Re: [Puppet Users] Is there a way to find unused puppet code (2.7)?
On 2/8/14 8:53 PM, Amos Shapira wrote: Hello, Is there a way to systematically find all modules we have which aren't used? Two reasons for this question: 1. We use librarian-puppet to manage external modules and would like to find which of them can we remove. 2. We did some major refactoring over the years, in particular we moved from a mix of old distribution to a single Ubuntu LTS version, and there could be some of our own classes which aren't used. 3. If it's an automatic way, it will be great to run it as part of our Continuous Integration suite to find code which can be removed. So - is there such a thing? Cheers, --Amos Hi Amos, With PuppetDB you can query[1] for the most recent catalog of a given node which will list all of the classes used. You could the use the process of elimination to see what classes you had in your modulepath that are not showing up in your catalogs. [1] - http://docs.puppetlabs.com/puppetdb/1.6/api/query/v3/catalogs.html BR, -g -- Garrett Honeycutt learnpuppet.com -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/52F7B043.7030308%40garretthoneycutt.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Code coverage for puppet resources
On 1/26/14 7:50 AM, Gareth Rushgrove wrote: For anyone else who likes writing tests for their puppet manifests, I've just added basic code coverage to rspec-puppet: A blog post here about how to use it: http://www.morethanseven.net/2014/01/25/code-coverage-for-puppet-modules/ I'd be interested in any feedback on how to improve or add to this. Cheers Gareth Gareth, Great blog post. I tried this on a module with 100% coverage and notice that it reports back 50% coverage. After some poking around, found that it is checking code in spec/fixtures/, the stdlib module actually. There seems to be an open issue[1] regarding the inability to exclude things. Curious if you found a work around for testing your code and not the modules pulled in from .fixtures.yml. [1] - https://github.com/lemurheavy/coveralls-public/issues/184 BR, -g -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/52F44A2E.3070903%40garretthoneycutt.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Augeus: Duplicate sysctl setting
On 1/6/14 9:28 AM, bruce bushby wrote: Hello I have a issue with duplicate Augeas settings and hoping to bounce the issue off the community for some ideas. I like to pre-deploy my servers regardless of what application they will run and I typically have them sitting in (/etc/puppet/manifest/classes/-linux-server) where they remain until they are moved into an application class which then adds additional modules My base setup does not allow ip_forwarding: [root@puppetdev-stc development]# grep net.ipv4.ip_forward defaults/manifests/config.pp sysctl { 'net.ipv4.ip_forward': value = '0', comment = 'this is a comment' } [root@puppetdev-stc development]# However, I have an application that does require ip_forwarding .and when I add the application layer I get a conflict: Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Duplicate declaration: Sysctl[net.ipv4.ip_forward] is already declared in file /etc/puppet/modules/development/defaults/manifests/config.pp:4; cannot redeclare at /etc/puppet/modules/development/wombat/manifests/config.pp:5 on node puppet-client..xxx.xx How can I force puppet to simply execute the sysctl settings in order (I use requires to control module order) ...meaning the last setting will become the valid setting? Thanks Bruce Hi Bruce, Recommend that you move the data from your current pattern of defaults and application names into Hiera. You can then use your application name as a hierarchy level in Hiera to supply different data based on the application name. Your method of getting into a pre-deploy state and then moving into a deploy state is also potentially dangerous. If you manage any resources in the pre-deploy state that are not in the deploy state, then you cannot simply run Puppet with the deploy level code to reach the end system state that you desire. Ideally you would classify the node and get it into one state instead of your method of getting it into one state and then into another through the use of different code paths and data in Puppet. BR, -g -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/52CC58D9.6050507%40garretthoneycutt.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] puppet module
On 10/8/13 2:27 PM, John wrote: I need to write a puppet SSHD module that does the following: First I have 5 different operating systems to install to: Red Hat, Free BSD, AIX, Ubuntu, and SuSE. The second requirements: If the host file contains an entry of host-A.domain.com (for example) then I need ssh-config1 installed. If the host file contains an entry of host-B.domain.com then I need ssh_config2 installed. If there is an entry in hosts for host-C.domain.com then I need ssh_config3 installed. Is there a sample SSH module that has such parameters, or can someone provide a generic template to follow such requirements? Thanks in advance. Hi John, I have a ssh module[1] that supports RHEL 5 and 6 that I would be happy to collaborote with you to support your other OS's. Your second requirement, though technically possible, is not the puppet way of doing things. The Puppet way is to be declarative and say that you have three different types of systems: A, B, and C. You would then have code to declare that you want a specific entry of host-X.domain in your hosts file and that you want a different ssh configuration. We want to declare what the system should be instead of looking at the host entry and basing the logic on that. With the use of Hiera, you could easily have different configurations for your three different classifications. [1] - https://github.com/ghoneycutt/puppet-module-ssh Best regards, -g -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Array being flattened
