Re: [SPAM] Re: [Puppet Users] help with the firewall puppet forge module
FWIW, I use this as `puppetlabs-firewall' and the resource name `firewall'. On Tue, Oct 25, 2011 at 6:54 PM, Ken Barber k...@puppetlabs.com wrote: Did you run puppet agent -t on your master? Check your /var/lib/puppet/lib/puppet/util directory ... and let me know if there is a copy of firewall.rb in there before and after running puppet agent on your master. ken. On Wed, Oct 26, 2011 at 2:47 AM, David Alden d...@alden.name wrote: Hi, On Oct 25, 2011, at Oct 25, 9:42 PM, Ken Barber wrote: Try restarting your puppetmaster and trying again. Nope - same problem. Thanks for the suggestion. ...dave -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Puppet 2.7 allows dash in variable names: bug or feature?
Funny, I accidentally avoided problems caused by this change because I always suffix variables when possible. On Fri, Oct 21, 2011 at 10:49 PM, Jason Koppe jason.robert.ko...@gmail.comwrote: We have interpolations like $name-tomcat all over our manifests. It's possible to adjust them all to ${name}-tomcat but it's not going to be fun :) On Oct 6, 1:19 am, Evgeny eokole...@gmail.com wrote: perhaps you should enclose the variables in quotes to something like this: http://${yumserver}/repos/vmware-${esxversion-rhel6-64}; On Oct 5, 8:46 pm, Steve Snodgrass phe...@gmail.com wrote: While testingpuppet2.7, I found that one of my manifests broke because of the following quoted string: http://$yumserver/repos/vmware-$esxversion-rhel6-64; Everything in the resulting string after vmware- was blank. After some experiments I found thatpuppet2.7allowsdashes invariable names, and was interpreting $esxversion-rhel6-64 as one big variable. Of course adding curly braces fixes the problem, but that seems like a significant change. Was it intended? Results of applying a simple test manifest: notice(Dashtest: $fqdn-is-my-hostname) Puppet2.6.11: notice: Scope(Class[main]): Dashtest: foobar.example.com-is-my- hostname Puppet2.7.5: notice: Scope(Class[main]): Dashtest: -Steve -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] 2.7.2 or higher repository for Ubuntu 10.04
Use fpm. On Thu, Oct 20, 2011 at 1:53 PM, Dan Sheffner dsheff...@gmail.com wrote: *ruby 1.9.2 not puppet 1.9.2 On Thu, Oct 20, 2011 at 3:51 PM, Dan Sheffner dsheff...@gmail.com wrote: I'm compiling from source w/ rvm, and puppet 1.9.2, then installing puppet through gems. I might be able to publish my python script that does this. On Thu, Oct 20, 2011 at 3:01 PM, Evan Stachowiak evan.stachow...@gmail.com wrote: Is there a best practice or repository I can pull from to install =2.7.2 on ubuntu 10.04? I'm currently using backports and the latest available version is 2.7.1, which is below the requirements for cloud provisioner. Or should I just go ahead and compile from source? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Restore Storconfig Data
Run puppet. On Thu, Oct 20, 2011 at 8:57 PM, dime cyborgian dimecybo...@gmail.comwrote: I Get the initial table structure. But the tables are not populated with the data such as hosts, resources... etc. On Thu, Oct 20, 2011 at 5:30 PM, Bernd Adamowicz bernd.adamow...@esailors.de wrote: If you really dropped the database you have to recreate it before the first Puppet run: 05mysql create database puppet; 06 Query OK, 1 row affected (0.00 sec) 07 08 mysql grant all privileges on puppet.* to puppet@localhostidentified by 'xxx'; 09 Query OK, 0 rows affected (0.00 sec) The initial table structure will then be done by Puppet. Bernd -Ursprüngliche Nachricht- Von: puppet-users@googlegroups.com [mailto:puppet- us...@googlegroups.com] Im Auftrag von sysborg Gesendet: Donnerstag, 20. Oktober 2011 13:19 An: Puppet Users Betreff: [Puppet Users] Restore Storconfig Data Hi, I did a drop database puppet which is used for storing puppet storconfigs. Now I get the following error. === err: Could not retrieve catalog: TypeError: unknown buffer_type: 498322352: SELECT `hosts`.* FROM `hosts` WHERE `hosts`.`name` = 'testdb' LIMIT 1 === Is there a way to repopulate the data. I tried reinstalling, removing /var/lib/puppet. None worked. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet- users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] How-To Question: Installing a service that does not come in an RPM ?
Use fpm. On Tue, Oct 18, 2011 at 1:21 PM, Dan White y...@comcast.net wrote: Are there any exapmples out there that show an intelligent way to do this ? My searches are not turning up anything useful “Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.” Bill Waterson (Calvin Hobbes) -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] /etc/init.d/mysql =fail mysqld=success
1) not a puppet problem 2) run initdb On Oct 10, 2011 7:47 PM, John Bower olympus.sta...@gmail.com wrote: Hello. This is my mysql-server.pp file, both master and client are runing ubuntu. class mysql-server { package { mysql-server: ensure = installed } package { mysql-client: ensure = installed } service { mysql: enable = true, ensure = running, require = Package[mysql-server], } file { /etc/mysql/my.cnf: owner = mysql, group = mysql, source = puppet:///modules/mysql-server/my.cnf, notify = Service[mysql], require = Package[mysql-server], } exec { set-mysql-password: unless = mysqladmin -uroot -psecret, path = [/bin, /usr/bin], command = mysqladmin -uroot password secret, require = Service[mysql], } exec { set-nagios-password: unless = mysqladmin -unagiostest -psecret, path = [/bin, /usr/bin], command = mysqladmin -unagiostest password secret, require = Service[mysql], } } --- When I run /etc/init.d/mysql start sql doesnt run Code: root@cloneubuntu:/var/log/mysql# date Mon Oct 10 19:32:56 PDT 2011 root@cloneubuntu:/var/log/mysql# /etc/init.d/mysql start Rather than invoking init scripts through /etc/init.d, use the service(8) utility, e.g. service mysql start Since the script you are attempting to invoke has been converted to an Upstart job, you may also use the start(8) utility, e.g. start mysql start: Job is already running: mysql root@cloneubuntu:/var/log/mysql# cat /var/log/mysql/error.log root@cloneubuntu:/var/log/mysql# ps ax | grep sql 4797 pts/0S+ 0:00 grep --color=auto sql root@cloneubuntu:/var/log/mysql# cat /etc/mysql/my.cnf [client] port= 3306 socket = /var/run/mysqld/mysqld.sock [mysqld_safe] socket = /var/run/mysqld/mysqld.sock nice= 0 [mysqld] user= mysql socket = /var/run/mysqld/mysqld.sock port= 3306 basedir = /usr datadir = /var/lib/mysql tmpdir = /tmp skip-external-locking bind-address= 0.0.0.0 key_buffer = 16M max_allowed_packet = 16M thread_stack= 192K thread_cache_size = 8 myisam-recover = BACKUP query_cache_limit = 1M query_cache_size= 16M log_error= /var/log/mysql/error.log expire_logs_days= 10 max_binlog_size = 100M [mysqldump] quick quote-names max_allowed_packet = 16M [mysql] [isamchk] key_buffer = 16M !includedir /etc/mysql/conf.d/ root@cloneubuntu:/var/log/mysql# However when i run mysqld alone, it works Code: root@cloneubuntu:/var/log/mysql# date Mon Oct 10 19:34:21 PDT 2011 root@cloneubuntu:/var/log/mysql# mysqld [1] 4815 root@cloneubuntu:/var/log/mysql# cat /var/log/mysql/error.log 111010 19:34:30 [Note] Plugin 'FEDERATED' is disabled. 111010 19:34:30 InnoDB: Started; log sequence number 0 44233 111010 19:34:30 [Note] Event Scheduler: Loaded 0 events 111010 19:34:30 [Note] mysqld: ready for connections. Version: '5.1.41-3ubuntu12.10' socket: '/var/run/mysqld/mysqld.sock' port: 3306 (Ubuntu) root@cloneubuntu:/var/log/mysql# ps ax | grep sql 4815 pts/0Sl 0:00 mysqld 4830 pts/0S+ 0:00 grep --color=auto sql root@cloneubuntu:/var/log/mysql# mysql -u root Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 1 Server version: 5.1.41-3ubuntu12.10 (Ubuntu) Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql I cannot reinstall mysql, I have a feeling it's an issue with the init.d script or somethign along those lines. Please help :S -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Official puppetlabs position on cron vs puppet as a service?
Most things are ok if you only have 10 servers On Oct 8, 2011 1:22 PM, Chris Phillips ch...@untrepid.com wrote: My take on it is to run it from our nagios server. What better way to monitor the puppet runs than by executing that run as part of the check? retry intervals also help push changes out much quicker if they could take multiple runs etc. We also run a single daily cron job. Chris On 8 October 2011 19:32, Matthew Nicholson matthew.a.nichol...@gmail.comwrote: We combine these. We run as a service, but have a daily cron, with random time spread among our hosts, to stop/start the service and clean up stale .pid files. This is more of a hold over from our early days more than anything, but it works, doesn't cause issues, and keeps the runs spread out. On Fri, Oct 7, 2011 at 9:27 PM, Larry Ludwig larry...@gmail.com wrote: Mostly stlll run as cron. Though for some instances we run as a daemon. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/itTFPtfZLocJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Matthew Nicholson -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: I can't seem to create mountpoint and change permissions after mounting in 2.7.3
Not really On Wed, Oct 5, 2011 at 8:54 PM, Chris McDermott csmcderm...@gmail.comwrote: I haven't used them yet, but isn't this what stages are meant to facilitate? http://docs.puppetlabs.com/references/stable/metaparameter.html#stage -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] AW: How best to monitor puppet?
It doesn't matter if puppetmasterd or puppetd are running and working if your clients are failing catalog runs. Send reports, write a check that alerts on N hosts with failed reports over X timeframe or something. On Tue, Oct 4, 2011 at 8:09 PM, Tim Connors tim.w.conn...@gmail.com wrote: On Tue, 4 Oct 2011, Bernd Adamowicz wrote: -Ursprüngliche Nachricht- Von: puppet-users@googlegroups.com [mailto:puppet- us...@googlegroups.com] Im Auftrag von Marcus, Allan B Gesendet: Dienstag, 4. Oktober 2011 15:47 An: puppet-users@googlegroups.com Betreff: [Puppet Users] How best to monitor puppet? We want to use Nagios to monitor out puppet server so we can be notified if it goes down. We are using Fusion Passenger and Apache on Red Hat. Any suggestion for what and how to monitor? We use the basic checks for any Unix machine along with special checks for running Puppet master and client process where appropriate. A service which uses NRPE and a check_procs call on the Puppet boxes like these two examples works fine for us: Command[check_puppetmaster]=/usr/lib64/nagios/plugins/check_procs -w 1:1 -c 1:1 -C puppetmasterd Command[check_puppetclient]=/usr/lib64/nagios/plugins/check_procs -w 1:1 -c 1:1 -C puppet Bernd What about checking the logfile on the master to make sure that everything is checking in? Theoretically, the client daemons could be running and accepting port 8140, but the daemon could be locked up: http://cafuego.net/2011/09/24/keeping-eye-puppet-updated -- Tim Connors -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] apply.pp module missing?
you should see it via gem or your package manager, depending on how it was installed. On Sun, Oct 2, 2011 at 3:29 PM, olympus stance olympus.sta...@gmail.comwrote: Hello Dan, It seems that you are correct, I couldnt find any particular command to find out the version number, but looking at the changelog which is located in the /usr/share/puppet/... directory it looks like I am running 0.25.4 I will be upgrading. Thanks On Sun, Oct 2, 2011 at 4:22 PM, Dan Bode d...@puppetlabs.com wrote: It looks like it is failing b/c you are running a version older than 2.6.x (probably 0.25.5) for 0.25.5, the executable is a little different, try running: $ puppet my_test_manifest.pp there are significant syntax changes between 0.25.5 and 2.6.x, I would not recommend starting with the older version. -Dan On Sun, Oct 2, 2011 at 12:26 PM, John Bower olympus.sta...@gmail.comwrote: Hello, I have succesfully installed puppet on ubunu, one master and one client. I am going through the documentation and I am having a hard time getting this example to work http://docs.puppetlabs.com/learning/manifests.html $ puppet apply my_test_manifest.pp I get this error root@puppet:/etc/puppet/manifests# pwd /etc/puppet/manifests root@puppet:/etc/puppet/manifests# puppet apply my_test_manifest.pp Could not parse for environment production: Could not find file /etc/ puppet/manifests/apply.pp root@puppet:/etc/puppet/manifests# locate apply.pp root@puppet:/etc/puppet/manifests# I am supposed to generate apply.pp somehow or am I actually missing a module or something else i dont know about? Thanks PS.: So far I am impressed with puppet's abilities and look forward to implementing it :) -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: weekend maintennce schedule
It has been, that's what cron does. On Sat, Oct 1, 2011 at 6:51 AM, Kanishka Hettiarachchi kan_...@yahoo.comwrote: Thanks. I was hoping someone may have solved this issue. We intend to run reporting ($noop=true) every (say hour) and action/change only during weekend maintenance schedule. On Sep 30, 2:02 pm, Rob Braden r...@nullroutes.net wrote: Maybe run it from a cron (or at) job, or use something like mcollective to trigger your runs. On Sep 29, 9:47 pm, Kanishka Hettiarachchi kan_...@yahoo.com wrote: Hello, This may have been asked before (apologies), however, did not find a good way to implement a schedule for puppet runs for a speciifc day (say weekend maintennace window). Could anyone suggest a clever workaround for that ? Thanks Kanishka -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users]
You should totally boycott the list On Sep 29, 2011 7:15 AM, Nathan Clemons nat...@livemocha.com wrote: *sigh* And how did these spammers know I was so flat-chested? Seriously, can you guys enlighten us as to what's being done to prevent spam coming in on the list? It's been pretty prevalent lately. I'm not sure if Google Groups just doesn't cut it or what, but I'm hoping you guys have some plans in mind. -- Nathan Clemons http://www.livemocha.com The worlds largest online language learning community On Thu, Sep 29, 2011 at 7:05 AM, Mark Ardiente mark_k...@yahoo.com wrote: http://biggerbras.ca/store/site.php?html50 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Hostname fact doesn't handle hostnames with periods
Except that is the fqdn. On Sep 29, 2011 7:05 PM, Doug Balmer doug.bal...@gmail.com wrote: but I don't think that RFC quoting alone is going to give us the right answer as to whether we should do it or not. 100% agree. To add to my point, facter should be reporting facts. If the hostname, albeit possibly incorrectly, is set to foo.bar then it should report it so. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] [Dashboard] permission denied error when using apache
