Re: [Puppet Users] A Question about mixing Puppet with other things
On Thu, Jul 7, 2011 at 9:47 PM, Dan White y...@comcast.net wrote: In Pro Linux System Administration Mr. Turnbull discusses Cobbler and Puppet In Pro Puppet he discusses Foreman and Puppet. Would anyone out there be willing and able to talk about the differences between Cobbler and Foreman as they relate to Puppet and what factors I should consider in choosing one of them ? Not sure if I can describe every change, but I can say that foreman was designed to work with Puppet from day one. Feel free to review Foreman [1] and its features [2] to decide for your self. Ohad [1] - http://theforeman.org [2] - http://theforeman.org/projects/foreman/wiki/Features I want to use Puppet with Something-Else to manage a group of servers and desktops and other machines in a centralized, automated, configurable and repeatable fashion. I want to be able to do operating system installations, patches and/or updates, and maintenance activity. Thanks. “Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.” Bill Waterson (Calvin Hobbes) -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Bizarre errors from puppetmaster 2.7.1
On Jul 9, 2011, at 6:35 PM, Michael Halligan wrote: Periodically after restarting the master (which uses puppet-dashboard as a reporting server and ENC), when an agent tries to run, the agent isn't given any classes, and exits without error, then the master spews out this message: Jul 10 01:32:12 localhost puppet-master[15757]: Compiled catalog for ip-10-36-34-207.ec2.internal in environment --- --- \--- \\\--- \\\--- \\\--- \\\--- \\\--- \\\--- \\\--- \\\--- \\ Any ideas? There's a Millions of slashes storedconfigs bug. On the surface this looks a little similar. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: use puppet to manage user accounts on mysql
Hey I will try to write again what I wanted to say in the first message: Is it possible through puppet that I install mysql and define what would be mysql username, password for that client and also I want to disable root user through puppet, can this be achieved. Thanks On Jul 9, 10:54 pm, Gabriel Filion lelu...@gmail.com wrote: On 11-07-10 12:48 AM, newguy wrote: I have 2 types of clients(developers, users) connecting to my puppet server, puppet installs mysql on both the machines but I want that when its user machine connecting to server the mysql root user is disabled and a user account should be made with a custom password and for developers machine puppet makes a root user with an option to select a password(right now puppet just installs mysql with root user and without asking for any root password), developers should also be able to make a non root account through puppet on mysql. Is this possible with puppet, please help. I'm not entirely sure what the long sentence is asking about, but yes I guess it should be possible. the following module includes custom resource types that could help you out (Mysql_database, Mysql_user, Mysql_grant): https://labs.riseup.net/code/projects/shared-mysql check out 'lib/puppet/type' -- Gabriel Filion -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] A working firewall module
Iv been going through a multitude of firewall modules not being able to find a simple module that open and closes ports on Redhat/Centos 5.6 All the modules that iv tried keep open ports multiple times (each time puppet agent runs): ACCEPT -A INPUT -p tcp -m multiport --dports 80 -m comment --comment Allow clarity -m state --state NEW -j ACCEPT -A INPUT -p tcp -m multiport --dports 5672 -m comment --comment JMS port -m state --state NEW -j ACCEPT -A INPUT -p tcp -m multiport --dports 1099 -m comment --comment Allow rmi -m state --state NEW -j ACCEPT -A INPUT -p tcp -m multiport --dports -m comment --comment Allow jmx -m state --state NEW -j ACCEPT -A INPUT -p tcp -m multiport --dports -m comment --comment Allow jmx -m state --state NEW -j ACCEPT -A INPUT -p tcp -m multiport --dports 5672 -m comment --comment JMS port -m state --state NEW -j ACCEPT -A INPUT -p tcp -m multiport --dports 55672 -m comment --comment Allowing rabbit managment port -m state --state NEW -j ACCEPT -A INPUT -p tcp -m multiport --dports 1099 -m comment --comment Allow rmi -m state --state NEW -j ACCEPT -A INPUT -p tcp -m multiport --dports 80 -m comment --comment Allow clarity -m state --state NEW -j ACCEPT Among the modules iv tried: https://github.com/pdeaudney/puppet-firewall https://github.com/puppetlabs/puppetlabs-firewall Iv also tried: https://github.com/duritong/puppet-shorewall And didn't manager to get it going, Id be grateful to Any reference to a simple working Redhat/Centos module Ronen -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Bizarre errors from puppetmaster 2.7.1
That does look an awful lot like the storedconfig bug (#4487). The fix prevented this from happening on new records, and would prevent further YAML encapsulation of existing rows, but the existing (broken) rows still needed to be cleaned up by hand. -- Please excuse my brevity; sent from my mobile device. On Jul 10, 2011, at 2:10 AM, Patrick kc7...@gmail.com wrote: On Jul 9, 2011, at 6:35 PM, Michael Halligan wrote: Periodically after restarting the master (which uses puppet-dashboard as a reporting server and ENC), when an agent tries to run, the agent isn't given any classes, and exits without error, then the master spews out this message: Jul 10 01:32:12 localhost puppet-master[15757]: Compiled catalog for ip-10-36-34-207.ec2.internal in environment --- --- \--- \\\--- \\\--- \\\--- \\\--- \\\--- \\\--- \\\--- \\\--- \\ Any ideas? There's a Millions of slashes storedconfigs bug. On the surface this looks a little similar. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: use puppet to manage user accounts on mysql
On Sun, Jul 10, 2011 at 3:27 AM, newguy aimanparv...@gmail.com wrote:
Hey
I will try to write again what I wanted to say in the first message:
Is it possible through puppet that I install mysql and define what
would be mysql username, password for that client and also I want to
disable root user through puppet, can this be achieved.
Yes. The riseup mysql puppet module that Gabriel pointed at will let you do
this.
Once you've installed the module in your modulepath, you should be able to
do:
mysql_user { username@host:
ensure = present,
password_hash = your_password_hash,
}
and
mysql_user { root@host:
ensure = absent,
}
Thanks
On Jul 9, 10:54 pm, Gabriel Filion lelu...@gmail.com wrote:
On 11-07-10 12:48 AM, newguy wrote:
I have 2 types of clients(developers, users) connecting to my puppet
server, puppet installs mysql on both the machines but I want that
when its user machine connecting to server the mysql root user is
disabled and a user account should be made with a custom password and
for developers machine puppet makes a root user with an option to
select a password(right now puppet just installs mysql with root user
and without asking for any root password), developers should also be
able to make a non root account through puppet on mysql.
Is this possible with puppet, please help.
I'm not entirely sure what the long sentence is asking about, but yes I
guess it should be possible.
the following module includes custom resource types that could help you
out (Mysql_database, Mysql_user, Mysql_grant):
https://labs.riseup.net/code/projects/shared-mysql
check out 'lib/puppet/type'
--
Gabriel Filion
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
Nigel Kersten
Product Manager, Puppet Labs
Twitter: @nigelkersten
*Join us for **PuppetConf *http://www.bit.ly/puppetconfsig
September 22nd and 23rd in Portland, Oregon, USA.