On 9/19/13 4:13 PM, Darin Perusich wrote: Hello All, I've run into an issue where an array that's being passed into a defined type is being flattened when it's inclosed in double quotes and I'm not sure how to get around this. This is happening a the pdxcat/amanda module and I've raised an github issues for this but wanted to query the community as a whole. The issue and my branch of the code are below. The amanda::server or amanda::configs class/defined type allow you to populate amanda configuration directories from files, /etc/amanda/$configs, by setting configs = [ daily, weekly ] in the manifest. In my defined type, amanda::disklist, the parameter $configs needs to be used to set the correct target path to a file which I'm using contact::fragment to modify. When $configs is a single value, say daily, everything works as expected. But then $configs is an array, daily and weekly, it's flattened to dailyweekly which results in an Invalid relationship: error. Can anyone provide some guidance on how to get around this? I've been banging on this for a few days and my heads really starting to hurt. define amanda::disklist ( $configs, $diskdevice = undef, $dumptype, $ensure = present, $interface = undef, $order = 20, $spindle= undef ) { include amanda::params include amanda::virtual concat::fragment { amanda::disklist/$title: target = $amanda::params::configs_directory/$configs/disklist, ensure = $ensure, order = $order, content = $fqdn $name $diskdevice $dumptype $spindle $interface\n, tag = amanda_dle, } https://github.com/pdxcat/puppet-module-amanda/issues/12 https://github.com/deadpoint/puppet-amanda/tree/disklist -- Later, Darin This is an issue with type casting. The target parameter[1] is using a string and I think that you believe that multiple concat::fragments should get called, one for each element in the array, which is not going to happen. If that is the functionality you want, then $configs[2] should stay a string and not allow arrays. You can use create_resources()[3] to call amanda::disklist multiple times, which from your issue[4], is what I believe your intention is. Here is a gist[5] to demonstrate with YAML files that you might place in Hiera. [1] - https://github.com/deadpoint/puppet-amanda/blob/disklist/manifests/disklist.pp#L14 [2] - https://github.com/deadpoint/puppet-amanda/blob/disklist/manifests/disklist.pp#L2 [3] - http://docs.puppetlabs.com/references/latest/function.html#createresources [4] - https://github.com/pdxcat/puppet-module-amanda/issues/12 [5] - https://gist.github.com/ghoneycutt/6627040 BR, -g -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Multiple sources for puppet configuration?
On 4/2/13 7:48 PM, Thomas A. Fine wrote: Hi, As we gradually spread puppet management to all of our systems, we've run across a group that's managed by us, but also semi-self-managed, and they'd set up puppet to manage some of their own software configurations (they provide an outward facing archive service). Is there a way to set up puppet so that it looks at multiple servers for it's configuration? My first guess is to say that we control /etc/puppet/puppet.conf and point it at our servers, and that they fall back to running puppet from cron with --config /path/to/their/puppet.conf. Is there a better way to handle this? i.e. can you put something in puppet.conf that tells it to apply rules found on more than one server? Of course we also plan on setting up some yet-to-be-designed revision control system. So another alternative would be that when we set that up we design it so that some modules can be edited by individuals outside the systems group. Then we're back to one single configuration, and not only that we can watch what other groups are doing with modules where we've handed out permission. This may be the best solution since it's vaporware right now. Has anyone done anything like this? Thanks, tom Tom, Check out defining multiple paths in the modulepath[1]. This would allow both teams to have their own modules and versions with names that might conflict. Environments[2] will also help, as you can place the other team's systems in their own environment, even though all the systems would talk to the same puppet master service. Heavily recommend using VCS from the beginning, you are going to need it. Here's an old talk I gave around version control (starts about half way through) [3]. [1] - http://docs.puppetlabs.com/puppet/2.7/reference/modules_fundamentals.html#the-modulepath [2] - http://docs.puppetlabs.com/guides/environment.html [3] - http://talks.garretthoneycutt.com/20110413-Change_management_with_Puppet_for_PuppetNYC.pdf Regards, -g -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] serving large files formally code artifacts best practices
