Re: [Puppet Users] puppetdb question !!!
Ken / Deepak, first of all thanks a ton for the great help. It seems there is some issue with the puppet facts upload command I already have the certname server configuration directives declared in the puppet.conf but for some reason the same are not being recognized by the puppet facts command When I am trying to run *# puppet facts upload* ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO) ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO) *Error: getaddrinfo: Name or service not knownError: Try 'puppet help facts upload' for usage* But when I try to run *# puppet facts upload --server=puppet_master_server --certname=agent_certname*ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO) ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO) *Notice: Uploaded facts for 'agent_certname'* Also I tried to use the postrun_command within the puppet.conf on the client node but I end up getting the same error. Please let me know if there is something that I am missing, as I am planning to either use puppet facts upload within my manifest or in the postrun command. Awaiting your reply. Thanks Regards, Rakesh K. On Wed, Jun 11, 2014 at 8:21 PM, Ken Barber k...@puppetlabs.com wrote: My colleague Deepak just brought to my attention another mechanism which works like option #3 without the hard work: puppet facts upload But you'll need to ensure your auth.conf on your puppet master has a snippet like the following: path ~ ^/facts/([^/]+)$ method save allow $1 Without it, you'll get a permission denied error. ken. On Wed, Jun 11, 2014 at 2:22 PM, Ken Barber k...@puppetlabs.com wrote: Sorry for re-opening a old thread but I am still struggling on related topic.. Step 1: I am copying some .rb files to the /usr/lib/ruby/site_ruby/ruby/1.8/facter/ folder Step 2: A facter command gives me the values for all new custom / external facts But the values for new facts will not get into puppetdb untill a next agent run... Is there a way to run puppet from within a manifest or any other way to force replace facts remotely on the agent ??? * You could run things in noop mode potentially, which would force a fact submission. * You could run puppet apply, and use a masterless way of submitting facts also (setup would be required: http://docs.puppetlabs.com/puppetdb/2.0/connect_puppet_apply.html). * You could submit a POST request in a script for your facts against the master, throwing away the catalog (saves on the noop processing) * You could sumibt the facts manually to PuppetDB yourself, here is a rough script I use for testing which you could modify to match your needs: https://gist.github.com/kbarber/6190c64335613111c9df Each one has its own pros and cons. In particular some of these require direct communication between the node and the PDB instance which might not be desirable in some cases. None of these things have common solutions today that we (the PDB maintainers) maintain ourselves, but a few people have done things like the above in the past in their own bespoke way. ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNTne8zw%3DcZDHg4cdBhK6T0EcC5axvWKQs7ALxcX6WB4aig%40mail.gmail.com . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAEJrXMXuu5A5ETD0QbR28TY259kGgE-YQpwHYJCwCBbh5964Gg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] puppetdb question !!!
first of all thanks a ton for the great help. No problem, I'm glad Deepak chimed in about 'facts upload' its a much better way to do it. It seems there is some issue with the puppet facts upload command I already have the certname server configuration directives declared in the puppet.conf but for some reason the same are not being recognized by the puppet facts command When I am trying to run # puppet facts upload ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO) This is a mysql error ... btw. Let see your puppet.conf on the agent your testing on, it looks almost as if you have same old storeconfig setups remaining somewhere. Check in particular for db* style settings ... ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO) Error: getaddrinfo: Name or service not known Error: Try 'puppet help facts upload' for usage But when I try to run # puppet facts upload --server=puppet_master_server --certname=agent_certname ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO) ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO) Notice: Uploaded facts for 'agent_certname' Also I tried to use the postrun_command within the puppet.conf on the client node but I end up getting the same error. Yeah, I'll need to see the puppet.conf on the agent you are trying to run the facts upload specifically. Remember 'puppet facts upload' doesn't use your [agent] section (its not an agent is it?), so you might need to specify the server in your [main]. ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNTnCZJR_z7hWJeZbAhmbKREp6rz%2BUJ73c3%2B0fZZYQ3ZYng%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] puppetdb question !!!