*
*
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Bizarre errors from puppetmaster 2.7.1
On Sun, Jul 10, 2011 at 9:22 AM, Jacob Helwig ja...@puppetlabs.com wrote: That does look an awful lot like the storedconfig bug (#4487). The fix prevented this from happening on new records, and would prevent further YAML encapsulation of existing rows, but the existing (broken) rows still needed to be cleaned up by hand. Ahah, this all makes sense now. http://projects.puppetlabs.com/issues/4487 This was one of the bugs that was addressed in 2.6.9, and due to the freeze during 2.7.0 RC, will go into the next 2.7.x release. -- Please excuse my brevity; sent from my mobile device. On Jul 10, 2011, at 2:10 AM, Patrick kc7...@gmail.com wrote: On Jul 9, 2011, at 6:35 PM, Michael Halligan wrote: Periodically after restarting the master (which uses puppet-dashboard as a reporting server and ENC), when an agent tries to run, the agent isn't given any classes, and exits without error, then the master spews out this message: Jul 10 01:32:12 localhost puppet-master[15757]: Compiled catalog for ip-10-36-34-207.ec2.internal in environment --- --- \--- \\\--- \\\--- \\\--- \\\--- \\\--- \\\--- \\\--- \\\--- \\ Any ideas? There's a Millions of slashes storedconfigs bug. On the surface this looks a little similar. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Nigel Kersten Product Manager, Puppet Labs Twitter: @nigelkersten *Join us for **PuppetConf *http://www.bit.ly/puppetconfsig September 22nd and 23rd in Portland, Oregon, USA. * * -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: use puppet to manage user accounts on mysql
Take a look at example42's mysql module. I use it to change the root password and create users for each of my applications. Look at this specifically: https://github.com/example42/puppet-modules/blob/master/mysql/manifests/grant.pp There is also a query define so you can run any query that is possible from the mysql client. -Andrew On Jul 10, 2011 6:27 AM, newguy aimanparv...@gmail.com wrote: Hey I will try to write again what I wanted to say in the first message: Is it possible through puppet that I install mysql and define what would be mysql username, password for that client and also I want to disable root user through puppet, can this be achieved. Thanks On Jul 9, 10:54 pm, Gabriel Filion lelu...@gmail.com wrote: On 11-07-10 12:48 AM, newguy wrote: I have 2 types of clients(developers, users) connecting to my puppet server, puppet installs mysql on both the machines but I want that when its user machine connecting to server the mysql root user is disabled and a user account should be made with a custom password and for developers machine puppet makes a root user with an option to select a password(right now puppet just installs mysql with root user and without asking for any root password), developers should also be able to make a non root account through puppet on mysql. Is this possible with puppet, please help. I'm not entirely sure what the long sentence is asking about, but yes I guess it should be possible. the following module includes custom resource types that could help you out (Mysql_database, Mysql_user, Mysql_grant): https://labs.riseup.net/code/projects/shared-mysql check out 'lib/puppet/type' -- Gabriel Filion -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: use puppet to manage user accounts on mysql
This looks like a good opportunity for the various mysql module authors to all get together and produce one single awesome module :) On Sun, Jul 10, 2011 at 3:49 AM, Andrew Thompson netengr2...@gmail.comwrote: Take a look at example42's mysql module. I use it to change the root password and create users for each of my applications. Look at this specifically: https://github.com/example42/puppet-modules/blob/master/mysql/manifests/grant.pp There is also a query define so you can run any query that is possible from the mysql client. -Andrew On Jul 10, 2011 6:27 AM, newguy aimanparv...@gmail.com wrote: Hey I will try to write again what I wanted to say in the first message: Is it possible through puppet that I install mysql and define what would be mysql username, password for that client and also I want to disable root user through puppet, can this be achieved. Thanks On Jul 9, 10:54 pm, Gabriel Filion lelu...@gmail.com wrote: On 11-07-10 12:48 AM, newguy wrote: I have 2 types of clients(developers, users) connecting to my puppet server, puppet installs mysql on both the machines but I want that when its user machine connecting to server the mysql root user is disabled and a user account should be made with a custom password and for developers machine puppet makes a root user with an option to select a password(right now puppet just installs mysql with root user and without asking for any root password), developers should also be able to make a non root account through puppet on mysql. Is this possible with puppet, please help. I'm not entirely sure what the long sentence is asking about, but yes I guess it should be possible. the following module includes custom resource types that could help you out (Mysql_database, Mysql_user, Mysql_grant): https://labs.riseup.net/code/projects/shared-mysql check out 'lib/puppet/type' -- Gabriel Filion -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Nigel Kersten Product Manager, Puppet Labs Twitter: @nigelkersten *Join us for **PuppetConf *http://www.bit.ly/puppetconfsig September 22nd and 23rd in Portland, Oregon, USA. * * -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] A working firewall module
