[Puppet Users] Issue with package provider dnfmodule
Hi guys, I'm using dnfmodule provider to enable a module on my CentOS 8 systems: ensure_packages( ['redis:6'], { provider => dnfmodule, ensure => present, enable_only => true } ) I would expect that this enables the module at first run and then it leaves it untouched, but what I see at any run is that it will be "updated" each time: Notice: /Stage[main]/Gt_redis/Package[redis:6]/ensure: created (corrective) Debug output of the puppet run: Info: /Package[redis:6]: Starting to evaluate the resource (275 of 506) Debug: Executing: '/usr/bin/dnf module list -d 0 -e 1' Debug: Executing: '/usr/bin/dnf module enable -d 0 -e 1 -y redis:6' Notice: /Stage[main]/Gt_redis/Package[redis:6]/ensure: created (corrective) Debug: /Package[redis:6]: The container Class[Gt_redis] will propagate my refresh event Info: /Package[redis:6]: Evaluated in 7.61 seconds So, is this an issue in puppet? Or is my resource configuration wrong? Thanks, Christian -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/000201d77f83%244eb1afb0%24ec150f10%24%40chello.at.
[Puppet Users] Override default schedule for all resources
Hi puppet users, we have a daily planned maintenance at 5am on our puppet server which means that during that time it's not available for our agents. I'd like to avoid that the agents are trying to connect to the puppetserver during that time. My first idea was to use schedules, but that would mean to define the schedule for each and every resource, which definitly would be painful :) So the next idea was to override the default schedule "puppet". Does anyone of you know if that's possible? Or do you have other/better ideas how I could handle this? Thanks, Christian -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/002301d77180%242f22c780%248d685680%24%40chello.at.
[Puppet Users] Re: Unknown resource type after Upgrade
Hey, thank you-- that clears that up. Seems like time will solve the issue; postponing the update for now. Am Donnerstag, 27. September 2018 11:14:19 UTC+1 schrieb Christian Reiß: > > Hey folks, > > I am currently upgrading to 6.x on a test setup using my live puppet code; > trying to get it to work with 6.x. > One weird issue I am getting is that alle default definitions (upper case > classes) are faulting: > > Error: Could not retrieve catalog from remote server: Error 500 on SERVER: > Server Error: Evaluation Error: Resource type not found: Nagios_service ( > file: /etc/puppetlabs/code/environments/production/modules/pn_icinga/ > manifests/client/checks.pp, line: 83, column: 3) on node outleapt.test > Warning: Not using cache on failed catalog > Error: Could not retrieve catalog; skipping run > > > > The corresponding manifest looks like this: > > Nagios_service { > check_period => '24x7', > ensure=> $::pn_icinga::client::installed, > host_name => $::trusted['certname'], > initial_state => 'o', > max_check_attempts=> '3', > notification_interval => '5', > notification_options => 'w,u,c,r', > notification_period => $notification_period, > notifications_enabled => '0', > [...] > } > > Did I miss a regression somewhere? > Any help is greatly appreciated! > > -Chris. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/8a5b4fed-cf93-4c8a-8652-5fc3222952c0%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Puppetserver does not auto-load.
I have a wierd question: On a fresh Server (Centos 7, PuppetServer 6) with only one nagios class (with nagios_core from forge I am getting this error: Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Evaluation Error: Error while evaluating a Resource Statement, Could not autoload puppet/type/nagios_service: no such file to load -- puppet/util/nagios_maker (file: /etc/puppetlabs/code/environments/production/manifests/site.pp, line: 4, column: 3) on node hyposulphuric If I do a puppet apply however, the same site.pp applies correctly without issues (well, it complains about exporting ressources not possible). Why would a puppet apply correctly load the puppet forge module when then puppet server (puppet agent --test) does not and yields above error? I have been hitting my head against the issue all day. Any help is greatly appreciated. -Chris. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/b0c75235-39ab-434d-850a-84912a6a1fb3%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Unknown resource type after Upgrade
Hey Rafael, thanks for your reply. Ironically I was readind the deprecated logs and seem to have missed that, After doing a puppet module install the error changed to Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Evaluation Error: Error while evaluating a Type-Name, Could not autoload puppet/type/nagios_service: no such file to load -- puppet/util /nagios_maker (file: /etc/puppetlabs/code/environments/production/modules/ pn_icinga/manifests/client/raid.pp, line: 15, column: 3) on node outleapt. test Mind pushing me once more in the right direction? -Chris. Am Donnerstag, 27. September 2018 11:25:34 UTC+1 schrieb Rafael Tomelin: > > Hi dear, > > This link the puppet6 release notes. > https://puppet.com/docs/puppet/6.0/release_notes.html#deprecations > > >- The Nagios types no longer ship with Puppet, and are now available >as the puppetlabs/nagios_core module from the Forge. > > > Em qui, 27 de set de 2018 às 07:14, Christian Reiß > escreveu: > >> Hey folks, >> >> I am currently upgrading to 6.x on a test setup using my live puppet >> code; trying to get it to work with 6.x. >> One weird issue I am getting is that alle default definitions (upper case >> classes) are faulting: >> >> Error: Could not retrieve catalog from remote server: Error 500 on SERVER >> : Server Error: Evaluation Error: Resource type not found: Nagios_service >> (file: /etc/puppetlabs/code/environments/production/modules/pn_icinga/ >> manifests/client/checks.pp, line: 83, column: 3) on node outleapt.test >> Warning: Not using cache on failed catalog >> Error: Could not retrieve catalog; skipping run >> >> >> >> The corresponding manifest looks like this: >> >> Nagios_service { >> check_period => '24x7', >> ensure=> $::pn_icinga::client::installed, >> host_name => $::trusted['certname'], >> initial_state => 'o', >> max_check_attempts=> '3', >> notification_interval => '5', >> notification_options => 'w,u,c,r', >> notification_period => $notification_period, >> notifications_enabled => '0', >> [...] >> } >> >> Did I miss a regression somewhere? >> Any help is greatly appreciated! >> >> -Chris. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to puppet-users...@googlegroups.com . >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/puppet-users/bde5ac1d-f1ef-4454-885d-b499f22062c8%40googlegroups.com >> >> <https://groups.google.com/d/msgid/puppet-users/bde5ac1d-f1ef-4454-885d-b499f22062c8%40googlegroups.com?utm_medium=email_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > -- > > Atenciosamente, > > Rafael Tomelin > > skype: rafael.tomelin > > E-mail: rafael@gmail.com > > RHCE - Red Hat Certified Engineer > PPT-205 - Puppet Certified Professional 2017 > Zabbix- ZABBIX Certified Specialist > LPI3 > ITIL v3 > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/c2b29923-114f-4a82-8a66-cba5e428ca4b%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Unknown resource type after Upgrade
Hey folks, I am currently upgrading to 6.x on a test setup using my live puppet code; trying to get it to work with 6.x. One weird issue I am getting is that alle default definitions (upper case classes) are faulting: Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Evaluation Error: Resource type not found: Nagios_service ( file: /etc/puppetlabs/code/environments/production/modules/pn_icinga/ manifests/client/checks.pp, line: 83, column: 3) on node outleapt.test Warning: Not using cache on failed catalog Error: Could not retrieve catalog; skipping run The corresponding manifest looks like this: Nagios_service { check_period => '24x7', ensure=> $::pn_icinga::client::installed, host_name => $::trusted['certname'], initial_state => 'o', max_check_attempts=> '3', notification_interval => '5', notification_options => 'w,u,c,r', notification_period => $notification_period, notifications_enabled => '0', [...] } Did I miss a regression somewhere? Any help is greatly appreciated! -Chris. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/bde5ac1d-f1ef-4454-885d-b499f22062c8%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Question Exec resource
Yes the command exit with succes from a root shell. I'm gonna try to use exec environment parameter. Thx -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/b1861de2-c520-4b1a-94a8-c1419d6f7ef4%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Question Exec resource
Thnaks for your answer Martin. Here is the beginning of the stack: [0;36mDebug: Executing '/bin/sh -c source /etc/profile && /opt/openam/bin/openam_install.sh install cm > /opt/openam/install.log' [0m [0;36mDebug: /Stage[main]/Openam::Config/Exec[openam_install]/returns: Certificate was added to keystore [0m [0;36mDebug: /Stage[main]/Openam::Config/Exec[openam_install]/returns: Certificate stored in file [0m [0;36mDebug: /Stage[main]/Openam::Config/Exec[openam_install]/returns: Certificate was added to keystore [0m [0;36mDebug: /Stage[main]/Openam::Config/Exec[openam_install]/returns: java.net.ConnectException: Connection refused [0m [0;36mDebug: /Stage[main]/Openam::Config/Exec[openam_install]/returns: at java.net.PlainSocketImpl.socketConnect(Native Method) [0m Could it be an SSL connection issue instead of a path issue with the java -jar command? About the idenpotency, by using the creates attribute normally ensure the exec command will be executed only if the file/directory doesn't exist. So i should not have any problem with that. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/cf796f0d-7ddb-4ff5-bbfb-5ce67aeae565%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Question Exec resource
Hi, I'm trying to install openam with puppet. To do this i'm using an exec resource: exec { 'openam_install': command => "source /etc/profile && /opt/openam/bin/openam_install.sh install ${::env} > /opt/openam/install.log", provider => shell, creates => '/var/lib/tomcat/webapps/sso', } The script openam_install.sh exit with an error code: Debug: /Stage[main]/Openam::Config/Exec[openam_install]/returns:ERROR: command execution failed at line 247 ! Error: source /etc/profile && /opt/openam/bin/openam_install.sh install cm returned 1 instead of one of [0] Error: /Stage[main]/Openam::Config/Exec[openam_install]/returns: change from notrun to 0 failed: source /etc/profile && /opt/openam/bin/openam_install.sh install cm returned 1 instead of one of [0] Line 247 i have this: java -jar /opt/openam/configurator/openam-configurator-tool-${openAMversion}.jar -f /opt/openam/configurator/openam.conf echo "Restarting OpenAM" service tomcat restart The java -jar command fail but i can't figure out why because if i try to launch this command directly in a shell it works. Any help would be appreciated. Thanks. Chris -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/c0c81a61-b7cc-46e8-b9cf-63020f7598fd%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: how to trigger puppet run on agents remotely
Very simple, yet helpful: https://github.com/alcCapone/doll -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/a4772ecf-d499-4ac4-9f0a-025044ec166e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Anonymous block scope?
Thanks for clearing this up! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/b42ee960-9794-4821-b7fa-f5d4a578cab2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Anonymous block scope?
Hi, is there a way to have anonymous block scope in puppet? In a couple of languages you can simply create limited scope by opening and closing curly braces {...} I'd like to use this to limit the area of effect of e.g. resource default statements (https://docs.puppetlabs.com/puppet/latest/reference/lang_defaults.html). Thanks in advance, Christian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/452b2ddf-847d-418b-aeef-39f8b84a1e08%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Anonymous block scope?
Yes Am 27.08.2015 13:07 schrieb R.I.Pienaar r...@devco.net: - Original Message - From: Christian Flamm christian.le.fl...@gmail.com To: puppet-users puppet-users@googlegroups.com Sent: Thursday, August 27, 2015 12:03:11 PM Subject: [Puppet Users] Anonymous block scope? Hi, is there a way to have anonymous block scope in puppet? In a couple of languages you can simply create limited scope by opening and closing curly braces {...} I'd like to use this to limit the area of effect of e.g. resource default statements (https://docs.puppetlabs.com/puppet/latest/reference/lang_defaults.html ). Puppet 4 address most of this, in 3 not so much. Are you asking about 3? -- You received this message because you are subscribed to a topic in the Google Groups Puppet Users group. To unsubscribe from this topic, visit https://groups.google.com/d/topic/puppet-users/7M61d84szdQ/unsubscribe. To unsubscribe from this group and all its topics, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/1046405241.85644.1440673655277.JavaMail.zimbra%40devco.net . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CANzp%2BZN1KwN5vy8SZ_XO3tjwHMWWZ6Rs9ibGLCJQDYfD9Zvo1A%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Anonymous block scope?
