date:20110608

On 8 June 2011 13:30, Martijn Grendelman mart...@iphion.nl wrote:

 Hi,

  i want to archive the following:
 
  i define an exported ressource for HostX to be monitored in nagios:
 
  @@nagios_host { $fqdn:
  ensure = present,
  alias  = $hostname,
  address= $ipadress,
  use= generic-host,
  hostgroups = ubuntu,
  target = $icingahostfile,
  }
 
  That fine and works as expected and HostX is in hostgroup ubuntu.
  HostX has included a class ssh which installs the ssh services and
  configures them. Inside this class i want to define that HostX is also in
  hostgroup ssh-server.
  And another class, which puts the node in another environment = there i
  want to define, that HostX is in hostgroup testing-server and so on.
  How do i archive that? How must the definition inside all these classes
  look like?

 That's a lot more difficult than you might expect.

 I recently solved it, by collecting all the necessary hostgroups for a
 host in a file using 'concat', and creating a custom fact (hostgroups)
 that joins all the lines in the hostgroups-file together, for use with
 nagios_host's hostgroups parameter.

 The biggest drawback is that it takes two puppet runs on the target (first
 one for populating the hostgroups-file, so that the custom fact is set
 properly on the second run) before the nagios server can collect the
 exported hosts, so it takes a while.


Well that's mad... I literally just was about to ask the exact same question
after a month of wondering...

so where do you put this fact? Sounds like it is on the nagios client
side, which makes sense in terms of pulling it out, but how does it get in
there in the first place? Can you show how this file on each client is
managed? That seems to be the only bit I'm not clear on. Are you just
putting in a single word for each class? Are you at all able to manage the
class being removed from the client? Would you need to routinely purge the
file? have a initial stage class that wipes the file?

Thanks

Chris

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet managed hosts in multiple nagios hostgroups

2011-06-08 Thread Brian Gallew

I solved this in a similar manner.  I wrote a custom fact (which essentially
returned /var/lib/puppet/state/classes.txt) and then a custom function that
generated a list of hostgroups based on that.

On Wed, Jun 8, 2011 at 6:47 AM, Chris Phillips ch...@untrepid.com wrote:



 On 8 June 2011 13:30, Martijn Grendelman mart...@iphion.nl wrote:

 Hi,

  i want to archive the following:
 
  i define an exported ressource for HostX to be monitored in nagios:
 
  @@nagios_host { $fqdn:
  ensure = present,
  alias  = $hostname,
  address= $ipadress,
  use= generic-host,
  hostgroups = ubuntu,
  target = $icingahostfile,
  }
 
  That fine and works as expected and HostX is in hostgroup ubuntu.
  HostX has included a class ssh which installs the ssh services and
  configures them. Inside this class i want to define that HostX is also
 in
  hostgroup ssh-server.
  And another class, which puts the node in another environment = there i
  want to define, that HostX is in hostgroup testing-server and so on.
  How do i archive that? How must the definition inside all these classes
  look like?

 That's a lot more difficult than you might expect.

 I recently solved it, by collecting all the necessary hostgroups for a
 host in a file using 'concat', and creating a custom fact (hostgroups)
 that joins all the lines in the hostgroups-file together, for use with
 nagios_host's hostgroups parameter.

 The biggest drawback is that it takes two puppet runs on the target (first
 one for populating the hostgroups-file, so that the custom fact is set
 properly on the second run) before the nagios server can collect the
 exported hosts, so it takes a while.


 Well that's mad... I literally just was about to ask the exact same
 question after a month of wondering...

 so where do you put this fact? Sounds like it is on the nagios client
 side, which makes sense in terms of pulling it out, but how does it get in
 there in the first place? Can you show how this file on each client is
 managed? That seems to be the only bit I'm not clear on. Are you just
 putting in a single word for each class? Are you at all able to manage the
 class being removed from the client? Would you need to routinely purge the
 file? have a initial stage class that wipes the file?

 Thanks

 Chris

  --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet managed hosts in multiple nagios hostgroups

Some more specifics on *exactly* how you manage this text file would be
appreciated.

On 8 June 2011 15:00, Brian Gallew g...@gallew.org wrote:

 I solved this in a similar manner.  I wrote a custom fact (which
 essentially returned /var/lib/puppet/state/classes.txt) and then a custom
 function that generated a list of hostgroups based on that.

 On Wed, Jun 8, 2011 at 6:47 AM, Chris Phillips ch...@untrepid.com wrote:



 On 8 June 2011 13:30, Martijn Grendelman mart...@iphion.nl wrote:

 Hi,

  i want to archive the following:
 
  i define an exported ressource for HostX to be monitored in nagios:
 
  @@nagios_host { $fqdn:
  ensure = present,
  alias  = $hostname,
  address= $ipadress,
  use= generic-host,
  hostgroups = ubuntu,
  target = $icingahostfile,
  }
 
  That fine and works as expected and HostX is in hostgroup ubuntu.
  HostX has included a class ssh which installs the ssh services and
  configures them. Inside this class i want to define that HostX is also
 in
  hostgroup ssh-server.
  And another class, which puts the node in another environment = there
 i
  want to define, that HostX is in hostgroup testing-server and so on.
  How do i archive that? How must the definition inside all these classes
  look like?

 That's a lot more difficult than you might expect.

 I recently solved it, by collecting all the necessary hostgroups for a
 host in a file using 'concat', and creating a custom fact (hostgroups)
 that joins all the lines in the hostgroups-file together, for use with
 nagios_host's hostgroups parameter.

 The biggest drawback is that it takes two puppet runs on the target
 (first
 one for populating the hostgroups-file, so that the custom fact is set
 properly on the second run) before the nagios server can collect the
 exported hosts, so it takes a while.


 Well that's mad... I literally just was about to ask the exact same
 question after a month of wondering...

 so where do you put this fact? Sounds like it is on the nagios client
 side, which makes sense in terms of pulling it out, but how does it get in
 there in the first place? Can you show how this file on each client is
 managed? That seems to be the only bit I'm not clear on. Are you just
 putting in a single word for each class? Are you at all able to manage the
 class being removed from the client? Would you need to routinely purge the
 file? have a initial stage class that wipes the file?

 Thanks

 Chris

  --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.


  --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Managing /etc/fstab options with augeas

2011-06-08 Thread Adam Heinz

On Thu, Jun 2, 2011 at 4:22 AM, Giovanni Bordello g...@gentlemail.com wrote:
 I'm trying to manage mount options in /etc/fstab with Augeas but can't
 figure out how to add more than one option.

Have you looked at puppet's 'mount' type?

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet managed hosts in multiple nagios hostgroups

Actually, I think I see what you mean here, I have a custom fact mid write
which looks like this:

Facter.add(:nagios_hostgroups) do
setcode do

if FileTest.exists?(/var/lib/puppet/classes.txt)
nagios_hostgroups = 
File.open(/var/lib/puppet/classes.txt) { |file|
file.each { |line|
if line =~ /(\S+)::nagios_client/
nagios_hostgroups  $1 +  
end
}
}
next nagios_hostgroups if nagios_hostgroups
end
nil
end
end

So once finished this fact will return a list of all class names which are
included with the nagios_client namespace. So there's actually hopefully
nothing else to do at all here, no temp files or anything, it just requires
a naming convention in the modules to be followed.


On 8 June 2011 15:00, Brian Gallew g...@gallew.org wrote:

 I solved this in a similar manner.  I wrote a custom fact (which
 essentially returned /var/lib/puppet/state/classes.txt) and then a custom
 function that generated a list of hostgroups based on that.

 On Wed, Jun 8, 2011 at 6:47 AM, Chris Phillips ch...@untrepid.com wrote:



 On 8 June 2011 13:30, Martijn Grendelman mart...@iphion.nl wrote:

 Hi,

  i want to archive the following:
 
  i define an exported ressource for HostX to be monitored in nagios:
 
  @@nagios_host { $fqdn:
  ensure = present,
  alias  = $hostname,
  address= $ipadress,
  use= generic-host,
  hostgroups = ubuntu,
  target = $icingahostfile,
  }
 
  That fine and works as expected and HostX is in hostgroup ubuntu.
  HostX has included a class ssh which installs the ssh services and
  configures them. Inside this class i want to define that HostX is also
 in
  hostgroup ssh-server.
  And another class, which puts the node in another environment = there
 i
  want to define, that HostX is in hostgroup testing-server and so on.
  How do i archive that? How must the definition inside all these classes
  look like?

 That's a lot more difficult than you might expect.

 I recently solved it, by collecting all the necessary hostgroups for a
 host in a file using 'concat', and creating a custom fact (hostgroups)
 that joins all the lines in the hostgroups-file together, for use with
 nagios_host's hostgroups parameter.

 The biggest drawback is that it takes two puppet runs on the target
 (first
 one for populating the hostgroups-file, so that the custom fact is set
 properly on the second run) before the nagios server can collect the
 exported hosts, so it takes a while.


 Well that's mad... I literally just was about to ask the exact same
 question after a month of wondering...

 so where do you put this fact? Sounds like it is on the nagios client
 side, which makes sense in terms of pulling it out, but how does it get in
 there in the first place? Can you show how this file on each client is
 managed? That seems to be the only bit I'm not clear on. Are you just
 putting in a single word for each class? Are you at all able to manage the
 class being removed from the client? Would you need to routinely purge the
 file? have a initial stage class that wipes the file?

 Thanks

 Chris

  --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.