Check the exception. It's trying to rm all.js On Sep 27, 2011 3:02 AM, Tom De Vylder t...@penumbra.be wrote: Hi all, I'm running into javascript errors using Puppet Dashboard behind an Apache2/Passenger setup. Permission denied - /usr/share/puppet-dashboard/public/javascripts/all.js The permissions inside public/ are ok. The whole public folder is owned by the Apache user. And I'm able to browse anything I put inside the javascripts folder. What's really strange about this is that it only happens with the Apache2/Passenger setup. When I kill the apache daemon and start the puppet-dashboard init script instead the Dashboard does show up in my browser. If anyone needs more information that what's provided below, please let me know. Regards, TomDV Version numbers: Debian squeeze Apache 2.2.11 (debian repo) Passenger 2.2.11 (debian repo) Dashboard 1.2.1-1 (puppetlabs package) Apache config: Listen 3000 VirtualHost *:3000 ServerName dashboard ServerAlias dashboard.tld puppet.tld DocumentRoot /usr/share/puppet-dashboard/public/ Directory /usr/share/puppet-dashboard/public/ Options None AllowOverride AuthConfig Order allow,deny allow from all /Directory LogLevel warn ServerSignature On ErrorLog /var/log/apache2/dashboard_error.log CustomLog /var/log/apache2/dashboard_access.log combined # you may want to tune these settings PassengerHighPerformance on PassengerMaxPoolSize 12 PassengerPoolIdleTime 1500 # PassengerMaxRequests 1000 PassengerStatThrottleRate 120 RailsAutoDetect On /VirtualHost Full error message from apache log: *** Exception Errno::EACCES in PhusionPassenger::Railz::ApplicationSpawner (Permission denied - /usr/share/puppet-dashboard/public/javascripts/all.js) (process 25835): from /usr/lib/ruby/1.8/fileutils.rb:1299:in `unlink' from /usr/lib/ruby/1.8/fileutils.rb:1299:in `remove_file' from /usr/lib/ruby/1.8/fileutils.rb:1304:in `platform_support' from /usr/lib/ruby/1.8/fileutils.rb:1298:in `remove_file' from /usr/lib/ruby/1.8/fileutils.rb:772:in `remove_file' from /usr/lib/ruby/1.8/fileutils.rb:550:in `rm' from /usr/lib/ruby/1.8/fileutils.rb:549:in `each' from /usr/lib/ruby/1.8/fileutils.rb:549:in `rm' from /usr/share/puppet-dashboard/config/initializers/clear_cached_assets.rb:5 from /usr/share/puppet-dashboard/config/initializers/clear_cached_assets.rb:2:in `each' from /usr/share/puppet-dashboard/config/initializers/clear_cached_assets.rb:2 from /usr/share/puppet-dashboard/vendor/rails/activesupport/lib/active_support/dependencies.rb:173:in `load_without_new_constant_marking' from /usr/share/puppet-dashboard/vendor/rails/activesupport/lib/active_support/dependencies.rb:173:in `load' from /usr/share/puppet-dashboard/vendor/rails/railties/lib/initializer.rb:622:in `load_application_initializers' from /usr/share/puppet-dashboard/vendor/rails/railties/lib/initializer.rb:621:in `each' from /usr/share/puppet-dashboard/vendor/rails/railties/lib/initializer.rb:621:in `load_application_initializers' from /usr/share/puppet-dashboard/vendor/rails/railties/lib/initializer.rb:176:in `process' from /usr/share/puppet-dashboard/vendor/rails/railties/lib/initializer.rb:113:in `send' from /usr/share/puppet-dashboard/vendor/rails/railties/lib/initializer.rb:113:in `run' from /usr/share/puppet-dashboard/config/environment.rb:14 from /usr/lib/ruby/1.8/rubygems/custom_require.rb:31:in `gem_original_require' from /usr/lib/ruby/1.8/rubygems/custom_require.rb:31:in `require' from /usr/lib/ruby/1.8/phusion_passenger/railz/application_spawner.rb:303:in `preload_application' from /usr/lib/ruby/1.8/phusion_passenger/railz/application_spawner.rb:252:in `initialize_server' from /usr/lib/ruby/1.8/phusion_passenger/utils.rb:255:in `report_app_init_status' from /usr/lib/ruby/1.8/phusion_passenger/railz/application_spawner.rb:237:in `initialize_server' from /usr/lib/ruby/1.8/phusion_passenger/abstract_server.rb:194:in `start_synchronously' from /usr/lib/ruby/1.8/phusion_passenger/abstract_server.rb:163:in `start' from /usr/lib/ruby/1.8/phusion_passenger/railz/application_spawner.rb:213:in `start' from /usr/lib/ruby/1.8/phusion_passenger/spawn_manager.rb:262:in `spawn_rails_application' from /usr/lib/ruby/1.8/phusion_passenger/abstract_server_collection.rb:126:in `lookup_or_add' from /usr/lib/ruby/1.8/phusion_passenger/spawn_manager.rb:256:in `spawn_rails_application' from /usr/lib/ruby/1.8/phusion_passenger/abstract_server_collection.rb:80:in `synchronize' from /usr/lib/ruby/1.8/phusion_passenger/abstract_server_collection.rb:79:in `synchronize' from /usr/lib/ruby/1.8/phusion_passenger/spawn_manager.rb:255:in `spawn_rails_application' from /usr/lib/ruby/1.8/phusion_passenger/spawn_manager.rb:154:in `spawn_application' from /usr/lib/ruby/1.8/phusion_passenger/spawn_manager.rb:287:in `handle_spawn_application' from /usr/lib/ruby/1.8/phusion_passenger/abstract_server.rb:352:in `__send__' from
Re: [Puppet Users] SU on client servers
I just change everyone's uidgid to 0:0 *trollface* -scott On Tue, Sep 27, 2011 at 11:31 AM, Richard Clark n...@fohnet.co.uk wrote: On 27 Sep 2011, at 18:55, Damien Bridges damien3...@gmail.com wrote: Hi All, How do you configure puppet nodes on the puppet master to allow SUing to root? I want to be able to ssh as a regular user then SU to root on client puppet servers. How do you configure the puppetmaster for this? Totally dependent on the client distro/OS. This is default behaviour on most linux distro's that don't disable root login (RHEL/SLES etc) is it not? -- Richard Clark rich...@fohnet.co.uk -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Trying to get a basic connection going between master and agent
Is your Puppet client's hostname puppet-slave? On Sep 24, 2011 10:16 AM, mlove mikelove...@gmail.com wrote: Hi all, I am trying to get a simple example going with one master and one puppet. I am on Debian and used apt-get install puppetmaster for the master and apt-get install puppet for the puppet. I was able to get the cert signed and imported to the master from the puppet. Now I am just trying to get a basic example like putting a fil in the /tmp directory on the puppet. I put the following in nodes.pp in /etc/ puppet/manifests/ node basenode { } node 'puppet-slave' inherits basenode { file {'testfile': path = '/tmp/testfile', ensure = present, mode = 0640, content = I'm a test file., } } I run puppet agent --onetime on the puppet but when I check /tmp the file testfile is not there. Any suggestions? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Official puppetlabs position on cron vs puppet as a service?
Ohad, was rand_fqdn not sufficient for you? On Sep 25, 2011 1:03 PM, Ohad Levy ohadl...@gmail.com wrote: On Sun, Sep 25, 2011 at 10:33 PM, treydock treyd...@gmail.com wrote: On Sep 24, 9:42 pm, Aaron Grewell aaron.grew...@gmail.com wrote: We had frequent inexplicable daemon crashes on Solaris, but not on RHEL5 (at least not yet) . Given known issues with memory leakage in older Ruby releases Cron seemed more likely to be reliable. We stuck a random wait in the Cron job to spread load on the master and so far it works well. On Sep 24, 2011 7:22 AM, treydock treyd...@gmail.com wrote: On Sep 23, 5:42 pm, Brian Gupta brian.gu...@brandorr.com wrote: Over the years many shops have come to start running puppet via cron to address memory leaks in earlier versions of Ruby, but the official position was that puppet was meant to be run as a continually running service. I am wondering if the official position has changed. On one hand many if not all of the early Ruby issues have been fixed, on the other, the addition of mcollective into the mix as a lightweight agent for triggering adhoc puppet runs, and other tasks somewhat lowers the requirements for puppet to be run as a service. (Or out of cron for that matter). I understand that in cases where old Ruby versions are for whatever reason mandated the answer may be different. Thanks, Brian -- http://aws.amazon.com/solutions/solution-providers/brandorr/ Could those memory leak problems cause the Puppet daemon to crash with no logs indicating why? I have about 20 systems all running CentOS 5 and 6, with Puppet 2.6.9, and I now have to have Zabbix run a /etc/ init.d/puppet start everytime the daemon crashes which is almost on a daily basis for every client. Would be interested to know of a known fix or if the only fix is the workaround of using Cron. Thanks - Trey -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. Could you share how you did the random wait? I may have to switch to a cron job with how often my daemons are crashing and having to be restarted by Zabbix. I used the ip_to_cron function from http://projects.puppetlabs.com/projects/1/wiki/Cron_Patterns afterwards, I just do a sleep random 59, so its also random within the minute. Ohad Thanks - Trey -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Templating question:
You must be new to Ruby. On Sep 24, 2011 3:30 PM, Peter Berghold salty.cowd...@gmail.com wrote: Hmmm looks suspiciously Perl-ish. ;) On Sep 24, 2011 4:19 PM, Steve Snodgrass phe...@gmail.com wrote: Peter, I'm not sure about your specific question but there is a much easier way of doing what you are trying to do. %= hosts.join(',') % That will replace your entire example template. :) On Sep 24, 2:33 pm, Peter Berghold salty.cowd...@gmail.com wrote: I thought I read in some docu... -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Root User
You realize that you can set the RHS of the from address to an fqdn, right? On Fri, Sep 23, 2011 at 6:00 PM, Peter Berghold salty.cowd...@gmail.comwrote: Hi folks, I thought I'd get clever tonight and add to my base class for node configuation the statement: user { root : comment = Root User on ${hostname} } My hope was that I would change the GECOS field for the root user so that emails from root on the machines would identify which root they came from. What happened was the next run of the puppet agent resulted in a complaint of a cyclical reference. How do I get this to work without the cyclical reference? None of the classes that were listed as being part of the cyclical reference directly had dependencies on root, I'd imagine though there were implied references. -- Peter L. Berghold Owner, Shark River Technical Solutions LLC -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet - Update a custom debian pkg
Use apt On Sep 20, 2011 11:24 AM, Sidarta sidarta...@gmail.com wrote: Hello folks, We're starting using Puppet in our production environment and now we're with some preformance issues. For example, we've some large(200MB) recursives directories for puppet's deploy, and that was totally inefficient. (Minimize recursive file serving: http://docs.puppetlabs.com/guides/scaling.html). So we made a test creating our custom debian package (.deb) for our files and libs. Doing that Puppet don't need to recursively check all the file's md5sum. And now we've this catalog : file { /tmp/my-custom.deb: ensure = present, source = puppet:///modules/test/deb/my-custom.deb, } package {my-custom: require = File['/tmp/my-custom.deb'], ensure = installed, source = /tmp/my-custom.deb, provider = dpkg, } That way, works great (less than 30 sec), but when updated our custom package puppet just copy the file and do not execute the dpkg to install. How can I achive this goal? And there is a best way to manage large files? Can someone indicate me some references of the best deployment practices (puppet+custom debian or something else) ? Best regards, Sidarta Oliveira -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Ubuntu Execution of '/etc/puppet/etckeeper-commit-pre' returned 1:
That is a package used to store /etc in git. Slightly redundant if you ask me On Sep 16, 2011 7:33 AM, Jussi Heinonen heinonen.ju...@gmail.com wrote: I ran into same problem after installing puppet as gem on Ubuntu 10.04. I don't know what's the purpose of '/etc/puppet/etckeeper-commit-pre' but at least such executable is not found in the file system. Workaround for me was to comment out (#) the following lines in /etc/puppet/puppet.conf: prerun_command=/etc/puppet/etckeeper-commit-pre postrun_command=/etc/puppet/etckeeper-commit-post Now puppet runs fine. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/DrjWV4h5jyEJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Email Protection? (NON SUBJECT ORIENTED)
I blame Luke himself. ...wait what?! It's google groups, bro On Sep 15, 2011 7:08 AM, Matthew Hand mattxh...@gmail.com wrote: Are you guys doing anything to protect our email addresses? Ever since I made my first post on here, I have been getting some VERY malicious stuff coming to my account? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] debugging new custom type
Hm, doesn't address your issue but you could probably do thus with just a definition instead of writing a new type. On Sep 15, 2011 1:22 PM, Guy Matz gm...@matz.org wrote: hi! Does anyone have any advice on debugging a new custom type? Any thoughts would be greatly appreciated . . . BTW, I'm getting the error: err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not render to pson: undefined method `merge' for []:Array with some very rough code. The Type (vncserver.rb): module Puppet newtype(:vncserver) do ensurable newproperty(:port) do desc The vnc servers port assignment. Will be +5900 on the server validate do |value| unless value.is_i? raise Puppet::Error, Invalid Port number end end end newproperty(:username) do desc The user who will own the VNC session. isnamevar validate do |value| unless value !~ /\s/ raise Puppet::Error, Must be a valid username. No spaces, please. end end end newproperty(:geometry) do desc Resolution for VNC, in XxY, e.g. 1024x768. validate do |value| unless value !~ /^\d*x\d*$/ raise Puppet::Error, Must be a valid geometry. e.g., 1024x768. end end end newparam(:password) do desc Password to be put into users .vnc/passwd. validate do |value| unless hostpart =~ /^([\d\w]+|[\d\w][\d\w\-]+[\d\w])$/ raise Puppet::Error, Invalid host name end end end newparam(:args) do desc Optional arguments to be added to the vncserver command-line. end end @doc = Installs and manages entries for vncservers. For Redhat-bases systems, and likely many others, these entries will be in /etc/sysconfig/vncservers. end The Provider (parsed.rb): require 'puppet/provider/parsedfile' vncservers = /etc/sysconfig/vncservers Puppet::Type.type(:vncserver).provide(:parsed, :parent = Puppet::Provider::ParsedFile, :default_target = vncservers, :filetype = :flat ) do desc The vncserver provider that uses the ParsedFile class confine :exists = vncservers text_line :comment, :match = /^#/; text_line :blank, :match = /\s*$/; text_line :blank, :match = /\s*$/; record_line :parsed, :fields = %w{vncservers}, :match = /^VNCSERVERS=(.*)/ end And The Manifest: class vncserver { include common::vnc package { 'tigervnc-server': ensure = 'installed'; } vncserver { 'gmatz': port = '92', geometry = '1024x768', password = 'gmatz'; } } -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Source of external node data?
I wrote my own with a Redis storage backend. So I use the external node exec terminus. On Sep 15, 2011 5:43 PM, Aaron Grewell aaron.grew...@gmail.com wrote: I'm pulling Hiera data inside the modules. It's less conceptually elegant than passing the data but much easier to actually make work. On Sep 15, 2011 2:33 PM, Douglas Garstang doug.garst...@gmail.com wrote: I asked this question a few weeks ago. Didn't get a reply, so I thought I'd try again. Where are people more likely to source external node data from? a) By using extlookup, hiera etc within each puppet module to load data specific to that module, OR b) Having the external node script source everything at once from, say a database, and then dump all the variables that the node will ever need. ? Doug. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Community Package Repos for Puppet Labs products
fpm ;) On Tue, Sep 13, 2011 at 12:35 AM, Michael Stahnke stah...@puppetlabs.comwrote: On Mon, Sep 12, 2011 at 3:39 PM, Vlad v...@vladgh.com wrote: Are there any plans to get the latest puppet and facter into apt.puppetlabs.com? Of course. I started with yum simply because it was asked for more loudly, and I know rpm a bit better than the debian packaging. I welcome any help, reviews, ideas on the debian packaging side (all sides really). Mike -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Facter variable $puppetversion
If that were true the job of QA would be much easier On Sep 13, 2011 10:48 AM, Douglas Garstang doug.garst...@gmail.com wrote: On Tue, Sep 13, 2011 at 10:46 AM, R.I.Pienaar r...@devco.net wrote: - Original Message - On Tue, Sep 13, 2011 at 1:45 AM, Luke Bigum luke.bi...@lmax.com wrote: Err, what is that 0.25-5 doc folder and what RPM owns it? rpm -qf /usr/share/doc/puppet-0.25.5 If nothing owns it, you've pretty much proved your system has old Puppet artefacts lying around. Personally I wouldn't trust any of the content in /usr/lib/ruby now. Is this a production system? Anything else use Ruby on it? I'd start to get heavy handed as this point: tar -cvzf /tmp/usrlibruby.tar.gz /usr/lib/ruby (take a backup) yum remove ruby puppet facter (remove all your RPMs) find /usr/lib/ruby (what's left in your Ruby libdir?) locate puppet (again, what's left over, should be almost nothing but / var/lib/puppet, /var/run stuff and config files) Now you could try reinstall and compare your backed up version of /usr/ lib/ruby with your new one. On Sep 12, 11:47 pm, Douglas Garstang doug.garst...@gmail.com wrote: [root@hproxy11 ~]# locate puppet ... /usr/share/doc/puppet-0.25.5 So... this doesn't make sense. I just did this on the client: rpm --erase puppet rpm --erase facter find / -name *facter* -exec rm -rf {} \; find / -name *puppet* -exec rm -rf {} \; And then reinstalled puppet and facter, cleaned the certs etc, and restarted puppet. Problem persists... maybe these rogue files didnt come from rpm? then it wouldnt know to remove them. Maybe not, but I'm sure the rm -fR would have taken care of any that weren't, no? I think we all know that installing puppet 2.7.3 from RPM's isn't an issue, or else everyone would be experiencing the same problem. It seems at this point, the problem may lie somewhere on the server, especially as facter locally reports the right value. Doug. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Updating /etc/puppet ?