Not proud of this idea, but... if true { ... } ? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/871d73d6-7002-4b3a-a439-db8fe00c1391%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Re: Puppet agent run runs slowly
I most sincerely love you! Thank you, thank you, thank you!!! Am Mittwoch, 26. August 2015 19:26:31 UTC+2 schrieb Christopher Wood: On Wed, Aug 26, 2015 at 05:13:19PM +0200, Constantin Wolber wrote: Hi, after some more searching and investigating i came to the solution that the state.yaml file is the problem. The affected system contained a state.yaml file which was 147M big. So i deleted the file and after the next run it was down to 347K and no performance issues occurred. Any idea what could have caused the file to get that big? Regards Constantin I recall a thread way back where somebody was purging a growing directory with puppet, I wonder if this is the same issue where the list of resources to be deleted are appended to state.yaml ad infinitum. Maybe save state.yaml backups and diff them? Similar: https://ask.puppetlabs.com/question/6544/state-file-constantly-growing/ https://groups.google.com/forum/#!topic/puppet-users/Laj0WFBmdsU 2015-08-26 16:56 GMT+02:00 Constantin Wolber [1]constant...@gmail.com javascript:: Hi, i tried the performance profiler, but it did not really help me figuring things out. 2015-08-26 14:48:21 + Puppet (debug): Storing state 2015-08-26 14:55:23 + Puppet (debug): Stored state in 422.03 seconds What I'm interested in is how i can improve performance of that step. 2015-08-25 18:14 GMT+02:00 kaustubh chaudhari [2]kaus...@gmail.com javascript:: Hi, You can run profiler to check who and what is taking time in detail. [3]https://puppetlabs.com/blog/tune-puppet-performance-profiler -Kaustubh On Tuesday, August 25, 2015 at 3:49:28 AM UTC-4, Constantin Wolber wrote: Hi, i searched quite a bit with google but cannot really find an idea of what to change. If i do a puppet agent run on a few of my managed servers i get the following results: Notice: Finished catalog run in 486.54 seconds Changes: Events: Resources: Total: 2304 Time: Filebucket: 0.00 Apt key: 0.00 Anchor: 0.00 Schedule: 0.00 Group: 0.00 Exec: 0.00 User: 0.00 Ssh authorized key: 0.00 Package: 0.39 Last run: 1440488641 Service: 2.71 Config retrieval: 2.91 File: 22.60 Total: 28.62 Version: Config: 1440488048 Puppet: 3.8.1 The summarized view looks good but it seems puppet spends a lot of time in different other places that don't count for the summarize. 1. Debug: Loaded state in 119.18 seconds 2. Debug: Loaded state in 156.15 seconds 3. Debug: Stored state in 252.81 seconds What is causing those excessive times for Loading and Storing the state. I did not really find a lot of hints on that topic. Due to some ideas i already changed most of my recurse options for file type to recurse = remote I also found the hint to use checksum = none but not sure about the effect of that change. Any hints are welcome Regards Constantin -- You received this message because you are subscribed to a topic in the Google Groups Puppet Users group. To unsubscribe from this topic, visit [4] https://groups.google.com/d/topic/puppet-users/BzfsN9axWss/unsubscribe. To unsubscribe from this group and all its topics, send an email to [5]puppet-users...@googlegroups.com javascript:. To view this discussion on the web visit [6] https://groups.google.com/d/msgid/puppet-users/05bacd31-8a6c-4ab5-bdd3-a323f12ff249%40googlegroups.com. For more options, visit [7]https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to [8]puppet-users...@googlegroups.com javascript:. To view this discussion on the web visit [9] https://groups.google.com/d/msgid/puppet-users/CAFYu9xxbT3egioN0crCeBBuXX%2BiFeDhDSiznWXJy1MTX-wmOmg%40mail.gmail.com. For more options, visit [10]https://groups.google.com/d/optout. References
[Puppet Users] Problems with a resource default definition
Hi folks, i want to declare a resource default globally for all available classes. I searched google and found this site: https://ask.puppetlabs.com/question/396/howto-force-systemd-as-service-provider-globally/ These guys suggest this solution: Service { provider = systemd, } *If you write this in a class, the resource default will only be valid within that class, so if you want to have a global default you should probably place that into your site.pp file.* So i tested it. I wrote in my $environment/manifests/site.pp under default: *node default {* * if $::operatingsystem == 'Sles12.0' {* *Service {* *provider = systemd,* * }* * notify{SLES 12: Systemd als Service-Provideer:}* * }* *}* But i didn't see anything in the debug output on my testystem. https://lh3.googleusercontent.com/-mOSugk7Ff1o/VPRxuSiNCXI/AA0/wD6FxIkp5bg/s1600/2015-03-02%2B15_19_21-mgtwts001%2B-%2Bmgtwts001%2B-%2BRemotedesktopverbindung.png The i created a class called services::providerdefault which had the same content like the site.pp in the above. Just the line node.. was exchanged with class services::providerdefault { so to get a class. I made a requirement in a class for autofs and i got this output. https://lh6.googleusercontent.com/-tDrB9y1ango/VPRypklDWHI/ABA/oxmiZ_ccZaU/s1600/require%2Bclass%2Bproviderdefault.png Now i get the notify in this run But the service wants to check with chkconfig and thats wrong. I'm asuming now that my default definition is not typed the right way or in a wrong place. When i declare the provider directly in the resource declaration its working. Can someone tell me how i have to declare a resource default that it is working for i.e. 5 services wich i include in the nodedefinition ? Thanks in Advance Christian Hase (Yes thats my real name ^-^ its german and means rabbit) -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/086b09d9-ce52-41e7-aa85-1fd9ba533164%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Dallas Fort-Worth Puppet User Group
Hi, I've started the DFWPUG. Please go to http://www.meetup.com/Dallas-Fort-Worth-Puppet-User-Group http://www.meetup.com/Dallas-Fort-Worth-Puppet-User-Groupfor details, I'll be organizing a first meeting soon. Brad Christian @vhipster -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/b7c04dc2-df5c-4275-9509-8ac163eae74c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Unreported Windows nodes (Puppet 3.7.3, Exchange 2010)
This is what it looks like: http://i.imgur.com/Woxi68C.png On Thu, Feb 5, 2015 at 11:27 PM, Rob Reynolds r...@puppetlabs.com wrote: On Tue, Feb 3, 2015 at 8:25 AM, cko dert...@gmail.com wrote: Icacls: http://i.imgur.com/s1xQy65.png Can you run one against the last_run_report.yaml and the lock file (if still present)? I'm seeing a similar set of permissions for var/state but want to verify the permissions on the files (as they can be different). I will upgrade to Puppet 3.7.3 this week an see if that fixed the issue. On Monday, February 2, 2015 at 9:49:01 PM UTC+1, Rob Reynolds wrote: On Mon, Feb 2, 2015 at 5:05 AM, cko der...@gmail.com wrote: I just noticed that the affected agents do not update the files located in C:\ProgramData\PuppetLabs\puppet\var\state. Also interesting: The agent_catalog_run.lock file is not properly removed after a puppet run. See the timestamps on the files ( http://i.imgur.com/qE87OB5.png ) Can you give me an icacls on that folder? icacls C:\ProgramData\PuppetLabs\puppet\var\state. Also I wonder if you have a connection issue in sending the report to the master? From the gist I didn't see an issue jump out at me though. Also, 3.7.4 just came out. I don't know for sure if it will resolve the issues or not. On Monday, December 15, 2014 at 5:24:55 PM UTC+1, Rob Reynolds wrote: On Sun, Dec 14, 2014 at 9:17 AM, cko der...@gmail.com wrote: The Puppet Service is actually running. The eventlog shows records about successfully finished catalog runs. All files in the C:\ProgramData\PuppetLabs\puppet\var\state directory indicate that the puppet run finishes without problems. I suspect there is a problem with the submission of the report to the puppet master unless the puppet run is triggered manually. What user does the puppet agent service run under? That might be the reason they are marked out of sync in any dashboard application (puppetdb, puppetexplorer, foreman). On Sunday, December 14, 2014 4:48:59 AM UTC+1, Rob Reynolds wrote: On Tue, Dec 9, 2014 at 7:28 AM, cko der...@gmail.com wrote: Hi, I'm currently having an issue with the Windows Server 2008R2 nodes in our Exchange 2010 environment. Since I upgraded the four nodes to Puppet 3.7.3 , they do not check in to the Puppetmaster via the Windows Service every 30 minutes like all the other nodes do. Here is a gist of the output from puppet agent -t --debug that might help https://gist.github.com/anonymous/e972393ea742631ccaef Is there a problem in my environment or are there any known issues regarding this behavior? We are not aware of a known issue for this behavior. If you could check the eventlog and determine what issues it may be reporting? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/4da95e8f-9c8f -4dca-a91d-dfae1ce1dd1d%40googlegroups.com https://groups.google.com/d/msgid/puppet-users/4da95e8f-9c8f-4dca-a91d-dfae1ce1dd1d%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- Rob Reynolds Developer, Puppet Labs *Join us at **PuppetConf 2015, October 5-9 in Portland, OR - * http://2015.puppetconf.com/ *Register early to save 40%!* -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/ msgid/puppet-users/311eff85-ba40-42bf-a983-a363fe5a61d1%40goog legroups.com https://groups.google.com/d/msgid/puppet-users/311eff85-ba40-42bf-a983-a363fe5a61d1%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- Rob Reynolds Developer, Puppet Labs *Join us at **PuppetConf 2015, October 5-9 in Portland, OR - * http://2015.puppetconf.com/ *Register early to save 40%!* -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/ msgid/puppet-users/74fa3e65-2974-46b5-95c4-a30bf6374a60% 40googlegroups.com https://groups.google.com/d/msgid/puppet-users/74fa3e65-2974-46b5-95c4-a30bf6374a60%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- Rob Reynolds Developer, Puppet Labs *Join us at **PuppetConf 2015, October 5-9 in Portland, OR - * http://2015.puppetconf.com/ *Register early to save 40%!* --
[Puppet Users] hiera variable problem
Hi, I've been using hiera for several weeks now and all was working fine til few days ago when i started to get that kind of message: Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not find data item nom in any Hiera data file and no default supplied on node d0puppetclient.victor-buck.com Warning: Not using cache on failed catalog Error: Could not retrieve catalog; skipping run So i tried to make a very simple test to check if the problem came from my last code changes and i'm still getting this message. I can't get hiera variable anymore. Below the test i made: *hiera.yaml*: --- :backends: - yaml :yaml: :datadir: /etc/puppet/hieradata :hierarchy: - common *site.pp*: # /etc/puppet/manifests/site.pp case $operatingsystem { 'Solaris': { include role::solaris } 'RedHat', 'CentOS': { include redhat::roles::common } /^(Debian|Ubuntu)$/: { include role::debian } # default: { include role::generic } } case $hostname { /^d0puppetclient/: { include test } } *test.pp*: class test{ $nom = hiera('nom') file {/root/test.txt: ensure = file, source = /etc/puppet/test.txt.erb, } } *test.txt.erb*: %= nom % Any idea about to fix this?I thought this could be an file access right issue, so i tried to grante access on some files (755) and it's not working... Thanks to those who 'll take time to read me and give me an answer :) Christian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/41e41e5f-7d26-46c4-9fe4-861b146c8f4f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] hiera variable problem
No, the command to get the hiera variable value (hiera nom) doesn't work. The common.yaml file contents: --- apache_packages_list: - apr-1.4.8 - apr-devel-1.4.8 - apr-util-1.5.2 - apr-util-devel-1.5.2 - distcache-1.4.5 - distcache-devel-1.4.5 - httpd-2.4.6 - httpd-tools-2.4.6 - mod_ssl-2.4.6 classes: [] hiera_ressources_path: /etc/puppet/hieradata nom: test Regards, Le jeudi 7 août 2014 15:23:01 UTC+2, Jose Luis Ledesma a écrit : Hi, What's the content of /etc/puppet/hieradata/common.yaml ? Does the hiera command line works? Something like: $ hiera nom Regards, -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/24a413db-919e-4da8-a08e-971fe87aa5ef%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: Problem using hiera variable in templates
It was due to some kind of syntax error (= missing) : %= scope.lookupvar('apache::config::servername') % -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/f2fd38c8-f524-457d-9263-fd1a338c1a52%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Problem using hiera variable in templates
Hi, I'm trying to use variables stored in hiera files in module templates. I read it's better to avoid to use hiera function in templates so i tried to get the hiera value in the config.pp manifest with a local variable. Then to use the local variable in the template, but it doesn't work. *common.yaml* --- apache_packages_list: - apr-1.4.8 - apr-devel-1.4.8 - apr-util-1.5.2 - apr-util-devel-1.5.2 - distcache-1.4.5 - distcache-devel-1.4.5 - httpd-2.4.6 - httpd-tools-2.4.6 - mod_ssl-2.4.6 accounts_conf_filename: accounts.victorbuckservices.com.conf accounts_conf_balancer_filename: accounts.victorbuckservices.com.balancer.conf certificate_filename: all.dev.victorbuckservices.com.crt key_filename: all.dev.victorbuckservices.com.key *ServerName: accounts.dev.victorbuckservices.comServerAdmin: t...@victorbuckservices.com* SSLCertificateFile: /etc/pki/tls/certs/all.dev.victorbuckservices.com.crt SSLCertificateKeyFile: /etc/pki/tls/private/all.dev.victorbuckservices.com.key *config.pp* class apache::config { $accounts_conf_filename= hiera('accounts_conf_filename') $accounts_conf_balancer_filename = hiera('accounts_conf_balancer_filename') $crt_filename = hiera('certificate_filename') $key_filename= hiera('key_filename') * $servername = hiera('ServerName')$serveradmin = hiera('ServerAdmin')* file {/etc/httpd/conf.d/$accounts_conf_filename: ensure = file, content = template(/etc/puppet/hieradata/$accounts_conf_filename.erb), } file {/etc/httpd/conf.d/$accounts_conf_balancer_filename: ensure = file, content = template(/etc/puppet/hieradata/$accounts_conf_balancer_filename), } file {'/etc/pki/tls/certs/$crt_filename': ensure = file, content = template(/etc/puppet/hieradata/$crt_filename), } file {'/etc/pki/tls/private/$key_filename': ensure = file, content = template(/etc/puppet/hieradata/$key_filename), } } *accounts.victorbuckservices.com.conf.erb* VirtualHost accounts.dev.victorbuckservices.com:80 ServerName % ServerName = scope.lookupvar('apache::config::servername') % ServerAdmin % ServerAdmin = scope.lookupvar('apache::config::serveradmin') % I also tried syntax as follow: ServerName %= scope.function_hiera('ServerName') % ServerName %= @servername % But i doesn't works neither. Any idea or suggestion to make this right? Cheers, Christian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/505d7ccb-20f2-4af6-a2f9-66a03535e495%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: Puppet + hiera file backend problem
I have a file accounts.victorbuckservices.com.conf and not an .erb template. It seems a little weird to me that we have to use template function either for .erb template or file backend. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/cf5550d3-2625-4825-9558-185490078b05%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Puppet + hiera file backend problem
Hi, I'm using hiera with puppet and i want to store my resources out from the modules, in hieradata directory. Here is my hiera.yaml file: --- :hierarchy: - common #- %{operatingsystem} - %{::hostname} :backends: - yaml - file :yaml: :datadir: '/etc/puppet/hieradata' :file: :datadir: '/etc/puppet/hieradata' :logger: console The common.yaml file: --- apache_packages_list: - apr-1.4.8 - apr-devel-1.4.8 - apr-util-1.5.2 - apr-util-devel-1.5.2 - distcache-1.4.5 - distcache-devel-1.4.5 - httpd-2.4.6 - httpd-tools-2.4.6 - mod_ssl-2.4.6 accounts_conf_filename: accounts.victorbuckservices.com.conf accounts_conf_balancer_filename: accounts.victorbuckservices.com.balancer.conf certificate_filename: all.dev.victorbuckservices.com.crt key_filename: all.dev.victorbuckservices.com.key My site.pp call a role which call itself a profile which uses a module to install apache. Here is the config..p of apache module: class apache::config { $accounts_conf_filename = hiera('accounts_conf_filename') $accounts_conf_balancer_filename = hiera('accounts_conf_balancer_filename') $crt_filename = hiera('certificate_filename') $key_filename = hiera('key_filename') file {'/etc/httpd/conf.d/accounts.victorbuckservices.com.conf': ensure = file, content = template($accounts_conf_filename), } file {'/etc/httpd/conf.d/$accounts_conf_balancer_filename': ensure = file, content = template($accounts_conf_balancer_filename), } file {'/etc/pki/tls/certs/$crt_filename': ensure = file, content = template($crt_filename), } file {'/etc/pki/tls/private/$key_filename': ensure = file, content = template($key_filename), } } I put data and resource files in /etc/puppet/hieradata/ and when i use the command line on the client: puppet agent --server=d0puppet.victor-buck.com --debug --verbose --noop --test I got the following error : Error 400 on Server: could not find template 'accounts.victorbuckservices.com.conf' at /etc/puppet/modules/apache/manifests/config.pp:9 on node puppetclient Someone to help to figure out what happen? If there are some information missing to make easier to understand what's going on feel free to ask me. Thanks. Christian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/00bf537c-6ac1-4351-b4c3-e4f99bdda189%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Error 400 on SERVER : could not find class xxx for yyy on node yyy
Thanks a lot Jose, i appreciate your help :) Le vendredi 30 mai 2014 15:53:42 UTC+2, Jose Luis Ledesma a écrit : Class vstar::apache should be in /etc/puppet/modules/vstar/manifests/apache.pp To allow autoloader find it. Regards, El 30/05/2014 15:48, Christian Charpentier cha...@gmail.com javascript: escribió: Hi, I'm statrting using puppet with role/profile pattern and i'm facing a problem. I use puppet 3.4.3 with a master running on red hat 2.6 and a client on a local VM centOS 6.5. When i try to test my code with the command above i got an error : Error 400 on SERVER could not find class vstar::apache for puppetclient on node puppet client. puppet agent --server=d0puppet.victor-buck.com --debug --verbose --noop --test Here is my puppet code : # /etc/puppet/manifests/site.pp import classes/* case $operatingsystem { 'Solaris': { include role::solaris } 'RedHat', 'CentOS': { include role::redhat } /^(Debian|Ubuntu)$/:{ include role::debian } default:{ include role::generic } } case $hostname { /^puppetclient/: { include vstar::roles::www } } #/etc/puppet/modules/vstar/manifests/roles/www.pp class vstar::roles::www { include vstar::profiles::webserver include vstar::profiles::mailserver } #/etc/puppet/modules/vstar/manifests/profiles/webserver.pp class vstar::profiles::webserver { include vstar::apache include common::postfix } #/etc/puppet/modules/vstar/manifests/apache/manifests/init.pp class vstar::apache { include apache::install, apache::service } I can't figure out the issue here. Any idea on the solution to fix this? Any comment or idea is welcome. Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com javascript:. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/75a4d45f-9259-40c9-887e-c717b0d67c94%40googlegroups.com https://groups.google.com/d/msgid/puppet-users/75a4d45f-9259-40c9-887e-c717b0d67c94%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/29dbf5fe-e3a3-4eae-91a6-338b2bc6b820%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Error 400 on SERVER : could not find class xxx for yyy on node yyy
