On Tue, 27 Dec 2011 04:32:03 -0800 (PST)
bel belm...@gmail.com wrote:
You could use stages as described in documentation:
http://forge.puppetlabs.com/puppetlabs/firewall
Now I've implemented stages and indeed output of puppet agent makes me think
they are in place:
notice: /Firewall[002
It's an interesting question, but I wouldn't want to structure my
modules that way. There are two methods of getting data into a define
that are guaranteed to work: passing variables and file retrieval
(extlookup/hiera). Especially given the changes being made to scoping
anything else is fraught
On Tue, 27 Dec 2011 17:48:11 +1100
Mark Walkom markwal...@gmail.com wrote:
It's because puppet doesn't read sequentially but randomly accesses the
module/class.
You might be able to get around this by using a template.
Well the documentation clearly states:
Parameters
name
The canonical
FWIW, I decided to tinker with this module today and the examples do not work
I used the line:
firewall { '100 allow http':
proto = 'tcp',
dport = '80',
jump= 'ACCEPT',
}
and got :
Parameter jump failed: Jump destination should not be one of ACCEPT, REJECT or
You could use stages as described in documentation:
http://forge.puppetlabs.com/puppetlabs/firewall
On Dec 27, 1:48 am, Mark Walkom markwal...@gmail.com wrote:
It's because puppet doesn't read sequentially but randomly accesses the
module/class.
You might be able to get around this by using
On Dec 23, 11:33 am, Nigel Kersten ni...@puppetlabs.com wrote:
On Thu, Dec 22, 2011 at 12:00 PM, Ryan Stewart zzant...@gmail.com wrote:
I'm new to Puppet, and I'm a software developer, not a sysadmin, so be
gentle. I have puppet managing some files via templates, and one of
the template
/sbin/iptables -A INPUT -p tcp -s 10.0.0.0/255.0.0.0 --dport ssh --syn -j ACCEPT
How do I get the --syn option onto the command that Puppet runs ?
“Sometimes I think the surest sign that intelligent life exists elsewhere in
the universe is that none of it has tried to contact us.”
Bill Waterson
RHEL 5.7
I need to duplicate this command (that does work):
# allow (udp) dns from IP range
/sbin/iptables -A INPUT -p udp -s 10.0.0.0/8 --sport domain --dport 1025:65535
-j ACCEPT
So I tried:
firewall { 011 a allow DNS:
proto = 'udp',
sport = 'domain',
dport = '1025-65535',
There are actually pretty good reasons for doing it if you have a
fully modular setup.
For example:
Web Server module define - Firewall code define - ERB using higher
level variables.
There's no reason to stuff everything into a big data store when you
can easily pass it down. *But* if you try
If you were actually passing the variable, yes. But you're not, you're
expecting to reach into a non-class (essentially a grab-bag of resources)
and extract data as though it were a class. It isn't and AFAIK you can't.
You'll have to put the data in an actual class and address it from there.
On
In that case, it should probably just fail instead of working (and
yes, it works).
Trevor
On Tue, Dec 27, 2011 at 4:01 PM, Aaron Grewell aaron.grew...@gmail.com wrote:
If you were actually passing the variable, yes. But you're not, you're
expecting to reach into a non-class (essentially a
Yeah, I'd file a bug against that. There may be other considerations,
but unless there's a really good reason for the current behavior I
would expect it to throw an error.
On Tue, Dec 27, 2011 at 1:24 PM, Trevor Vaughan tvaug...@onyxpoint.com wrote:
In that case, it should probably just fail
Hmm, I just thought of this. Normally when referencing an instance of
a define you would use this syntax (note the caps):
Foo::Do_stuff['name']
Did you try:
Foo::Do_stuff['name']::var1
On Tue, Dec 27, 2011 at 1:37 PM, Aaron Grewell aaron.grew...@gmail.com wrote:
Yeah, I'd file a bug against
On Dec 23, 11:33 am, Nigel Kersten ni...@puppetlabs.com wrote:
http://www.craigdunn.org/2011/10/secret-variables-in-puppet-with-hier...
Does that help?
I've done this in the past without hiera, where you have a function that
runs on the master to decrypt the content out of version control,
On Mon, Dec 20, 2010 at 10:57 AM, James Turnbull ja...@lovedthanlost.netwrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
**Call for talks for the Configuration Management DevRoom at fosdem 2011**
FOSDEM 2011 - http://fosdem.org/2011/
6 February 2011, 09:00 to 17:00, Brussels, Belgium
*AHEM*
I accidentally replied to the call for papers from *LAST* year.
I blame the holiday season and concern over how Australia is doing in the
cricket.
We are running the room again, and we are looking for papers for *2012*
FOSDEM.
On Tue, Dec 27, 2011 at 3:23 PM, Nigel Kersten
Based on some older threads on this list (eg: 'dropping support for
ruby 1.85?') and my own painful discovery process, it might be time to
remove the Centos5.5 section from this page:
http://docs.puppetlabs.com/guides/installing_dashboard.html#installation
Also, the puppet-dashboard package
On Sat, Dec 24, 2011 at 6:27 PM, John Burbridge johnburbri...@gmail.comwrote:
Hello there,
I'm having exactly the same issue except I'm trying to install puppet via
cloud provisioning... but I think I might have messed up something along
the way.
My first install was successful except I
Hi there,
I've recently tried 2.7.1 puppet master and agent and i've noticed
that it spends a lot of time(like 2-4 minutes in a 9 file catalog) in
the 'Executing /etc/puppet/etc-commit-pre'. I tried to comment all
lines withing that script and it keep showing this message.
Also I tried with
Hi list,
We have a template which generate the /etc/hosts file. It's used on several
nodes and works fine, except on a cluster of 2 servers, named rebond and
rebond02.
Here the only part of the template which use variables :
# MANAGED BY PUPPET ! DO NOT EDIT
# Internet host table
%=
Hi list,
We have a template which generate the /etc/hosts file. It's used on several
nodes and works fine, except on a cluster of 2 servers, named rebond and
rebond02.
Here the only part of the template which use variables :
# MANAGED BY PUPPET ! DO NOT EDIT
# Internet host table
%=
Part of the problem with that is the EPEL RPM is not 5.4, not 5.3 (as
detailed in that document).
Although, we have a number of CentOS 5.x boxes running Ruby 1.8.7 ... I had
*thought* our original source was the EPEL repo, but could be mistaken.
On Tue, Dec 27, 2011 at 5:02 PM, Doug Chapman
We fixed a performance related issue, especially with recursively managed
files, in 2.7.8 agents. See http://projects.puppetlabs.com/issues/9671 for more
information.
Josh
On Dec 27, 2011, at 3:09 AM, milebite clasicoheavyme...@hotmail.com wrote:
Hi there,
I've recently tried 2.7.1 puppet
23 matches
Mail list logo