RE: [Puppet Users] RE: each clients classes.txt on the server
Thank you Brian. Would you mind sharing the code for your custom fact that reads in /var/lib/puppet/classes.txt and presents it as a csv fact value. This would really save me some time as I am not a ruby developer. From: puppet-users@googlegroups.com [mailto:puppet-users@googlegroups.com] On Behalf Of Brian Gallew Sent: Thursday, January 27, 2011 9:08 PM To: puppet-users@googlegroups.com Subject: Re: [Puppet Users] RE: each clients classes.txt on the server Interestingly enough, I wrote a custom fact to do that. In my case, I have and sshd_config.erb where I want to set the AllowGroups stanza based on all the classes applied to a node. With 2.6.1 I could achieve that effect simply by moving adding a class to the "post" stage (which is run after main) and have that class contain the relevant file{}. When I updated to 2.6.3 it started parsing the template the moment it encountered the resource, rather than waiting for the relevant stage to be reached. Now I just pass back a comma-separated list of all classes for each host and my erb knows how to handle that. A word or warning: as shipped, the fact_value field is VARCHAR($SMALL_VALUE) characters long. I had to change it to be a TEXT field because otherwise it truncated my data. On Thu, Jan 27, 2011 at 6:38 PM, Sukh Khehra mailto:skhe...@proofpoint.com>> wrote: Forgot to mention that we're running 2.6.4 on the server and in the process of migrating all clients from 0.25.5 to 2.6.4. From: puppet-users@googlegroups.com<mailto:puppet-users@googlegroups.com> [mailto:puppet-users@googlegroups.com<mailto:puppet-users@googlegroups.com>] On Behalf Of Sukh Khehra Sent: Thursday, January 27, 2011 6:33 PM To: puppet-users@googlegroups.com<mailto:puppet-users@googlegroups.com> Subject: [Puppet Users] each clients classes.txt on the server We have a lot of includes in our code so it takes some digging around to find the resultant set of classes that apply to a puppet clients. I was thinking of somehow copying classes.txt file from the client to the server for easier analysis. Anyone have any art on how to go about doing that? I'd appreciate any ideas. Regards, Sukh Khehra Sys Admin -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com<mailto:puppet-users@googlegroups.com>. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com<mailto:puppet-users%2bunsubscr...@googlegroups.com>. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com<mailto:puppet-users@googlegroups.com>. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com<mailto:puppet-users%2bunsubscr...@googlegroups.com>. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] RE: each clients classes.txt on the server
Forgot to mention that we're running 2.6.4 on the server and in the process of migrating all clients from 0.25.5 to 2.6.4. From: puppet-users@googlegroups.com [mailto:puppet-users@googlegroups.com] On Behalf Of Sukh Khehra Sent: Thursday, January 27, 2011 6:33 PM To: puppet-users@googlegroups.com Subject: [Puppet Users] each clients classes.txt on the server We have a lot of includes in our code so it takes some digging around to find the resultant set of classes that apply to a puppet clients. I was thinking of somehow copying classes.txt file from the client to the server for easier analysis. Anyone have any art on how to go about doing that? I'd appreciate any ideas. Regards, Sukh Khehra Sys Admin -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] each clients classes.txt on the server
We have a lot of includes in our code so it takes some digging around to find the resultant set of classes that apply to a puppet clients. I was thinking of somehow copying classes.txt file from the client to the server for easier analysis. Anyone have any art on how to go about doing that? I'd appreciate any ideas. Regards, Sukh Khehra Sys Admin -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] classes being assigned twice
I am running puppet 0.25.5 on puppet client and server (still testing rollout of the newest upgrade). For all my nodes, I see all classes listed twice in the /var/lib/puppet/classes.txt on the node. Anyone know why that might be? When I run my external node classifier, I only see the classes assigned once. On a "puppetd -t" run on the client, I also see my custom facts being evaluated twice which makes me think the work is being done twice over. Anyway, the classes being assigned twice is a problem because I am trying to iterate over them using this example from the puppet docs: <% classes.each do |klass| -%> The class <%= klass %> is defined <% end -%> I am not a ruby developer. Perhaps, as a short term fix, someone can tell me how to uniq the classes array in this example? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] puppetmaster HA
