[Puppet Users] Mocking custom types or providers
Hi, I have a rspec-puppet test suite for a module that uses custom types whose provider requires a ruby gem. Is there an easy way to mock or stub the type? I have the following snippet in my spec file (using mocha): --- let(:type) { Puppet::Type.type(:foo_database_user) } before(:each) { Puppet::Type.stubs(:type).with(:foo_database).returns(type) } --- This mocks my custom type but breaks all built-in types (like groups). Using a Spy looks like the obvious solution but I could not find a way to do that with mocha. Thanks in advance for any help, Florian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/fd6f526b-83aa-47cb-9c35-e38a769477aa%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Puppet's CA with an external issued CA-Certificate
Hi, Is it possible, to use puppet's ca with an external issued intermediate CA certificate? I want puppet to act as normal puppet-CA, but with a CA-Certificate that has been issued by our Central CA. I am aware, that it is not a valid scenario according to http://docs.puppetlabs.com/puppet/latest/reference/config_ssl_external_ca.html and have read https://groups.google.com/d/msg/puppet-users/ZW0p-UcFfFY/2WR30LBRoZYJ, but I don't want to implement a non-supported setup. Are there any plans, to support this CA Configuration? best regards, florian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/762a5a67-0534-4ccc-83d8-e3dfef21b03e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: Using existing CA certificate for Puppet CA service.
Hi, How are your experiences with this setup? Did you encounter any problems? Have you been able to solve the CRL-problem? I am about to implement the same configuration and you post was the best one, describing a solution, so I would like to hear if it worked out. best regards, florian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/7dcd904a-a4e7-4874-97ee-ca16c1ddc84a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Could not intern from pson after server upgrade (again)
On Tue, Jun 3, 2014 at 11:48 AM, Felix Frank felix.fr...@alumni.tu-berlin.de wrote: Uhm, tricky. Can you make sure that agent and master use the same Ruby version for Puppet? It may be worthwile to try running both on Ruby 1.9.3. HTH, Felix On 06/03/2014 10:34 AM, Andrei-Florian Staicu wrote: Hi all, After upgrading the server from 3.2.4-1.el6 to 3.6.1-1.el6, i get the following when running puppet agent --test --noop: Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not intern from pson: source '%7B%22values%22%3A%7' not in PSON! Client is also 3.6.1-1.el6. Sometimes is values, other times it's timestamp. I had this issue before after server upgrade, and I ended up downgrading the servers. Unfortunately it's not possible now, because puppetdb upgraded from 1.4.0-1.el6 to 2.0.0-1.el6 and the rollback no longer works. The logs from the client and server are below. Could you point me in the right direction to debug this? Thanks. Hi, As far as I see I'm on the same level, even using the puppetlabs dependencies repo. The only ruby 1.9.3 package I see for RHEL is in the SAM repository; but that also contains the RedHat packaged version of puppet-server (2.6.17). And i cannot anyway use it on all production servers (i.e. puppet clients). I also disabled the puppetdb reports and storedconfig, just to eliminate a possible cause - same error. Thanks. == [root@SERVER puppet]# yum list installed|grep ^ruby ruby.x86_641.8.7.352-13.el6 @rhel-x86_64-server-6 ruby-augeas.x86_64 0.4.1-3.el6 @puppet-x86_64-server-6 ruby-devel.x86_64 1.8.7.352-13.el6 @rhel-x86_64-server-6 ruby-irb.x86_641.8.7.352-13.el6 @rhel-x86_64-server-6 ruby-libs.x86_64 1.8.7.352-13.el6 @rhel-x86_64-server-6 ruby-mysql.x86_64 2.8.2-1.el6 @epel ruby-rdoc.x86_64 1.8.7.352-13.el6 @rhel-x86_64-server-6 ruby-rgen.noarch 0.6.5-2.el6 @puppet-x86_64-server-6 ruby-shadow.x86_64 1:2.2.0-2.el6 @puppet-x86_64-server-6 rubygem-daemon_controller.noarch 1.1.5-1.el6 @epel-el6-x86_64 rubygem-fastthread.x86_64 1.0.7-2.el6 @epel rubygem-json.x86_641.5.5-1.el6 @puppet-el6-x86_64 rubygem-passenger.x86_64 1:3.0.19-1.el6@passenger rubygem-passenger-native.x86_641:3.0.19-1.el6@passenger rubygem-passenger-native-libs.x86_64 rubygem-rack.noarch1:1.1.0-2.el6 @epel rubygem-rake.noarch0.8.7-2.1.el6 @rhel-x86_64-server-optional-6 rubygems.noarch1.3.7-5.el6 @rhel-x86_64-server-optional-6 == [root@CLIENT ~]# yum list installed|grep ^ruby ruby.x86_64 1.8.7.352-13.el6 @rhel-x86_64-server-6 ruby-augeas.x86_64 0.4.1-3.el6 @puppet-x86_64-server-6 ruby-irb.x86_64 1.8.7.352-13.el6 @rhel-x86_64-server-6 ruby-libs.x86_64 1.8.7.352-13.el6 @rhel-x86_64-server-6 ruby-rdoc.x86_64 1.8.7.352-13.el6 @rhel-x86_64-server-6 ruby-rgen.noarch 0.6.5-2.el6 @puppet-x86_64-server-6 ruby-shadow.x86_64 1:2.2.0-2.el6 @puppet-x86_64-server-6 rubygem-json.x86_64 1.5.5-1.el6 @puppet-el6-x86_64 rubygems.noarch 1.3.7-5.el6 @rhel-x86_64-server-optional-6 == -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CANK4U2q_kFD%3Digb0f9pV9p9bD0H4hg1L_2B8pi6WMRTMv4AUkQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Could not intern from pson after server upgrade (again)
On Tue, Jun 3, 2014 at 12:15 PM, Felix Frank felix.fr...@alumni.tu-berlin.de wrote: OK, next try then. Can you do a puppet master --configprint all | grep serialization and a puppet agent --configprint all | grep serialization respectively? Are there differences? Again, they look the same. Could it be that the client is somehow sending http requests on a https channel? Or does that sound stupid? == [root@SERVER puppet]# puppet master --configprint all | grep serialization legacy_query_parameter_serialization = false preferred_serialization_format = pson report_serialization_format = pson == [root@CLIENT ~]# puppet agent --configprint all | grep serialization legacy_query_parameter_serialization = false preferred_serialization_format = pson report_serialization_format = pson == -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CANK4U2ro%2BqRr4s6E2cMZ1DKbKQXyi7LULXBgOBN-n0XF%3D_oMhA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Could not intern from pson after server upgrade (again)
On Tue, Jun 3, 2014 at 12:59 PM, Felix Frank felix.fr...@alumni.tu-berlin.de wrote: Ah, would have been too simple anyway. Another weird thought - what is your facter version. Is that perhaps too old? On 06/03/2014 11:56 AM, Andrei-Florian Staicu wrote: This is the output. Also full debug output below for server client for this particular run. In the end, it falls back to PSON again. More bad news: facter-2.0.1-1.el6 on both of them. Ummm... did I already say thanks for your help :) -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CANK4U2oxGQqU7f4BpTSzyTTn5_TuY-ePGrtSBdqfRP3We-3Ddw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Could not intern from pson after server upgrade (again)
On Tue, Jun 3, 2014 at 1:18 PM, Andrei-Florian Staicu andrei.sta...@gmail.com wrote: On Tue, Jun 3, 2014 at 12:59 PM, Felix Frank felix.fr...@alumni.tu-berlin.de wrote: Ah, would have been too simple anyway. Another weird thought - what is your facter version. Is that perhaps too old? On 06/03/2014 11:56 AM, Andrei-Florian Staicu wrote: This is the output. Also full debug output below for server client for this particular run. In the end, it falls back to PSON again. More bad news: facter-2.0.1-1.el6 on both of them. Ummm... did I already say thanks for your help :) In the mean time, is there any way of downgrading from puppetdb 2.0 to 1.4? That would help us getting the server up and running again. Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CANK4U2p3gNfeusfOuRiSRTeWkh1dtzH%2BKLnks1wQDHWZdzOgTQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Could not intern from pson after server upgrade (again)
On Tue, Jun 3, 2014 at 2:40 PM, Felix Frank felix.fr...@alumni.tu-berlin.de wrote: On 06/03/2014 12:18 PM, Andrei-Florian Staicu wrote: More bad news: facter-2.0.1-1.el6 on both of them. Ummm... did I already say thanks for your help :) Well that would have been premature because I'm about at my wit's end. There is a chance you are hitting a latent bug with 3.6. Are you using parser=future? If so, try without it (and report the issue please!) You said that you had the same problem during another update - was that to 3.6 as well? No, no experimental features in use. The other update I tried was from 3.2.4 to 3.3.0, detailed here: https://groups.google.com/forum/#!msg/puppet-users/ujRKmWtfHUA/c0empDpcVjcJ Hmm... looking at the ticket opened from that email (22614), I'm seeing this on my puppet server: [root@SERVER ~]# gem list puppet *** LOCAL GEMS *** puppet (3.1.1) puppet-cleaner (0.3.1, 0.2.0, 0.1.1) puppet-lint (0.3.2) However, I don't understand if that has any effect on the puppet master, or who/what installed it. As I said, puppet was happily running at version 3.2.4, even with this gem installed. [root@SERVER~]# rpm -qa | grep ruby | grep puppet [root@SERVER~]# -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CANK4U2o5FROzv-auyG2VY1fBFZ5QrZ7ECtrs5%3DQH3KtRNQ4FgQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Could not intern from pson after server upgrade (again)
On Tue, Jun 3, 2014 at 3:04 PM, Felix Frank felix.fr...@alumni.tu-berlin.de wrote: On 06/03/2014 01:53 PM, Andrei-Florian Staicu wrote: However, I don't understand if that has any effect on the puppet master, or who/what installed it. As I said, puppet was happily running at version 3.2.4, even with this gem installed. That's still pretty alarming. When Ruby library paths get jumbled, all sorts of fun can ensue. What does puppet master --version claim? [root@SERVER ~]# puppet master --version 3.6.1 What do you think of the output below? Should I try manually updating the gems that don't come from an rpm? [root@SERVER~]# for i in `gem outdated | awk '{print $1}'`; do echo -e \n$i ; gem list $i; rpm -qa | grep ruby | grep $i || echo no rpm for $i; done activemodel *** LOCAL GEMS *** activemodel (3.2.3) no rpm for activemodel activerecord *** LOCAL GEMS *** activerecord (3.2.3) no rpm for activerecord activesupport *** LOCAL GEMS *** activesupport (3.2.3) no rpm for activesupport arel *** LOCAL GEMS *** arel (3.0.2) no rpm for arel builder *** LOCAL GEMS *** builder (3.0.0) no rpm for builder daemon_controller *** LOCAL GEMS *** daemon_controller (1.1.5) rubygem-daemon_controller-1.1.5-1.el6.noarch facter *** LOCAL GEMS *** facter (1.7.0) no rpm for facter hiera *** LOCAL GEMS *** hiera (1.2.1) no rpm for hiera i18n *** LOCAL GEMS *** i18n (0.6.0) no rpm for i18n json *** LOCAL GEMS *** json (1.5.5) json_pure (1.7.7) rubygem-json-1.5.5-1.el6.x86_64 json_pure *** LOCAL GEMS *** json_pure (1.7.7) no rpm for json_pure multi_json *** LOCAL GEMS *** multi_json (1.3.5) no rpm for multi_json mysql *** LOCAL GEMS *** mysql (2.8.1) ruby-mysql-2.8.2-1.el6.x86_64 passenger *** LOCAL GEMS *** passenger (3.0.19) rubygem-passenger-native-3.0.19-1.el6.x86_64 rubygem-passenger-native-libs-3.0.19-1.el6_1.8.7.352.x86_64 rubygem-passenger-3.0.19-1.el6.x86_64 puppet *** LOCAL GEMS *** puppet (3.1.1) puppet-cleaner (0.3.1, 0.2.0, 0.1.1) puppet-lint (0.3.2) no rpm for puppet rack *** LOCAL GEMS *** rack (1.4.1, 1.1.0) rubygem-rack-1.1.0-2.el6.noarch rake *** LOCAL GEMS *** rake (0.8.7) rubygem-rake-0.8.7-2.1.el6.noarch tzinfo *** LOCAL GEMS *** tzinfo (0.3.33) no rpm for tzinfo -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CANK4U2q7MD38wJMzDOQY9mkE%2B8i%3DzRFXTC7%2Bz9-dRiU8Cp2o%3Dw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Could not intern from pson after server upgrade (again)
On Tue, Jun 3, 2014 at 3:45 PM, Felix Frank felix.fr...@alumni.tu-berlin.de wrote: On 06/03/2014 02:35 PM, Andrei-Florian Staicu wrote: What do you think of the output below? Should I try manually updating the gems that don't come from an rpm? Yeah, I'd try and get rid of at least the puppet and facter gems. Loose as many as you can manage, for mixing gems with other ways of installing ruby applications/libs can be hurtful, from experience. HTH, Felix Well, what can i say... after removing the puppet and facter gems from the server, it worked perfectly. Thanks a lot for your help and patience. When you get in Bucharest, beer is on me. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CANK4U2rSQaE1m0-zeJtqCb808u3-4dgpeZ6Lh3HTu72UAkNXzg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Why does my puppetmaster work happily with webrick but not passenger?
