subject:"\[Puppet Users\] Re\: Why\?"

[Puppet Users] Re: Why do my SERVER certs get revoked?

2017-02-14 Thread John Gelnaw

On Tuesday, February 14, 2017 at 11:56:27 AM UTC-5, Dayton Jones wrote:
>
> I'm intermittently getting 
>  Warning: SSL_connect returned=1 errno=0 state=SSLv3 read server 
> certificate B: certificate verify failed: [certificate revoked for 
> /CN=my.puppet.master] 
>
> when clients try to connect...this is very random and could go months 
> without the error, but I've got it several times in the last 3 days.  The 
> "fix" is stop the puppetmaster, remove it's certs/regen and restart 
> puppetmaster and then have the clients reattempt the connection...
>
> But WHY is the cert getting revoked?  What can I look at to see why this 
> happens, I've checked the logs but don't see anything that sticks out... 
>  Server/clients are all synced and agree on the time, DNS is working 
> properly... any pointers would be greatly appreciated.
>

Check your time on client and server.   

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/2fef0a46-770c-4090-bdb4-82e2cd49a51a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Why i cant change my custom types?

2016-11-08 Thread David Schmitt

Another thing you might want to try is "puppet generate type", a 
experimental feature of puppet 4.6 onwards: 
https://docs.puppet.com/puppet/4.8/reference/environment_isolation.html

Regards, David

On Tuesday, November 8, 2016 at 12:31:07 PM UTC, Akai wrote:
>
> Hello David,
>
> thank you for this explanation. Everything could be so simple. Now i 
> understand :-) ...
>
> Best Regards
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/a6c9b573-bfea-459d-b1b4-5e6e29d4bb2f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Why i cant change my custom types?

2016-11-08 Thread Akai

Hello David,

thank you for this explanation. Everything could be so simple. Now i 
understand :-) ...

Best Regards

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/9e148acc-6e45-47da-9623-fd9fa2847b37%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Why i cant change my custom types?

2016-11-08 Thread David Schmitt

On Tuesday, November 8, 2016 at 10:58:58 AM UTC, Akai wrote:

> It cant be the right way, to always reset everythng on a older snapshot 
> or? Why the puppetmaster "rembers" the custom_type definition and does not 
> accept changes? How i handle this?
>

Since custom types are native ruby code, the puppetserver is restricted in 
what it can do with it. Once the code is loaded into the process, it 
remains there. To get rid of it without trashing your whole environment, 
restart the puppetserver service. The newly started puppetserver will read 
the custom type afresh and have the new code then available for your 
testing.

Cheers, David

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/66f68483-1ecb-451c-b200-efe246ddd7e0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: Why does rspec puppet that_requires matcher fail?

2016-01-04 Thread Haani Niyaz

It is not the source of the problem. I discovered the following before 
posting the issue. If I removed Tpp in the require dependency as below:

it { is_expected.to contain_exec('splunk-accept-license') 
  .with(
'command' => '/opt/splunkforwarder/bin/splunk enable boot-start 
--accept-license --answer-yes --no-prompt',
'creates' => '/etc/init.d/splunk',
'require' => 'Class[Splunk::Install]',
  )}

I get the following error:
 expected that the catalogue would contain Exec[splunk-accept-license] with 
require set to "Class[Splunk::Install]" but it is set to Class[Tpp::Splunk::
Install]{:name=>"Tpp::Splunk::Install"}



But works if added as in my original post.



On Monday, 4 January 2016 23:31:40 UTC+11, Lowe Schmidt wrote:
>
> you depend on Class['splunk::install'] not Class['tpp::splunk::install'].
>
> check your manifest.
>
> --
> Lowe Schmidt | +46 723 867 157
>
> On 15 December 2015 at 02:50, Haani Niyaz  > wrote:
>
>> Forgot to add the error!
>>
>>   1) tpp::splunk::service when tpp is installed should contain Exec[
>> splunk-accept-license] that requires Class[tpp::Splunk::Install]
>>
>>
>>
>>  Failure/Error: it { should contain_exec('splunk-accept-license').
>> that_requires('Class[tpp::Splunk::Install]')}
>>
>>expected that the catalogue would contain Exec[splunk-accept-
>> license] with that requires Class[tpp::Splunk::Install]
>>
>>  # ./spec/classes/splunk/service_spec.rb:28:in `block (3 levels) in 
>> '
>>
>>
>>
>> On Tuesday, 15 December 2015 09:32:53 UTC+11, Haani Niyaz wrote:
>>>
>>> Puppet code:
>>>
>>> # manifests/splunk/service.pp
>>> class tpp::splunk::service
>>>  exec { 'splunk-accept-license':
>>>   command => '/opt/splunkforwarder/bin/splunk enable boot-start 
>>> --accept-license --answer-yes --no-prompt',
>>>   creates => '/etc/init.d/splunk',
>>>   before  => Service['splunk'],
>>>   require => Class['splunk::install'],
>>> }
>>>
>>> ...
>>> }
>>>
>>>
>>>
>>>
>>> The following rspec test works with require as shown below:
>>>
>>>  it { is_expected.to contain_exec('splunk-accept-license') 
>>>   .with(
>>> 'command' => '/opt/splunkforwarder/bin/splunk enable boot-start 
>>> --accept-license --answer-yes --no-prompt',
>>> 'creates' => '/etc/init.d/splunk',
>>> 'require' => 'Class[Tpp::Splunk::Install]',
>>>   )}
>>>
>>> However if I use the that_requires matcher it fails:
>>>
>>>   it { should contain_exec('splunk-accept-license')
>>>   .that_requires('Class[Tpp::Splunk::Install]')
>>>}
>>>
>>>
>>> Can someone shed some light as to why this might be the case?
>>>
>>> Thanks.
>>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to puppet-users...@googlegroups.com .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/puppet-users/72a6385e-96df-4775-964d-8bb8a15698b2%40googlegroups.com
>>  
>> 
>> .
>>
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/a6660b23-2109-47bb-932f-f4b513e7861e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: Why does rspec puppet that_requires matcher fail?

2016-01-04 Thread Lowe Schmidt

you depend on Class['splunk::install'] not Class['tpp::splunk::install'].

check your manifest.

--
Lowe Schmidt | +46 723 867 157

On 15 December 2015 at 02:50, Haani Niyaz  wrote:

> Forgot to add the error!
>
>   1) tpp::splunk::service when tpp is installed should contain Exec[splunk
> -accept-license] that requires Class[tpp::Splunk::Install]
>
>
>
>  Failure/Error: it { should contain_exec('splunk-accept-license').
> that_requires('Class[tpp::Splunk::Install]')}
>
>expected that the catalogue would contain Exec[splunk-accept-
> license] with that requires Class[tpp::Splunk::Install]
>
>  # ./spec/classes/splunk/service_spec.rb:28:in `block (3 levels) in
> '
>
>
>
> On Tuesday, 15 December 2015 09:32:53 UTC+11, Haani Niyaz wrote:
>>
>> Puppet code:
>>
>> # manifests/splunk/service.pp
>> class tpp::splunk::service
>>  exec { 'splunk-accept-license':
>>   command => '/opt/splunkforwarder/bin/splunk enable boot-start
>> --accept-license --answer-yes --no-prompt',
>>   creates => '/etc/init.d/splunk',
>>   before  => Service['splunk'],
>>   require => Class['splunk::install'],
>> }
>>
>> ...
>> }
>>
>>
>>
>>
>> The following rspec test works with require as shown below:
>>
>>  it { is_expected.to contain_exec('splunk-accept-license')
>>   .with(
>> 'command' => '/opt/splunkforwarder/bin/splunk enable boot-start
>> --accept-license --answer-yes --no-prompt',
>> 'creates' => '/etc/init.d/splunk',
>> 'require' => 'Class[Tpp::Splunk::Install]',
>>   )}
>>
>> However if I use the that_requires matcher it fails:
>>
>>   it { should contain_exec('splunk-accept-license')
>>   .that_requires('Class[Tpp::Splunk::Install]')
>>}
>>
>>
>> Can someone shed some light as to why this might be the case?
>>
>> Thanks.
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/72a6385e-96df-4775-964d-8bb8a15698b2%40googlegroups.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAC-wWcQc90mvpqv2zVau9tLvBJd_OXD%3DqW15VvmpMJmhTv96qA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Why does rspec puppet that_requires matcher fail?

2015-12-14 Thread Haani Niyaz

Forgot to add the error!

  1) tpp::splunk::service when tpp is installed should contain Exec[splunk-
accept-license] that requires Class[tpp::Splunk::Install]



 Failure/Error: it { should contain_exec('splunk-accept-license').
that_requires('Class[tpp::Splunk::Install]')}

   expected that the catalogue would contain Exec[splunk-accept-license] 
with that requires Class[tpp::Splunk::Install]

 # ./spec/classes/splunk/service_spec.rb:28:in `block (3 levels) in 
'



On Tuesday, 15 December 2015 09:32:53 UTC+11, Haani Niyaz wrote:
>
> Puppet code:
>
> # manifests/splunk/service.pp
> class tpp::splunk::service
>  exec { 'splunk-accept-license':
>   command => '/opt/splunkforwarder/bin/splunk enable boot-start 
> --accept-license --answer-yes --no-prompt',
>   creates => '/etc/init.d/splunk',
>   before  => Service['splunk'],
>   require => Class['splunk::install'],
> }
>
> ...
> }
>
>
>
>
> The following rspec test works with require as shown below:
>
>  it { is_expected.to contain_exec('splunk-accept-license') 
>   .with(
> 'command' => '/opt/splunkforwarder/bin/splunk enable boot-start 
> --accept-license --answer-yes --no-prompt',
> 'creates' => '/etc/init.d/splunk',
> 'require' => 'Class[Tpp::Splunk::Install]',
>   )}
>
> However if I use the that_requires matcher it fails:
>
>   it { should contain_exec('splunk-accept-license')
>   .that_requires('Class[Tpp::Splunk::Install]')
>}
>
>
> Can someone shed some light as to why this might be the case?
>
> Thanks.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/72a6385e-96df-4775-964d-8bb8a15698b2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: why does the create_resource functio not contain in local scope?