  --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet managed hosts in multiple nagios hostgroups

updated, and hopefully finished:

Facter.add(:bp_nagios_hostgroups) do
setcode do

if FileTest.exists?(/var/lib/puppet/classes.txt)
bp_nagios_hostgroups = 
File.open(/var/lib/puppet/classes.txt) { |file|
file.each { |line|
if line =~ /^(.+)::nagios-client/
bp_nagios_hostgroups  $1 +  
end
}
}
next bp_nagios_hostgroups if bp_nagios_hostgroups
end
nil
end
end


On 8 June 2011 15:18, Chris Phillips ch...@untrepid.com wrote:

 Actually, I think I see what you mean here, I have a custom fact mid write
 which looks like this:

 Facter.add(:nagios_hostgroups) do
 setcode do

 if FileTest.exists?(/var/lib/puppet/classes.txt)
 nagios_hostgroups = 
 File.open(/var/lib/puppet/classes.txt) { |file|
 file.each { |line|
 if line =~ /(\S+)::nagios_client/
 nagios_hostgroups  $1 +  
 end
 }
 }
 next nagios_hostgroups if nagios_hostgroups
 end
 nil
 end
 end

 So once finished this fact will return a list of all class names which are
 included with the nagios_client namespace. So there's actually hopefully
 nothing else to do at all here, no temp files or anything, it just requires
 a naming convention in the modules to be followed.


 On 8 June 2011 15:00, Brian Gallew g...@gallew.org wrote:

 I solved this in a similar manner.  I wrote a custom fact (which
 essentially returned /var/lib/puppet/state/classes.txt) and then a custom
 function that generated a list of hostgroups based on that.

  On Wed, Jun 8, 2011 at 6:47 AM, Chris Phillips ch...@untrepid.comwrote:



 On 8 June 2011 13:30, Martijn Grendelman mart...@iphion.nl wrote:

 Hi,

  i want to archive the following:
 
  i define an exported ressource for HostX to be monitored in nagios:
 
  @@nagios_host { $fqdn:
  ensure = present,
  alias  = $hostname,
  address= $ipadress,
  use= generic-host,
  hostgroups = ubuntu,
  target = $icingahostfile,
  }
 
  That fine and works as expected and HostX is in hostgroup ubuntu.
  HostX has included a class ssh which installs the ssh services and
  configures them. Inside this class i want to define that HostX is also
 in
  hostgroup ssh-server.
  And another class, which puts the node in another environment = there
 i
  want to define, that HostX is in hostgroup testing-server and so on.
  How do i archive that? How must the definition inside all these
 classes
  look like?

 That's a lot more difficult than you might expect.

 I recently solved it, by collecting all the necessary hostgroups for a
 host in a file using 'concat', and creating a custom fact (hostgroups)
 that joins all the lines in the hostgroups-file together, for use with
 nagios_host's hostgroups parameter.

 The biggest drawback is that it takes two puppet runs on the target
 (first
 one for populating the hostgroups-file, so that the custom fact is set
 properly on the second run) before the nagios server can collect the
 exported hosts, so it takes a while.


 Well that's mad... I literally just was about to ask the exact same
 question after a month of wondering...

 so where do you put this fact? Sounds like it is on the nagios client
 side, which makes sense in terms of pulling it out, but how does it get in
 there in the first place? Can you show how this file on each client is
 managed? That seems to be the only bit I'm not clear on. Are you just
 putting in a single word for each class? Are you at all able to manage the
 class being removed from the client? Would you need to routinely purge the
 file? have a initial stage class that wipes the file?

 Thanks

 Chris

  --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.


  --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.




-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at

R: Re: [Puppet Users] Managing /etc/fstab options with augeas

2011-06-08 Thread pinto.e...@gmail.com

There is a specific example of this on the puppet Wiki iirc. Or very similar . 
Regards.
Messaggio originale
Da: Adam Heinz
Inviato:  08/06/2011, 16:17 
A: puppet-users@googlegroups.com
Oggetto: Re: [Puppet Users] Managing /etc/fstab options with augeas


On Thu, Jun 2, 2011 at 4:22 AM, Giovanni Bordello g...@gentlemail.com wrote:
 I'm trying to manage mount options in /etc/fstab with Augeas but can't
 figure out how to add more than one option.

Have you looked at puppet's 'mount' type?

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Puppet Support for OSX

2011-06-08 Thread Mister IT Guru

Hi guys  I was wondering how well puppet performs on  OSX. Anyone here had
any experience using puppet under OSX?


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Installing Virtualbox on Mac osx with pkg dmg provider

2011-06-08 Thread Marc

Hello

I can't manage to install VB on osx via puppet and pkgdmg provider.

puppet client : 2.6.8 on osx snow leopard 10.6.7
puppetmaster : 2.6.8-1~bpo60+1 on debian squeeze

The puppet logs say :

[...]

debug: Puppet::Type::Package::ProviderPkgdmg: Executing '/usr/bin/curl -o 
/tmp/VirtualBox-4.0.8-71778-OSX.dmg -C - -k -s --url 
https://web3/apps/VirtualBox-4.0.8-71778-OSX.dmg'
debug: Success: curl transfered [VirtualBox-4.0.8-71778-OSX.dmg]
debug: Puppet::Type::Package::ProviderPkgdmg: Executing '/usr/bin/hdiutil 
mount -plist -nobrowse -readonly -noidme -mountrandom /tmp 
/tmp/VirtualBox-4.0.8-71778-OSX.dmg'
debug: Puppet::Type::Package::ProviderPkgdmg: Executing '/usr/sbin/installer 
-pkg /private/tmp/dmg.5hKSb9/VirtualBox.mpkg -target /'
debug: Puppet::Type::Package::ProviderPkgdmg: Executing '/usr/bin/hdiutil 
eject /private/tmp/dmg.5hKSb9'
err: 
/Stage[main]/Aptitude::Info/Pkginstall[VirtualBox-4.0.8-71778-OSX.dmg]/Package[VirtualBox-4.0.8-71778-OSX.dmg]/ensure:
 
change from absent to present failed: Execution of '/usr/sbin/installer -pkg 
/private/tmp/dmg.5hKSb9/VirtualBox.mpkg -target /' returned 1: installer: 
Package name is Oracle VM VirtualBox
installer: Installing at base path /
installer: The install failed (Le programme d’installation a rencontré une 
erreur qui a provoqué l’échec de l’installation. Contactez l’éditeur du 
logiciel pour obtenir de l’aide.)


The /var/log/install.log :

Jun  8 15:02:16 info-starbuck installer[85815]: JS: Hardware architecture 
detected: i386
Jun  8 15:02:16 info-starbuck installer[85815]: JS: OS version detected: 
10.6.7
Jun  8 15:02:17 info-starbuck installer[85815]: 
-[IFDInstallController(Private) _buildInstallPlan]: location = 
file://localhost
Jun  8 15:02:17 info-starbuck installer[85815]: 
-[IFDInstallController(Private) _buildInstallPlan]: 
file://localhost/private/tmp/dmg.OT7NZT/VirtualBox.mpkg/Contents/Packages/VBoxKEXTs.pkg
Jun  8 15:02:17 info-starbuck installer[85815]: 
-[IFDInstallController(Private) _buildInstallPlan]: 
file://localhost/private/tmp/dmg.OT7NZT/VirtualBox.mpkg/Contents/Packages/VBoxStartupItems.pkg
Jun  8 15:02:17 info-starbuck installer[85815]: 
-[IFDInstallController(Private) _buildInstallPlan]: 
file://localhost/private/tmp/dmg.OT7NZT/VirtualBox.mpkg/Contents/Packages/VirtualBox.pkg
Jun  8 15:02:17 info-starbuck installer[85815]: 
-[IFDInstallController(Private) _buildInstallPlan]: 
file://localhost/private/tmp/dmg.OT7NZT/VirtualBox.mpkg/Contents/Packages/VirtualBoxCLI.pkg
Jun  8 15:02:17 info-starbuck runner[85823]: Administrator authorization 
granted.
Jun  8 15:02:17 info-starbuck installer[85815]: Will use PK session
Jun  8 15:02:17 info-starbuck installer[85815]: Starting installation:
Jun  8 15:02:17 info-starbuck installer[85815]: Configuring volume OsX
Jun  8 15:02:17 info-starbuck installer[85815]: Preparing disk for local 
booted install.
Jun  8 15:02:17 info-starbuck installer[85815]: Free space on OsX: 474.14 
Go (474139660288 bytes).
Jun  8 15:02:17 info-starbuck installer[85815]: Create temporary directory 
/var/folders/zz/zzzivhrRnAmviuee+++/-Tmp-//Install.85815HtcZhN
Jun  8 15:02:17 info-starbuck installer[85815]: IFPKInstallElement (4 
packages)
Jun  8 15:02:17 info-starbuck installer[85815]: PackageKit: - Begin 
install -
Jun  8 15:02:17 info-starbuck installer[85815]: PackageKit: 
request=PKInstallRequest 4 packages, destination=/
Jun  8 15:02:17 info-starbuck installer[85815]: PackageKit: packages=(\n   
 PKJaguarPackage 
file://localhost/private/tmp/dmg.OT7NZT/VirtualBox.mpkg/Contents/Packages/VBoxKEXTs.pkg,\n
 
   PKJaguarPackage 
file://localhost/private/tmp/dmg.OT7NZT/VirtualBox.mpkg/Contents/Packages/VBoxStartupItems.pkg,\n
 
   PKJaguarPackage 
file://localhost/private/tmp/dmg.OT7NZT/VirtualBox.mpkg/Contents/Packages/VirtualBox.pkg,\n
 
   PKJaguarPackage 
file://localhost/private/tmp/dmg.OT7NZT/VirtualBox.mpkg/Contents/Packages/VirtualBoxCLI.pkg\n)
Jun  8 15:02:17 info-starbuck installer[85815]: PackageKit: Extracting 
file://localhost/private/tmp/dmg.OT7NZT/VirtualBox.mpkg/Contents/Packages/VBoxKEXTs.pkg
 
(destination=/var/folders/zz/zzzivhrRnAmviuee+++/Cleanup At 
Startup/PKInstallSandbox-tmp/Root, uid=0)
Jun  8 15:02:18 info-starbuck installer[85815]: PackageKit: Extracting 
file://localhost/private/tmp/dmg.OT7NZT/VirtualBox.mpkg/Contents/Packages/VBoxStartupItems.pkg
 
(destination=/var/folders/zz/zzzivhrRnAmviuee+++/Cleanup At 
Startup/PKInstallSandbox-tmp/Root, uid=0)
Jun  8 15:02:19 info-starbuck installer[85815]: PackageKit: Extracting 
file://localhost/private/tmp/dmg.OT7NZT/VirtualBox.mpkg/Contents/Packages/VirtualBox.pkg
 
(destination=/var/folders/zz/zzzivhrRnAmviuee+++/Cleanup At 
Startup/PKInstallSandbox-tmp/Root, uid=0)
Jun  8 15:02:27 info-starbuck installer[85815]: PackageKit: Extracting 
file://localhost/private/tmp/dmg.OT7NZT/VirtualBox.mpkg/Contents/Packages/VirtualBoxCLI.pkg

Re: [Puppet Users] Puppet Support for OSX

Mister IT Guru wrote:
 Hi guys – I was wondering how well puppet performs on  OSX. Anyone here
 had any experience using puppet under OSX?
 