I recently lost the only puppetmaster for a datacenter. I ended up having to build a new one and then hit all clients to remove /var/lib/puppet/ssl and point them to the new one I built. That was not fun. I can start backing up the CA infrastructure on the puppetmaster I suppose but I am wondering how folks out there are protecting against puppetmaster node failure. Can I have 2 physical nodes and use an F5 or another loadbalancer to send requests to both? If yes, anyone know of a HowTo doc to do that? Thanks for your time. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
RE: [Puppet Users] viewing b64_zlib_yaml data
Apache is not logging any error when this happens. I experimented with upping the LimitRequestLine, and LimitRequestFieldsize apache config directives but hasn't made any difference. I tried your suggestion to decode the string (even one that works ok) but am getting this errorNot sure what this means... I even tried irb(main):017:0> Zlib::Inflate.inflate(Base64.decode64(CGI.unescape(text))) Zlib::BufError: buffer error from (irb):17:in `inflate' from (irb):17 from :0 -Original Message- From: puppet-users@googlegroups.com [mailto:puppet-us...@googlegroups.com] On Behalf Of Brice Figureau Sent: Thursday, August 26, 2010 11:37 AM To: puppet-users@googlegroups.com Subject: Re: [Puppet Users] viewing b64_zlib_yaml data On 26/08/10 20:20, Sukh Khehra wrote: > Thanks for the helpful suggestions. > > I checked for this and my problem does not appear to be request size > related. I say this because I turned on the logging for the request size > and see that it is serving requests larger than the problem hosts just > fine. I meant incoming request. Those are usually the issue with apache, especially if the given node has a large number of facts or long facts. > I even tried turning on debugging for puppetmaster but it is not > logging anything helpful (log pasted below). The behavior I see is that > the puppetmaster is not seeing any facts from the client (I suspect due > to the issue I posted about originally). Any other ideas? You can try to decode the facts (as you asked in your first message) with this: 1) launch irb 2) enter: require 'zlib' require 'cgi' text="" Zlib::Inflate.inflate(Base64.decode64(CGI.unescape(text))) This should print on the console the YAML serialization of the facts. If in those you have the missing facts, then the problem is that this request is not transmitted verbatim to puppet. Hope that helps, -- Brice Figureau My Blog: http://www.masterzen.fr/ -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
RE: [Puppet Users] viewing b64_zlib_yaml data
[puppet::sysconfig])) Retrieving template puppet/sysconfig-puppet.erb 2010-08-26T18:03:49+00:00 PUPPETMASTER puppetmasterd[18675]: (template[/etc/puppet/modules/production/puppet/templates/sysconfig-pupp et.erb]) Bound template variables for /etc/puppet/modules/production/puppet/templates/sysconfig-puppet.erb in 0.00 seconds 2010-08-26T18:03:49+00:00 PUPPETMASTER puppetmasterd[18675]: Failed to parse template puppet/sysconfig-puppet.erb: Could not find value for 'ipaddress' at /etc/puppet/modules/production/puppet/manifests/init.pp:132 on node hostname.sk.local 2010-08-26T18:03:49+00:00 PUPPETMASTER puppetmasterd[18675]: Failed to parse template puppet/sysconfig-puppet.erb: Could not find value for 'ipaddress' at /etc/puppet/modules/production/puppet/manifests/init.pp:132 on node hostname.sk.local -Original Message- From: puppet-users@googlegroups.com [mailto:puppet-us...@googlegroups.com] On Behalf Of Brice Figureau Sent: Thursday, August 26, 2010 9:12 AM To: puppet-users@googlegroups.com Subject: Re: [Puppet Users] viewing b64_zlib_yaml data On Thu, 2010-08-26 at 09:05 -0700, Sukh Khehra wrote: > I am using puppet 0.25.1on Centos 5.4 on both client and server along > with apache 2.2.3/mongrel 1.1.5 on the server side. I am getting http > status code 400 (The request could not be understood by the server due > to malformed syntax) in balancer_access_log for a handful of hosts > like so. How do I can decode that data to look at it to see what's > wrong with it? > > > > > > 172.16.19.30 - - [26/Aug/2010:00:31:10 +] > "GET /production/catalog/hostname.sk.local?facts= string? Encrypted?>&facts_format=b64_zlib_yaml HTTP/1.1" 400 190 "-" > "-" There's nothing wrong in the data itself. There are great chances the problem is that the request is too large for Apache to handle. I don't know its exact limit, but I believe it's around 4k. I think apache error.log should log the error, if not then it might be either a mongrel error or the master itself. You should also check your master log to see if it logs anything about this. -- Brice Figureau Follow the latest Puppet Community evolutions on www.planetpuppet.org! -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] viewing b64_zlib_yaml data
I am using puppet 0.25.1on Centos 5.4 on both client and server along with apache 2.2.3/mongrel 1.1.5 on the server side. I am getting http status code 400 (The request could not be understood by the server due to malformed syntax) in balancer_access_log for a handful of hosts like so. How do I can decode that data to look at it to see what's wrong with it? 172.16.19.30 - - [26/Aug/2010:00:31:10 +] "GET /production/catalog/hostname.sk.local?facts=&facts_format=b64_zlib_yaml HTTP/1.1" 400 190 "-" "-" -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