2015-12-06 Thread Haani Niyaz

Thanks John, I did this get to work. 
On Saturday, 5 December 2015 01:25:23 UTC+11, jcbollinger wrote:
>
>
>
> On Thursday, December 3, 2015 at 11:09:47 PM UTC-6, Haani Niyaz wrote:
>>
>> Thanks for the clarification. I did forget to mention that I tried the 
>> ordering of my classes as well:
>>
>> class { 'server_packages':
>> # list of packages
>> server_packages  => hiera('server_packages'), 
>> enable_repo  => 'my-rpms,base', 
>>   } ->
>>
>> class { 'some_class': 
>># params here
>>   }
>>
>>
>
> I see no reason to change my earlier remarks, but looking more closely, it 
> does appear that you have a containment problem 
> .  
> Although the evidence is in your log, it would have been more apparent if 
> you had given a more complete representation of your Class[some_class].
>
> Note in particular that your log excerpt does not show any resource 
> belonging to Class[some_class] applied before Package[mysql-devel.x86_64] 
> or any other resource declared by Class[server_packages].  What it shows 
> is resources declared by *other* classes (e.g. Class[some_class::Service]) 
> being applied in that window.  When one end of a relationship is a class, 
> C, the relationship is transitive to the resources declared directly by C, 
> but it is *not* automatically transitive to other *classes* declared by 
> C.  That is, although classes serve as containers for the resources they 
> declare, they do not automatically contain the other classes they declare.
>
> That (lack of) class containment behavior is intentional and desirable as 
> a default, but often enough you do want classes to contain other classes.  
> For that, there is the `contain` function, which provides include-like 
> class declarations with containment semantics, and which therefore can be 
> used also in addition to another declaration of the same class to add 
> containment semantics.  Although the details of your Class[some_class] 
> are unclear, you probably want something more or less along these lines:
>
> class some_class (
> # params here
> ) {
>   contain some_class::install
>   contain some_class::config
>   contain some_class::gem_Install
>   contain some_class::service
>
>   Class[some_class::install]
> -> Class[some_class::config]
> -> Class[some_class::gem_install]
> -> Class[some_class::service]
> }
>
>
> John
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/4e4a7333-a4c8-4d68-bf50-76e0dcb6a0e0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: why does the create_resource functio not contain in local scope?

2015-12-04 Thread jcbollinger

On Thursday, December 3, 2015 at 11:09:47 PM UTC-6, Haani Niyaz wrote:
>
> Thanks for the clarification. I did forget to mention that I tried the 
> ordering of my classes as well:
>
> class { 'server_packages':
> # list of packages
> server_packages  => hiera('server_packages'), 
> enable_repo  => 'my-rpms,base', 
>   } ->
>
> class { 'some_class': 
># params here
>   }
>
>

I see no reason to change my earlier remarks, but looking more closely, it 
does appear that you have a containment problem 
.  
Although the evidence is in your log, it would have been more apparent if 
you had given a more complete representation of your Class[some_class].

Note in particular that your log excerpt does not show any resource 
belonging to Class[some_class] applied before Package[mysql-devel.x86_64] 
or any other resource declared by Class[server_packages].  What it shows is 
resources declared by *other* classes (e.g. Class[some_class::Service]) 
being applied in that window.  When one end of a relationship is a class, 
C, the relationship is transitive to the resources declared directly by C, 
but it is *not* automatically transitive to other *classes* declared by C.  
That is, although classes serve as containers for the resources they 
declare, they do not automatically contain the other classes they declare.

That (lack of) class containment behavior is intentional and desirable as a 
default, but often enough you do want classes to contain other classes.  
For that, there is the `contain` function, which provides include-like 
class declarations with containment semantics, and which therefore can be 
used also in addition to another declaration of the same class to add 
containment semantics.  Although the details of your Class[some_class] are 
unclear, you probably want something more or less along these lines:

class some_class (
# params here
) {
  contain some_class::install
  contain some_class::config
  contain some_class::gem_Install
  contain some_class::service

  Class[some_class::install]
-> Class[some_class::config]
-> Class[some_class::gem_install]
-> Class[some_class::service]
}

John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/d346ca91-8016-4e45-b448-604fb6e1b786%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: why does the create_resource functio not contain in local scope?

2015-12-03 Thread Haani Niyaz

Thanks for the clarification. I did forget to mention that I tried the 
ordering of my classes as well:

class { 'server_packages':
# list of packages
server_packages  => hiera('server_packages'), 
enable_repo  => 'my-rpms,base', 
  } ->

class { 'some_class': 
   # params here
  }





On Tuesday, 1 December 2015 01:19:39 UTC+11, jcbollinger wrote:
>
>
>
> On Thursday, November 26, 2015 at 9:34:37 PM UTC-6, Haani Niyaz wrote:
>  
>
>> As you can see in the output above server_packges will be executed again 
>> after the execution of some_class:
>> Notice: Class[some_class::Service]: Would have triggered 'refresh' from 2 
>> events
>> Notice: /Stage[main]/Server_packages/Package[mysql-devel.x86_64]/ensure: 
>> current_value absent, should be present (noop)
>>
>>
>
> No, I don't see that, nor any reason to suppose it.  The output you 
> presented lists Package[mysql-devel.x86_64] exactly once.  Puppet chooses 
> to manage it later in the run than it does other packages that (I presume) 
> are managed via your Class[server-packages], including the related 
> package Package[mysql.x86_64], but you have not shown any ordering 
> constraints that would instruct Puppet to do otherwise.
>
>  
>
>>
>> I came across the following which seems to highlight the problem but it 
>> was fixed in an older version:
>>
>>
>> *create_resources should contain native types in the local scope*
>>
>>
>> https://projects.puppetlabs.com/issues/8032
>>
>>
>
> That bug was reported against Puppet 2.7.0 and fixed in version 2.7.3.  
> Nothing you have presented suggests a regression.
>
> Probably you have a misunderstanding about the nature of Puppet classes.  
> Although classes serve as logical containers for resources, Puppet does not 
> inherently prevent application of different containers from overlapping, 
> which is what you appear to be seeing -- application of resources from at 
> least two different containers interleaved.  If you want to influence the 
> order in which resources are applied then you must employ appropriate 
> order-of-application constraints 
> 
> .
>
>
> John
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/0ddc2586-2703-43d1-97b9-064dc2fa5df8%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: why does the create_resource functio not contain in local scope?

2015-11-30 Thread jcbollinger

On Thursday, November 26, 2015 at 9:34:37 PM UTC-6, Haani Niyaz wrote:

> As you can see in the output above server_packges will be executed again 
> after the execution of some_class:
> Notice: Class[some_class::Service]: Would have triggered 'refresh' from 2 
> events
> Notice: /Stage[main]/Server_packages/Package[mysql-devel.x86_64]/ensure: 
> current_value absent, should be present (noop)
>
>

No, I don't see that, nor any reason to suppose it.  The output you 
presented lists Package[mysql-devel.x86_64] exactly once.  Puppet chooses 
to manage it later in the run than it does other packages that (I presume) 
are managed via your Class[server-packages], including the related package 
Package[mysql.x86_64], but you have not shown any ordering constraints that 
would instruct Puppet to do otherwise.

>
> I came across the following which seems to highlight the problem but it 
> was fixed in an older version:
>
>
> *create_resources should contain native types in the local scope*
>
>
> https://projects.puppetlabs.com/issues/8032
>
>

That bug was reported against Puppet 2.7.0 and fixed in version 2.7.3.  
Nothing you have presented suggests a regression.

Probably you have a misunderstanding about the nature of Puppet classes.  
Although classes serve as logical containers for resources, Puppet does not 
inherently prevent application of different containers from overlapping, 
which is what you appear to be seeing -- application of resources from at 
least two different containers interleaved.  If you want to influence the 
order in which resources are applied then you must employ appropriate 
order-of-application constraints 
.

John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/98bc1a52-bff4-40a1-8709-0b538e4096e3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: why does the create_resource functio not contain in local scope?

2015-11-26 Thread Haani Niyaz

Also my puppet (agent) version is 3.8.1. I run puppet apply.