I've long used the built-in webrick server since like the v0.25 days and recently got things serving via passenger just fine. Then I had some issues with puppetdb-1.6 that got straightened out, but I must have made a mess out of my setup while debugging that problem. Here's what I see presently with my master using passenger: # puppet agent --test --noop Info: Retrieving plugin Error: /File[/var/lib/puppet/lib]: Could not evaluate: Could not retrieve information from environment production source(s) puppet://puppet/plugins Notice: /File[/var/lib/puppet/lib/puppet]: Dependency File[/var/lib/puppet/lib] has failures: true Warning: /File[/var/lib/puppet/lib/puppet]: Skipping because of failed dependencies Notice: /File[/var/lib/puppet/lib/puppet/provider]: Dependency File[/var/lib/puppet/lib] has failures: true Warning: /File[/var/lib/puppet/lib/puppet/provider]: Skipping because of failed dependencies ... and lots more Skipping because of failed dependencies and then finishing with: Notice: /File[/var/lib/puppet/lib/puppet/parser/functions/validate_cmd.rb]: Dependency File[/var/lib/puppet/lib] has failures: true Warning: /File[/var/lib/puppet/lib/puppet/parser/functions/validate_cmd.rb]: Skipping because of failed dependencies Info: Loading facts in /etc/puppet/forge_modules/concat/lib/facter/concat_basedir.rb Info: Loading facts in /etc/puppet/forge_modules/stdlib/lib/facter/root_home.rb Info: Loading facts in /etc/puppet/forge_modules/stdlib/lib/facter/puppet_vardir.rb Info: Loading facts in /etc/puppet/forge_modules/stdlib/lib/facter/facter_dot_d.rb Info: Loading facts in /etc/puppet/forge_modules/stdlib/lib/facter/pe_version.rb Info: Loading facts in /etc/puppet/modules/selinux/lib/facter/selinux_simple.rb Info: Loading facts in /var/lib/puppet/lib/facter/root_home.rb Info: Loading facts in /var/lib/puppet/lib/facter/concat_basedir.rb Info: Loading facts in /var/lib/puppet/lib/facter/puppet_vardir.rb Info: Loading facts in /var/lib/puppet/lib/facter/facter_dot_d.rb Info: Loading facts in /var/lib/puppet/lib/facter/selinux_simple.rb Info: Loading facts in /var/lib/puppet/lib/facter/pe_version.rb Warning: Not using cache on failed catalog Error: Could not retrieve catalog; skipping run Error: Could not send report: Error 405 on SERVER: !DOCTYPE HTML PUBLIC -//IETF//DTD HTML 2.0//EN htmlhead title405 Method Not Allowed/title /headbody h1Method Not Allowed/h1 pThe requested method PUT is not allowed for the URL /production/report/mymaster.mydomain.org./p /body/html For the record, I'm using: puppetdb-1.6.2-1.fc20.noarch puppetdb-terminus-1.6.2-1.fc20.noarch puppet-3.4.3-1.fc20.noarch puppet-server-3.4.3-1.fc20.noarch puppetlabs-release-20-10.noarch All of these are from the puppetlabs repo for Fedora 20. Any ideas what might be going on? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/14c97c75-694e-4349-9798-197e2971aa7f%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] mysql value lookup from manifest
Hi, What would be the best way to get a something from mysql? I was looking at hira-mysql, but it doesn't seem to be able to run arbitrary commands. For example, I want to get part of the motd from mysql, depending on the hostname. Up until now, i was using a script, calling it with generate the master side, and using the result in a template: $motd = generate ('/etc/puppet/bin/getmotd',$hostname) But maybe there'a more ... puppet way? Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CANK4U2qxaiyMqTa4cmHr3R6A%2BDCLfP2ZAjMi-wzOmqmxv66jAQ%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: mysql value lookup from manifest
Thanks, I will continue like that. On Thu, Nov 14, 2013 at 1:17 AM, jcbollinger john.bollin...@stjude.orgwrote: On Wednesday, November 13, 2013 2:32:36 PM UTC-6, SAF wrote: Hi, What would be the best way to get a something from mysql? I was looking at hira-mysql, but it doesn't seem to be able to run arbitrary commands. For example, I want to get part of the motd from mysql, depending on the hostname. Up until now, i was using a script, calling it with generate the master side, and using the result in a template: $motd = generate ('/etc/puppet/bin/getmotd',$hostname) But maybe there'a more ... puppet way? If you have a use case that doesn't mesh well with hiera-mysql, then your best options are generate() or your own custom function. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/60ec627b-4906-42bb-9e1b-fe833bdf0561%40googlegroups.com . For more options, visit https://groups.google.com/groups/opt_out. -- Beware of programmers who carry screwdrivers! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CANK4U2pG89Kk%2B1ysHNH5WAVvMp8o6bQVdjxNJ-34-Ned6JhQpg%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Networker module
Hi all, I've been trying to build a module for the networker backup software, however I don't feel confident enought to release it on the forge. While it does the job for my needs, it lacks even the basic spec-ing. I've been trying to get the hang of rspec-puppet, but from all the tutorials i've read, I still couldn't understand why to test with rspec instead of agent --test --noop, how to choose what to test in a module and how these tests are helping, except for checking module integrity. Also, I have exactly zero experience with ruby. Anyway, if there's anyone who would care to take a look at the module, provide any feedback (and maybe suggest some better lecture for rspec), it's here: http://github.com/smarmie/networker Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CANK4U2p1k8jzZ_gLstE5HmjocmF1acyvqOFKt1YH49vvR5Z-Dw%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Managing conflicting forge dependencies
Hi all, How do you manage different forge modules that require conflicting versions for the same module? The most common example is ripienaar/concat vs puppetlabs/concat: puppetlabs/puppetdb requires puppetlabs/postgreql 2.x, which requires ripienaar/concat puppetlabs/apache requires puppetlabs/concat Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Managing conflicting forge dependencies
Yes, that dependency is solved with the puppetdb module upgrade to 3.0 Unfortunately, there are other interesting modules that still depend on ripienaar, such as example42/sudo. I guess I'll just have to wait for updates. Thanks for your time. On an unrelated issue (and since I'm still starting with modules), would this list be a good place to present a new module for review? On Mon, Oct 28, 2013 at 6:42 PM, Garrett Honeycutt g...@garretthoneycutt.comwrote: On Monday, October 28, 2013 9:21:09 AM UTC+1, SAF wrote: Hi all, How do you manage different forge modules that require conflicting versions for the same module? The most common example is ripienaar/concat vs puppetlabs/concat: puppetlabs/puppetdb requires puppetlabs/postgreql 2.x, which requires ripienaar/concat puppetlabs/apache requires puppetlabs/concat Thanks. Looks like you a hit that issue while they were transitioning from ripienaar to puppetlabs. The postgresql module now correctly refers to the new puppetlabs/concat module[1]. As for managing modules that require conflicting versions for dependencies, there is not an easy solution; you have to resolve the dependencies. This usually entails upgrading something. For the specific issue you had above, I believe that would have been caught by librarian-puppet, since it does dependency checking, though it should have just worked if you used librarian-puppet-simple[2]. [1] - https://github.com/puppetlabs/puppetlabs-postgresql/blob/master/Modulefile#L13 [2] - https://github.com/bodepd/librarian-puppet-simple Cheers, -g -- Beware of programmers who carry screwdrivers! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CANK4U2o1trzeh6vQ1etOoM0FqKwEvcpEVoKFMSUSNMdFH10%2B-A%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] using rubygems from epel
Hi, I'm trying to install a new puppet master. The passenger documentation says that I should gem install rack passenger Would it be possible (version-wise) to use instead the epel packages? yum install rubygem-rack rubygem-passenger mod_passenger installs the following versions: rubygem-rack 1.1.0-2.el6 rubygem-passenger 3.0.21-5.el6 mod_passenger 3.0.21-5.el6 Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] b64_zlib_yaml errros after server upgrade to
Thanks. Unfortunately I cannot further post any logs easily. That is the only puppet master instance that I currently run. I could upgrade and retry per request though. One more piece of information: the puppet master runs under passenger (I don't know how to enable --trace in this case). On Thu, Sep 19, 2013 at 4:02 PM, Henrik Nicolaisen h...@esoftsystems.comwrote: On Thursday, September 19, 2013 12:45:43 AM UTC+2, Patrick Carlisle wrote: On Tue, Sep 17, 2013 at 1:14 AM, Andrei-Florian Staicu andrei...@gmail.com wrote: Any idea if this is a recognized bug? I don't think it is. Please file a bug report at projects.puppetlabs.comand we can investigate this further. I created it here https://projects.puppetlabs.com/issues/22614 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out. -- Beware of programmers who carry screwdrivers! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] b64_zlib_yaml errros after server upgrade to
Hi, After upgrading the puppet server to puppet-server-3.3.0-1.el6.noarch, I get the following on a puppet-3.2.2-1.el6.noarch client: puppet agent --test --noop Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not intern from b64_zlib_yaml: invalid bit length repeat Warning: Not using cache on failed catalog Error: Could not retrieve catalog; skipping run However, the erros look different with debug: puppet agent --test --noop --debug Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not intern from b64_zlib_yaml: invalid bit length repeat Warning: Not using cache on failed catalog Error: Could not retrieve catalog; skipping run And with trace: Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not intern from b64_zlib_yaml: invalid bit length repeat /usr/lib/ruby/site_ruby/1.8/puppet/indirector/rest.rb:185:in `is_http_200?' /usr/lib/ruby/site_ruby/1.8/puppet/indirector/rest.rb:100:in `find' /usr/lib/ruby/site_ruby/1.8/puppet/indirector/indirection.rb:197:in `find' /usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:243:in `retrieve_new_catalog' /usr/lib/ruby/site_ruby/1.8/puppet/util.rb:351:in `thinmark' /usr/lib/ruby/1.8/benchmark.rb:308:in `realtime' /usr/lib/ruby/site_ruby/1.8/puppet/util.rb:350:in `thinmark' /usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:242:in `retrieve_new_catalog' /usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:67:in `retrieve_catalog' /usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:107:in `prepare_and_retrieve_catalog' /usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:159:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:45:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/agent/locker.rb:20:in `lock' /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:45:in `run' /usr/lib/ruby/1.8/sync.rb:230:in `synchronize' /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:45:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:119:in `with_client' /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:42:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:84:in `run_in_fork' /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:41:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:179:in `call' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:179:in `controlled_run' /usr/lib/ruby/site_ruby/1.8/puppet/agent.rb:39:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/application/agent.rb:353:in `onetime' /usr/lib/ruby/site_ruby/1.8/puppet/application/agent.rb:327:in `run_command' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:364:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:456:in `plugin_hook' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:364:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/util.rb:504:in `exit_on_fail' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:364:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/util/command_line.rb:132:in `run' /usr/lib/ruby/site_ruby/1.8/puppet/util/command_line.rb:86:in `execute' /usr/bin/puppet:4 Warning: Not using cache on failed catalog Error: Could not retrieve catalog; skipping run Any idea if this is a recognized bug? Thanks. -- Beware of programmers who carry screwdrivers! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: b64_zlib_yaml errros after server upgrade to
Sorry, I pasted the wrong message. These are the errors: puppet agent --test --noop Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not intern from b64_zlib_yaml: invalid code lengths set puppet agent --test --noop --debug Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not intern from b64_zlib_yaml: invalid bit length repeat -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: b64_zlib_yaml errros after server upgrade to
Again, sorry for lots of emails. After updating the client to puppet-3.3.0-1.el6.noarch, i now get the following: puppet agent --test --noop Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not intern from pson: source '%7B%22timestamp%22%3' not in PSON! this message sometimes changes into Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not intern from pson: source '%7B%22expiration%22%' not in PSON! or Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not intern from pson: source '%7B%22values%22%3A%7' not in PSON! After some searching around, i found this: cd /usr/share/puppet-dashboard/config/ ; rake db:migrate , but did not help (and it shouldn't do anything, since the puppetdb was not upgraded). Thanks for any pointers. On Tue, Sep 17, 2013 at 3:29 PM, Andrei-Florian Staicu andrei.sta...@gmail.com wrote: Sorry, I pasted the wrong message. These are the errors: puppet agent --test --noop Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not intern from b64_zlib_yaml: invalid code lengths set puppet agent --test --noop --debug Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not intern from b64_zlib_yaml: invalid bit length repeat -- Beware of programmers who carry screwdrivers! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: b64_zlib_yaml errros after server upgrade to
Well, In case anyone is interested, after a rollback with yum to puppet-server-3.2.4-1.el6.noarch, it works again, with no errors. It also seems to work well with 3.3.0 clients. Thanks. On Tue, Sep 17, 2013 at 4:20 PM, Andrei-Florian Staicu andrei.sta...@gmail.com wrote: Again, sorry for lots of emails. After updating the client to puppet-3.3.0-1.el6.noarch, i now get the following: puppet agent --test --noop Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not intern from pson: source '%7B%22timestamp%22%3' not in PSON! this message sometimes changes into Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not intern from pson: source '%7B%22expiration%22%' not in PSON! or Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not intern from pson: source '%7B%22values%22%3A%7' not in PSON! After some searching around, i found this: cd /usr/share/puppet-dashboard/config/ ; rake db:migrate , but did not help (and it shouldn't do anything, since the puppetdb was not upgraded). Thanks for any pointers. On Tue, Sep 17, 2013 at 3:29 PM, Andrei-Florian Staicu andrei.sta...@gmail.com wrote: Sorry, I pasted the wrong message. These are the errors: puppet agent --test --noop Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not intern from b64_zlib_yaml: invalid code lengths set puppet agent --test --noop --debug Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not intern from b64_zlib_yaml: invalid bit length repeat -- Beware of programmers who carry screwdrivers! -- Beware of programmers who carry screwdrivers! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: yum provider executes rpm -e?
On Tuesday, June 30, 2009 6:22:26 PM UTC-4, lutter wrote: The basic issue is that puppet doesn't know about dependencies (not sure it should), but once you throw 'yum -y erase' into the mix, it becomes very easy to write inconsistent manifests, where a package erase removes a package that is explicitly mentioned by the manifest for install - sure the next puppet run will then install that package again, but in the meantime, you have a very broken system as the 'yum erase file' example shows. I don't buy it. I would MUCH rather have puppet go all cyclical like that than not have any decent way to remove packages. At least if I saw that behavior, I could intervene and make things better. Instead I can't make things work at all short of creating my own definition which just wraps an exec of yum -y remove $name anyway. If someone really wants the super conservative behavior, let them use the 'rpm' provider, but lets make the 'yum' provider do what yum was intended to do in the first place, manage dependencies! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: yum provider executes rpm -e?