Very well and it's well supported.  Google uses it to manage their
internal OSX desktops as do a number of other companies, universities, etc.

Regards

James


-- 
James Turnbull
Puppet Labs
1-503-734-8571

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Virtual resources and hashes



On Jun 7, 6:15 pm, Aaron Grewell aaron.grew...@gmail.com wrote:
 Hmmm, either I'm doing something wrong or virtual resources are incompatible
 with hashes.


I think it's a mix of about two parts doing something wrong to one
part incompatible, coming out to more or less Puppet doesn't do
what I wish it would.


 When I do this:
 $users = [{ username = bill, uid = 12345 },
          { username = ted,  uid = 12346 }]

 define usertest ($alias = $name[username]) {
     user {$name[username]:
         ensure = present,
         uid    = $name[uid]
     }}

 @usertest { $users: }
 realize Usertest[bill]

 I get this:
 warning: alias is a metaparam; this value will inherit to all contained
 resources
 Failed to realize virtual resources Usertest[bill] on node

 Which seems unfortunate.  Hash support is a really cool idea but I keep
 tripping over parts of Puppet that don't handle it well.


In a resource declaration, Puppet expects the value or variable
preceding the colon ($users in your example) to be a resource title or
an array of resource titles.  I find it somewhat surprising that
Puppet accepted your hash for the resource titles, but I suppose it
flattens the hash into an ordinary array.  It would be nice if that
elicited at least a warning.

Do not be confused by the similar DSL syntax: resource declarations
are completely unrelated to hashes at the DSL level. I guess you hoped
Puppet would unpack the hash into a resource title and properties, but
it just doesn't, and I wouldn't expect it to do.


John

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: How do you handle deleted nodes with exported resources in this situation?



On Jun 7, 11:12 am, Stefan Schulte stefan.schu...@taunusstein.net
wrote:
 On Tue, Jun 07, 2011 at 07:10:22AM -0700, jcbollinger wrote:

  On Jun 6, 6:40 pm, Larry Ludwig larry...@gmail.com wrote:
   I have an issue where for a file type of an exported resource I must 
   define
   as such:

                   force    = false,
                   replace  = false,

   Meaning the file is created, but do not replace after it's added. I do 
   this
   because of the app modifies the config file after (I know bad idea on 
   their
   part).

   How can I ensure this file is removed when I remove the node from the
   storeconfig database?

 You can download the puppet sources. In the ext Directory you'll find a
 script »puppetstoredconfigclean.rb NODE_TO_BE_REMOVED«. AFAIK the script will
 set the ensure property of all exported resources of the specified host
 to absent.


Nice.  Do I judge correctly that this is an *alternative* to actually
removing the node in question from the storeconfig DB?  I mean,
otherwise, there are no resources in the DB to flag absent.  If you
already have removed the node and its resources from the DB, then I
can't imagine that such a script could help.

I guess you could actually clean out the DB later, after you're
confident that the revised exported resources have been applied
everywhere needed.

Note also that conceivably there can be exported resources for which
ensure = absent is not the correct cleanup.  That may be more
theoretical than practical, however.


John

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Virtual resources and hashes

2011-06-08 Thread Brian Gallew

On Jun 8, 2011, at 8:45 AM, Aaron Grewell wrote:

 Here's the thing though: since arrays are the only native method of looping, 
 Puppet needs to handle arrays of all native types well.  If it doesn't, from 
 an end-user perspective that's broken.

See, there's the crux of the issue: arrays are *not* a method of looping.  
Puppet's DSL is declarative, not procedural (imperative).  What you are 
thinking of as looping is simply a convenient shorthand (syntactic sugar is 
the appropriate term).  If you are thinking in procedural terms (which we've 
all done at one point or another), you're simply going to run around in circles 
ranting that Puppet is broken until you get your head wrapped around its 
declarative nature (much like I did/do).  Puppet is not procedural.  Never has 
been, never will be.

You can probably meet your needs by thinking about the desired state in 
different terms and using extlookup, or using custom functions.  If you are 
really insane, you can modify the Puppet backend to execute a file and read the 
output instead of reading the file directly, which might allow you to 
dynamically generate the manifests you want applied, though the added 
complexity may well be a net loss.

In short, if you are thinking procedural, then you have not yet drunk the 
Kool-Aide.  Join us.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Virtual resources and hashes

Here's the thing though: since arrays are the only native method of looping,
Puppet needs to handle arrays of all native types well.  If it doesn't, from
an end-user perspective that's broken.

On Wed, Jun 8, 2011 at 8:36 AM, jcbollinger john.bollin...@stjude.orgwrote:



 On Jun 7, 6:15 pm, Aaron Grewell aaron.grew...@gmail.com wrote:
  Hmmm, either I'm doing something wrong or virtual resources are
 incompatible
  with hashes.


 I think it's a mix of about two parts doing something wrong to one
 part incompatible, coming out to more or less Puppet doesn't do
 what I wish it would.


  When I do this:
  $users = [{ username = bill, uid = 12345 },
   { username = ted,  uid = 12346 }]
 
  define usertest ($alias = $name[username]) {
  user {$name[username]:
  ensure = present,
  uid= $name[uid]
  }}
 
  @usertest { $users: }
  realize Usertest[bill]
 
  I get this:
  warning: alias is a metaparam; this value will inherit to all contained
  resources
  Failed to realize virtual resources Usertest[bill] on node
 
  Which seems unfortunate.  Hash support is a really cool idea but I keep
  tripping over parts of Puppet that don't handle it well.


 In a resource declaration, Puppet expects the value or variable
 preceding the colon ($users in your example) to be a resource title or
 an array of resource titles.  I find it somewhat surprising that
 Puppet accepted your hash for the resource titles, but I suppose it
 flattens the hash into an ordinary array.  It would be nice if that
 elicited at least a warning.

 Do not be confused by the similar DSL syntax: resource declarations
 are completely unrelated to hashes at the DSL level. I guess you hoped
 Puppet would unpack the hash into a resource title and properties, but
 it just doesn't, and I wouldn't expect it to do.


 John

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.



-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: New Puppet report processors...

treydock wrote:
 My [master] has :
 
 report = true
 reports = http, store, xmpp
 pluginsync = true
 
 The [agent] includes:
report = true
listen = true
pluginsync = true
 
 
 The second agent I tested with also has the same configuration as the
 above [agent]
 
 Correct, the xmpp.yaml has all that information.  What I was asking
 about the remote client not having mail.yaml is I enabled pluginsync
 on the remove client to see if the results would differ and it failed
 stating the mail.yaml was missing (locally on the client).  But if the
 repots = xmpp is only defined for [master] then should I not include
 pluginsync = true on the clients?
 
 

So you don't have anything like the line:

Sending status for name.of.host to XMMP user jabber.user

in your Puppet master syslog.

Regards

James

-- 
James Turnbull
Puppet Labs
1-503-734-8571

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Virtual resources and hashes

If you look at what I tried to do you'll realize that's not the case.  I
understand what you're saying, but the issue is one of Puppet not supporting
its own 'syntactic sugar' consistently.  I created an array (this is not a
convenience for a large number of machines, it's a requirement) but since
it's an array of hashes rather than an array of strings it doesn't work
right.  That's a bug, plain and simple.  There's no point in having hashes
if we can't use defines or virtuals with them without breakage.

On Wed, Jun 8, 2011 at 9:01 AM, Brian Gallew g...@gallew.org wrote:

 On Jun 8, 2011, at 8:45 AM, Aaron Grewell wrote:

  Here's the thing though: since arrays are the only native method of
 looping, Puppet needs to handle arrays of all native types well.  If it
 doesn't, from an end-user perspective that's broken.

 See, there's the crux of the issue: arrays are *not* a method of looping.
  Puppet's DSL is declarative, not procedural (imperative).  What you are
 thinking of as looping is simply a convenient shorthand (syntactic sugar
 is the appropriate term).  If you are thinking in procedural terms (which
 we've all done at one point or another), you're simply going to run around
 in circles ranting that Puppet is broken until you get your head wrapped
 around its declarative nature (much like I did/do).  Puppet is not
 procedural.  Never has been, never will be.

 You can probably meet your needs by thinking about the desired state in
 different terms and using extlookup, or using custom functions.  If you are
 really insane, you can modify the Puppet backend to execute a file and read
 the output instead of reading the file directly, which might allow you to
 dynamically generate the manifests you want applied, though the added
 complexity may well be a net loss.

 In short, if you are thinking procedural, then you have not yet drunk the
 Kool-Aide.  Join us.