*puppet.conf on master * [main] # The Puppet log directory. # The default value is '$vardir/log'. logdir = /var/log/puppet # Where Puppet PID files are kept. # The default value is '$vardir/run'. rundir = /var/run/puppet # Where SSL certificates are kept. # The default value is '$confdir/ssl'. ssldir = $vardir/ssl certname = puppet dns_alt_names = puppetmaster.mydomain.com, puppetdb.mydomain.com pluginsync = true autosign = true node_terminus = exec external_nodes = /usr/bin/env PUPPET_DASHBOARD_URL= http://puppetadmin:myp...@puppetdb.mydomain.com:3000 /usr/share/puppet-dashboard/bin/external_node reports = store, http reporturl = http://puppetadmin:myp...@puppetdb.mydomain.com:3000/reports/upload storeconfigs = true storeconfigs_backend = puppetdb usecacheonfailure = false *working puppet.conf on agent after your suggestion*[main] # The Puppet log directory. # The default value is '$vardir/log'. logdir = /var/log/puppet # Where Puppet PID files are kept. # The default value is '$vardir/run'. rundir = /var/run/puppet # Where SSL certificates are kept. # The default value is '$confdir/ssl'. ssldir = $vardir/ssl server = myagent.mydomain.com certname = myagentcertname report = true [agent] # The file in which puppetd stores a list of the classes # associated with the retrieved configuratiion. Can be loaded in # the separate ``puppet`` executable using the ``--loadclasses`` # option. # The default value is '$confdir/classes.txt'. classfile = $vardir/classes.txt # Where puppetd caches the local configuration. An # extension indicating the cache format is added automatically. # The default value is '$confdir/localconfig'. localconfig = $vardir/localconfig The files above are my current master and agent configs, I have updated the agent config after your suggestion and it seems to be working great... But now I will need to update my puppet agent config(for the above change and to include postrun_command for puppet facts upload) on almost 2000 agents.. I understand that I can do it via puppet itself but each server has a different certname I guess.. I will need to use templates... but is it correct that any change to puppet.conf is parsed immediately and does not require a restart. Thanks a lot for your help once again.. Regards, Rakesh K. On Thu, Jun 12, 2014 at 5:54 PM, Ken Barber k...@puppetlabs.com wrote: first of all thanks a ton for the great help. No problem, I'm glad Deepak chimed in about 'facts upload' its a much better way to do it. It seems there is some issue with the puppet facts upload command I already have the certname server configuration directives declared in the puppet.conf but for some reason the same are not being recognized by the puppet facts command When I am trying to run # puppet facts upload ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO) This is a mysql error ... btw. Let see your puppet.conf on the agent your testing on, it looks almost as if you have same old storeconfig setups remaining somewhere. Check in particular for db* style settings ... ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO) Error: getaddrinfo: Name or service not known Error: Try 'puppet help facts upload' for usage But when I try to run # puppet facts upload --server=puppet_master_server --certname=agent_certname ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO) ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO) Notice: Uploaded facts for 'agent_certname' Also I tried to use the postrun_command within the puppet.conf on the client node but I end up getting the same error. Yeah, I'll need to see the puppet.conf on the agent you are trying to run the facts upload specifically. Remember 'puppet facts upload' doesn't use your [agent] section (its not an agent is it?), so you might need to specify the server in your [main]. ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNTnCZJR_z7hWJeZbAhmbKREp6rz%2BUJ73c3%2B0fZZYQ3ZYng%40mail.gmail.com . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit
Re: [Puppet Users] puppetdb question !!!
The files above are my current master and agent configs, I have updated the agent config after your suggestion and it seems to be working great... But now I will need to update my puppet agent config(for the above change and to include postrun_command for puppet facts upload) on almost 2000 agents.. I understand that I can do it via puppet itself but each server has a different certname Weird that the certname default doesn't match what you expect. This is normally a combination of the facter outputs for 'hostname' and 'domain'. There are ways to adjust the box (like ensuring the search/domain fields in resolv.conf return the correct domain for example) to return the correct certname, and its often better to do it this way, but it might affect other things in strange ways. Its a complex-ish topic ... if you wanted to go down this route instead of changing your certname in puppet.conf we can probably help. What surprises me is that the agent doesn't need this ... Otherwise yeah, it can be changed with templates, I'm less of a fan of forcing the certname in most cases, better to fix it so the defaults are correct if possible. Ideally the box after provisioning (eg. razor/foreman/cobbler) should have all the correct settings on it so certname is always correct straight after provisioning, that way you avoid chicken-and-egg scenarios with trying to adjust 'certname' post-provisioning. I guess.. I will need to use templates... but is it correct that any change to puppet.conf is parsed immediately and does not require a restart. I believe this to be true? But I'm no puppet expert these days so things might have changed :-). Thanks a lot for your help once again.. Your welcome. ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNTnu2bU3X2uu6PJbAn8vEpqB7D7Ht4KDAqpLF6nLPU-TRw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] puppetdb question !!!