A directory is a directory. That a directory has a parent directory in which other files exist is pretty moot. On Thu, Sep 1, 2011 at 12:13 PM, Aaron Grewell aaron.grew...@gmail.comwrote: We don't put our manifests under /etc/puppet at all. It's convenient for small installations but as we scaled up I found mixing configs (local, managed by Puppet) and manifests (kept under version control) to be problematic. On Sep 1, 2011 11:58 AM, Russell Van Tassell russel...@gmail.com wrote: I'm currently in the same position, and the solution I've proposed (and am currently working on) involves using a central repository (likely git). The puppet client (running on the master) simply checks the current master branch on the remote repository -- if the revisions are not the same, it just pulls a new copy. While I've not implemented this, yet ... I'm guessing it should work. Anyone have any better ideas -- perhaps a check-in hook to trigger at export? Regards, Russell On Thu, Sep 1, 2011 at 11:47 AM, Douglas Garstang doug.garst...@gmail.comwrote: I have a real-world, best practices, procedural question. How do you manage the he puppet master, under /etc/puppet, where multiple people may be editing files? The /etc/puppet directory is a working copy, and each user has read access to files created by other users. However, if one person adds a module directory to svn, the lock files that are created by svn are owned by that person, and the next person that comes along can't do svn updates etc. Similarly I can't write to files created by a different user. Yes, sure, the 'right way' to do this may be to have all the files owned by the puppet user, and users don't edit files directly in /etc/puppet, and a script is responsible for performing the svn update, but we're not there yet. Ideas? Doug. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Updating /etc/puppet ?
http://projects.puppetlabs.com/projects/1/wiki/Puppet_Version_Control On Thu, Sep 1, 2011 at 11:47 AM, Douglas Garstang doug.garst...@gmail.comwrote: I have a real-world, best practices, procedural question. How do you manage the he puppet master, under /etc/puppet, where multiple people may be editing files? The /etc/puppet directory is a working copy, and each user has read access to files created by other users. However, if one person adds a module directory to svn, the lock files that are created by svn are owned by that person, and the next person that comes along can't do svn updates etc. Similarly I can't write to files created by a different user. Yes, sure, the 'right way' to do this may be to have all the files owned by the puppet user, and users don't edit files directly in /etc/puppet, and a script is responsible for performing the svn update, but we're not there yet. Ideas? Doug. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Updating /etc/puppet ?
Also, setgid directories with umask 002 can help if you don't want to use a VCS. On Thu, Sep 1, 2011 at 11:47 AM, Douglas Garstang doug.garst...@gmail.comwrote: I have a real-world, best practices, procedural question. How do you manage the he puppet master, under /etc/puppet, where multiple people may be editing files? The /etc/puppet directory is a working copy, and each user has read access to files created by other users. However, if one person adds a module directory to svn, the lock files that are created by svn are owned by that person, and the next person that comes along can't do svn updates etc. Similarly I can't write to files created by a different user. Yes, sure, the 'right way' to do this may be to have all the files owned by the puppet user, and users don't edit files directly in /etc/puppet, and a script is responsible for performing the svn update, but we're not there yet. Ideas? Doug. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Updating /etc/puppet ?
I can't say I've ever met someone who had trouble with this. On Thu, Sep 1, 2011 at 1:10 PM, Aaron Grewell aaron.grew...@gmail.comwrote: Technically true, but administratively confusing IMHO. On Thu, Sep 1, 2011 at 1:08 PM, Scott Smith sc...@ohlol.net wrote: A directory is a directory. That a directory has a parent directory in which other files exist is pretty moot. On Thu, Sep 1, 2011 at 12:13 PM, Aaron Grewell aaron.grew...@gmail.comwrote: We don't put our manifests under /etc/puppet at all. It's convenient for small installations but as we scaled up I found mixing configs (local, managed by Puppet) and manifests (kept under version control) to be problematic. On Sep 1, 2011 11:58 AM, Russell Van Tassell russel...@gmail.com wrote: I'm currently in the same position, and the solution I've proposed (and am currently working on) involves using a central repository (likely git). The puppet client (running on the master) simply checks the current master branch on the remote repository -- if the revisions are not the same, it just pulls a new copy. While I've not implemented this, yet ... I'm guessing it should work. Anyone have any better ideas -- perhaps a check-in hook to trigger at export? Regards, Russell On Thu, Sep 1, 2011 at 11:47 AM, Douglas Garstang doug.garst...@gmail.comwrote: I have a real-world, best practices, procedural question. How do you manage the he puppet master, under /etc/puppet, where multiple people may be editing files? The /etc/puppet directory is a working copy, and each user has read access to files created by other users. However, if one person adds a module directory to svn, the lock files that are created by svn are owned by that person, and the next person that comes along can't do svn updates etc. Similarly I can't write to files created by a different user. Yes, sure, the 'right way' to do this may be to have all the files owned by the puppet user, and users don't edit files directly in /etc/puppet, and a script is responsible for performing the svn update, but we're not there yet. Ideas? Doug. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Updating /etc/puppet ?
You asked for best practices and that document describes them, essentially. If your process is broken it should be fixed. On Thu, Sep 1, 2011 at 1:28 PM, Douglas Garstang doug.garst...@gmail.comwrote: Was that in reply to my original post, or a subsequent reply? You did see where I said /etc/puppet was a working copy, right? Doug. On Thu, Sep 1, 2011 at 1:09 PM, Scott Smith sc...@ohlol.net wrote: http://projects.puppetlabs.com/projects/1/wiki/Puppet_Version_Control On Thu, Sep 1, 2011 at 11:47 AM, Douglas Garstang doug.garst...@gmail.com wrote: I have a real-world, best practices, procedural question. How do you manage the he puppet master, under /etc/puppet, where multiple people may be editing files? The /etc/puppet directory is a working copy, and each user has read access to files created by other users. However, if one person adds a module directory to svn, the lock files that are created by svn are owned by that person, and the next person that comes along can't do svn updates etc. Similarly I can't write to files created by a different user. Yes, sure, the 'right way' to do this may be to have all the files owned by the puppet user, and users don't edit files directly in /etc/puppet, and a script is responsible for performing the svn update, but we're not there yet. Ideas? Doug. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Regards, Douglas Garstang http://www.linkedin.com/in/garstang Email: doug.garst...@gmail.com Cell: +1-805-340-5627 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Weird passenger problem
md5sum your apache configs and compare, then diff if necessary On Thu, Sep 1, 2011 at 5:06 PM, Marek Dohojda chro...@gmail.com wrote: I have multiple server (rhel5.3) running puppet server. 2 of these servers are also running passenger. However on the third server I am running into a weird problem: Could not retrieve catalog from remote server: No format match the given format name or mime-type (text/html The puppetmaster itself is working fine, this problem only happens with passenger. Apache version is 2.2.3 and passenger 2.2.11. Anybody has any idea where I should start looking? Thanks!! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Need some advice: Clients that change name and IP address
http://docs.puppetlabs.com/references/stable/configuration.html#certname On Tue, Aug 30, 2011 at 8:32 PM, Dan White y...@comcast.net wrote: On Aug 30, 2011, at 9:45 PM, Gary Larizza wrote: On Tue, Aug 30, 2011 at 8:43 PM, Dan White y...@comcast.net wrote: On Aug 30, 2011, at 9:17 PM, Nigel Kersten wrote: On Tue, Aug 30, 2011 at 9:28 AM, Dan White y...@comcast.net wrote: The environment I work in has dev, QA, and production divisions. New machines are built/loaded in dev and then moved, if necessary to QA or production after they have been configured and verified. In moving, the machine in question will change its IP address and hostname. I have set up a Cobbler server to shortcut this, and I am now tasked with adding Puppet to the mixture. Can anyone suggest a maintainable way for Puppet to handle machines that get moved and renamed as described ? My first thought is to remove all the files generated by making the machine a puppet client and then just re-add it as a new client in the new location with the new name, but that feels like a brute-force solution. Don't use hostnames for your certnames? I've used UUIDs for this sort of deployment in the past. Details, please. The certname setting can be changed in the agent section of puppet.conf. When I managed Puppet down to the desktop, I would typically set the client's certname to their serial number (which wouldn't change unless the Motherboard was changed). Because of this, they could change their Hostname to their heart's content and the SSL certs for Puppet wouldn't be affected. Would an example be possible ? I think I understand what you are saying, but as a N00b PuppetMaster, I cannot quite figure out how to make it happen. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Announce: Dashboard 1.2.0 is available now
wat On Sat, Aug 27, 2011 at 4:36 AM, Tim Connors tim.w.conn...@gmail.comwrote: On Fri, 26 Aug 2011, Michael Stahnke wrote: * Dashboard now requires Ruby 1.8.7 to operate I've always found it odd that sysadmins would opt for such an unstable language. One where minor revisions are often backwards incompatible changes to the language. The ruby design seems to this particular sysadmin, to be contraindicative of something that can be well sysadminned. So it seems odd that it's the backbone of such an important sysadmin tool. All distributions have a reasonable method of including a good selection of perl modules. And perl is pretty stable over time. But this choice of not debugging the problems with ruby 1.8.5 leads to it being impossible to host dashboard on redhat 5 entirely. I don't have the freedom of not chosing rhel at work. If I provisioned a new rhel6 server for the new puppet infrastructure, then I'd just be pushing back the problem until next year when dashboard decided to come out with ruby dependencies of 1.8.7. Is there a great need for choosing bleeding edge features of an unstable language for a sysadmin tool that's meant to be around for a long time because of the amount of investment required in setting it up? /rant, part question -- Tim Connors -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] ssh_authorized_keys with array
Use ssh::authorized_key On Aug 19, 2011 8:25 AM, Tim Schmeling spaeter...@googlemail.com wrote: Hi, i have written a class called ssh to manage authorized_keys. First i define my authorized_keys in this array: $authorized_key = { tim_at_caesium = .,} Then i have a define: define authorized_keys($ensure=present, $username) { ssh_authorized_key { $name: ensure = $ensure, type = ssh-rsa, key = $authorized_key[$name], user = $username, } } And last but not least this case syntax to include my authorized_keys: case $hostname{ my_hostname: { authorized_keys { testuser_at_machine1: username= [ testuser01,testuser02 ] } } } When i run puppet on the machine my_hostname, puppet should installs the authorized_key testuser_at_machine1 at user testuser01 and testuser02, but only the first user (testuser01) becomes the key. Can anyone help me, where is my mistake? Greetz Tim -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] ssh_authorized_keys with array
Fuuu, responding to Puppet list on my phone is off limits from now on... On Aug 19, 2011 9:43 AM, Stefan Schulte stefan.schu...@taunusstein.net wrote: On Fri, Aug 19, 2011 at 01:22:46AM -0700, Tim Schmeling wrote: Hi, i have written a class called ssh to manage authorized_keys. First i define my authorized_keys in this array: $authorized_key = { tim_at_caesium = .,} Then i have a define: define authorized_keys($ensure=present, $username) { ssh_authorized_key { $name: ensure = $ensure, type = ssh-rsa, key = $authorized_key[$name], user = $username, } } And last but not least this case syntax to include my authorized_keys: case $hostname{ my_hostname: { authorized_keys { testuser_at_machine1: username= [ testuser01,testuser02 ] } } } When i run puppet on the machine my_hostname, puppet should installs the authorized_key testuser_at_machine1 at user testuser01 and testuser02, but only the first user (testuser01) becomes the key. Can anyone help me, where is my mistake? Greetz Tim user just doesnt take an array. One authorized key resource describes exactly one key in one authorized_key file. -Stefan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Dependency Cycle Weirdness
Don't think you need to include if there is a require On Aug 17, 2011 9:50 AM, Douglas Garstang doug.garst...@gmail.com wrote: If I have: class service::common { file { '/etc/foo': ensure = directory; '/etc/init.d/ss-functions': content = template('service/etc/init.d/ss-functions.erb'), require = File['/etc/foo'], } } class platform::common { include service::common File { require = Class['service::common'] } } then puppet is telling me: Aug 17 09:47:01 test01 puppet-agent[14530]: Could not apply complete catalog: Found 1 dependency cycle: (File[/etc/foo] = Class[Service::Common] = File[/etc/foo]) Try the '--graph' option and opening the resulting '.dot' file in OmniGraffle or GraphViz I don't get it. How does /etc/foo depend on Service::Common? I mean, it's IN that class... is that why it depends on it? Debugging these is awful... Doug, -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet agent hangs for over a minute, no info in --summarize
Do you have any arp entries for which there is no PTR? On Aug 17, 2011 10:23 AM, Dragonfyre13 dragonfyr...@gmail.com wrote: Hoping you guys might be able to help me out, I'm not sure what's wrong but puppet agent hangs for over a minute, no resource spikes (CPU, memory, etc all stay basically the same as without starting puppet, barely a blip, and I've got more than enough headroom). It's not a serious issue for continuous usage, but really, really annoying when testing the manifests I'm starting to create. Below is a snippet of the agent's output when run with: puppet agent --test --noop --debug --trace --verbose --waitforcert 0 Master is running as: puppet master --no-daemonize --debug --trace --logdest --summarize Agent log segment: [snip] debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/ puppet] debug: Finishing transaction 70059796256340 debug: Using cached certificate for ca debug: Using cached certificate for ubuntu05.wic.west.com debug: Finishing transaction 70059798542500 debug: Loaded state in 0.00 seconds debug: Using cached certificate for ca debug: Using cached certificate for ubuntu05.wic.west.com debug: Using cached certificate_revocation_list for ca debug: catalog supports formats: b64_zlib_yaml dot marshal pson raw yaml; using pson [snip] debug: Storing state debug: Stored state in 0.01 seconds notice: Finished catalog run in 0.16 seconds Changes: Events: Noop: 2 Total: 2 Resources: Total: 12 Out of sync: 2 Skipped: 6 Time: Filebucket: 0.00 Package: 0.00 Exec: 0.00 Config retrieval: 0.44 Total: 0.45 Last run: 1313600473 debug: Using cached certificate for ca debug: Using cached certificate for ubuntu05.wic.west.com debug: Using cached certificate_revocation_list for ca debug: Value of 'preferred_serialization_format' (pson) is invalid for report, using default (b64_zlib_yaml) debug: report supports formats: b64_zlib_yaml marshal raw yaml; using b64_zlib_yaml Master Log: info: Expiring the node cache of ubuntu05.wic.west.com info: Not using expired node for ubuntu05.wic.west.com from cache; expired at Wed Aug 17 13:00:12 -0400 2011 info: Caching node for ubuntu05.wic.west.com debug: Exec[pwd]: Adding default for logoutput debug: Exec[pwd]: Adding default for path debug: Exec[whoami]: Adding default for logoutput debug: Exec[whoami]: Adding default for path notice: Compiled catalog for ubuntu05.wic.west.com in environment production in 0.04 seconds Agent hangs between: debug: Loaded state in 0.00 seconds debug: Using cached certificate for ca It sits there for over a minute before moving on. I've tried an agent on a different system from the master, agent on the same system (as above), they have the exact same behavior. At first I thought it was the manifest I created (nothing complicated, followed ntp stuff and adapted it slightly for the most part), but running this with absolutely no manifests being applied for the node hangs for the same period of time, in the same place. I'm using webrick for the server, but since right now I have a single client, and that's being fired off manually (not in cron, not a long running client, etc), using webrick shouldn't be an issue as far as I know. I setup minimal config files, (defaults only) as I originally thought maybe the master was delaying things due to not finding the configs it wanted. It reduced the logs, but didn't speed it up at all. I setup everything per the simple recipe, and haven't gone much further than that. Any info needed should be easy to post, but this is just currently an annoyance more than anything. Once I have everything running, I should be fine to have the minute+ delay in with every sync, but for testing manifests, etc it's really slowing things down. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Puppet agent hangs for over a minute, no info in --summarize
Run arp -a If it hangs at any point, that is likely the problem. I'm not suggesting that arp is the problem, rather that you might have entries for IP addresses that have no PTR. See: http://projects.puppetlabs.com/issues/8247 -scott On Wed, Aug 17, 2011 at 12:40 PM, Dragonfyre13 dragonfyr...@gmail.comwrote: Not as far as I can tell. I can honestly say I didn't look that far down the chain yet though, except that name resolution is occurring quickly and successfully for each of the boxes in play (I did test on fqdn, ip, and hostname FYI, so it's not a resolution issue). Note also that tcp and udp connections and packets between these servers are in the single digit ms range from my tests (although of course ARP resolution would be below either of these), and they are sitting behind a single switch prior to exiting to the primary lab switches. I would anticipate that puppet wouldn't be the only application with this issue if it were at the ARP level though, and I'm able to communicate between the systems fine via other methods. If you want to direct me to something on how I can confirm, I'm more than happy to try. Not entirely sure to check existing PTR entries against the ARP cache. On Aug 17, 12:54 pm, Scott Smith sc...@ohlol.net wrote: Do you have any arp entries for which there is no PTR? On Aug 17, 2011 10:23 AM, Dragonfyre13 dragonfyr...@gmail.com wrote: Hoping you guys might be able to help me out, I'm not sure what's wrong but puppet agent hangs for over a minute, no resource spikes (CPU, memory, etc all stay basically the same as without starting puppet, barely a blip, and I've got more than enough headroom). It's not a serious issue for continuous usage, but really, really annoying when testing the manifests I'm starting to create. Below is a snippet of the agent's output when run with: puppet agent --test --noop --debug --trace --verbose --waitforcert 0 Master is running as: puppet master --no-daemonize --debug --trace --logdest --summarize Agent log segment: [snip] debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/ puppet] debug: Finishing transaction 70059796256340 debug: Using cached certificate for ca debug: Using cached certificate for ubuntu05.wic.west.com debug: Finishing transaction 70059798542500 debug: Loaded state in 0.00 seconds debug: Using cached certificate for ca debug: Using cached certificate for ubuntu05.wic.west.com debug: Using cached certificate_revocation_list for ca debug: catalog supports formats: b64_zlib_yaml dot marshal pson raw yaml; using pson [snip] debug: Storing state debug: Stored state in 0.01 seconds notice: Finished catalog run in 0.16 seconds Changes: Events: Noop: 2 Total: 2 Resources: Total: 12 Out of sync: 2 Skipped: 6 Time: Filebucket: 0.00 Package: 0.00 Exec: 0.00 Config retrieval: 0.44 Total: 0.45 Last run: 1313600473 debug: Using cached certificate for ca debug: Using cached certificate for ubuntu05.wic.west.com debug: Using cached certificate_revocation_list for ca debug: Value of 'preferred_serialization_format' (pson) is invalid for report, using default (b64_zlib_yaml) debug: report supports formats: b64_zlib_yaml marshal raw yaml; using b64_zlib_yaml Master Log: info: Expiring the node cache of ubuntu05.wic.west.com info: Not using expired node for ubuntu05.wic.west.com from cache; expired at Wed Aug 17 13:00:12 -0400 2011 info: Caching node for ubuntu05.wic.west.com debug: Exec[pwd]: Adding default for logoutput debug: Exec[pwd]: Adding default for path debug: Exec[whoami]: Adding default for logoutput debug: Exec[whoami]: Adding default for path notice: Compiled catalog for ubuntu05.wic.west.com in environment production in 0.04 seconds Agent hangs between: debug: Loaded state in 0.00 seconds debug: Using cached certificate for ca It sits there for over a minute before moving on. I've tried an agent on a different system from the master, agent on the same system (as above), they have the exact same behavior. At first I thought it was the manifest I created (nothing complicated, followed ntp stuff and adapted it slightly for the most part), but running this with absolutely no manifests being applied for the node hangs for the same period of time, in the same place. I'm using webrick for the server, but since right now I have a single client, and that's being fired off manually (not in cron, not a long running client, etc), using webrick shouldn't be an issue as far as I know. I setup minimal config files, (defaults only) as I originally thought maybe the master was delaying things due to not finding the configs it wanted. It reduced the logs, but didn't speed it up at all. I setup everything per the simple recipe, and haven't gone much further
Re: [Puppet Users] Re: Corrupted inventory.txt - how to rebuild?