On Tuesday, June 30, 2009 4:58:33 AM UTC-4, Peter Meier wrote: While looking at the code and http://reductivelabs.com/trac/puppet/wiki/TypeReference#package you'll also see that the yum provider is purgeable and that the yum provider has an own purge method. So if this would fit your needs you can set ensure to purged and it would use yum -y erase $package I tried this but it's worse than my own definition that wraps an exec around a yum -y remove $name. The problem with ensure = purged is that puppet isn't smart enough to realize the package is already purged so it attempts removal every time. The first time does work, but the remainder just make gobs of tagmail spam. FTR, here's what I'm going back to, in case anyone finds it helpful: define yum::remove { exec { yum -y remove ${name}: onlyif = rpm -q ${name}, } } -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] if defined not working when class is enlcosed within Class[ ]
Hi, I am learning puppet using version 2.7.18 on a fresh ubuntu install. I am trying to test this module https://github.com/liamjbennett/puppet-sabnzbd/blob/master/manifests/init.ppbut I'm having trouble with the if defined(Class['supervisor::service']) section in that it doesn't get run even though the supervisor module is installed. If i put else{ notice(supervisor not defined?) } on the end then I see that notice msg in the 'puppet apply --debug' output. This supervisor module is downloaded/installed OK from Puppet Forge and if I either a) comment out the 'if defined' then it works as expected b) *change the if *defined(Class['supervisor::service']) to read if defined( 'supervisor::service') then it also works as expected. As you can see there is an include supervisor at top of the class which I'm guessing isn't being called in the order needed for the 'if defined' to work and the one without the Class[ ] must work because puppet auto loads the modules from the modulepath and checks if that namespace and module exist? This is all new to me so i could be very wrong but can anyone explain given that init.pp why the 'if defined' isn't working and what is the best way to achieve what the 'if defined' is there for and that's to see if the supervisor module is installed/loaded before entering the if statement and using the module? Many thanks for reading fLo -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: if defined not working when class is enlcosed within Class[ ]
ok, that's great. Thanks for the help. The puppet-docs it says: *Modules are how Puppet finds the classes and types it can use* — it automatically loads any classhttp://docs.puppetlabs.com/puppet/2.7/reference/lang_classes.html or defined typehttp://docs.puppetlabs.com/puppet/2.7/reference/lang_defined_types.html stored in its modules. With this in mind, if *if *defined(Class[ ]) checks for classes.. and in my case 'supervisor::service' is as you mentioned not a class but a define. Is there an equivalent like if defined(Define[ ]) or is best practice to continue using if defined('supervisor::service') to just check for anything of that name. Thanks again fLo On Monday, 19 August 2013 23:33:09 UTC+8, Florian Gray Jones wrote: Hi, I am learning puppet using version 2.7.18 on a fresh ubuntu install. I am trying to test this module https://github.com/liamjbennett/puppet-sabnzbd/blob/master/manifests/init.ppbut I'm having trouble with the if defined(Class['supervisor::service']) section in that it doesn't get run even though the supervisor module is installed. If i put else{ notice(supervisor not defined?) } on the end then I see that notice msg in the 'puppet apply --debug' output. This supervisor module is downloaded/installed OK from Puppet Forge and if I either a) comment out the 'if defined' then it works as expected b) *change the if *defined(Class['supervisor::service']) to read if defined('supervisor::service') then it also works as expected. As you can see there is an include supervisor at top of the class which I'm guessing isn't being called in the order needed for the 'if defined' to work and the one without the Class[] must work because puppet auto loads the modules from the modulepath and checks if that namespace and module exist? This is all new to me so i could be very wrong but can anyone explain given that init.pp why the 'if defined' isn't working and what is the best way to achieve what the 'if defined' is there for and that's to see if the supervisor module is installed/loaded before entering the if statement and using the module? Many thanks for reading fLo -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] passwordless ssh
Isn't this somewhat described here? http://docs.puppetlabs.com/guides/exported_resources.html On Fri, Apr 26, 2013 at 9:12 PM, Jerald Sheets que...@gmail.com wrote: Not here. I'm in one of those environments. :) On Apr 26, 2013, at 2:04 PM, Bert Cauwelier bertber...@hotmail.com wrote: thx, any possible instant working puppet module for distributing the key's and allow passwordless ssh 2013/4/26 Jerald Sheets que...@gmail.com Stay careful that if you're in a PCI/SOX/ITIL environment, it may be against policy to provide this between hosts under certain circumstances. YMMV. On Apr 26, 2013, at 1:46 PM, Dan White y...@comcast.net wrote: Two different questions. Best: http://www.thegeekstuff.com/2008/11/3-steps-to-perform-ssh-login-without-password-using-ssh-keygen-ssh-copy-id/ Easiest ? Fastest ? Cheapest ? Pick one, maybe two. You ain't gonna get all three “Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.” Bill Waterson (Calvin Hobbes) -- *From: *Bert Cauwelier bertbert...@gmail.com *To: *puppet-users@googlegroups.com *Sent: *Friday, April 26, 2013 1:34:15 PM *Subject: *[Puppet Users] passwordless ssh What is the best and easy't way to let all nodes ssh passwordless to each other ? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to a topic in the Google Groups Puppet Users group. To unsubscribe from this topic, visit https://groups.google.com/d/topic/puppet-users/IwUQLI54IHQ/unsubscribe?hl=en . To unsubscribe from this group and all its topics, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- Beware of programmers who carry screwdrivers! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Get class members
Hi, For clusters, we use a script called allnodes, that let's us easily execute stuff on (surprise) all cluster nodes. The script is easily deployed by puppet, but uses a config file, which is just the list of hostnames. We cannot get this list dynamically from the cluster (for example via hasys -list), because we might want to run commands when the cluster is down or incomplete. However, all cluster nodes belong to the same class, like so: class veritastest { some stuff here } node 'host1' inherits default { include veritastest other stuff } node 'host2' inherits default { include veritastest other stuff } Is there a way to generate (in the class definition), with an erb template a file that shows just host1 host2 ? And, of course the file should modify itself as new nodes are added to the cluster. Thanks. -- Beware of programmers who carry screwdrivers! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Manifest changes not applied
Hi, I have right now puppet 3.1.1, with the server on apache. From time tot time, I have the following problem: on an agent, i do puppet agent --test, the manifest gets applied, with configuration version (let's say) 1365671863. After that, I modify the manifest for that node, try again puppet agent --test, and no changes show up in the list of Notices, nor does the configuration version change. If I go on the the puppet master and restart httpd, the manifest changes will be applied immediately, and the configuration version will change to the correct timestamp. This also happens sometimes with new nodes; only the default manifest gets applied and, after a httpd restart, the correct manifest gets applied also. Could you help with some pointers on where to start debugging this? Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Can't convert Puppet::Util::Log into Integer
Hi all, Could anyone help me at least start debugging this issue? All agents have the same error, but i can't find anything on the master-side logs. And the agent-side logs are non-existent (/var/log/puppet is empty). Thanks. Versions: Master: Red Hat Enterprise Linux Server release 6.3 puppet-server-3.1.0-1.el6.noarch puppetdb-1.1.1-1.el6.noarch puppetdb-terminus-1.1.1-1.el6.noarch puppet-dashboard-1.2.21-1.el6.noarch puppet-3.1.0-1.el6.noarch Agents: Red Hat Enterprise Linux Server release 6.3 puppet-3.1.0-1.el6.noarch [root@somvat121892 ~]# puppet agent --test --verbose --debug Debug: Using settings: adding file resource 'lastrunfile': 'File[/var/lib/puppet/state/last_run_summary.yaml]{:links=:follow, :ensure=:file, :backup=false, :mode=644, :path=/var/lib/puppet/state/last_run_summary.yaml, :loglevel=:debug}' Debug: Failed to load library 'ldap' for feature 'ldap' Debug: Puppet::Type::User::ProviderLdap: feature ldap is missing Debug: Puppet::Type::User::ProviderPw: file pw does not exist Debug: Puppet::Type::User::ProviderUser_role_add: file roleadd does not exist Debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dsimport does not exist Debug: Failed to load library 'ldap' for feature 'ldap' Debug: Puppet::Type::Group::ProviderLdap: feature ldap is missing Debug: Puppet::Type::Group::ProviderPw: file pw does not exist Debug: Puppet::Type::Group::ProviderDirectoryservice: file /usr/bin/dscl does not exist Debug: Using settings: adding file resource 'logdir': 'File[/var/log/puppet]{:links=:follow, :group=puppet, :ensure=:directory, :backup=false, :owner=puppet, :mode=750, :path=/var/log/puppet, :loglevel=:debug}' Debug: Using settings: adding file resource 'certdir': 'File[/var/lib/puppet/ssl/certs]{:links=:follow, :ensure=:directory, :backup=false, :owner=puppet, :path=/var/lib/puppet/ssl/certs, :loglevel=:debug}' Debug: Using settings: adding file resource 'graphdir': 'File[/var/lib/puppet/state/graphs]{:links=:follow, :ensure=:directory, :backup=false, :path=/var/lib/puppet/state/graphs, :loglevel=:debug}' Debug: Using settings: adding file resource 'requestdir': 'File[/var/lib/puppet/ssl/certificate_requests]{:links=:follow, :ensure=:directory, :backup=false, :owner=puppet, :path=/var/lib/puppet/ssl/certificate_requests, :loglevel=:debug}' Debug: Using settings: adding file resource 'clientyamldir': 'File[/var/lib/puppet/client_yaml]{:links=:follow, :ensure=:directory, :backup=false, :mode=750, :path=/var/lib/puppet/client_yaml, :loglevel=:debug}' Debug: Using settings: adding file resource 'hostprivkey': 'File[/var/lib/puppet/ssl/private_keys/somvat121892.pem]{:links=:follow, :ensure=:file, :backup=false, :owner=puppet, :mode=600, :path=/var/lib/puppet/ssl/private_keys/somvat121892.pem, :loglevel=:debug}' Debug: Using settings: adding file resource 'resourcefile': 'File[/var/lib/puppet/state/resources.txt]{:links=:follow, :ensure=:file, :backup=false, :owner=root, :mode=640, :path=/var/lib/puppet/state/resources.txt, :loglevel=:debug}' Debug: Using settings: adding file resource 'lastrunreport': 'File[/var/lib/puppet/state/last_run_report.yaml]{:links=:follow, :ensure=:file, :backup=false, :mode=640, :path=/var/lib/puppet/state/last_run_report.yaml, :loglevel=:debug}' Debug: Using settings: adding file resource 'confdir': 'File[/etc/puppet]{:links=:follow, :ensure=:directory, :backup=false, :path=/etc/puppet, :loglevel=:debug}' Debug: Using settings: adding file resource 'ssldir': 'File[/var/lib/puppet/ssl]{:links=:follow, :ensure=:directory, :backup=false, :owner=puppet, :mode=771, :path=/var/lib/puppet/ssl, :loglevel=:debug}' Debug: Using settings: adding file resource 'privatekeydir': 'File[/var/lib/puppet/ssl/private_keys]{:links=:follow, :ensure=:directory, :backup=false, :owner=puppet, :mode=750, :path=/var/lib/puppet/ssl/private_keys, :loglevel=:debug}' Debug: Using settings: adding file resource 'client_datadir': 'File[/var/lib/puppet/client_data]{:links=:follow, :ensure=:directory, :backup=false, :mode=750, :path=/var/lib/puppet/client_data, :loglevel=:debug}' Debug: Using settings: adding file resource 'hostpubkey': 'File[/var/lib/puppet/ssl/public_keys/somvat121892.pem]{:links=:follow, :ensure=:file, :backup=false, :owner=puppet, :mode=644, :path=/var/lib/puppet/ssl/public_keys/somvat121892.pem, :loglevel=:debug}' Debug: Using settings: adding file resource 'libdir': 'File[/var/lib/puppet/lib]{:links=:follow, :ensure=:directory, :backup=false, :path=/var/lib/puppet/lib, :loglevel=:debug}' Debug: Using settings: adding file resource 'statedir': 'File[/var/lib/puppet/state]{:links=:follow, :ensure=:directory, :backup=false, :mode=1755, :path=/var/lib/puppet/state, :loglevel=:debug}' Debug: Using settings: adding file resource 'vardir': 'File[/var/lib/puppet]{:links=:follow, :ensure=:directory, :backup=false, :path=/var/lib/puppet, :loglevel=:debug}' Debug: Using settings: adding file resource 'publickeydir': 'File[/var/lib/puppet/ssl/public_keys]{:links=:follow,
Solved: [Puppet Users] Can't convert Puppet::Util::Log into Integer
