubuntu Lucid ships with puppet 2.5.4, which doesn't support it. Does anybody here can tell me, how can I get 2.6.x version of puppet and puppetmaster on Ubuntu? I tried to install puppet from sources, but I failed miserably: The internal installer does little more then copying the ruby scripts. It doesn't create users, directories nor permissions necessary to run puppetmaster, and error messages that are generated on such failed install are cryptic. I am aware of http://packages.debian.org/lenny-backports/puppet, but itsn't strictly Ubuntu and there are missing dependencies, so right now I can't install it (I used to be able to do it few weeks ago, when they had puppet 2.6.2). I am also aware of https://launchpad.net/~mathiaz/+archive/puppet-backports but mathiaz doesn't provide puppetmaster. Can anyone suggest me any hints on how to do it? Maybe there is someone, who actually managed to run puppetmaster on Ubuntu 10.4 and who would share how did he achieve it? We always create our own backport of the official Ubunutu packages from the latest release. http://packages.ubuntu.com/natty/puppet Just download/unpack the source and build it with your favourite build-tool (pbuilder or similar). It currently builds even on Hardy without modifications. Best regards, Martijn. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppetmaster 2.6.x on Ubuntu Lucid
On 10-01-11 14:47, Martijn Grendelman wrote: ... Ubunutu packages ... Damn. I STILL can't type 'Ubuntu' properly. Just use Debian, it's easier :-) Regards, Martijn. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Report rrdgraph failed: could not create RRD file
On 27-12-10 17:13, James Turnbull wrote: Martijn Grendelman wrote: On 24-12-10 16:47, Martijn Grendelman wrote: Hi, Today, I set up 'rrdgraph' reports. What could be the cause of this: Dec 24 15:52:35 offman01 puppet-master[20593]: Report rrdgraph failed: Could not create RRD file /var/lib/puppet/rrd/talk.dev.iphion.nl/changes.rrd: you must define at least one Data Source Martijn I think this is an RRD bug as well as a Puppet. What platform, RRD version and RRD Ruby bindings are you using? Also what Puppet version? This is an Ubuntu Jaunty install. $ dpkg -l puppet rrdtool librrd-ruby ii librrd-ruby 1.3.1-4ubuntu1 ii puppet 2.6.3-0ubuntu1-iphion2~9.04 ii rrdtool 1.3.1-4ubuntu1 If you search the bug database I think you'll find your issue. I'll have a look, thanks! Best regards, Martijn. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Unrecognised escape sequence '\~'
On 27-12-10 15:05, Felix Frank wrote:
On 12/27/2010 02:54 PM, Martijn Grendelman wrote:
Hi,
In one of my modules, I have the following:
exec { /bin/sed -i '\~^${line}$~d' '${file}':
The '\~' is there, to make sed use '~' as the command separator instead of
'/', which is too common in the lines I am trying to delete.
However, the puppet master now complains:
Dec 27 14:07:11 offman01 puppet-master[821]: Unrecognised escape sequence
'\~' in file /etc/puppet/modules/common/manifests/definitions/line.pp at
line 15
Should I worry about that?
Yes.
You probably want sed to see the backslash (so as to keep the shell from
expanding ~ to $HOME? I'm not sure exec runs in a full-fledged shell,
but I digress).
The warning tells you that puppet ignores your attempt at escaping
something, so the backslash is silently dropped.
Long story short - you need to
a) drop the unnecessary escape (optional) or
b) escape the backslash itself (critical),
depending on what you need to happen.
In your case, b.
Ah well, but the sed line actually works as expected, so my guess is, that
Puppet may silently drop the backslash when setting the name/title of the
resource, but it does not when it executes the code.
If Puppet would drop the backslash, it would surely result in a sed error.
If I test it on the command line, I get:
/bin/sed: -e expression #1, char 2: unknown command: `^'
Would it make sense to craft a $name for the resource without the escape
sequence, and set the command explicitly with 'command = /bin/sed -i ...' ?
You're right, I've got it backwards. Nothing is silently dropped.
Do escape the backslash in order to get rid of that warning message.
This will mean trouble *only* if at some point in the future \~ does
become a valid escape (and you will lose the backslash to puppet then).
Crafting a name for the resource without the '\~' and putting the command
in a 'command =' parameter doesn't make any difference.
I have now escaped the backslash and that made the error go away.