You guys do realize that it's not necessary to share node certs with puppetmasters if your CA is separated, right? It's signed for a reason :) On Aug 16, 2011 8:13 AM, Luke Bigum luke.bi...@lmax.com wrote: Also I think Nigel posted a load balanced solution using entirely Apache that's floating around on the list, configs and all. Was a few months ago now if you want to go searching. On Aug 16, 4:12 pm, Luke Bigum luke.bi...@lmax.com wrote: Sean, Previously I've set up a cluster of Puppet Masters with one machine acting as the software load balancer (IPVS) as well as the Puppet Certificate Authority. The relevant puppet.conf options are ca_port and ca_server to specify where your CA is. The Puppet Master service on the CA server listened on the ca_port and signed CA requests. The default puppet port 8140 was load balanced to a pool of slave Puppet Masters and these masters all NFS mounted the ssl/ca/ directory so they knew about all signed puppet agents. You could then go even further and make your CA server resilient with Pacemaker / Heartbeat or other HA techniques. I didn't bother to go that far though ;) Hope that helps, -Luke On Aug 16, 3:25 pm, Sean Carolan scaro...@gmail.com wrote: How do you all handle load balancing and certificate management? Is there a way to have a master authority cert server, that all the other nodes turn to for all things SSL? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: scoping question - I want a node specific global var
Some times doing things the right way requires going through the pain of changing your current practices for the better. On Tue, Aug 16, 2011 at 9:24 AM, Rich Rauenzahn rraue...@gmail.com wrote: On Tue, Aug 16, 2011 at 6:23 AM, jcbollinger john.bollin...@stjude.org wrote: [Lots of good ideas] Of those, I would recommend either extlookup() or your ENC (if you have one), with my personal preference being extlookup(). I think Hiera may offer an even better solution (though similar to extlookup()), but I'm not familiar enough with it to feel comfortable recommending it. Unfortunately I've thought of some of those and they don't quite fit with our existing infrastructure. * We're not using ENC * I want the special information right alongside the node decl. This reduces chance for error and makes the data more maintainable. Let me give more background: We have a nodes.pp with a lot of hosts in it. We map a nodename to a single class... node /our-squid\d+/ { include system:our_squid } node /our-db\d+/ { include system:our_db } and so on. We are making a failover site. node /special-our-squid\d+/ { include system::our_squid} node /special-our-db\d+/ { include system::our_db } I don't want to confuse the issue with more details, but due to some legacy naming conventions, we can't (..shouldn't...) use /^special-*/ to determine the sites are failover. We would like the attribute in puppet. I could do class { system::our_db: failover = failover }, except I want that failover attribute within the class that system::our_db derives from. class system { // Am I special? } class system::our_db($failover) inherits system { // Am I special, too? } So ideally (except that this won't work with the new scoping rules in the future), I'd like to node /special-our-db\d+/ { $SPECIAL=true include system::our_db } Now, I could make a class class special($yesorno = false) { $SPECIAL = $yesorno } and include that in all nodes, and change it to false in the special nodes It isn't very elegant and makes our node file a lot messier. Each node is two lines now.. there must be a more elegant solution. Maybe the answer is to make a case statement in the nodes.pp that sets $IMSPECIAL globally based on the hostname... which was one of your suggestions. But I don't like maintaining two lists of host regex's, which could get out of date. Is there no specifier to reach my node's scope? i.e., $mynode::IMSPECIAL? Maybe in Ruby? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Dashboard table resource_statuses growing uncontrollably
There should probably be a rake task for this (tbh, all that stuff should be rewritten, loading the whole Rails env to do it is ...ugly), but you can probably (caveat emptor, I don't know this table very well) do something like *delete from resource_statuses where time = date_sub(now(), interval 2 weeks)* That'd delete rows older than two weeks. -scott On Tue, Aug 16, 2011 at 2:34 PM, Sandor W. Sklar ssk...@gmail.com wrote: I've inherited the administration of a puppet-dashboard (version 1.1.0, installed on RHEL 5.6 from puppetlabs RPM), and have hit a problem I'm hoping for some help with. In short, one table, resource_statuses appears to be growing at a rate far higher then the other tables: mysql select count(*) from nodes; +--+ | count(*) | +--+ | 107 | +--+ mysql select count(*) from resource_statuses; +---+ | count(*) | +---+ | 188068011 | +---+ Yeah, that's over 188 million rows. Currently, the entire mysql data directory for the dashboard database is taking up 51 GB; the resource_statuses.MYD file is 47 GB of that. We've got a weekly cron job that runs /usr/share/puppet-dashboard/ Rakefile RAILS_ENV=production reports:prune upto=2 unit=wk, and I've run it manually, but it doesn't seem to impact that table. Is there a safe way to reduce the number of rows in that table, and limit it to keeping either X number of rows, or rows going back only to a specific timespan (like, 2 weeks)? Thanks in advance! -- Sandy -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Dashboard table resource_statuses growing uncontrollably
Try running optimize on it. -scott On Tue, Aug 16, 2011 at 5:53 PM, Sandor W. Sklar ssk...@gmail.com wrote: Thanks, Scott. After posting this, I did some googling and pretty much came up with the same solution. Unfortunately, because we're using ISAM tables, the only way I know of to reclaim the space used by the datafiles is to do a mysqldump and then restore after clearing out the older reports. -- Sandy On Aug 16, 2011, at 5:44 PM, Scott Smith wrote: There should probably be a rake task for this (tbh, all that stuff should be rewritten, loading the whole Rails env to do it is ...ugly), but you can probably (caveat emptor, I don't know this table very well) do something like delete from resource_statuses where time = date_sub(now(), interval 2 weeks) That'd delete rows older than two weeks. -scott On Tue, Aug 16, 2011 at 2:34 PM, Sandor W. Sklar ssk...@gmail.com wrote: I've inherited the administration of a puppet-dashboard (version 1.1.0, installed on RHEL 5.6 from puppetlabs RPM), and have hit a problem I'm hoping for some help with. In short, one table, resource_statuses appears to be growing at a rate far higher then the other tables: mysql select count(*) from nodes; +--+ | count(*) | +--+ | 107 | +--+ mysql select count(*) from resource_statuses; +---+ | count(*) | +---+ | 188068011 | +---+ Yeah, that's over 188 million rows. Currently, the entire mysql data directory for the dashboard database is taking up 51 GB; the resource_statuses.MYD file is 47 GB of that. We've got a weekly cron job that runs /usr/share/puppet-dashboard/ Rakefile RAILS_ENV=production reports:prune upto=2 unit=wk, and I've run it manually, but it doesn't seem to impact that table. Is there a safe way to reduce the number of rows in that table, and limit it to keeping either X number of rows, or rows going back only to a specific timespan (like, 2 weeks)? Thanks in advance! -- Sandy -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Sandor W. Sklar Unix Systems Administrator Digital Libraries Systems Services Stanford University Libraries -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] could not find file
It's the first line in admins.pp 'class global::admins {' ? On Aug 12, 2011 9:44 AM, Alan Batie a...@batie.org wrote: I'm playing with puppet 2.7.1 on centos 5.6; as I read the docs at http://docs.puppetlabs.com/learning/modules1.html, the command: puppet apply --verbose --noop -e include global::admins should look for a manifest in /etc/puppet/modules/global/manifests/ admins.pp Instead, I get: Could not find class global::admins for admin00.intranet.peak.org at line 1 on node admin00.intranet.peak.org When I strace puppet, I find it's trying to stat global::admins as a filename, not parsing it into the module structure?!? What am I missing? Thanks... -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: cleaning puppet dashboard
FWIW, I don't think that task touches this table. Also, I apologize for writing such a crappy rake task, can't believe it's still there :-P On Aug 12, 2011 6:28 AM, Arnau Bria arnaub...@pic.es wrote: On Thu, 11 Aug 2011 08:36:41 -0700 (PDT) Luke Bigum wrote: Hi Arnau, Hi Luke, [...] dump the database out, blow away the InnoDB data files and import the dump (see http://dev.mysql.com/doc/refman/5.5/en/innodb-data-log-reconfiguration.html ). I'm dumping my dashboard data. My cron prunes de DB and keeps 1 week info. I have about ~100 nodes in that server and the dump is 6GB and grwoing... is that size normal? I mean, what's the normal size for the scenario I've described? (I know it depends on the amount os resoruces, but do you have any approach?) Hope that helps, -Luke Cheers, Arnau -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] could not find file
Hm, weird. Been running a small cluster on 2.7.1 for a month or so and haven't experienced this myself. On Aug 12, 2011 10:03 AM, Craig White craig.wh...@ttiltd.com wrote: On Aug 11, 2011, at 5:04 PM, Alan Batie wrote: I'm playing with puppet 2.7.1 on centos 5.6; as I read the docs at http://docs.puppetlabs.com/learning/modules1.html, the command: puppet apply --verbose --noop -e include global::admins should look for a manifest in /etc/puppet/modules/global/manifests/ admins.pp Instead, I get: Could not find class global::admins for admin00.intranet.peak.org at line 1 on node admin00.intranet.peak.org When I strace puppet, I find it's trying to stat global::admins as a filename, not parsing it into the module structure?!? What am I missing? Thanks... probably not useful to you but I had the same issue with 2.7.1 If I ran it again, it apparently cached that class and the error was with the next class... and so on. Eventually, I could keep running puppet agent (i.e puppet apply) and eventually it would get a complete catalog and run. I ended up going back to 2.6.9 Craig -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Accessing node variable in class and using it in a conditionnal
I experienced something similar to this. Try it without quoting the RHS. E.g if $smcvhost = belleville { } Also, what you are doing is code smell. On Fri, Aug 12, 2011 at 4:34 AM, Antoine Benkemoun antoine.benkem...@gmail.com wrote: Hello, First of all, thank you for making the awesome piece of software that is Puppet. I have working with it for a week and I'm really liking what I'm seeing and I have been able to do quite a few tasks with ease. Currently, I am trying to configure Apache Virtual Hosts with Puppet and have been trying different things with little success. I have defined a node as the following : node 'test1.cob' inherits serveurClient { $smcvhost = 'all' } The serveurClient class includes the apache class. This works fine as Apache gets installed and all the configuration gets applied correctly, except the virtual hosts. The configuration relating to the virtual hosts is the following : class apache::config { File{ require = Class[apache::install], notify = Class[apache::service], ensure = present, owner = www-data, group = www-data, mode= 755 } ... if ( $smcvhost == 'belleville' ) or ( $smcvhost == 'all' ) { apache::smcvhost{'belleville': client = 'belleville', } } ... } The *apache::smcvhost* definition works correctly because if I specify it directly in the node without the condition, the virtual host gets created correctly with no errors. If I remove the if statement, it will also get created correctly. I have tried only specifying the second condition but that did not make it work. When this fails to be executed, I do not get any error. The puppet report just ignores this configuration part. I am thinking that this is some sort of variable scoping problem but from what I have read, this practice seems correct and I imagine puppet would give me some error if I tried to evaluate a non-existing variable. Thank you in advance for your help, Antoine -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Custom manifest
Why don't you generate httpd.conf from a template in Puppet and restart apache if deemed necessary? On Thu, Aug 11, 2011 at 1:51 AM, Himanshu Raina dopedoxy...@gmail.comwrote: Hi, Can I execute a command basis on some criteria in puppet. For example, I would want to execute the following command svn up; /usr/local/apache/bin/apachectl restart only if revision number of file on host = revision number of file on svn i.e. /usr/bin/svn info /usr/local/apache/conf/Web_Config/httpd.conf | grep Revision| cut -d: -f2| sed -e's/ //g' = /usr/bin/svn info http://svn.myhost.com/svn/Configuration_Management/Backup/Web_Config/httpd.conf| grep Revision| cut -d: -f2| sed -e's/ //g' Is it possible or instead can I do a md5sum of both the configurations i.e one available on svn and one on the host machine and if they differ execute the command else exit ?? Regards, -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Custom manifest
Puppet's file server is built in. You don't have to do anything extra beyond creating the template and specifying it in your manifest. If your Puppet manifests are under version control (they should be), your Apache configuration is essentially versioned as well. On Thu, Aug 11, 2011 at 2:12 AM, Himanshu Raina dopedoxy...@gmail.comwrote: Hi Scott, For that I would need to have a puppet file server installed. The idea behind using puppet and svn is to keep track of revision history of changes made to configuration files. Also, if my understanding is wrong could you please guide me to do it using template as you have mentioned. Regards, On Thu, Aug 11, 2011 at 2:29 PM, Scott Smith sc...@ohlol.net wrote: Why don't you generate httpd.conf from a template in Puppet and restart apache if deemed necessary? On Thu, Aug 11, 2011 at 1:51 AM, Himanshu Raina dopedoxy...@gmail.comwrote: Hi, Can I execute a command basis on some criteria in puppet. For example, I would want to execute the following command svn up; /usr/local/apache/bin/apachectl restart only if revision number of file on host = revision number of file on svn i.e. /usr/bin/svn info /usr/local/apache/conf/Web_Config/httpd.conf | grep Revision| cut -d: -f2| sed -e's/ //g' = /usr/bin/svn info http://svn.myhost.com/svn/Configuration_Management/Backup/Web_Config/httpd.conf| grep Revision| cut -d: -f2| sed -e's/ //g' Is it possible or instead can I do a md5sum of both the configurations i.e one available on svn and one on the host machine and if they differ execute the command else exit ?? Regards, -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Custom manifest
Then you would be missing out on one of the best features of Puppet. On Thu, Aug 11, 2011 at 2:39 AM, Himanshu Raina dopedoxy...@gmail.comwrote: What if I don't want to use the templates and instead would want to do it otherwise (as mentioned earlier). Regards, On Thu, Aug 11, 2011 at 2:52 PM, Scott Smith sc...@ohlol.net wrote: Puppet's file server is built in. You don't have to do anything extra beyond creating the template and specifying it in your manifest. If your Puppet manifests are under version control (they should be), your Apache configuration is essentially versioned as well. On Thu, Aug 11, 2011 at 2:12 AM, Himanshu Raina dopedoxy...@gmail.comwrote: Hi Scott, For that I would need to have a puppet file server installed. The idea behind using puppet and svn is to keep track of revision history of changes made to configuration files. Also, if my understanding is wrong could you please guide me to do it using template as you have mentioned. Regards, On Thu, Aug 11, 2011 at 2:29 PM, Scott Smith sc...@ohlol.net wrote: Why don't you generate httpd.conf from a template in Puppet and restart apache if deemed necessary? On Thu, Aug 11, 2011 at 1:51 AM, Himanshu Raina dopedoxy...@gmail.comwrote: Hi, Can I execute a command basis on some criteria in puppet. For example, I would want to execute the following command svn up; /usr/local/apache/bin/apachectl restart only if revision number of file on host = revision number of file on svn i.e. /usr/bin/svn info /usr/local/apache/conf/Web_Config/httpd.conf | grep Revision| cut -d: -f2| sed -e's/ //g' = /usr/bin/svn info http://svn.myhost.com/svn/Configuration_Management/Backup/Web_Config/httpd.conf| grep Revision| cut -d: -f2| sed -e's/ //g' Is it possible or instead can I do a md5sum of both the configurations i.e one available on svn and one on the host machine and if they differ execute the command else exit ?? Regards, -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Custom manifest
http://docs.puppetlabs.com/index.html explains it pretty well :) On Thu, Aug 11, 2011 at 2:55 AM, Himanshu Raina dopedoxy...@gmail.comwrote: So, can you guide me on how can this be done using templates. Regards, On Thu, Aug 11, 2011 at 3:19 PM, Scott Smith sc...@ohlol.net wrote: Then you would be missing out on one of the best features of Puppet. On Thu, Aug 11, 2011 at 2:39 AM, Himanshu Raina dopedoxy...@gmail.comwrote: What if I don't want to use the templates and instead would want to do it otherwise (as mentioned earlier). Regards, On Thu, Aug 11, 2011 at 2:52 PM, Scott Smith sc...@ohlol.net wrote: Puppet's file server is built in. You don't have to do anything extra beyond creating the template and specifying it in your manifest. If your Puppet manifests are under version control (they should be), your Apache configuration is essentially versioned as well. On Thu, Aug 11, 2011 at 2:12 AM, Himanshu Raina dopedoxy...@gmail.comwrote: Hi Scott, For that I would need to have a puppet file server installed. The idea behind using puppet and svn is to keep track of revision history of changes made to configuration files. Also, if my understanding is wrong could you please guide me to do it using template as you have mentioned. Regards, On Thu, Aug 11, 2011 at 2:29 PM, Scott Smith sc...@ohlol.net wrote: Why don't you generate httpd.conf from a template in Puppet and restart apache if deemed necessary? On Thu, Aug 11, 2011 at 1:51 AM, Himanshu Raina dopedoxy...@gmail.com wrote: Hi, Can I execute a command basis on some criteria in puppet. For example, I would want to execute the following command svn up; /usr/local/apache/bin/apachectl restart only if revision number of file on host = revision number of file on svn i.e. /usr/bin/svn info /usr/local/apache/conf/Web_Config/httpd.conf | grep Revision| cut -d: -f2| sed -e's/ //g' = /usr/bin/svn info http://svn.myhost.com/svn/Configuration_Management/Backup/Web_Config/httpd.conf| grep Revision| cut -d: -f2| sed -e's/ //g' Is it possible or instead can I do a md5sum of both the configurations i.e one available on svn and one on the host machine and if they differ execute the command else exit ?? Regards, -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com
Re: [Puppet Users] ANNOUNCE: Puppet Module Tool version 0.3.4
I don't see any statement claiming that it'll automagically get put into the right place. On Tue, Aug 9, 2011 at 6:35 PM, John Warburton jwarbur...@gmail.com wrote: On 10 August 2011 11:24, Scott Smith sc...@ohlol.net wrote: How will it know which directory in your modulepath to install it? That's the point. You need to explicitly cd to the correct modulepath directory first. Per my example at the bottom $ cd /path/to/forge/modules $ puppet-module install puppetlabs-lvm John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Does Node Inheritance work for people?