Hi, I'm statrting using puppet with role/profile pattern and i'm facing a problem. I use puppet 3.4.3 with a master running on red hat 2.6 and a client on a local VM centOS 6.5. When i try to test my code with the command above i got an error : Error 400 on SERVER could not find class vstar::apache for puppetclient on node puppet client. puppet agent --server=d0puppet.victor-buck.com --debug --verbose --noop --test Here is my puppet code : # /etc/puppet/manifests/site.pp import classes/* case $operatingsystem { 'Solaris': { include role::solaris } 'RedHat', 'CentOS': { include role::redhat } /^(Debian|Ubuntu)$/:{ include role::debian } default:{ include role::generic } } case $hostname { /^puppetclient/: { include vstar::roles::www } } #/etc/puppet/modules/vstar/manifests/roles/www.pp class vstar::roles::www { include vstar::profiles::webserver include vstar::profiles::mailserver } #/etc/puppet/modules/vstar/manifests/profiles/webserver.pp class vstar::profiles::webserver { include vstar::apache include common::postfix } #/etc/puppet/modules/vstar/manifests/apache/manifests/init.pp class vstar::apache { include apache::install, apache::service } I can't figure out the issue here. Any idea on the solution to fix this? Any comment or idea is welcome. Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/75a4d45f-9259-40c9-887e-c717b0d67c94%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: Two (hopefuly minor) Questions (ip-array, line for several hosts)
Hey folks, that worked, thanks. -Christian. Am Donnerstag, 10. Oktober 2013 11:54:31 UTC+2 schrieb christian...@googlemail.com: Hey Folks, I have two question, which I hope are minor. First off I would like an array with all IPs for a system. This would come in handy for sshkeys, hosts and the likes. Second, and more important, I need to add a line into a file for every host. To clarify here is an example: - I have 3 (theoretical) nameservers, which configs (zones) get distributed over puppet. - I want, in each zonefile a line mydomain.de. IN NS $fqdn::dns::server. Furthermore I want those lines purged if a NS does clean/deactivated. Thanks for your help in advance! -Christian. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Two (hopefuly minor) Questions (ip-array, line for several hosts)
Hey Folks, I have two question, which I hope are minor. First off I would like an array with all IPs for a system. This would come in handy for sshkeys, hosts and the likes. Second, and more important, I need to add a line into a file for every host. To clarify here is an example: - I have 3 (theoretical) nameservers, which configs (zones) get distributed over puppet. - I want, in each zonefile a line mydomain.de. IN NS $fqdn::dns::server. Furthermore I want those lines purged if a NS does clean/deactivated. Thanks for your help in advance! -Christian. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: [windows server 2008 r2] puppet errors in 3.3.0 on exchange database servers
Hi Rob, i just applied the changes to the windows.rb file. The catalog run finished as usual. Thank you ;-) On Thu, Oct 3, 2013 at 8:47 PM, Rob Reynolds r...@puppetlabs.com wrote: This verifies for us that this is a gating issue. Would you feel comfortable helping us verify that we've fixed this issue for you? https://github.com/ferventcoder/facter/blob/874a5a96ac5fa778c50f1e93424850022b1756cf/lib/facter/util/ip/windows.rb#L46-L47 On Thu, Oct 3, 2013 at 1:42 PM, Christian Koep dert...@gmail.com wrote: Yes, thats all i got from *facter --trace --debug* On Thu, Oct 3, 2013 at 8:41 PM, Rob Reynolds r...@puppetlabs.com wrote: Was this the entire log (minus anything you feel sensitive)? On Thu, Oct 3, 2013 at 1:15 PM, cko dert...@gmail.com wrote: https://gist.github.com/anonymous/6814400 On Thursday, October 3, 2013 5:23:05 PM UTC+2, Rob Reynolds wrote: You should be able to run facter --trace --debug On Wed, Oct 2, 2013 at 5:18 PM, cko der...@gmail.com wrote: Hi Ethan, what's the exact command that i would have to use? On Wednesday, October 2, 2013 11:35:29 PM UTC+2, Ethan Brown wrote: Christian - I'm doing the final verification of our fix, and was hoping that I could get the output from Facter run by itself? On Fri, Sep 20, 2013 at 1:36 PM, Rob Reynolds r...@puppetlabs.comwrote: I would say with all of this in mind we move forward with a fix where we look to see that the network adapter itself is also enabled. This is laid out in the ticket that I noted earlier. On Fri, Sep 20, 2013 at 7:44 AM, Rich Siegel rism...@gmail.comwrote: Exchange DAG is essentially a cluster and the adapter in question the dag ip. My guess is the logic for adapters should be modded for when netconnectionid is not null. In general don't try to mess with hidden adapters on dags unless you understand ramifications. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@**googlegroups.**com. To post to this group, send email to puppet...@googlegroups.com. Visit this group at http://groups.google.com/**group** /puppet-users http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/**grou** ps/opt_out https://groups.google.com/groups/opt_out. -- Rob Reynolds Developer, Puppet Labs Join us at PuppetConf 2014, September 23-24 in San Francisco -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@**googlegroups.**com. To post to this group, send email to puppet...@googlegroups.com. Visit this group at http://groups.google.com/**group**/puppet-usershttp://groups.google.com/group/puppet-users . For more options, visit https://groups.google.com/**grou** ps/opt_out https://groups.google.com/groups/opt_out. -- -- Ethan Brown et...@puppetlabs.com Software Engineer *Join us at PuppetConf 2014, September 23-24 in San Francisco* -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@**googlegroups.com. To post to this group, send email to puppet...@googlegroups.com. Visit this group at http://groups.google.com/**group/puppet-usershttp://groups.google.com/group/puppet-users . For more options, visit https://groups.google.com/**groups/opt_outhttps://groups.google.com/groups/opt_out . -- Rob Reynolds Developer, Puppet Labs Join us at PuppetConf 2014, September 23-24 in San Francisco -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out. -- Rob Reynolds Developer, Puppet Labs Join us at PuppetConf 2014, September 23-24 in San Francisco -- You received this message because you are subscribed to a topic in the Google Groups Puppet Users group. To unsubscribe from this topic, visit https://groups.google.com/d/topic/puppet-users/_JSpNmSvg_I/unsubscribe. To unsubscribe from this group and all its topics, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group
Re: [Puppet Users] Re: [windows server 2008 r2] puppet errors in 3.3.0 on exchange database servers
Yes, thats all i got from *facter --trace --debug* On Thu, Oct 3, 2013 at 8:41 PM, Rob Reynolds r...@puppetlabs.com wrote: Was this the entire log (minus anything you feel sensitive)? On Thu, Oct 3, 2013 at 1:15 PM, cko dert...@gmail.com wrote: https://gist.github.com/anonymous/6814400 On Thursday, October 3, 2013 5:23:05 PM UTC+2, Rob Reynolds wrote: You should be able to run facter --trace --debug On Wed, Oct 2, 2013 at 5:18 PM, cko der...@gmail.com wrote: Hi Ethan, what's the exact command that i would have to use? On Wednesday, October 2, 2013 11:35:29 PM UTC+2, Ethan Brown wrote: Christian - I'm doing the final verification of our fix, and was hoping that I could get the output from Facter run by itself? On Fri, Sep 20, 2013 at 1:36 PM, Rob Reynolds r...@puppetlabs.comwrote: I would say with all of this in mind we move forward with a fix where we look to see that the network adapter itself is also enabled. This is laid out in the ticket that I noted earlier. On Fri, Sep 20, 2013 at 7:44 AM, Rich Siegel rism...@gmail.comwrote: Exchange DAG is essentially a cluster and the adapter in question the dag ip. My guess is the logic for adapters should be modded for when netconnectionid is not null. In general don't try to mess with hidden adapters on dags unless you understand ramifications. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@**googlegroups.**com. To post to this group, send email to puppet...@googlegroups.com. Visit this group at http://groups.google.com/**group**/puppet-usershttp://groups.google.com/group/puppet-users . For more options, visit https://groups.google.com/**grou**ps/opt_outhttps://groups.google.com/groups/opt_out . -- Rob Reynolds Developer, Puppet Labs Join us at PuppetConf 2014, September 23-24 in San Francisco -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@**googlegroups.**com. To post to this group, send email to puppet...@googlegroups.com. Visit this group at http://groups.google.com/**group**/puppet-usershttp://groups.google.com/group/puppet-users . For more options, visit https://groups.google.com/**grou**ps/opt_outhttps://groups.google.com/groups/opt_out . -- -- Ethan Brown et...@puppetlabs.com Software Engineer *Join us at PuppetConf 2014, September 23-24 in San Francisco* -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@**googlegroups.com. To post to this group, send email to puppet...@googlegroups.com. Visit this group at http://groups.google.com/**group/puppet-usershttp://groups.google.com/group/puppet-users . For more options, visit https://groups.google.com/**groups/opt_outhttps://groups.google.com/groups/opt_out . -- Rob Reynolds Developer, Puppet Labs Join us at PuppetConf 2014, September 23-24 in San Francisco -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out. -- Rob Reynolds Developer, Puppet Labs Join us at PuppetConf 2014, September 23-24 in San Francisco -- You received this message because you are subscribed to a topic in the Google Groups Puppet Users group. To unsubscribe from this topic, visit https://groups.google.com/d/topic/puppet-users/_JSpNmSvg_I/unsubscribe. To unsubscribe from this group and all its topics, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Howto model different stages
Hi all, I'm trying to find a nice way to model different stages (like: live, test, dev) of puppet modules. Initially I thought of different branches inside one (Git) repository... - either being checked out on one puppetmaster into different directories being used as different puppet environments - or being checked out on different puppetmasters but then colleagues of mine recently attended Citconf in Turin were somebody strongly recommended *not* to use puppet environments and/or branches. I'd like to understand how you solve(d) this. Thanks in advance, Christian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Vagrant+Puppet using RVM to install Apache2+Passenger fails
Anyone? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Vagrant+Puppet using RVM to install Apache2+Passenger fails
Hi all, hope to be on the right place here.. I'm playing with Vagrant and Puppet for a small Apache2+Passenger Server above ubuntu-precise-32. I like to get this working for a small group of developers. I confess, I didn't read the whole documentation about puppet, but I've browsed the whole Internet twice! ...about this problem. I only want to get this small environment working at the moment, so I don't want to spend much time in reading and coding examples. Maybe some of you can help me a bit. The manifest is working so far, but the Installation of passenger fails with this error: notice: /Stage[main]/Rvm::Passenger::Apache::Ubuntu::Post/File[/etc/apache2/mods-enabled/passenger.load]/ensure: created err: /Stage[main]/Apache::Service/Service[httpd]: Failed to call refresh: Could not start Service[httpd]: Execution of '/etc/init.d/apache2 start' returned 1: at /tmp/vagrant-puppet/modules-0/apache/manifests/service.pp:28 notice: /Stage[main]/Install-rvm/Rvm_gem[ruby-1.9.3-p448@mygemset/ruby-hmac]/ensure: created notice: /Stage[main]/Postconfig/Exec[use-rubyver]/returns: executed successfully notice: /Stage[main]/Postconfig/Exec[gemset-use]/returns: executed successfully err: /Stage[main]/Postconfig/Exec[passenger-install-apache]/returns: change from notrun to 0 failed: rvm gemset use mygemset passenger-install-apache2-module --auto returned 1 instead of one of [0] at /tmp/vagrant-puppet/manifests/development.pp:62 The passenger-install-apache2-module command runs smoothly if I fire it in a shell on the vagrant box. I think thats the problem for the first error. Apache cannot start because of the missing module. The manifest I use is this: http://pastie.org/private/xcsmy8b6lwivymegeqcrrw Thanks in advance! Chris -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Puppet, Facter, looping through IPs
Hello all, I am trying to set up ssh keys (sshkeys) for populate /etc/ssh/ssh_known_hosts. So far it works great, but I want to have aliases for all ips online on that host. Two problems: - The assumption is that the interface count and names are unknown. There can be one eth or many, none but a xapi device etc. There is, however, interfaces variable from facter, which holds all the interfaces. - I need to loop through the array and use the contents of that variable, ie: interfaces = eth0,eth1,lo,tun0 ipaddress = 46.229.47.132 ipaddress_eth0 = 46.229.47.132 ipaddress_eth1 = 10.1.0.2 ipaddress_lo = 127.0.0.1 ipaddress_tun0 = 10.10.0.1 So I would need to loop through interfaces, query the variable with the same name to get the ip address. All this by acoiding loopback. - I dont know a good way to then add all compiled aliases into sshkeys. Does anyone have a pointer / solution? Thank you for your help in advance, Chris. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Debugging Puppetmaster with Apache/Rack/Passenger
Did what you posted. Strange thing happened: nothing appears in the specified logdest. Instead: the (wanted) debug output it now sent to apache's error log! I have no idea what's going on - but at least I have the output I was looking for :-/ Thanks, Christian Am Mittwoch, 24. Juli 2013 09:42:14 UTC+2 schrieb Keith Burdis: I believe the --debug in config.ru sends output to syslog so either look in /var/log/messages (or similar) or specify a log destination filename like: ARGV --logdest /var/log/puppet/puppet-master.log - Keith On 23 Jul 2013 09:15, Christian Flamm christian...@gmail.comjavascript: wrote: Hi, I'm currently trying to debug a performance issue I'm having. Therefore I would need DEBUG output. When using one puppetmaster process, this is fairly easy by starting it like this: puppet master --no-daemonize --debug Now I need to see this debug output when running puppetmaster the way I ususally do - using Apache/Rack/Passenger. After looking around a bit in the vhost config file cat /etc/httpd/conf.d/puppetmaster.conf LoadModule passenger_module /usr/lib/ruby/gems/1.8/gems/passenger-4.0.10/buildout/apache2/mod_passenger.so PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-4.0.10 PassengerDefaultRuby /usr/bin/ruby # TODO evaluate benefit of ThrottleRate PassengerStatThrottleRate 120 PassengerHighPerformance On PassengerMaxPoolSize 12 PassengerMaxRequests 1000 PassengerPoolIdleTime 600 Listen 8140 VirtualHost *:8140 SSLEngine On # Only allow high security cryptography. Alter if needed for compatibility. SSLProtocol All -SSLv2 SSLCipherSuite HIGH:!ADH:RC4+RSA:-MEDIUM:-LOW:-EXP SSLCertificateFile /var/lib/puppet/ssl/certs/puppetmaster .pem SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/ puppetmaster.pem SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem SSLCACertificateFile/var/lib/puppet/ssl/ca/ca_crt.pem SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem SSLVerifyClient optional SSLVerifyDepth 1 SSLOptions +StdEnvVars +ExportCertData # These request headers are used to pass the client certificate # authentication information on to the puppet master process RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e DocumentRoot /usr/share/puppet/rack/puppetmasterd/public/ Directory /usr/share/puppet/rack/puppetmasterd/ Options None AllowOverride None Order Allow,Deny Allow from All /Directory /VirtualHost I had a look at /usr/share/puppet/rack/puppetmasterd/config.ru which contains this: [snippet] # if you want debugging: # ARGV --debug ... so I enabled it. But this actually only gives me extra lines I believe belong to INFO log level: Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[^/catalog/([^/]+)$]) allowing 'method' find Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[^/catalog/([^/]+)$]) allowing $1 access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[^/node/([^/]+)$]) allowing 'method' find Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[^/node/([^/]+)$]) allowing $1 access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate_revocation_list/ca]) allowing 'method' find Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate_revocation_list/ca]) allowing * access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/report]) allowing 'method' save Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/report]) allowing * access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/file]) allowing * access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate/ca]) adding authentication any Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate/ca]) allowing 'method' find Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate/ca]) allowing * access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate/]) adding authentication any Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate/]) allowing 'method' find Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate/]) allowing * access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate_request]) adding authentication any Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate_request]) allowing 'method
Re: [Puppet Users] Debugging Puppetmaster with Apache/Rack/Passenger