Hello, It seems that, for one reason or another, two thing happened: the postgres for puppetdb was dead, and the puppetmaster service was started, even though it's run from apache. After a bit of cleanup, everything works now. Thanks for your suggestion, and sorry for the stupid issue. On Tue, Mar 26, 2013 at 11:43 AM, Keith Burdis ke...@burdis.org wrote: The agent only writes logs under /var/log/puppet if you run it as a service - for example using: $ service puppet once (Note that due to buffering it may take a few seconds for entries to appear in puppet.log.) There are a number of existing issues that could be related to your problem (#17297, #17887, #19344) but none of these appear to have a fix yet. Things to try: 1) File ownership on your master: # chown -R puppet:puppet /etc/puppet /var/lib/puppet 2) Upgrading to 3.1.1. If that doesn't work then post your puppet.conf. - Keith - Keith On 26 March 2013 09:04, Andrei-Florian Staicu andrei.sta...@gmail.comwrote: Hi all, Could anyone help me at least start debugging this issue? All agents have the same error, but i can't find anything on the master-side logs. And the agent-side logs are non-existent (/var/log/puppet is empty). Thanks. Versions: Master: Red Hat Enterprise Linux Server release 6.3 puppet-server-3.1.0-1.el6.noarch puppetdb-1.1.1-1.el6.noarch puppetdb-terminus-1.1.1-1.el6.noarch puppet-dashboard-1.2.21-1.el6.noarch puppet-3.1.0-1.el6.noarch Agents: Red Hat Enterprise Linux Server release 6.3 puppet-3.1.0-1.el6.noarch [root@somvat121892 ~]# puppet agent --test --verbose --debug Debug: Using settings: adding file resource 'lastrunfile': 'File[/var/lib/puppet/state/last_run_summary.yaml]{:links=:follow, :ensure=:file, :backup=false, :mode=644, :path=/var/lib/puppet/state/last_run_summary.yaml, :loglevel=:debug}' Debug: Failed to load library 'ldap' for feature 'ldap' Debug: Puppet::Type::User::ProviderLdap: feature ldap is missing Debug: Puppet::Type::User::ProviderPw: file pw does not exist Debug: Puppet::Type::User::ProviderUser_role_add: file roleadd does not exist Debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dsimport does not exist Debug: Failed to load library 'ldap' for feature 'ldap' Debug: Puppet::Type::Group::ProviderLdap: feature ldap is missing Debug: Puppet::Type::Group::ProviderPw: file pw does not exist Debug: Puppet::Type::Group::ProviderDirectoryservice: file /usr/bin/dscl does not exist Debug: Using settings: adding file resource 'logdir': 'File[/var/log/puppet]{:links=:follow, :group=puppet, :ensure=:directory, :backup=false, :owner=puppet, :mode=750, :path=/var/log/puppet, :loglevel=:debug}' Debug: Using settings: adding file resource 'certdir': 'File[/var/lib/puppet/ssl/certs]{:links=:follow, :ensure=:directory, :backup=false, :owner=puppet, :path=/var/lib/puppet/ssl/certs, :loglevel=:debug}' Debug: Using settings: adding file resource 'graphdir': 'File[/var/lib/puppet/state/graphs]{:links=:follow, :ensure=:directory, :backup=false, :path=/var/lib/puppet/state/graphs, :loglevel=:debug}' Debug: Using settings: adding file resource 'requestdir': 'File[/var/lib/puppet/ssl/certificate_requests]{:links=:follow, :ensure=:directory, :backup=false, :owner=puppet, :path=/var/lib/puppet/ssl/certificate_requests, :loglevel=:debug}' Debug: Using settings: adding file resource 'clientyamldir': 'File[/var/lib/puppet/client_yaml]{:links=:follow, :ensure=:directory, :backup=false, :mode=750, :path=/var/lib/puppet/client_yaml, :loglevel=:debug}' Debug: Using settings: adding file resource 'hostprivkey': 'File[/var/lib/puppet/ssl/private_keys/somvat121892.pem]{:links=:follow, :ensure=:file, :backup=false, :owner=puppet, :mode=600, :path=/var/lib/puppet/ssl/private_keys/somvat121892.pem, :loglevel=:debug}' Debug: Using settings: adding file resource 'resourcefile': 'File[/var/lib/puppet/state/resources.txt]{:links=:follow, :ensure=:file, :backup=false, :owner=root, :mode=640, :path=/var/lib/puppet/state/resources.txt, :loglevel=:debug}' Debug: Using settings: adding file resource 'lastrunreport': 'File[/var/lib/puppet/state/last_run_report.yaml]{:links=:follow, :ensure=:file, :backup=false, :mode=640, :path=/var/lib/puppet/state/last_run_report.yaml, :loglevel=:debug}' Debug: Using settings: adding file resource 'confdir': 'File[/etc/puppet]{:links=:follow, :ensure=:directory, :backup=false, :path=/etc/puppet, :loglevel=:debug}' Debug: Using settings: adding file resource 'ssldir': 'File[/var/lib/puppet/ssl]{:links=:follow, :ensure=:directory, :backup=false, :owner=puppet, :mode=771, :path=/var/lib/puppet/ssl, :loglevel=:debug}' Debug: Using settings: adding file resource 'privatekeydir': 'File[/var/lib/puppet/ssl/private_keys]{:links=:follow, :ensure=:directory, :backup=false, :owner=puppet, :mode=750, :path=/var/lib/puppet/ssl/private_keys, :loglevel=:debug}' Debug: Using settings: adding file
[Puppet Users] (offtopic) Viewing dependency graphs
Hi all, I know it's offtopic but, after 12 hours of digging and testing, maybe you can help me: I have all the graphs from the agents downloaded to a central server, and I'd like to be able to view them there. Converting them to png's is useless, singe the resulting images are huge. Anyone of know of a good applet or ... anything that I could embed in a web page to view .dot files? I tried some applets, like GView and . But: Grappa is a nightmare, ZGRViewer does not support re-layouting. The best that I could find is canviz, but I don't know any javascript. As a last resort, any way to import .dot files in FreePlane/FreeMind? Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] user resource, get password from command on master
Hi all, I started managing users with puppet (3). Right now it works ok, but I have to change the hash manually in the manifest files. I would like users to login to the puppet master and change the password for themselves. Could I do something like this? password = `grep $user /etc/shadow | awk -F ':' '{print $2}', Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] user resource, get password from command on master
On Mon, Dec 10, 2012 at 10:28 AM, Martin Alfke tux...@gmail.com wrote: Hi Andrei, On 10.12.2012, at 09:22, Andrei-Florian Staicu wrote: Hi all, I started managing users with puppet (3). Right now it works ok, but I have to change the hash manually in the manifest files. I would like users to login to the puppet master and change the password for themselves. Could I do something like this? password = `grep $user /etc/shadow | awk -F ':' '{print $2}', Thanks. You want to make use of a function: http://docs.puppetlabs.com/references/latest/function.html Functions get executed on the master. hth, Martin Hi Martin, and thanks for the quick answer. Do you happen to know with what user do the scripts get executed on the master? I it's not root, i might have to stick some sudos in there. Thanks. -- Beware of programmers who carry screwdrivers! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] how to trigger puppet run on agents remotely
On Wed, Oct 31, 2012 at 8:57 PM, Nishant Jain nishant.cit...@gmail.com wrote: Hello Everybody, I am looking for a way to trigger puppet rum remotely. so that i don't need to login into individual nodes and perform the puppet agent --test from there. Is there any alternative to puppet kick in puppet 3.0, since its being deprecated in telly. Also , can anybody tell how to configure foreman 1 to trigger puppet run from the gui in puppet 3.0 I have puppet 3.0 installed on RHEL 6. My 50c: since mcollective is still fuzzy for me, i ended up using pssh (with ssh keys, of course). Just pssh -h hostlist -i puppet agent --test -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] ERB template, both client and master data
Hi all, I'm trying to build a motd template for all my linux machines. This should contain two type of variables: - client side (from facter), like operatingsystem and architecture - supplied by the master, after parsing a text file (or querying a mysql db), like description and location. So. Where are the template variables evaluated? On the client or on the master? Any hints on how I can do this? Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] mcollective tcp port
Hi all, I'm trying to prepare a common config for the DMZ hosts, and also to account for future infrastructure upgrades. Right now, I'm using only the puppet agent, triggered via SSH. This mean an open port 8140, from the client to the puppetmaster (is it required also the other way around?). I would like in the future to move to mcollective. Do you know what tcp port i should allow? The direction should be from the puppetmaster to the client. Do I need it also the other way around? Thanks. -- Beware of programmers who carry screwdrivers! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] mcollective tcp port
On Tue, Oct 9, 2012 at 10:21 AM, R.I.Pienaar r...@devco.net wrote: - Original Message - From: Andrei-Florian Staicu andrei.sta...@gmail.com To: puppet-users@googlegroups.com Sent: Tuesday, October 9, 2012 7:28:25 AM Subject: [Puppet Users] mcollective tcp port Hi all, I'm trying to prepare a common config for the DMZ hosts, and also to account for future infrastructure upgrades. Right now, I'm using only the puppet agent, triggered via SSH. This mean an open port 8140, from the client to the puppetmaster (is it required also the other way around?). I would like in the future to move to mcollective. Do you know what tcp port i should allow? The direction should be from the puppetmaster to the client. Do I need it also the other way around? Like puppet its from managed node - puppet master, usually port 61613 though you can pick any So there's no push involved? Only the client polls the servers? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] mcollective tcp port
On Tue, Oct 9, 2012 at 10:36 AM, R.I.Pienaar r...@devco.net wrote: - Original Message - From: Andrei-Florian Staicu andrei.sta...@gmail.com To: puppet-users@googlegroups.com Sent: Tuesday, October 9, 2012 8:29:41 AM Subject: Re: [Puppet Users] mcollective tcp port On Tue, Oct 9, 2012 at 10:21 AM, R.I.Pienaar r...@devco.net wrote: - Original Message - From: Andrei-Florian Staicu andrei.sta...@gmail.com To: puppet-users@googlegroups.com Sent: Tuesday, October 9, 2012 7:28:25 AM Subject: [Puppet Users] mcollective tcp port Hi all, I'm trying to prepare a common config for the DMZ hosts, and also to account for future infrastructure upgrades. Right now, I'm using only the puppet agent, triggered via SSH. This mean an open port 8140, from the client to the puppetmaster (is it required also the other way around?). I would like in the future to move to mcollective. Do you know what tcp port i should allow? The direction should be from the puppetmaster to the client. Do I need it also the other way around? Like puppet its from managed node - puppet master, usually port 61613 though you can pick any So there's no push involved? Only the client polls the servers? a persistant connection is made from managed node to the middleware broker and comms over that TCP connection is bi-directional Excellent. Thanks a lot for your explanation. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] upgrade to 3.0, ruby and rhel 5
Hi all, I wanted to upgrade today the clients to 3.0 but, for RHEL 5, ruby 1.8.7 is not in the official repos. If we upgrade from the official (1.8.5) package to the puppetlabs provided one, there is a good chance that we will lose support for several applications that we are running. Is there a way around this? (except upgrading to PE, which will come next year :D ) Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] upgrade to 3.0, ruby and rhel 5
On Tue, Oct 9, 2012 at 7:55 PM, Matthaus Owens matth...@puppetlabs.com wrote: Oh, sorry, I didn't understand what you had written before responding. Please ignore my reply :). No worries, thanks for replying. Another solution/question would be: could i function properly with puppetmaster 3.0 and clients 2.7.19 (on RHEL 5 only) for the next half of year? Or might I run into some kind of horrendous incompatibilities (except the puppetd-never-ending-run problem). -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet 3.0 deprecates the kick command
On Tue, Oct 2, 2012 at 9:06 PM, Corby Wilson corb...@gmail.com wrote: I use the command puppet kick to do remote triggers of a 60 node cluster. In the new release (3.0) it deprecated the command and the command fails with: Error: Host lcms-dn1.aws.tie.noklab.net failed: Error 400 on SERVER: Could not find indirection 'run' (I use Passenger on Apache) The web page it gives for reference: http://links.puppetlabs.com/puppet-kick-deprecation is a dummy to the deprecation bug. What are we supposed to use to remote trigger puppet reloads? I've dropped puppet kick (and even the agents) in favor of using pssh. If you use something like pssh -h clientlist -o out -e err puppet agent --test you can more easily browse the results afterwards. You can even set the parallelism, so you don't choke the master or the network. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] (again) configuration client already in progress
Hi all, I know this issue was discussed ad nauseam, but I did'nt find any of the solution applicable to me. So, the situation: I have 60 clients managed by puppet. All are RHEL 5/6, almost up-to-date regarding packages. All of them have puppet 2.7.19.-1.el(5|6). I have 14 client that won't go out of status unresponsive in dashboard, no matter what i try. Yes, if i stop the puppet service, i can do puppet agent --test, so it's not about the lockfile or the pidfile. The thing is, I can't find any common denominator between these systems. Can anyone help me at least start debugging the problem? Thanks For example, this is one of these clients: [root@server ~]# service puppet status puppetd (pid 18745) is running... [root@server ~]# puppet agent --test --noop notice: Ignoring --listen on onetime run notice: Run of Puppet configuration client already in progress; skipping [root@server ~]# puppet agent --test notice: Ignoring --listen on onetime run notice: Run of Puppet configuration client already in progress; skipping [root@server ~]# ps aux|grep puppet root 18745 0.0 0.6 135716 43308 ?Ssl 11:09 0:00 /usr/bin/ruby /usr/sbin/puppetd root 21691 0.0 0.0 61216 756 pts/3S+ 13:11 0:00 grep puppet [root@server ~]# strace -p 18745 Process 18745 attached - interrupt to quit select(9, [5 8], [], [], {0, 352000}) = 0 (Timeout) gettimeofday({1348222311, 65252}, NULL) = 0 select(9, [5 8], [], [], {0, 0})= 0 (Timeout) select(9, [8], [], [], {0, 0}) = 0 (Timeout) rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 gettimeofday({1348222311, 65523}, NULL) = 0 gettimeofday({1348222311, 65554}, NULL) = 0 select(9, [5 8], [], [], {1, 69}) = 0 (Timeout) gettimeofday({1348222313, 66214}, NULL) = 0 select(9, [5 8], [], [], {0, 0})= 0 (Timeout) select(9, [8], [], [], {0, 0}) = 0 (Timeout) rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 gettimeofday({1348222313, 66492}, NULL) = 0 gettimeofday({1348222313, 66532}, NULL) = 0 select(9, [5 8], [], [], {1, 60}) = 0 (Timeout) gettimeofday({1348222315, 66207}, NULL) = 0 select(9, [5 8], [], [], {0, 285}) = 0 (Timeout) gettimeofday({1348222315, 67169}, NULL) = 0 select(9, [5 8], [], [], {0, 0})= 0 (Timeout) select(9, [8], [], [], {0, 0}) = 0 (Timeout) rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 gettimeofday({1348222315, 67538}, NULL) = 0 gettimeofday({1348222315, 67620}, NULL) = 0 select(9, [5 8], [], [], {1, 17}) = 0 (Timeout) gettimeofday({1348222317, 68249}, NULL) = 0 select(9, [5 8], [], [], {0, 0})= 0 (Timeout) select(9, [8], [], [], {0, 0}) = 0 (Timeout) rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 gettimeofday({1348222317, 68623}, NULL) = 0 gettimeofday({1348222317, 68672}, NULL) = 0 select(9, [5 8], [], [], {1, 51}) = 0 (Timeout) gettimeofday({1348222319, 70221}, NULL) = 0 select(9, [5 8], [], [], {0, 0})= 0 (Timeout) select(9, [8], [], [], {0, 0}) = 0 (Timeout) rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 gettimeofday({1348222319, 70455}, NULL) = 0 gettimeofday({1348222319, 70486}, NULL) = 0 select(9, [5 8], [], [], {1, 69}) = 0 (Timeout) gettimeofday({1348222321, 70191}, NULL) = 0 select(9, [5 8], [], [], {0, 264}) = 0 (Timeout) gettimeofday({1348222321, 71164}, NULL) = 0 select(9, [5 8], [], [], {0, 0})= 0 (Timeout) select(9, [8], [], [], {0, 0}) = 0 (Timeout) rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 gettimeofday({1348222321, 71503}, NULL) = 0 gettimeofday({1348222321, 71553}, NULL) = 0 select(9, [5 8], [], [], {1, 49} unfinished ... -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Where to execute script to add server to Zabbix monitoring system?