RE: [Puppet Users] augeas and sendmail aliases
Yes, I read that thread and thought I was ensuring path uniqueness by inserting the string "01" in there but its not working for me. I examined the tree using augtool and as expected did not see a subtree numbered at "01" so thought I should be be able to do this. Any other suggestions? -Original Message- From: Silviu Paragina [mailto:sil...@paragina.ro] Sent: Wednesday, June 16, 2010 11:31 AM To: puppet-users@googlegroups.com Cc: Sukh Khehra Subject: Re: [Puppet Users] augeas and sendmail aliases Search in the list history for a thread named "augeas type and /etc/services" Silviu On 16.06.2010 20:38, Sukh Khehra wrote: > I am trying to add an entry to /etc/aliases using this but am unable to > keep the entry from being added on every puppet run. I couldn't figure > out the proper "onlyif" attribute to use to add it only once. > > augeas{ "add sendmail alias" : > context => "/files/etc/aliases", > changes => [ > "set /files/etc/aliases/01/name mycron", > "set /files/etc/aliases/01/value[1] us...@mydomain.com", > "set /files/etc/aliases/01/value[2] us...@pmydomain.com", > ], > } > exec { "/usr/bin/newaliases": subscribe => Augeas["add sendmail > alias"], refreshonly => true } > > > Thanks for the help. > > Regards, > Sukh > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] augeas and sendmail aliases
I am trying to add an entry to /etc/aliases using this but am unable to keep the entry from being added on every puppet run. I couldn't figure out the proper "onlyif" attribute to use to add it only once. augeas{ "add sendmail alias" : context => "/files/etc/aliases", changes => [ "set /files/etc/aliases/01/name mycron", "set /files/etc/aliases/01/value[1] us...@mydomain.com", "set /files/etc/aliases/01/value[2] us...@pmydomain.com", ], } exec { "/usr/bin/newaliases": subscribe => Augeas["add sendmail alias"], refreshonly => true } Thanks for the help. Regards, Sukh -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] RE: variable interpolation weirdness
Forgot to mention that I am running version puppet-0.25.4-1 on both sides on centos 5.4. -Original Message- From: Sukh Khehra Sent: Wednesday, April 21, 2010 8:39 PM To: 'puppet-users@googlegroups.com' Subject: variable interpolation weirdness Can someone please explain what's happening here? Let me know if you need more info. Thanks in advance for your time. I have a module called abc. This is the init.pp for that module. ### $ cat modules/production/abc/manifests/init.pp # Puppet Module: abc # class abc { package { "maatkit": ensure => present } } class abc::base inherits abc { exec { "testvars": command => "/bin/echo 'java_version=${java_version}'", logoutput => true; } } class abc::test { $java_version = "jdk1.6.0_14" include abc::base } ### I accidently assigned both the "abc" and "abc::test" class to a host and noticed that the variable "java_version" no longer gets interpolated. E.g. here's the puppet run log. # puppetd -t notice: Ignoring --listen on onetime run info: Retrieving plugin info: Caching catalog for abc1.staging.pp.com info: Applying configuration version '1271906581' notice: //abc::base/Exec[testvars]/returns: java_version= notice: //abc::base/Exec[testvars]/returns: executed successfully warning: Value of 'preferred_serialization_format' (pson) is invalid for report, using default (marshal) notice: Finished catalog run in 3.21 seconds But If I only assign the host the "abc::test" class, everything works ok like so: # puppetd -t notice: Ignoring --listen on onetime run info: Retrieving plugin info: Caching catalog for abc1.staging.pp.com info: Applying configuration version '1271906581' notice: //abc::base/Exec[testvars]/returns: java_version=jdk1.6.0_14 notice: //abc::base/Exec[testvars]/returns: executed successfully warning: Value of 'preferred_serialization_format' (pson) is invalid for report, using default (marshal) notice: Finished catalog run in 3.21 seconds So I obviously know what to do to fix the problem but would love to understand what's happening here. Regards, Sukh -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] variable interpolation weirdness