exec { /bin/sed -i '\\~^${line}$~d' '${file}':
Thanks,
Martijn.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Report rrdgraph failed: could not create RRD file
Hi, Today, I set up 'rrdgraph' reports. What could be the cause of this: Dec 24 15:52:35 offman01 puppet-master[20593]: Report rrdgraph failed: Could not create RRD file /var/lib/puppet/rrd/talk.dev.iphion.nl/changes.rrd: you must define at least one Data Source I think this is an RRD bug as well as a Puppet. What platform, RRD version and RRD Ruby bindings are you using? Also what Puppet version? This is an Ubuntu Jaunty install. $ dpkg -l puppet rrdtool librrd-ruby ii librrd-ruby 1.3.1-4ubuntu1 ii puppet 2.6.3-0ubuntu1-iphion2~9.04 ii rrdtool 1.3.1-4ubuntu1 If you search the bug database I think you'll find your issue. I'll have a look, thanks! Besides https://projects.puppetlabs.com/issues/4783 (closed 3 months ago), I haven't been able to find any issues that come close to what I'm seeing. I have updated rrdtool (incl. librrd and the Ruby bindings) to version 1.4.3, but I didn't notice any improvement. Best regards, Martijn. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Report rrdgraph failed: could not create RRD file
On 24-12-10 16:47, Martijn Grendelman wrote: Hi, Today, I set up 'rrdgraph' reports. What could be the cause of this: Dec 24 15:52:35 offman01 puppet-master[20593]: Report rrdgraph failed: Could not create RRD file /var/lib/puppet/rrd/talk.dev.iphion.nl/changes.rrd: you must define at least one Data Source A log excerpt: Dec 27 11:50:15 offman01 puppet-master[17211]: Report rrdgraph failed: Failed to update resources: unknown DS name 'skipped' Dec 27 11:50:49 offman01 puppet-master[1133]: Report rrdgraph failed: Failed to update changes: unknown DS name '' Dec 27 11:51:45 offman01 puppet-master[1133]: Report rrdgraph failed: Could not create RRD file /var/lib/puppet/rrd/server012.dev.iphion.nl/changes.rrd: you must define at least one Data Source Dec 27 11:52:45 offman01 puppet-master[17211]: Report rrdgraph failed: Could not create RRD file /var/lib/puppet/rrd/racey.dev.iphion.nl/changes.rrd: you must define at least one Data Source Dec 27 11:53:26 offman01 puppet-master[1133]: Report rrdgraph failed: Could not create RRD file /var/lib/puppet/rrd/server002.dev.iphion.nl/changes.rrd: you must define at least one Data Source Dec 27 12:01:16 offman01 puppet-master[1133]: Report rrdgraph failed: Failed to update changes: unknown DS name '' Dec 27 12:04:40 offman01 puppet-master[8107]: Report rrdgraph failed: Failed to update events: unknown DS name 'success' Dec 27 12:05:11 offman01 puppet-master[1133]: Report rrdgraph failed: Failed to update resources: unknown DS name 'changed' Dec 27 12:07:05 offman01 puppet-master[8107]: Report rrdgraph failed: Failed to update events: unknown DS name 'success' Seems to me like there are yet some bugs to fix here ;-) Should I file a report? This happens for some nodes, but for other nodes it works fine. For the nodes for which this happens, no HTML files (daily.html, events.html, etc.) are created either. So, for some (good) nodes, I have: /var/lib/puppet/rrd/test2.dev.iphion.nl: total 248 -rw-r--r-- 1 puppet puppet 7592 2010-12-24 14:44 changes-daily.png -rw-r--r-- 1 puppet puppet 8422 2010-12-24 14:44 changes-monthly.png -rw-r--r-- 1 puppet puppet 8295 2010-12-24 14:44 changes-weekly.png -rw-r--r-- 1 puppet puppet 9290 2010-12-24 14:44 changes-yearly.png -rw-r--r-- 1 puppet puppet 226 2010-12-24 14:44 changes.html -rw-r--r-- 1 puppet puppet 2944 2010-12-24 14:44 changes.rrd -rw-r--r-- 1 puppet puppet 218 2010-12-24 14:44 daily.html -rw-r--r-- 1 puppet puppet 6142 2010-12-24 16:16 events-daily.png -rw-r--r-- 1 puppet puppet 8265 2010-12-24 16:16 events-monthly.png -rw-r--r-- 1 puppet puppet 6876 2010-12-24 16:16 events-weekly.png -rw-r--r-- 1 puppet puppet 9013 2010-12-24 16:16 events-yearly.png -rw-r--r-- 1 puppet puppet 221 2010-12-24 14:44 events.html -rw-r--r-- 1 puppet puppet 5656 2010-12-24 16:16 events.rrd -rw-r--r-- 1 puppet puppet 401 2010-12-24 14:44 index.html -rw-r--r-- 1 puppet puppet 228 2010-12-24 14:44 monthly.html -rw-r--r-- 1 puppet puppet 7583 2010-12-24 16:16 resources-daily.png -rw-r--r-- 1 puppet puppet 8694 2010-12-24 16:16 resources-monthly.png -rw-r--r-- 1 puppet puppet 8605 2010-12-24 16:16 resources-weekly.png -rw-r--r-- 1 puppet puppet 9897 2010-12-24 16:16 resources-yearly.png -rw-r--r-- 1 puppet puppet 236 2010-12-24 14:44 resources.html -rw-r--r-- 1 puppet puppet 13792 2010-12-24 16:16 resources.rrd -rw-r--r-- 1 puppet puppet 7213 2010-12-24 16:16 time-daily.png -rw-r--r-- 1 puppet puppet 8339 2010-12-24 16:16 time-monthly.png -rw-r--r-- 1 puppet puppet 8326 2010-12-24 16:16 time-weekly.png -rw-r--r-- 1 puppet puppet 9272 2010-12-24 16:16 time-yearly.png -rw-r--r-- 1 puppet puppet 211 2010-12-24 14:44 time.html -rw-r--r-- 1 puppet puppet 2944 2010-12-24 16:16 time.rrd -rw-r--r-- 1 puppet puppet 223 2010-12-24 14:44 weekly.html -rw-r--r-- 1 puppet puppet 223 2010-12-24 14:44 yearly.html And for others: /var/lib/puppet/rrd/test4.dev.iphion.nl: total 144 -rw-r--r-- 1 puppet puppet 7041 2010-12-24 16:28 events-daily.png -rw-r--r-- 1 puppet puppet 8124 2010-12-24 16:28 events-monthly.png -rw-r--r-- 1 puppet puppet 8079 2010-12-24 16:28 events-weekly.png -rw-r--r-- 1 puppet puppet 9013 2010-12-24 16:28 events-yearly.png -rw-r--r-- 1 puppet puppet 2944 2010-12-24 16:28 events.rrd -rw-r--r-- 1 puppet puppet 6891 2010-12-24 16:28 resources-daily.png -rw-r--r-- 1 puppet puppet 9043 2010-12-24 16:28 resources-monthly.png -rw-r--r-- 1 puppet puppet 7682 2010-12-24 16:28 resources-weekly.png -rw-r--r-- 1 puppet puppet 9897 2010-12-24 16:28 resources-yearly.png -rw-r--r-- 1 puppet puppet 5656 2010-12-24 16:28 resources.rrd -rw-r--r-- 1 puppet puppet 7374 2010-12-24 16:28 time-daily.png -rw-r--r-- 1 puppet puppet 8537 2010-12-24 16:28 time-monthly.png -rw-r--r-- 1 puppet puppet 8316 2010-12-24 16:28 time-weekly.png -rw-r--r-- 1 puppet puppet 9272 2010-12-24 16:28 time
[Puppet Users] Unrecognised escape sequence '\~'
Hi,
In one of my modules, I have the following:
exec { /bin/sed -i '\~^${line}$~d' '${file}':
The '\~' is there, to make sed use '~' as the command separator instead of
'/', which is too common in the lines I am trying to delete.