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.



-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: How do you handle deleted nodes with exported resources in this situation?

2011-06-08 Thread Brian Gallew


On Jun 8, 2011, at 8:50 AM, jcbollinger wrote:

 
 
 On Jun 7, 11:12 am, Stefan Schulte stefan.schu...@taunusstein.net
 wrote:
 You can download the puppet sources. In the ext Directory you'll find a
 script »puppetstoredconfigclean.rb NODE_TO_BE_REMOVED«. AFAIK the script will
 set the ensure property of all exported resources of the specified host
 to absent.
 
 
 Nice.  Do I judge correctly that this is an *alternative* to actually
 removing the node in question from the storeconfig DB?  I mean,
 otherwise, there are no resources in the DB to flag absent.  If you
 already have removed the node and its resources from the DB, then I
 can't imagine that such a script could help.

My experience is that this script actually purges all of the resources, facts, 
reports, etc. from the storedconfigs repository.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: New Puppet report processors...

2011-06-08 Thread Craig

Hi,

These sample reports have been very useful, thanks!

Is there is a way to only send a report once every 24 hours (say)?
For example, I want to know about failed runs, but not every time
someone is hacking around, changing something, re-running etc.

I can think of all sorts of workarounds, just wondering if there's
something built in to help here.

Thanks

Craig.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Virtual resources and hashes

2011-06-08 Thread Randall Hansen

On Tue, Jun 7, 2011 at 4:15 PM, Aaron Grewell aaron.grew...@gmail.com wrote:

 $users = [{ username = bill, uid = 12345 },
  { username = ted,  uid = 12346 }]

Aaron, I think this is a completely sane request.  We've talked about
it before, but I can't find an existing ticket.  This one seems close,
but very old; will you take a look?
http://projects.puppetlabs.com/issues/1858

If we can work out a good syntax we'll put this on the roadmap.  I
know some of our PS guys are eager for it, too.

r

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: New Puppet report processors...

Craig wrote:
 Hi,
 
 These sample reports have been very useful, thanks!
 
 Is there is a way to only send a report once every 24 hours (say)?
 For example, I want to know about failed runs, but not every time
 someone is hacking around, changing something, re-running etc.
 
 I can think of all sorts of workarounds, just wondering if there's
 something built in to help here.
 

There isn't currently - all of the report processors that trigger on
failed runs trigger on all failed runs.

I would suggest as an aside/workaround that you turn off
notification-style reporting in your test environment (where I presume
people are doing this hacking around :) ).  My assumption is
production Puppet runs that fail are important but you might not care
about dev/test so much.

Regards

James

-- 
James Turnbull
Puppet Labs
1-503-734-8571

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Installing Virtualbox on Mac osx with pkg dmg provider

On Wed, Jun 8, 2011 at 6:13 AM, Marc marcol...@gmail.com wrote:

 Hello

 I can't manage to install VB on osx via puppet and pkgdmg provider.*Jun  8
 15:02:29 info-starbuck installer[85815]: *



 *./postflight: Register file extensions for *



 *Jun  8 15:02:29 info-starbuck installer[85815]: ./postflight: sudo:
 unknown user: *



This is your problem.

The postflight scripts aren't correctly dealing with headless installation
without an interactive session. If you look at postflight, it's probably
doing something dumb that should be fixed.

Those lines above indicate that it's not finding a user when you compare it
to the interactive install.

*Jun  7 12:44:17 info-roslin installer[6404]: ./postflight: Register file
extensions for root*
*
*

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Virtual resources and hashes

I suspect the root of the problem I'm running into may be the simple nature
of $name.  It's not capable of being an arbitrary object.  I consider that
an architectural issue in a system that supports hashes which are structured
objects that can't really be reduced to a string.  IMHO for a future version
there should be a $object (or similar) builtin for handling hashes as
names/titles of resources.  $name should magic-map to $object[name] for
hash-type objects to make life easier for those of us who want to use
hashes.

On Wed, Jun 8, 2011 at 9:33 AM, Aaron Grewell aaron.grew...@gmail.comwrote:

 If you look at what I tried to do you'll realize that's not the case.  I
 understand what you're saying, but the issue is one of Puppet not supporting
 its own 'syntactic sugar' consistently.  I created an array (this is not a
 convenience for a large number of machines, it's a requirement) but since
 it's an array of hashes rather than an array of strings it doesn't work
 right.  That's a bug, plain and simple.  There's no point in having hashes
 if we can't use defines or virtuals with them without breakage.


 On Wed, Jun 8, 2011 at 9:01 AM, Brian Gallew g...@gallew.org wrote:

 On Jun 8, 2011, at 8:45 AM, Aaron Grewell wrote:

  Here's the thing though: since arrays are the only native method of
 looping, Puppet needs to handle arrays of all native types well.  If it
 doesn't, from an end-user perspective that's broken.

 See, there's the crux of the issue: arrays are *not* a method of looping.
  Puppet's DSL is declarative, not procedural (imperative).  What you are
 thinking of as looping is simply a convenient shorthand (syntactic sugar
 is the appropriate term).  If you are thinking in procedural terms (which
 we've all done at one point or another), you're simply going to run around
 in circles ranting that Puppet is broken until you get your head wrapped
 around its declarative nature (much like I did/do).  Puppet is not
 procedural.  Never has been, never will be.

 You can probably meet your needs by thinking about the desired state in
 different terms and using extlookup, or using custom functions.  If you are
 really insane, you can modify the Puppet backend to execute a file and read
 the output instead of reading the file directly, which might allow you to
 dynamically generate the manifests you want applied, though the added
 complexity may well be a net loss.

 In short, if you are thinking procedural, then you have not yet drunk
 the Kool-Aide.  Join us.

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.




-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] how do I tell puppet do nothing if the condition is true

2011-06-08 Thread hyzhang

Hi,

I have a piece of puppet code. I want puppet do nothing if it is true.
How do I do that? Of course this code would not code.

exec { 'runlevel':
command = $is_virtual ? {
'false' = /bin/sed -i 's/id:3:initdefault:/id:
5:initdefault:/' /etc/inittab,
'true'  = 'tell puppet do nothing',
},
}

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: New Puppet report processors...

2011-06-08 Thread treydock

I don't have any lines like that no.

Could the daemon line for puppetmaster be effecting this?  Is the --
reports option necessary since my puppet.conf has that specified?

PUPPETMASTER_EXTRA_OPTS=--reports puppet_dashboard --debug

Other than that and my puppet.conf I haven't found any further
configurations I've implemented effecting use of reports

Thanks
- Trey

On Jun 8, 10:57 am, James Turnbull ja...@puppetlabs.com wrote:
 treydock wrote:
  My [master] has :

      report = true
      reports = http, store, xmpp
      pluginsync = true

  The [agent] includes:
     report = true
     listen = true
     pluginsync = true

  The second agent I tested with also has the same configuration as the
  above [agent]

  Correct, the xmpp.yaml has all that information.  What I was asking
  about the remote client not having mail.yaml is I enabled pluginsync
  on the remove client to see if the results would differ and it failed
  stating the mail.yaml was missing (locally on the client).  But if the
  repots = xmpp is only defined for [master] then should I not include
  pluginsync = true on the clients?

 So you don't have anything like the line:

 Sending status for name.of.host to XMMP user jabber.user

 in your Puppet master syslog.

 Regards

 James

 --
 James Turnbull
 Puppet Labs
 1-503-734-8571

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet Support for OSX

On Wed, Jun 8, 2011 at 8:00 AM, James Turnbull ja...@puppetlabs.com wrote:

 Mister IT Guru wrote:
  Hi guys – I was wondering how well puppet performs on  OSX. Anyone here
  had any experience using puppet under OSX?
 

 Very well and it's well supported.  Google uses it to manage their
 internal OSX desktops as do a number of other companies, universities, etc.


Apart from services, users, groups, etc, we have some interesting native
types for Puppet on OS X like the authorization framework one. This is
something that's rather difficult to manage with any other tool

~ nbk $ puppet resource macauthorization com.apple.airport.network
macauthorization { 'com.apple.airport.network':
  ensure = 'present',
  auth_class = 'rule',
  auth_type  = 'right',
  comment= 'For restricting network selection to administrative users',
  k_of_n = '1',
  rule   = ['authenticate-admin', 'default'],
}

~ nbk $ puppet resource macauthorization com.apple.airport.power
macauthorization { 'com.apple.airport.power':
  ensure = 'present',
  auth_class = 'rule',
  auth_type  = 'right',
  comment= 'For restricting AirPort power changes to administrative
users',
  k_of_n = '1',
  rule   = ['authenticate-admin', 'default'],
}

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] how do I tell puppet do nothing if the condition is true

On Wed, Jun 8, 2011 at 11:01 AM, hyzhang hyzh...@jcvi.org wrote:

 Hi,

 I have a piece of puppet code. I want puppet do nothing if it is true.
 How do I do that? Of course this code would not code.

 exec { 'runlevel':
command = $is_virtual ? {
'false' = /bin/sed -i 's/id:3:initdefault:/id:
 5:initdefault:/' /etc/inittab,
'true'  = 'tell puppet do nothing',
},
}


Move the conditional outside the resource. It's much much easier to read.

if $is_virtual == false {
 # put your exec resource here
}






 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.




-- 
Nigel Kersten
Product, Puppet Labs
@nigelkersten

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Virtual resources and hashes

The request in the ticket is related but might not solve the same problem.
What I think I'm looking for is the generic ability to specify an array of
hashes as a resource title and have Puppet handle it intelligently (that is,
produce a locally scoped hash split from the array and easily accessible
inside the resource specification as well as knowing what value it should
use for $name or supporting e.g. $alias = hash[key] for specifying the
appropriate value).  The reason I think that's preferable to the ability to
transform a hash to a resource is because it will work everywhere.  What I
don't know is whether the hash - resource transform can be made to declare
an instance of a define().  If so, it would handle my needs quite well.  If
OTOH it will only declare native resource types then it won't do all of what
I'm looking for.  It would be a step in the right direction though.