I need to use certnames as we are an IDC and need to handle large number of instances and have a unique naming convention for each device. We cannot force hostnames on servers(belonging to customers) so our unique device name is forced on the certname. Anyways.. Can you also shed some light on the mysql error that I am getting... On Thu, Jun 12, 2014 at 6:22 PM, Ken Barber k...@puppetlabs.com wrote: The files above are my current master and agent configs, I have updated the agent config after your suggestion and it seems to be working great... But now I will need to update my puppet agent config(for the above change and to include postrun_command for puppet facts upload) on almost 2000 agents.. I understand that I can do it via puppet itself but each server has a different certname Weird that the certname default doesn't match what you expect. This is normally a combination of the facter outputs for 'hostname' and 'domain'. There are ways to adjust the box (like ensuring the search/domain fields in resolv.conf return the correct domain for example) to return the correct certname, and its often better to do it this way, but it might affect other things in strange ways. Its a complex-ish topic ... if you wanted to go down this route instead of changing your certname in puppet.conf we can probably help. What surprises me is that the agent doesn't need this ... Otherwise yeah, it can be changed with templates, I'm less of a fan of forcing the certname in most cases, better to fix it so the defaults are correct if possible. Ideally the box after provisioning (eg. razor/foreman/cobbler) should have all the correct settings on it so certname is always correct straight after provisioning, that way you avoid chicken-and-egg scenarios with trying to adjust 'certname' post-provisioning. I guess.. I will need to use templates... but is it correct that any change to puppet.conf is parsed immediately and does not require a restart. I believe this to be true? But I'm no puppet expert these days so things might have changed :-). Thanks a lot for your help once again.. Your welcome. ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNTnu2bU3X2uu6PJbAn8vEpqB7D7Ht4KDAqpLF6nLPU-TRw%40mail.gmail.com . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAEJrXMUEN2uHKu-Q6beW5h-0g%3DtcZpz_YkhHPp%3DW3CnQ9eG9-w%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] puppetdb question !!!
I need to use certnames as we are an IDC and need to handle large number of instances and have a unique naming convention for each device. We cannot force hostnames on servers(belonging to customers) so our unique device name is forced on the certname. Fair enough. Anyways.. Can you also shed some light on the mysql error that I am getting... I can't see it in the posted configs ... not sure. This would normally happen if you had configured legacy storedconfigs but I can't see this in your puppet.conf files you've provided. As something to at least try, I'd try commenting out anything to do with mysql in your puppet.conf perhaps, like the ENC settings and the report settings on your master? Otherwise I'm short of ideas TBH. Are the puppet.conf files you provided accurate? ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNT%3DkM0L-bwvtnNMHf-s4yJC6ubLV_e%3DaYbSMfy8vS%2BGuFQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] puppetdb question !!!
Also, try running puppet facts upload --debug --trace and see if that gives us more info. On Thu, Jun 12, 2014 at 2:08 PM, Ken Barber k...@puppetlabs.com wrote: I need to use certnames as we are an IDC and need to handle large number of instances and have a unique naming convention for each device. We cannot force hostnames on servers(belonging to customers) so our unique device name is forced on the certname. Fair enough. Anyways.. Can you also shed some light on the mysql error that I am getting... I can't see it in the posted configs ... not sure. This would normally happen if you had configured legacy storedconfigs but I can't see this in your puppet.conf files you've provided. As something to at least try, I'd try commenting out anything to do with mysql in your puppet.conf perhaps, like the ENC settings and the report settings on your master? Otherwise I'm short of ideas TBH. Are the puppet.conf files you provided accurate? ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNTkomRvHu9T_m36P5DCrMtYcCi6ghc3Oys%3DZ%3DJJjrS7kfw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] puppetdb question !!!