On Friday, 27 November 2015 14:34:37 UTC+11, Haani Niyaz wrote:
>
> I have the following class which purely initiates the create_resource 
> function:
>
> class server_packages (
> $server_packages,
>  $enable_repo = '*'
> ){
> Package {
>   install_options => [ { '--disablerepo' => '*' } , { '--enablerepo' 
> => $enable_repo }]
> }
> create_resources(package, $server_packages,)
> }
>
>
> This is called in a profile:
>
> class { 'server_packages':
> # list of packages
> server_packages  => hiera('server_packages'), 
> enable_repo  => 'my-rpms,base', 
>   } 
>
>
>
>
> class { 'some_class': 
># params here
>  }
>
>
>
> Puppet run:
>
> Notice: Compiled catalog for automation01 in environment production in 
> 2.44 seconds
> Notice: /Stage[main]/Server_packages/Package[gcc-c++]/ensure: 
> current_value absent, should be present (noop)
> Notice: /Stage[main]/Server_packages/Package[openssl-devel]/ensure: 
> current_value absent, should be present (noop)
> Notice: /Stage[main]/Server_packages/Package[apr-util-devel]/ensure: 
> current_value absent, should be present (noop)
> Notice: /Stage[main]/Server_packages/Package[mysql.x86_64]/ensure: 
> current_value absent, should be present (noop)
> Notice: /Stage[main]/Server_packages/Package[glibc-devel.i686]/ensure: 
> current_value absent, should be present (noop)
> Notice: /Stage[main]/Server_packages/Package[libffi-devel]/ensure: 
> current_value absent, should be present (noop)
> Notice: /Stage[main]/Server_packages/Package[apr-devel]/ensure: 
> current_value absent, should be present (noop)
> Notice: /Stage[main]/Server_packages/Package[gcc]/ensure: current_value 
> absent, should be present (noop)
> Notice: /Stage[main]/Server_packages/Package[zlib-devel]/ensure: 
> current_value absent, should be present (noop)
> Notice: /Stage[main]/Server_packages/Package[libcurl-devel]/ensure: 
> current_value absent, should be present (noop)
> Notice: /Stage[main]/Server_packages/Package[httpd-devel]/ensure: 
> current_value absent, should be present (noop)
> Notice: /Stage[main]/Server_packages/Package[sqlite-devel]/ensure: 
> current_value absent, should be present (noop)
> Notice: /Stage[main]/Server_packages/Package[jre]/ensure: current_value 
> absent, should be 1.7.0_79-fcs (noop)
> Notice: /Stage[main]/Server_packages/Package[httpd]/ensure: current_value 
> absent, should be present (noop)
> Notice: /Stage[main]/some_class::Install/Package[app]/ensure: 
> current_value absent, should be 1.0-1 (noop)
> Notice: Class[some_class::Install]: Would have triggered 'refresh' from 1 
> events
> Notice: 
> /Stage[main]/some_class::Config/File[/etc/init.d/appservice]/ensure: 
> current_value absent, should be file (noop)
> Notice: /Stage[main]/some_class::Config/File[/opt/vendor]/ensure: 
> current_value absent, should be directory (noop)
> Notice: 
> /Stage[main]/some_class::Config/File[/opt/vendor/product-some_class/current/config/b.json]/ensure:
>  
> current_value absent, should be present (noop)
> Notice: 
> /Stage[main]/some_class::Config/File[/opt/vendor/product-some_class/current/scripts/run.rb]/ensure:
>  
> current_value absent, should be present (noop)
> Notice: /Stage[main]/some_class::Config/File[/opt/app]/ensure: 
> current_value absent, should be present (noop)
> Notice: /Stage[main]/some_class::Config/File[/opt/app/gem.sh]/ensure: 
> current_value absent, should be file (noop)
> Notice: 
> /Stage[main]/some_class::Config/File[/opt/app/.bash_profile]/ensure: 
> current_value absent, should be file (noop)
> Notice: /Stage[main]/some_class::Config/File[/opt/app/app_stop.sh]/ensure: 
> current_value absent, should be file (noop)
> Notice: /Stage[main]/some_class::Config/File[/etc/logrotate.d/app]/ensure: 
> current_value absent, should be file (noop)
> Notice: 
> /Stage[main]/some_class::Config/File[/opt/vendor/product-some_class/current/config/config.json]/ensure:
>  
> current_value absent, should be present (noop)
> Notice: 
> /Stage[main]/some_class::Config/File[/opt/vendor/product-some_class/mbct/mbct.properties]/ensure:
>  
> current_value absent, should be present (noop)
> Notice: 
> /Stage[main]/some_class::Config/File[/opt/app/app_startup.sh]/ensure: 
> current_value absent, should be file (noop)
> Notice: /Stage[main]/some_class::Config/File[/opt/ffmpeg]/ensure: 
> current_value absent, should be directory (noop)
> Notice: Class[some_class::Config]: Would have triggered 'refresh' from 13 
> events
> Notice: 
> /Stage[main]/some_class::Gem_install/Exec[/opt/app/gem.sh]/returns: 
> current_value notrun, should be 0 (noop)
> Notice: Class[some_class::Gem_install]: Would have triggered 'refresh' 
> from 1 events
> Notice: /Stage[main]/some_class::Service/Service[appservice]/ensure: 
> current_value stopped, should be running (noop)
> Notice: /Stage[main]/some_class::Service/Service[httpd]/ensure: 
> current_value stopped, should be running (noop)
> Notice:

Re: [Puppet Users] Re: Why the copied file on client site will not be recovered from server?

2015-10-15 Thread Wei Chen

Many thanks for your patience and help!

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/4cf051d2-fcf0-407e-8258-5d6c69ba3559%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: Why the copied file on client site will not be recovered from server?

2015-10-14 Thread Wei Chen

Hi,

If I not using any option, but simply as follow, it works, i.g. the agent 
will kept running:

puppet agent


But I could remember, I ran 'puppet agent -t' before and it works. I am not 
sure if  I remember wrong?


What is the difference between these? Maybe the option '-t' is just for 
onetime?

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/ccfbd24e-a298-41c8-b01f-9c2a5daf09eb%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: Why the copied file on client site will not be recovered from server?

2015-10-14 Thread Wei Chen

And here is the puppet.conf on agent side. I haven't changed it except 
moving the server definition to the [agent]:

]# cat puppet.conf
[main]
# The Puppet log directory.
# The default value is '$vardir/log'.
logdir = /var/log/puppet

# Where Puppet PID files are kept.
# The default value is '$vardir/run'.
rundir = /var/run/puppet

# Where SSL certificates are kept.
# The default value is '$confdir/ssl'.
ssldir = $vardir/ssl

[agent]
# The file in which puppetd stores a list of the classes
# associated with the retrieved configuratiion.  Can be loaded in
# the separate ``puppet`` executable using the ``--loadclasses``
# option.
# The default value is '$confdir/classes.txt'.
classfile = $vardir/classes.txt

# Where puppetd caches the local configuration.  An
# extension indicating the cache format is added automatically.
# The default value is '$confdir/localconfig'.
localconfig = $vardir/localconfig

server=s001ap38-test

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/b3d812e1-3ab7-48c2-b293-38483949744b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: Why the copied file on client site will not be recovered from server?

2015-10-14 Thread jcbollinger



On Wednesday, October 14, 2015 at 2:39:02 AM UTC-5, Wei Chen wrote:
>
> Hi,
>
> If I not using any option, but simply as follow, it works, i.g. the agent 
> will kept running:
>
> puppet agent
>
>
> But I could remember, I ran 'puppet agent -t' before and it works. I am 
> not sure if  I remember wrong?
>
>
> What is the difference between these? Maybe the option '-t' is just for 
> onetime?
>
>

Yes, the '-t' option is shorthand for a collection of several others, one 
of which is '--onetime'.  It absolutely implies *not* running as a daemon.


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/7bfdd9ca-9bbc-4ed1-9b18-26874288a1ab%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: Why the copied file on client site will not be recovered from server?

2015-10-13 Thread Wei Chen

Sorry, there is a mistyping. It should be:

...
the agent can't be kept running and is stopped.
...


Am Dienstag, 13. Oktober 2015 11:01:02 UTC+2 schrieb Wei Chen:
>
> Hi John,
>
> Now I moved the server-setting to the section of [agent]. And really I 
> don't need typing the server option as follow:
>
> puppet agent -t
>
> But the agent can't be started as a daemon now, i.g. the agent can be kept 
> running and is stopped.
>
> Any suggestion?
>
>
> Wei
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/a0ae7053-54de-43ed-995a-8f484058ada3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: Why the copied file on client site will not be recovered from server?

2015-10-13 Thread Wei Chen

Hi John,

Now I moved the server-setting to the section of [agent]. And really I 
don't need typing the server option as follow:

puppet agent -t

But the agent can't be started as a daemon now, i.g. the agent can be kept 
running and is stopped.

Any suggestion?


Wei

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/bab58fe1-f08d-4a7b-a080-6a3d311d9571%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: Why the copied file on client site will not be recovered from server?

2015-10-13 Thread jcbollinger



On Tuesday, October 13, 2015 at 4:01:02 AM UTC-5, Wei Chen wrote:
>
> Hi John,
>
> Now I moved the server-setting to the section of [agent]. And really I 
> don't need typing the server option as follow:
>
> puppet agent -t
>
> But the agent can't be started as a daemon now, i.g. the agent can be kept 
> running and is stopped.
>
> Any suggestion?
>
>
This is not a normal consequence of having a 'server' setting in the 
agent's configuration.  I cannot be certain whether it is entirely 
coincidental, or whether there is some sort of bad interaction with another 
option or with your environment.

Does the agent emit any diagnostic (into the log, probably) when you 
attempt to start it as a daemon?  What options are you specifying to it, 
either on the command line or in the config file?


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/15942304-beed-483f-8d02-6694e9d238b9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: Why the copied file on client site will not be recovered from server?

2015-10-12 Thread Wei Chen

Hi,

Here is my puppet.conf on the server side:
...
[master]
certname=s001ap38-test
...

The puppet.conf on the agent side is:
...
[master]
server=s001ap38-test
...



-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/b0ad32a7-3ef6-4e76-b9b9-baa4d8953acf%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: Why the copied file on client site will not be recovered from server?

2015-10-12 Thread jcbollinger

On Monday, October 12, 2015 at 2:40:23 AM UTC-5, Wei Chen wrote:
>
> Hi,
>
> Here is my puppet.conf on the server side:
> ...
> [master]
> certname=s001ap38-test
> ...
>
> The puppet.conf on the agent side is:
> ...
> [master]
> server=s001ap38-test
> ...
>
>

The puppet agent does not use anything in the [master] section of the 
config file.  That section is for configuration specific to the master 
process -- that is, for the master to *use*, not to tell other components 
*about* the master.  The server setting should be in the [agent] section or 
maybe the [main] section, because it is for the agent to use.

John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/6fe4a1fa-b433-40c3-92f0-25999ec153e9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: Why the copied file on client site will not be recovered from server?

2015-10-09 Thread Wei Chen

Hi John,

You are right.

Now I use the following command and it works.

puppet agent --server s001ap38-test -t

Many thanks!

Wei

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/03a64fb7-a3cd-4c88-8659-0723c04f0ac8%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: Why the copied file on client site will not be recovered from server?