However, the puppet master now complains:
Dec 27 14:07:11 offman01 puppet-master[821]: Unrecognised escape sequence
'\~' in file /etc/puppet/modules/common/manifests/definitions/line.pp at
line 15
Should I worry about that?
Best regards,
Martijn.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Unrecognised escape sequence '\~'
Hi,
In one of my modules, I have the following:
exec { /bin/sed -i '\~^${line}$~d' '${file}':
The '\~' is there, to make sed use '~' as the command separator instead of
'/', which is too common in the lines I am trying to delete.
However, the puppet master now complains:
Dec 27 14:07:11 offman01 puppet-master[821]: Unrecognised escape sequence
'\~' in file /etc/puppet/modules/common/manifests/definitions/line.pp at
line 15
Should I worry about that?
Yes.
You probably want sed to see the backslash (so as to keep the shell from
expanding ~ to $HOME? I'm not sure exec runs in a full-fledged shell,
but I digress).
The warning tells you that puppet ignores your attempt at escaping
something, so the backslash is silently dropped.
Long story short - you need to
a) drop the unnecessary escape (optional) or
b) escape the backslash itself (critical),
depending on what you need to happen.
In your case, b.
Ah well, but the sed line actually works as expected, so my guess is, that
Puppet may silently drop the backslash when setting the name/title of the
resource, but it does not when it executes the code.
If Puppet would drop the backslash, it would surely result in a sed error.
If I test it on the command line, I get:
/bin/sed: -e expression #1, char 2: unknown command: `^'
Would it make sense to craft a $name for the resource without the escape
sequence, and set the command explicitly with 'command = /bin/sed -i ...' ?
Best regards,
Martijn.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Report rrdgraph failed: could not create RRD file
Hi, Today, I set up 'rrdgraph' reports. What could be the cause of this: Dec 24 15:52:35 offman01 puppet-master[20593]: Report rrdgraph failed: Could not create RRD file /var/lib/puppet/rrd/talk.dev.iphion.nl/changes.rrd: you must define at least one Data Source This happens for some nodes, but for other nodes it works fine. For the nodes for which this happens, no HTML files (daily.html, events.html, etc.) are created either. So, for some (good) nodes, I have: /var/lib/puppet/rrd/test2.dev.iphion.nl: total 248 -rw-r--r-- 1 puppet puppet 7592 2010-12-24 14:44 changes-daily.png -rw-r--r-- 1 puppet puppet 8422 2010-12-24 14:44 changes-monthly.png -rw-r--r-- 1 puppet puppet 8295 2010-12-24 14:44 changes-weekly.png -rw-r--r-- 1 puppet puppet 9290 2010-12-24 14:44 changes-yearly.png -rw-r--r-- 1 puppet puppet 226 2010-12-24 14:44 changes.html -rw-r--r-- 1 puppet puppet 2944 2010-12-24 14:44 changes.rrd -rw-r--r-- 1 puppet puppet 218 2010-12-24 14:44 daily.html -rw-r--r-- 1 puppet puppet 6142 2010-12-24 16:16 events-daily.png -rw-r--r-- 1 puppet puppet 8265 2010-12-24 16:16 events-monthly.png -rw-r--r-- 1 puppet puppet 6876 2010-12-24 16:16 events-weekly.png -rw-r--r-- 1 puppet puppet 9013 2010-12-24 16:16 events-yearly.png -rw-r--r-- 1 puppet puppet 221 2010-12-24 14:44 events.html -rw-r--r-- 1 puppet puppet 5656 2010-12-24 16:16 events.rrd -rw-r--r-- 1 puppet puppet 401 2010-12-24 14:44 index.html -rw-r--r-- 1 puppet puppet 228 2010-12-24 14:44 monthly.html -rw-r--r-- 1 puppet puppet 7583 2010-12-24 16:16 resources-daily.png -rw-r--r-- 1 puppet puppet 8694 2010-12-24 16:16 resources-monthly.png -rw-r--r-- 1 puppet puppet 8605 2010-12-24 16:16 resources-weekly.png -rw-r--r-- 1 puppet puppet 9897 2010-12-24 16:16 resources-yearly.png -rw-r--r-- 1 puppet puppet 236 2010-12-24 14:44 resources.html -rw-r--r-- 1 puppet puppet 13792 2010-12-24 16:16 resources.rrd -rw-r--r-- 1 puppet puppet 7213 2010-12-24 16:16 time-daily.png -rw-r--r-- 1 puppet puppet 8339 2010-12-24 16:16 time-monthly.png -rw-r--r-- 1 puppet puppet 8326 2010-12-24 16:16 time-weekly.png -rw-r--r-- 1 puppet puppet 9272 2010-12-24 16:16 time-yearly.png -rw-r--r-- 1 puppet puppet 211 2010-12-24 14:44 time.html -rw-r--r-- 1 puppet puppet 2944 2010-12-24 16:16 time.rrd -rw-r--r-- 1 puppet puppet 223 2010-12-24 14:44 weekly.html -rw-r--r-- 1 puppet puppet 223 2010-12-24 14:44 yearly.html And for others: /var/lib/puppet/rrd/test4.dev.iphion.nl: total 144 -rw-r--r-- 1 puppet puppet 7041 2010-12-24 16:28 events-daily.png -rw-r--r-- 1 puppet puppet 8124 2010-12-24 16:28 events-monthly.png -rw-r--r-- 1 puppet puppet 8079 2010-12-24 16:28 events-weekly.png -rw-r--r-- 1 puppet puppet 9013 2010-12-24 16:28 events-yearly.png -rw-r--r-- 1 puppet puppet 2944 2010-12-24 16:28 events.rrd -rw-r--r-- 1 puppet puppet 6891 2010-12-24 16:28 resources-daily.png -rw-r--r-- 1 puppet puppet 9043 2010-12-24 16:28 resources-monthly.png -rw-r--r-- 1 puppet puppet 7682 2010-12-24 16:28 resources-weekly.png -rw-r--r-- 1 puppet puppet 9897 2010-12-24 16:28 resources-yearly.png -rw-r--r-- 1 puppet puppet 5656 2010-12-24 16:28 resources.rrd -rw-r--r-- 1 puppet puppet 7374 2010-12-24 16:28 time-daily.png -rw-r--r-- 1 puppet puppet 8537 2010-12-24 16:28 time-monthly.png -rw-r--r-- 1 puppet puppet 8316 2010-12-24 16:28 time-weekly.png -rw-r--r-- 1 puppet puppet 9272 2010-12-24 16:28 time-yearly.png -rw-r--r-- 1 puppet puppet 2944 2010-12-24 16:28 time.rrd All nodes are configured identically. Best regards, Martijn. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Small documentation addition