Debug output is sent to Apache error log, because of missing permissions to write to the defined logdest. So - bottom line - thanks for your reply, --logdest is necessary. Without it debug output is (per default) not sent to /var/log/messages. Am Mittwoch, 24. Juli 2013 09:59:40 UTC+2 schrieb Christian Flamm: Did what you posted. Strange thing happened: nothing appears in the specified logdest. Instead: the (wanted) debug output it now sent to apache's error log! I have no idea what's going on - but at least I have the output I was looking for :-/ Thanks, Christian Am Mittwoch, 24. Juli 2013 09:42:14 UTC+2 schrieb Keith Burdis: I believe the --debug in config.ru sends output to syslog so either look in /var/log/messages (or similar) or specify a log destination filename like: ARGV --logdest /var/log/puppet/puppet-master.log - Keith On 23 Jul 2013 09:15, Christian Flamm christian...@gmail.com wrote: Hi, I'm currently trying to debug a performance issue I'm having. Therefore I would need DEBUG output. When using one puppetmaster process, this is fairly easy by starting it like this: puppet master --no-daemonize --debug Now I need to see this debug output when running puppetmaster the way I ususally do - using Apache/Rack/Passenger. After looking around a bit in the vhost config file cat /etc/httpd/conf.d/puppetmaster.conf LoadModule passenger_module /usr/lib/ruby/gems/1.8/gems/passenger-4.0.10/buildout/apache2/mod_passenger.so PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-4.0.10 PassengerDefaultRuby /usr/bin/ruby # TODO evaluate benefit of ThrottleRate PassengerStatThrottleRate 120 PassengerHighPerformance On PassengerMaxPoolSize 12 PassengerMaxRequests 1000 PassengerPoolIdleTime 600 Listen 8140 VirtualHost *:8140 SSLEngine On # Only allow high security cryptography. Alter if needed for compatibility. SSLProtocol All -SSLv2 SSLCipherSuite HIGH:!ADH:RC4+RSA:-MEDIUM:-LOW:-EXP SSLCertificateFile /var/lib/puppet/ssl/certs/puppetmaster .pem SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/ puppetmaster.pem SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem SSLCACertificateFile/var/lib/puppet/ssl/ca/ca_crt.pem SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem SSLVerifyClient optional SSLVerifyDepth 1 SSLOptions +StdEnvVars +ExportCertData # These request headers are used to pass the client certificate # authentication information on to the puppet master process RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e DocumentRoot /usr/share/puppet/rack/puppetmasterd/public/ Directory /usr/share/puppet/rack/puppetmasterd/ Options None AllowOverride None Order Allow,Deny Allow from All /Directory /VirtualHost I had a look at /usr/share/puppet/rack/puppetmasterd/config.ru which contains this: [snippet] # if you want debugging: # ARGV --debug ... so I enabled it. But this actually only gives me extra lines I believe belong to INFO log level: Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[^/catalog/([^/]+)$]) allowing 'method' find Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[^/catalog/([^/]+)$]) allowing $1 access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[^/node/([^/]+)$]) allowing 'method' find Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[^/node/([^/]+)$]) allowing $1 access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate_revocation_list/ca]) allowing 'method' find Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate_revocation_list/ca]) allowing * access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/report]) allowing 'method' save Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/report]) allowing * access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/file]) allowing * access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate/ca]) adding authentication any Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate/ca]) allowing 'method' find Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate/ca]) allowing * access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate/]) adding authentication any Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate/]) allowing 'method' find Jul 22 17
[Puppet Users] Debugging Puppetmaster with Apache/Rack/Passenger
Hi, I'm currently trying to debug a performance issue I'm having. Therefore I would need DEBUG output. When using one puppetmaster process, this is fairly easy by starting it like this: puppet master --no-daemonize --debug Now I need to see this debug output when running puppetmaster the way I ususally do - using Apache/Rack/Passenger. After looking around a bit in the vhost config file cat /etc/httpd/conf.d/puppetmaster.conf LoadModule passenger_module /usr/lib/ruby/gems/1.8/gems/passenger-4.0.10/buildout/apache2/mod_passenger.so PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-4.0.10 PassengerDefaultRuby /usr/bin/ruby # TODO evaluate benefit of ThrottleRate PassengerStatThrottleRate 120 PassengerHighPerformance On PassengerMaxPoolSize 12 PassengerMaxRequests 1000 PassengerPoolIdleTime 600 Listen 8140 VirtualHost *:8140 SSLEngine On # Only allow high security cryptography. Alter if needed for compatibility. SSLProtocol All -SSLv2 SSLCipherSuite HIGH:!ADH:RC4+RSA:-MEDIUM:-LOW:-EXP SSLCertificateFile /var/lib/puppet/ssl/certs/puppetmaster.pem SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/ puppetmaster.pem SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem SSLCACertificateFile/var/lib/puppet/ssl/ca/ca_crt.pem SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem SSLVerifyClient optional SSLVerifyDepth 1 SSLOptions +StdEnvVars +ExportCertData # These request headers are used to pass the client certificate # authentication information on to the puppet master process RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e DocumentRoot /usr/share/puppet/rack/puppetmasterd/public/ Directory /usr/share/puppet/rack/puppetmasterd/ Options None AllowOverride None Order Allow,Deny Allow from All /Directory /VirtualHost I had a look at /usr/share/puppet/rack/puppetmasterd/config.ru which contains this: [snippet] # if you want debugging: # ARGV --debug ... so I enabled it. But this actually only gives me extra lines I believe belong to INFO log level: Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[^/catalog/([^/]+)$]) allowing 'method' find Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[^/catalog/([^/]+)$]) allowing $1 access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[^/node/([^/]+)$]) allowing 'method' find Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[^/node/([^/]+)$]) allowing $1 access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate_revocation_list/ca]) allowing 'method' find Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate_revocation_list/ca]) allowing * access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/report]) allowing 'method' save Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/report]) allowing * access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/file]) allowing * access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate/ca]) adding authentication any Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate/ca]) allowing 'method' find Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate/ca]) allowing * access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate/]) adding authentication any Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate/]) allowing 'method' find Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate/]) allowing * access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate_request]) adding authentication any Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate_request]) allowing 'method' find Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate_request]) allowing 'method' save Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/certificate_request]) allowing * access Jul 22 17:17:47 puppetmaster puppet-master[22132]: (access[/]) adding authentication any Jul 22 17:17:47 puppetmaster puppet-master[22132]: Inserting default '~ ^/report/([^/]+)$' (auth true) ACL Jul 22 17:17:47 puppetmaster puppet-master[22132]: Inserting default '/status' (auth true) ACL All the DEBUG lines I'm used to (e.g. Debug: PROFILE...) are missing - but they are there using puppet master --no-daemonize --debug. What am I doing wrong? Thanks in advance. -- You received this
[Puppet Users] What's the benefit of Virtual Resources?
Hi, I'm having trouble understanding the added value Virtual Resources provide. Let's say I'm having two different modules (that usually are assigned to different agents) that both contain a common resource (let's say a user). If I want to easily make it possible to assign both modules to the same agent - without suffering from the duplicate resource declaration error - I could make the resource definition virtual and realize it in different modules. See this simplified example. cat $modulesdir/virtual/manifests/init.pp class virtual { @user { 'admin': ensure = present } } cat $modulesdir/mailserver/manifests/init.pp class mailserver { realize(User['admin']) # some more mailserver stuff... } cat $modulesdir/webserver/manifests/init.pp class webserver { realize(User['admin']) # some more webserver stuff... } cat $manifestsdir/nodes.pp node /somenode/ { include virtual include mailserver include webserver } My question: How is that different, more convenient or more flexible than extracting that admin user into its own module? Like that: cat $modulesdir/adminuser/manifests/init.pp class adminuser { user { 'admin': ensure = present } } cat $modulesdir/mailserver/manifests/init.pp class mailserver { # some more mailserver stuff... } cat $modulesdir/webserver/manifests/init.pp class webserver { # some more webserver stuff... } cat $manifestsdir/nodes.pp node /somenode/ { include adminuser include mailserver include webserver } I guess I'm missing something here, or I'm using it wrong. Your help is highly appreciated, thanks in advance, Christian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] What's the benefit of Virtual Resources?
Am Freitag, 12. Juli 2013 17:03:11 UTC+2 schrieb Nan Liu: On Fri, Jul 12, 2013 at 7:45 AM, Christian Flamm christian...@gmail.comjavascript: wrote: Hi, I'm having trouble understanding the added value Virtual Resources provide. Let's say I'm having two different modules (that usually are assigned to different agents) that both contain a common resource (let's say a user). If I want to easily make it possible to assign both modules to the same agent - without suffering from the duplicate resource declaration error - I could make the resource definition virtual and realize it in different modules. See this simplified example. cat $modulesdir/virtual/manifests/init.pp class virtual { @user { 'admin': ensure = present } } cat $modulesdir/mailserver/manifests/init.pp class mailserver { realize(User['admin']) # some more mailserver stuff... } cat $modulesdir/webserver/manifests/init.pp class webserver { realize(User['admin']) # some more webserver stuff... } cat $manifestsdir/nodes.pp node /somenode/ { include virtual include mailserver include webserver } My question: How is that different, more convenient or more flexible than extracting that admin user into its own module? Like that: cat $modulesdir/adminuser/manifests/init.pp class adminuser { user { 'admin': ensure = present } } cat $modulesdir/mailserver/manifests/init.pp class mailserver { # some more mailserver stuff... } cat $modulesdir/webserver/manifests/init.pp class webserver { # some more webserver stuff... } cat $manifestsdir/nodes.pp node /somenode/ { include adminuser include mailserver include webserver } I guess I'm missing something here, or I'm using it wrong. Your help is highly appreciated, In this simple case no, but think of a vinn diagram with overlapping groups (such as user belonging to dbadmin/webadmin and two different teams of dbadmin webadmin). You can easily realize virtual resource by tags, but not so easy by splitting to class dbadmin/webadmin/db_and_webadmin ... HTH, Nan Do you mean something like this? cat $modulesdir/virtual/manifests/init.pp class virtual { @user { ['a', 'b', 'c', 'd']: ensure = present } } cat $modulesdir/mailserver/manifests/init.pp class mailserver { realize(User['a'], User['b'], User['c']) # some more mailserver stuff... } cat $modulesdir/webserver/manifests/init.pp class webserver { realize(User['b'], User['c'], User['d']) # some more webserver stuff... } cat $manifestsdir/nodes.pp node /somenode/ { include virtual include mailserver include webserver } -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] puppet: 3.1.1 - 3.2.1 load increase
Forgot to say this explicitly: config_retrieval times (guess this includes catlog compilation) on the agents explode. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Nagios Puppet
Hello folks, I am currently using Puppet to forge the nagios configuration files. Using exported ressources it really works well - to a point. The one thing I am banging my head against is the service definitions. The services use stuff like remote-nrpe-zombie-procs, which of course, is not defined anywhere: define service { ## --PUPPET_NAME-- (called '_naginator_name' in the manifest)check_zombie_procs_gaming useremote-nrpe-zombie-procs host_name gaming.alpha-labs.net } So far I am letting puppet generate the three configs: nagios_host.cfg nagios_hostextinfo.cfg nagios_service.cfg Tho for this to work I would need a corresponding commands.cfg and all the Howtos out there do not seem to have my problem. The important snipplet from my config would be this: Nagios_host || { require = File[resource-d], notify = Service[icinga], } Nagios_service || { require = File[resource-d], notify = Service[icinga], } Nagios_hostextinfo || { require = File[resource-d], notify = Service[icinga], } Nagios_command || { require = File[resource-d], notify = Service[icinga], } After banging my head for 3 evenings on this I really need your help. Thanks for any pointers. -Chris. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] puppet: 3.1.1 - 3.2.1 load increase
Forgot to enable email notification here. Decided to go back to 3.1.1 a week ago. Will upgrade again to provide more specific load information. Thx! You have to be a little bit more specific. Is load only CPU related, or I/O? Also, what do the log say? 3.2 pushes lots of notices about syntax obsolescence in the logs... -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] puppet: 3.1.1 - 3.2.1 load increase
Hi, I recently updated from puppet 3.1.1 to 3.2.1 and noticed quite a bit of increased load on the puppetmaster machine. I'm using the Apache/passenger/rack way of puppetmastering. Main symptom is: higher load on puppetmaster machine (8 cores): - 3.1.1: around 4 - 3.2.1: around 9-10 Any idea why there's more load on the machine with 3.2.1? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Variable re-use, override, inherit and include
Thx, maybe this was a little too straight from the hip... BTW: I've tried it - it even worked... but I see that's probably caused by a lot of strange luck... Subclasses can never 'override' ancestor class variables. They can partially *hide* them within their own scope by declaring a same-named local variable, but that has no effect on what the parent class or any other sees as the value of the parent-class variable. Interesting objection - that's actually what I meant saying override. Let's try something else: There's a module module_x and these directories: $moduledir/module_x/manifests/ and there's an init.pp with this content: class module_x { include module_x::child include module_x::another_child include module_x::another_child2 include module_x::another_child3 ... } There's also a file 'constant.pp' containing this class module_x::constant { $var = 'value' } Class module_x::constant is not included. Classes like module_x::child should be able to inherit the default value of $var but also be able to hide it within their own scope by declaring a same-named local variable. It would look like this: class module_x::child inherits module_x::constant { // wants to use a default value for $var but should be able to hide it within their own scope. } Something wrong with that? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Variable re-use, override, inherit and include
Sorry, wasn't able to format it properly... formatting it had no effect. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Variable re-use, override, inherit and include
Hi, a question regarding combining *inherit* and *include*: I have variable(s) defined in a father class and child classes should access these - but there should always be the possibility to override the default value. Let's assume this scenario: There's a module module_x and these directories: $moduledir/module_x/manifests/ and there's an init.pp with this content: class module_x { $var = 'value' include module_x::child include module_x::another_child include module_x::another_child2 include module_x::another_child3 ... } Class module_x::child in file child.pp should be able to use $var with its default value - but should also be allowed to override it. It would look like this: class module_x::child inherits module_x { // wants to use a default value for $var but should be able to override it. } Question: Is there somehow a problem that class child inherits class module_x *with all its many includes*? Thanks in advance, Christian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Defining custom resource types wrapping exec resources and using optional “unless”
The following code example is purely academical but it illustrates my question pretty well. define touch($file=$title, $unless='/bin/false') { exec { /bin/touch ${file}: unless = $unless } } If I define my own resource type that wraps another *exec* resource and I want to *add an optional unless condition* that I - if set - pass to the optional unless condiftion of *exec* - do I have to preset the field with '/bin/false'? My understanding is that for each catalog run and all uses of this custom ressource type this resource's unless check will then spawn a bash process running '/bin/false' if the unless field of touch hasn't been set . What I actually intend is not to do any unless check at all if the field hasn't been set - including calling /bin/false. Any thoughts? Thanks! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Defining custom resource types wrapping exec resources and using optional “unless”
Never heard of *undef *before - sounds great! Thanks -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Could not find class hiccups *often* once after manifest/module changes