On Wed, Jun 8, 2011 at 10:17 AM, Randall Hansen rand...@puppetlabs.comwrote:

 On Tue, Jun 7, 2011 at 4:15 PM, Aaron Grewell aaron.grew...@gmail.com
 wrote:

  $users = [{ username = bill, uid = 12345 },
   { username = ted,  uid = 12346 }]

 Aaron, I think this is a completely sane request.  We've talked about
 it before, but I can't find an existing ticket.  This one seems close,
 but very old; will you take a look?
 http://projects.puppetlabs.com/issues/1858

 If we can work out a good syntax we'll put this on the roadmap.  I
 know some of our PS guys are eager for it, too.

 r

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.



-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Virtual resources and hashes



On Jun 8, 11:33 am, Aaron Grewell aaron.grew...@gmail.com wrote:
 If you look at what I tried to do you'll realize that's not the case.  I
 understand what you're saying, but the issue is one of Puppet not supporting
 its own 'syntactic sugar' consistently.  I created an array (this is not a
 convenience for a large number of machines, it's a requirement) but since
 it's an array of hashes rather than an array of strings it doesn't work
 right.


Correction: it doesn't work the way you wish it would.  Perhaps it
defies your intuition, but that doesn't make it wrong.  I concur with
Brian that you seem to be thinking about Puppet DSL in declarative
terms, and that that really doesn't work.

There are a lot variations on that theme, but perhaps you're running
into this one: Puppet defined types are not analogous to C macros;
rather they are bona fide resource types implemented via Puppet DSL.
People typically hit that from a different angle, but it smacks of the
same thinking that you even consider using a hash as a resource title,
much less expect the $name variable inside the definition body to
refer to the actual object presented as the title of an instance.

Here are some other things you need to know:

The $name variable in a definition body contains the title of an
instance of the definition.  It is a string, by definition.

Whatever object is presented as a resource title is converted to a
string or to an array of strings, to yield one or more resource
titles.  If the object is neither a string nor an array of strings
then the result will probably not be what you wanted, but it is
entirely consistent.


  That's a bug, plain and simple.  There's no point in having hashes
 if we can't use defines or virtuals with them without breakage.


It seems a little hasty to call bug and declare breakage over a
feature you wish Puppet had.  Especially so when that feature would be
inconsistent with the rest of Puppet.  I do agree that Puppet hashes
are less useful than someone with a background in, say, Perl might
expect.  I never use them myself, but some find them useful.

As for having to use an array, much less an array of hashes, how does
that benefit your example manifest over this:


define usertest ($uid) {
user { $name:
ensure = present,
uid= $uid
}
}

@usertest {
bill: uid = 12345;
ted: uid = 12346;
}

realize Usertest[bill]


That's both cleaner and less verbose than your version, and it scales
just as well with the number of users.  In particular, compare your
initialization of $users with the @usertest declarations in my
version.  Also, mine will work (modulo any typos that may have crept
in).  I use something much like it myself.


John

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Virtual resources and hashes



On Jun 8, 12:17 pm, Randall Hansen rand...@puppetlabs.com wrote:
 On Tue, Jun 7, 2011 at 4:15 PM, Aaron Grewell aaron.grew...@gmail.com wrote:
  $users = [{ username = bill, uid = 12345 },
   { username = ted,  uid = 12346 }]

 Aaron, I think this is a completely sane request.  We've talked about
 it before, but I can't find an existing ticket.  This one seems close,
 but very old; will you take a look?http://projects.puppetlabs.com/issues/1858

 If we can work out a good syntax we'll put this on the roadmap.  I
 know some of our PS guys are eager for it, too.


I agree that the concept is reasonable, but I suggest that you
consider implementing it as a new built-in function.  Puppet's current
DSL syntax is arcane enough already -- consider all the feedback from
PC EU to that effect.  A function for this purpose might be something
like this:

declare($type, $properties, $title_key=title)

$type: the name of the resource type
$properties: a hash or array of hashes of properties for the resources
to declare
$title_key: the key, which must be present in each hash, from which
the title of the corresponding resource instance is obtained

Probably you also need a parameter to select concrete vs. virtual vs.
exported declaration, or else different flavors of the function to
support those alternatives.

Example:

$users = [ { username = bill, uid = 501 }, { username = ted,
uid = 502 } ]
declare(User, $users, username)


Be excellent to each other,

John

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Virtual resources and hashes

All I'm saying is that I think hashes should be first-class citizens in
Puppet and right now they're not.  Every other object can be placed in an
array and easily and scalably declared.  Hashes are special because you
can declare them like anything else, but you can't use them like anything
else.  It may not be a bug but it violates the principle of least surprise
and leaves the newbie confused.

On Wed, Jun 8, 2011 at 11:46 AM, jcbollinger john.bollin...@stjude.orgwrote:



 On Jun 8, 11:33 am, Aaron Grewell aaron.grew...@gmail.com wrote:
  If you look at what I tried to do you'll realize that's not the case.  I
  understand what you're saying, but the issue is one of Puppet not
 supporting
  its own 'syntactic sugar' consistently.  I created an array (this is not
 a
  convenience for a large number of machines, it's a requirement) but since
  it's an array of hashes rather than an array of strings it doesn't work
  right.


 Correction: it doesn't work the way you wish it would.  Perhaps it
 defies your intuition, but that doesn't make it wrong.  I concur with
 Brian that you seem to be thinking about Puppet DSL in declarative
 terms, and that that really doesn't work.

 There are a lot variations on that theme, but perhaps you're running
 into this one: Puppet defined types are not analogous to C macros;
 rather they are bona fide resource types implemented via Puppet DSL.
 People typically hit that from a different angle, but it smacks of the
 same thinking that you even consider using a hash as a resource title,
 much less expect the $name variable inside the definition body to
 refer to the actual object presented as the title of an instance.

 Here are some other things you need to know:

 The $name variable in a definition body contains the title of an
 instance of the definition.  It is a string, by definition.

 Whatever object is presented as a resource title is converted to a
 string or to an array of strings, to yield one or more resource
 titles.  If the object is neither a string nor an array of strings
 then the result will probably not be what you wanted, but it is
 entirely consistent.


   That's a bug, plain and simple.  There's no point in having hashes
  if we can't use defines or virtuals with them without breakage.


 It seems a little hasty to call bug and declare breakage over a
 feature you wish Puppet had.  Especially so when that feature would be
 inconsistent with the rest of Puppet.  I do agree that Puppet hashes
 are less useful than someone with a background in, say, Perl might
 expect.  I never use them myself, but some find them useful.

 As for having to use an array, much less an array of hashes, how does
 that benefit your example manifest over this:


 define usertest ($uid) {
user { $name:
ensure = present,
uid= $uid
}
 }

 @usertest {
bill: uid = 12345;
ted: uid = 12346;
 }

 realize Usertest[bill]


 That's both cleaner and less verbose than your version, and it scales
 just as well with the number of users.  In particular, compare your
 initialization of $users with the @usertest declarations in my
 version.  Also, mine will work (modulo any typos that may have crept
 in).  I use something much like it myself.


 John

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.



-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Creating Users and Hashing it's password.

2011-06-08 Thread vella1tj

Hi everyone I would like to first of all say thanks to anyone willing
to help me.

I was tasked with creating a Admin account using puppet to push to all
of our Macs that we have deployed around the Campus.

user {'sysop':
#uid   = 500,
#groups  = 'admin',
comment= 'Sysop',
ensure= present,
home  = '/home/sysop',
shell   = '/bin/bash',
managehome  = true,
password= 'Haven't figured out the best way to hash
a password and put it in here.,
}

That's what I have so far, I don't believe I understand how Hash works
completely. The way I understand it is it will have a hash in the
password field and it will compare it to other hashes to match what
the password would be. So what I was hoping to get help on (or
anything i've done wrong or you would recommend me doing different) is
how do i set a resource for the hash do i put it in my files directory
and then point it to there is there anything special I have to do
so puppet understands that it's hash.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Creating Users and Hashing it's password.

2011-06-08 Thread Nathan Clemons

What I do is set the password on one host, and then copy the hash out of
/etc/shadow into the Puppet definition to be set on the other hosts.

By default the Puppet providers expect that the password field will be
hashed as used on the system, not plaintext.

--
Nathan Clemons
http://www.livemocha.com
The worlds largest online language learning community



On Wed, Jun 8, 2011 at 12:08 PM, vella1tj vella...@gmail.com wrote:

 Hi everyone I would like to first of all say thanks to anyone willing
 to help me.

 I was tasked with creating a Admin account using puppet to push to all
 of our Macs that we have deployed around the Campus.

 user {'sysop':
#uid   = 500,
#groups  = 'admin',
comment= 'Sysop',
ensure= present,
home  = '/home/sysop',
shell   = '/bin/bash',
managehome  = true,
password= 'Haven't figured out the best way to hash
 a password and put it in here.,
}

 That's what I have so far, I don't believe I understand how Hash works
 completely. The way I understand it is it will have a hash in the
 password field and it will compare it to other hashes to match what
 the password would be. So what I was hoping to get help on (or
 anything i've done wrong or you would recommend me doing different) is
 how do i set a resource for the hash do i put it in my files directory
 and then point it to there is there anything special I have to do
 so puppet understands that it's hash.

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.



-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Creating Users and Hashing it's password.

2011-06-08 Thread vella1tj

so If I changed it to
user {'sysop':
#uid   = 500,
#groups  = 'admin',
comment= 'Sysop',
ensure= present,
home  = '/home/sysop',
shell   = '/bin/bash',
managehome  = true,
password= Hash
}

Hash being the hash from /etc/shadow that would be all I needed?