Among the modules iv tried: https://github.com/puppetlabs/puppetlabs-firewall What was the problem you had with this module? ken. -- Join us for PuppetConf, September 22nd and 23rd in Portland, OR: http://bit.ly/puppetconfsig; -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: A working firewall module
FYI I don't know it it may be useful , but I've done this: https://github.com/example42/puppet-modules/tree/master/iptables which can be used in 2 ways: - a standard iptable-save approach (set $iptables_config = file before to enable it) with rules file defined in https://github.com/example42/puppet-modules/blob/master/iptables/manifests/file.pp (here you have to add source or content arguments to mange it with static files or templates according to your need) - an automatic way (default option when you include the module) that dymanically builds iptables rules according to the modules you include and the iptables related variables you set (see the README) This actually works if you use the Example42 modules (or at least the firewall defines included in each one). It's quite nice to see it working adding or removing dynamically but, I must admin, is a bit resource intensive (a puppet resoutce for each dymanic rule). Regards Al @ Lab42 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/KSn4hF687gQJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: A working firewall module
I have been working on doing something similar to this. We want to abstract for multiple OS's and deal with the joy that is Solaris zones. Essentially, it will be a resource that defines the fw rules in XML and then a script takes all of those definitions and creates a complete set of firewall rules. I am waiting to hear back on our code release policy to see what it takes to release it once I am done. -- cwebber On Jul 10, 2011, at 12:32 PM, Alessandro Franceschi wrote: FYI I don't know it it may be useful , but I've done this: https://github.com/example42/puppet-modules/tree/master/iptables which can be used in 2 ways: - a standard iptable-save approach (set $iptables_config = file before to enable it) with rules file defined in https://github.com/example42/puppet-modules/blob/master/iptables/manifests/file.pp (here you have to add source or content arguments to mange it with static files or templates according to your need) - an automatic way (default option when you include the module) that dymanically builds iptables rules according to the modules you include and the iptables related variables you set (see the README) This actually works if you use the Example42 modules (or at least the firewall defines included in each one). It's quite nice to see it working adding or removing dynamically but, I must admin, is a bit resource intensive (a puppet resoutce for each dymanic rule). Regards Al @ Lab42 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/KSn4hF687gQJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: A working firewall module
Hey Ken, the main issue was that the provider wasn't detecting existing rules but instead kept adding them in, another issue is that the rules aren't persistent (restarting the service clears them out), Alessandro ill check it out thanks! Ronen On Sun, Jul 10, 2011 at 10:38 PM, Christopher Webber kgbbelm...@gmail.comwrote: I have been working on doing something similar to this. We want to abstract for multiple OS's and deal with the joy that is Solaris zones. Essentially, it will be a resource that defines the fw rules in XML and then a script takes all of those definitions and creates a complete set of firewall rules. I am waiting to hear back on our code release policy to see what it takes to release it once I am done. -- cwebber On Jul 10, 2011, at 12:32 PM, Alessandro Franceschi wrote: FYI I don't know it it may be useful , but I've done this: https://github.com/example42/puppet-modules/tree/master/iptables which can be used in 2 ways: - a standard iptable-save approach (set $iptables_config = file before to enable it) with rules file defined in https://github.com/example42/puppet-modules/blob/master/iptables/manifests/file.pp (here you have to add source or content arguments to mange it with static files or templates according to your need) - an automatic way (default option when you include the module) that dymanically builds iptables rules according to the modules you include and the iptables related variables you set (see the README) This actually works if you use the Example42 modules (or at least the firewall defines included in each one). It's quite nice to see it working adding or removing dynamically but, I must admin, is a bit resource intensive (a puppet resoutce for each dymanic rule). Regards Al @ Lab42 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/KSn4hF687gQJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: A working firewall module
Hi Ronen,
Making the rules persistent is a matter of running iptables-save
afterwards. If you drop this in your top scope it should work:
exec { persist-firewall:
command = $operatingsystem ? {
debian = /sbin/iptables /etc/iptables/rules.v4,
/(RedHat|CentOS)/ = /sbin/iptables /etc/sysconfig/iptables,
}
refreshonly = true,
}
Firewall {
notify = Exec[persist-firewall]
}
Can you raise a bug on the other issue about not detecting existing
rules? I'd appreciate being able to see any problematic rules (after
your own scrubbing of course). We'll then be able to try and fix it
for you.
https://github.com/puppetlabs/puppetlabs-firewall/issues
Alessandro's suggestions still hold true about applying firewall rules
with related classes. I'm a big fan of this methodology instead of
having a long list of rules. This is why a firewall type that handles
individual rules is a good approach.
ken.