Hi, At http://docs.puppetlabs.com/references/latest/report.html#tagmail I read: You must have the Ruby RRDtool library installed ... This package may also be available as ruby-rrd or rrdtool-ruby in your distribution’s package management system Maybe it can be noted in the text, that on Debian and Ubuntu, the package is called 'librrd-ruby'. Regards, Martijn. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Small documentation addition
Hi, I was aware of the 'Contribute' page, and it does indeed seem like a lot of work, even for a reasonably experienced Git user like myself. I will file a documentation bug. Thanks. Regards, Martijn. On 22-12-10 16:54, Disconnect wrote: Wait, lets see if I understand the requirements for a 5 word addition to the documentation, from a user who doesn't already use git: 1: go to the page below 2: discover it requires git 3: figure out what git is 4: install a git client 5: figure out how to use same 6: clone the entire repo (I just cloned it, and it weighs in at 13 megs of download, 25 megs of storage) 7: make the change 8: Oops, the page finally links to the docs we needed at step 3 and 5. So now watch a bunch of screencasts. 9: Generate patches. (Fortunately, we just spent an hour watching screencasts. This should be reasonably easy.) 10: Open a ticket. Wait, gotta register with redmine. 11: Register with bug tracker 12: Create a ticket and attach the patch Doesn't that seem .. I dunno.. insanely bad? How about: 1: go to the page below 2: discover that the change passes the triviality criteria 3: skip to 10 - register and open a ticket. On Wed, Dec 22, 2010 at 10:39 AM, Peter Meier peter.me...@immerda.ch mailto:peter.me...@immerda.ch wrote: Maybe it can be noted in the text, that on Debian and Ubuntu, the package is called 'librrd-ruby'. the best thing would be to open a documentation bug report. Oh and maybe even supply a patch? http://docs.puppetlabs.com/contribute.html ~pete -- -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] n00b questions - verbosity of config????
Hi,
I haven't followed the entire discussion, but one small thing caught my
attention:
On 14-12-10 19:15, Rameses Mss wrote:
In your base node (i.e., top level inheritance) set a default:
node base {
$sshd_type=client
include sshd
}
node myclient inherits base {
}
node myserver inherits base {
$sshd_type=server
}
This would require sshd_config.client. Override it on a per-node basis.
External nodes scripts make this sort of thing simpler.
AFAIK, it doesn't work if you write it like this. Please correct me if I
am wrong.
I have tried this, and spent the better part of a day trying to find out
why $ssh_type didn't have server on 'myserver', but client. The parse
order matters in this case, and it only works if you write it like this:
node base {
$sshd_type=client
}
node myclient inherits base {
include sshd
}
node myserver inherits base {
$sshd_type=server
include sshd
}
The obvious downside being, that you have to write the include-line for
each node separately.
Best regards,
Martijn.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Custom Functions that runs on the Client?
Hi,
On Mon, Dec 13, 2010 at 12:56 PM, Yushu Yao y...@lbl.gov
mailto:y...@lbl.gov wrote:
Another though:
Can I do something like
if $(return value of an Exec resource)==0 {
} else {}
I.e. I want to run an shell command first, and do something depend on
the output of the command.
You probably want to make the shell command a fact, and then case on the
fact inside your manifests on the server.
What about 'onlyif' and 'unless'?
But I also have custom facts that -for example- check if a local directory
or its contents have changed before I run an Exec or a Concat...
Best regards,
Martijn.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Howto check if augeas is available
On 09-12-10 09:44, Hubert Krause wrote:
Hello,
Am Wednesday 08 December 2010 22:22:10 schrieb Patrick:
What distro are you using?
CentOS and Debian. New server will always be Debian. Our Puppet Server is
CentOS at the moment.
Why not just install Augeas when you install puppet? That's usually much
easier.
Yes, but I want something Idiot proof (I am the idiot in case of doubt). At
the moment we install our server by hand. In future we want to use some sort
of automatic install, but not at the moment.
We get errormessages verry instantly If we forget to install augeas, so we
have not that big pressure to implement automatic augeas detection. But it
would be nice.
An example: add the following to
puppet_path/modules/modulename/lib/facter/augeas_available.rb
-- cut here --
require 'facter'
Facter.add(augeas_available) do
setcode do
avail = no
Dir.glob(/usr/lib/libaugeas*) { |filename|
avail = yes
}
avail
end
end
-- cut here --
It simple looks for files named /usr/lib/libaugeas*. I am not sure if that
is appropriate for CentOS too, but it works on Debian. Of course, this is
no guarantee that the Ruby-bindings are also available, so this is still
not idiot-proof.
After installing the fact, you can do something like this in a manifest:
if $augeas_availabe {
augeas { foo:
}
}
Best regards,
Martijn.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Howto check if augeas is available
I made a small mistake. Please see at the bottom.