Hi, I’ve got no idea if this is a bug or some kind of misuse/misconfiguration. Hope somebody can help. Thanks! If I change a file in a module or manifest directory this *often* results in errors, mostly of the following kinds - Could not find class for on node - Cannot find definition Class on node These errors occur when puppet modules/manifests are changed – but it happens only once. If it happens affected puppet agents will use their cached catalog once. *The next time these agents request a catalog it is compiled flawlessly and everything will work like a charm* – all errors are gone. Problem is we have agents with large catalogs. Their catalog runs can take up to over a minute and so the time it takes for a change to be applied will then be doubled to take up to 2 or even 3 minutes. Usually changes of modules/manifests are performed by “git pull”. But it’s easy to reproduce these error messages by simple “touch” operations. Here are some interesting log observations and their [commonness]. Yes AFAICS they always appear in triplets. It rarely happens that there are no problems at all after a modification. touch /opt/xxx/dev/puppet/manifests/site.pp [often] puppet-master[12498]: Could not find class class for node on node [often] puppet-master[12498]: Could not find class class for node on node [often] puppet-master[12498]: Could not find class class for node on node touch /opt/xxx/dev/puppet/puppet.conf [often] puppet-master[12498]: Could not find class class for nodeY on node [often] puppet-master[12498]: Could not find class class for nodeY on node [often] puppet-master[12498]: Could not find class class for nodeY on node [sometimes] puppet-master[12498]: Cannot find definition Class on node node [sometimes] puppet-master[12498]: Cannot find definition Class on node node [sometimes] puppet-master[12498]: Cannot find definition Class on node node [rare] puppet-master[12498]: Puppet::Parser::AST::Resource failed with error ArgumentError: Invalid resource type own custom type at class file on node node [rare] puppet-master[12498]: Puppet::Parser::AST::Resource failed with error ArgumentError: Invalid resource type own custom type at class file on node node [rare] puppet-master[12498]: Puppet::Parser::AST::Resource failed with error ArgumentError: Invalid resource type own custom type at class file on node node touch /opt/xxx/dev/puppet/modules/dispatcher/manifests/init.pp [often] puppet-master[12498]: Could not find class class not even part of module dispatcher for node not even affected by module dispatcher on node not even... [often] puppet-master[12498]: Could not find class class not even part of module dispatcher for node not even affected by module dispatcher on node not even... [often] puppet-master[12498]: Could not find class class not even part of module dispatcher for node not even affected by module dispatcher on node not even... Affected classes and nodes seem to be randomly chosen. Environment this runs in: ll /etc/puppet lrwxrwxrwx 1 root root 34 Mar 7 10:01 auth.conf - /opt/xxx/dev/puppet/auth.conf lrwxrwxrwx 1 root root 38 Mar 7 10:01 autosign.conf - /opt/xxx/dev/puppet/autosign.conf lrwxrwxrwx 1 root root 40 Mar 7 10:01 fileserver.conf - /opt/xxx/dev/puppet/fileserver.conf lrwxrwxrwx 1 root root 36 Mar 7 10:01 puppet.conf - /opt/xxx/dev/puppet/puppet.conf ls -A /opt/xxx/dev/puppet/ auth.conf autosign.conf fileserver.conf .git .gitignore manifests modules .project puppet.conf scripts cat /etc/puppet/puppet.conf # on puppetmaster [main] logdir = /var/log/puppet rundir = /var/run/puppet ssldir = $vardir/ssl modulepath = /opt/xxx/dev/puppet/modules manifestdir = /opt/xxx/dev/puppet/manifests manifest = /opt/xxx/dev/puppet/manifests/site.pp [agent] classfile = $vardir/classes.txt localconfig = $vardir/localconfig server = puppetmaster host report = true splaylimit = 0 runinterval = 30 [master] certname=puppetmaster host reports = http,log reportdir = /var/lib/puppet/reports/upload reporturl = http://puppetmaster host:3000/reports cat /opt/xxx/dev/puppet/manifests/site.pp import 'nodes.pp' $puppetserver = puppetmaster host rpm -qa | egrep puppet|ruby rubygem-rake-0.8.7-2.1.el6.noarch ruby-mysql-2.8.2-1.el6.x86_64 libselinux-ruby-2.0.94-5.3.el6.x86_64 puppet-3.1.0-1.el6.noarch rubygem-fastthread-1.0.7-2.el6.x86_64 rubygem-mongrel-1.1.5-3.el6.x86_64 ruby-1.8.7.352-7.el6_2.x86_64 ruby-irb-1.8.7.352-7.el6_2.x86_64 ruby-augeas-0.4.1-1.el6.x86_64 ruby-shadow-1.4.1-13.el6.x86_64 puppetlabs-release-6-6.noarch rubygems-1.3.7-1.el6.noarch puppet-server-3.1.0-1.el6.noarch rubygem-gem_plugin-0.2.3-3.el6.noarch rubygem-daemons-1.0.10-2.el6.noarch puppet-dashboard-1.2.22-1.el6.noarch ruby-libs-1.8.7.352-7.el6_2.x86_64 ruby-rdoc-1.8.7.352-7.el6_2.x86_64 rubygem-json-1.4.6-1.el6.x86_64 -- You
Re: [Puppet Users] Could not find class hiccups *often* once after manifest/module changes
Hi David, thanks for your answer! I only have the 'nodes.pp' import: egrep -R import[ \t] /opt/xxx/dev/puppet/ /opt/xxx/dev/puppet/manifests/site.pp:import 'nodes.pp' Must I get rid of this? Best Regards, Christian Hi, I've reported a similar issue recently here: https://projects.puppetlabs.com/issues/19638 I've tracked my problem to overshooting use of import calls in modules. You might want to check if you're hitting the same bug. Best Regards, David -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Could not find class hiccups *often* once after manifest/module changes
/server.rb:104:in `start' /usr/lib/ruby/site_ruby/1.8/puppet/daemon.rb:136:in `start' /usr/lib/ruby/site_ruby/1.8/puppet/application/master.rb:207:in `main' /usr/lib/ruby/site_ruby/1.8/puppet/application/master.rb:157:in `run_command' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:364:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:456:in `plugin_hook' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:364:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/util.rb:504:in `exit_on_fail' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:364:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/util/command_line.rb:132:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/util/command_line.rb:86:in `execute' /usr/bin/puppet:4 In /usr/lib/ruby/site_ruby/1.8/puppet/parser/compiler.rb:168 error Puppet::Error, Could not find class #{name} for #{node.name} is raised because a couple of lines above a check if klass = scope.find_hostclass(name, :assume_fqname = fqname) fails, see: def evaluate_classes(classes, scope, lazy_evaluate = true, fqname = false) #Puppet.info classes raise Puppet::DevError, No source for scope passed to evaluate_classes unless scope.source class_parameters = nil # if we are a param class, save the classes hash # and transform classes to be the keys if classes.class == Hash class_parameters = classes classes = classes.keys end classes.each do |name| # If we can find the class, then make a resource that will evaluate it. if klass = scope.find_hostclass(name, :assume_fqname = fqname) ### -- This check fails # If parameters are passed, then attempt to create a duplicate resource # so the appropriate error is thrown. if class_parameters resource = klass.ensure_in_catalog(scope, class_parameters[name] || {}) else next if scope.class_scope(klass) resource = klass.ensure_in_catalog(scope) end # If they've disabled lazy evaluation (which the :include function does), # then evaluate our resource immediately. resource.evaluate unless lazy_evaluate else raise Puppet::Error, Could not find class #{name} for #{node.name} ### --- Here error is raised end end end in /usr/lib/ruby/site_ruby/1.8/puppet/parser/scope.rb:134 def find_hostclass(name, options = {}) known_resource_types.find_hostclass(namespaces, name, options) end in /usr/lib/ruby/site_ruby/1.8/puppet/resource/type_collection.rb:114 def find_hostclass(namespaces, name, options = {}) find_or_load(namespaces, name, :hostclass, options) end in /usr/lib/ruby/site_ruby/1.8/puppet/resource/type_collection.rb:197 # Resolve namespaces and find the given object. Autoload it if # necessary. def find_or_load(namespaces, name, type, options = {}) searchspace = options[:assume_fqname] ? [name].flatten : resolve_namespaces(namespaces, name) searchspace.each do |fqname| result = send(type, fqname) unless result # do not try to autoload if we already tried and it wasn't conclusive # as this is a time consuming operation. unless @notfound[fqname] result = loader.try_load_fqname(type, fqname) @notfound[fqname] = result.nil? end end return result if result end return nil end Am Freitag, 8. März 2013 11:08:57 UTC+1 schrieb David Schmitt: On 08.03.2013 10:33, christian...@gmail.com javascript: wrote: Hi David, thanks for your answer! I only have the 'nodes.pp' import: egrep -R import[ \t] /opt/xxx/dev/puppet/ /opt/xxx/dev/puppet/manifests/site.pp:import 'nodes.pp' Must I get rid of this? You might want to run the puppetmaster from the shell with debugging enabled (--no-daemonize --masterport --verbose --debug) and post the resulting log when you run an agent against that (--masterport --test). In my case the puppet master actually loads the file which contains the class, but fails to correctly register the contained class until the next run. I only observed (and tested) that with parameterized classes. D. Best Regards, Christian Hi, I've reported a similar issue recently here: https://projects.puppetlabs.com/issues/19638 https://projects.puppetlabs.com/issues/19638 I've tracked my problem to overshooting use of import calls in modules. You might want to check if you're hitting the same bug. Best Regards, David -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com javascript:. To post to this group, send email to puppet...@googlegroups.comjavascript:. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options
[Puppet Users] Usage of puppet to deploy and configuration manage software patches
I have some questions in terms of how to use puppet of configuration management for software patches. My previous approach was it to create a puppet module for each patch ... Like Patch1 includes (FileA, FileB, FileC), Patch2 includes (FileD, FileE)... So far so good and that works but now i have to create a Patch3 with lets say FileF and FileA included. As you can see there will be a puppet conflict as i can't deploy the same files within different modules. What is the right architecture and method to manage software patches? Is it to use rpms instead of? Or are there other ideas how to manage that with puppet. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/YNceAdQNZr4J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Puppet 3.0 on Debian Lenny
Felipe, Perhaps you can answer a question for me, I am in a similar boat as you with having to continue to support Lenny after EOL. I am trying to install puppet but I have an unmet dependency of libaugeas0. It appears that only version 0.2.2-1 is in the backports repository on archive.debian.org, and puppet from apt.puppetlabs.com requires version 0.6.0. What did you have to do to get this dependency met? Thanks for your help, Christian On Tuesday, October 9, 2012 12:29:22 PM UTC-6, Felipe Salum wrote: Hi guys. I don't see the latest puppet 3.0 on the puppetlabs debian repository for lenny and also the latest puppet dashboard. Aren't you guys adding the new versions to the deprecated Debian Lenny anymore ? Can I grab the puppet 3.0 agent from squeeze to use on Lenny ? Regards, Felipe -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/_EVTTDOUqkYJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Puppet 3.0 on Debian Lenny
Felipe, Thanks for the information, I will give this a shot! Cheers, Christian On Friday, October 12, 2012 3:46:18 PM UTC-6, Felipe Salum wrote: Hi Christian, My libaugeas0 is 0.7.2 from backports: http://archive.debian.org/debian-backports/pool/main/a/augeas/libaugeas0_0.7.2-1~bpo50+1_amd64.deb Install puppet from backports first so it will bring all the dependencies, then upgrade to puppet from puppetlabs. That is how I do on Lenny. apt-get -t lenny-backports install -y puppet apt-get -t puppetlabs install -y puppet Regards, Felipe On Friday, October 12, 2012 9:40:45 AM UTC-7, Christian Page wrote: Felipe, Perhaps you can answer a question for me, I am in a similar boat as you with having to continue to support Lenny after EOL. I am trying to install puppet but I have an unmet dependency of libaugeas0. It appears that only version 0.2.2-1 is in the backports repository on archive.debian.org, and puppet from apt.puppetlabs.com requires version 0.6.0. What did you have to do to get this dependency met? Thanks for your help, Christian On Tuesday, October 9, 2012 12:29:22 PM UTC-6, Felipe Salum wrote: Hi guys. I don't see the latest puppet 3.0 on the puppetlabs debian repository for lenny and also the latest puppet dashboard. Aren't you guys adding the new versions to the deprecated Debian Lenny anymore ? Can I grab the puppet 3.0 agent from squeeze to use on Lenny ? Regards, Felipe -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/QnBBgfqSY2kJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] install vmware tools through puppet
I've done something similar using the open-vm package on debian hosts. On Saturday, September 22, 2012 3:06:10 PM UTC-5, Alan Evans wrote: I believe the open-vm-tools at http://packages.vmware.com/tools are ESX host version agnostic. We pull the rhel 4-6 repos into RHN satellite and just use puppet ensure the latest is installed. If you do t use satellite you could just clone the repo and configure yum on the clients. Packages are available for RHEL, SuSE and deb at least. -Alan On Sep 22, 2012 3:25 PM, Hai Tao eha...@gmail.com javascript: wrote: It is a useful tool. However, the difficulty is that our ENV has multiple versions of ESX hosts, 3.5, 4.1 and 5.0. The guest OS has no clue what version of ESX it is running on, so how can puppet server push a correct version of vmware tools to a client? On Sat, Sep 22, 2012 at 11:20 AM, Michael Stahnke sta...@puppetlabs.com javascript: wrote: On Fri, Sep 21, 2012 at 6:48 PM, Jakov Sosic jso...@srce.hrjavascript: wrote: On 09/19/2012 11:55 PM, Hai Tao wrote: There seems to be a few vmware tools installation modules. Has someone used these modules to install VMware tools? Searching http://forge.puppetlabs.com ... NAMEDESCRIPTION AUTHORKEYWORDS vchoi-vmwarePuppet module to handle installation, upgrade and reconfiguration of vmware tools on vmware virtual nodes. @vchoivirtualization vmware vmware-tools vmware_tools vmtools razorsedge-vmwaretools Puppet VMware Tools OSP Module @razorsedge vmware vmware-tools vmware_tools vmtools rhel CentOS SuSE OEL puppetlabs-vcenter VMware vCenter installation and management @puppetlabs windows vmware vcenter vsphere 5UbZ3r0-vmwaretools This module handles the installation the VMware Tools Operating System Specific @5UbZ3r0 debian virtualization rhel CentOS vmware vmware-tools vmwaretools puppetlabs-appdirector # VMware vFabric Application Directorâ ¢ Puppet Service @puppetlabs vmware How well does it work? It seems that nobody tried this already. I'm interested too... -- Jakov Sosic www.srce.unizg.hr -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet...@googlegroups.comjavascript: . To unsubscribe from this group, send email to puppet-users...@googlegroups.com javascript:. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. I don't know that I would endorse one over another, but Puppet Labs did a module of the week post about one of them. http://puppetlabs.com/blog/module-of-the-week-razorsedge-vmwaretools/ That might be a good starting point. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet...@googlegroups.comjavascript: . To unsubscribe from this group, send email to puppet-users...@googlegroups.com javascript:. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Hai Tao -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet...@googlegroups.comjavascript: . To unsubscribe from this group, send email to puppet-users...@googlegroups.com javascript:. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/FTYloCumctkJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
RE: [Puppet Users] puppet client could not request certificate: Error 500 on SERVER
Have you confirmed that puppet master is running as user = puppet? On the master check: puppet --genconfig|grep user Mark From: puppet-users@googlegroups.com [mailto:puppet-users@googlegroups.com] On Behalf Of Jo Rhett Sent: Monday, August 20, 2012 1:03 PM To: puppet-users@googlegroups.com Subject: Re: [Puppet Users] puppet client could not request certificate: Error 500 on SERVER You should spend some time and determine how and why that is happening. I can assure you that it's not normal, so this is something specific to some custom code on your site. On Aug 19, 2012, at 10:56 AM, Stuart Cracraft wrote: I am seriously thinking of putting those recursive chown's in root crontab on puppet masters and puppet agents for /etc/puppet* and /var/lib/puppet* I shouldn't have to do this but have seen cases of ownership reversion. --Stuart Via Apple iPhone 4S on the ATT Wireless Network On Aug 13, 2012, at 3:04 AM, Frederik Vos inktvi...@gmail.com wrote: For the people still looking for an answer: chown -R puppet:puppet /var/lib/puppet/reports Op woensdag 30 maart 2011 21:02:43 UTC+2 schreef hyzhang het volgende: Thank. I am pasting the entire message here: Mar 30 14:01:04 puppetclient1 puppet-agent[28571]: Could not request certificate: Error 500 on SERVER: !DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01//EN http://www.w3.org/TR/html4/strict.dtd; html head meta http-equiv=Content-Type content=text/html; charset=UTF-8 meta name=generator content=Phusion Passenger titleRuby (Rack) application could not be started/ title style type=text/css body { font- family: Verdana, 'Bitstream Vera Sans', Arial, Sans-Serif; font-size: 10pt;background: white; color: #22; margin: 0; padding-top: 3em; padding- bottom: 3em;padding-left: 4.5em;padding-right: 4.5em; } h1 { font-size: 17pt;font-weight: medium;color: #533e72; border-bottom: 1px solid #533e72; } h1.title { margin-top: 0; } h1.error_title { color: red; border-bottom: 1px solid red; } a {text-decoration: none; } a:hover { text-decoration: underline; } dt { font-weight: bold; color: #280050; } dd { margin-top: 0.5em; margin-bottom: 1em; } .commands { border: 1px Somehow I am able to get the certificate for the client. Since above error message says Ruby (Rack) application could not be started, I did #rackup /usr/share/puppet/rack/puppetmasterd/config.ru Then I see the rack process on puppet server #ps -ef|grep rack puppet 27140 1 0 14:21 ?00:00:00 Rack: /usr/share/ puppet/rack/puppetmasterd From then on the server is able to receive the client certificate request and sign it. Do I have to start the rack manually in a manner like that? I thought if I start httpd service, it would start rack automatically. I am still not sure if I did everything right. Thanks, -Haiyan On Mar 30, 2:38 pm, Hugo Cisneiros (Eitch) hugo.cisnei...@gmail.com wrote: On Wed, Mar 30, 2011 at 3:00 PM, hyzhang hyzh...@jcvi.org wrote: Hi, I am new to puppet. I have puppet server set up with passenger. But when I start puppetd from client, I see following error in the syslog file: Mar 30 13:52:03 puppetclient1 puppet-agent[29732]: Could not request certificate: Error 500 on SERVER: !DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01//EN http://www.w3.org/TR/html4/strict.dtd; html head meta http-equiv=Content-Type content=text/html; charset=UTF-8 meta name=generator content=Phusion Passenger titleRuby (Rack) application could not be started/ title You didn't paste the most important part of the error. Thie page ruby/rack generates usually have some pretty useful information in an error field. Like a module missing on an import/require, permission problems, and so on. Please identify and post the error so we can be helpful :) -- []'s Hugowww.devin.com.br -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/ltKL6JvCWQEJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Jo Rhett Net Consonance : net philanthropy to improve open source and internet projects. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to
RE: [Puppet Users] newish puppet on RHEL4 and/or SLES9?