Can someone please explain what's happening here? Let me know if you need more info. Thanks in advance for your time. I have a module called abc. This is the init.pp for that module. ### $ cat modules/production/abc/manifests/init.pp # Puppet Module: abc # class abc { package { "maatkit": ensure => present } } class abc::base inherits abc { exec { "testvars": command => "/bin/echo 'java_version=${java_version}'", logoutput => true; } } class abc::test { $java_version = "jdk1.6.0_14" include abc::base } ### I accidently assigned both the "abc" and "abc::test" class to a host and noticed that the variable "java_version" no longer gets interpolated. E.g. here's the puppet run log. # puppetd -t notice: Ignoring --listen on onetime run info: Retrieving plugin info: Caching catalog for abc1.staging.pp.com info: Applying configuration version '1271906581' notice: //abc::base/Exec[testvars]/returns: java_version= notice: //abc::base/Exec[testvars]/returns: executed successfully warning: Value of 'preferred_serialization_format' (pson) is invalid for report, using default (marshal) notice: Finished catalog run in 3.21 seconds But If I only assign the host the "abc::test" class, everything works ok like so: # puppetd -t notice: Ignoring --listen on onetime run info: Retrieving plugin info: Caching catalog for abc1.staging.pp.com info: Applying configuration version '1271906581' notice: //abc::base/Exec[testvars]/returns: java_version=jdk1.6.0_14 notice: //abc::base/Exec[testvars]/returns: executed successfully warning: Value of 'preferred_serialization_format' (pson) is invalid for report, using default (marshal) notice: Finished catalog run in 3.21 seconds So I obviously know what to do to fix the problem but would love to understand what's happening here. Regards, Sukh -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
RE: [Puppet Users] ad hoc tasks with puppet
Thanks for your reply. On my tags question I used the class as an example because I read that puppet auto creates a tag using the class name. My question really is whether the resource referenced by the tag should already be assigned to the host via node classification for this to work. E.g. lets say I have a class like this. class preupgrade { exec { "/etc/init.d/httpd stop": tag => "stopapache" } } I don't want to assign this class to all nodes but want to be able to trigger it on an ad hoc basis. So my question is can I do this on the master without first assigning the "preupgrade" class to hostA? puppetrun --host --tags stopapache In other words, does puppet look for the tagged resources in the entire config codebase or just the stuff that is applicable to the node by virtue of node classification. Hope this makes sense. -Original Message- From: puppet-users@googlegroups.com [mailto:puppet-us...@googlegroups.com] On Behalf Of Michael DeHaan Sent: Monday, April 19, 2010 11:07 AM To: puppet-users@googlegroups.com Subject: Re: [Puppet Users] ad hoc tasks with puppet On Mon, Apr 19, 2010 at 12:42 PM, Sukh Khehra wrote: > I have a need to audit user accounts on all of my puppet clients. > Essentially, I need to collect the password and shadow file from all of my > clients to one central location and analyze them. How would someone do this > using puppet. Is there any mechanism to ship files to the master from the > client? From the recent Fabric vs ControlTier thread, it sounds like people > end up using other tools to do stuff like this but I was wondering if I can > use puppet for this... There is a backup facility, though it's probably not want you want in this case. Currently it's not highly instrumented for combing through backups and finding what you want to look at, and stores things named after md5sums. http://docs.reductivelabs.com/guides/types/file.html You could use Puppet to execute something like rdiff-backup ? > > > > Another, unrelated, question I have is regarding tags. Can I do "puppetrun > --host --tags " if classA is not otherwise assigned to > hostA? Tags are really not about classes, tags are a seperate concept. --tags means "run resources tagged with this value". Puppetrun is due for some upgrades -- though these are going to wait a bit in priority behind some other things, as we're doing a lot of improvements to the way the internals of the catalog/etc behave and want to make a puppetrun that works well with multiple sources of node information, rather than just LDAP, which it does now. > > > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] ad hoc tasks with puppet
I have a need to audit user accounts on all of my puppet clients. Essentially, I need to collect the password and shadow file from all of my clients to one central location and analyze them. How would someone do this using puppet. Is there any mechanism to ship files to the master from the client? From the recent Fabric vs ControlTier thread, it sounds like people end up using other tools to do stuff like this but I was wondering if I can use puppet for this... Another, unrelated, question I have is regarding tags. Can I do "puppetrun --host --tags " if classA is not otherwise assigned to hostA? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] custom facts
Hi, I am running puppet 0.25.1 and was wondering if the following 2 make for better default values [main] pluginsync = true # current default is false factpath = $vardir/lib/facter # current default is $vardir/facts Current default for plugindest appears to be "/var/lib/puppet/lib". Seems like custom facts get synched to /var/lib/puppet/lib by default but then puppetd looks for them under /var/lib/puppet/facts by default...Doesnt seem right. Am I missing something? Thanks, Sukh -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] puppet on windows.