On 09-12-10 15:30, Martijn Grendelman wrote:
An example: add the following to
puppet_path/modules/modulename/lib/facter/augeas_available.rb
-- cut here --
require 'facter'
Facter.add(augeas_available) do
setcode do
avail = no
Dir.glob(/usr/lib/libaugeas*) { |filename|
avail = yes
}
avail
end
end
-- cut here --
It simple looks for files named /usr/lib/libaugeas*. I am not sure if that
is appropriate for CentOS too, but it works on Debian. Of course, this is
no guarantee that the Ruby-bindings are also available, so this is still
not idiot-proof.
After installing the fact, you can do something like this in a manifest:
if $augeas_availabe {
augeas { foo:
}
}
Sorry, that should be:
if $augeas_availabe == yes {
}
Regards,
Martijn.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Feature request: queued triggers
On 08-12-10 21:10, Jason Lavoie wrote: On 12/08, Martijn Grendelman wrote: I would like to have the possibility to tell Puppet to queue the trigger, and when the currently running catalog run is finished, process it and do another run. Does this sound like a good idea? I thought so, and proposed a similar feature a while back: http://projects.puppetlabs.com/issues/2763 Ah, I didn't bother to check the issue tracker. Updated by Luke Kanies about 1 year ago: of course, a relatively low priority I wonder what 'relatively' means in this respect ;-) Cheers, Martijn. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Add file size/md5 validation
On 08-12-10 11:19, Leonko wrote:
Hello,
Anybody know how I can make checking file for verify for size/md5sum
and if it not equal my value rewrite it from server.
There may vriant than simple: file { /my/file: ensure = present,
checksum = true,source = puppet:///files/file}
?
Isn't that what Puppet does by default, compare the checksum of the file
on the client to the one on the server, and if they differ, transfer the file?
From http://docs.puppetlabs.com/references/latest/type.html#file:
checksum
The default checksum parameter, if checksums are enabled, is md5. Valid
values are md5, md5lite, timestamp, mtime, time, none.
source
Copy a file over the current file. Uses checksum to determine when a file
should be copied
Regards,
Martijn.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Converting to Ruby DSL
Hi,
I'm sorry, this may not be the response you are waiting for.
Unfortunately, I have only questions to add...
I'm experimenting with converting some of my live puppet content to
Ruby DSL and have found a few gaps I wouldn't mind some advice on. I'm
not sure how many of you have already experimented in this arena yet.
I've already read Dan Bode's excellent blog article on the subject:
http://www.puppetlabs.com/blog/ruby-dsl/
I know the Ruby DSL is quite new - but I figured perhaps some of these
items deserve to be tickets (or perhaps documented) and I thought I'd
ask first :-).
1. Defaults
How do I set defaults in Ruby DSL? For example what is the ruby DSL
equivalent to this:
Service {
hasstatus = true
}
2. Top scope
I notice the convenience methodology does not work at 'top scope' for
example
this will fail:
file /tmp/zzz, :content = foo
But this will not:
node default do
file /tmp/zzz, :content = foo
end
Is there a proper way to call resources without using the convenience
methods? Or
perhaps is there a way to define elements that reside in top scope?
3. Class resource
I think Dan Bode already raised this as a bug:
https://projects.puppetlabs.com/issues/5236
The following returns an error 'method_missing':
hostclass :foo do
notify bar
end
node default do
hostclass foo, :stage = baz
end
This is because hostclass has not been defined as a convenience method
it would seem. Just like issues 2 If someone knows
a way to call a resource directly without requiring the convenience
method that would be a decent enough work-around.
4. exec Resource
The 'exec' resource as a convenience method is overlapping with the
ruby 'exec'
method. So if you do this:
node default do
exec ls, :command = /bin/ls
end
You get:
can't convert Hash into String on node obelisk.usr.bob.sh
Returned from the Kernel.exec call.
5. Referencing other resources
I'm not quite clear how to reference other resources that already
exist. This is obviously a problem for the 'require' attribute:
node default do
package foo, :ensure = installed
service foo, :enable = true, :ensure = running, :require
= ???
end
6. Chaining Resources
Is there a syntactical equivalent to this in Ruby DSL yet? For
example:
Stage[pre] - Stage[main] - Stage[post]
Without knowing how to solve 5 I'm kind of stuck when it comes to
defining dependencies :-).
Cheers :-).
Is there, besides the mentioned blog post, any official documentation? I
haven't been able to find any.
How can I use facts in pure-Ruby manifests? I don't know how to reference
them, and anything I have tried failed.
Best regards,
Martijn.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Does Puppet depend on Augeas?
Hi, The lastest Puppet package in Ubuntu Natty /depends/ on libaugeas, rather than merely recommending it, like it used to, up to and including version 2.6.1. Is there a strict reason for this from Puppet's point of view? If not, I'll see if I can harrass the Ubuntu maintainer about this :-) Best regards, Martijn. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Schedule
Hi,
On 03-12-10 23:24, Ken Barber wrote:
Looking here and at source:
http://docs.puppetlabs.com/references/stable/type.html#schedule
It reads to me that you might be able to use:
schedule { puppet: period = weekly, repeat = 3 }
And have it ran three days a week for example, but being specific
about the day does not seem possible.
Thanks, that's what I thought.
I have created a custom fact named 'wday', that returns 'Date.today.wday',
so I can test for '$wday 0 and $wday 6'.
Ugly, but it works.
Regards,
Martijn.
On Dec 2, 9:46 am, Martijn Grendelman mart...@iphion.nl wrote:
Hi,
If I understand correctly, it is not possible to use a Schedule resource
to prevent a resource from running on certain days (i.e. weekend), only
hours within any day, is that right?