This doesnt only happen in case of a puppet facts upload but even in a case of puppet agent --test And yes the master configs that I have provided are correct ones that I have been using now. On Thu, Jun 12, 2014 at 6:39 PM, Ken Barber k...@puppetlabs.com wrote: Also, try running puppet facts upload --debug --trace and see if that gives us more info. On Thu, Jun 12, 2014 at 2:08 PM, Ken Barber k...@puppetlabs.com wrote: I need to use certnames as we are an IDC and need to handle large number of instances and have a unique naming convention for each device. We cannot force hostnames on servers(belonging to customers) so our unique device name is forced on the certname. Fair enough. Anyways.. Can you also shed some light on the mysql error that I am getting... I can't see it in the posted configs ... not sure. This would normally happen if you had configured legacy storedconfigs but I can't see this in your puppet.conf files you've provided. As something to at least try, I'd try commenting out anything to do with mysql in your puppet.conf perhaps, like the ENC settings and the report settings on your master? Otherwise I'm short of ideas TBH. Are the puppet.conf files you provided accurate? ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNTkomRvHu9T_m36P5DCrMtYcCi6ghc3Oys%3DZ%3DJJjrS7kfw%40mail.gmail.com . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAEJrXMWCmH9a9cH5GY-qxR7_4GxmrWtCAveKbw71_hFqcuYBhA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] puppetdb question !!!
Sorry for re-opening a old thread but I am still struggling on related topic.. Step 1: I am copying some .rb files to the /usr/lib/ruby/site_ruby/ruby/1.8/facter/ folder Step 2: A facter command gives me the values for all new custom / external facts But the values for new facts will not get into puppetdb untill a next agent run... Is there a way to run puppet from within a manifest or any other way to force replace facts remotely on the agent ??? On Monday, March 31, 2014 1:12:32 AM UTC+5:30, Rakesh K wrote: I am not copying the facts to the facts.d folder.. but i am creating the facts as .rb files and placing them into /usr/lib/ruby/site_ruby/ruby/1.8/facter/. On Sun, Mar 30, 2014 at 8:48 PM, Christopher Wood christopher_w...@pobox.com wrote: After copying these facts into /etc/facter/facts.d, are you kicking off another puppet agent run? Facts get sent to the master on each agent run, not before. http://docs.puppetlabs.com/guides/custom_facts.html#viewing-fact-values On Sun, Mar 30, 2014 at 07:35:54PM +0530, Rakesh Kathpal wrote: Hi , I am still struggling on the replace fact part, is there any way to force replace_facts for a node. I am actually adding new facts by coping them directly into the facter dir but unfortunately they are not getting replicated to puppetdb. Is there any way to force puppetdb to replace_facts. This is really urgent for me, any help is greatly appreciated. Regards, Rakesh K. On Wed, Mar 12, 2014 at 1:25 PM, Rakesh Kathpal [1] rkath...@gmail.com wrote: [2]https://tickets.puppetlabs.com/browse/PDB-508 On Tue, Mar 11, 2014 at 10:28 PM, Ken Barber [3] k...@puppetlabs.com wrote: Just a suggestion .. it will really good if you can add field date added to the certname table just reporting purposes. Feel free to raise that as a feature request here Rakesh: [4]https://tickets.puppetlabs.com/browse/PDB ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to [5]puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit [6] https://groups.google.com/d/msgid/puppet-users/CAE4bNT%3D6LBjFCDrym8auMw7ufxMwBmV_d6x-yTO4CxdMPkdKqQ%40mail.gmail.com . For more options, visit [7]https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to [8]puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit [9] https://groups.google.com/d/msgid/puppet-users/CAEJrXMW8zjnUaAaQ%3DJapew%2Bja5fnAJdy1G6fTyO%3Dws%3D4%2Bt4ZLg%40mail.gmail.com . For more options, visit [10]https://groups.google.com/d/optout. References Visible links 1. mailto:rkath...@gmail.com 2. https://tickets.puppetlabs.com/browse/PDB-508 3. mailto:k...@puppetlabs.com 4. https://tickets.puppetlabs.com/browse/PDB 5. mailto:puppet-users%2bunsubscr...@googlegroups.com 6. https://groups.google.com/d/msgid/puppet-users/CAE4bNT%3D6LBjFCDrym8auMw7ufxMwBmV_d6x-yTO4CxdMPkdKqQ%40mail.gmail.com 7. https://groups.google.com/d/optout 8. mailto:puppet-users+unsubscr...@googlegroups.com 9. https://groups.google.com/d/msgid/puppet-users/CAEJrXMW8zjnUaAaQ%3DJapew%2Bja5fnAJdy1G6fTyO%3Dws%3D4%2Bt4ZLg%40mail.gmail.com?utm_medium=emailutm_source=footer 10. https://groups.google.com/d/optout -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/20140330151817.GA24743%40iniquitous.heresiarch.ca . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/52aa6b56-a63a-441a-855b-eb37c9c0a451%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] puppetdb question !!!