hi, do you use the zabbix agent? if you, the agent can autoregister itself so no custom script is needed regards flo Am 12.09.2012 um 01:28 schrieb JeremyCampbell jeremycampbel...@gmail.com: I've written a script which adds a new server to our Zabbix monitoring system using their api. This script contains the api username and password so I wouldn't want it sitting on the puppet clients. I assume to execute it on the puppetmaster side I need to configure the script as a custom function? And to avoid the script from contacting the Zabbix server every run, it could write the host name to a file which it checks beforehand. Would that be the way to go or are there any better approaches? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/zpww3ilJjlMJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] PuppetDB Replication
hi, hm why do you not using the postgresql replication? (wal sync with versions prior to 9 and streaming replication with 9+) regards flo Am 06.09.2012 um 20:03 schrieb tsuave trikosu...@gmail.com: I have puppetdb setup on our puppetmaster with a postgreSQL DB setup on two servers db1 and db2. I am trying to setup replication between db1 and db2, using rubyrep. Rubyrep can copy the data but not the schema. I tired to dump the schema of a DB after puppet has connected to use as a template to create both DBs, start the replication, and then connect the puppetdb. Unfortunately, when puppetdb connects to a db that already has a schema/tables created, I get the following: 2012-09-06 10:44:51,102 ERROR [main] [puppetlabs.utils] Uncaught exception java.lang.NullPointerException at clojure.lang.Numbers.ops(Numbers.java:942) at clojure.lang.Numbers.gt(Numbers.java:227) at com.puppetlabs.puppetdb.scf.migrate$pending_migrations$fn__1296.invoke(migrate.clj:184) at clojure.core$filter$fn__3830.invoke(core.clj:2478) at clojure.lang.LazySeq.sval(LazySeq.java:42) at clojure.lang.LazySeq.seq(LazySeq.java:60) at clojure.lang.RT.seq(RT.java:466) at clojure.core$seq.invoke(core.clj:133) at clojure.core$reduce.invoke(core.clj:5994) at clojure.core$into.invoke(core.clj:6005) at com.puppetlabs.puppetdb.scf.migrate$pending_migrations.invoke(migrate.clj:184) at com.puppetlabs.puppetdb.scf.migrate$migrate_BANG_.invoke(migrate.clj:190) at com.puppetlabs.puppetdb.cli.services$_main$fn__8398.invoke(services.clj:250) at clojure.java.jdbc.internal$with_connection_STAR_.invoke(internal.clj:186) at com.puppetlabs.puppetdb.cli.services$_main.doInvoke(services.clj:249) at clojure.lang.RestFn.invoke(RestFn.java:421) at clojure.lang.Var.invoke(Var.java:405) at clojure.lang.AFn.applyToHelper(AFn.java:163) at clojure.lang.Var.applyTo(Var.java:518) at clojure.core$apply.invoke(core.clj:600) at com.puppetlabs.puppetdb.core$_main.doInvoke(core.clj:80) at clojure.lang.RestFn.applyTo(RestFn.java:137) at com.puppetlabs.puppetdb.core.main(Unknown Source) 2012-09-06 10:44:51,106 INFO [Thread-4] [cli.services] Shutdown request received; puppetdb exiting. Also, If we connect puppetdb to a blank db and it creates any data, the replication will not work because the data will be duplicated. There seems to be a way to do if if we connect to db1 and then db2 without any nodes checking in, it should work fine from there. We want to automate the builds and replication, so going through these motions would be hard to automate, and if a node checks in while either db is connect and data is created, it wont replicate. Does anyone know of a way I can create the puppetdb schema without connecting the puppetdb service to the empty database that will not cause the above exception? I would like to create puppetdb on db1 and db2, load the schema, start the replication and then connect puppetdb to a load balancer that can choose either db1 or db2 and work correctly because of replication. Anyone have a better idea than rubyrep? Thanks! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/kr4Ogs6iskoJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] dmz network configuration
Hi all, I need to install puppet agent on some DMZ hosts, so I need to have all TCP ports. Can anyone tell me what the data flow is between agents and the master? Also, what would be the case when using MCollective, inseatad of puppet kick? Thanks. -- Beware of programmers who carry screwdrivers! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Custom Facts accessible via Facter
Try Facter - p Regards Am 16.08.2012 um 07:43 schrieb Douglas Garstang doug.garst...@gmail.com: I don't get it. I just wrote a simple test custom fact in ruby (ugh, I hate ruby) and was able to access it as a variable on the client side. However, it doesn't appear in the facter output. Is is supposed to? Doug -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Installing hiera
Hi, Have you the hiera Files in the puppet libdir e.g /var/lib/puppet/lib ? Regards Am 25.06.2012 um 17:15 schrieb llow...@oreillyauto.com llow...@oreillyauto.com: On a related note, I saw a post where someone had a similar problem, but they fixed it by adding/creating some missing default file - but they did not elaborate. Any ideas on what that may be, so I can check it out? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/eUxkzp8_4qIJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Installing hiera
this is my /var/lib/puppet/lib [root@foreman-proxya01 lib]# tree . ├── hiera │ ├── backend │ │ └── puppet_backend.rb │ └── scope.rb └── puppet └── parser └── functions ├── foreman.rb ├── hiera_array.rb ├── hiera_hash.rb ├── hiera_include.rb └── hiera.rb On Mon, Jun 25, 2012 at 5:34 PM, llow...@oreillyauto.com llow...@oreillyauto.com wrote: On Monday, June 25, 2012 10:21:20 AM UTC-5, Florian Koch wrote: Hi, Have you the hiera Files in the puppet libdir e.g /var/lib/puppet/lib ? No, I do not, actually. Which files need to go there? The stuff in /var/lib/gems/1.8/gems/hiera-0.3.0/lib/ ? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/Vd1FW3XHlOoJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] certname=hostname SSL errors
Hi all, I ran into the following problem: Until now, i used fqdn as certname (i.e. had no certname defined in puppet.conf, so defaults applied) and everything worked fine. However, I wanted to use tthe short hostname as certname, so I redeployed the puppet.conf file, re-generated the certificates and signed them, and removed the old certificates from the master. Now I have the following status: - errors in dashboard: Could not retrieve catalog from remote server: Error 403 on SERVER: Forbidden request: FQDN(IP) access to /catalog/HOSTNAME [find] authenticated at line 3 - errors on puppet kick HOSTNAME: Host HOSTNAME failed: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed. This is often because the time is out of sync on the server or client HOSTNAME finished with exit code 2 Failed: HOSTNAME However, puppet agent --test works ok. Can you help me get to the bottom of this? Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] certname=hostname SSL errors
On Fri, Jun 8, 2012 at 11:54 AM, Felix Frank felix.fr...@alumni.tu-berlin.de wrote: Hi, On 06/08/2012 10:50 AM, Andrei-Florian Staicu wrote: so I redeployed the puppet.conf file, re-generated the certificates and signed them, and removed the old certificates from the master. However, puppet agent --test works ok. are you running in agent mode (as opposed to cron)? Have you tried restarting one of the afflicted puppet agent processes? Nh, it couldn't have been so simple!!! I hate myself. And ... thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Restart service on ensure running ; class dependecies
On Thu, Jun 7, 2012 at 4:03 PM, jcbollinger john.bollin...@stjude.org wrote: On Jun 6, 12:33 pm, Andrei-Florian Staicu andrei.sta...@gmail.com wrote: First, for services that have ensure=runnig and for which service bla status returns not running, can puppet be convinced to call service bla restart instead of service bla start? That's a very odd request. If the service is indeed not running, then service bla start is the correct way to set it running. If service bla status is returning an incorrect result -- that is, if it sometimes says the service is not running when actually it is -- then fixing that would be an all-around better solution (i.e. not just for interoperation with Puppet). If you cannot or will not fix the initscript, then you can use the Service's 'status' parameter to provide an alternative command by which to determine whether the service is running. I took your advice an rebuilt the script. Thanks. Second question, about class dependencies. I have a class called network, with a subclass networ::device, which I use to deploy the ifcfg-* files. So, for a node, i will have an undefined number of network::device objects. No, you don't. Perhaps you have a *defined type* network::device, but if that were a class then each node would have it either once or not at all. It is important to know the difference because it affects several aspects of how you design and write your manifests. Yes, I still have to do some heavy reading about puppet classes/types/resources/modules a.s.o. It's a lot to take in all at once. Furthermore, I have a class called network::ipconfig2. How can I make sure that network::ipconfig2 will be applied only after all the network::devices are applied? This is what resource relationships are for. A good use in this case would be for each declaration of a network::device instance to specify a 'before' parameter. For example, network::device { 'eth0': # ... before = Class['network::ipconfig2'] } That will do the job correctly no matter how many network::device instances are declared (including zero), and it does not require class network::iproute2 to know which network::device resources have been or will be declared. It does, however, require that Class['network::ipconfig2'] be already declared at the point where the Network::Device instance is declared (and there are several ways to ensure that). Yes, but some nodes include network::ipconfig2, others do not. That means that I can't put the before in the network::device class definition; instead I'll have to add it to each instance. And one of the purposes is to keep the manifests as small as possible, to keep them readable. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Restart service on ensure running ; class dependecies
Hi all, May i get your opinion on the following two subjects? First, for services that have ensure=runnig and for which service bla status returns not running, can puppet be convinced to call service bla restart instead of service bla start? Second question, about class dependencies. I have a class called network, with a subclass networ::device, which I use to deploy the ifcfg-* files. So, for a node, i will have an undefined number of network::device objects. Furthermore, I have a class called network::ipconfig2. How can I make sure that network::ipconfig2 will be applied only after all the network::devices are applied? Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] exclude puppetmaster from default
Hi all, Can you tell me if the puppetmaster (which is also a puppet node) can be excluded from the default node definition? The idea is that new unclassified nodes should get the puppet.conf and auth.conf files by default, but these files are pretty different on the master. Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] exclude puppetmaster from default
On Wed, May 30, 2012 at 7:39 PM, Peter Bukowinski pmb...@gmail.com wrote: On May 30, 2012, at 12:13 PM, Andrei-Florian Staicu wrote: Hi all, Can you tell me if the puppetmaster (which is also a puppet node) can be excluded from the default node definition? The idea is that new unclassified nodes should get the puppet.conf and auth.conf files by default, but these files are pretty different on the master. Thanks. The default node definition is only applied to nodes that aren't included in any other node definitions. As long as your puppetmaster node is included in any other node definition — either explicitly (e.g. 'puppet.domain.org') or by glob (e.g. /^puppet/) — the default node definition will not affect it. Ok, so this will exactly what I want for new (i.e. which don't already have a definition) nodes. Then how can I have a definition for all nodes, except the puppet master? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] exec's onlyif parameter fails for a bash one-liner
Hi, you need to add provider = shell to your exec to get the subshell working regards Florian On Wed, Apr 25, 2012 at 6:01 PM, Shantanu knowshant...@gmail.com wrote: I would like to 'exec' an installation script 'onlyif' an installation directory is empty. I tried using following bash one-liner however it didn't work: code exec{$one_install_script: require = File[$one_install_script], onlyif = [ \$(/bin/ls -A $one_location)\ ] exit 1 || exit 0 } /code It failed with following error: error err: Failed to apply catalog: Parameter onlyif failed: '[ $(/bin/ls - A /srv/cloud/one) ] exit 1 || exit 0' is not qualified and no path was specified. Please qualify the command or specify a path. /error A bash script with above one-liner worked fine though. code exec{$one_install_script: require = File[$one_install_script], onlyif = /tmp/is-dir-empty.sh $one_location /code The bash script approach works fine for me. However I am not sure what is wrong with the one-liner command. Is $(cmd) command substitution or built-in function 'exit' a problem? Any pointers will be really helpful. -- Thanks, Shantanu -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Augeas lens for zabbix agent config files?
Am Sonntag, 22. Januar 2012 21:48:36 UTC+1 schrieb Walter Heck: Hi all, I'm trying to come up with a lens for the zabbix agent config files. I find the lens language untransparent at best, so I'm struggeling to figure out what's up. The debugging possibilities are extremely limited. Here's what I have now: zabbix.aug: (** An adjusted copy of the postfix_main module **) module Zabbix_agent = autoload xfm ( * USEFUL PRIMITIVES *) let eol= Util.eol let comment= Util.comment let empty = Util.empty let eq = del /[ \t]*=/ = let word = /[A-Za-z0-9_.-]+/ let value = let chr = /[^# \t\n]/ in let any = /.*/ in let line = (chr . any* . chr | chr) in store line ( * ENTRIES *) let entry = [ key word . eq . (value)? . eol ] ( *LENS *) let lns= (comment|empty|entry) * let filter = incl /etc/zabbix/zabbix_agentd.conf . incl /etc/zabbix/zabbix_agent.conf . Util.stdexcl let xfm= transform lns filter === a sample snippet from a zabbix agent.conf: === # head -n25 /etc/zabbix/zabbix_agentd.conf ### # PUPPET MANAGED # # Do not edit this file on a server node unless you # # are willing to have your changes overwritten by # # Puppet. If you really want to change the contents # # repository and check it out on the puppet server. # ### # This is config file for zabbix_agentd # To get more information about ZABBIX, go http://www.zabbix.com GENERAL PARAMETERS # # List of comma delimited IP addresses (or hostnames) of ZABBIX servers. # No spaces allowed. First entry is used for sending active checks. # Note that hostnames must resolve hostname-IP address and # IP address-hostname. Server=backend.yomamma.com # Server port for sending active checks #ServerPort=10051 # Unique hostname. Required for active checks. === And the augeas output (all empty): == [/etc/puppet] # augparse /usr/share/augeas/lenses/contrib/zabbix_agent.aug [/etc/puppet] # augtool -e ls /files/etc/zabbix/zabbix_agentd.conf == Any help would be sincerely appreciated :) cheers, -- Walter Heck -- follow @walterheck on twitter to see what I'm up to! -- Check out my new startup: Server Monitoring as a Service @ http://tribily.com Follow @tribily on Twitter and/or 'Like' our Facebook page at http://www.facebook.com/tribily Am Sonntag, 22. Januar 2012 21:48:36 UTC+1 schrieb Walter Heck: Hi all, I'm trying to come up with a lens for the zabbix agent config files. I find the lens language untransparent at best, so I'm struggeling to figure out what's up. The debugging possibilities are extremely limited. Here's what I have now: zabbix.aug: (** An adjusted copy of the postfix_main module **) module Zabbix_agent = autoload xfm ( * USEFUL PRIMITIVES *) let eol= Util.eol let comment= Util.comment let empty = Util.empty let eq = del /[ \t]*=/ = let word = /[A-Za-z0-9_.-]+/ let value = let chr = /[^# \t\n]/ in let any = /.*/ in let line = (chr . any* . chr | chr) in store line ( * ENTRIES *) let entry = [ key word . eq . (value)? . eol ] ( *LENS *) let lns= (comment|empty|entry) * let filter = incl /etc/zabbix/zabbix_agentd.conf . incl /etc/zabbix/zabbix_agent.conf . Util.stdexcl let xfm= transform lns filter === a sample snippet from a zabbix agent.conf: === # head -n25 /etc/zabbix/zabbix_agentd.conf ### # PUPPET MANAGED # # Do not edit this file on a server node unless you # #
[Puppet Users] Re: Augeas lens for zabbix agent config files?