Best regards,
Martijn.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Developing functions
On 01-12-10 01:19, Roy Nielsen wrote: You also have to put the function in the right place on the server, not just in: modules/mymodule/lib/puppet/parser/functions/ Try putting it in: /var/puppet/lib/puppet/parser/functions/ as well. At least this is what was required in 0.25.1 :) No, that doesn't seem to be necessary with 2.6.1, at least not to get the function loaded /initially/. Perhaps it helps to copy the file there once it is changed, it didn't try that. Reloading the Puppetmaster solves the problem, I was just wondering if that is expected, or if it could be a bug. Best regards, Martijn. On 11/30/10 6:43 AM, Martijn Grendelman wrote: Hi, Today, while working on some functions in Puppet, I got back lots of unexpected results. Lots of times, it seemed like my changes in the code were not picked up when I re-ran the test-classes. Even functions that I removed from the code, after using them once or so, kept working after removal, until.. I restarted the puppetmaster. Is is necessary to restart the puppetmaster after making changes in functions? I have been following http://projects.puppetlabs.com/projects/1/wiki/Writing_Your_Own_Functions. I read it’ll be loaded by the Puppetmaster when you first use that function.. That, I can confirm, but is it REloaded, ever? The functions live in a module, in modules/mymodule/lib/puppet/parser/functions/ Everytime I do a catalog run on a test client, I see the diffs in the code passing on the screen after info: Retrieving plugin, but the puppetmaster doesn't seem to pick up. I run Puppet 2.6.1. Best regards, Martijn. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Developing functions
Hi Trevor, More likely just adding usecacheonfailure = false to the [puppetd] stanza in /etc/puppet/puppet.conf will help. I am yet unfamiliar with that option, but just as a remark, there was really no 'failure' involved here, it was just that enhancements to my code weren't picked up, and Puppet was running an older incantation of my function. Best regards, Martijn. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Developing functions
On 01-12-10 13:40, Gary Larizza wrote: How are you running puppet master - is it via Passenger and Apache? I have noticed some caching going on with the 2.6 branch where I make changes to manifests and those changes don't propagate immediately. Usualy, a reload of Apache (and thus restarting the puppet master - we use Passenger 2.2.11) fixes these issues for me. We run Puppet as a Mongrel server, however only in production, and the issues I had were on our test server, which runs puppetmaster stand-alone. Is this issue limited to functions being loaded or do you have this problem with manifest changes too? Unfortunately, I've not done enough troubleshooting to narrow down the cause. I don't know if these issues are related, but thought I would suggest it. Thanks, Martijn. On Wed, Dec 1, 2010 at 7:33 AM, Martijn Grendelman mart...@iphion.nl mailto:mart...@iphion.nl wrote: On 01-12-10 01:19, Roy Nielsen wrote: You also have to put the function in the right place on the server, not just in: modules/mymodule/lib/puppet/parser/functions/ Try putting it in: /var/puppet/lib/puppet/parser/functions/ as well. At least this is what was required in 0.25.1 :) No, that doesn't seem to be necessary with 2.6.1, at least not to get the function loaded /initially/. Perhaps it helps to copy the file there once it is changed, it didn't try that. Reloading the Puppetmaster solves the problem, I was just wondering if that is expected, or if it could be a bug. Best regards, Martijn. On 11/30/10 6:43 AM, Martijn Grendelman wrote: Hi, Today, while working on some functions in Puppet, I got back lots of unexpected results. Lots of times, it seemed like my changes in the code were not picked up when I re-ran the test-classes. Even functions that I removed from the code, after using them once or so, kept working after removal, until.. I restarted the puppetmaster. Is is necessary to restart the puppetmaster after making changes in functions? I have been following http://projects.puppetlabs.com/projects/1/wiki/Writing_Your_Own_Functions. I read it’ll be loaded by the Puppetmaster when you first use that function.. That, I can confirm, but is it REloaded, ever? The functions live in a module, in modules/mymodule/lib/puppet/parser/functions/ Everytime I do a catalog run on a test client, I see the diffs in the code passing on the screen after info: Retrieving plugin, but the puppetmaster doesn't seem to pick up. I run Puppet 2.6.1. Best regards, Martijn. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com mailto:puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com mailto:puppet-users%2bunsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Developing functions
Hi, Today, while working on some functions in Puppet, I got back lots of unexpected results. Lots of times, it seemed like my changes in the code were not picked up when I re-ran the test-classes. Even functions that I removed from the code, after using them once or so, kept working after removal, until.. I restarted the puppetmaster. Is is necessary to restart the puppetmaster after making changes in functions? I have been following http://projects.puppetlabs.com/projects/1/wiki/Writing_Your_Own_Functions. I read it’ll be loaded by the Puppetmaster when you first use that function.. That, I can confirm, but is it REloaded, ever? The functions live in a module, in modules/mymodule/lib/puppet/parser/functions/ Everytime I do a catalog run on a test client, I see the diffs in the code passing on the screen after info: Retrieving plugin, but the puppetmaster doesn't seem to pick up. I run Puppet 2.6.1. Best regards, Martijn. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] join()
Hi puppeteers, In the function reference [1], I found a 'split' function for splitting a string into an array, but not a 'join' function for joining an array into a string. Why not? :) I have a list of IP addresses, that I use with ssh_authorized_key to restrict access. The list is now simply a comma-separated list in a string, but if I want to use the list for other purposes as well, I thought it might be better to store the list as an array and join() it with the proper glue whenever needed. What do you recommend? Best regards, Martijn. [1] http://docs.puppetlabs.com/references/stable/function.htm smime.p7s Description: S/MIME Cryptographic Signature
Re: [Puppet Users] join()
On 09-09-10 11:50, R.I.Pienaar wrote:
In the function reference [1], I found a 'split' function for
splitting a
string into an array, but not a 'join' function for joining an array
into
a string. Why not? :)
I have a list of IP addresses, that I use with ssh_authorized_key to
restrict access. The list is now simply a comma-separated list in a
string, but if I want to use the list for other purposes as well, I
thought it might be better to store the list as an array and join()
it
with the proper glue whenever needed.
What do you recommend?