Sorry for re-opening a old thread but I am still struggling on related topic.. Step 1: I am copying some .rb files to the /usr/lib/ruby/site_ruby/ruby/1.8/facter/ folder Step 2: A facter command gives me the values for all new custom / external facts But the values for new facts will not get into puppetdb untill a next agent run... Is there a way to run puppet from within a manifest or any other way to force replace facts remotely on the agent ??? * You could run things in noop mode potentially, which would force a fact submission. * You could run puppet apply, and use a masterless way of submitting facts also (setup would be required: http://docs.puppetlabs.com/puppetdb/2.0/connect_puppet_apply.html). * You could submit a POST request in a script for your facts against the master, throwing away the catalog (saves on the noop processing) * You could sumibt the facts manually to PuppetDB yourself, here is a rough script I use for testing which you could modify to match your needs: https://gist.github.com/kbarber/6190c64335613111c9df Each one has its own pros and cons. In particular some of these require direct communication between the node and the PDB instance which might not be desirable in some cases. None of these things have common solutions today that we (the PDB maintainers) maintain ourselves, but a few people have done things like the above in the past in their own bespoke way. ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNTkE4Ckp%3D-xANeSWZc2xfMwnzD2%3De4ptdcDaspLEaFNnCg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] puppetdb question !!!
My colleague Deepak just brought to my attention another mechanism which works like option #3 without the hard work: puppet facts upload But you'll need to ensure your auth.conf on your puppet master has a snippet like the following: path ~ ^/facts/([^/]+)$ method save allow $1 Without it, you'll get a permission denied error. ken. On Wed, Jun 11, 2014 at 2:22 PM, Ken Barber k...@puppetlabs.com wrote: Sorry for re-opening a old thread but I am still struggling on related topic.. Step 1: I am copying some .rb files to the /usr/lib/ruby/site_ruby/ruby/1.8/facter/ folder Step 2: A facter command gives me the values for all new custom / external facts But the values for new facts will not get into puppetdb untill a next agent run... Is there a way to run puppet from within a manifest or any other way to force replace facts remotely on the agent ??? * You could run things in noop mode potentially, which would force a fact submission. * You could run puppet apply, and use a masterless way of submitting facts also (setup would be required: http://docs.puppetlabs.com/puppetdb/2.0/connect_puppet_apply.html). * You could submit a POST request in a script for your facts against the master, throwing away the catalog (saves on the noop processing) * You could sumibt the facts manually to PuppetDB yourself, here is a rough script I use for testing which you could modify to match your needs: https://gist.github.com/kbarber/6190c64335613111c9df Each one has its own pros and cons. In particular some of these require direct communication between the node and the PDB instance which might not be desirable in some cases. None of these things have common solutions today that we (the PDB maintainers) maintain ourselves, but a few people have done things like the above in the past in their own bespoke way. ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNTne8zw%3DcZDHg4cdBhK6T0EcC5axvWKQs7ALxcX6WB4aig%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] puppetdb question !!!
Hi , I am still struggling on the replace fact part, is there any way to force replace_facts for a node. I am actually adding new facts by coping them directly into the facter dir but unfortunately they are not getting replicated to puppetdb. Is there any way to force puppetdb to replace_facts. This is really urgent for me, any help is greatly appreciated. Regards, Rakesh K. On Wed, Mar 12, 2014 at 1:25 PM, Rakesh Kathpal rkath...@gmail.com wrote: https://tickets.puppetlabs.com/browse/PDB-508 On Tue, Mar 11, 2014 at 10:28 PM, Ken Barber k...@puppetlabs.com wrote: Just a suggestion .. it will really good if you can add field date added to the certname table just reporting purposes. Feel free to raise that as a feature request here Rakesh: https://tickets.puppetlabs.com/browse/PDB ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNT%3D6LBjFCDrym8auMw7ufxMwBmV_d6x-yTO4CxdMPkdKqQ%40mail.gmail.com . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAEJrXMW8zjnUaAaQ%3DJapew%2Bja5fnAJdy1G6fTyO%3Dws%3D4%2Bt4ZLg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] puppetdb question !!!