Is anyone running puppet on windows? I attempted to use the instructions at http://reductivelabs.com/trac/puppet/wiki/PuppetWindows on my windows xp machine but ran into the following error: H:\>puppetd -tv C:/Ruby/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in `gem_original_require': no such file to load -- syslog ( LoadError) from C:/Ruby/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in `require' from C:/Ruby/lib/ruby/gems/1.8/gems/puppet-0.25.3/lib/puppet/util/log.rb:1 from C:/Ruby/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in `gem_original_require' from C:/Ruby/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in `require' from C:/Ruby/lib/ruby/gems/1.8/gems/puppet-0.25.3/lib/puppet/util/logging.rb: 2 from C:/Ruby/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in `gem_original_require' from C:/Ruby/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in `require' from C:/Ruby/lib/ruby/gems/1.8/gems/puppet-0.25.3/lib/puppet/util.rb:456 ... 7 levels... from C:/Ruby/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in `require' from C:/Ruby/lib/ruby/gems/1.8/gems/puppet-0.25.3/bin/puppetd:158 from C:/Ruby/bin/puppetd:19:in `load' from C:/Ruby/bin/puppetd:19 I created an empty syslog.rb file in the lib directory and got past the above error but now get this: C:\>puppetd -tv --server admin1016.us.proofpoint.com The system cannot find the path specified. C:/Ruby/lib/ruby/gems/1.8/gems/puppet-0.25.3/lib/puppet/external/event-l oop/event-loop.rb:78:in `initialize': uninitiali zed constant Fcntl::F_SETFD (NameError) from C:/Ruby/lib/ruby/gems/1.8/gems/puppet-0.25.3/lib/puppet/external/event-l oop/event-loop.rb:31:in `new' from C:/Ruby/lib/ruby/gems/1.8/gems/puppet-0.25.3/lib/puppet/external/event-l oop/event-loop.rb:31:in `default' from C:/Ruby/lib/ruby/gems/1.8/gems/puppet-0.25.3/lib/puppet/external/event-l oop/event-loop.rb:35:in `current' from C:/Ruby/lib/ruby/gems/1.8/gems/puppet-0.25.3/lib/puppet/external/event-l oop/event-loop.rb:285:in `initializ e' from C:/Ruby/lib/ruby/gems/1.8/gems/puppet-0.25.3/lib/puppet/util/settings.rb :559:in `new' from C:/Ruby/lib/ruby/gems/1.8/gems/puppet-0.25.3/lib/puppet/util/settings.rb :559:in `set_filetimeout_timer' from C:/Ruby/lib/ruby/gems/1.8/gems/puppet-0.25.3/lib/puppet/util/settings.rb :323:in `parse' from C:/Ruby/lib/ruby/gems/1.8/gems/puppet-0.25.3/lib/puppet/application.rb:2 15:in `run' from C:/Ruby/lib/ruby/gems/1.8/gems/puppet-0.25.3/lib/puppet/application.rb:3 06:in `exit_on_fail' from C:/Ruby/lib/ruby/gems/1.8/gems/puppet-0.25.3/lib/puppet/application.rb:2 15:in `run' from C:/Ruby/lib/ruby/gems/1.8/gems/puppet-0.25.3/bin/puppetd:159 from C:/Ruby/bin/puppetd:19:in `load' from C:/Ruby/bin/puppetd:19 Anyone gotten this to work? I am not a developer but if anyone is doing development work on getting puppet to work on windows, I wouldn't mind helping with the testing. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] user management
We're using local passwd/shadow files on all our linux hosts for authentication and manage them by defining virtual resources like the following and realizing them in the appropriate classes based on authorization requirements. @user { "username": comment => "User Name", uid => "6", password=> '$9$5/PrhlML$AttWraRXLd0ASwCq.uIss1', home=> "/home/username", ensure => "present", gid => "6", groups => ["groupname"], shell => "/bin/sh", managehome => true, require => [Group["groupname"]], membership => minimum; } Currently there is no way for me to directly tie puppet to ldap in our environment (for various non technical reasons) but I would like to keep the passwords synched with ldap. So I was thinking of writing a script to query ldap and create perhaps a csv file containing username,password hash, & shell values. My questions is can I have my puppet manifests, like the snippet above, grab the values for password and shell from an external file? ... a file that I create from ldap every night? I found "http://nephilim.ml.org/~rip/puppet/extlookup.rb"; but also wanted to ask the community here if that's the best way to go. Any ideas will be appreciated. Regards, Sukh -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
RE: [Puppet Users] yet another class dependency question.