ENC + include/require = no need for inheritance. Classify roles for your servers, assign classes and parameters to the roles. On Wed, Aug 10, 2011 at 4:33 PM, Darrell Fuhriman darr...@garnix.orgwrote: [Following up a little late] Is anyone using node inheritance and happy with how it works? If so, can you describe your setup briefly? I make very limited use of node inheritance. I use node basenode { include $operatingsystem [other stuff I want absolutely everywhere] } node default inherits basenode{} node X inherits basenode { [more stuff] } I have little to add that the others haven't said, except to emphasize that the whole puppet inheritance model is broken. I'm increasingly of the opinion that, were I designing puppet 3, I would completely ditch the custom syntax in favor of a more straight-up ruby DSL and take advantage of ruby inheritance abilities. Darrell -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] generate function
Sounds like a job better suited for ENC/inventory. IMO. On Wed, Aug 10, 2011 at 2:13 PM, Craig White craig.wh...@ttiltd.com wrote: On Aug 10, 2011, at 11:50 AM, Daniel Pittman wrote: On Wed, Aug 10, 2011 at 18:31, Craig White craig.wh...@ttiltd.com wrote: what I am trying to do is execute a shell script on the puppetmaster... essentially add 'host' attribute to specific ldap users. That's why the command has parameters... shellscript HOSTNAME GROUP OK. the script is more than capable of getting the users from GROUP, adding host attribute HOSTNAME to each of the users but it must run on the puppetmaster, not on puppet clients which is why I am using the generate function. So in answer to your question, my ldap-add-host.sh script is actually creating things. yes, it is idempotent - I can run it and run it and it will always do the same thing but and if uid=craig already has 'host' ubuntu.ttinet, it will simply move on if I try to add it again. I could almost live with that except that if I manually remove 'host' ubuntu.ttinet from uid=craig, the next pass it will add it again so I need some method of tracking it so therefore I was trying to use 'unless' which is only available in an exec resource, not a file resource. I suppose if I had no alternative, I could maintain a list on the puppetmaster of which hosts have already been added to which groups and abort if it has already been done. OK. So, yeah. `generate` doesn't do what you want: functions don't take parameters of any sort, let alone resource level metaparameters. You will need to implement all your logic in the script you invoke from generate, so that it will avoid doing things twice when called with the same arguments. ...and if you are wondering why this seems so hard? This really isn't something that Puppet is designed to support. Generally, modifying external data sources from Puppet like you are trying to do isn't really the way we approach things. Better, we feel, to modify the external data source and then draw read-only from that into the manifest. So, rather than calling generate to modify LDAP, instead modify LDAP and have code in your manifest to do whatever stuff when the LDAP changes have been applied. You can do it the way you are trying, more or less, but you really don't get much help from the tool.s I modified my shell script to keep track of what has already been added to LDAP and return a constant result if already added. It's really neat how standard output from the generate command ends up as the content of a 'file' on the client but yes, the 'generate' command will run each time the puppet client runs because the only way it can decide what the content actually is going to be is by running again and comparing with the file that is (or isn't) on the client already. In my methodology, I already had a directory /etc/puppet/deployment_files for keeping track of things so it was a simple task to have file resources for things that really aren't a file on a normal server but triggers for actions (or inaction) by puppet. I never really wondered why or even thought it was hard to accomplish this because I definitely understand that processing is really targeted at the client level. But I am sure you understand the desire to integrate more than just the clients - in this case, we are dealing with a large set of knowns... - the new host/node - ldap configuration from the first puppet run that implements host based access control - the members of specific groups - the distribution of sudoers 'include' files for these groups and thus the only missing link was the ability to actually be able to log into these hosts was for admins to have the host attributes set for the new hosts. This was separately scripted and I just needed the missing link and that was provided to me by generate... not perfect, not exactly how I would have wanted it but definitely workable. Thanks for the help - it was invaluable and made this a relatively simple task Craig -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Why?
I suggest using a notice = Exec[shareall] in your dfsshare rather than before. Also make exec{shareall: refreshonly = true} That may or may not help with your problem but either way good design On Tue, Aug 9, 2011 at 11:23 AM, Stefan Schulte stefan.schu...@taunusstein.net wrote: On Tue, Aug 09, 2011 at 10:19:26AM -0700, ki_chi_saga wrote: Hello everybody out there! Is there anyone who can explain why; .. $share1 = share -F nfs -o ro,anon=0 /jumpstart/install $share2 = share -F nfs -o ro,anon=0 /jumpstart/config dfshare {[$share1,$share2]: before = Exec[shareall] } service { rpc/bind: enable = true, ensure = running } service { nfs/server: enable = true, ensure = running, require = Service[rpc/bind] } exec { shareall: command = /usr/sbin/shareall, require = Service[nfs/server] . Sometimes results in; = err: /Stage[main]/Nfsexport/Exec[shareall]/returns: change from notrun to 0 failed: /usr/sbin/shareall returned 32 instead of one of [0] at /proj/unixteam/ puppet/modules/jumpstart/manifests/init.pp:36 == To me the Exec[shareall] will be run last? But does it? Rgds, Mat If I understand this, »shareall« will only run if both services are up? First thing I would do: check what returncode 32 stands for. Then run your manifest in debug mode -- you'll now see what puppet is executing in the background. You should see something like /usr/sbin/svcadm enable rpc/bind /usr/sbin/svcadm enable nfs/server /usr/sbin/shareall You may want to run this as a small shell script. If I recall correctly svcadm enable can actually return before the service is really up. So you may have to spend a sleep exec somewhere (ugly). -Stefan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Help with retrieving a user's environment variable
oraclesids = proddb1,proddb2 oracle_home_proddb1 = /oracle/product/10.2.0 ... On Tue, Aug 9, 2011 at 1:49 PM, Corey Osman co...@logicminds.biz wrote: Good suggestions. How about this: Create a fact that parses /etc/oratab for the SID. For multiple SIDS defined in oratab, is it possible to define an array in facter? If not I think comma separated values would do just fine which I would then use sid.split(',') in the puppet manifest to get each SID. # Entries are of the form: # $ORACLE_SID:$ORACLE_HOME:N|Y: proddb1:/oracle/product/10.2.0/db:N proddb2:/oracle/product/10.2.0/db:N Corey On Aug 9, 6:19 am, Daniel Pittman dan...@puppetlabs.com wrote: On Tue, Aug 9, 2011 at 06:02, Matthias Saou th...@spam.spam.spam.spam.spam.spam.spam.egg.and.spam.freshrpms.net wrote: Corey Osman wrote : I need to get the environment variable ORACLE_SID from the OS. I know this can be done with the following: $blah = env(PATH) However, the ORACLE_SID variable is only set under the oracle user account. So I would need a way to login as the oracle account first to retrieve the ORACLE_SID variable. Is there anyway to get the environment variable from a user's account instead of the default account puppet runs under? Only horrible ways, I fear: you would need to run something that extracts the data. There are two obvious ways, one is to `su` or equivalent into the Oracle account, then run something to extract the value. The other is to extract it from the appropriate configuration file, ala `grep ORACLE_SID /path/to/oracle/.bashrc`. The best way is to define that value out of Puppet, or some external data store, and extract it in both places, exactly as Matthias suggests: I'm sorry to not actually be of much help regarding your original question... The thing is that puppet is usually used the other way around, hence this way I use to pre-configure RHEL servers for our bash-using Oracle DBAs : # Oracle profile sourced file file { '/etc/profile.d/oracle.sh': mode= '0755', content = template('/path/to/oracle.sh.erb'), } And the template contains the following : export ORACLE_BASE=/u01/app/oracle export ORACLE_HOME=/u01/app/oracle/oracle/product/%= version %/%= title %%= oracle_home_suffix % export ORACLE_SID=%= oracle_sid % export TNS_ADMIN=$ORACLE_HOME/network/admin if [ `/usr/bin/id -un` == oracle ]; then export PATH=$PATH:$ORACLE_HOME/bin fi Daniel -- ⎋ Puppet Labs Developer –http://puppetlabs.com ♲ Made with 100 percent post-consumer electrons -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] ANNOUNCE: Puppet Module Tool version 0.3.4
How will it know which directory in your modulepath to install it? On Aug 9, 2011 6:02 PM, John Warburton jwarbur...@gmail.com wrote: On 10 August 2011 08:47, James Turnbull ja...@puppetlabs.com wrote: We've just released version 0.3.4 of the puppet-module tool used to create and retrieve modules from the Puppet Labs Forge (http://forge.puppetlabs.com). excellent Will now be installed into your module path as: apache No, actually it won't install into your module path: This archive is then automatically unpacked into a new directory under your current directory -- unless you are in your module path So reading the section Install a module release it says You can then add this *module directory* to your Puppet configuration files to use it. My mind went huh? Seems like I'm not the only one ( http://groups.google.com/group/puppet-users/browse_thread/thread/6ae174f50e5f7364 ) After 20 minutes of googling and Mr Google telling me there was a section on the forge in Chapter 8 of Pro Puppet, I read the examples and worked out that I need to install into modulepath as set in my puppetmaster config file modulepath seems to be the key text missing in the instructions examples. It may be obvious for people who have been doing this, but first timers, its not quite there. So, if I was doing this, I'd have something like: [environment] modulepath = /path/to/environment/modules:/path/to/forge/modules $ cd /path/to/forge/modules $ puppet-module install puppetlabs-lvm [BTW this doesn't sit too well with me - seems to manual. I may end up creating an RPM/pkg for each module to install...] Hope this helps someone out there John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Hash Interpolation inside double quotes?
Works the same as it does in Bourne shell. If you want to use double quotes inside a double-quoted string, you have to escape them. Or use single quotes. On Mon, Aug 8, 2011 at 12:58 PM, Douglas Garstang doug.garst...@gmail.comwrote: Thanks. That did it. Ugly... On Mon, Aug 8, 2011 at 12:47 PM, vagn scott vagnsc...@gmail.com wrote: On 08/08/2011 02:52 PM, Douglas Garstang wrote: file { '/opt/sugarsync/tomcat/tomcat-**home/current': ensure = inline_template(tomcat-%= $config['tomcat_version_ **server'] %); } Try without the dollar sign: file { '/opt/sugarsync/tomcat/tomcat-**home/current': ensure = inline_template(tomcat-%= config['tomcat_version_server'**] %); } -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@** googlegroups.com puppet-users%2bunsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/** group/puppet-users?hl=enhttp://groups.google.com/group/puppet-users?hl=en . -- Regards, Douglas Garstang http://www.linkedin.com/in/garstang Email: doug.garst...@gmail.com Cell: +1-805-340-5627 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Hash Interpolation inside double quotes?
D'oh, looks like I need to refresh my vision prescription :( On Mon, Aug 8, 2011 at 1:09 PM, Douglas Garstang doug.garst...@gmail.comwrote: I wasn't trying to use double quotes inside a double quoted string. On Mon, Aug 8, 2011 at 1:01 PM, Scott Smith sc...@ohlol.net wrote: Works the same as it does in Bourne shell. If you want to use double quotes inside a double-quoted string, you have to escape them. Or use single quotes. On Mon, Aug 8, 2011 at 12:58 PM, Douglas Garstang doug.garst...@gmail.com wrote: Thanks. That did it. Ugly... On Mon, Aug 8, 2011 at 12:47 PM, vagn scott vagnsc...@gmail.com wrote: On 08/08/2011 02:52 PM, Douglas Garstang wrote: file { '/opt/sugarsync/tomcat/tomcat-**home/current': ensure = inline_template(tomcat-%= $config['tomcat_version_**server'] %); } Try without the dollar sign: file { '/opt/sugarsync/tomcat/tomcat-**home/current': ensure = inline_template(tomcat-%= config['tomcat_version_server'**] %); } -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@ **googlegroups.com puppet-users%2bunsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/** group/puppet-users?hl=enhttp://groups.google.com/group/puppet-users?hl=en . -- Regards, Douglas Garstang http://www.linkedin.com/in/garstang Email: doug.garst...@gmail.com Cell: +1-805-340-5627 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Regards, Douglas Garstang http://www.linkedin.com/in/garstang Email: doug.garst...@gmail.com Cell: +1-805-340-5627 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: resuable module patterns
Virtual resources. On Sun, Aug 7, 2011 at 4:51 PM, ashwoods ashwo...@gmail.com wrote: No, not really. Because that would require me to modify the 3rd party modules to use that base packages module instead of how its defined. i.e. if i need build-essentials for my django module, put it on github, anybody who uses my module and maybe have another module of their own that also defines build- essentials, forces them to fork libraries. I am still very new to puppet, so maybe im missing somewhat obvious. On 7 Aug., 23:48, Denmat tu2bg...@gmail.com wrote: Hi, You might like to have a base packages module that contains a 'build-essentials' class (or whatever title you like). Then include it and reference the package in your ruby/python modules. include 'basepackages::build-essentials' ... require = Package['build-essentials'] ... That help? Den On 08/08/2011, at 2:21, ashwoods ashwo...@gmail.com wrote: i'm trying to write a couple of modules to install generic python ruby apps. how do you handle dependencies that are present in two modules, i.e. a package dependency, without causing an already defined error. lets say: module django: class django { package { build-essential': ensure = present, } } module ruby_on_rails: class ruby { package { build-essential': ensure = present, } } if i define this like this, I get an already defined error. I know I can fix this by defining a third class and import it from the others, but you can only do that with the modules you control. So how do you define package dependencies in a module in a encapsulated and reusable way. it seems that its common to include 3rd party puppet modules by linking them via git submodules or by placing them under the module folders, but if i have to fork every 3rd party module that causes the error it seems that i am doing something wrong. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group athttp:// groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Hiera
Looks pretty straight forward to me. What are you trying to do? On Wed, Aug 3, 2011 at 1:29 PM, Douglas Garstang doug.garst...@gmail.comwrote: Anyone using? The docs are really bad. Doug -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Extlookup() again.