After copying these facts into /etc/facter/facts.d, are you kicking off another puppet agent run? Facts get sent to the master on each agent run, not before. http://docs.puppetlabs.com/guides/custom_facts.html#viewing-fact-values On Sun, Mar 30, 2014 at 07:35:54PM +0530, Rakesh Kathpal wrote: Hi , I am still struggling on the replace fact part, is there any way to force replace_facts for a node. I am actually adding new facts by coping them directly into the facter dir but unfortunately they are not getting replicated to puppetdb. Is there any way to force puppetdb to replace_facts. This is really urgent for me, any help is greatly appreciated. Regards, Rakesh K. On Wed, Mar 12, 2014 at 1:25 PM, Rakesh Kathpal [1]rkath...@gmail.com wrote: [2]https://tickets.puppetlabs.com/browse/PDB-508 On Tue, Mar 11, 2014 at 10:28 PM, Ken Barber [3]k...@puppetlabs.com wrote: Just a suggestion .. it will really good if you can add field date added to the certname table just reporting purposes. Feel free to raise that as a feature request here Rakesh: [4]https://tickets.puppetlabs.com/browse/PDB ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to [5]puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit [6]https://groups.google.com/d/msgid/puppet-users/CAE4bNT%3D6LBjFCDrym8auMw7ufxMwBmV_d6x-yTO4CxdMPkdKqQ%40mail.gmail.com. For more options, visit [7]https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to [8]puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit [9]https://groups.google.com/d/msgid/puppet-users/CAEJrXMW8zjnUaAaQ%3DJapew%2Bja5fnAJdy1G6fTyO%3Dws%3D4%2Bt4ZLg%40mail.gmail.com. For more options, visit [10]https://groups.google.com/d/optout. References Visible links 1. mailto:rkath...@gmail.com 2. https://tickets.puppetlabs.com/browse/PDB-508 3. mailto:k...@puppetlabs.com 4. https://tickets.puppetlabs.com/browse/PDB 5. mailto:puppet-users%2bunsubscr...@googlegroups.com 6. https://groups.google.com/d/msgid/puppet-users/CAE4bNT%3D6LBjFCDrym8auMw7ufxMwBmV_d6x-yTO4CxdMPkdKqQ%40mail.gmail.com 7. https://groups.google.com/d/optout 8. mailto:puppet-users+unsubscr...@googlegroups.com 9. https://groups.google.com/d/msgid/puppet-users/CAEJrXMW8zjnUaAaQ%3DJapew%2Bja5fnAJdy1G6fTyO%3Dws%3D4%2Bt4ZLg%40mail.gmail.com?utm_medium=emailutm_source=footer 10. https://groups.google.com/d/optout -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/20140330151817.GA24743%40iniquitous.heresiarch.ca. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] puppetdb question !!!
I am not copying the facts to the facts.d folder.. but i am creating the facts as .rb files and placing them into /usr/lib/ruby/site_ruby/ruby/1.8/facter/. On Sun, Mar 30, 2014 at 8:48 PM, Christopher Wood christopher_w...@pobox.com wrote: After copying these facts into /etc/facter/facts.d, are you kicking off another puppet agent run? Facts get sent to the master on each agent run, not before. http://docs.puppetlabs.com/guides/custom_facts.html#viewing-fact-values On Sun, Mar 30, 2014 at 07:35:54PM +0530, Rakesh Kathpal wrote: Hi , I am still struggling on the replace fact part, is there any way to force replace_facts for a node. I am actually adding new facts by coping them directly into the facter dir but unfortunately they are not getting replicated to puppetdb. Is there any way to force puppetdb to replace_facts. This is really urgent for me, any help is greatly appreciated. Regards, Rakesh K. On Wed, Mar 12, 2014 at 1:25 PM, Rakesh Kathpal [1] rkath...@gmail.com wrote: [2]https://tickets.puppetlabs.com/browse/PDB-508 On Tue, Mar 11, 2014 at 10:28 PM, Ken Barber [3]k...@puppetlabs.com wrote: Just a suggestion .. it will really good if you can add field date added to the certname table just reporting purposes. Feel free to raise that as a feature request here Rakesh: [4]https://tickets.puppetlabs.com/browse/PDB ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to [5]puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit [6] https://groups.google.com/d/msgid/puppet-users/CAE4bNT%3D6LBjFCDrym8auMw7ufxMwBmV_d6x-yTO4CxdMPkdKqQ%40mail.gmail.com . For more options, visit [7]https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to [8]puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit [9] https://groups.google.com/d/msgid/puppet-users/CAEJrXMW8zjnUaAaQ%3DJapew%2Bja5fnAJdy1G6fTyO%3Dws%3D4%2Bt4ZLg%40mail.gmail.com . For more options, visit [10]https://groups.google.com/d/optout. References Visible links 1. mailto:rkath...@gmail.com 2. https://tickets.puppetlabs.com/browse/PDB-508 3. mailto:k...@puppetlabs.com 4. https://tickets.puppetlabs.com/browse/PDB 5. mailto:puppet-users%2bunsubscr...@googlegroups.com 6. https://groups.google.com/d/msgid/puppet-users/CAE4bNT%3D6LBjFCDrym8auMw7ufxMwBmV_d6x-yTO4CxdMPkdKqQ%40mail.gmail.com 7. https://groups.google.com/d/optout 8. mailto:puppet-users+unsubscr...@googlegroups.com 9. https://groups.google.com/d/msgid/puppet-users/CAEJrXMW8zjnUaAaQ%3DJapew%2Bja5fnAJdy1G6fTyO%3Dws%3D4%2Bt4ZLg%40mail.gmail.com?utm_medium=emailutm_source=footer 10. https://groups.google.com/d/optout -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/20140330151817.GA24743%40iniquitous.heresiarch.ca . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAEJrXMU%2B%2BtaYG6q-NtLvnLpQp%2BFQ%2B1P%2BhrCiG%3DPPw_yYR%3D-jrA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] puppetdb question !!!