On Sun, Jul 10, 2011 at 9:54 PM, Ronen Narkis nark...@gmail.com wrote:
Hey Ken, the main issue was that the provider wasn't detecting existing
rules but instead kept adding them in, another issue is that the rules
aren't persistent (restarting the service clears them out),
Alessandro ill check it out thanks!
Ronen
On Sun, Jul 10, 2011 at 10:38 PM, Christopher Webber kgbbelm...@gmail.com
wrote:
I have been working on doing something similar to this. We want to
abstract for multiple OS's and deal with the joy that is Solaris zones.
Essentially, it will be a resource that defines the fw rules in XML and
then a script takes all of those definitions and creates a complete set of
firewall rules.
I am waiting to hear back on our code release policy to see what it takes
to release it once I am done.
-- cwebber
On Jul 10, 2011, at 12:32 PM, Alessandro Franceschi wrote:
FYI
I don't know it it may be useful , but I've done this:
https://github.com/example42/puppet-modules/tree/master/iptables
which can be used in 2 ways:
- a standard iptable-save approach (set $iptables_config = file before
to enable it) with rules file defined in
https://github.com/example42/puppet-modules/blob/master/iptables/manifests/file.pp
(here you have to add source or content arguments to mange it with static
files or templates according to your need)
- an automatic way (default option when you include the module) that
dymanically builds iptables rules according to the modules you include and
the iptables related variables you set (see the README)
This actually works if you use the Example42 modules (or at least the
firewall defines included in each one).
It's quite nice to see it working adding or removing dynamically but, I
must admin, is a bit resource intensive (a puppet resoutce for each dymanic
rule).
Regards
Al @ Lab42
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/KSn4hF687gQJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
Join us for PuppetConf, September 22nd and 23rd in Portland, OR:
http://bit.ly/puppetconfsig;
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Problems In New Pro Puppet Book
I should first say that I'm a complete beginner to Puppet so some of what I saw below could be incorrect. Pro Puppet is a pretty good book so far but it really should have had another editing step to correct the problems I've mentioned below. Here are the problems I've found so far. Some of these are embarrassingly trivial but some are true mistakes. I expect to find more. Jon Forrest -- Pro Puppet Errata M = mistake U = unclear T = typo E = text edit (E) 1) Page 1, first two sentences. configuration - configurations (U) 2) Page 2, and the host itself is defined as a node. What host? I suggest removing this. (M) 3) Page 2, Each agent can run Puppet as a daemon via a mechanism such as cron, or can be manually triggered. Running something via cron doesn't run it as a daemon. (E) 4) Page 4, ... Puppet uses a tool called Facter to return information about the that agent ... = ... Puppet uses a tool called Facter to return information about the host the agent is running on ... This problem also occurs on Page 5. In fact, in one place on Page 5 this is stated in the way I suggest, e.g. ... to apply each resource to your host. (U) 5) Page 5, ... knowing the IP address of a host allows us to configure networking on that host. This isn't a great example because it's probably true that if a host has an IP address then networking has already been configured. (M) 6) Page 7, ... the master needs to be a later release than the agents. = ... the master needs to be the same or a later release than the agents. (E) 7) Page 7, ... Puppet manages a variety of configuration items ... = ... Puppet manages a variety of resources ... (E) 8) Page 8, Sometimes the first person singular is used, and sometimes the first person plural is used. (E) 9) Page 9, If there's another edition of this book, I recommend removing sections about OpenSolaris. (E) 10) Page 11, ... Puppet's configuration will be located ... = ... the Puppet master and agent configuration will be located ... (E) 11) Page 11, ... and is stored at ... = ... and is stored in ... (U) 12) Page 12, All components of Puppet will set I recommend removing this sentence since we don't yet know what the components of Puppet are. (M) 13) Page 13, A DNS CNAME can't be added to a /etc/hosts