2015-10-09 Thread Rich Burroughs

You are specifying the name of the Puppet master when you use --server but
that's not how the agent will usually run. The error you're getting with
the puppet agent -t indicates a problem communicating with the master.
That's going to behave the same as when the agent runs every 30 minutes.

I would check to make sure that the agent has the correct master listed in
its puppet.conf file, and also that you can resolve that master's name from
the agent host.

There's a bit of additional troubleshooting info in this doc:

http://docs.puppetlabs.com/puppet/4.2/reference/quick_start_master_agent_communication.html


Rich
On Thu, Oct 8, 2015 at 11:56 PM Wei Chen  wrote:

> Hi John,
>
> Thanks for your answer first.
>
> I am new comer of puppet. I just wrote some simple code as follow:
>
> The 'site.pp' on the server side:
>
> import 'nodes.pp'
> $puppetmaster = 's001ap38-test'
>
>
> The 'init.pp' on the server side:
> class httpd {
> package { "httpd":
> ensure => present,
> }
>
> file { "/etc/httpd/conf.d/s001is35-test.conf":
> owner => "root",
> group => "root",
> mode => 0666,
> source => "puppet:///modules/httpd/s001is35-test.conf",
> require => Package["httpd"],
> }
> }
>
>
> The 'nodes.pp' on the server side:
>
> node 's001is35-test' {
> include httpd
> }
>
>
> I ran the agent with following command:
>
> puppet agent --server s001ap38-test --no-daemonize --verbose --onetime
>
> The file 's001is35-test.conf' is coped from the server to agent. But since
> I used the option '--onetime', the agent is stopped after this. I think
> this is the reason why the copied file on the agent side, which I've
> changed it, is not recovered after 30 min.
>
>
> Then I try to run the agent manually with 'puppet agent -t' as you told.
> But I got error as follow:
> ...
> ]# puppet agent -t
> err: Could not retrieve catalog from remote server: getaddrinfo: Name or
> service not known
> warning: Not using cache on failed catalog
> err: Could not retrieve catalog; skipping run
> err: Could not send report: getaddrinfo: Name or service not known
> ...
>
> Then I simply run the agent with:
> puppet agent
>
> The agent is ran as a daemon.
>
> But 30 min later, the file is not recovered yet.
>
>
> Any suggestion?
>
>
> Wei
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/dbd18b91-3d8e-43e5-b22a-51250c5b9c52%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAPGcbtB9eB2ZmiOvSP0g7XWDE8%2BFwXgBVd5ivhKXVmPbsSREPQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Why the copied file on client site will not be recovered from server?

2015-10-09 Thread Wei Chen

Hi John,

Thanks for your answer first.

I am new comer of puppet. I just wrote some simple code as follow:

The 'site.pp' on the server side:

import 'nodes.pp'
$puppetmaster = 's001ap38-test'


The 'init.pp' on the server side:
class httpd {
package { "httpd":
ensure => present,
}

file { "/etc/httpd/conf.d/s001is35-test.conf":
owner => "root",
group => "root",
mode => 0666,
source => "puppet:///modules/httpd/s001is35-test.conf",
require => Package["httpd"],
}
}


The 'nodes.pp' on the server side:

node 's001is35-test' {
include httpd
}


I ran the agent with following command:

puppet agent --server s001ap38-test --no-daemonize --verbose --onetime

The file 's001is35-test.conf' is coped from the server to agent. But since 
I used the option '--onetime', the agent is stopped after this. I think 
this is the reason why the copied file on the agent side, which I've 
changed it, is not recovered after 30 min.


Then I try to run the agent manually with 'puppet agent -t' as you told. 
But I got error as follow:
...
]# puppet agent -t
err: Could not retrieve catalog from remote server: getaddrinfo: Name or 
service not known
warning: Not using cache on failed catalog
err: Could not retrieve catalog; skipping run
err: Could not send report: getaddrinfo: Name or service not known
...

Then I simply run the agent with:
puppet agent

The agent is ran as a daemon.

But 30 min later, the file is not recovered yet.


Any suggestion?


Wei

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/dbd18b91-3d8e-43e5-b22a-51250c5b9c52%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: Why the copied file on client site will not be recovered from server?

2015-10-09 Thread Rich Burroughs

Hi Wei,

I wasn't suggesting you should always run it with that --server flag. What
I was saying is that the fact that you have to do that to make it work
means something is wrong.

Again, I would check on the agent host to see what server you have listed
in its puppet.conf file. And then see if you can actually resolve that
hostname from the agent node.

My guess is that you don't have that same server listed in the agent's
puppet.conf that you're using when you run with --server. If that's true
you should just fix it there.

Rich
On Fri, Oct 9, 2015 at 3:25 AM Wei Chen  wrote:

> Hi John,
>
> You are right.
>
> Now I use the following command and it works.
>
> puppet agent --server s001ap38-test -t
>
> Many thanks!
>
> Wei
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/03a64fb7-a3cd-4c88-8659-0723c04f0ac8%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAPGcbtDa54bqe8FgTyRa%3De8noWipOWwEj_RPmUF3oLZmLrDNCg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Why the copied file on client site will not be recovered from server?

2015-10-08 Thread jcbollinger



On Thursday, October 8, 2015 at 1:34:39 AM UTC-5, Wei Chen wrote:
>
> Hi,
>
> I change the copied file on client site on purpose to see if this will be 
> recovered by server. According to the document, the changed file on client 
> will be recovered by server every half an hour. But this doesn't happen.
>
>
A file whose content is *managed* by Puppet will see that content restored 
to whatever is specified for it whenever Puppet performs a catalog run.  If 
the agent is running in daemon mode, then by default it will attempt to 
perform a catalog run every 30 minutes.

If you modify a file and the change is not reverted within 30 minutes, then 
there is a wide variety of possible explanations, among them:

   - no catalog run has been performed.  This could be because
  - the agent does not yet have a certificate the master will accept 
  (most likely because its certificate has not yet been signed), or
  - the agent is not running in daemon mode, and has not been run 
  manually, or
  - the agent is configured not to perform catalog runs at all, or to 
  perform them only at intervals larger than 30 minutes, or
  - catalog runs have been manually disabled, or
  - the agent was unable to obtain its catalog from the master, and 
  either does not have a cached one or is configured to not use cached 
  catalogs. OR
  - the affected file's content is not under Puppet management.  This 
   could be because
  - the file itself is not under management, or
  - the file resource corresponding to the affected file specifies 
  neither a source nor content, or
  - the file resource's 'ensure' attribute is set to something other 
  than 'file', or
  - the file resource is configured with replace => false. OR
   - the agent does not have sufficient privilege to modify the file.

There may be other possibilities.

Many of those alternatives could be identified either generally or 
specifically by examination of the appropriate system log file on the 
client, and for a few of them the master's logs might also be 
illuminating.  We could perhaps rule some of them out by examination of the 
resource declaration for the file in question.  It might also be useful to 
try running the agent manually ('puppet agent -t').

Overall, however, you have not yet given us *nearly* enough information to 
diagnose the problem.


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/06e1ea9f-6708-4636-afb0-1cdda7f0ef75%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: why doesn't 'Package | provider == apt |' work for me?

2015-03-12 Thread jcbollinger



On Wednesday, March 11, 2015 at 10:02:08 PM UTC-5, Amos Shapira wrote:

 On Thursday, 12 March 2015 00:39:53 UTC+11, jcbollinger wrote:



 On Tuesday, March 10, 2015 at 10:30:48 PM UTC-5, Amos Shapira wrote:

 Hi,

 I'm running into the common issue of having to force an apt-get update 
 before installing packages (in my case - because the base EC2 AMI is old 
 and I need it to pick newer package versions).

 I ended up doing the usual:

  exec { 'apt-get update':
path = '/usr/bin/',
  }
  -
  Package | |



 If you are using PuppetLabs's Apt module, then I think setting the 
 'always_apt_update = true' on class 'apt' and declaring

 Class['Apt'] - Package | |


 should take care of it for you.  That module's 'apt::update' class is not 
 really suited to be public, given the way the module uses it.


 Thanks. I'm aware of the always_apt_update option but am worried that it 
 means that puppet will force an apt-get update every time it runs (every 
 30 minutes).  We will eventually move away from puppet agents to immutable 
 images but until then I'm worried that this could stir up a lot of load on 
 our EC2 instances which we wouldn't want.



Well yes, I would expect 'always_apt_update = true' to cause an apt-get 
update on every Puppet run.  I didn't comment on that before because you 
get the same thing from the Exec you described using.


John

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/6778e9ab-f414-4895-a892-6b73c78074d7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: why doesn't 'Package | provider == apt |' work for me?

2015-03-11 Thread jcbollinger



On Tuesday, March 10, 2015 at 10:30:48 PM UTC-5, Amos Shapira wrote:

 Hi,

 I'm running into the common issue of having to force an apt-get update 
 before installing packages (in my case - because the base EC2 AMI is old 
 and I need it to pick newer package versions).

 I ended up doing the usual:

  exec { 'apt-get update':
path = '/usr/bin/',
  }
  -
  Package | |



If you are using PuppetLabs's Apt module, then I think setting the 
'always_apt_update = true' on class 'apt' and declaring

Class['Apt'] - Package | |


should take care of it for you.  That module's 'apt::update' class is not 
really suited to be public, given the way the module uses it.

 

 (I can't use apt::update because it creates dependency cycles) and it 
 works.

 But what baffles me is that I really only need apt-get update to execute 
 before apt packages get installed, like this:

 Package | provider = apt |

 But this doesn't trigger the apt-get update.

 Just as an example, I also have a Gem-provider related exec which works as 
 expected:

   exec { 'Add Ruby Gems repo mirror':
 command = 'gem source --config-file /etc/gemrc -a 
 http://production.cf.rubygems.org/',
 unless  = 'gem source --config-file /etc/gemrc | fgrep -xq 
 http://production.cf.rubygems.org/',
 path= '/usr/bin:/bin',
   }
   -
   Package| provider == 'gem' |

 So why doesn't it work for the apt provider?