Lists (arrays) in YAML are represented with the `-' prefix. So you created a list called `testkey'. When you echo a list in Puppet, it concatenates the elements. That's why you got `DougBobBill' On Wed, Aug 3, 2011 at 4:19 PM, Douglas Garstang doug.garst...@gmail.comwrote: On Wed, Aug 3, 2011 at 4:15 PM, Aaron Grewell aaron.grew...@gmail.comwrote: Precedence is for having it look in multiple places. I've got node-level, site-level, and default YAML files for example. On Wed, Aug 3, 2011 at 3:50 PM, Douglas Garstang doug.garst...@gmail.com wrote: Can't get the extlookup() that supports yaml to work. I did this... On server: mv /usr/lib/ruby/site_ruby/1.8/puppet/parser/functions/extlookup.rb /usr/lib/ruby/site_ruby/1.8/puppet/parser/functions/extlookup.rb.orig Replaced /usr/lib/ruby/site_ruby/1.8/puppet/parser/functions/extlookup.rb with puppet-extlookup/lib/puppet/parser/functions/extlookup.rb mkdir /usr/lib/ruby/site_ruby/1.8/puppet/util/extlookup/ Added puppet-extlookup/lib/puppet/util/extlookup.rb to /usr/lib/ruby/site_ruby/1.8/puppet/util Added puppet-extlookup/lib/puppet/util/extlookup/csv_parser.rb to /usr/lib/ruby/site_ruby/1.8/puppet/util/extlookup Added puppet-extlookup/lib/puppet/util/extlookup/yaml_parser.rb to /usr/lib/ruby/site_ruby/1.8/puppet/util/extlookup Added puppet-extlookup/lib/puppet/util/extlookup/puppet_parser.rb to /usr/lib/ruby/site_ruby/1.8/puppet/util/extlookup Created /etc/puppet/extlookup.yaml: --- :parser: YAML :precedence: - environment_%{environment} - common :yaml: :datadir: /etc/puppet/extdata Created /etc/puppet/extdata/settings.yaml: --- testkey: testval Calling with: $test_var = extlookup('testkey', '---', 'settings.yaml') notice(TEST VAR=$test_var) And $test_var is always '---'. Replacing settings.yaml with a bogus file name also returns '---', which tells me that the file isn't being found. What am I missing here? Quite possibly a lot given the really bad docs. What is 'precedence' for? Not documented. Doug. Thanks Aaron. Seems you've had some experience with this, so.. I'm a little confused about how it loads complex data. With a very simple YAML file like this: --- testkey: - Doug - Bob - Bill calling $test_var = extlookup('testkey', '---', 'settings') gives me a string 'DougBobBill', which isn't what I expected to see. Actually, now that I think about it, I'm not sure what I'm supposed to see. Also, if I had this: --- testkey1: testkey2: - Doug how do I access the key testkey2? Doug. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Hiera
https://github.com/ripienaar/hiera-puppet Check the Puppet section in the heira README On Wed, Aug 3, 2011 at 4:20 PM, Douglas Garstang doug.garst...@gmail.comwrote: Uhm, use it. I stopped for now as every time I tried to load a key on the command line I got errors, but I realised that there wasn't even a puppet code example, just a ruby one. Is this even designed to be used inside puppet? Doug. On Wed, Aug 3, 2011 at 4:16 PM, Scott Smith sc...@ohlol.net wrote: Looks pretty straight forward to me. What are you trying to do? On Wed, Aug 3, 2011 at 1:29 PM, Douglas Garstang doug.garst...@gmail.com wrote: Anyone using? The docs are really bad. Doug -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Regards, Douglas Garstang http://www.linkedin.com/in/garstang Email: doug.garst...@gmail.com Cell: +1-805-340-5627 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Extlookup() again.
http://groups.google.com/group/puppet-users/msg/6432a6dd539b542f On Wed, Aug 3, 2011 at 4:37 PM, Douglas Garstang doug.garst...@gmail.comwrote: Ok, so am I getting 'DougBobBill' when I use $test_var = extlookup('testkey', '---', 'settings') on this file? --- testkey: - Doug - Bob - Bill Doug On Wed, Aug 3, 2011 at 4:34 PM, Aaron Grewell aaron.grew...@gmail.comwrote: It's an array, which can then be exploded into a whole set of package resources with a single entry: package {$default_packages:} On Wed, Aug 3, 2011 at 4:31 PM, Douglas Garstang doug.garst...@gmail.com wrote: On Wed, Aug 3, 2011 at 4:25 PM, Aaron Grewell aaron.grew...@gmail.comwrote: Example Config: --- :parser: YAML :precedence: - %{environment}/nodes/%{fqdn} - %{environment}/nodes/cluster_%{cluster} - %{environment}/nodes/site_%{site} - %{environment}/nodes/default :yaml: :datadir: /usr/share/puppet/environments Example call: $default_packages = extlookup('linux_default_packages') Given an environment called 'testing', cluster called 'cluster1', site called 'site1' and a node called localhost.localdomain it will look for variable 'linux_default_packages' in: /usr/share/puppet/environments/testing/localhost.localdomain.yaml /usr/share/puppet/environments/testing/cluster_cluster1.yaml /usr/share/puppet/environments/testing/site_site1.yaml /usr/share/puppet/environments/testing/default.yaml In that order, which means you can set this at the default level, then override at any lower level you like. Make sense? Aaron, makes sense. I wasn't so interested in the defaulting behaviour, because you can do the same thing with extlookup itself with something like this: $ssh_idle_timeout = extlookup(SshIdleTimeout, extlookup(SshIdleTimeout, extlookup(SshIdleTimeout, ,settings/nodes/_global), settings/nodes/${domain}), settings/nodes/${fqdn}) In fact, I haven't had a chance to think fully though it yet, but I think this implementation of extlookup actually removes functionality. By chaining extlookup() calls together like I have above you can determine what lookup order you want to use whenver you want, rather than having to rely on a centrally configured file. But... I was much more interested in what I thought was the possibility of storing complex YAML data and retrieving it with puppet. What does $linux_default_packages end up looking like? Is it a string? If it's a string, how do you parse it? I dunno... seems like all you can store in the yaml files is key/value pairs, which means it's no better than using a CSV file. No? Doug -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Regards, Douglas Garstang http://www.linkedin.com/in/garstang Email: doug.garst...@gmail.com Cell: +1-805-340-5627 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Multi site best practices
Unless something's changed, the Puppetca only needs to be available for certificate *management*. if it were down, you couldn't create a certificate for a new node or revoke for an old one. And I'm pretty sure the CRL has to be actively distributed to Puppetmasters. (Meaning, if you revoke a certificate on the CA you have to copy the crl.pem to all your Puppetmasters yourself.) Puppet should still work. On Wed, Aug 3, 2011 at 11:28 AM, Jared Curtis ja...@shift-e.info wrote: Having the CA down would be a problem, dashboard can be unavailable temporarily. I plan to overcome the CA issue by creating a hot standby CA. On Aug 1, 5:57 pm, vagn scott vagnsc...@gmail.com wrote: On 08/01/2011 05:04 PM, Jared Curtis wrote: * Central Dashboard instance * Central CA Would it be a problem if your central CA and dashboard became unavailable? -v -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Validating a puppet configuration
Those hooks are the gross syntax checks to which he initially referred. On Fri, Jul 29, 2011 at 9:49 AM, Greg Hellings ghelli...@spokeo.com wrote: Have you looked at using these? projects.puppetlabs.com/projects/1/wiki/Puppet_Version_Control -- Greg On Fri, Jul 29, 2011 at 6:33 AM, Lars Kellogg-Stedman lar...@gmail.comwrote: If anyone out there follows Serverfault, this is a duplicate of http://goo.gl/CTS2u. I'm hoping there are some subject matter experts here :). I am trying to place some sanity checks (currently as git pre-commit hooks) in our configuration repository to avoid committing invalid Puppet configurations. I'm having a surprising amount of trouble coming up with a way to effectively validate the configuration. My obvious first choice was puppet parser validate ..., which does some gross syntax checks (unmatched quotes and brackets and so forth) but doesn't throw errors on things like this: file { 'somefile': requires = Service['someservice'] } (where 'requires' should be 'require'), nor does it notice problems like this: sdlflsjlksdf { 'myname': } (where 'sdlflsjlksdf' isn't defined anywhere). Some folks have suggested puppet master --compile ..., but this really, reallly wants to fix permissions all over the place on directories that are used by Puppet. I have also tried puppet apply --noop, but this still tries to stat() any files referenced in the manifests, which means it will fail with permission errors if it tries to stat() a file or directory that is not accessible to a non-root user. Does anyone here have suggestions for effectively performing more aggressive syntax checks than those offered by puppet parser validate? -- Lars -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/cpzgsk5X2fgJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] 2.7.x and puppet apply
I'm trying to run `puppet apply' on a host and it wants the `puppet' group to exist. I found this bug #4336http://projects.puppetlabs.com/issues/4336 which is the same problem but looks to be caused by something else. I tried the same command on 2.6.9 successfully. Anyone know what's up? Is this intentional? Thanks. -scott -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Is class?
It looks like you're wanting to do it via erb, but if you can perform whatever logic in the manifest, you can use tagged: (scott@cornstarch:tmp)% cat foo.pp class foo { } class bar { if (tagged(foo)) { notice(You're including foo) } } include foo, bar (scott@cornstarch:tmp)% puppet foo.pp notice: Scope(Class[Bar]): You're including foo notice: Finished catalog run in 0.01 seconds (scott@cornstarch:tmp)% -scott On Thu, Jul 28, 2011 at 12:42 PM, Craig White craig.wh...@ttiltd.comwrote: On Jul 28, 2011, at 11:39 AM, Nan Liu wrote: On Thu, Jul 28, 2011 at 1:48 PM, Craig White craig.wh...@ttiltd.com wrote: Trying to ascertain if a particular client has been assigned the class ldap::server_install because I want to have a different configuration value for the ldap::configure files This just gives me a syntax error... Class[ldap::server_install].included? ? $is_ldap_server = true : $is_ldap_server = false Is there a way that I can derive whether a class has been assigned to the client or do I have to write a custom fact? Presumably, you have already made a decision somewhere in you manifest to include class ldap::server_install, so why not set a variable there? I assume you want the correct config in one run, rather than waiting for ldap to be deployed before a custom fact updates. Thanks, actually, it's likely to be already deployed (ldap::client_install ldap::configure) as those are somewhat of a base functionality. My intent is to ensure that if the client is actually an LDAP server, that it attempts to connect to itself first, rather than another server over the wire. So yes, it would be better to get it right on the first run but given an array of available ldap servers to connect to, it's possible that a manually typed and erroneous variable could go unnoticed. Also, this seems to be something that is knowable anyway and probably not too difficult to write a custom fact that perhaps will take 2 puppet runs to fix. It just seemed to me that there must be some way to derive what is installed on the client within a manifest but I couldn't find any suggestions on Google or PuppetLabs site so I asked. Thanks Craig -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] ruby dsl, loading files from within the modules
Sounds like a good use case for writing a custom fact. On Mon, Jul 25, 2011 at 5:09 PM, Matt mjbl...@gmail.com wrote: Is there a way to load a file from within the module in Ruby DSL? The idea I have is to load a file similar to like how template works. I'm trying to read in a database properties file and I would like to keep within the module instead of hard coding paths. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet/facter and update reporting
Mcollective uses a message queue. If the host isn't online, it just won't show up. If your laptop is turned off, it wouldn't be reporting either way. On Mon, Jul 25, 2011 at 7:04 PM, Khoury Brazil khoury.bra...@gmail.comwrote: On Sat, Jul 23, 2011 at 8:15 PM, Jacob Helwig ja...@puppetlabs.com wrote: On Fri, 22 Jul 2011 19:28:37 -0700, Khoury wrote: Hi All, Does anyone have any experience with debian/ubuntu and or OS X with regard to reporting on updates? I'm interested in getting update (specifically security) states for compliance (SOX, PCI, etc) purposes. I know there's spacewalk for things like this, but I'm kind of hoping to avoid going the centos/redhat route for my servers. I'm thinking of using unattended-upgrade --debug --dry-run on Debian/ Ubuntu and maybe softwareupdate on OS X to build custom facts. Thanks in advance. Best, Khoury Sounds like you want the collection functionality that you get with MCollective. I'm afraid I haven't played around with it as much as I'd like, but I'm sure others can chime in with details. -- Jacob Helwig , | Join us for PuppetConf, September 22nd and 23rd in Portland, OR | http://bit.ly/puppetconfsig ` -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iQGcBAEBAgAGBQJOK45iAAoJEHJabXWGiqEBtMgMALpWYg+B9DqmcVgZMkg1sNVo MGQaIXL9WGtZWH37CeTdP92SDIXK2GPUUFL7GZCzEBf0sSAbjg1FI5UaGUduH5/K 6USlI/85NEBdf84iwhJ/MUIKcjaGkYZPlHJe7vFeKry3+TEpPWgNAfXk9s+IoqVS XAECFczwJOJZbgJ9zPG8fayXe5cMjHhvHYvWKO9selMxAVEFkteOamQ/hjKKEb92 C9hKuYOfwOdgodzEPn5KQYb3OQLQ1yqP09mcaKlNjdBoYvGuIUNM0tyBkuH3YqT2 rvLz0cBfrQ4IbTnbI4oLIApzRgqbAwUXP9J2Aou18AydTMhVmLxoBTCsVCz+lG13 WmcgLyc1ly1tzGptDVZc+0z/6cTZSbpUg6qW2JLTEOzKjiR1DhYs8n2MlOuKNE53 FulPKJmeiGAnSTH+noeOlfpSXlkigAVBY+jMs4aUsAUfamEkdSD1cnvZtnDhnee0 XSfGcS6Qmrz2Ghgnb9RH2wbYS+elqsDUrbBa0vBycQ== =QUn5 -END PGP SIGNATURE- Unfortunately mcollective wouldn't really work for me. It would, for servers, for the most part. So I might utilize it for those. But I'm looking at managing OS X clients too, many of which are laptops. My understanding of mcollective is that it requires the connectivity between the servers to be always on. That wouldn't work well for laptops. Thanks for the recommendation though. I'd completely spaced that mcollective existed. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] ANNOUNCE: Cloud Provisioner v0.6.0rc1 release
Gonna take a wild guess that there are plans to support other providers.. On Thu, Jul 21, 2011 at 6:32 PM, Douglas Garstang doug.garst...@gmail.comwrote: 'Cloud Provisioner' seems like a funny name if it's only designed to manage Amazon EC2 instances. Why didn't you just call it the 'Amazon Provisioner' ? On Thu, Jul 21, 2011 at 4:18 PM, Jeff McCune j...@puppetlabs.com wrote: We are happy to announce the first public release candidate of our Puppet Cloud Provisioner. This release is available for download at our Module Forge: http://forge.puppetlabs.com/puppetlabs/cloud_provisionerhttp://downloads.puppetlabs.com/dashboard/ Extensive documentation can be found at: http://docs.puppetlabs.com/guides/cloud_pack_getting_started.html Please report feedback via the Puppet Labs Redmine site, using an affected version of 0.6.0rc1: http://projects.puppetlabs.com/projects/cloud-packhttp://projects.puppetlabs.com/projects/dashboard Overview: The Puppet Cloud Provisioner was written to make it easier to deploy and configure instances in EC2 using Puppet. It contains the following command line actions: puppet node create - Launches a new Amazon EC2 instance. puppet node install - Installs Puppet on an EC2 instance. puppet node init - Installs Puppet on a machine instance and automatically signs its certificates. puppet node list - Lists deployed EC2 instances in a certain region. puppet node terminate - Terminates running EC2 instance. For more detailed information about the available commands, download the module and run: puppet help node More Details about the iteration leading up to this release === * Add --type option to launch different EC2 instance sizes * (#7510) Add inline documentation for actions and options * (#8286) Warn if the payload used with the install action is not a tar.gz file * (#8265) Make the platform flag optional and default to 'AWS' (Note, puppet-provisioner provisions AWS EC2 instances in this release) * (#7511) Add the ability to launch instances in any EC2 region using the --region option. The default region is us-east-1 * (#8157) Improve the feedback of the terminate action by explicitly stating the instance has been terminated. * (#8185) Add a list action to list EC2 instances and their current status. * (#8343) Print the EC2 instance public DNS name as soon as it is available * (#8350) Change all output to use Puppet's configured log destination * (#8348) Add a fingerprint action to make a best effort to obtain the SSH public host key fingerprint from the launched EC2 instance. * (#7508) Add the ability to install Puppet using rubygems on a target system. * (#7508) Improve the install action using template scripts to install Puppet on launched systems. * (#8403) Replace dependency on uuidgen Mac OS X executable with guid gem. * (#8422) Catch the exit status of installation script and display an error if they're non zero. * (#8204) Include a puppet enterprise install script that downloads from S3. This should improve install times on low bandwidth connections. * (#8472) Add support for non-root logins when installing puppet on a target system. * (#8493) Rename cloudpack to cloud-provisioner -- Jeff McCune @0xEFF Join us for PuppetConf http://links.puppetlabs.com/puppetconf, Sept 22-23 in Portland, OR -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Regards, Douglas Garstang http://www.linkedin.com/in/garstang Email: doug.garst...@gmail.com Cell: +1-805-340-5627 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Skipping Tags?