On 3/9/13 4:21 PM, Eslam Mamdouh El Husseiny wrote: Hi All, I'd like to know best practices in serving code artifacts tarballs though puppet , I used to serve them using file{} resource but this method doesn't seem a good way as i have to either include code artifacts tarballs in puppet codebase repository or configuring puppet codebase repository to ignore such tarballs and providing a way to inject code artifacts in $path/to/puppet/modules/module_1/files -- Best Regards, Eslam Mamdouh El Husseiny /Systems Administrator//* Cloud Niners* Ltd. Hello, I initially wrote an rsync module[1] to handle this, as using Puppet's file transfer method is not really suited for 1GB files. Other ways to solve this would be to turn your tarball into a package. A quick way to do this would be with FPM[2]. You could use a version control system to manage your code artifact and have a post commit hook that turns it into a package and places that in your repo. Another approach would be using BitTorrent to propagate your code artifacts to all the systems. [1] - https://github.com/puppetlabs/puppetlabs-rsync/ [2] - https://github.com/jordansissel/fpm/ Regards, -g -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Variables within Manifests question
On 2/22/13 2:20 PM, jim wrote: Hello all Can someone please help me or answer if this is possible I'm using the puppet forge IIS module, and want to use variables within the syntax dependent up ip address for example: colo_a = 1.1.1.0 colo_b = 2.2.2.0 if $network_local_area_connection = 1.1.1.0 add colo_a elseif $network_local_area_connection = 2.2.2.0 add colo_b iis_site {'mysite.co.uk': ensure = present, bindings = [ 'http/*:80:www.mysite.co.uk', 'http/*:80:mysite.co.uk', 'http/*:80:*colo_?*.mysite.co.uk', 'http/*:80:*colo_?*.mysite.co.uk' ], } Any help or advise would be much appreciated regards Jim -- Jim, This is what Hiera[1] is meant to help with. You could determine values based on which colo you are in. [1] - https://github.com/puppetlabs/hiera/ Regards, -g -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] CloudPack problems with CentOS AMIs
I noticed the following problems when working with CloudPack and the image ami-08728661 (and it probably apples to other CentOS images as well) 1) the ssh user in this AMI is ec2-user, but sudo to root is not possible in the ssh command unless pseudo-tty allocation forced with ssh -t option. so I changed cloudpack.rb, line 573 from: ssh_remote_execute(server, options[:login], install_command, options[:keyfile]) to process = ssh -t #{options[:login]}@#{server} -i #{options[:keyfile]} -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no \#{install_command}\; IO.popen(process) do |f| until f.eof? Puppet.info f.gets end end (used external ssh because didnt know how to do it in Net::ssh) 2) There was no /etc/redhat-release file in the image, so master/lib/puppet/cloudpack/scripts/gems.erb breaks. For this I hardcoded redhat as default. Its good to have these fixed if devs seem its important for them. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] problems using CloudPack for autoscaling
I have been trying to setup autoscaling with CloudPack and so far was not that successfull. The scenario is as follows: in a 3 tier architecture when I see high utilization I fire a new instance and configure it, but my configuration is not known beforehead so I generate right I am firing instance. now I have two options: 1) enable autosigning on master, generate a GUID, add the node's config with the GUID to site.pp, use CloudPack's node install ... --certname myGUID to pass the generated name. This one failed and we are discussing it in http://groups.google.com/group/puppet-users/browse_thread/thread/2abb250f3b3bddad 2) disable autosigning, running CloudPack's node install ... without passing certname, grabbing the certname generated by install and sign it. I was unable to do this because I guess agent tried to sign its certificate and grab catalog too fast without retrying before GUID is returned from install method (see gems.erb line 41: puppet agent --color=false --test | tee puppet_agent.log). now lets assume I add --waitforcert 20 to this line. then is the ssh in install method (cloudpack.rb, 574) going to come back and give me the generated GUID or is it going to get stuck for ssh to return. what if I do puppet agent --color=false --waitforcert 20 --test | tee puppet_agent.log ? then probably install returns, and I have to pull in master using puppet cert --list and sign it when ready. 3) change init method, in cloudpack.rb so it applies my configuration before signing the certificate. This doesnt seem right because I am cloudpack user not developer. Please let me know if you have suggestions. thank you -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] CloudPack's node install .... ignores certname
although in cloudpack.rb::install(...) user specified certname is supprted (i.e. options[:certname] ||= Guid.new.to_s), the certname is not passed to the method when supplied through command line. any idea? tx -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.