 
Resource collectors operate during catalog building.  Their selection 
predicates can see only parameter and property values *explicitly* declared 
in your manifests.  It does not know what values will be effective at 
catalog application time for any other parameters.  In particular, it does 
not know what provider will be selected during catalog application unless 
one is specified in the manifest, which is not usual when the system's 
default provider is expected.

To the best of my knowledge, the gem provider is not the default for any 
system, so you get it only when you specifically ask for it.  That's why 
you can reliably select gem Packages by provider.  'Apt' is normally the 
default Package provider on systems that support it at all.  Your selection 
predicate will not match Package resources that rely 'apt' being selected 
by default.


John


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/3db8500f-db7f-4343-9054-a6abcd5209ce%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: why doesn't 'Package | provider == apt |' work for me?

2015-03-11 Thread Amos Shapira

On Thursday, 12 March 2015 00:39:53 UTC+11, jcbollinger wrote:

On Tuesday, March 10, 2015 at 10:30:48 PM UTC-5, Amos Shapira wrote:

Hi,

I'm running into the common issue of having to force an apt-get update
before installing packages (in my case - because the base EC2 AMI is old
and I need it to pick newer package versions).

I ended up doing the usual:

exec { 'apt-get update':
path = '/usr/bin/',
}
-
Package | |

If you are using PuppetLabs's Apt module, then I think setting the
'always_apt_update = true' on class 'apt' and declaring

Class['Apt'] - Package | |

should take care of it for you. That module's 'apt::update' class is not
really suited to be public, given the way the module uses it.

Thanks. I'm aware of the always_apt_update option but am worried that it
means that puppet will force an apt-get update every time it runs (every
30 minutes). We will eventually move away from puppet agents to immutable
images but until then I'm worried that this could stir up a lot of load on
our EC2 instances which we wouldn't want.

Perhaps I should reconsider this option.

(I can't use apt::update because it creates dependency cycles) and it
works.

But what baffles me is that I really only need apt-get update to
execute before apt packages get installed, like this:

Package | provider = apt |

But this doesn't trigger the apt-get update.

Just as an example, I also have a Gem-provider related exec which works
as expected:

exec { 'Add Ruby Gems repo mirror':
command = 'gem source --config-file /etc/gemrc -a
http://production.cf.rubygems.org/',
unless = 'gem source --config-file /etc/gemrc | fgrep -xq
http://production.cf.rubygems.org/',
path= '/usr/bin:/bin',
}
-
Package| provider == 'gem' |

So why doesn't it work for the apt provider?

Resource collectors operate during catalog building. Their selection
predicates can see only parameter and property values *explicitly*
declared in your manifests. It does not know what values will be effective
at catalog application time for any other parameters. In particular, it
does not know what provider will be selected during catalog application
unless one is specified in the manifest, which is not usual when the
system's default provider is expected.

To the best of my knowledge, the gem provider is not the default for any
system, so you get it only when you specifically ask for it. That's why
you can reliably select gem Packages by provider. 'Apt' is normally the
default Package provider on systems that support it at all. Your selection
predicate will not match Package resources that rely 'apt' being selected
by default.

Thanks for the explanation. That makes sense. Mystery answered :)

John

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/5b4569a1-b6c5-4d48-8942-70f26e1523ef%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Why does my Puppet Master randomly revoke my Agent's certificate?

2014-09-03 Thread Eric Sorenson

Note too that the certificate revocation list only contains serial numbers.
So it could be that you are getting duplicate serial numbers issued, and
the number matches one that was cleaned/revoked at some point in the past,
so the CRL contains its number. More in my ssl troubleshooting guide on
ask:

http://ask.puppetlabs.com/question/25/how-can-i-troubleshoot-problems-with-puppets-ssl-layer/

On Tuesday, September 2, 2014 6:51:22 PM UTC-7, Jason Oakley wrote:

Thanks. I'll look at that, but the only thing running on my Master server
is Puppet Master. My Agent server only has Minecraft, PHP, MySQL,
WordPress.. nothing using certificates at all.

On Wednesday, 3 September 2014 00:55:20 UTC+10, jcbollinger wrote:

On Monday, September 1, 2014 5:57:58 PM UTC-5, Jason Oakley wrote:

My servers were working fine, when I got this error:
Inventory
Could not retrieve facts from inventory service: SSL_connect returned=1
errno=0 state=SSLv3 read server session ticket A: sslv3 alert certificate
revoked

Now, everything was working fine. Due to this error, I re-created the
certificate and all was well. Then, I logged onto the Master a day or two
later and the certificate is yet again revoked.
How do I stop this?

Puppet does not perform automatic certificate revokations. I have
personally crawled the code to check. IIRC, the last time we had a
question like this one, the user eventually discovered a separate automated
process in his environment that was revoking certain certificates. If you
have any kind of automated process around issuing certs, then that's the
first place I would look.

You could also consider making your ssl/ directory and everything in it
read-only (immutable, if necessary), to try to identify the rogue behavior
by forcing it to error out.

John

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/4526c9c2-a3c0-4032-87fb-1f36aff7633e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Why does my Puppet Master randomly revoke my Agent's certificate?

2014-09-02 Thread jcbollinger

On Monday, September 1, 2014 5:57:58 PM UTC-5, Jason Oakley wrote:

You could also consider making your ssl/ directory and everything in it
read-only (immutable, if necessary), to try to identify the rogue behavior
by forcing it to error out.

John

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/f6c5cc3b-0a38-4358-a48f-9e06aec13623%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Why does my Puppet Master randomly revoke my Agent's certificate?

2014-09-02 Thread Jason Oakley

Thanks. I'll look at that, but the only thing running on my Master server
is Puppet Master. My Agent server only has Minecraft, PHP, MySQL,
WordPress.. nothing using certificates at all.

On Wednesday, 3 September 2014 00:55:20 UTC+10, jcbollinger wrote:

On Monday, September 1, 2014 5:57:58 PM UTC-5, Jason Oakley wrote:

You could also consider making your ssl/ directory and everything in it
read-only (immutable, if necessary), to try to identify the rogue behavior
by forcing it to error out.

John

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/0f75ac27-b64b-445c-8e07-d43499d5f8f7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Why there is a need for the architecture fact when it is only using hardwaremodel fact?

2013-10-28 Thread beyonddc . storage

Got it, thank you very much

On Friday, October 25, 2013 2:45:31 PM UTC-4, Daniele Sluijters wrote:

 Hi,

 It doesn't only use hardwaremodel fact:

 https://github.com/puppetlabs/facter/blob/master/lib/facter/architecture.rb#L6:L10
 # Resolution:
 #   On non-AIX IBM, OpenBSD, Linux and Debian's kfreebsd, use the 
 hardwaremodel fact.
 #   On AIX get the arch value from lsattr -El proc0 -a type
 #   Gentoo and Debian call x86_86 amd64.
 #   Gentoo also calls i386 x86.

 -- 
 Daniele Sluijters

 On Thursday, 24 October 2013 16:49:57 UTC+2, beyonddc...@gmail.com wrote:

 Hi all, hopefully this is a quick question.  I would like to know why 
 there is a need for the architecture fact when it is only using 
 hardwaremodel fact?

 Thanks!



-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Re: Why there is a need for the architecture fact when it is only using hardwaremodel fact?

2013-10-25 Thread Daniele Sluijters

Hi,

It doesn't only use hardwaremodel fact:
https://github.com/puppetlabs/facter/blob/master/lib/facter/architecture.rb#L6:L10
# Resolution:
#   On non-AIX IBM, OpenBSD, Linux and Debian's kfreebsd, use the 
hardwaremodel fact.
#   On AIX get the arch value from lsattr -El proc0 -a type
#   Gentoo and Debian call x86_86 amd64.
#   Gentoo also calls i386 x86.

-- 
Daniele Sluijters

On Thursday, 24 October 2013 16:49:57 UTC+2, beyonddc...@gmail.com wrote:

 Hi all, hopefully this is a quick question.  I would like to know why 
 there is a need for the architecture fact when it is only using 
 hardwaremodel fact?

 Thanks!


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Re: Why a execute command show as changed on Dashboard?

2013-02-14 Thread d . o . kip

You are creating a 'new' file every time(well new content), so in essence, 
it is true that the configuration has changed.

To avoid this, you should make your command smarter and make sure it only 
runs when changes are in the crontab. There is no need to make a backup of 
something that has not changed.

It would probably be even better to just manage the file itself in puppet, 
giving you complete control over it, and not needing a backup anymore.

Also, creating backups by using puppet is not really good practise. Puppet 
is good at setting up a configuration, and should be about resources coming 
to a defined state, not about being a job scheduler. 

In short, there is no 'normal' way around abnormal use of Puppet ;) But of 
course workarounds are possible.

//Danny.
 


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Re: Why a execute command show as changed on Dashboard?

2013-02-14 Thread Tiago Cruz

Hello Danny, nice explanation, thank you!!!

I agree with you, this is really a new file everytime. So let's try 
another example:

exec { authconfig:
 command = authconfig-tui --ldapserver=ldap://ldap.com 
 --ldapbasedn=dc=bla,dc=com --enableshadow --enablemd5 --enableldap 
 --enableldapauth --disableldaptls --enablelocauthorize --kickstart,
 path= /usr/bin/:/bin/:/usr/sbin,
 onlyif  = fgrep ldap.com /etc/ldap.conf,
 }


The idea is the same: Just do the configuration if was needed, but when I 
look the report, I got:

Log
LevelMessageSourceFileLineTimenoticeexecuted successfully
/Stage[main]/Base::Ldap/Exec[authconfig]/returns
/etc/puppet/modules/base/manifests/ldap.pp362013-02-14 10:38 BRSTnoticeFinished 
catalog run in 7.56 secondsPuppet2013-02-14 10:38 BRST

What can I do to workaround this? :D

Thanks!!