Thanks Dan. Unfortunately, this did not work for me. err: Could not apply complete catalog: Could not retrieve dependency 'Class[::http]' of Class[puppet::http] Does anyone know of another way to fully qualify the class name when requiring it? I was hoping to not have to change the names of these pre-existing classes. From: puppet-users@googlegroups.com [mailto:puppet-us...@googlegroups.com] On Behalf Of Dan Bode Sent: Wednesday, December 30, 2009 1:31 PM To: puppet-users@googlegroups.com Subject: Re: [Puppet Users] yet another class dependency question. Hi, On Wed, Dec 30, 2009 at 9:52 PM, Sukh Khehra wrote: Hi, I am running puppet version 0.25.1 on both the server and client and am getting the following error on a puppet run: err: Could not apply complete catalog: Could not retrieve dependency 'Class[http]' of Class[puppet::http] Class http is defined in the "http" module like so: class http { package { httpd: ensure => installed } file { "httpd.conf": ensure => present, ... Class puppet::http is defined in the puppet module like so: class puppet::http { require http file { "http-puppet.conf": ensure => present, path=> "/etc/httpd/conf.d/puppet.conf", ... I have a feeling that it maybe a scoping issue with a namespace collision between puppet::http and http. you are calling require http from the namespace of puppet::http, which is checking puppet before it checks root (::)so it actually thinks that you are requiring puppet::http and not http. I have seen this issue before with includes. To resolve it with include, you can add the prefix ::http (which means from the root namespace) Feel free to try this # this works for includes require ::http but it unfortunately didnt work for me, so this might actually be a bug. the easiest fix is not to use puppet::http for the name of the class, try puppet::apache or something. In this test setup both my client and server are the same node in the same production environment and here's what my module organization looks like. # egrep -i '^\[|module|environment' /etc/puppet/puppet.conf [main] environments = production,staging,development,testing environment = production [puppetd] environment = production [puppetmasterd] # environments [production] modulepath = $confdir/modules/production [staging] modulepath = $confdir/modules/staging:$confdir/modules/production [development] modulepath = $confdir/modules/development [testing] modulepath = $confdir/modules/testing:$confdir/modules/production # ls -1d /etc/puppet/modules/production/puppet /etc/puppet/modules/production/http /etc/puppet/modules/production/http /etc/puppet/modules/production/puppet Why wouldn't it be able to retrieve dependency class http? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com <mailto:puppet-users%2bunsubscr...@googlegroups.com> . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] yet another class dependency question.
Hi, I am running puppet version 0.25.1 on both the server and client and am getting the following error on a puppet run: err: Could not apply complete catalog: Could not retrieve dependency 'Class[http]' of Class[puppet::http] Class http is defined in the "http" module like so: class http { package { httpd: ensure => installed } file { "httpd.conf": ensure => present, ... Class puppet::http is defined in the puppet module like so: class puppet::http { require http file { "http-puppet.conf": ensure => present, path=> "/etc/httpd/conf.d/puppet.conf", ... In this test setup both my client and server are the same node in the same production environment and here's what my module organization looks like. # egrep -i '^\[|module|environment' /etc/puppet/puppet.conf [main] environments = production,staging,development,testing environment = production [puppetd] environment = production [puppetmasterd] # environments [production] modulepath = $confdir/modules/production [staging] modulepath = $confdir/modules/staging:$confdir/modules/production [development] modulepath = $confdir/modules/development [testing] modulepath = $confdir/modules/testing:$confdir/modules/production # ls -1d /etc/puppet/modules/production/puppet /etc/puppet/modules/production/http /etc/puppet/modules/production/http /etc/puppet/modules/production/puppet Why wouldn't it be able to retrieve dependency class http? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] monitoring puppet
Hi, I was wondering what people out there are doing to monitor puppetd in large environments. I'd love to hear what the best practices are around this. We have a few hundred hosts and are currently looking at the timestamps on the yaml files in /var/lib/puppet/yaml/facts/ on puppetmasters to make sure all clients are alive. Is it true that for a given client the fact file on the puppetmaster will always get updated on every one of its puppet runs? Or does it update only when facts change. Thanks, Sukh -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: intermittent fileserver module not found issues.