https://tickets.puppetlabs.com/browse/PDB-508 On Tue, Mar 11, 2014 at 10:28 PM, Ken Barber k...@puppetlabs.com wrote: Just a suggestion .. it will really good if you can add field date added to the certname table just reporting purposes. Feel free to raise that as a feature request here Rakesh: https://tickets.puppetlabs.com/browse/PDB ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNT%3D6LBjFCDrym8auMw7ufxMwBmV_d6x-yTO4CxdMPkdKqQ%40mail.gmail.com . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAEJrXMUuNe%2B-cQ79N3qxQNKDMQ2gK0a7KNo97nYv6YKPzOnkyA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] puppetdb question !!!
Just a suggestion .. it will really good if you can add field date added to the certname table just reporting purposes. Feel free to raise that as a feature request here Rakesh: https://tickets.puppetlabs.com/browse/PDB ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNT%3D6LBjFCDrym8auMw7ufxMwBmV_d6x-yTO4CxdMPkdKqQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] puppetdb question !!!
Hi, Its been some time that I have been working with puppet. I have recently installed puppetdb and am using puppetdb APIs to fetch the data about facts etc.. Few things that I have noticed are 1) Whenever I add a custom fact, I do not see it in the postgresql db until I delete all the facts for the particular certname from db (manually). So that in the next puppet run on the client, all facts will be carried into the puppetdb. So is it the way, puppetdb is designed to work or am I missing something here? 2) Is there any way to know if a new node has started using puppet. I know I can get a node list using the puppetdb API, but is there any way to know amongst these nodes, which are new. Or is there any other way to get newly added nodes in puppetdb / puppet?? Appreciate any help on these queries. Thanks Regards, Rakesh K. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAEJrXMW7MvdaPTGcPjoZTJB4SkNGCy_wLcjpHNXwa%3D6hsTg5jQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] puppetdb question !!!
On Mon, Mar 10, 2014 at 6:30 AM, Rakesh Kathpal rkath...@gmail.com wrote: Hi, Its been some time that I have been working with puppet. I have recently installed puppetdb and am using puppetdb APIs to fetch the data about facts etc.. Few things that I have noticed are 1) Whenever I add a custom fact, I do not see it in the postgresql db until I delete all the facts for the particular certname from db (manually). So that in the next puppet run on the client, all facts will be carried into the puppetdb. So is it the way, puppetdb is designed to work or am I missing something here? That is not the way it's designed to work, and I strongly recommend against direct manipulation of postgres (at the point you're messing with the db directly, your changes are outside of puppetdb's control...so caveat emptor). PuppetDB stores new facts for a node whenever a puppetmaster sends new facts to PuppetDB. That normally happens when you run puppet on the node itself...it runs facter, sends facts to the master, master sends a copy of those facts to puppetdb. You can verify that facts are going to puppetdb by looking at puppetdb.log; it should indicate that we've received a replace facts command for the node in question. You can also check the API directly. On your puppetdb node, curl http://localhost:8080/v3/nodes/foobar.com . That will dump out information about when we've last received data for that node. If it appears that puppetdb is getting updated facts for a node, but it doesn't include a custom fact, and forcibly clearing out the data results in that fact appearing, then I'd file a bug and include all of that information (including what version of puppetdb you're on). 2) Is there any way to know if a new node has started using puppet. I know I can get a node list using the puppetdb API, but is there any way to know amongst these nodes, which are new. Or is there any other way to get newly added nodes in puppetdb / puppet?? There's no mechanism currently in PuppetDB to get notified when a new node is added. PuppetDB tracks the timestamps of the latest data (catalogs, facts, reports) for each node, and that doesn't include the first time we ever got data for a node. If you can describe the desired API in more detail, this would make a good feature request. Appreciate any help on these queries. Thanks Regards, Rakesh K. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAEJrXMW7MvdaPTGcPjoZTJB4SkNGCy_wLcjpHNXwa%3D6hsTg5jQ%40mail.gmail.comhttps://groups.google.com/d/msgid/puppet-users/CAEJrXMW7MvdaPTGcPjoZTJB4SkNGCy_wLcjpHNXwa%3D6hsTg5jQ%40mail.gmail.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAOjOXY19k5jQHtTtgb_zidSVeyJB6N5SVWdQWCajCKCM5jBQUg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] puppetdb question !!!