Em quinta-feira, 14 de fevereiro de 2013 10h30min45s UTC-2, 
d.o...@cri-service.nl escreveu:

 You are creating a 'new' file every time(well new content), so in essence, 
 it is true that the configuration has changed.

 To avoid this, you should make your command smarter and make sure it only 
 runs when changes are in the crontab. There is no need to make a backup of 
 something that has not changed.

 It would probably be even better to just manage the file itself in puppet, 
 giving you complete control over it, and not needing a backup anymore.

 Also, creating backups by using puppet is not really good practise. Puppet 
 is good at setting up a configuration, and should be about resources coming 
 to a defined state, not about being a job scheduler. 

 In short, there is no 'normal' way around abnormal use of Puppet ;) But of 
 course workarounds are possible.

 //Danny.
  




-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Re: Why a execute command show as changed on Dashboard?

2013-02-14 Thread David Schmitt


On 14.02.2013 13:59, Tiago Cruz wrote:

Hello Danny, nice explanation, thank you!!!

I agree with you, this is really a new file everytime. So let's try
another example:

exec { authconfig:
 command = authconfig-tui --ldapserver=ldap://ldap.com
--ldapbasedn=dc=bla,dc=com --enableshadow --enablemd5 --enableldap
--enableldapauth --disableldaptls --enablelocauthorize --kickstart,
 path= /usr/bin/:/bin/:/usr/sbin,
onlyif = fgrep ldap.com /etc/ldap.conf,
 }


The idea is the same: Just do the configuration if was needed, but when
I look the report, I got:


  Log

Level   Message Source  FileLineTime
|notice||executed successfully|
|/Stage[main]/Base::Ldap/Exec[authconfig]/returns|
|/etc/puppet/modules/base/manifests/ldap.pp||36||2013-02-14 10:38 BRST|
|notice||Finished catalog run in 7.56 seconds|  |Puppet|||  
||
|2013-02-14 10:38 BRST|


What can I do to workaround this? :D


The message means that the authconfig-tui command is run *every time* 
puppet runs. This does not seem to be your intention. I guess, you 
should write unless = [ldap is configured] instead of onlyif = 
[ldap is configured]



Best Regards, David




Thanks!!


Em quinta-feira, 14 de fevereiro de 2013 10h30min45s UTC-2,
d.o...@cri-service.nl escreveu:

You are creating a 'new' file every time(well new content), so in
essence, it is true that the configuration has changed.

To avoid this, you should make your command smarter and make sure it
only runs when changes are in the crontab. There is no need to make
a backup of something that has not changed.

It would probably be even better to just manage the file itself in
puppet, giving you complete control over it, and not needing a
backup anymore.

Also, creating backups by using puppet is not really good practise.
Puppet is good at setting up a configuration, and should be about
resources coming to a defined state, not about being a job scheduler.

In short, there is no 'normal' way around abnormal use of Puppet ;)
But of course workarounds are possible.

//Danny.



--
You received this message because you are subscribed to the Google
Groups Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send
an email to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.




--
You received this message because you are subscribed to the Google Groups Puppet 
Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Re: Why a execute command show as changed on Dashboard?

2013-02-14 Thread Tiago Cruz

Hei David, thank you!

Dashboard running like a boss, thanks to you guys!

Nice!!

Em quinta-feira, 14 de fevereiro de 2013 11h09min27s UTC-2, David Schmitt 
escreveu:


 The message means that the authconfig-tui command is run *every time* 
 puppet runs. This does not seem to be your intention. I guess, you 
 should write unless = [ldap is configured] instead of onlyif = 
 [ldap is configured] 



-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Re: why do I get ensure changed 'purged' to 'present' on a package when it is already installed

2013-01-18 Thread jcbollinger



On Thursday, January 17, 2013 8:46:25 AM UTC-6, Andrey Kouznetsov wrote:

 I have exactly the same problem on Ubuntu 12.04



Then likely the underlying cause and solution are also the same as the OP 
already posted.


John

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/iZHUmyA0njAJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: why do I get ensure changed 'purged' to 'present' on a package when it is already installed

2013-01-17 Thread Andrey Kouznetsov

I have exactly the same problem on Ubuntu 12.04

On Saturday, February 6, 2010 4:24:58 AM UTC+4, tim_schofield wrote:

 Hi all,

 I have created a squid class that also installs squidGuard.  When I
 run puppetd I always get

 notice: //Node[.xx.xxx]/squid/squid::install/
 Package[squidGuard]/ensure: ensure changed 'purged' to 'present'

 even though the package is already installed - why is this change in
 package status happening as it then triggers my exec resource which is
 only supposed to run the first time when squidguard is installed
 (thereafter it is run as a cron job).  So at the moment it is
 triggered every time puppetd is run

 exec { /usr/local/bin/getblacklist.sh:
 subscribe = Package[squidGuard],
 refreshonly = true
 }


 Regards

 Tim



-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/-CTgFSYbeqYJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Why this Could not evaluate error?

2012-08-28 Thread Sandra Schlichting

Please replace testip with mttj-linuxterm1-puppet =)


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/kljEiHtlKgIJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Why this Could not evaluate error?

2012-08-28 Thread Krzysztof Wilczynski

Hi,

Thanks for the hugs :)

There seem to be a problem with underlying provider / binaries on which 
said provider relies. Nothing wrong with your content, as far as I can tell 
from the little snippet provided.

KW

On Tuesday, August 28, 2012 4:37:51 PM UTC+1, Sandra Schlichting wrote:

 Please replace testip with mttj-linuxterm1-puppet =)




-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/LHGLNHML-pAJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Why this Could not evaluate error?

2012-08-28 Thread jcbollinger



On Tuesday, August 28, 2012 3:03:45 PM UTC-5, Krzysztof Wilczynski wrote:

 Hi,

 Thanks for the hugs :)


Never can get enough of those :)
 


 There seem to be a problem with underlying provider / binaries on which 
 said provider relies. Nothing wrong with your content, as far as I can tell 
 from the little snippet provided.


If I recall correctly, 3.0.0RC3 was withdrawn.  Frankly, I was a bit 
surprised that RC4 came out as soon as it did.  Were I you, I would stick 
with Puppet 2.x for the time being, as it seems to be much more stable.


John

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/ofH6UBulpCwJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Why or who disabled client?

2012-06-05 Thread jcbollinger



On Jun 5, 2:13 am, Pavel Drobushevich p.drobushev...@gmail.com
wrote:
 Hi all,

 Sometimes one of agent prints message Skipping run of Puppet configuration
 client; administratively disabled; use 'puppet Puppet configuration client
 --enable' to re-enable. and stops working. No one  disables it. Any reason
 why it happens?


Puppet uses a lock file to prevent agent runs from overlapping, and it
multipurposes that same lock file to provide for administratively
disabling Puppet runs without actually shutting down the daemon.
Therefore, Puppet cannot distinguish between the agent being manually
disabled and the agent being disabled on account of another run being
in progress (or the agent being disabled because previously the
machine was abruptly halted while a run was in progress).

There are several possible scenarios, but the most likely are these:

1) You are performing periodic one-off agent runs, via cron for
example, and occasionally a run takes longer to complete than the
interval between runs.

2) You have more than one Puppet agent daemon running on the affected
machine, or you are both running the agent as a daemon and separately
launching one-off agent runs by some other means (manually, cron,
etc.).


John

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Why latest stable Debian Squeeze package is 2.6.2-5+squeeze4 please ?

2012-04-26 Thread Michael Stahnke

Added a pull request to puppet-docs

https://github.com/puppetlabs/puppet-docs/pull/67

Updated the wiki as well.

On Tue, Apr 24, 2012 at 2:35 AM, Christophe L cl.subscript...@gmail.com wrote:
 Hello Mike,

 Sorry for the late feedback.

 On this page
 http://docs.puppetlabs.com/guides/installation.html
 it is written
 
 OS Packages

 If installing from a distribution maintained package, such as those
 listed on the Downloading Puppet Wiki Page all OS prerequisites should
 be handled by your package manager.
 

 On this page
 http://projects.puppetlabs.com/projects/puppet/wiki/Downloading_Puppet
 it is written
 
 Debian Packages

 Debian packages are available from the Debian Packages site.
 

 So there is no information about the apt.puppetlabs.com debian package
 repository on those two pages, and I think it would be nice to have
 this information on at least one of them.

 Thanks in advance.

 Best regards,
 Christophe


 On 8 avr, 00:42, Michael Stahnke stah...@puppetlabs.com wrote:
 On Thu, Apr 5, 2012 at 10:34 PM, Christophe L cl.subscript...@gmail.com 
 wrote:
  Thank you all for your answers !

  As a suggestion for the documentation, that would be nice to have
  information about the http://apt.puppetlabs.com/apt repository on the
  puppet installation page.

 That is currently undergoing some work, and will be there.  If you
 happen to know pages exactly you were referencing, I'll be sure to
 them updated.

 Mike









  Best regards,
  Christophe

  On 5 avr, 20:58, Gabriel Filion lelu...@gmail.com wrote:
  On 12-04-05 07:19 AM, Christophe L wrote:

   After some research, I have found that the last stable debian package
   version is
   puppet (2.6.2-5+squeeze4) [security]
  http://packages.debian.org/squeeze/puppet

   and that 2.7.12-3 is considered as unstable
  http://packages.qa.debian.org/p/puppet.html

  In Debian's release cycle, the packages are freezed before a release.
  when this happens it means that package versions that are currently in
  the testing branch will be used for the next debian release, and will
  be used until the next release.

  the stable part in all that is the debian branch name that represents
  the current release, so what software they support.

  security patches will be backported to 2.6 as much as possible for as
  long as the current stable branch is the current one.

  for now, you can use the squeeze-backports[1] branch, in which you can
  find puppet 2.7

  [1]:http://backports-master.debian.org/Instructions/

  --
  Gabriel Filion

  --
  You received this message because you are subscribed to the Google Groups 
  Puppet Users group.
  To post to this group, send email to puppet-users@googlegroups.com.
  To unsubscribe from this group, send email to 
  puppet-users+unsubscr...@googlegroups.com.
  For more options, visit this group 
  athttp://groups.google.com/group/puppet-users?hl=en.