- you can write a join function and contribute it to the project, they are
very easy to write
I have added this function to my 'common' module:
puppet$ cat modules/common/lib/puppet/parser/functions/join.rb
module Puppet::Parser::Functions
newfunction(:join, :type = :rvalue) do |args|
args[0].join(args[1])
end
end
I didn't come up with it myself though, I found it on the web somewhere.
Looking at the source for the 'split' function, I guess the function needs
documentation and maybe some error checking, like the number of arguments.
How would I contribute something like this to the project?
- you can use something like $ips = inline_template(%=
ipaddress.split(/,/).join(' ') %)
or use regex or something like that.
Thanks!
Martijn.
smime.p7s
Description: S/MIME Cryptographic Signature
Re: [Puppet Users] Puppet + APT, I am lost...
Hi, But for this to work, the Puppet run needs to run aptitude update to pick up the new package name. Running the update periodically isn't enough, but running an update on every catalog run is just overkill. I understand your concern here, but have you done the timing tests? How long are your average puppet runs and how much time does an apt-get update take? I just wonder if you're prematurely optimizing your runs. It's not actually about optimizing puppet runs, it's about the load imposed on the package repository servers, when hundreds of servers do updates twice an hour. And even if that load isn't a real problem (which it probably isn't), it's about politeness to the sysadmins of those servers. The behaviour that I'm trying to avoid could easily be explained as abuse. I just like to play nice. Best regards, Martijn. smime.p7s Description: S/MIME Cryptographic Signature
[Puppet Users] Module availability, loading order
Hi,
I have create the following module:
modules/foo
`-- manifests
|-- definitions
| `-- line.pp
`-- init.pp
$ cat modules/foo/manifests/init.pp
import definitions/*.pp
$ cat modules/foo/manifests/definitions/line.pp
define myline($file, $line, $ensure = 'present') {
}
I try to use the definition in a class:
class testfile {
file { /tmp/testfile:
ensure = present,
}
myline { test:
file = /tmp/testfile,
line = # This is a test,
ensure = present,
}
}
Now, if I do a catalog run on a fresh client, it errors out like this:
err: Could not retrieve catalog from remote server: Error 400 on SERVER:
Puppet::Parser::AST::Resource failed with error ArgumentError: Invalid
resource type myline at /etc/puppet/manifests/classes/testfile.pp:7 on
node martijn.
However, if I first do a run /without/ the 'testfile' class included for
the node, and then re-enable it, everything is fine, and the class/define
do everything they're supposed to do.
Is the way I am trying to do things supposed to work?
What is the reason that this doesn't work? Is it an issue with loading order?
How can I ensure that the module is loaded/available before the 'testfile'
class is evaluated?
Thanks,
Martijn.
smime.p7s
Description: S/MIME Cryptographic Signature
Re: [Puppet Users] Module availability, loading order
On 07-09-10 14:41, R.I.Pienaar wrote:
You define should be:
define foo::myline { }
and it should be in modules/foo/manifests/myline.pp
Is the way I am trying to do things supposed to work?
nope,
What is the reason that this doesn't work? Is it an issue with
loading order?
How can I ensure that the module is loaded/available before the
'testfile' class is evaluated?
name the files as documented. The puppet master will not know to find
your file in a weird location in a file not even called the same as the
define, you can help it by just sticking to the way puppet is
designed[1] to work, and then it will work.
[1] http://docs.reductivelabs.com/guides/modules.html
Thank you, it appears to be working now.
It's probably my own lack of brainpower, but I feel the Puppet
documentation could use some more elaborate examples here and there.
Best regards,
Martijn.
smime.p7s
Description: S/MIME Cryptographic Signature
Re: [Puppet Users] Module availability, loading order
On 07-09-10 16:34, James Turnbull wrote: Martijn Grendelman wrote: It's probably my own lack of brainpower, but I feel the Puppet documentation could use some more elaborate examples here and there. Patches welcomed! http://github.com/reductivelabs/puppet-docs I had a feeling this was going to come my way ;-) However, I hardly feel competent as a Puppet /user/... Best regards, Martijn. smime.p7s Description: S/MIME Cryptographic Signature
[Puppet Users] Could not evaluate: No ability to determine if ... exists
Hi, What does this error mean? Sep 7 17:15:54 racey puppet-agent[3291]: (/Stage[main]/Sysctl/Sysctl[kernel.shmmax]) Could not evaluate: No ability to determine if sysctl exists I don't know where to start looking. If I should post my configuration, please let me know. Best regards, Martijn. smime.p7s Description: S/MIME Cryptographic Signature
Re: [Puppet Users] Could not evaluate: No ability to determine if ... exists
On 07-09-10 17:29, Martijn Grendelman wrote: Hi, What does this error mean? Sep 7 17:15:54 racey puppet-agent[3291]: (/Stage[main]/Sysctl/Sysctl[kernel.shmmax]) Could not evaluate: No ability to determine if sysctl exists I don't know where to start looking. If I should post my configuration, please let me know. I found this thread: http://groups.google.com/group/puppet-dev/browse_thread/thread/97778429d8734e84# It's about the exact same problem that I'm having, but no solution. I am running 2.6.0. I first tested my code/manifests/modules/etc. on a small test environment, and it worked there. Then I moved it to the production server, and the error above appeared. Best regards, Martijn. smime.p7s Description: S/MIME Cryptographic Signature
Re: [Puppet Users] Help with puppet kick
M C schreef: We would like to avoid pre-scheduled updates in our production environment by puppet. The solution I've come across is to instruct the puppet agent not to update on a schedule and instead use puppet kick from the puppet master to force updates when we're ready to deploy them. I can't seem to get this to work. I have asked around the IRC channel and received a few pointers, but it's still not working correctly. I've added the listen = true line to the puppet.conf file on each node, as well as creating a namespaceauth.conf file on each node, with wide open permissions at the moment. When I attempt to run puppet kick from the master, I receive the following error: [r...@admin puppet]# puppet kick -d test.foo.com Triggering test.foo.com Host test.foo.com failed: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed test.foo.com finished with exit code 2 Failed: test.foo.com I am running both the puppet master and agent services with full debugging and I do not see anything in the logs relating to this puppet kick. Can anyone offer any insight? We use triggered runs without problems. The only thing that we have, that you did not mention, is a file named /etc/puppet/auth.conf with the following contents on all clients: path /run method save allow * I think this is a new requirement with Puppet 2.6. I think I got it from the release notes at http://projects.reductivelabs.com/projects/puppet/wiki/Release_Notes#Puppet+Runner Best regards, Martijn. smime.p7s Description: S/MIME Cryptographic Signature
Re: [Puppet Users] Puppet + APT, I am lost...