Hi Walter, any news with the zabbix_agentd lens? rgds Florian Am Sonntag, 22. Januar 2012 21:48:36 UTC+1 schrieb Walter Heck: Hi all, I'm trying to come up with a lens for the zabbix agent config files. I find the lens language untransparent at best, so I'm struggeling to figure out what's up. The debugging possibilities are extremely limited. Here's what I have now: zabbix.aug: (** An adjusted copy of the postfix_main module **) module Zabbix_agent = autoload xfm ( * USEFUL PRIMITIVES *) let eol= Util.eol let comment= Util.comment let empty = Util.empty let eq = del /[ \t]*=/ = let word = /[A-Za-z0-9_.-]+/ let value = let chr = /[^# \t\n]/ in let any = /.*/ in let line = (chr . any* . chr | chr) in store line ( * ENTRIES *) let entry = [ key word . eq . (value)? . eol ] ( *LENS *) let lns= (comment|empty|entry) * let filter = incl /etc/zabbix/zabbix_agentd.conf . incl /etc/zabbix/zabbix_agent.conf . Util.stdexcl let xfm= transform lns filter === a sample snippet from a zabbix agent.conf: === # head -n25 /etc/zabbix/zabbix_agentd.conf ### # PUPPET MANAGED # # Do not edit this file on a server node unless you # # are willing to have your changes overwritten by # # Puppet. If you really want to change the contents # # repository and check it out on the puppet server. # ### # This is config file for zabbix_agentd # To get more information about ZABBIX, go http://www.zabbix.com GENERAL PARAMETERS # # List of comma delimited IP addresses (or hostnames) of ZABBIX servers. # No spaces allowed. First entry is used for sending active checks. # Note that hostnames must resolve hostname-IP address and # IP address-hostname. Server=backend.yomamma.com # Server port for sending active checks #ServerPort=10051 # Unique hostname. Required for active checks. === And the augeas output (all empty): == [/etc/puppet] # augparse /usr/share/augeas/lenses/contrib/zabbix_agent.aug [/etc/puppet] # augtool -e ls /files/etc/zabbix/zabbix_agentd.conf == Any help would be sincerely appreciated :) cheers, -- Walter Heck -- follow @walterheck on twitter to see what I'm up to! -- Check out my new startup: Server Monitoring as a Service @ http://tribily.com Follow @tribily on Twitter and/or 'Like' our Facebook page at http://www.facebook.com/tribily -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/4EsBd_4PWnAJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] trouble with hiera %{calling_module} and puppet defines
Hi Martin, no currently only for the tomcat::instances. we currently change our modules to hiera, so maybe i find other cases. rgds Florian Am Freitag, 16. März 2012 09:03:44 UTC+1 schrieb mawi: Hi Florian, Interesting post. I was planning the same sort of approach for apache vhosts with hiera and create_resources. This is good proof that the idea works. Are you using this approach in other modules as well, if so which? Regards, Martin 2012/3/16 Gary Larizza g...@puppetlabs.com: Ahh, Good catch - thanks for replying back with the fix -Gary On Fri, Mar 16, 2012 at 7:58 AM, Florian Koch florian.koch1...@googlemail.com wrote: Hi Gary, hm for other classes it works , so i think the puppet backend is not needed ( https://github.com/ripienaar/hiera-puppet/commit/a7350529a99e5d1bad8b03749661f3f4c7f00216 ), the problem is the define, i guess that a define won't set $module_path correct, the hiera cass from the class tocat::instance works perfect. But i have found better solution, i use create_resources to build the defines, works really smart class tomcat::instance{ $instances = hiera('tomcat_instances') create_resources('tomcat::installer',$instances) } define tomcat::installer ($user,$group,$basedir,$logdir,$name){ } --- tomcat_instances: crowd1: name: 'cr1' basedir: '/srv' logdir: '/var/log' user: 'crowd' group: 'crowd' crowd2: name: 'cr2' basedir: '/srv' logdir: '/var/log' user: 'crowd' group: 'crowd' rgds Florian Am Donnerstag, 15. März 2012 21:33:17 UTC+1 schrieb Gary Larizza: Hi Florian, I believe since $calling_module is a variable out of Puppet and not Facter, that you will need to ALSO setup the Puppet backend, in addition to the YAML backend, in the hiera.yaml file so Hiera can get its value. On Fri, Mar 16, 2012 at 6:47 AM, Florian Koch florian.koch1...@googlemail.com wrote: Hi, i have some trouble with hiera and %{calling_module}. i have: class tomcat::instance{ $instances = hiera('tomcat_instances') tomcat::installer{$instances:} } define tomcat::installer { require 'tomcat' $instance_opts = hiera($name) $tomcat_user = $instance_opts[user] $tomcat_group = $instance_opts[group] $basedir = $instance_opts[basedir] $logdir = $instance_opts[logdir] $tomcat_name = $instance_opts[name] $tomcat_version='6' ... } i specify the tomcat names in a hiera file and run the define wit the names as array (so they get executed for each name) '/var/lib/environments/test/hieradata'/tomcat/crowd.yaml --- tomcat_instances: - crowd1 - crowd2 crowd1: name: 'crowd1' basedir: '/srv' logdir: '/var/log' user: 'crowd' group: 'crowd' crowd2: name: 'crowd2' basedir: '/srv' logdir: '/var/log' user: 'crowd' group: 'crowd' my hiera.yaml --- :hierarchy: - %{calling_module}/%{fqdn} - %{hostbasename} - %{domain} - common :backends: - yaml :yaml: :datadir: '/var/lib/environments/%{environment}/hieradata' if i wrote the crowd.yaml content in the common.yaml all works, if its in the module subdirectory, puppet can not find the data from the hiera lookup in the tomcat::installer, but the call from the tomcat::instance class works, i get the right tomcat names in the error. any idea? rgds Florian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/ZjdL5rHQxBYJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Gary Larizza Professional Services Engineer Puppet Labs -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/c8Qv0i9cwEUJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Gary Larizza Professional Services Engineer Puppet Labs -- You received this message because you are subscribed to the Google Groups Puppet Users
Re: [Puppet Users] trouble with hiera %{calling_module} and puppet defines
hi, yes better depends on personal preferences Am Freitag, 16. März 2012 17:27:41 UTC+1 schrieb Jan Ivar Beddari: On 15. mars 2012 22:06, Florian Koch wrote: Hi Dennis, i have found a better solution via create_resources (look at my reply to Gery) Not neccessarily better in my mind because .. You should try something like this: class tomcat::instance { $instances = hiera('tomcat_instances') tomcat::installer { $instances[name]: basedir = $instances[basedir], logdir = $instances[logdir], user = $instances[user], group = $instances[group], } } define tomcat::installer ($basedir, $logdir, $user, $group) { ... } .. this code is easier to explain and follow. Not to be underestimated! :-) -- http://www.uib.no/personer/Jan.Ivar.Beddari -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/hSxs_BzeLJEJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Need advice how to architect solution for /etc/resolv.conf
Hi, this sounds this is a job for hiera: http://puppetlabs.com/blog/the-problem-with-separating-data-from-puppet-code/ http://puppetlabs.com/blog/first-look-installing-and-using-hiera/ rgds Florian Am Freitag, 16. März 2012 19:12:10 UTC+1 schrieb chris_...@sra.com: On Friday, March 16, 2012 1:36:23 PM UTC-4, Tim Mooney wrote: In regard to: [Puppet Users] Need advice how to architect solution for...: I'm having difficulty determining the best course of action how to implement /etc/resolv.conf on my RHEL5 hosts. Here's my requirements, IN ORDER OF PRECEDENCE: * All hosts, regardless of function, need /etc/resolv.conf * Dependiing upon which environment the host lives in (i.e. Facture $domain) this changes search paths and nameservers to use in /etc/resolv.conf * Any host defined as a 'DNS Server' should ignore environment specific settings and use nameserver of '127.0.0.1' * There are one or two one-off DNS servers that should have their own per-host settings which shall override all previous definitions. We're doing something like this, although I need to expand it to be a little bit smarter, but wouldn't setting something like --- named_type: client# or 'caching', 'secondary', 'primary' in your extdata/hiera/ENC and then using a selector in your class to pick which template to use for resolv.conf essentially solve all of this? The only things that need to change between these rules are the values of the search path and the list of nameservers. So I would like to use a single template for /etc/resolv.conf which simply plug in data available in variables accessible by the template You probably could do that, but I think the template will be more complicated this way. Selecting different templates based on what type of system it is makes the template simpler. Tim This template, resolv.conf.erb, which belongs to my 'resolv' class should all that I ever need. % searchpaths.each do |searchpath| -% search %= searchpath % % end -% % nameservers.each do |nameserver| -% nameserver %= nameserver % % end -% Duplicating such a template would be an example of un-necessary code reuse. The determination of what values to pass to my 'resolv' class has to be done before I declare (or is it define, I'm still confused on terminology) the class. How do I do that? Here's my site.pp file: # BEGIN SITE.PP node basenode { # # Define per-environment settings # Eventually this will become hiera lookups or something # case $domain { # Dev/test 'test.example.com' : { $nameservers = [ 1.1.1.1, 2.2.2.2, 3.3.3.3 ] } # Staging 'stage.example.com' : { $nameservers = [ 4.4.4.4, 5.5.5.5 ] } # Production 'example.com' : { $nameservers = [ 6.6.6.6, 7.7.7.7] } } # # All 'standard' modules/classes to be applied to all hosts. # class { 'basefiles': } class { 'ntp' : servers = $ntpservers } class { 'puppet' : puppetserver = $puppetserver } class { 'resolv' : nameservers = $nameservers, searchpaths = $searchpaths } } # first match wins, so I list them specific to generic node /dns-test.test.example.com/ inherits basenode { # This host should have host specific settings for resolv.conf independent of all other hosts. } node /dns.*example.com/ inherits basenode { # I should - somehow - be able to overload my nameserver settings here for ALL my DNS servers } node /.*.example.com/ inherits basenode { # all remaining hosts fall here } # END SITE.PP However, this *DOES NOT WORK* becuase somehow, in my basenode definition, I need to be able to say 'Box X is a DNS server so it gets general DNS server settings for resolv.conf' so I can pass the right parameters to my 'resolv' class declaration. How do I do that with out coding in some 'if/else' that looks for specific hostnames in that node definition? thx Chris. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/yHPqXaGONFYJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] trouble with hiera %{calling_module} and puppet defines
Hi, i have some trouble with hiera and %{calling_module}. i have: class tomcat::instance{ $instances = hiera('tomcat_instances') tomcat::installer{$instances:} } define tomcat::installer { require 'tomcat' $instance_opts = hiera($name) $tomcat_user = $instance_opts[user] $tomcat_group = $instance_opts[group] $basedir = $instance_opts[basedir] $logdir = $instance_opts[logdir] $tomcat_name = $instance_opts[name] $tomcat_version='6' ... } i specify the tomcat names in a hiera file and run the define wit the names as array (so they get executed for each name) '/var/lib/environments/test/hieradata'/tomcat/crowd.yaml --- tomcat_instances: - crowd1 - crowd2 crowd1: name: 'crowd1' basedir: '/srv' logdir: '/var/log' user: 'crowd' group: 'crowd' crowd2: name: 'crowd2' basedir: '/srv' logdir: '/var/log' user: 'crowd' group: 'crowd' my hiera.yaml --- :hierarchy: - %{calling_module}/%{fqdn} - %{hostbasename} - %{domain} - common :backends: - yaml :yaml: :datadir: '/var/lib/environments/%{environment}/hieradata' if i wrote the crowd.yaml content in the common.yaml all works, if its in the module subdirectory, puppet can not find the data from the hiera lookup in the tomcat::installer, but the call from the tomcat::instance class works, i get the right tomcat names in the error. any idea? rgds Florian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/ZjdL5rHQxBYJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] trouble with hiera %{calling_module} and puppet defines
Hi Gary, hm for other classes it works , so i think the puppet backend is not needed (https://github.com/ripienaar/hiera-puppet/commit/a7350529a99e5d1bad8b03749661f3f4c7f00216), the problem is the define, i guess that a define won't set $module_path correct, the hiera cass from the class tocat::instance works perfect. But i have found better solution, i use create_resources to build the defines, works really smart class tomcat::instance{ $instances = hiera('tomcat_instances') create_resources('tomcat::installer',$instances) } define tomcat::installer ($user,$group,$basedir,$logdir,$name){ } --- tomcat_instances: crowd1: name: 'cr1' basedir: '/srv' logdir: '/var/log' user: 'crowd' group: 'crowd' crowd2: name: 'cr2' basedir: '/srv' logdir: '/var/log' user: 'crowd' group: 'crowd' rgds Florian Am Donnerstag, 15. März 2012 21:33:17 UTC+1 schrieb Gary Larizza: Hi Florian, I believe since $calling_module is a variable out of Puppet and not Facter, that you will need to ALSO setup the Puppet backend, in addition to the YAML backend, in the hiera.yaml file so Hiera can get its value. On Fri, Mar 16, 2012 at 6:47 AM, Florian Koch florian.koch1...@googlemail.com wrote: Hi, i have some trouble with hiera and %{calling_module}. i have: class tomcat::instance{ $instances = hiera('tomcat_instances') tomcat::installer{$instances:} } define tomcat::installer { require 'tomcat' $instance_opts = hiera($name) $tomcat_user = $instance_opts[user] $tomcat_group = $instance_opts[group] $basedir = $instance_opts[basedir] $logdir = $instance_opts[logdir] $tomcat_name = $instance_opts[name] $tomcat_version='6' ... } i specify the tomcat names in a hiera file and run the define wit the names as array (so they get executed for each name) '/var/lib/environments/test/hieradata'/tomcat/crowd.yaml --- tomcat_instances: - crowd1 - crowd2 crowd1: name: 'crowd1' basedir: '/srv' logdir: '/var/log' user: 'crowd' group: 'crowd' crowd2: name: 'crowd2' basedir: '/srv' logdir: '/var/log' user: 'crowd' group: 'crowd' my hiera.yaml --- :hierarchy: - %{calling_module}/%{fqdn} - %{hostbasename} - %{domain} - common :backends: - yaml :yaml: :datadir: '/var/lib/environments/%{environment}/hieradata' if i wrote the crowd.yaml content in the common.yaml all works, if its in the module subdirectory, puppet can not find the data from the hiera lookup in the tomcat::installer, but the call from the tomcat::instance class works, i get the right tomcat names in the error. any idea? rgds Florian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/ZjdL5rHQxBYJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Gary Larizza Professional Services Engineer Puppet Labs -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/c8Qv0i9cwEUJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] trouble with hiera %{calling_module} and puppet defines