 --
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to 
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at 
 http://groups.google.com/group/puppet-users?hl=en.


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Why latest stable Debian Squeeze package is 2.6.2-5+squeeze4 please ?

2012-04-24 Thread Christophe L

Hello Mike,

Sorry for the late feedback.

On this page
http://docs.puppetlabs.com/guides/installation.html
it is written

OS Packages

If installing from a distribution maintained package, such as those
listed on the Downloading Puppet Wiki Page all OS prerequisites should
be handled by your package manager.


On this page
http://projects.puppetlabs.com/projects/puppet/wiki/Downloading_Puppet
it is written

Debian Packages

Debian packages are available from the Debian Packages site.


So there is no information about the apt.puppetlabs.com debian package
repository on those two pages, and I think it would be nice to have
this information on at least one of them.

Thanks in advance.

Best regards,
Christophe


On 8 avr, 00:42, Michael Stahnke stah...@puppetlabs.com wrote:
 On Thu, Apr 5, 2012 at 10:34 PM, Christophe L cl.subscript...@gmail.com 
 wrote:
  Thank you all for your answers !

  As a suggestion for the documentation, that would be nice to have
  information about the http://apt.puppetlabs.com/apt repository on the
  puppet installation page.

 That is currently undergoing some work, and will be there.  If you
 happen to know pages exactly you were referencing, I'll be sure to
 them updated.

 Mike









  Best regards,
  Christophe

  On 5 avr, 20:58, Gabriel Filion lelu...@gmail.com wrote:
  On 12-04-05 07:19 AM, Christophe L wrote:

   After some research, I have found that the last stable debian package
   version is
   puppet (2.6.2-5+squeeze4) [security]
  http://packages.debian.org/squeeze/puppet

   and that 2.7.12-3 is considered as unstable
  http://packages.qa.debian.org/p/puppet.html

  In Debian's release cycle, the packages are freezed before a release.
  when this happens it means that package versions that are currently in
  the testing branch will be used for the next debian release, and will
  be used until the next release.

  the stable part in all that is the debian branch name that represents
  the current release, so what software they support.

  security patches will be backported to 2.6 as much as possible for as
  long as the current stable branch is the current one.

  for now, you can use the squeeze-backports[1] branch, in which you can
  find puppet 2.7

  [1]:http://backports-master.debian.org/Instructions/

  --
  Gabriel Filion

  --
  You received this message because you are subscribed to the Google Groups 
  Puppet Users group.
  To post to this group, send email to puppet-users@googlegroups.com.
  To unsubscribe from this group, send email to 
  puppet-users+unsubscr...@googlegroups.com.
  For more options, visit this group 
  athttp://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Why latest stable Debian Squeeze package is 2.6.2-5+squeeze4 please ?

2012-04-07 Thread Michael Stahnke

On Thu, Apr 5, 2012 at 10:34 PM, Christophe L cl.subscript...@gmail.com wrote:
 Thank you all for your answers !

 As a suggestion for the documentation, that would be nice to have
 information about the http://apt.puppetlabs.com/ apt repository on the
 puppet installation page.

That is currently undergoing some work, and will be there.  If you
happen to know pages exactly you were referencing, I'll be sure to
them updated.

Mike


 Best regards,
 Christophe

 On 5 avr, 20:58, Gabriel Filion lelu...@gmail.com wrote:
 On 12-04-05 07:19 AM, Christophe L wrote:

  After some research, I have found that the last stable debian package
  version is
  puppet (2.6.2-5+squeeze4) [security]
 http://packages.debian.org/squeeze/puppet

  and that 2.7.12-3 is considered as unstable
 http://packages.qa.debian.org/p/puppet.html

 In Debian's release cycle, the packages are freezed before a release.
 when this happens it means that package versions that are currently in
 the testing branch will be used for the next debian release, and will
 be used until the next release.

 the stable part in all that is the debian branch name that represents
 the current release, so what software they support.

 security patches will be backported to 2.6 as much as possible for as
 long as the current stable branch is the current one.

 for now, you can use the squeeze-backports[1] branch, in which you can
 find puppet 2.7

 [1]:http://backports-master.debian.org/Instructions/

 --
 Gabriel Filion

 --
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to 
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at 
 http://groups.google.com/group/puppet-users?hl=en.


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Why latest stable Debian Squeeze package is 2.6.2-5+squeeze4 please ?

2012-04-05 Thread Christophe L

Thank you all for your answers !

As a suggestion for the documentation, that would be nice to have
information about the http://apt.puppetlabs.com/ apt repository on the
puppet installation page.

Best regards,
Christophe

On 5 avr, 20:58, Gabriel Filion lelu...@gmail.com wrote:
 On 12-04-05 07:19 AM, Christophe L wrote:

  After some research, I have found that the last stable debian package
  version is
  puppet (2.6.2-5+squeeze4) [security]
 http://packages.debian.org/squeeze/puppet

  and that 2.7.12-3 is considered as unstable
 http://packages.qa.debian.org/p/puppet.html

 In Debian's release cycle, the packages are freezed before a release.
 when this happens it means that package versions that are currently in
 the testing branch will be used for the next debian release, and will
 be used until the next release.

 the stable part in all that is the debian branch name that represents
 the current release, so what software they support.

 security patches will be backported to 2.6 as much as possible for as
 long as the current stable branch is the current one.

 for now, you can use the squeeze-backports[1] branch, in which you can
 find puppet 2.7

 [1]:http://backports-master.debian.org/Instructions/

 --
 Gabriel Filion

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Why is 'notify' acting as a 'before' and not a 'require' ?

2012-01-26 Thread jcbollinger



On Jan 24, 3:51 am, Alexandre alexandre.fou...@gmail.com wrote:
  Think about it. You want puppet to send a notification to a resource.
  Puppet must decide whether this notification gets sent. So it must
  process the notifying resource. After that, *if* a notification was in
  fact generated, it can process the notified resource.

 I see. I was making a difference between parsing the notified
 ressource and applying this resource. That is why i -though- the
 notify would require the parsing, but Puppet would then apply/refresh
 the notified resource afterwards. But it seems that for Puppet,
 parsing and applying the notified ressource is one operation, which
 means, if i understand correctly, that it is not possible to require
 and notify the same resource as i was expecting erroneously.


No, that is incorrect.  Parsing and applying are always distinct
operations to Puppet.  In general, they don't even happen on the same
machine.

Testing for dependency cycles is part of parsing manifests and
compiling them into a catalog.  This does not conflict with Felix's
explanation of why 'subscribe' and 'notify' [must] establish resource
relationships.

Perhaps you meant you thought the 'require' was needed for correct
parsing?  That is incorrect, precisely *because* Puppet separates
parsing / compiling from applying, but we need to be careful because
you use two semantically different 'require's in your manifest:

1) The 'require' function --
require 'apache'

2) The 'require' metaparameter --
require = [ Class['apache'] ]

You must first understand that the latter is redundant with the
former, because the former causes the entire class in which it appears
to have a requirement on the named class.  This is an order-of-
application consideration, not a parsing consideration, and it seems
to be the key problem in your manifest.

The 'require' function (but not the metaparameter) ADDITIONALLY has
the same effect as the 'include' function, and part of *that* effect
is indeed necessary to ensure that your manifest always parses
cleanly.  Perhaps this is the source of your confusion.

It looks like what you want might be


modules/apache/manifests/init.pp:

class apache {
#(...)
exec { 'apache-reload':
command = '/sbin/service httpd reload',
refreshonly = true,
require = Service['apache'],
}
}


modules/backup/manifests/backuppc/web.pp:

class backup::backuppc::web {
#(...)

include 'apache'  # NOTE

file { '/etc/httpd/conf.d/BackupPC.conf':
#(...)
# NO REQUIRE
notify  = Exec['apache-reload'],
}
}


John

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Why is 'notify' acting as a 'before' and not a 'require' ?

2012-01-24 Thread Alexandre

 Think about it. You want puppet to send a notification to a resource.
 Puppet must decide whether this notification gets sent. So it must
 process the notifying resource. After that, *if* a notification was in
 fact generated, it can process the notified resource.

I see. I was making a difference between parsing the notified
ressource and applying this resource. That is why i -though- the
notify would require the parsing, but Puppet would then apply/refresh
the notified resource afterwards. But it seems that for Puppet,
parsing and applying the notified ressource is one operation, which
means, if i understand correctly, that it is not possible to require
and notify the same resource as i was expecting erroneously.


 with whatever implementation you choose for your reload (in most cases
 you want to notify a service resource instead of an exec, but it's not
 more than a rule of thumb).

Yes, my class apache includes a Service, and the Exec requires it. But
since notifying the service will trigger an restart and not a reload,
i do not notify the Service directly ( I see there are open issues
#3323 and #1014 )

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Why is 'notify' acting as a 'before' and not a 'require' ?

2012-01-24 Thread Felix Frank

On 01/24/2012 10:51 AM, Alexandre wrote:
  But it seems that for Puppet,
 parsing and applying the notified ressource is one operation, which
 means, if i understand correctly, that it is not possible to require
 and notify the same resource as i was expecting erroneously.

It's not. Both notify and require operate *only* on the order in which
the *agent* will apply resources.

Parsing happens on the master. There is no reason you would change its
order.

I sense we're still talking in circles so to make it yet more clear:
The decision wether an applied resource needs changing (I believe you
refer to this decision as parsing) is indeed made at the time of
resource application and there is no way to separate these steps.

HTH,
Felix

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: why puppet template erb convert On to true, Off to false?

2011-11-07 Thread midair77

I actually put On in double quote in my ECN and I did not get the
desired output.

This is quite weird as why On/Off has been converted to true/false in
erb template.