Basically, what's broken is that on some runs, puppet client fails to process our file type resource declarations correctly. When this happens, puppetmaster logs the errors I provided earlier. Puppet clients log this:(Using my sendmail module as an example on this one.) 2009-10-25T12:02:53+00:00 puppetd[27478]: (//sendmail::relay/File[sysconfig-sendmail]/source) Could not describe /sendmail//sysconfig-sendmail: Fileserver module 'sendmail' not mounted 2009-10-25T12:02:53+00:00 puppetd[27478]: (//sendmail::relay/File[sysconfig-sendmail]/source) Could not describe /sendmail/sysconfig-sendmail: Fileserver module 'sendmail' not mounted 2009-10-25T12:02:53+00:00 puppetd[27478]: (//sendmail::relay/File[sysconfig-sendmail]/ensure) No specified sources exist 2009-10-25T12:02:53+00:00 puppetd[27478]: (//sendmail::relay/File[sysconfig-sendmail]/ensure) No specified sources exist 2009-10-25T12:02:53+00:00 puppetd[27478]: (//sendmail::relay/File[sysconfig-sendmail]/source) No specified sources exist Again, this only happens intermittently. On other puppet runs this error is not logged. I failed to mention earlier that all our puppet clients are still on 0.24.4. I just updated a couple of clients to 0.25.1rc2 as well to see if it helps. I haven't seen the issue on those since but need to watch the logs some more to be sure. If it does, guess we can rush through our client upgrades sooner than we had planned unless someone has any ideas on what to look at on the master/passenger side. Also, I'm not sure if its relevant but we're not using an auth.conf file in our setup yet. -Original Message- From: puppet-users@googlegroups.com [mailto:puppet-us...@googlegroups.com] On Behalf Of Luke Kanies Sent: Sunday, October 25, 2009 10:11 PM To: puppet-users@googlegroups.com Subject: [Puppet Users] Re: intermittent fileserver module not found issues. On Oct 24, 2009, at 9:59 AM, Sukh Khehra wrote: [...] > Things seem to work ok for the most part. Intermittently, however, I > am > seeing these errors log on the master. The same clients don't cause > this > at other times. Anyone ever seen this? I'd appreciate the help. > > My apache puppetmaster.conf, config.ru, and a puppet manifest snippet > that I think is triggering this is pasted below. While I appreciate the thoroughness, can you be a bit more succinct in what exactly is broken? Am I right in reading that the hyperic fileserver module is sometimes not found? Is it only for some clients, only at certain times, etc? -- Take the utmost trouble to find the right thing to say, and then say it with the utmost levity. -- George Bernard Shaw - Luke Kanies | http://reductivelabs.com | http://madstop.com --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] intermittent fileserver module not found issues.