I'm not running newish puppet on rhel/cent 4, but the 0.25.6 EPEL packages seem to work well enough with my puppet master that runs 2.7.18. -Original Message- From: puppet-users@googlegroups.com [mailto:puppet-users@googlegroups.com] On Behalf Of Jason Antman Sent: Wednesday, August 15, 2012 7:42 AM To: puppet-users@googlegroups.com Subject: [Puppet Users] newish puppet on RHEL4 and/or SLES9? I'm in the process of building out a new puppet master and pulling our existing/legacy infrastructure into Puppet control for the basic system-level stuff (mail, syslog, sudo, ssh, etc.). Unfortunately, the directive from on high is that all of our hosts need to be managed by the same system. That list is about 95% RHEL/Cent 5 or 6, but there's a few RHEL4 and SLES9 machines on the must have list. As upgrades are very unlikely, I'd like to be on the newest version possible - ideally, 2.7.12+ on the master so I can leverage puppetDB. Is anyone out there running new-ish puppet (2.7, or else 2.6) on such ancient beasts? If so, can anyone point me at sources for the packages, and dependencies? Or perhaps have spec files to share? I'd like to say I can spend the time to build and test puppet and all the dependencies, but alas, that is very far from the case. Thanks for any assistance, Jason PS - If you happen to be a competent generalist Linux admin in the Boston, MA or Atlanta, GA area, feel free pass along your resume... -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. Confidentiality Notice. This message may contain information that is confidential or otherwise protected from disclosure. If you are not the intended recipient, you are hereby notified that any use, disclosure, dissemination, distribution, or copying of this message, or any attachments, is strictly prohibited. If you have received this message in error, please advise the sender by reply e-mail, and delete the message and any attachments. Thank you. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: hiera scope and hiera-foreman
Okay. I figured out my issue. I'm not a developer so this is probably ugly, but came up with: begin fqdn = scope.catalog.tags[4] rescue fqdn = scope['fqdn'] if scope.has_key?('fqdn') Hiera.debug(trying mcollective) end Hiera.debug(got fqdn #{fqdn}) That fqdn with both: puppet master --debug --compile FQDN and hiera -d -c /etc/puppet/hiera.yaml -m FQDN -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/m6nAWXboqQIJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] hiera scope and hiera-foreman
Hey all, I've been messing around with the hiera-foreman backend to see if it would let me migrate to hiera and use foreman and an ENC. https://github.com/torrancew/hiera-foreman It works by querying each node's yaml file from foreman. Currently this code works when called from the hiera command line with the -m (mcollective option). It uses the mcollective facts to pull the fqdn variable to know which node to grab the yaml for. So far so good. However, this breaks when you attempt to use it as a hiera backend in a puppet module, since it no longer has the mcollective facts, and fqdn available to it. So my question is, what is the recommended way of querying the current hostname(s) in a hiera backend for it to know what host it should lookup the needed yaml? Thanks! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/Yhe1cfLjofAJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] add an rpm to a host
Thanks for your immediate response. The first solution you propesed worked flawlessly. I like that. Thanks. On Fri, Jun 22, 2012 at 9:23 AM, Christopher Wood christopher_w...@pobox.com wrote: class myrpm { package { 'foo_bar': } } node myhost.me.com { class { 'myrpm': } } If this is something that you absolutely must do by the end of the day on a Friday because some manager is a maniac, you can deploy the rpm via a file resource and then install it by specifying alternate package type parameters: class myrpm { $myrpm = '/tmp/foo_bar_1.0.rpm' $myrpmsource = puppet:///modules/myrpm/foo_bar_1.0.rpm $mypkg = foo_bar file { $myrpm: source = $myrpmsource, } package { $mypkg: provider = 'rpm', source = $myrpm, require = File[$myrpm], } } node myhost.me.com { class { 'myrpm': } } With the above I am assuming that your classes are in modules (save your sanity, use them). More on modules: http://docs.puppetlabs.com/puppet/2.7/reference/modules_fundamentals.html http://docs.puppetlabs.com/module_cheat_sheet.html Also remember dependencies: http://docs.puppetlabs.com/references/stable/metaparameter.html#require And more generally: http://docs.puppetlabs.com/guides/language_guide.html How would I deploy this to all hosts that talk to my puppetmaster? Thanks Chris -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] add an rpm to a host
Hi I am new to puppet. I have an existing puppet 2.6 config and I have about 400 hosts that I would like to install a package on. the specific package is foo_bar_1.0.rpm How would I deploy this to all hosts that talk to my puppetmaster? Thanks Chris -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: puppetlabs-firewall stages and persistence
I have this working in our environment as a module, which I will attempt to describe. module: casfirewall init.pp class casfirewall { include casfirewall::default, casfirewall::fwpre, casfirewall::fwpost file {/etc/iptables: ensure = directory, owner = root, group = root, mode = 700, } # Always persist firewall rules exec { persist-firewall: command = $operatingsystem ? { debian = /sbin/iptables-save /etc/iptables/rules.v4, /(RedHat|CentOS)/ = /sbin/iptables-save /etc/sysconfig/iptables, }, refreshonly = true, require = File[/etc/iptables], } Firewall { notify = Exec[persist-firewall], before = Class[casfirewall::fwpost], require = Class[casfirewall::fwpre], } # Setup firewall resource resources { firewall: purge = true } } As you can see, this holds the meat and potatoes by including the Firewall notify, before, and require bits. The fwpre class contains the initial firewall settings (abbreviated here) class casfirewall::fwpre { Firewall { require = undef, } firewall { 000 allow outbound: proto = all, chain = OUTPUT, action = accept, }... The fwpost class contains the drop everything else rule. Because of the before ordering in init.pp this rule gets applied last (and was the reason for starting this thread in the first place) class casfirewall::fwpost { firewall {999 drop all: proto = all, action = drop, before = undef, } } In our init.pp we also have defined a default class. This contains all the rules to open ports to our monitoring servers or backup servers. These get applied after the initial pre class, and before the post as you would expect. I hope that helps. The suggestions given in this thread about firewall ordering very much helped us. I look forward to seeing the firewall module get another release and more user uptake. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/-B3-kjpoFvYJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Generating dhcp/pxe configuration from puppet
Hi, I set the whole thing up and got not the expected results. The thing is, that: It’s important to mention here that you will only get exported resources from hosts whose configurations have been compiled. If hostB exports a resource but hostB has never connected to the server, then no host will get that exported resource. That means that the nodes must be already installed in order to use the information. I need this information mainly from the nodes that are not existant yet. I want to boot them using PXE and run the whole installation procedure afterwards. I want to describe the nodes in a nodes.pp and from there setup DHCP and PXE for them. Any other hints? Cheers, Christian On Apr 18, 10:22 am, Luke Bigum luke.bi...@lmax.com wrote: If you wanted to do this all in Puppet, you could take the same approach that people do with Nagios an use exported resources. Have each of your nodes export some kind of resource that describes what it's DHCP configuration would be based on it's IP and MAC address Facts, then collect those resources on your DHCP server and write out your config file(s). http://docs.puppetlabs.com/guides/exported_resources.html If you wanted to do this outside of Puppet then you could parse all of your node's Facts cache (/var/lib/puppet/yaml/facts on my machine) but that assumes all the information you need is in Facter. On 18/04/12 08:22, Christian Requena wrote: Hello, I want to generate my infrastructure's dhcp/pxe config from puppet, but to go through the node definitions? Btw. we only use explicit definitions, no regexp. So everything is explicit. I thought about using Puppet::Parser...something ... any hints? Thanks for you help! Christian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Luke Bigum Information Systems Ph: +44 (0) 20 3192 2520 luke.bi...@lmax.com |http://www.lmax.com LMAX, Yellow Building, 1A Nicholas Road, London W11 4AN FX and CFDs are leveraged products that can result in losses exceeding your deposit. They are not suitable for everyone so please ensure you fully understand the risks involved. The information in this email is not directed at residents of the United States of America or any other jurisdiction where trading in CFDs and/or FX is restricted or prohibited by local laws or regulations. The information in this email and any attachment is confidential and is intended only for the named recipient(s). The email may not be disclosed or used by any person other than the addressee, nor may it be copied in any way. If you are not the intended recipient please notify the sender immediately and delete any copies of this message. Any unauthorised copying, disclosure or distribution of the material in this e-mail is strictly forbidden. LMAX operates a multilateral trading facility. Authorised and regulated by the Financial Services Authority (firm registration number 509778) and is registered in England and Wales (number 06505809). Our registered address is Yellow Building, 1A Nicholas Road, London, W11 4AN. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Generating dhcp/pxe configuration from puppet
Hello, I want to generate my infrastructure's dhcp/pxe config from puppet, but to go through the node definitions? Btw. we only use explicit definitions, no regexp. So everything is explicit. I thought about using Puppet::Parser...something ... any hints? Thanks for you help! Christian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: puppetlabs-firewall stages and persistence
Great! ... almost? The Firewall notify dependency check almost covers everything. I really like its elegance. The one problem I can still think of is that the firewall module is not the only one setting firewall rules. In the puppetlabs/apache module, for example, it attempts to open up port 80. Since there is no guarantee when a module is applied it is possible the firewall module will kick, followed by apache. Since the last rule in the firewall module is to drop all, it will match before the apache open port 80. It is a little bit difficult to test module ordering aside from restarting the puppet master and just trying it out on a test node for about an hour. So I haven't tested this today. You said: the numbers in the namevar are ultimately for how they get ordered in the file ruleset as you state - but not what order they are _inserted_. Which makes me still think that the order various modules kick can affect the firewall rules. Thus, a stage after main is still needed to guarantee that the drop happens last. I hope I'm wrong, is there any alternative? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/8LCJU0uojjMJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: puppetlabs-firewall stages and persistence
Super, it all works great! Since the whole fwpre class is run before everything else, is it necessary to define each resource with dependencies with firewall {002 testing: ...}-firewall {... as in your gist? Anyway, works great for us now. Thanks much! All that remains is waiting for a new release to get firewall rules at boot on debian, and then some magic work yet to be done for not stomping on custom chains like fail2ban. On Wednesday, March 14, 2012 11:53:31 AM UTC-5, Ken Barber wrote: You said: the numbers in the namevar are ultimately for how they get ordered in the file ruleset as you state - but not what order they are _inserted_. Which makes me still think that the order various modules kick can affect the firewall rules. Thus, a stage after main is still needed to guarantee that the drop happens last. I hope I'm wrong, is there any alternative? If you look at my example in the gist: Firewall { notify = Exec[persist-firewall], before = Class[my_soe::fwpost], require = Class[my_soe::fwpre], } I'm setting it so that by default, every rule firewall resource runs 'before' Class[my_soe::fwpost], and it requires Class[my_soe::fwpre]. So in this example it doesn't need stages - just put your pre post in those classes. ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/zzV3pegM5bUJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: puppetlabs-firewall stages and persistence
I appreciate the interest but I don't understand how you can tell me you don't have any experience with the module but yet know that I'm doing it wrong. The puppetlabs firewall module does not have classes or anything else to base a dependency on. I agree, I would rather not use stages, which is why I originally posted this to see how folks were making it go. If you do find a way to order rules without stages I'd love to hear about it. On Monday, March 12, 2012 7:49:18 AM UTC-5, jcbollinger wrote: It is incorrect that you must use run stages to achieve your desired ordering. In fact, it is *never* the case that run stages are the only solution to ordering issues in Puppet, because there is nothing you can do with them that you cannot also do with ordinary resource relationships. In many cases, solving an ordering problem by use of run stages is like putting in a tack with a sledgehammer: not only is it overkill, it also doesn't afford much precision or finesse. I have no experience with the module in question, so I have no specific suggestions to offer, but if you find run stages too crude a tool for your task then I can advise you about how to achieve your ordering requirements otherwise. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/t6rnTOXMrNgJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: puppetlabs-firewall stages and persistence
In the pre main stage I have defined rules to allow outbound and allow related and established. In the post main stage, it does a drop all. Before this was organized into stages, occasionally the drop all would get applied before keep established and allow outbound, and thus the client could lose its connection to the puppet master mid run. On Tuesday, March 13, 2012 4:16:07 PM UTC-5, Mohamed wrote: Just out of curiosity, what do you mean by: We ended up in situations where the drop rules would kick before the allow established rules, and thus kill the puppet run In my experience, what breaks is the reporting attempt puppet clients makes to the master, not the puppet run itself. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/xBTznk59RKkJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: puppetlabs-firewall stages and persistence
Thus far I've only been able to get puppet to run without making the firewall persistent. In the case of running the exec save-rules in the post: it's no good if your hosts are at all dynamic since it only runs after the main stage. So if you have an existing host, add another normal firewall rule, that rule will get added on the next puppet run. But since the firewall drop rule that exists in the post stage has already been pushed out, the post bits never get called, and thus the firewall rules are not saved and your update will be lost at boot. I'm hoping something happens in development since there has not been a new revision in a little while and the github patches are stacking up. Cheers -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/GQeDShNZDRAJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] puppetlabs-firewall stages and persistence
Hi all, I'm attempting to use the puppetlabs-firewall module. In testing, rules are enabled in a random order, so it seems necessary to utilize puppet stages to guarantee proper ordering. I created a module to organize my firewalling. It consists of localfw::pre to open the INPUT chain for established and related connections, localfw::default for most normal rules, and localfw::post to block everything else. I run localfw::pre before stage[main] and localfw::post after. This has fixed my firewall rules ordering issue, yay. However, rules are now not being saved :( I tried adding include localfw::config to ::pre, ::post, and ::default which consisted of the persistence definitions: exec { persist-firewall: command = /sbin/iptables-save /var/lib/iptables/rules.v4, require = File [/var/lib/iptables], refreshonly = true, } Firewall { notify = Exec[persist-firewall] } and while I don't get any errors, I also don't get any firewall rules saved. It appears that Firewall never kicks to run the exec. If I add these bits to localfw::pre, then the pre rules get saved. If I add to localfw::post then all get saved, as expected. But in that case, normal firewall changes to a node don't cause localfw::post to run again, and thus aren't saved. What is the recommended way to save iptables rules for persistence when using puppet stages? Has anyone made this work? Thanks -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: puppetlabs-firewall stages and persistence