Thank you, Nigel.

On Nov 7, 2:39 pm, Nigel Kersten ni...@puppetlabs.com wrote:
 On Mon, Nov 7, 2011 at 1:45 PM, midair77 midai...@gmail.com wrote:
  Dear all,

  I have a parameterized class and I have my ECN in perl as followed:

  classes{'myclass'} = { abc = On,};

  and in my template erb:

  SecRuleEngine %= abc %

  

  When I applied this to my puppet agent, I would then get:

  SecRuleEngine true.

  How is that On becomes true and Off becomes false?  How can I fix
  this?

 Do you get exactly the same thing if you quote On so it's actually a
 string?

 I'm not sure which part of Ruby is doing the magical translation that you
 don't want, but you definitely shouldn't get it if you tell Puppet that
 On is a string.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: why puppet template erb convert On to true, Off to false?

2011-11-07 Thread Nigel Kersten

On Mon, Nov 7, 2011 at 3:38 PM, midair77 midai...@gmail.com wrote:

 I actually put On in double quote in my ECN and I did not get the
 desired output.

 This is quite weird as why On/Off has been converted to true/false in
 erb template.


Ah, I missed that you've got a Perl ENC.

Can you run your ENC by hand and paste the YAML output of the node
definition like this?

e.g. /path/to/enc nodename

and you should get the YAML output.



-- 
Nigel Kersten
Product Manager, Puppet Labs

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Why?

2011-08-11 Thread ki_chi_saga

 See the little arrows?
No i didn't 

 See the puppet language guide.
I did and now (...) I see it!

Thank you!
Rgds
 Mat
..
On Aug 10, 4:28 pm, vagn scott vagnsc...@gmail.com wrote:
 On 08/10/2011 02:40 AM, ki_chi_saga wrote:   exec { 'a':  ... } -
    exec { 'b':  ... } -
    exec { 'c':  ... }

  can I really be sure that puppet evaluates this in the sequence of
  writing?

 See the little arrows?

      -

 That is one way to declare sequence.  There are others.
 See the puppet language guide.

 --
 vagn

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Why?

2011-08-11 Thread Randall Hansen

On Thu, Aug 11, 2011 at 12:40 AM, ki_chi_saga fan...@kth.se wrote:
 See the little arrows?
 No i didn't 

I think that this is more common than we suspect.  It's been on my
list for a while, now I have a ticket:
http://projects.puppetlabs.com/issues/8923

Maybe what we're doing now cannot be improved, but I'll keep thinking
about it.  Feedback welcome.

r

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Why?

2011-08-10 Thread ki_chi_saga

 if you care about order you should make it explicit:
Good point, but;

 exec { 'a':  ... } -
 exec { 'b':  ... } -
 exec { 'c':  ... }

can I really be sure that puppet evaluates this in the sequence of
writing?

Rgds, Mats
_
On Aug 9, 7:29 pm, vagn scott vagnsc...@gmail.com wrote:
 On 08/09/2011 01:19 PM, ki_chi_saga wrote:

 if you care about order you should make it explicit:

 exec { 'a':  ... } -
 exec { 'b':  ... } -
 exec { 'c':  ... }


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Why?

2011-08-10 Thread ki_chi_saga




On Aug 9, 8:23 pm, Stefan Schulte stefan.schu...@taunusstein.net
wrote:

 If I understand this, »shareall« will only run if both services are up?
Thats is correct.

 First thing I would do: check what returncode 32 stands for.
I've tried but unable to find it.

Then run your manifest in debug mode
Good point, I will

 If I recall correctly svcadm enable can actually return before the service is 
 really up.
Very interesting.
I've also suspecting some kind of timing issue

Rgds,
 Mats

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Why?

2011-08-10 Thread ki_chi_saga

On Aug 9, 8:37 pm, Scott Smith sc...@ohlol.net wrote:
 I suggest using a notice = Exec[shareall] in your dfsshare rather than
 before. Also make exec{shareall: refreshonly = true}

 That may or may not help with your problem but either way good design


Thanks I will try this

Rgds, Mat

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Why?

2011-08-10 Thread vagn scott


On 08/10/2011 02:40 AM, ki_chi_saga wrote:

  exec { 'a':  ... } -
  exec { 'b':  ... } -
  exec { 'c':  ... }
 

can I really be sure that puppet evaluates this in the sequence of
writing?
   

See the little arrows?

-

That is one way to declare sequence.  There are others.
See the puppet language guide.

--
vagn

--
You received this message because you are subscribed to the Google Groups Puppet 
Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: why does puppet shuffle its ‘ph ases’ and how can I stop this?

2010-09-30 Thread D.N. van der Meijden

Thanks for clearing this up!

On 27 sep, 17:27, Richard Crowley r...@rcrowley.org wrote:
  With very few exceptions (that are all made for time savings so you
  can ignore them safely) all resources (what you were calling phases)
  must explicitly declare their dependencies on other resources using
  before and require [1] [2].

 s/before and require/before or require/

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Why we wont use zpool ever again

2010-04-07 Thread Martin Englund

Kaspar,

On Apr 7, 10:44 am, Kaspar Schiess e...@space.ch wrote:
  Use puppetd --disable the next time to keep your tools from stampeding
  over your manual recovery efforts.

 I am not sure I understand - I could only boot into failsafe mode at the
 time. And the first real boot came up with puppetd running first thing.
 I can't think of anything to stop that, short of disabling the master.

you should have booted into milestone=none instead after the failsafe
boot, the you have time to fix things before the services start.

cheers,
/Martin

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Why we wont use zpool ever again

2010-04-07 Thread Martin Englund

Kaspar,

On Apr 7, 8:31 am, Kaspar Schiess e...@space.ch wrote:

 It is correct that zfs normally wont allow to recreate zpool (issuing a
 warning about the device already being part of a zpool). Only that when
 your OS doesn't know about the pool anymore, you don't want puppet to
 create it on the next boot - you will want to recover it. But I guess
 I've driven that home.

when I commissioned Andrew to create the zpool type we tried to make
it as failsafe as possible (e.g. not using -f, aborting when unsure,
etc). This was one of the cases we didn't think of :)

However, if you do this kind of operation, you should have realized
that the system will come back up without all previous zpools (and zfs
file systems).

 So to reproduce this (for whatever its worth) try deleting
 /etc/zfs/zpool.cache.

When I remove /etc/zfs/zpool.cache (in safemode) and then reboot, the
system comes back up without the data pool. This triggers zpool create
to run, but it fails with: disk is part of an exported or
potentially active ZFS pool pool, and since that failed all my zfs
types depending on that pool failed - no harm done.

So I don't get how you could have lost your pool, as zpool will refuse
to overwrite an existing pool without the -f. All you would have had
to do was run zpool importpool and you'd been back to normal.

  In addition, I totally agree about the complexities surrounding zpool
  creation.  

 If zpool could create complex setups for me without knowing about device
 names beforehand, it would really be useful for provisioning. This way
 .. its just plain dangerous.

For me it depends. I just deployed 40 identical systems, and they all
have 4 disks, two are used for the root pool (to boot form) and two
are used as a data pool. I prefer to do the data pool creation in
puppet over in jumpstart, as it allows me to control more features in
the zpool.

cheers,
/Martin

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Why we wont use zpool ever again

2010-04-07 Thread Kaspar Schiess


So I don't get how you could have lost your pool, as zpool will refuse
to overwrite an existing pool without the -f. All you would have had
to do was run zpool importpool and you'd been back to normal.


To be perfectly honest with you, I am a bit in the dark about that as 
well. I've done the same experiment in the meantime - with no success. 
Guess the pool was really messed up.


Note that I am not telling anyone not to use zpool - it's just not 
paying off in _my scenario_ anymore. We use large zpools (apart from 
rootpool) in the big data machines only - and I dont mind doing those 
manually.


Sure, I could have thought of not having puppet start on system start 
(as has been suggested elsewhere) - but I must admit that my primary 
concern was fixing the server ASAP at the time, not what puppet could do 
to me once the server was back.


That's just something you don't think of there and then... Hence my 
post. Not wanting to step on anyones toes.


best regards,
kaspar

--
You received this message because you are subscribed to the Google Groups Puppet 
Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Why can't I use Puppet for Windows ?

2009-05-28 Thread Paul Nasrat


 From initial reading Puppet looks very powerful tool, but I am looking
 for a solution that support multiple OS including windows. Why can't I
 use Puppet for Windows ?   (Couldn't I simply run JRuby?)

It's feasible just not yet implemented yet.

Mostly the providers have not been written yet, along with some
porting stuff. Windows handles groups, users, services, packages, etc
very differently to *nix so we have to have a base set of types to
make sense, then probably other custom windows specific types.

There is some work under review to start to introduce support on the dev list.

Paul

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Why can't I use Puppet for Windows ?

2009-05-28 Thread James Turnbull

harry wrote:
 Hi,
 
 From initial reading Puppet looks very powerful tool, but I am looking
 for a solution that support multiple OS including windows. Why can't I
 use Puppet for Windows ?   (Couldn't I simply run JRuby?)

Puppet has to understand how to do things on target platforms, for
example how to create a user.  Whilst Puppet might run as a daemon
currently it doesn't know how to perform actions like creating a user or
group on Windows.

However, there is some code in development to support Windows.  Assuming
all goes smoothly it will be in the next beta release for 0.25.0.

You can see the latest code at:

http://github.com/finalprefix/puppet/tree/win

Regards

James Turnbull

-- 
Author of:
* Pro Linux Systems Administration
(http://www.amazon.com/gp/product/1430219122/)
* Pulling Strings with Puppet
(http://www.amazon.com/gp/product/1590599780/)
* Pro Nagios 2.0
(http://www.amazon.com/gp/product/1590596099/)
* Hardening Linux
(http://www.amazon.com/gp/product/159059/)



signature.asc
Description: OpenPGP digital signature

65 matches

Mail list logo