On Jun 8, 3:12 pm, Nathan Clemons nat...@livemocha.com wrote:
 What I do is set the password on one host, and then copy the hash out of
 /etc/shadow into the Puppet definition to be set on the other hosts.

 By default the Puppet providers expect that the password field will be
 hashed as used on the system, not plaintext.

 --
 Nathan Clemonshttp://www.livemocha.com
 The worlds largest online language learning community







 On Wed, Jun 8, 2011 at 12:08 PM, vella1tj vella...@gmail.com wrote:
  Hi everyone I would like to first of all say thanks to anyone willing
  to help me.

  I was tasked with creating a Admin account using puppet to push to all
  of our Macs that we have deployed around the Campus.

  user {'sysop':
             #uid                   = 500,
             #groups              = 'admin',
                 comment        = 'Sysop',
                 ensure            = present,
                 home              = '/home/sysop',
                 shell               = '/bin/bash',
             managehome      = true,
             password            = 'Haven't figured out the best way to hash
  a password and put it in here.,
         }

  That's what I have so far, I don't believe I understand how Hash works
  completely. The way I understand it is it will have a hash in the
  password field and it will compare it to other hashes to match what
  the password would be. So what I was hoping to get help on (or
  anything i've done wrong or you would recommend me doing different) is
  how do i set a resource for the hash do i put it in my files directory
  and then point it to there is there anything special I have to do
  so puppet understands that it's hash.

  --
  You received this message because you are subscribed to the Google Groups
  Puppet Users group.
  To post to this group, send email to puppet-users@googlegroups.com.
  To unsubscribe from this group, send email to
  puppet-users+unsubscr...@googlegroups.com.
  For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] how do I tell puppet do nothing if the condition is true

2011-06-08 Thread Patrick


On Jun 8, 2011, at 11:01 AM, hyzhang wrote:

 Hi,
 
 I have a piece of puppet code. I want puppet do nothing if it is true.
 How do I do that? Of course this code would not code.
 
 exec { 'runlevel':
command = $is_virtual ? {
'false' = /bin/sed -i 's/id:3:initdefault:/id:
 5:initdefault:/' /etc/inittab,
'true'  = 'tell puppet do nothing',
},
}

Also, so it doesn't run every time, consider putting a grep whatever as a run 
condition.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Virtual resources and hashes

2011-06-08 Thread Randall Hansen

On Wed, Jun 8, 2011 at 12:07 PM, Aaron Grewell aaron.grew...@gmail.com wrote:

 All I'm saying is that I think hashes should be first-class citizens in
 Puppet and right now they're not.

I agree with that as a high-level problem statement, but to make
progress we need to put legs on it.  John's got one possibility:  a
new built-in function.  I agree with him that the DSL is too crufty,
but I don't think this needs to add to it if done well.

Here's another possibility, I think:
http://groups.google.com/group/puppet-users/browse_thread/thread/162d86ed39d6d8da

What do you think?  I must admit not to understand all the details.
As D. UX I mostly try to squeeze ideas out of other people. :)  I'll
try to keep the conversation going and help us coalesce around the
details, but I'll need help from people who really have skin in the
game.

Thanks,

r

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: New Puppet report processors...

2011-06-08 Thread Ohad Levy

On 2011 6 8 20:16, Craig craigmsm...@blueyonder.co.uk wrote:

 Hi,

 These sample reports have been very useful, thanks!

 Is there is a way to only send a report once every 24 hours (say)?
 For example, I want to know about failed runs, but not every time
 someone is hacking around, changing something, re-running etc.

 I can think of all sorts of workarounds, just wondering if there's
 something built in to help here.

Foreman got a summary report support, where you can see / email an overview
over time (eg last 24 hours), and can even filter out results (dont shoe dev
hosts).

Ohad
 Thanks

 Craig.

 --
 You received this message because you are subscribed to the Google Groups
Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Virtual resources and hashes

We've looked at two different possibilities thus far:

1) Make all resource types hash-aware.  This is what I was originally asking
for.  It would mean changing the way resources are declared so that in the
case of a hash their representation of $name was appropriate for use with
defines and virtuals.  This could either be done by requiring the hash to
have a 'name' key and using that or by creating a metaparameter like
hash_key so it could be user-specified.  The hash itself would need to be
passed to the resource in the same way as $name but with a different
identifier so that its keys could be accessed inside the resource as e.g.
$data[key].

The upside of this is that it should work universally and conceptually match
the rest of Puppet, the downsides I see so far are that its implementation
might well be intrusive and it might also add to the DSL.

2) Create a hash - resource transformation function.  If I understood John
correctly this is what he was in favor of.

The upside of this is it should be less intrusive, easier to implement, and
require no DSL changes.  The downside is that it still makes hashes special
and requires separate handling of them.


On Wed, Jun 8, 2011 at 12:58 PM, Randall Hansen rand...@puppetlabs.comwrote:

 On Wed, Jun 8, 2011 at 12:07 PM, Aaron Grewell aaron.grew...@gmail.com
 wrote:

  All I'm saying is that I think hashes should be first-class citizens in
  Puppet and right now they're not.

 I agree with that as a high-level problem statement, but to make
 progress we need to put legs on it.  John's got one possibility:  a
 new built-in function.  I agree with him that the DSL is too crufty,
 but I don't think this needs to add to it if done well.

 Here's another possibility, I think:

 http://groups.google.com/group/puppet-users/browse_thread/thread/162d86ed39d6d8da

 What do you think?  I must admit not to understand all the details.
 As D. UX I mostly try to squeeze ideas out of other people. :)  I'll
 try to keep the conversation going and help us coalesce around the
 details, but I'll need help from people who really have skin in the
 game.

 Thanks,

 r

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.



-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: how do I tell puppet do nothing if the condition is true

2011-06-08 Thread hyzhang

Thank you all. That works!

-Haiyan

On Jun 8, 3:28 pm, Patrick kc7...@gmail.com wrote:
 On Jun 8, 2011, at 11:01 AM, hyzhang wrote:

  Hi,

  I have a piece of puppet code. I want puppet do nothing if it is true.
  How do I do that? Of course this code would not code.

  exec { 'runlevel':
         command = $is_virtual ? {
                 'false' = /bin/sed -i 's/id:3:initdefault:/id:
  5:initdefault:/' /etc/inittab,
                 'true'  = 'tell puppet do nothing',
         },
     }

 Also, so it doesn't run every time, consider putting a grep whatever as a 
 run condition.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] How to do array interpolation?

2011-06-08 Thread Toby

Hello all, sort of a puppet newbie here,

I have some constructs that are like so:

class hosts {
   file {/etc/hosts:
  owner  = root,
  group  = root,
  mode   = 644,
  source = [puppet://puppet/files/etc/hosts.$hostname,
 puppet://puppet/files/etc/hosts.$operatingsystem,
 puppet://puppet/files/etc/hosts]
   }
}

And I have lots of them, for various reasons.  It seems like a real
waste to have to keep on typing out those 3-5 lines for where the
source of these things are from.  So I thought I could do something
like the following.  Having all those variables in one place, being
able
to add to the search path easily:

$base = puppet://puppet.foo.bar/files

$search = [
  ${base}/${host},
  ${base}/${operatingsystem},
  ${base}/default
]

class hosts {
   file {/etc/hosts:
  owner  = root,
  group  = root,
  mode   = 644,
  source = ${search}/etc/hosts;
   }
}


But that definitely does not do what I thought it would.  Anyone have
a method of
making the above type of thing work?

-Toby.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: New Puppet report processors...

treydock wrote:
 I don't have any lines like that no.
 
 Could the daemon line for puppetmaster be effecting this?  Is the --
 reports option necessary since my puppet.conf has that specified?
 
 PUPPETMASTER_EXTRA_OPTS=--reports puppet_dashboard --debug
 
 Other than that and my puppet.conf I haven't found any further
 configurations I've implemented effecting use of reports

Specifying --reports on the command line in PUPPETMASTER_EXTRA_OPTS I am
pretty sure will override the puppet.conf configuration rather than add
to it.  I'd take it out of there and put it into puppet.conf on the master.

Regards

James Turnbull


-- 
James Turnbull
Puppet Labs
1-503-734-8571

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Virtual resources and hashes

On Wed, Jun 8, 2011 at 1:36 PM, Aaron Grewell aaron.grew...@gmail.comwrote:

We've looked at two different possibilities thus far:

1) Make all resource types hash-aware. This is what I was originally
asking for. It would mean changing the way resources are declared so that
in the case of a hash their representation of $name was appropriate for use
with defines and virtuals. This could either be done by requiring the hash
to have a 'name' key and using that or by creating a metaparameter like
hash_key so it could be user-specified. The hash itself would need to be
passed to the resource in the same way as $name but with a different
identifier so that its keys could be accessed inside the resource as e.g.
$data[key].

The upside of this is that it should work universally and conceptually
match the rest of Puppet, the downsides I see so far are that its
implementation might well be intrusive and it might also add to the DSL.

2) Create a hash - resource transformation function. If I understood John
correctly this is what he was in favor of.

The upside of this is it should be less intrusive, easier to implement, and
require no DSL changes. The downside is that it still makes hashes special
and requires separate handling of them.

2.7.x merged the older hash2resource function as create_resource

https://github.com/puppetlabs/puppet/blob/2.7.x/lib/puppet/parser/functions/create_resources.rb

I'm actually not sure where the definitive home for hash2resource is,
perhaps someone else will chime in.

On Wed, Jun 8, 2011 at 12:58 PM, Randall Hansen rand...@puppetlabs.comwrote:

On Wed, Jun 8, 2011 at 12:07 PM, Aaron Grewell aaron.grew...@gmail.com
wrote:

All I'm saying is that I think hashes should be first-class citizens in
Puppet and right now they're not.