Use puppet apply file.pp Or don't deploy webapps with Puppet. That's probably a better idea. On Tue, Jul 19, 2011 at 10:32 PM, Douglas Garstang doug.garst...@gmail.comwrote: All, Is there a way to tell puppet to run, but to skip/ignore resources with a certain tag? The use case is tagging certain resources as, say, 'software deployment', and then having the resources tagged as that always ignored unless specifically told to do so? We'd like to put software deployment stuff into puppet, but only have it actually run when we tell it to. Doug -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Control the sequence of module execution
Don't run mysql commands in Puppet. On Mon, Jul 18, 2011 at 7:32 PM, newguy aimanparv...@gmail.com wrote: Hey Guys I was wondering how can I control the order of execution of various modules on the puppet client. Suppose I have a module A which installs mysql and there is module B which executes mysql commands of importing DB, so how can I ensure that module A is executed before module B. Please help guys Thanks -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Installing from source, not a package
You don't know what a package is? On Jul 17, 2011 12:05 PM, S Ahmed sahmed1...@gmail.com wrote: wow, what can I say, thanks for guidance! The last bit of what you said I don't understand: But, the biggest improvement would be to make your own package and install that instead of fiddling around with this low level stuff in the manifests. On Sun, Jul 17, 2011 at 2:33 PM, vagn scott vagnsc...@gmail.com wrote: On 07/17/2011 12:45 PM, S Ahmed wrote: So I ran through a server setup on ec2, and have a text file of all the commands I used to get the server to where I wanted it. step 1: turn your list of commands into an idempotent script #! /bin/sh site=http://**rubyenterpriseedition.**googlecode.com/files http://rubyenterpriseedition.googlecode.com/files name=ruby-enterprise-1.8.7-**2011.03 archive=$name.tar.gz prepath=/opt/ruby/bin downloads=/root/downloads wanted= mysql-server libmysqlclient15-dev libreadline5-dev libssl-dev apt-get install $wanted mkdir -p $downloads [ ! -d $downloads/$archive ] cd $downloads wget $site/$archive [ ! -d $downloads/$name ] cd $downloads tar xzf $archive [ ! -f /opt/ruby/bin/ruby ] ./$name/installer --auto /opt/ruby/ grep -q $prepath ~/.profile || echo export PATH=$prepath:$PATH ~/.profile exit 0 step 2: puppetize it class ruby_from_src { $site =http://**rubyenterpriseedition.** googlecode.com/files http://rubyenterpriseedition.googlecode.com/files $name =ruby-enterprise-1.8.7-2011.**03 $archive =${name}.tar.gz $prepath =/opt/ruby/bin $downloads =/root/downloads $wanted = [ mysql-server, libmysqlclient15-dev, libreadline5-dev, libssl-dev, ] package { $wanted: ensure = installed, } - file { $downloads: ensure = directory, } - exec { ruby from source download: command = wget ${site}/${archive}, cwd = $downoads, creates = ${dir}/${archive}, } - exec { ruby from source extract: command = tar xzf ${archive}, cwd = $downloads, creates = ${name}, } - exec { ruby from source install: command = ./${name}/installer --auto /opt/ruby/, cwd = $downloads, creates = /opt/ruby/bin/ruby, } file { ruby from source PATH: path = /etc/profile.d/puppet_ruby_**from_src.sh, content = PATH=${prepath}:\$PATH, mode = 644, } } step 3: run it and fix the bugs :-) I have not tested it, so there might be bugs. But that's the general idea. There's room for improvement though: - parameterise the class so you can pass in the version, site, etc - move some of the dependencies to other classes mysql stuff belongs in a mysql_dev class libssl-dev probably belongs in a network_dev class *_dev classes should include a build_tools class But, the biggest improvement would be to make your own package and install that instead of fiddling around with this low level stuff in the manifests. -- vagn -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@** googlegroups.com puppet-users%2bunsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/** group/puppet-users?hl=en http://groups.google.com/group/puppet-users?hl=en . -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: What is the best practice to clean up installed components on a node?
I don't. On Jul 16, 2011 8:59 AM, Emiliano Gabrielli (aka AlberT) emiliano.gabrie...@gmail.com wrote: On Jul 14, 2011, at 7:16 PM, Darrell Fuhriman wrote: 'm not asking puppet to know what to do, which I agree is ridiculous. I'm saying that if and only if I've defined X::disabled, automatically run it on every host which does not include X. If X::disabled isn't defined, then don't do anything. Probably a better way to think of it instead of X::disabled is that for ever class X there is an implicitly defined not-X class, which is empty until I define it. For example: class webserver { package {apache: ensure = installed} service {apache: ensure = running} } class !webserver { package {apache: ensure = absent} } class dnsserver { [...] } I like this approach! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: how to write classes to install package from source
Use fpm http://github.com/jordansissel/fpm On Jul 14, 2011 10:08 AM, KarthiKeyan. Kesavan ksd@gmail.com wrote: Hi guys, Thanks a lot for the suggestions . Regards K.Karthikeyan On Thu, Jul 14, 2011 at 7:33 PM, Al @ Lab42 lab42...@gmail.com wrote: Thanks for the suggestions, they are going to be merged. That's a define I did various years ago that actually has been useful in various cases (I do agree that it's better to use packages, but sometimes this is the quickest and saner approach). Al On Wednesday, July 13, 2011 8:53:33 AM UTC+2, vagn wrote: On 07/12/2011 06:19 AM, Al @ Lab42 wrote: command = mkdir -p $destination_dir ; cd $destination_dir ; $extract_command $work_dir/$source_filename, Nice. But I would suggest changing ';' to ''. That way, if the mkdir or cd fail you don't end up trying to extract the archive in the wrong directory. command = mkdir -p $destination_dir cd $destination_dir $extract_command $work_dir/$source_filename, Also consider unless = test -d ${destination_dir }/${extracted_dir}, or even better creates = ${destination_dir }/${extracted_dir}, for the repetition guard. -- vagn -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/EjT5lFqc31MJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: What is the best practice to clean up installed components on a node?
You never heard of nmap, eh? If you want to start talking about security and auditing, that's a whole other can of worms. It's a bad idea to assume that Defined State and Actual State will match. Anyway, I think you're forgetting that node state in Puppet is explicit by nature. What you're asking for defies this. If your node changes roles, reinstall the OS. On Thu, Jul 14, 2011 at 4:48 PM, Darrell Fuhriman darr...@garnix.orgwrote: But that's because I want the puppet configs to be the first (and ideally only) place I need to go to find out what a given system's state is. That's why I automate in the first place. It's also the basis for my wanting a !X class – because currently I have no easy way of knowing if node Y is running a webserver or not without logging into it and checking. If I had a !webserver class, I could feel confident that node Y is not a webserver just by looking at the puppet configs. That's good for security, good for auditing, good for performance, and good for piece of mind. :) Darrell -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] facts_terminus = rest
I personally couldn't get it to work (no facts in Dashboard), but only spent a short amount of time on it. On Thu, Jul 14, 2011 at 1:50 PM, Glenn Bailey replic...@dallaslamers.orgwrote: Anyone using this? I'm trying to setup a separate inventory server for multiple puppet masters to report back. For testing purposes I have in my auth.conf: path /facts auth any method find, search allow * Then on the slave puppet masters I have in the puppet.conf [master] section: facts_terminus = rest inventory_server = SERVER.DOMAIN.BLAH inventory_port = 8140 Then when I run I puppet agent --test, I simply get the following: err: Could not retrieve catalog from remote server: Error 400 on SERVER: certificate verify failed Throwing the puppet master into debug mode and I see the exact same error w/o anything else. I can't seem to find any documentation on this sans the standard: http://docs.puppetlabs.com/guides/inventory_service.html I saw a previous mention about a possible bug on the mailing list here: http://groups.google.com/group/puppet-users/browse_thread/thread/682402305dc01ea9 But never saw anything else .. :-( Does the master fact server need to be a certificate authority as well? -- I've seen things you people wouldn't believe. Attack ships on fire off the shoulder of Orion. I watched C-beams glitter in the dark near the Tannhauser gate. All those moments will be lost in time... like tears in rain... Time to die. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: What is the best practice to clean up installed components on a node?
What if you specify a resource as being disabled/uninstalled/etc by default? On Jul 13, 2011 9:40 AM, Darrell Fuhriman darr...@garnix.org wrote: I've always thought there should be an implicit X::disabled class that gets included for every host where X isn't included. Then if I create said class, it gets automatically executed on all hosts that don't include X. As it is now, one still has to go through and add X::disabled to every host, which is largely defeating the purpose of having a X::disabled class in the first place. (That purpose, for those not paying attention, is to make sure that things are in a known state, including services *not* running where they shouldn't be.) d. Create a class called sg_node::disabled that inherits sg_node and overrides all of it's resources to undo them. This usually means setting 'ensure =absent' (or 'undef' if applicable) for most resources. For execs, I usually set 'unless = true.' -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: A Question about mixing Puppet with other things
Doesn't the Foreman use Cobbler for managing PXE and Kickstart? -scott On Tue, Jul 12, 2011 at 8:26 AM, Dan White y...@comcast.net wrote: This tells me RedHat picked Foreman over Cobbler. It does not tell me WHY. Their reasons may not apply to my situation. I am not trying to be difficult, but I find that I cannot accept an opinion on a technical issue without technical information to back it up. Also, this is for my job, so I need to be able to justify my decision with more than The folks on the puppet mailing list told me to do it this way. “Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.” Bill Waterson (Calvin Hobbes) - Brian b...@uga.edu wrote: On Jul 7, 2:47 pm, Dan White y...@comcast.net wrote: In Pro Linux System Administration Mr. Turnbull discusses Cobbler and Puppet In Pro Puppet he discusses Foreman and Puppet. Would anyone out there be willing and able to talk about the differences between Cobbler and Foreman as they relate to Puppet and what factors I should consider in choosing one of them ? Red Hat is using Foreman in CloudForms System Engine, their successor to Satellite. I'd take this as a strong vote of confidence in Foreman. https://www.redhat.com/archives/spacewalk-list/2011-July/msg00019.html All the best, Brian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] proposed syntax: order { }
I take it you're not familiar with the `requires' parameter. On Mon, Jul 4, 2011 at 8:40 PM, vagn scott vagnsc...@gmail.com wrote: Sometimes things just have to happen in sequence. It is the simplest of relations, but puppet really has no convenient, non-fiddly way to express it. So, how about class x { order { z: file { a: ... } exec { b: ... ; c: ... ; d: ... ; e: ... ; } } } Things inside order { } happen in the order that they appear. They implicitly have before dependency assigned according to their position. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@** googlegroups.com puppet-users%2bunsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/** group/puppet-users?hl=enhttp://groups.google.com/group/puppet-users?hl=en . -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] proposed syntax: order { }
Ignoring the fact that noise is very subjective... it doesn't. In Puppet, position in a file has no bearing on order. It's not an imperative language. On Mon, Jul 4, 2011 at 8:46 PM, vagn scott vagnsc...@gmail.com wrote: On 07/04/2011 11:42 PM, Scott Smith wrote: I take it you're not familiar with the `requires' parameter. I'm familiar with requires subscribe notifies - - before which are great for specifying relations between non-adjacent things. But they are annoying to use for resources close together in a text file. It just reads like noise. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@** googlegroups.com puppet-users%2bunsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/** group/puppet-users?hl=enhttp://groups.google.com/group/puppet-users?hl=en . -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: err: Could not retrieve catalog from remote server: Could not intern from pson: Could not convert from pson: Could not find relationship target File[]
Why would you pass the output from inline_template as the title of a resource? On Mon, Jul 4, 2011 at 8:03 PM, vagn scott vagnsc...@gmail.com wrote: $foo = inline_template( ... ) $baz = inline_template( ... ) File[ $foo$baz ] -- vagn -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@** googlegroups.com puppet-users%2bunsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/** group/puppet-users?hl=enhttp://groups.google.com/group/puppet-users?hl=en . -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] proposed syntax: order { }
Whatever problem you are trying to solve is most likely best handled outside of Puppet. On Mon, Jul 4, 2011 at 9:59 PM, vagn scott vagnsc...@gmail.com wrote: Thinking about this some more, I like block better, with order optional: class c { block { x:# any order package { ... } file { aaa: } exec { bbb: } file { ccc: } include foo } block { y:# order matters $ordered = true # default is false file { ddd: } exec { eee: } include baz file { fff: } } block { z: # any order file { ggg: } exec { hhh: } file { iii: } } Block[ x ] - Block[ y ] - Block[ z ] } meaning all in x before any in y, then y in sequence, before any in z -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@** googlegroups.com puppet-users%2bunsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/** group/puppet-users?hl=enhttp://groups.google.com/group/puppet-users?hl=en . -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] making puppetd immortal
Well, changing a runlevel just to stop a daemon is a bit heavy handed. There are other tools that perform this in a more flexible manner: Runit, Daemontools, Monit, Supervisord, etc. -scott On Wed, Jun 29, 2011 at 10:33 PM, vagn scott vagnsc...@gmail.com wrote: In my reading I just ran across this: [Puppet - Bug #7273] Modifying puppet.conf causes 'reparsing config' and TERM signal results in shutdown of daemon short version: puppet agent can commit suicide, but it can't raise itself from the dead. However, init is immortal, and so puppetd can be, too. # on debian squeeze as root: insserv -r puppet echo 7:2:respawn:/usr/sbin/puppetd --no-daemonize /etc/inittab init Q If you don't want puppet running init 3 or some other run level. puppetd will stop. When you init 2 puppetd will start again. When you killall puppetd puppetd will do this: Jun 30 01:28:20 vm01 puppet-agent[7548]: Caught TERM; calling stop Jun 30 01:28:21 vm01 puppet-agent[8157]: Starting Puppet client version 2.6.2 Jun 30 01:28:22 vm01 puppet-agent[8157]: Finished catalog run in 0.11 seconds I'm not seeing a downside to this. Am I missing something? -- vagn -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@** googlegroups.com puppet-users%2bunsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/** group/puppet-users?hl=enhttp://groups.google.com/group/puppet-users?hl=en . -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Problem with pushing ssh_authorized_keys
Egrep -v 'pubkey' ? On Apr 11, 2011 2:22 PM, Forrie for...@gmail.com wrote: Thanks, this was the problem. Sounds like a bug to me.. ? How can I go through my systems and remove all the 10's of redundant SSH-DSS keys that have the comment in them? I dread doing that by hand :-) Thanks again. On Apr 11, 5:12 pm, Patrick kc7...@gmail.com wrote: On Apr 11, 2011, at 1:40 PM, Forrie wrote: ssh_authorized_key { nagios: ensure = present, key = [snip]== nagios@host, user = nagios, type = ssh-dss, # require = User[nagios], tag = system, } I believe I remember hearing this can happen if you include things other than the key in the key field. Try removing nagios@host from the key field and see if it's fixed. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Can I read a file from a template?
It's ruby, you can do whatever ruby allows. A better solution might be to use extlookup, though. On Apr 8, 2011 3:34 PM, Mohamed Lrhazi lrh...@gmail.com wrote: I have some logic I need in a template, and it needs to use a somewhat long list og hostnames I'd rather keep in a text file, instead of inside the template. Can I open files from a template and if so, what would the path be? would ./list.txt mean same path as where the template itself is located? Thanks a lot. Mohamed. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Can I read a file from a template?