I've got slightly more info. In trying to figure this out I ran across http://projects.puppetlabs.com/issues/10665 where it was suggested that the persist-firewall bits (already shown in the previous message) get placed into site.pp. This almost worked perfectly. I've placed the following inside a node definition. class { localfw::pre: stage = pre } class { localfw::post: stage = post } include localfw If I keep localfw::post empty of firewall definitions, everything works fine. However, once I place anything in there (such as an empty test: firewall { 999 testing: ; } I get an error about cyclic dependencies. # puppet agent -v --no-daemonize --onetime info: Retrieving plugin info: Loading facts in iptables info: Loading facts in sshkeys info: Loading facts in etc_facts info: Loading facts in iptables info: Loading facts in sshkeys info: Loading facts in etc_facts info: Caching catalog for testhost err: Could not apply complete catalog: Found dependency cycles in the following relationships: Firewall[999 drop all] = Exec[persist- firewall], Exec[persist-firewall] = Firewall[999 drop all]; try using the '--graph' option and open the '.dot' files in OmniGraffle or GraphViz notice: Finished catalog run in 0.65 seconds Is this a bug, or am I doing something wrong? In trying to figure that out it looks like it may be related to puppet bug #5349? Any thoughts? The puppetlabs firewall module seems so close to being usable. Saving the firewall to enable on boot is the last missing bit in my checklist. Thanks much! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Dynamically extending the group membership of a custom system user
Hello, I need to expand the membership of a custom system user depending on the availability of some group on the target system i.e. user { logger: name = logger, ensure = present, groups = [adm, wheel, this _group_ if it exists], shell = /bin/bash; } The this _group_ if it exists entry only works, if the group was already create. I need to expand the list of groups depending on the availability of some groups like i.e. user { logger: name = logger, ensure = present, [ 'mongodv', 'postgres', 'custom', 'www' ].each do | g | g.exist? _groups g.to_s end groups = _groups shell = /bin/bash; } I know that is totally wrong, but I just want to describe what I'm aiming to. Thanks! Christian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] scope of tags
According to the tagging documentation[1], tags are automatically created for enclosing node, define, and class structures. 1. http://projects.puppetlabs.com/projects/1/wiki/Using_Tags#Automatic-Tagging If I create three classes like this: class first { tag('doot') } class second { if tagged(first) { warning('first tag found') } else { warning('first tag not found') } if tagged(doot) { warning('doot tag found') } else { warning('doot tag not found') } if tagged(third) { warning('third tag found') } else { warning('third tag not found') } } class third { } and declare them: class { 'first':; 'second':; 'third':; } why does the 'first' tag exist within the 'second' class? This seems to be inconsistent with the documentation since 'first' doesn't enclose 'second'. But given that the 'first' tag is set, why isn't the 'third' tag also set? Finally, is there a way to extend the scope of a tag through explicit dependencies? I'd like to do something like: Class['first'] - Class['second'] - Class['third'] such that tags 'first', 'doot', and 'third' are all present in 'second'. Thanks, Christian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] explicit class dependencies
Do explicit class dependencies work? This simple example fails with: Could not find resource 'Class[Config]' for relationship on 'Class[Uses_config]' class config { } class uses_config { Class['config'] - Class['uses_config'] } include uses_config Am I doing something? Thanks, Christian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] explicit class dependencies
On Tue, Dec 06, 2011 at 01:38:38PM -0800, Nan Liu wrote: On Tue, Dec 6, 2011 at 12:27 PM, Christian G. Warden cwar...@xerus.org wrote: Do explicit class dependencies work? This simple example fails with: Could not find resource 'Class[Config]' for relationship on 'Class[Uses_config]' class config { } class uses_config { Class['config'] - Class['uses_config'] } include uses_config Am I doing something? You didn't declare include class config. If you intend uses_config to automatically include class config, you should declare it there. In either case you are missing include config or class { config: } somewhere. Thanks, Nan. Sorry, I got a little overzealous in trying to come up with a minimal example. Here's the problem I was actually trying to troubleshoot: class config { $x = 'abc' } class uses_config { Class['config'] - Class['uses_config'] $x = $config::x } include uses_config include config This results in: warning: Scope(Class[Uses_config]): Could not look up qualified variable 'config::x'; class config has not been evaluated I think it's similar to the problem I asked about with tags in another thread. If I include config before uses_config, I don't get an error. Christian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
RE: [Puppet Users] Concat module
Can't speak to concat, but you might consider using augeas for managing /etc/sysctl.conf. There is an excellent example of this at: http://projects.puppetlabs.com/projects/1/wiki/Puppet_Augeas , see Working Examples -Original Message- From: puppet-users@googlegroups.com [mailto:puppet-users@googlegroups.com] On Behalf Of Douglas Garstang Sent: Thursday, November 03, 2011 11:59 AM To: Puppet Users Subject: [Puppet Users] Concat module All, Trying to use the concat module with: class sysctl::common { include concat::setup concat { '/etc/sysctl.conf': owner = 'root', group = 'root', mode = '0644'; } concat::fragment { '/etc/sysctl.conf': target = '/etc/sysctl.conf', content = 'kernel.sem=250 32000 32 2048', order = '99'; } } Getting this error: Nov 3 14:54:04 dev-c3-app-90 puppet-agent[8143]: Failed to apply catalog: Parameter path failed: File paths must be fully qualified, not 'undef' at /etc/puppet/devmp/modules/concat/manifests/setup.pp:37 What am I doing wrong? Doug. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet- users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. Confidentiality Notice. This message may contain information that is confidential or otherwise protected from disclosure. If you are not the intended recipient, you are hereby notified that any use, disclosure, dissemination, distribution, or copying of this message, or any attachments, is strictly prohibited. If you have received this message in error, please advise the sender by reply e-mail, and delete the message and any attachments. Thank you. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] I managed to break my Cent5 mongrel puppetmaster after upgrading from EPEL .25.5 to 2.6.6
CentOS release 5.7 (Final) puppet-server-2.6.6-1.el5.noarch ruby-1.8.5-19.el5_6.1.x86_64 rake, version 0.9.2 The upgrade from 25.5 to 2.6.6 had been working fine. Not sure if this is relevant: I then attempted to get puppet-dashboard working using this guide: http://docs.puppetlabs.com/guides/installing_dashboard.html I managed to upgrade rake, but never got this to work: rake RAILS_ENV=production db:migrate , I then decided to restart the puppetmaster and now I get this message: Starting puppetmaster: Port: 18140/usr/lib/ruby/site_ruby/1.8/puppet/network/http.rb:8:in `server_class_by_type': Mongrel is not installed on this platform (ArgumentError) from /usr/lib/ruby/site_ruby/1.8/puppet/network/server.rb:157:in `http_server_class_by_type' from /usr/lib/ruby/site_ruby/1.8/puppet/network/server.rb:137:in `http_server_class' from /usr/lib/ruby/site_ruby/1.8/puppet/network/server.rb:58:in `initialize' from /usr/lib/ruby/site_ruby/1.8/puppet/application/master.rb:104:in `new' from /usr/lib/ruby/site_ruby/1.8/puppet/application/master.rb:104:in `main' from /usr/lib/ruby/site_ruby/1.8/puppet/application/master.rb:46:in `run_command' from /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:304:in `run' from /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:410:in `exit_on_fail' from /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:304:in `run' from /usr/sbin/puppetmasterd:4 [FAILED] Any help would be most appreciated. Thanks in advance. $ cat /etc/puppet/puppet.conf [main] # Where Puppet stores dynamic and growing data. # The default value is '/var/puppet'. vardir = /var/lib/puppet # The Puppet log directory. # The default value is '$vardir/log'. logdir = /var/log/puppet # Where Puppet PID files are kept. # The default value is '$vardir/run'. rundir = /var/run/puppet # Where SSL certificates are kept. # The default value is '$confdir/ssl'. ssldir = $vardir/ssl [production] modulepath=/etc/puppet/modules manifest=/etc/puppet/manifests/site.pp [development] modulepath=/etc/puppet/environments/development/modules manifest=/etc/puppet/environments/development/manifests/site.pp trace=true report=false [agent] # The file in which puppetd stores a list of the classes # associated with the retrieved configuratiion. Can be loaded in # the separate ``puppet`` executable using the ``--loadclasses`` # option. # The default value is '$confdir/classes.txt'. classfile = $vardir/classes.txt # Where puppetd caches the local configuration. An # extension indicating the cache format is added automatically. # The default value is '$confdir/localconfig'. localconfig = $vardir/localconfig [master] user = root storeconfigs = false dbadapter = mysql dbuser = puppet dbpassword = dbserver = localhost dbsocket = /var/lib/mysql/mysql.sock modulepath = $confdir/modules factsync = true factpath = $vardir/facts environments=production,development # The list of reports to generate. All reports are looked for # in puppet/reports/name.rb, and multiple report names should be # comma-separated (whitespace is okay). # The default value is 'store'. reports = store, rrdgraph, tagmail tagmap = /etc/puppet/tagmail.conf # Whether RRD information should be graphed. rrdgraph = true # How often RRD should expect data. # This should match how often the hosts report back to the server. # The default value is '$runinterval'. rrdinterval = $runinterval # The directory where RRD database files are stored. # Directories for each reporting host will be created under # this directory. # The default value is '$vardir/rrd'. rrddir = $vardir/rrd $ cat /etc/sysconfig/puppetmaster # Location of the main manifest #PUPPETMASTER_MANIFEST=/etc/puppet/manifests/site.pp # Where to log general messages to. # Specify syslog to send log messages to the system log. #PUPPETMASTER_LOG=syslog # You may specify an alternate port or an array of ports on which # puppetmaster should listen. Default is: 8140 # If you specify more than one port, the puppetmaster ist automatically # started with the servertype set to mongrel. This might be interesting # if you'd like to run your puppetmaster in a loadbalanced cluster. # Please note: this won't setup nor start any loadbalancer. # If you'd like to run puppetmaster with mongrel as servertype but only # on one (specified) port, you have to add --servertype=mongrel to # PUPPETMASTER_EXTRA_OPTS. # Default: Empty (Puppetmaster isn't started with mongrel, nor on a # specific port) # # Please note: Due to reduced options in the rc-functions lib in RHEL/ Centos # versions prior to 5, this feature won't work. Fedora versions = 8 are # known to work. #PUPPETMASTER_PORTS= # Puppetmaster on a
[Puppet Users] Re: I managed to break my Cent5 mongrel puppetmaster after upgrading from EPEL .25.5 to 2.6.6
I removed the rubygem-mongrel rpm and reinstalled it. That appears to have fixed my issue. On Oct 13, 6:22 pm, Mark Christian mchri...@altera.com wrote: CentOS release 5.7 (Final) puppet-server-2.6.6-1.el5.noarch ruby-1.8.5-19.el5_6.1.x86_64 rake, version 0.9.2 The upgrade from 25.5 to 2.6.6 had been working fine. Not sure if this is relevant: I then attempted to get puppet-dashboard working using this guide:http://docs.puppetlabs.com/guides/installing_dashboard.html I managed to upgrade rake, but never got this to work: rake RAILS_ENV=production db:migrate , I then decided to restart the puppetmaster and now I get this message: Starting puppetmaster: Port: 18140/usr/lib/ruby/site_ruby/1.8/puppet/network/http.rb:8:in `server_class_by_type': Mongrel is not installed on this platform (ArgumentError) from /usr/lib/ruby/site_ruby/1.8/puppet/network/server.rb:157:in `http_server_class_by_type' from /usr/lib/ruby/site_ruby/1.8/puppet/network/server.rb:137:in `http_server_class' from /usr/lib/ruby/site_ruby/1.8/puppet/network/server.rb:58:in `initialize' from /usr/lib/ruby/site_ruby/1.8/puppet/application/master.rb:104:in `new' from /usr/lib/ruby/site_ruby/1.8/puppet/application/master.rb:104:in `main' from /usr/lib/ruby/site_ruby/1.8/puppet/application/master.rb:46:in `run_command' from /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:304:in `run' from /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:410:in `exit_on_fail' from /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:304:in `run' from /usr/sbin/puppetmasterd:4 [FAILED] Any help would be most appreciated. Thanks in advance. $ cat /etc/puppet/puppet.conf [main] # Where Puppet stores dynamic and growing data. # The default value is '/var/puppet'. vardir = /var/lib/puppet # The Puppet log directory. # The default value is '$vardir/log'. logdir = /var/log/puppet # Where Puppet PID files are kept. # The default value is '$vardir/run'. rundir = /var/run/puppet # Where SSL certificates are kept. # The default value is '$confdir/ssl'. ssldir = $vardir/ssl [production] modulepath=/etc/puppet/modules manifest=/etc/puppet/manifests/site.pp [development] modulepath=/etc/puppet/environments/development/modules manifest=/etc/puppet/environments/development/manifests/site.pp trace=true report=false [agent] # The file in which puppetd stores a list of the classes # associated with the retrieved configuratiion. Can be loaded in # the separate ``puppet`` executable using the ``--loadclasses`` # option. # The default value is '$confdir/classes.txt'. classfile = $vardir/classes.txt # Where puppetd caches the local configuration. An # extension indicating the cache format is added automatically. # The default value is '$confdir/localconfig'. localconfig = $vardir/localconfig [master] user = root storeconfigs = false dbadapter = mysql dbuser = puppet dbpassword = dbserver = localhost dbsocket = /var/lib/mysql/mysql.sock modulepath = $confdir/modules factsync = true factpath = $vardir/facts environments=production,development # The list of reports to generate. All reports are looked for # in puppet/reports/name.rb, and multiple report names should be # comma-separated (whitespace is okay). # The default value is 'store'. reports = store, rrdgraph, tagmail tagmap = /etc/puppet/tagmail.conf # Whether RRD information should be graphed. rrdgraph = true # How often RRD should expect data. # This should match how often the hosts report back to the server. # The default value is '$runinterval'. rrdinterval = $runinterval # The directory where RRD database files are stored. # Directories for each reporting host will be created under # this directory. # The default value is '$vardir/rrd'. rrddir = $vardir/rrd $ cat /etc/sysconfig/puppetmaster # Location of the main manifest #PUPPETMASTER_MANIFEST=/etc/puppet/manifests/site.pp # Where to log general messages to. # Specify syslog to send log messages to the system log. #PUPPETMASTER_LOG=syslog # You may specify an alternate port or an array of ports on which # puppetmaster should listen. Default is: 8140 # If you specify more than one port, the puppetmaster ist automatically # started with the servertype set to mongrel. This might be interesting # if you'd like to run your puppetmaster in a loadbalanced cluster. # Please note: this won't setup nor start any loadbalancer. # If you'd like to run puppetmaster with mongrel as servertype but only # on one (specified) port, you have to add --servertype=mongrel to # PUPPETMASTER_EXTRA_OPTS. # Default: Empty
Re: [Puppet Users] Re: Strange Could not find dependency error
Am 10.08.2011 22:24, schrieb piavlo: Does anyone have clear logical explanation why nagios::client nagios::server have no dep problems but nagios-client nagios-server does? - is no legal character in identifier names. Unfortunately, the error messages are not very helpful in such a case. Regards Christian -- Dipl.-Inf. Christian Kauhaus · k...@gocept.com · systems administration gocept gmbh co. kg · forsterstraße 29 · 06112 halle (saale) · germany http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1 Zope and Plone consulting and development -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Puppet Class is applied but is not executed
Hi all, i' am having a strange problem with a puppet class, basically i wrote a small class, no special content (ensure packed is installed). I applied this class to a linuxbox with puppetclient 2.6.4 installed (and working for the other classes). So the problem if I'am forcing now the client to get the new configuration, it does it very well. No error's even with the debug option. In the /var/lib/puppet directory i take a look at the classes.txt and i find the new class inside. So i try to force en error with the class be doing a modifying the class and adding a parser error. Executing again on the linuxbox the puppet command, nothing happens. I would now expect a error. But it looks like puppet just doesn't executed this class. anyone a idea what i'am missing .. ? thanks Christian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Could not find a default provider for package
Am 19.06.2011 03:24, schrieb d0ugb: Need some help here. I am using puppet to mange some Gentoo boxes, and when working with packages I keep getting the following error: Could not find a default provider for package I suspect that the portage package provider need 'eix' to function. Is eix installed? Regards Christian -- Dipl.-Inf. Christian Kauhaus · k...@gocept.com · systems administration gocept gmbh co. kg · forsterstraße 29 · 06112 halle (saale) · germany http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1 Zope and Plone consulting and development -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Cannot dry run puppet on the puppetmaster
Am 08.05.2011 05:12, schrieb treydock: Here's the output using debug option. [...] debug: catalog supports formats: b64_zlib_yaml dot marshal pson raw yaml; using pson err: Could not retrieve catalog from remote server: execution expired warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run There's not much to see here. It would probably more informative to start the server with the --debug flag and see what is going on there. Regards Christian -- Dipl.-Inf. Christian Kauhaus · k...@gocept.com · systems administration gocept gmbh co. kg · forsterstraße 29 · 06112 halle (saale) · germany http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1 Zope and Plone consulting and development -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] help with template and has_variable?