I agree with that as a high-level problem statement, but to make
progress we need to put legs on it. John's got one possibility: a
new built-in function. I agree with him that the DSL is too crufty,
but I don't think this needs to add to it if done well.

Here's another possibility, I think:

http://groups.google.com/group/puppet-users/browse_thread/thread/162d86ed39d6d8da

What do you think? I must admit not to understand all the details.
As D. UX I mostly try to squeeze ideas out of other people. :) I'll
try to keep the conversation going and help us coalesce around the
details, but I'll need help from people who really have skin in the
game.

Thanks,

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

--
Nigel Kersten
Product, Puppet Labs
@nigelkersten

Re: [Puppet Users] Re: Virtual resources and hashes

Nice! More good things to look forward to. :)

On Wed, Jun 8, 2011 at 1:58 PM, Nigel Kersten ni...@puppetlabs.com wrote:

On Wed, Jun 8, 2011 at 1:36 PM, Aaron Grewell aaron.grew...@gmail.comwrote:

We've looked at two different possibilities thus far:

2) Create a hash - resource transformation function. If I understood
John correctly this is what he was in favor of.

The upside of this is it should be less intrusive, easier to implement,
and require no DSL changes. The downside is that it still makes hashes
special and requires separate handling of them.

2.7.x merged the older hash2resource function as create_resource

https://github.com/puppetlabs/puppet/blob/2.7.x/lib/puppet/parser/functions/create_resources.rb

I'm actually not sure where the definitive home for hash2resource is,
perhaps someone else will chime in.

On Wed, Jun 8, 2011 at 12:58 PM, Randall Hansen
rand...@puppetlabs.comwrote:

On Wed, Jun 8, 2011 at 12:07 PM, Aaron Grewell aaron.grew...@gmail.com
wrote:

All I'm saying is that I think hashes should be first-class citizens in
Puppet and right now they're not.

Here's another possibility, I think:

http://groups.google.com/group/puppet-users/browse_thread/thread/162d86ed39d6d8da

Thanks,

--
Nigel Kersten
Product, Puppet Labs
@nigelkersten

Re: [Puppet Users] Re: Creating Users and Hashing it's password.

2011-06-08 Thread Denmat

Hi,

If your password hash has any $ in it the ... will puppet make try to expand 
it.

You need password = '$1$effggfdg' (single quotes).

cheers,
Den
On 09/06/2011, at 5:18, vella1tj vella...@gmail.com wrote:

 so If I changed it to
 user {'sysop':
#uid   = 500,
#groups  = 'admin',
comment= 'Sysop',
ensure= present,
home  = '/home/sysop',
shell   = '/bin/bash',
managehome  = true,
password= Hash
 }
 
 Hash being the hash from /etc/shadow that would be all I needed?
 
 
 
 On Jun 8, 3:12 pm, Nathan Clemons nat...@livemocha.com wrote:
 What I do is set the password on one host, and then copy the hash out of
 /etc/shadow into the Puppet definition to be set on the other hosts.
 
 By default the Puppet providers expect that the password field will be
 hashed as used on the system, not plaintext.
 
 --
 Nathan Clemonshttp://www.livemocha.com
 The worlds largest online language learning community
 
 
 
 
 
 
 
 On Wed, Jun 8, 2011 at 12:08 PM, vella1tj vella...@gmail.com wrote:
 Hi everyone I would like to first of all say thanks to anyone willing
 to help me.
 
 I was tasked with creating a Admin account using puppet to push to all
 of our Macs that we have deployed around the Campus.
 
 user {'sysop':
#uid   = 500,
#groups  = 'admin',
comment= 'Sysop',
ensure= present,
home  = '/home/sysop',
shell   = '/bin/bash',
managehome  = true,
password= 'Haven't figured out the best way to hash
 a password and put it in here.,
}
 
 That's what I have so far, I don't believe I understand how Hash works
 completely. The way I understand it is it will have a hash in the
 password field and it will compare it to other hashes to match what
 the password would be. So what I was hoping to get help on (or
 anything i've done wrong or you would recommend me doing different) is
 how do i set a resource for the hash do i put it in my files directory
 and then point it to there is there anything special I have to do
 so puppet understands that it's hash.
 
 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to 
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at 
 http://groups.google.com/group/puppet-users?hl=en.
 

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Creating Users and Hashing it's password.

On Wed, Jun 8, 2011 at 2:11 PM, Denmat tu2bg...@gmail.com wrote:

Hi,

If your password hash has any $ in it the ... will puppet make try to
expand it.

You need password = '$1$effggfdg' (single quotes).

I like using puppet resource for this.

Set the password for an account, and use puppet resource to generate the
manifest, removing the attributes you don't want to manage.

user { 'nigel':
ensure = 'present',
comment = 'nigel,,,',
gid = '1000',
groups = ['dialout', 'cdrom', 'floppy', 'audio', 'video',
'plugdev'],
home = '/home/nigel',
password =
'$6$fPUohVXH$bYZY38RJIKKUK9fF6U/taOZfOwFdRoBnRkZOV71lGIWVMj96nOwWOAMp5EGbfJUjbrnHP/EvszbRkZgWYRkL3.',
password_max_age = '9',
password_min_age = '0',
shell= '/bin/bash',
uid = '1000',
}

That's a test account. The password is trivial enough that you can probably
crack it :)

cheers,
Den
On 09/06/2011, at 5:18, vella1tj vella...@gmail.com wrote:

so If I changed it to
user {'sysop':
#uid = 500,
#groups = 'admin',
comment= 'Sysop',
ensure= present,
home = '/home/sysop',
shell = '/bin/bash',
managehome = true,
password= Hash
}

Hash being the hash from /etc/shadow that would be all I needed?

On Jun 8, 3:12 pm, Nathan Clemons nat...@livemocha.com wrote:
What I do is set the password on one host, and then copy the hash out of
/etc/shadow into the Puppet definition to be set on the other hosts.

By default the Puppet providers expect that the password field will be
hashed as used on the system, not plaintext.

--
Nathan Clemonshttp://www.livemocha.com
The worlds largest online language learning community

On Wed, Jun 8, 2011 at 12:08 PM, vella1tj vella...@gmail.com wrote:
Hi everyone I would like to first of all say thanks to anyone willing
to help me.

I was tasked with creating a Admin account using puppet to push to all
of our Macs that we have deployed around the Campus.

user {'sysop':
#uid = 500,
#groups = 'admin',
comment= 'Sysop',
ensure= present,
home = '/home/sysop',
shell = '/bin/bash',
managehome = true,
password= 'Haven't figured out the best way to
hash
a password and put it in here.,
}

That's what I have so far, I don't believe I understand how Hash works
completely. The way I understand it is it will have a hash in the
password field and it will compare it to other hashes to match what
the password would be. So what I was hoping to get help on (or
anything i've done wrong or you would recommend me doing different) is
how do i set a resource for the hash do i put it in my files directory
and then point it to there is there anything special I have to do
so puppet understands that it's hash.

--
You received this message because you are subscribed to the Google
Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

--
Nigel Kersten
Product, Puppet Labs
@nigelkersten

Re: [Puppet Users] Re: Creating Users and Hashing it's password.

On Wed, Jun 8, 2011 at 2:38 PM, Nigel Kersten ni...@puppetlabs.com wrote:

On Wed, Jun 8, 2011 at 2:11 PM, Denmat tu2bg...@gmail.com wrote:

Hi,

If your password hash has any $ in it the ... will puppet make try to
expand it.

You need password = '$1$effggfdg' (single quotes).

I like using puppet resource for this.

Set the password for an account, and use puppet resource to generate the
manifest, removing the attributes you don't want to manage.

I forgot to show the actual command:

$ puppet resource user nigel

That's a test account. The password is trivial enough that you can probably
crack it :)

cheers,
Den
On 09/06/2011, at 5:18, vella1tj vella...@gmail.com wrote:

so If I changed it to
user {'sysop':
#uid = 500,
#groups = 'admin',
comment= 'Sysop',
ensure= present,
home = '/home/sysop',
shell = '/bin/bash',
managehome = true,
password= Hash
}

Hash being the hash from /etc/shadow that would be all I needed?

On Jun 8, 3:12 pm, Nathan Clemons nat...@livemocha.com wrote:
What I do is set the password on one host, and then copy the hash out
of
/etc/shadow into the Puppet definition to be set on the other hosts.

By default the Puppet providers expect that the password field will be
hashed as used on the system, not plaintext.

--
Nathan Clemonshttp://www.livemocha.com
The worlds largest online language learning community

On Wed, Jun 8, 2011 at 12:08 PM, vella1tj vella...@gmail.com wrote:
Hi everyone I would like to first of all say thanks to anyone willing
to help me.

I was tasked with creating a Admin account using puppet to push to all
of our Macs that we have deployed around the Campus.

--
You received this message because you are subscribed to the Google
Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

--
You received this message because you are subscribed to the Google
Groups Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

--
Nigel Kersten
Product, Puppet Labs
@nigelkersten

[Puppet Users] Re: New Puppet report processors...

2011-06-08 Thread treydock

That did it!  I'm now getting messages over Jabber upon failure!!

Is the debug output you refered to earlier, Sending status for
name.of.host to XMMP user jabber.user something I would see from
Puppet or the Jabber server?  I have yet to see similar output, but
the IM is now working.

Also now that I have this working I tried switching the settings in
xmpp.yaml, but am still getting messages on the account from old
settings.  Is there a cache or location I need to clear for puppet to
use the new xmpp.yaml settings?

Thanks
- Trey

On Jun 8, 3:43 pm, James Turnbull ja...@puppetlabs.com wrote:
 treydock wrote:
  I don't have any lines like that no.