I just upgraded our puppetmaster servers from 0.24.4 to 0.25.1rc2 and configured them to use Passenger. Here's what I am running now: ruby-irb-1.8.5-5.el5_1.1 httpd-2.2.3-11.el5_1.centos.3 ruby-devel-1.8.5-5.el5_1.1 ruby-augeas-0.3.0-1.el5 httpd-devel-2.2.3-11.el5_1.centos.3 ruby-1.8.5-5.el5_1.1 ruby-libs-1.8.5-5.el5_1.1 puppet-0.25.1rc2-1 ruby-shadow-1.4.1-6 rubygems-0.9.4-1.el5 httpd-devel-2.2.3-11.el5_1.centos.3 augeas-libs-0.5.3-1 puppet-server-0.25.1rc2-1 I am using ruby-enterprise-1.8.7-20090928 with passenger apache module version 2.2.2 (2.2.5 did not work for me). Things seem to work ok for the most part. Intermittently, however, I am seeing these errors log on the master. The same clients don't cause this at other times. Anyone ever seen this? I'd appreciate the help. My apache puppetmaster.conf, config.ru, and a puppet manifest snippet that I think is triggering this is pasted below. start log entries 2009-10-24T16:41:19+00:00 puppetmasterd[2874]: Using cached node for 2009-10-24T16:41:19+00:00 puppetmasterd[2874]: Fileserver module 'hyperic' not mounted 2009-10-24T16:41:19+00:00 puppetmasterd[30546]: Allowing authenticated client (192.168.16.46) access to fileserver.describe 2009-10-24T16:41:19+00:00 puppetmasterd[30546]: Using cached node for 2009-10-24T16:41:19+00:00 puppetmasterd[30546]: (mount[hyperic]) Describing /hyperic/plugins/mysql_stats-plugin.jar for -- 2009-10-24T16:41:19+00:00 puppetmasterd[2874]: Using cached node for 2009-10-24T16:41:19+00:00 puppetmasterd[2874]: Fileserver module 'hyperic' not mounted 2009-10-24T16:41:19+00:00 puppetmasterd[2874]: Handling request: POST /RPC2 2009-10-24T16:41:19+00:00 puppetmasterd[2259]: (//puppet/Service[puppet]/ensure) ensure changed 'stopped' to 'running' 2009-10-24T16:41:19+00:00 puppetmasterd[2259]: Handling request: POST /RPC2 -- 2009-10-24T16:41:19+00:00 puppetmasterd[2874]: Using cached node for 2009-10-24T16:41:19+00:00 puppetmasterd[2874]: Fileserver module 'hyperic' not mounted 2009-10-24T16:41:19+00:00 puppetmasterd[2259]: Allowing authenticated client (192.168.16.46) access to fileserver.describe 2009-10-24T16:41:19+00:00 puppetmasterd[2259]: Using cached node for 2009-10-24T16:41:19+00:00 puppetmasterd[2259]: (mount[hyperic]) Describing /hyperic/plugins/pps-filterstatus-plugin.xml for -- 2009-10-24T16:41:19+00:00 puppetmasterd[2874]: Using cached node for 2009-10-24T16:41:19+00:00 puppetmasterd[2874]: Fileserver module 'ssh' not mounted 2009-10-24T16:41:19+00:00 puppetmasterd[2874]: Handling request: POST /RPC2 2009-10-24T16:41:19+00:00 puppetmasterd[2874]: Allowing authenticated client (192.168.16.46) access to puppetreports.report 2009-10-24T16:41:19+00:00 puppetmasterd[2874]: Processing reports store, rrdgraph, log for end log entries puppetmaster.conf LoadModule passenger_module /opt/ruby-enterprise-1.8.7-20090928/lib/ruby/gems/1.8/gems/passenger-2.2 .2/ext/apache2/mod_passenger.so PassengerRoot /opt/ruby-enterprise-1.8.7-20090928/lib/ruby/gems/1.8/gems/passenger-2.2 .2 PassengerRuby /opt/ruby-enterprise-1.8.7-20090928/bin/ruby ## you probably want to tune these settings PassengerHighPerformance on PassengerMaxPoolSize 15 PassengerPoolIdleTime 600 ## PassengerMaxRequests 1000 PassengerStatThrottleRate 120 RackAutoDetect Off RailsAutoDetect Off Listen 8140 SSLEngine on SSLProtocol -ALL +SSLv3 +TLSv1 SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP SSLCertificateFile /var/lib/puppet/ssl/certs/.pem SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/.pem SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem SSLCACertificateFile/var/lib/puppet/ssl/ca/ca_crt.pem # If Apache complains about invalid signatures on the CRL, you can try disabling # CRL checking by commenting the next line, but this is not recommended. #SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem SSLVerifyClient optional SSLVerifyDepth 1 SSLOptions +StdEnvVars DocumentRoot /usr/share/puppet/rack/puppetmasterd/public/ RackBaseURI / Options None AllowOverride None Order allow,deny allow from all end puppetmaster.conf start config.ru # a config.ru, for use with every rack-compatible webserver. # SSL needs to be handled outside this, though. # if puppet is not in your RUBYLIB: $:.unshift('/usr/lib/ruby/site_ruby/1.8') $0 = "puppetmasterd" require 'puppet' # if you want debugging: ARGV << "--debug" ARGV << "--rack" require 'puppet/application/puppetmasterd' # we're usually running inside a Rack::Builder.new {} block, # therefore we need to call run *here*. run Puppet::Application[:puppetmasterd].run ## end config.ru ## #