Hi Dennis, i have found a better solution via create_resources (look at my reply to Gery) thanks anyway. rgds Florian Am Donnerstag, 15. März 2012 21:56:34 UTC+1 schrieb Dennis Hoppe: Hello Florian, Am 15.03.2012 20:47, schrieb Florian Koch: i have some trouble with hiera and %{calling_module}. i have had a similiar problem. You need to submit the values to the define. i have: class tomcat::instance{ $instances = hiera('tomcat_instances') tomcat::installer{$instances:} } define tomcat::installer { require 'tomcat' $instance_opts = hiera($name) $tomcat_user = $instance_opts[user] $tomcat_group = $instance_opts[group] $basedir = $instance_opts[basedir] $logdir = $instance_opts[logdir] $tomcat_name = $instance_opts[name] $tomcat_version='6' ... } You should try something like this: class tomcat::instance { $instances = hiera('tomcat_instances') tomcat::installer { $instances[name]: basedir = $instances[basedir], logdir = $instances[logdir], user= $instances[user], group = $instances[group], } } define tomcat::installer ($basedir, $logdir, $user, $group) { ... } I am using this method for my Icinga module (http://github.com/dhoppe/puppet-icinga). You should take a look at the following files: - examples/icinga.yaml - manifests/contact.pp - manifests/contact/contacts.pp Regards, Dennis -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/pZQzqjg2Dj4J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Problems with Host ||
Hi, first, thanks for the reply, and the solutio! Set notify = undef on the node without the dependency does the trick for me. For completing the Informations: i do the export on all nodes, and the collect on two nodes. the first collecting node should get all exported hosts, the second schould only get hosts for a specific domain , and on this host the service dnsmasq should be notifyed. rgds Florian On Jan 17, 3:07 pm, jcbollinger john.bollin...@stjude.org wrote: On Jan 16, 4:16 am, Florian Koch florian.koch1...@googlemail.com wrote: Hi, i use exported hosts and Host | | to collect all hosts and ips for my hosts file. i like to use this to manage my dnsmasq installation, and use | tag == ${domain} | ~Service['dnsmasq'] this works. on another Host i use only | | and get the error Dependency dnsmasq not found on host ... How can i solve this? The problem is that at least one of the Host resources you are collecting has an expressed relationship with a resource named 'dnsmasq' (perhaps the Service, perhaps a Package, perhaps something else), that has not been declared yet at the point where the collection appears. Even if none of your Host declarations explicitly declares a relationship via the 'require' metaparameter or one of its kin, that could happen if one or more of your nodes exports a Host corresponding to itself and also collects that Host using the resource- chaining form above. How you should solve it depends on several factors: 1) Is it intentional that some or all of your Host resources depend (in the Puppet sense) on dnsmasq? 1a) If yes, is that supposed to be on all nodes, or only on some? 2) Is it a parameterized or non-parameterized class in which Service['dnsmasq'] is declared? If non-parameterized, is it assigned to a non-default run stage? 3) Do you collect the Host resources near where you declare them (e.g. in the same or a closely-related class)? If your intention is that Hosts may depend on 'dnsmasq' on the nodes that export them, but not necessarily on the nodes that collect them, then you could try overriding the relationship as needed when you collect, for example: Host | | { notify = undef } If you need more specific advice, then it would help greatly if you showed us all the relevant sections of your manifest. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Problems with Host ||
Hi, i use exported hosts and Host | | to collect all hosts and ips for my hosts file. i like to use this to manage my dnsmasq installation, and use | tag == ${domain} | ~Service['dnsmasq'] this works. on another Host i use only | | and get the error Dependency dnsmasq not found on host ... How can i solve this? rgds Florian -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Stupid Exec
Hi, i think you can solve your Problem by adding provider = shell, http://docs.puppetlabs.com/references/stable/type.html#exec rgds Florian koch On Jan 5, 4:54 pm, krish das.srikris...@gmail.com wrote: On Thu, Jan 5, 2012 at 9:12 PM, ollies...@googlemail.com paul.seym...@barcap.com wrote: Hello, I have this stupid exec on a bash script but bear with me. Works OK on an ancient 0.xx Puppet setup. But not on 2.7.9. $command = ( /apps/path/scripts/install.sh || true ) touch /etc/ puppet/puppet.script.done Why do you have to do a || with true here? afaik, /apps/path/scripts/install.sh touch /etc/puppet/puppet.script.done should do.. or even better use a ; instead of unless = 'test -f /etc/puppet.script.done' Just wondering if ^ this is /etc/puppet/puppet.script.done ? :) -- Srikrishna Daswww.toonheart.com -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppetserver error
Hi, Maybe a Time related Problem? Check the Time on both, Client and Server Am 30.12.2011 um 18:55 schrieb Mohammad Khan makhan...@gmail.com: I have done this already; however, client certificate verify failed is occurring now where I am stuck. On Fri, Dec 30, 2011 at 12:51 PM, Aaron Grewell aaron.grew...@gmail.com wrote: You'll have to re-sign your node's cert using puppetca --sign hostname On Fri, Dec 30, 2011 at 9:28 AM, Mohammad Khan makhan...@gmail.com wrote: I removed ssldir from clients and ran the puppetca --clean from the server. It ran fine finally. Now I am stuck on where client complains that 'certificate verify failed I dont know what to do now? On Fri, Dec 30, 2011 at 11:42 AM, Aaron Grewell aaron.grew...@gmail.com wrote: Did you remove the ssldir on the server or the client? Usually to completely reset the cert you run clean on the server, remove the contents of the ssldir on the client, then re-run puppet and it should rebuild the cert. I wouldn't recommend removing the ssldir on the server except as a last resort, otherwise you'll have to rebuild all your client certs. If that's what you already did, make sure that your ssldir and its contents are owned by user group puppet as well. On Fri, Dec 30, 2011 at 8:02 AM, Mohammad Khan makhan...@gmail.com wrote: Do I need to make any changes to server or delete sl info on the server. I am still getting the certificate verify failed error on clients? On Fri, Dec 30, 2011 at 8:54 AM, Mohammad Khan makhan...@gmail.com wrote: I was able to sign the certificate to the client but still I am getting this error now on the client: Client puppet-agent[15030]: Starting Puppet client version 2.6.12 Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve catalog from remote server: certificate verify failed Dec 30 08:52:52 Client puppet-agent[15030]: Using cached catalog Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve catalog; skipping run On Fri, Dec 30, 2011 at 8:26 AM, Mohammad Khan makhan...@gmail.com wrote: I have gone little further nowwhat I have done is to delete the ssl folder from one of the client and ran this command on server: puppetca --clean clientname it has generated new certificate but in the end I get the same error: err: Could not call revoke: Cannot convert into OpenSSL::BN Further more when i restart the agent from the client now I get this message under server message log: client has a waiting certificate request Under my client message log: hostname puppet-agent[13385]: Did not receive certificate On Fri, Dec 30, 2011 at 7:36 AM, Mohammad Khan makhan...@gmail.com wrote: I have tried to deleted the ssl folder under puppet. And then tried to clean the certificate from the server but did not work. #puppetca --clean hostname notice: Revoked certificate with serial # Inventory of signed certificates # SERIAL NOT_BEFORE NOT_AFTER SUBJECT err: Could not call revoke: Cannot convert into OpenSSL::BN On Fri, Dec 30, 2011 at 7:23 AM, Mohammad Khan makhan...@gmail.com wrote: Thanks guys; I am getting closer but still some errors. I am getting these errors now. Starting Puppet client version 2.6.12 Dec 30 07:20:40 puppet puppet-agent[19918]: Could not retrieve catalog from remote server: Retrieved certificate does not match private key; please remove certificate from server and regenerate it with the current key Dec 30 07:20:40 server puppet-agent[19918]: Using cached catalog Dec 30 07:20:40 server puppet-agent[19918]: Could not retrieve catalog; skipping run On Fri, Dec 30, 2011 at 2:31 AM, Bernd Adamowicz bernd.adamow...@esailors.de wrote: I'm pretty sure that, besides the other answers already provided, your main problem is the wrong user for your Puppet configuration. It should be user 'puppet' and not 'root'. That's how '/etc/puppet' should look like: drwxr-xr-x 5 puppet puppet 4.0K Dec 12 17:48 . drwxr-xr-x 79 root root12K Dec 26 04:03 .. -rw-r--r-- 1 puppet puppet 3.1K Dec 12 17:48 auth.conf drwxr-xr-x 6 puppet puppet 4.0K Dec 12 17:48 environments drwxr-xr-x 3 puppet puppet 4.0K Dec 12 17:48 manifests -rw-r--r-- 1 puppet puppet 838 Dec 12 17:48 namespaceauth.conf -rw-r--r-- 1 puppet puppet 1.8K Dec 12 17:48 puppet.conf drwxr-xr-x 6 puppet puppet 4.0K Dec 30 08:20 .svn So a command like 'chown -R puppet:puppet /etc/puppet' issued as 'root' should solve your main problem which is the 'Permission denied' error as well as the non starting Puppet process. Bernd -Ursprüngliche Nachricht- Von: puppet-users@googlegroups.com [mailto:puppet- us...@googlegroups.com] Im Auftrag von Khan Gesendet: Donnerstag, 29. Dezember 2011
[Puppet Users] Re: puppet-foreman
Hi, is selinux active ? If is active (run sestatus) you need to disable (setenforce 0 and edit /etc/sysconfig/selinux) or create a policy. rgds flo On Oct 18, 8:00 pm, Corey Osman co...@logicminds.biz wrote: Hi, I created a centOS6 EC2 instance last night and ran the foreman puppet module but it came back with a few years. Was hoping somebody could help me understand these errors. [root@ip-10-170-77-129 config]# echo include foreman | puppet --modulepath /root/puppet-foreman/ err: /Stage[main]/Foreman::Config::Enc/File[/var/lib/puppet/yaml/foreman]/ensure: change from absent to directory failed: Cannot create /var/lib/puppet/yaml/foreman; parent directory /var/lib/puppet/yaml does not exist [root@ip-10-170-77-129 config]# mkdir /var/lib/puppet/ clientbucket/ client_data/ client_yaml/ facts/ lib/ ssl/ state/ Should the foreman puppet module be altered to say client_yaml instead of yaml? Was the foreman module was created with an older puppet version in mind? Or is this because I didn't start my puppetmaster before using the foreman module. Corey Osman co...@logicminds.biz Green I.T and Datacenter Automation Specialist -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: facter-1.6.0 incorrectly identifies hardware node as virtual
On Aug 17, 11:44 pm, Jake j...@mainphrame.com wrote: I've installed facter-1.6.0 and puppet-2.7.3 on a number of SLES 10 hardware nodes (HP DL580) running the Virtuozzo hosting software. Well, facter correctly identifies such a machine as a hardware node (virtual = openvzhn) but somehow concludes that the hardware node is in fact virtual. (is_virtual = true) This breaks some rather important logic. If anyone knows of a patch floating around out there for 1.6.0 I'd be obliged. Even better would be to get this officially fixed for facter-1.6.1. Joe Hi, i have had the same problem with puppet 2.6.9 and facter 1.6.0 i change if $is_virtual{...} to if $is_virtual == 'true' {...} and it works again as expected. flo -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: facter-1.6.0 incorrectly identifies hardware node as virtual
On Aug 17, 11:44 pm, Jake j...@mainphrame.com wrote: I've installed facter-1.6.0 and puppet-2.7.3 on a number of SLES 10 hardware nodes (HP DL580) running the Virtuozzo hosting software. Well, facter correctly identifies such a machine as a hardware node (virtual = openvzhn) but somehow concludes that the hardware node is in fact virtual. (is_virtual = true) This breaks some rather important logic. If anyone knows of a patch floating around out there for 1.6.0 I'd be obliged. Even better would be to get this officially fixed for facter-1.6.1. Joe Hi, i have had the same trouble with puppet 2.6.9 and facter 1.6.0 i changed the if $ist_virtual{..} to if $is_virtual == 'true' {...} and now it works again. flo -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: backup files whith bad arborescence
On 3 juin, 17:26, Patrick kc7...@gmail.com wrote: Out of curiosity, why do you care? i think it damage to keep this arborescence with many intermediate file. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: backup files whith bad arborescence
But it's possible to avoid this arborescence ? even if i lose in performance ? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Documentation for Ruby's %x{foo}
I'm trying to fix a bug in facter so that I can submit a patch and all, but I'm in need of some good documentation of this code construct. Unfortunately, every search engine I know of strips out such symbols. I've deduced that it calls an external command and captures stdout, but need more details, like can I get the PID of the sub-process? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Assign variable with content of a file?