  Could the daemon line for puppetmaster be effecting this?  Is the --
  reports option necessary since my puppet.conf has that specified?

  PUPPETMASTER_EXTRA_OPTS=--reports puppet_dashboard --debug

  Other than that and my puppet.conf I haven't found any further
  configurations I've implemented effecting use of reports

 Specifying --reports on the command line in PUPPETMASTER_EXTRA_OPTS I am
 pretty sure will override the puppet.conf configuration rather than add
 to it.  I'd take it out of there and put it into puppet.conf on the master.

 Regards

 James Turnbull

 --
 James Turnbull
 Puppet Labs
 1-503-734-8571

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: New Puppet report processors...

2011-06-08 Thread treydock

Scratch my last question, had to restart puppetmaster.

Thanks again for your help and these plugins

- Trey

On Jun 8, 5:01 pm, treydock treyd...@gmail.com wrote:
 That did it!  I'm now getting messages over Jabber upon failure!!

 Is the debug output you refered to earlier, Sending status for
 name.of.host to XMMP user jabber.user something I would see from
 Puppet or the Jabber server?  I have yet to see similar output, but
 the IM is now working.

 Also now that I have this working I tried switching the settings in
 xmpp.yaml, but am still getting messages on the account from old
 settings.  Is there a cache or location I need to clear for puppet to
 use the new xmpp.yaml settings?

 Thanks
 - Trey

 On Jun 8, 3:43 pm, James Turnbull ja...@puppetlabs.com wrote:







  treydock wrote:
   I don't have any lines like that no.

   Could the daemon line for puppetmaster be effecting this?  Is the --
   reports option necessary since my puppet.conf has that specified?

   PUPPETMASTER_EXTRA_OPTS=--reports puppet_dashboard --debug

   Other than that and my puppet.conf I haven't found any further
   configurations I've implemented effecting use of reports

  Specifying --reports on the command line in PUPPETMASTER_EXTRA_OPTS I am
  pretty sure will override the puppet.conf configuration rather than add
  to it.  I'd take it out of there and put it into puppet.conf on the master.

  Regards

  James Turnbull

  --
  James Turnbull
  Puppet Labs
  1-503-734-8571

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Invitación a conectarnos en LinkedIn

2011-06-08 Thread Daniel Anibal Guerrero

LinkedIn


   
Me gustaría añadirte a mi red profesional en LinkedIn.
 
-Daniel Anibal

Daniel Anibal Guerrero
Bibliotecario en Museo Nacional del Inmigrante- 
Argentina

Confirma que conoces a Daniel Anibal Guerrero
https://www.linkedin.com/e/-7o0xwv-goouq8ed-3r/isd/3154013839/BukbDg4B/


 
-- 
(c) 2011, LinkedIn Corporation

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: New Puppet report processors...

2011-06-08 Thread Don Johnson

James,

This is all wonderfully helpful and I just spent a little time writing
up a Zenoss processor to send an event on failure using
XMLRPC::Client, modeled directly after your puppet-zendesk module,
replacing the HTTParty guts with XMLRPC guts. I've encountered a
problem though (and we can refer to puppet-zendesk code):

When I stuff a fail() into a manifest and run, it fails, sends a
report to the PM, and the PM logs this:

Report zenoss failed: undefined method `status' for
#Puppet::Transaction::Report:0x2b626b5ad7c0

The line in question is from zendesk.rb:25

if self.status == 'failed'
  ...
end

So, it's breaking there, but when I replace self.status with var and
var = 'failed', bypassing the if, the rest of the code works and the
event appears in zenoss.

I'm running 2.6.4 on the master  client. pluginsync is true on both,
and reports = zenoss only on the master for this test.

Why is self.status not working for me?

On May 31, 8:09 am, James Turnbull ja...@puppetlabs.com wrote:
 Hi all

 On my TODO list for about a year now has been a tutorial on how easy it
 is to write Puppet report processors and how much more you can do with
 them than just email/log/store Puppet report data.  Rather than write a
 whole tutorial I decided to create a whole series of examples of report
 processors that should:

 a) Provide some immediate solutions that you can deploy right now, and

 b) Provide good examples of things you can do with report processing
 that you can take, fork and modify.

 All of them are released under the Apache 2.0 license.

 In that spirit I've created ten new report processors:

 1. Reports failed runs to an IRC channel 
 -https://github.com/jamtur01/puppet-irc

 2. Reports failed runs and logs to PagerDuty 
 -https://github.com/jamtur01/puppet-pagerduty

 3. Reports failed runs to Jabber/XMPP -https://github.com/jamtur01/puppet-xmpp

 4. Reports failed runs to Twitter -https://github.com/jamtur01/puppet-twitter

 5. Reports failed runs and logs to Campfire 
 -https://github.com/jamtur01/puppet-campfire

 6. Reports failed runs to Twilio -https://github.com/jamtur01/puppet-twilio

 7. Reports failed runs to Boxcar -https://github.com/jamtur01/puppet-boxcar

 8. Reports failed runs to HipChat -https://github.com/jamtur01/puppet-hipchat

 9. Sends metrics to a Ganglia server via gmetric 
 -https://github.com/jamtur01/puppet-ganglia

 10. Reports failed runs to Growl -https://github.com/jamtur01/puppet-growl

 Comments, feedback, testing and ideas for other integrations all welcomed.

 Regards

 James

 --
 James Turnbull
 Puppet Labs
 1-503-734-8571

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: New Puppet report processors...

2011-06-08 Thread Don

(possible double-post)

James,

This is all wonderfully helpful and I just spent a little while
writing up a Zenoss processor to send an event on failure using
XMLRPC::Client, modeled directly after your puppet-zendesk module,
replacing the HTTParty guts with XMLRPC guts. I've encountered a
problem though (and we can refer to puppet-zendesk code):

When I stuff a fail() into a manifest and run, it fails, sends a
report to the PM, and the PM logs this:

Report zenoss failed: undefined method `status' for
#Puppet::Transaction::Report:0x2b626b5ad7c0

The line in question is from zendesk.rb:25

if self.status == 'failed'
  ...
end

So, it's breaking there, but when I replace self.status with var and
var = 'failed', bypassing the if, the rest of the code works and the
event appears in zenoss.

I'm running 2.6.4 on the master  client. pluginsync is true on both,
and reports = zenoss only on the master for this test.

Why is self.status not working in this case?

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: New Puppet report processors...

Don wrote:
 (possible double-post)
 
 James,
 
 This is all wonderfully helpful and I just spent a little while
 writing up a Zenoss processor to send an event on failure using
 XMLRPC::Client, modeled directly after your puppet-zendesk module,
 replacing the HTTParty guts with XMLRPC guts. I've encountered a
 problem though (and we can refer to puppet-zendesk code):
 
 When I stuff a fail() into a manifest and run, it fails, sends a
 report to the PM, and the PM logs this:
 
 Report zenoss failed: undefined method `status' for
 #Puppet::Transaction::Report:0x2b626b5ad7c0
 
 The line in question is from zendesk.rb:25
 
 if self.status == 'failed'
   ...
 end
 
 So, it's breaking there, but when I replace self.status with var and
 var = 'failed', bypassing the if, the rest of the code works and the
 event appears in zenoss.
 
 I'm running 2.6.4 on the master  client. pluginsync is true on both,
 and reports = zenoss only on the master for this test.
 
 Why is self.status not working in this case?
 

Odd.  Can I see the rest of your code?

If private you can email me offlist.

Regards

James

-- 
James Turnbull
Puppet Labs
1-503-734-8571

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Open Source Team iteration planning summary 2011-06-08

2011-06-08 Thread Jacob Helwig

Finished backlog items:

  * #2128 - Allow arbitrary fact as node_name identifier

There are now two new (mutually exclusive) configuration options on
the agent in the 2.6.x branch to allow setting the node's name
separately from the node's certificate name.

  node_name_value: This defaults to the value of the certname
setting.

  node_name_fact: This is not set by default.  When set, the agent
will use the value of this fact as the node name when checking
in with the master for uploading facts, retrieving catalogs and
all other operations.

In order to take advantage of these new settings you will need to
modify the default auth.conf to include a section similar to the
one below before the default path ~ ^/catalog/([^/]+)$ block.

  path ~ /catalog/ec2_node_.+
  allow *

This will allow any authenticated agent (one making a request with a
signed certificate) to upload facts, and request the catalog for any
node that has a name starting with 'ec2_node_'.  This is required
since the node name that will be used in the request will not likely
match the certificate name used to authenticate with the master.

These new options also affect the node name used in reports sent
back to the master.

  * #650 - puppet replaces configuration directories when they are
   symlinks

This has been merged into the 2.6.x branch.  Puppet will no longer
replace the confdir (or other directory settings) with real
directories when they currently exist on disk as a symlink to a
real directory.

Puppet will still replace the symlink with a real directory if the
target doesn't exist, or is something other than a file.  This is
known behavior around managing files  directories through symlinks,
and is captured in #4394[1]

The new backlog items this week are:

  * #3741 - Custom facts loaded multiple times

  * #3669 - Make puppet honor DNS SRV records

Current backlog:

  * #7127 - prerun_command don't stop puppet on error

  * #4416 - Resources cannot be used on the run where they are synced

  * #7742 - Package type V2 - apt

  * #5517 - behavior change within 2.6 makes it impossible to override
class parameters of included parametrized classes

  * #7743 - Package type V2 - dpkg

  * #7744 - Package type V2 - aptitude

  * #3741 - Custom facts loaded multiple times

  * #3669 - Make puppet honor DNS SRV records

[1] http://projects.puppetlabs.com/issues/4394#note-2

-- 
Jacob Helwig


signature.asc
Description: Digital signature

Re: [Puppet Users] Re: New Puppet report processors...