On 05-09-10 12:02, Marcin Owsiany wrote:
On Tue, Aug 31, 2010 at 04:03:35PM +0200, Martijn Grendelman wrote:
What I would like, is for Puppet to run `aptitude update` before it
installs or upgrades packages.
FYI you're likely to encounter problems when using aptitude provider for
package management. See Debian bugs #445034 #445035
Thanks. The former is not really important to me, since I never use
aptitude that way. The latter is probably a little more tricky, but at
least the 'unknown package' case is handled by Puppet itself:
# Yay, stupid aptitude doesn't throw an error when the package is missing.
if args.include?(:install) and output =~ /Couldn't find any package/
raise Puppet::Error.new(
Could not find package #{self.name}
)
end
I have now solved my problem by using a custom provider for packages, that
is based on the aptitude provider, but simply adds this:
# See if we need to run aptitude update before installing this package
if not File.exists?(/tmp/puppet-iphionapt)
FileUtils.touch(/tmp/puppet-iphionapt)
aptitude(update)
end
I just haven't found a suitable way to clean up the tempfile from within
Puppet without touching any of Puppet's own files, so I use a cronjob for
that now. Maybe I'll switch to a 'postrun_command', or does anyone have a
better idea?
Best regards,
Martijn.
smime.p7s
Description: S/MIME Cryptographic Signature
Re: [Puppet Users] Puppet + APT, I am lost...
Hi Nigel Kersten,
Thank you for your elaborate answer. I am not sure how to proceed, though...
What I would like, is for Puppet to run `aptitude update` before it
installs or upgrades packages. That doesn't seem out of the ordinary to
me, but I can't make it work in Puppet.
The approach I like best, is this one:
class apt-update {
exec { /usr/bin/aptitude update:
refreshonly = true,
}
}
define apt_package($ensure=latest) {
include apt-update
package { $name:
ensure = $ensure,
require = Class[apt-update],
}
}
apt_package { foo:
}
but that doesn't work, it doesn't run apt-update before installing 'foo',
because of the refreshonly = true. If I remove it, it works, but then
`aptitude update` is run on /every/ Puppet run, which is worse than not
running it at all.
Is it at all possible to achieve what I want with Puppet? If so, how?
Why do you want to run this before every package install? That will
add a fair bit of overhead. I don't quite understand the desire to run
before every package install, and yet not simply have it run once
before all package installs.
I am not sure how I said I want to do an update before /every/ package
install. Once at the start of a Puppet-run, /IF/ one or more packages
need to be installed, would suffice.
We've used two approaches, both using our package::apt::update class
which runs apt-get update/upgrade/dpkg --configure -a etc.
I think I read that in the posting that I referenced.
1) Resource defaults:
In the global scope, set a resource default for package to require the
package::apt::update class
The downside is that if you wish to set an additional require for a
specific package, you need to remember to include the global default
as well.
2) Defined types:
Define a type much like yours that has the same require on the package
resource definition inside the defined type.
Isn't that what I decribed above? The problem is, that by including the
class in the define, it runs everytime, unless 'refreshonly = true' is
set, in which case it never runs. If I don't include the class in the
define, Puppet can't find the class when it evaluates the 'require'.
How does that work for you? Would it be possible for you to share
(relevant parts of) your configuration as-is?
The downside is that you are no longer just using 'package' resources,
which makes the use of other people's modules difficult.
The upside is that we have a similar defined type 'apt_repo' that sets
up repositories. With appropriate use of require in apt_package and
before in apt_repo, you know your repositories are being laid down
before apt-get update etc get run, and that the packages are installed
afterwards.
Run stages make this a bit simpler, but you can achieve the same
functionality without them.
I have been looking for examples using run stages, but they are scarce.
The examples in the release notes are too simple to go by.
I have tried to fiddle around with the new run stages feature, but that
got me in a circular dependency mess I couldn't get out of.
Best regards,
Martijn.
smime.p7s
Description: S/MIME Cryptographic Signature
Re: [Puppet Users] Puppet + APT, I am lost...
Mathias Gug schreef:
I am not sure how I said I want to do an update before /every/ package
install. Once at the start of a Puppet-run, /IF/ one or more packages
need to be installed, would suffice.
You may run into a chicken-egg problem. Packages that are configured as
ensure = latest can only be upgraded by puppet if the local apt cache
files are up-to-date.
IOW puppet relies on the local apt files to figure out if packages need
to be updated. And to get new local apt files apt-get update needs to be
run.
I am aware of that, but that's not a problem. I could easily run an
update every day outside of Puppet (on Debian, APT installs a cronjob
that can take care of this by default, it just needs to be configured).
That way, Puppet would pick up the new versions sooner or later. But
what I am trying to achieve, has a different background.
Our development team regularly releases new software, packaged in a
Debian package with a unique name. The idea is that we just give Puppet
a new package {foo: } and have these new packages be installed ASAP. We
even use triggered runs to speed things up and to make sure that several
servers remain identical.
But for this to work, the Puppet run needs to run aptitude update to
pick up the new package name. Running the update periodically isn't
enough, but running an update on every catalog run is just overkill.
Hope this explains my motives, and maybe someone has any more tips!
Best regards,
Martijn.
smime.p7s
Description: S/MIME Cryptographic Signature