On May 1, 7:28 pm, James Turnbull ja...@lovedthanlost.net wrote: On the master you can use the generate function to populate a variable value. That looks promising. However, in this particular situation, I cannot use the regular puppetmasterd/puppetd arrangement. I must use the stand-alone puppet instead. Will this still work? Otherwise you should use a fact. I hadn't realized that I could create custom facts. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Cron presence based on file content
On May 2, 10:29 am, Pete Emerson pemer...@gmail.com wrote: Ah I see a new thread, Assign variable with content of a file? that lines up with my needs, I'll check out the suggestions there. Yeah, it's mine! I found yours when I was looking for my own solution -- it sounds like we're both trying to achieve something rather similar. :-) --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Assign variable with content of a file?
On May 1, 5:59 pm, Brandon Evans bev...@adicio.com wrote: no-can-do. What exactly are you trying to get done? Apologies for leaving that out -- I'd hoped to not muddy the water with the details, but now it seems I must. I want to install a home-built package whose application runs on a virtual console exclusively. Which VC specifically is controlled by that app's conf file. This app must be able to run on a VC that is normally occupied by a getty so therefore prior to app startup, it is necessary to tell upstart to disable that getty. I want puppet to do all of this, of course. The basic steps and required sequence are: 1. install package 2. install conf file for package 3. extract VC number from conf file, say as $ttynum 4. exec initctl stop tty$ttynum 5. exec app Puppet does NOT know what VC number is in the conf file -- it must extract this. (The reasons are way beyond the scope here.) Now, I've made step 3 a bit easier by revising the package so that it's possible to run app --show-vc and it'll parse the conf file and send the number to stdout. I cannot run this command directly with the generate function because of the embedded space character. So I thought I'd cheat and have puppet generate a temp file that is essentially a one-line shell script to run that command and have the generate function call this temporary file instead. Now it becomes a question of how to ensure that puppet creates the temp script before the generate function calls it. This is starting to look like a real headache. Unless someone sees an easier way to do something like this, I think I'll just revise the app to do step 4 itself -- although that is rather icky in itself. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Cron presence based on file content
Pete, The only thing affected by onlyif here is the /bin/echo command itself. You can even see this in your logged output. On May 1, 1:56 pm, Pete Emerson pemer...@gmail.com wrote: I'm trying to get a cron entry to exist based on the contents of a file. I tried this: exec { check-cron: command = /bin/echo, logoutput = true, onlyif = /bin/grep 'crontab' /etc/crontab.txt } cron { exec-date: require = Exec[check-cron], ensure = present, command = date /tmp/date.log, user = root, minute = */10 } My grep returns a value of 2 because /etc/crontab.txt does not exist: # /bin/grep 'crontab' /etc/crontab.txt grep: /etc/crontab.txt: No such file or directory # echo $? 2 and yet puppet wants to install the crontab: # /usr/sbin/puppetd --test --noop info: Caching catalog at /var/lib/puppet/localconfig.yaml notice: Starting catalog run notice: //Cron[exec-date]/ensure: is absent, should be present (noop) notice: Finished catalog run in 4.22 seconds Once I put the text in /etc/crontab.txt, the logic gets reversed: # echo crontab /etc/crontab.txt # /usr/sbin/puppetd --test --noop info: Caching catalog at /var/lib/puppet/localconfig.yaml notice: Starting catalog run notice: //Exec[check-cron]/returns: is notrun, should be 0 (noop) notice: //Cron[exec-date]/ensure: is absent, should be present (noop) notice: Finished catalog run in 4.27 seconds According to the documentation on onlyif: If this parameter is set, then this exec will only run if the command returns 0. I'm stumped. And I may not be approaching this in the right way. Any pointers would be appreciated. Also, the logic here (if I had it working) would not permit *removal* of the cron job if it exists. I could put two logically opposite entries in there to do that, but now it just seems pretty ugly, so I suspect I'm missing the elegant solution. Pete --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Assign variable with content of a file?
Anyone know of how I can do in puppet the equivalent of this from the land of shell scripting? foo=$(cat /tmp/bar) or if you prefer foo=`cat /tmp/bar` --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Package type regression?
I'm seeing a undesirable change in behaviour of puppet on Fedora 10 that came about with the upgrade from 0.24.6 to 0.24.8. I have been working on a wrapper package for puppet (non-daemon) that allows it to operate reliably even when the network isn't so reliable. Each client maintains (via rsync) a local replica of all the puppet resources so that puppet on the client can continue to function correctly even if the network is down. (The clients run Fedora Live from CompactFlash and thus upon reboot look like puppet has never been run there.) Anyway, with 0.24.6 it was possible for puppet to use yum to install packages without a network connection so long as the yum cache was preserved (on a non-volatile file system also on the CompactFlash) between boots. Now with 0.24.8 that is no longer possible. It seems dependent on having an IP address bound to eth0, which gives me trouble since these clients are using DHCP. I'm seeing the following errors that may provide some clues: Timed out seeking value for ipaddress Timed out seeking value for ipaddress Timed out seeking value for ipaddress Timed out seeking value for ipaddress warning: Could not retrieve fact ipaddress Could not autoload rpm: No child processes Could not autoload /usr/lib/ruby/site_ruby/1.8/puppet/provider/ package/yum.rb: Could not find parent provider rpm of yum Could not autoload /usr/lib/ruby/site_ruby/1.8/puppet/provider/ package/rpm.rb: Class ProviderRpm is already defined in Puppet::Type::Package Could not autoload rpm: Class ProviderRpm is already defined in Puppet::Type::Package Could not autoload /usr/lib/ruby/site_ruby/1.8/puppet/provider/ package/aptrpm.rb: Could not find parent provider rpm of aptrpm Could not autoload rpm: Class ProviderRpm is already defined in Puppet::Type::Package Could not autoload /usr/lib/ruby/site_ruby/1.8/puppet/provider/ package/up2date.rb: Could not find parent provider rpm of up2date Could not autoload rpm: Class ProviderRpm is already defined in Puppet::Type::Package Could not autoload /usr/lib/ruby/site_ruby/1.8/puppet/provider/ package/rug.rb: Could not find parent provider rpm of rug Could not autoload rpm: Class ProviderRpm is already defined in Puppet::Type::Package Could not autoload /usr/lib/ruby/site_ruby/1.8/puppet/provider/ package/urpmi.rb: Could not find parent provider rpm of urpmi info: mount[localhost]: Mounted / info: mount[modules]: Mounted info: mount[plugins]: Mounted err: Could not create ntp: Could not find a default provider for package Could not find a default provider for package Execution of puppet failed. If I give the interface an address, things seems to work OK, but that's not really a solution as it will cause problems when the network does come back up. Any help would be greatly appreciated. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: support for upstart
On Dec 17, 5:18 pm, James Turnbull ja...@lovedthanlost.net wrote: An upstart provider for the service type should be fine. It should be relatively easy to develop. If you don't want to develop yourself can you please log a feature request and I'll knock something up. Cheers James -- Author of: * Pulling Strings with Puppet (http://www.amazon.com/gp/product/1590599780/) * Pro Nagios 2.0 (http://www.amazon.com/gp/product/1590596099/) * Hardening Linux (http://www.amazon.com/gp/product/159059/) I'm not sure I'm up to developing this myself just yet as I'm very new to puppet and haven't done any ruby thus far. I was about to create a feature request, but then realized what you were saying about adding upstart as a provider to the service type. I'm not sure that's exactly what's needed. It's what I need, but perhaps would be wrong for other uses of upstart. Upstart by design is event driven, so you can have things like this: # This task is run whenever the Control-Alt-Delete key combination is # pressed. Usually used to shut down the machine. start on control-alt-delete exec /sbin/shutdown -r now Control-Alt-Delete pressed Here's another example from Fedora 10 that shows even more diversity: start on fedora.serial-console-available * stop on runlevel [016] instance pre-start script # script portion removed for brevity end script exec /sbin/agetty /dev/$1 $2 vt100-nav post-stop script # script portion removed for brevity end script I found the following page to be a quick, but informative read on some of the capabilities: http://upstart.ubuntu.com/getting-started.html --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: How to make puppet continue when disconnected from network?
I've been pushing forward on this and have made much progress in having a puppet client continue to do its thing from the last known good state after becoming disconnected from the network. I've reached a major stumbling block though. If the network interface had been up and operational, but is now failing (e.g., cable unplugged), puppet can continue on despite a few warnings in the logs. However, if the interface hasn't even been configured (e.g., booting with cable unplugged), puppet seems to take a different route and just refuses to push-on-regardless. It just continues to log the following every few minutes: err: Could not call puppetca.getcert: #Errno::ENETENREACH: Network is unreachable --connect(2) err: Could not request certificate: Certificate retrieval failed: Network is unreachable --connect(2) I really need for puppet to simply continue with whatever state and configuration details it has cached from the last successful run. Any ideas how I might achieve this? On Dec 8, 2:14 pm, John Florian john.flor...@dart.biz wrote: I am reviewing puppet for suitability on a project that I'm working on. In many regards, it looks perfect and I'm very pleased with the overall feel thus far. For a proof-of-concept example, I've created a manifest that ensures that the ntp package is installed on the client, that it has the correct ntp.conf and that the services is running with that config. So far so good. The clients are going to be PC/104 systems running the Fedora appliance OS from CompactFlash more or less as if it were a live CD (think compressed and read-only). The goal is to have this OS be just the bare bones plus the puppet client. On boot, the puppet client would install the required packages, configure them and start services and custom applications as necessary. This means that any disk updates occurring after boot will not persist through a reboot. Boot times are longer this way, but the systems remain very flexible and can be deployed for a variety of purposes, which would ultimately be dictated by the puppet master. If there is a network loss for whatever reason, it is required that system remain operational in all other regards. If the network outage occurs after boot up this is rather trivial to handle. However, if the system is rebooted after loss of network, it must proceed under the last known state of configuration. I've been partly successful in this regard by creating a 2nd file system on the CompactFlash to which /var/cache/yum is sym-linked. This in effect makes the yum cache persistent through reboots. With the network disconnected, I can remove the ntp package and its configuration file from the client, reboot and puppet will dutifully reinstall the ntp package. However it is unable to retrieve the configuration file from the puppet master and thus far I have not found any way to configure puppetd to maintain a locally cached version to use as a fail safe. I have experimented with ignorecache and usecacheonfailure but without success. Do I need to make each puppet client its own file server somehow with a synchronized copy of the master? Is there some other route I've missed? I've also noted that the ntp daemon does not start in this case, but I'm pretty sure that's simply because puppetd knows a dependency hasn't yet been met. If I can just convince puppetd to somehow persist/cache (similar to what I did with yum) the config file and use that if all else fails, I'll be ready to roll on this project. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: How to make puppet continue when disconnected from network?
Funny. I was nearly about to give up hope and then that very thought occurred to me a bit after posting my last message. When I had initially read the docs, I kind of got the impression that was meant more for debugging only. As it turns out, it looks to be absolutely perfect for the task. I have one puppet exec that basically looks like this: exec { offline-files: command = rsync -a masterhost:/mastershare/ /offlinefiles; true } Of course, the host is preloaded with SSH keys to allow rsync to work w/o any passphrase. This brings across all my manifests, classes, and other support files to an area on CompactFlash so it becomes non- volatile to the client. I had to trick puppet through the use of true in the command because I want puppet to believe this exec always succeeds. I'd rather it run with old files than to not run at all. Anyway, thanks for the tip. Had my posts not been delayed due to moderation of new group members, you'd have saved me lots of grief. On Dec 12, 1:24 pm, Adam Jacob a...@hjksolutions.com wrote: Have you thought about side-stepping puppetd/puppetmasterd and just writing your manifests to use puppet stand alone? Adam --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Puppet Client Isolated from Network
I am reviewing puppet for suitability on a project that I'm working on. In many regards, it looks perfect and I'm very pleased with the overall feel thus far. For a proof-of-concept example, I've created a manifest that ensures that the ntp package is installed on the client, that it has the correct ntp.conf and that the services is running with that config. So far so good. The clients are going to be PC/104 systems running the Fedora appliance OS from CompactFlash more or less as if it were a live CD (think compressed and read-only). The goal is to have this OS be just the bare bones plus the puppet client. On boot, the puppet client would install the required packages, configure them and start services and custom applications as necessary. This means that any disk updates occurring after boot will not persist through a reboot. Boot times are longer this way, but the systems remain very flexible and can be deployed for a variety of purposes, which would ultimately be dictated by the puppet master. If there is a network loss for whatever reason, it is required that system remain operational in all other regards. If the network outage occurs after boot up this is rather trivial to handle. However, if the system is rebooted after loss of network, it must proceed under the last known state of configuration. I've been partly successful in this regard by creating a 2nd file system on the CompactFlash to which /var/cache/yum is sym-linked. This in effect makes the yum cache persistent through reboots. With the network disconnected, I can remove the ntp package and its configuration file from the client, reboot and puppet will dutifully reinstall the ntp package. However it is unable to retrieve the configuration file from the puppet master and thus far I have not found any way to configure puppetd to maintain a locally cached version to use as a fail safe. I have experimented with ignorecache and usecacheonfailure but without success. Do I need to make each puppet client its own file server somehow with a synchronized copy of the master? Is there some other route I've missed? I've also noted that the ntp daemon does not start in this case, but I'm pretty sure that's simply because puppetd knows a dependency hasn't yet been met. If I can just convince puppetd to somehow persist/cache (similar to what I did with yum) the config file and use that if all else fails, I'll be ready to roll on this project. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---