Deliver the file you want to read via puppet (make sure you require the file resource in the one that uses the template). Probably still more optimal to use extlookup tho... I believe its documented on the puppetlabs site but if not google it and I'm sure you'll find something :) On Apr 8, 2011 4:11 PM, Mohamed Lrhazi lrh...@gmail.com wrote: Managed to get te cdw from the template, it is set to: /var/www/puppet/rack I guess it would not be a good idea to store mt data files in such a directory, would it? any pointers to extlookup is documented? or where in the code to look? thanks a lot. On Fri, Apr 8, 2011 at 6:56 PM, Mohamed Lrhazi lrh...@gmail.com wrote: My File.new('./legacy.hosts.list') fails to find the file, which I put in the same place as the template itself. Is extlookup documented in puppetlabs docs? I cant locate it... Thanks a lot. On Fri, Apr 8, 2011 at 6:42 PM, Scott Smith sc...@ohlol.net wrote: It's ruby, you can do whatever ruby allows. A better solution might be to use extlookup, though. On Apr 8, 2011 3:34 PM, Mohamed Lrhazi lrh...@gmail.com wrote: I have some logic I need in a template, and it needs to use a somewhat long list og hostnames I'd rather keep in a text file, instead of inside the template. Can I open files from a template and if so, what would the path be? would ./list.txt mean same path as where the template itself is located? Thanks a lot. Mohamed. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Skipping a module
Doug, I wonder why you can't selectively include? Requiring a module by default and not realizing the resources inside it could be very frustrating to troubleshoot. On Thu, Apr 7, 2011 at 5:29 PM, Nigel Kersten ni...@puppetlabs.com wrote: On Thu, Apr 7, 2011 at 3:28 PM, Douglas Garstang doug.garst...@gmail.com wrote: I'd like to be able to always include all modules at the top level, but in certain modules, have some logic that uses extlookup to determine if it should be enabled. What's the best way to use if; then; else to exit a module, and stop processing, based on some condition? class foo { if $somecondition { do all your stuff } } Doesn't that do it inside the module for you? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Can puppet client make immediate pull after a file's content change by user?
You can probably use inotify it something similar for this functionality On Apr 6, 2011 2:52 PM, John Chris Richards john.chris.richa...@gmail.com wrote: Hi all Firstly, I am new in configuration management and all I know about watching files is that client checks a file's check sum every t hour and if a change has occurred then it gets the file from the server. I wonder that if a user changes a file, does the puppet client wait end of the time (t) or is there way to say client if a change occurs in a specific file then make an immediate pull? I mean, I don't want to wait until the time is up. Is there a way to make this in puppet? Thanks in advance. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] ANNOUNCE: Puppet 2.6.7 final!
Yeah, unpack tar.gz file and gem build file.gemspec On Wed, Apr 6, 2011 at 8:10 PM, Mohamed Lrhazi lrh...@gmail.com wrote: Is it easy enough to build the gem version out of the tarball? I dont see the gem in: http://projects.puppetlabs.com/projects/puppet/files Thanks. On Thu, Mar 24, 2011 at 6:47 PM, Jacob Helwig ja...@puppetlabs.com wrote: This release addresses issues with the Puppet 2.6.x series and adds the Inventory Service. Inventory Service: The inventory service is a way to track facts for all nodes. Preliminary documentation can be found here[1], which will be finalized by the time 2.6.7 is released. [1] https://github.com/puppetlabs/puppet-docs/blob/master/source/guides/inventory_service.markdown Bug #5073: Plugin sync works when using tags This fixes a regression from 0.25.x Bug #4922: Now 404s just cause a normal failure without affecting the file Bug #5428: Upgrading from 0.25.x caused problems with the data format that storeconfigs used, and previously you had to delete your old storeconfigs data to work with 2.6.x. 2.6.7 can now work with the old storeconfigs data. You can find the full release notes for Puppet at: https://projects.puppetlabs.com/projects/puppet/wiki/Release_Notes This release is available for download at: http://puppetlabs.com/downloads/puppet/puppet-2.6.7.tar.gz See the Verifying Puppet Download section at: http://projects.puppetlabs.com/projects/puppet/wiki/Downloading_Puppet Please report feedback via the Puppet Labs Redmine site, using an affected version of 2.6.7: http://projects.puppetlabs.com/projects/puppet/ CHANGELOG: 2.6.7 = 17f673d Updated CHANGELOG for 2.6.7rc1 852fb97 (#5073) Download plugins even if you're filtering on tags 4f34dbf Fix #5610: Prevent unnecessary RAL lookups 9781032 Revert Merge branch 'ticket/2.6.x/5605' of git:// github.com/stschulte/puppet into 2.6.next 25926d1 (#6723) Fix withenv environment restoration bug 093f162 (#6689) Remove extraneous include of Puppet::Util in InventoryActiveRecord 4c19299 Remove extra trailing whitespace from lib/puppet/resource.rb ff9e242 (#5428) More fully stub Puppet::Resource::Reference for use with storedconfigs 0262633 (#6707) Fix typo in rest_authconfig.rb 8858e40 (#6689) Make inventory_active_record terminus search quickly 285c4cc (#5392) Give a better error when realizing a non-existant resource cd5deda (#2645) Adding a less-stubby test to verify the system attribute's behavior 531e258 maint: Remove serialization of InventoryFact values 3489412 maint: Rename InventoryHost to InventoryNode 4bd5493 Fixed #2645 - Added support for creating system users a3f2357 maint: Remove spec run noise 7764412 maint:Refactor of mount provider integration tests 880d0c6 (#6338) Support searching on metadata in InventoryActiveRecord terminus f836366 (#6338) Implement search for InventoryActiveRecord facts terminus 8ce30c8 (#6338) Add an InventoryActiveRecord terminus for Facts 1ef83cb Added integration tests for the mount provider 64440e5 (#6513) Propagate the environment when doing variable lookup in settings 92dffb2 (#6513) Adjust P::U::Settings test name to reflect what it tests 5ef1031 (#6632) Adding a new mount no longer causes error with umount bd5517d Adjust Darwin mount provider tests to pass on Linux 9d2fceb Maint: Begin adding integration tests for the mount provider 23d1c03 Maint: Added the ability to replace the behavior of Puppet::Util.execute with an arbitrary code block for ease in spec testing. 455a891 (#5794) create reports directory when creating host specific directory 1b1e803 (5724) Prep for deprecation of DESTDIR f4a0af1 Refactoring duplicate code and logic in prep for DESTDIR deprecation. 7a00d6b (#6606) Inline docs: Document all autorequire relationships e3aec14 (#5148) Fix failing spec due to timezone 8bd80a9 (#5148) Add support for PSON to facts c3baa28 (#6338) Remove inventory indirection, and move to facts indirection 6c53eb3 (#6445) Fix inline docs: puppet agent does not accept --mkusers 4e29f43 (#6541) maint: whitespace cleanup on the file integration spec b907ba3 (#6541) Fix content with checksum truncation bug 422399b (#5466) Write specs for output of puppet resource 8cc390c (#5466) Monkey patch Symbol so that you can sort them 24eacb7 (#5466) Fixed puppet resource bug with trailing , 743e039 (#4922) Don't truncate remotely-sourced files on 404 bb69011 (#6338) Remove unused version control tags e2a5085 Maint: Align tabs in a code block in the Augeas type. 65a5496 (#6509) Inline docs: Fix erroneous code block in directoryservice provider for computer type ea9f1f0 Maint: Rewrite comments about symlinks to reflect best practice. 94f8ead (#6509) Inline docs: Fix broken lists in Launchd provider. c80a77d (#6509) Inline docs: Fix broken code blocks in zpool type 27863c3 (#6509)
Re: [Puppet Users] ssh_authorized_keys - not adding keys ... (??)
Don't you want to require = User[test.user] in your @ssh_authorized_keys resource? On Apr 1, 2011 12:24 PM, Nick Steel nick.st...@gmail.com wrote: -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] puppetca and /etc/puppet/ssl
Set ssldir? On Mar 31, 2011 1:41 PM, Douglas Garstang doug.garst...@gmail.com wrote: All, I have --confdir=/etc/puppet/common in my /etc/init.d/puppetmaster and /etc/init.d/puppet files, vardir set to /var/lib/puppet in /etc/puppet/common/puppet.conf, and yet, every time I run puppetca it creates /etc/puppet/ssl. Anyone know why? Doug. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] networkinterface type proposal
Probably better to use network::interface, so you can add support for other network resources. Also: https://github.com/ohlol/puppet-network Old, out of date, not complete, but it's a start. On Tue, Mar 1, 2011 at 5:50 PM, Eric Sorenson eric.soren...@me.com wrote: Hi - I've searched around and haven't found anyone who's implemented a type+provider for configuring network interfaces in puppet. Does anyone have such a thing already running that's just not on forge / github? I found some prior art (aside from the old 'interface' type which was deleted in 0.24) but most people seem to use definitions + templates which isn't a good first class citizen solution. I and other puppet hackers around my organization worked up a strawman proposal that we thought would be a reasonable interface and I figured I would float it by the list. Obviously it's a complicated beast but this would be great functionality to have in puppet. I'll update https://projects.puppetlabs.com/issues/3153 with the results of the discussion here and maybe we can get some traction on it. - Eric Sorenson - N37 17.255 W121 55.738 - http://twitter.com/ahpook - ### basic examples networkinterface { eth0: ensure= enabled, bootproto = dhcp,# required for DHCP/BOOTP, optional for static hwaddr= 00:aa:bb:cc:dd:ee } networkinterface { eth0: ensure = enabled, # sets ONBOOT=true, causes ifup refresh hwaddr = 00:aa:bb:cc:dd:ee ipaddress = 10.0.0.2, netmask = 255.255.255.0, gateway = 10.0.0.1, } ### vlan example networkinterface { vlan201: ensure = enabled, ipaddress = 10.0.0.3, netmask = 255.255.255.0, gateway = 10.0.0.1, vlantag = 201, # 1 through 4096 physicaldev = eth0, # parent device, need this or hwaddr # not too happy about this, but IMO the yum 'enablerepo' example # shows there is a need to pass arbitrary provider-specific args # i.e. the RH sysvinit provider would turn to \n and # drop these into the network-scripts file. # This particular option enables '/dev/vlan201' instead of '/dev/eth0.201' extra_opts = VLAN_NAME_TYPE=VLAN_PLUS_VID_NO_PAD PEERDNS=NO PEERNTP=NO } ### bonding example - master interface with two slaves networkinterface { bond0: ensure = enabled, ipaddress = 10.0.0.4, netmask = 255.255.255.0, gateway = 10.0.0.1, # rather than support a crapload of attributes like bond_mode = active_backup, # use the new-style BONDING_OPTS variable extra_opts = BONDING_OPTS='mode=active-backup arp_interval=60 arp_ip_target=192.168.1.254' } # slave interfaces for the bond networkinterface { eth0: ensure = enabled, bond_master = bond0, } networkinterface { eth1: ensure = enabled, bond_master = bond0, } ### ip aliases # this requires a unique namevar so you couldn't model solaris # or iproute2-style secondary addresses without composite keys networkinterface { bge0:1: ensure= enabled, ipaddress = 10.0.0.5, netmask = 255.255.255.0, gateway = 10.0.0.1, } -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Multiple CA / Puppet master environment
Puppetmasters (the puppetmasterds serving catalogs) don't need access to the same SSL dir the Puppet CA (the puppetmasterd signing and revoking certs). But, they do need to share the private key for presenting the certificate for puppet.domain.com. And the CRL as well, if you use it. That directory doesn't have to be shared via NFS. You could rsync the ssl directory between your puppetmasters. On Thu, Nov 18, 2010 at 9:00 AM, Nigel Kersten ni...@puppetlabs.com wrote: I think it's a bad idea to deal with the overhead of an NFS mount when you have a dedicated puppet CA, as on your non-CA servers there should be no need to ever write to that directory. On Wed, Nov 17, 2010 at 7:55 PM, Scott Smith sc...@ohlol.net wrote: Oh, that's for sharing the puppetmaster SSL keypair between each other, that's all. On Nov 17, 2010 3:53 PM, Nigel Kersten ni...@puppetlabs.com wrote: On Wed, Nov 17, 2010 at 1:29 PM, Scott Smith sc...@ohlol.net wrote: nfs mount the puppetmaster ssl dir. seperate puppetca (set on clients) play with it and you'll figure it out :) Why do you need to nfs mount the puppetmaster SSL dir in this case Scott? There's no state to be shared if you're operating with a dedicated puppetca. On Nov 11, 2010 9:18 AM, luke.bigum luke.bi...@fasthosts.co.uk wrote: Hi, Does anyone know if this document is up to date (besides the comment at the top saying it's not): http://projects.puppetlabs.com/projects/1/wiki/Multiple_Certificate_Authorities Or does anyone who has a load balanced multi puppet master with some kind of shared CA confirm that the procedure is accurate? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Nigel Kersten - Puppet Labs - http://www.puppetlabs.com -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Nigel Kersten - Puppet Labs - http://www.puppetlabs.com -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- http://about.me/scoot http://twitter.com/ohlol -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Multiple CA / Puppet master environment
nfs mount the puppetmaster ssl dir. seperate puppetca (set on clients) play with it and you'll figure it out :) On Nov 11, 2010 9:18 AM, luke.bigum luke.bi...@fasthosts.co.uk wrote: Hi, Does anyone know if this document is up to date (besides the comment at the top saying it's not): http://projects.puppetlabs.com/projects/1/wiki/Multiple_Certificate_Authorities Or does anyone who has a load balanced multi puppet master with some kind of shared CA confirm that the procedure is accurate? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Multiple CA / Puppet master environment
Oh, that's for sharing the puppetmaster SSL keypair between each other, that's all. On Nov 17, 2010 3:53 PM, Nigel Kersten ni...@puppetlabs.com wrote: On Wed, Nov 17, 2010 at 1:29 PM, Scott Smith sc...@ohlol.net wrote: nfs mount the puppetmaster ssl dir. seperate puppetca (set on clients) play with it and you'll figure it out :) Why do you need to nfs mount the puppetmaster SSL dir in this case Scott? There's no state to be shared if you're operating with a dedicated puppetca. On Nov 11, 2010 9:18 AM, luke.bigum luke.bi...@fasthosts.co.uk wrote: Hi, Does anyone know if this document is up to date (besides the comment at the top saying it's not): http://projects.puppetlabs.com/projects/1/wiki/Multiple_Certificate_Authorities Or does anyone who has a load balanced multi puppet master with some kind of shared CA confirm that the procedure is accurate? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Nigel Kersten - Puppet Labs - http://www.puppetlabs.com -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Can one definition require another definition?
defines are neither macros nor objects, they are resources On Nov 16, 2010 12:16 PM, Russell Jackson r...@csub.edu wrote: On 11/16/2010 11:33 AM, Nan Liu wrote: On Tue, Nov 16, 2010 at 11:21 AM, Yushu Yaoy...@lbl.gov wrote: Hi Experts, I am in a situation that need one definition to require another (to enforce execution order). E.g. define a(x,y,z) { do task 1 } define b(u,v,w) { so task 2 } To use them: Below won't make sure task 1 is executed before task 2 (or does it?): The question is: Won't it help if Puppet support require=Definition[inst_a] directly? Yes it supports it. a { inst_a: x=x, ... } b { inst_b: u=u, ... require=A[inst_a], } Just capitalize the first letter: define foo:bar ... require = Foo:Bar[..] I stand corrected. It does work. I've always thought of defines as macros, but apparently they are objects themselves. I'm still confused why they don't appear in my catalogs. Would nesting them inside of classes have anything to do with that? -- Russell A Jackson r...@csub.edu Network Analyst California State University, Bakersfield -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] /etc/puppet
http://docs.puppetlabs.com/guides/introduction.html On Thu, Nov 4, 2010 at 2:27 PM, Russell Perkins rperk...@digitalshiftstudios.com wrote: I installed factor and puppet but it didn't seem to make an /etc/ puppet/ is this something I have to manually create or did I mess up my install somehow? It was pretty simple to install but maybe I missed something, ruby install.rb for both factor and puppet -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- http://about.me/scoot http://twitter.com/ohlol -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet Application Server Deployment
I highly suggest you refrain from using Puppet to manage service-level applications. On Mon, Oct 18, 2010 at 1:19 AM, ajax ajinkya.prabh...@gmail.com wrote: Hello all, I wanted to know can i deploy Application Severs like JOnAS (java) using Puppet from the server. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- http://about.me/scoot http://twitter.com/ohlol -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.