Deepak.. Thanks alot for the info, really appreciate your help. 1) Regarding replace facts, I will recheck the issue and get back to you if it still seems to be a bug. 2) The thing is I need to run a report for the newly added report, so I am running a poller script which will poll every 5 mins and check for the new node, as soon it gets a new node it will run a report based on the facts received. Though I can get a list using the api or bu directly accessing the certname table in puppetdb but there is no way to know which are new nodes unless I sync the tables locally (which is again a tedious task). Just a suggestion .. it will really good if you can add field date added to the certname table just reporting purposes. Regards, Rakesh K. On Tue, Mar 11, 2014 at 12:12 AM, Deepak Giridharagopal dee...@puppetlabs.com wrote: On Mon, Mar 10, 2014 at 6:30 AM, Rakesh Kathpal rkath...@gmail.comwrote: Hi, Its been some time that I have been working with puppet. I have recently installed puppetdb and am using puppetdb APIs to fetch the data about facts etc.. Few things that I have noticed are 1) Whenever I add a custom fact, I do not see it in the postgresql db until I delete all the facts for the particular certname from db (manually). So that in the next puppet run on the client, all facts will be carried into the puppetdb. So is it the way, puppetdb is designed to work or am I missing something here? That is not the way it's designed to work, and I strongly recommend against direct manipulation of postgres (at the point you're messing with the db directly, your changes are outside of puppetdb's control...so caveat emptor). PuppetDB stores new facts for a node whenever a puppetmaster sends new facts to PuppetDB. That normally happens when you run puppet on the node itself...it runs facter, sends facts to the master, master sends a copy of those facts to puppetdb. You can verify that facts are going to puppetdb by looking at puppetdb.log; it should indicate that we've received a replace facts command for the node in question. You can also check the API directly. On your puppetdb node, curl http://localhost:8080/v3/nodes/foobar.com . That will dump out information about when we've last received data for that node. If it appears that puppetdb is getting updated facts for a node, but it doesn't include a custom fact, and forcibly clearing out the data results in that fact appearing, then I'd file a bug and include all of that information (including what version of puppetdb you're on). 2) Is there any way to know if a new node has started using puppet. I know I can get a node list using the puppetdb API, but is there any way to know amongst these nodes, which are new. Or is there any other way to get newly added nodes in puppetdb / puppet?? There's no mechanism currently in PuppetDB to get notified when a new node is added. PuppetDB tracks the timestamps of the latest data (catalogs, facts, reports) for each node, and that doesn't include the first time we ever got data for a node. If you can describe the desired API in more detail, this would make a good feature request. Appreciate any help on these queries. Thanks Regards, Rakesh K. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAEJrXMW7MvdaPTGcPjoZTJB4SkNGCy_wLcjpHNXwa%3D6hsTg5jQ%40mail.gmail.comhttps://groups.google.com/d/msgid/puppet-users/CAEJrXMW7MvdaPTGcPjoZTJB4SkNGCy_wLcjpHNXwa%3D6hsTg5jQ%40mail.gmail.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAOjOXY19k5jQHtTtgb_zidSVeyJB6N5SVWdQWCajCKCM5jBQUg%40mail.gmail.comhttps://groups.google.com/d/msgid/puppet-users/CAOjOXY19k5jQHtTtgb_zidSVeyJB6N5SVWdQWCajCKCM5jBQUg%40mail.gmail.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAEJrXMWqipycaPSYNrZBRY_kkkneUJ%2BWzdxGeZ0oq-E8DMiM7A%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.