Am 02.05.2011 15:41, schrieb Arnau Bria: so, any ideawhy is ruby doing it? Identifiers beginning with uppercase letters denote constants in Ruby. The most visible example for this rule are class names. Class names are constants that point to their respective class objects. Regards Christian -- Dipl.-Inf. Christian Kauhaus · k...@gocept.com · systems administration gocept gmbh co. kg · forsterstraße 29 · 06112 halle (saale) · germany http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1 Zope and Plone consulting and development -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppetmaster best practice for multiple zones
Am 19.04.2011 18:13, schrieb James Bailey: I am bit stuck however for how best I can managed the remaining two zones. Do create another two puppetmasters and configure them to use the existing storeconfigs DB I am currently using. Or do I have two additional standalone puppetmasters? If do the later how will I be able to unify my view of the three zones? I'd prefer one puppetmaster for everything. If the puppetmaster needs to reachable from everywhere, it belongs into the production zone. Regards Christian -- Dipl.-Inf. Christian Kauhaus · k...@gocept.com · systems administration gocept gmbh co. kg · forsterstraße 29 · 06112 halle (saale) · germany http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1 Zope and Plone consulting and development -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Multiple file path for single module in the fileserver.conf
Yeah i have two repositories with different kind of configuration which are managed under different responsiblity. But from the logical point of view they belonging to the same module. There could be a kind of priorisation that the in case of a clash only the file from the first file location should be taken. Is there an interest on a change request? As a workaround i probably will simply create two separated modules. On 13 Apr., 16:01, Felix Frank felix.fr...@alumni.tu-berlin.de wrote: On 04/12/2011 04:44 PM, Christian wrote: Is it possible to have multiple file paths defined for a single module in the fileserver.conf? For example [files] path /first/path/files path /second/path/files allow * What's this supposed to do? You probably want to be able to serve files from each tree. But what if both trees contain files with identical names? Regards, Felix -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Multiple file path for single module in the fileserver.conf
Is it possible to have multiple file paths defined for a single module in the fileserver.conf? For example [files] path /first/path/files path /second/path/files allow * [modules] allow * [plugins] allow * The here described configuration did not work as i tried it already. Any idea if this is possible. Thanks a lot Christian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Use puppet to preconfigure gnome gvfs shares
Am 01.04.2011 11:11, schrieb spidernik84: 1. puppet detects the logged in username and sets this as a variable 2. puppet outputs a customized .gtk-bookmarks file with the network paths inside, in this format smb://domain.com;john...@url.of.the.server/home$/johndoe Johndoe share 3. puppet saves this file as /home/johndoe/.gtk-bookmarks I don't think that Puppet is designed to support this sort of interactive behavior. I'd rather suggest to deploy a custom shell script via Puppet that performs the outlined actions on a user's first login. For example, pam_exec is providing this functionality. Something in /etc/profile (or your login shell's equivalent) would also be feasible. Regards Christian -- Dipl.-Inf. Christian Kauhaus · k...@gocept.com · systems administration gocept gmbh co. kg · forsterstraße 29 · 06112 halle (saale) · germany http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1 Zope and Plone consulting and development -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Use puppet to preconfigure gnome gvfs shares
Am 31.03.2011 15:19, schrieb spidernik84: Here's the problem: how to instruct puppet to generate a customized file with the interpretedusername variable, and how to tell puppet to place this file in /home/username? Ideally, the file should be created only at first login to avoid existing bookmarks to be overwritten... The problem is not very clear to me. Do you just try to manage a file with a variable in it's path name? Given that the target username is already present as a variable in the manifest, you'd just write: file { /home/${username}/path/to/file: content = template(path/to/template) } given that the template makes use of the $username variable too. If you need the same procedure for more than one user, wrap the whole thing into a define. Add 'replace = false' to make this a one-shot operation. Did I get the problem right? Did I miss something? Regards Christian -- Dipl.-Inf. Christian Kauhaus · k...@gocept.com · systems administration gocept gmbh co. kg · forsterstraße 29 · 06112 halle (saale) · germany http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1 Zope and Plone consulting and development -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] RFC: Splitting up the file{} type functionality.
Am 22.03.2011 23:52, schrieb Nigel Kersten: If you're enabling recursive copies for Directories, then you're also supporting the 'source' property, and you're also supporting the links = {follow, manage, ignore} parameter and recurse and recurselimit I see your point. As an alternative, extracting the recursive directory copy facility is definitely a step in the right direction. I'm not sure if the symlink feature should be extracted too. It should at least get a different parameter name, though. The overloaded 'ensure' is confusing. Regards Christian -- Dipl.-Inf. Christian Kauhaus · k...@gocept.com · systems administration gocept gmbh co. kg · forsterstraße 29 · 06112 halle (saale) · germany http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1 Zope and Plone consulting and development -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] RFC: Splitting up the file{} type functionality.
Am 22.03.2011 02:53, schrieb Nigel Kersten: The intersection of files and directories isn't that big a deal, but we could split out directories too if we wanted. From the user's perspective, it's more like the other way round. We should not let implementation issues guide the design of the manifest language. Files and directories are different concepts, but symlinks to either files or directories are handled mostly transparently. I would rather suggest a File and a Directory type. Both types should share basic attributes like owner/mode etc and both should support symlinks. Each one has unique attributes: files should support source/content, while directories should support the recursive copy feature. Regards Christian -- Dipl.-Inf. Christian Kauhaus · k...@gocept.com · systems administration gocept gmbh co. kg · forsterstraße 29 · 06112 halle (saale) · germany http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1 Zope and Plone consulting and development -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] RFC: Refactoring the mount provider.
Am 17.03.2011 18:40, schrieb Nigel Kersten: TL;DR The mount provider has used a mish-mash of checking fstab and actual mount state to determine state. A possible solution we're looking at is splitting into two types, one that manages /etc/fstab (or /etc/filesystem on other OSes), and one that manages actual mount state. +1 Regards Christian -- Dipl.-Inf. Christian Kauhaus · k...@gocept.com · systems administration gocept gmbh co. kg · forsterstraße 29 · 06112 halle (saale) · germany http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1 Zope and Plone consulting and development -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Proposal: strict mode for manifests
Am 08.03.2011 23:37, schrieb Robin Bowes: I'd really like puppet to blow-up at this stage and tell me that I've used an variable without defining it first. Those familiar with perl will recognise this as use strict;. I would greatly appreciate such a feature. Is there already a ticket to vote? Regards Christian -- Dipl.-Inf. Christian Kauhaus · k...@gocept.com · systems administration gocept gmbh co. kg · forsterstraße 29 · 06112 halle (saale) · germany http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1 Zope and Plone consulting and development -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: puppet dashboard group and class
Hi Nicolas, i had exactly the same problem when i start using puppet dashboard some months ago. There is no documentation about it on the page and i would say that the names 'Classes' and 'Groups' are used unlucky. It turns out that classes acutally are the puppet modules (why the hell they dont use the same expression in puppet dashboard like in the rest puppet) and groups can be used to model a kind of inheritance. If you use classes and groups you have to use puppet dashboard as an external node classifier means you are not using node.pp anymore. The modeling which module belongs to which node will be done then in puppet dashboard. Your class name have of course be exactly the same name as the module name you have in your folder structure in the puppet module folder. Hope that helps a bit Christian On 15 Dez., 02:17, Nicolas Aizier nicolas.aiz...@googlemail.com wrote: Hi everyone, I'm actually kind of new in puppet but I'm doing good in progressing. I have read lot of docs and how to to understand the whole behaviour of puppet. Installed a puppet master server, deployed 15 clients to test it on some of our testing servers. Written modules to get exactly what we want, and then installed puppet dashboard which work really fine. My question might sound a bit noobish but I'm stuck on that point and I really don't like to don't understand every part of a tool. What is the use of adding groups and class in the dashboard ? It seems that the dashboard don't see your class from the modules (saw that it will be corrected soon), but what is the point to creating class in the GUI ? Can you do anything with that ? and if yes will that not spread the config through dashboard + puppet config files, it'll be messy to maintain Same question with the groups, I understand that you can assign class to groups so it's easyer to add a server in a global behavior but it only uses class from dashboard . And is there a way to create such group in puppet config files (if yes I didn't manage to find it ...) ? Thx a lot for your time and to all the puppet users ! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: managing normal users with Puppet
In this context i have a question. I migrate an autoyast settings into Puppet modules. Originally users are created in the autoyast file for SLES9. Following setting i have for one of my user. encrypted config:type=booleantrue/encrypted Unfortuniatially i can't find such a flag as a parameter for the puppet 'user' resource. Christian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Puppetrun reports certificates were not trusted
Actually that problem were solved by simply rebooting all machines. After a restart suddenly it worked for all of them. From time to time i experience however that single nodes produces following errors even if i havent run puppetrun very short before that run: Host hostname is already running finished with exit code 3 If i run puppetrun a second time than the same node does not report problems anymore. Does anybody know what is the background of that problem? Christian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] templating woes....
Am 15.10.2010 00:42, schrieb Jacob Helwig: % nagios_conf_dirs.each do |dir| -% cfg_dir=%= dir % % end -% I would rather prefer the for notation in templates, since it is easier to read when interspersed with other text: | % for dir in nagios_conf_dirs -% | cfg_dir=%= dir % | % end -% Regards, Christian -- Dipl.-Inf. Christian Kauhaus · k...@gocept.com · systems administration gocept gmbh co. kg · forsterstraße 29 · 06112 halle (saale) · germany http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1 Zope and Plone consulting and development -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Puppetrun reports certificates were not trusted
Hi Doug, What i did with my manual puppet runs was a copy of the ntp.conf files to the clients and restart the ntp service. So if you would declare that as a time change... yeah i did change it. Times on server and clients are complete identically. I checked the validity of the certificate regarding the valid time range. And the time range seems correct for me. The most problems with that were due to wrong time synchronisation which ends up to a time on the client outside the certificate time validity treshold. That however seems not the case for me. I dont understand what is the difference between the working node and the rest of the node... Thanks a lot Christian On 14 Okt., 06:10, Douglas Garstang doug.garst...@gmail.com wrote: On Tue, Oct 12, 2010 at 10:32 AM, Christian berwangerchrist...@googlemail.com wrote: Hi all, All my nodes are signed successfully with the puppetmaster. A manual puppetd run works perfectly on every node. A report is generated for each run in puppet-dashboard. All machines are correctly synchronised via ntp. Using puppetrun on one of my node works without problem. However using puppetrun on the rest of the nodes does suddenly not work. Following is reported: HOSTNAME Certificates were not trusted: certificate erify failed. HOSTNAME finished with exit code 2 Under [puppetmasterd] i set the certname = PUPPETMASTERHOST I tried as well to delete the /ssl folder on the client and regenerated them but with out success on the puppetrun result. Has somebody an idea what is going wrong here. I've seen this too. Did your time change during a previous puppet run on your client? Doug. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Puppetrun reports certificates were not trusted
Hi all, All my nodes are signed successfully with the puppetmaster. A manual puppetd run works perfectly on every node. A report is generated for each run in puppet-dashboard. All machines are correctly synchronised via ntp. Using puppetrun on one of my node works without problem. However using puppetrun on the rest of the nodes does suddenly not work. Following is reported: HOSTNAME Certificates were not trusted: certificate erify failed. HOSTNAME finished with exit code 2 Under [puppetmasterd] i set the certname = PUPPETMASTERHOST I tried as well to delete the /ssl folder on the client and regenerated them but with out success on the puppetrun result. Has somebody an idea what is going wrong here. Thanks a lot Christian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Puppet Server
I'm going to be starting a project in a month or so for a Puppet Server using SUSE Studio to generate the ISO and VM I'll be using for testing. I'm curious to get feedback from folks that have already built Puppet servers. I don't have any specific questions yet, naturally, but I would like to know how it's working for you. Also, per every server, how nodes on average is everyone managing? Cheers, Christian Bryant http://en.opensuse.org/User:christian_bryant -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Installing puppet 0.25.5 on SLES 9 64bit
Thanks to Sandor's suggestion i was able to run facter. By running puppetd with the right ruby path a new error message appeared. It seems that it can't be found the ./openssl.so library. Following message appears: Cannot open shared object file: No such file or directory - ./ openssl.so (LoadError) The file openssl.so i was able to find on the system so i pointed also a second ruby loadpath on that folder. However without success... Some idea how to solve that problem and how i can make the ./ openssl.so loadable? Christian On 30 Sep., 10:26, Sandor Szuecs sandor.szu...@fu-berlin.de wrote: On Sep 29, 2010, at 3:45 PM, Christian wrote: /usr/sbin/puppetd:159:in `require': No such file to load -- puppet/ application/puppetd (LoadError) from /usr/sbin/puppetd:159 What went wrong here? Is there a bug in the rpm? Or do i have to set a path somewhere? It seems you have to set the ruby loadpath, $:, yourself to the folder where the files puppet.rb and facter.rb are. You can add a load path with `ruby -Ipath/to/load` or add it to GEM_PATH env variable. You can add a path to $GEM_PATH separated with ':', like bash/zsh $PATH. All the best, Sandor Szücs -- -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.