file. What you're showing is adding an alias. Also, both an alias and a CNAME wouldn't be added. Only one or the other should be added. (E) 14) Page 13, Once we've configured appropriate DNS ... = Once you've configured your DNS ... (E) 15) Page 13, ... which holds the basics of the configuration ... = ... which holds the configuration ... (E) 16) Page 13, We'll add some configuration to the file ... = We'll add some resources to the file ... (M) 17) Page 14, ... your client must be able to route and connect ... = ... your client must be able to connect Clients generally don't route. (E) 18) Page 15, ... for your master and ... = ... for your master, and ... There are other occurrences of this throughout the book. (T) 19) Page 17, ... time in seconds or o to not wait ... = ... time in seconds or 0 to not wait ... (U) 20) Page 18, (and elsewhere) You should be more consistent in using agent and client. (U) 21) Page 19, ... for each agent we connect ... = ... for each agent we connect to the Puppet master ... (T) 22) Page 19, The import statement ... = The import statements ... (U) 23) Page 19, ... configuration statements starting with a dollar sign are variables. This is misleading. The statements aren't variables. The statements contain variables whose names start with dollar signs. (T) 24) Page 20, ... specifies a collection of configuration ... = ... specifies a collection of configurations ... (U) 25) Page 20, I suggest that you explain the difference between the import directive and the include directive. (M) 25.1 Page 21, You show a directive called moduledir. Shouldn't this be modulepath? (U) 26) Page 22, You should say more about what a class is before using one in an example. (E) 27) Page 22, ... should install ... = ... will install ... (E) 28) Page 23, ... would rely ... = ... rely ... (C) 29) Page 24, You should mention that the the modulepath path, as shown on page 21, is used as the initial directory in which the modules directory is searched. (C) 30) Page 30, It's unclear to say the Puppet software is called the agent. In fact, in the Installing Puppet paragraph, you correctly say to install the master and agent. (C) 31) Page 30, Puppet calls the definition of the host itself a 'node' = Puppet uses the term 'node' to refer to a host. (M) 32) Page 34, There's a missing right curly bracket in the ssh_server definition. Plus, the wording of the paragraph below that definition is backwards. The ssh class comes before the ssh_server class. (C) 33) Page 36, The included function adds This is the first time you've used the term function anywhere. You should define a term the first time it's used. (T) 34) Page
[Puppet Users] passenger 3.0.7 and puppet function
Hi, I am using passenger 3.0.7, Apache from RHEL5U6, and Puppet 2.6.9-1. After change certain puppet function content, I have to restart Apache in order for puppet client to see the change. Is this a known issue? Thanks, Hai -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] puppet should return non-zero when exec failed
When there is an error in exec resource, puppet command also returns zero. -- System Administrator, Focus on System Management and Basic Development -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: puppet should return non-zero when exec failed
Oh, i found --detailed-exitcodes here: http://projects.puppetlabs.com/issues/5859 2011/7/11 flex frostyn...@gmail.com When there is an error in exec resource, puppet command also returns zero. -- System Administrator, Focus on System Management and Basic Development -- System Administrator, Focus on System Management and Basic Development -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Problems In New Pro Puppet Book
Jon Forrest wrote: I should first say that I'm a complete beginner to Puppet so some of what I saw below could be incorrect. Pro Puppet is a pretty good book so far but it really should have had another editing step to correct the problems I've mentioned below. Thanks for the feedback. Better to send it to the publisher than sending it here - they can actually act on Errata. http://www.apress.com/9781430230571 Thanks again James Turnbull -- James Turnbull Puppet Labs 1-503-734-8571 Join us for PuppetConf http://www.bit.ly/puppetconfsig, September 22nd and 23rd in Portland, Oregon, USA. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
