[Puppet Users] Requiring types in other classes
Hi, Sorry if this is a basic question, but I can't find the answer in the docs. I know about fully-qualified variables, but how can I reference a type that is defined in a different class, so I can require/subscribe it? In this simple example, what's the right syntax for making goodbye.txt require hello.txt? class class1 { file { hello.txt } } class class2 { file { goodbye.txt: require = File['hello.txt'], } } Thanks, Jonathan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Requiring types in other classes
On 08/24/2011 11:54 AM, Jonathan Gazeley wrote: Hi, Sorry if this is a basic question, but I can't find the answer in the docs. I know about fully-qualified variables, but how can I reference a type that is defined in a different class, so I can require/subscribe it? In this simple example, what's the right syntax for making goodbye.txt require hello.txt? class class1 { file { hello.txt } } class class2 { file { goodbye.txt: require = File['hello.txt'], } } Thanks, Jonathan class class1 { file { hello: path = 'hello.txt', } } class class2 { file { goodbye: path = 'goodbye.txt', require = File[class1::hello], } } (untested!) -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Random error in the recovery catalog
Does anyone have an idea? Thanks you On 16 août, 10:42, ji...@goffaux.fr ji...@goffaux.fr wrote: Hello, I just set up Puppet / Passenger by following the documentation. For servers already authenticated key I do not encounter problems, but for new I have these errors: -- root@server2:~# puppetd --test --no-daemonize warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session info: Creating a new SSL certificate request for server2.fqdn info: Certificate Request fingerprint (md5): F1:2E:F6:D6:8C:B3:F6:6B:D2:4B:C4:72:1C:E4:24:D9 warning: peer certificate won't be verified in this SSL session err: Could not request certificate: Error 405 on SERVER: !DOCTYPE HTML PUBLIC -//IETF//DTD HTML 2.0//EN htmlhead title405 Method Not Allowed/ title / headbody h1Method Not Allowed/ h1 pThe requested method PUT is not allowed for the URL /production/ certificate_request/server2.fqdn./ p hr addressApache/2.2.9 (Debian) DAV/2 SVN/1.5.1 Phusion_Passenger/3.0.7 mod_ssl/2.2.9 OpenSSL/0.9.8g Server at puppetmaster.fqdn Port 8140/ address /body/ html Exiting; failed to retrieve certificate and waitforcert is disabled root@server2:~# --- Also, I get a new type of error by mail: --- Tue Aug 16 15:52:08 +0200 2011 //server1.fqdn/Puppet (err): Could not retrieve catalog from remote server: Error 414 on SERVER: !DOCTYPE HTML PUBLIC -//IETF//DTD HTML 2.0//EN htmlhead title414 Request-URI Too Large/title /headbody h1Request-URI Too Large/h1 pThe requested URL's length exceeds the capacity limit for this server.br / /p hr addressApache/2.2.9 (Debian) DAV/2 SVN/1.5.1 Phusion_Passenger/3.0.7 mod_ssl/2.2.9 OpenSSL/0.9.8g Server at PUPPETMASTER.fqdn Port 8140/ address /body/html Tue Aug 16 15:52:08 +0200 2011 //server1.fqdn/Puppet (notice): Using cached catalog Tue Aug 16 15:52:08 +0200 2011 //server1.fqdn/Puppet (err): Could not retrieve catalog; skipping run I have set the variable: --- PassengerMaxRequests 1 --- But I doubt that this impact on this error. Again, thank you! Jimmy On 26 juil, 14:33, ji...@goffaux.fr ji...@goffaux.fr wrote: Passenger is already installed, but was not configured to Puppet. I will do the migration and I will return here. Thank you! On 25 juil, 17:21, Peter Meier peter.me...@immerda.ch wrote: I have about 130 customer puppet. I left the default time interval. Are you still running with default webrick on the puppetmaster? (If you didn't change anything, then yes you are). If yes, it's time to scale out and use either a Mongrel or Passenger-based Setup:http://projects.puppetlabs.com/projects/puppet/wiki/Using_Passenger ~pete -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Random error in the recovery catalog
I'm not going to be of much help but I also get your first error message from time to time and it goes away without having me do anything. I'm talking about this one : err: /File[/var/lib/puppet/lib]: Could not evaluate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed Could not retrieve file metadata for puppet://PUPPETMASTER.fqdn/plugins: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed I think this may be due to the fact that by default Puppet runs with webrick (please correct me if I'm wrong) or something similar which can only process requests one at a time. Kind of like if this was some sort of disguised timeout. I have not tried to run Puppet with Passenger so I can't confirm this. Antoine On Wed, Aug 24, 2011 at 12:19 PM, ji...@goffaux.fr ji...@goffaux.fr wrote: Does anyone have an idea? Thanks you On 16 août, 10:42, ji...@goffaux.fr ji...@goffaux.fr wrote: Hello, I just set up Puppet / Passenger by following the documentation. For servers already authenticated key I do not encounter problems, but for new I have these errors: -- root@server2:~# puppetd --test --no-daemonize warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session info: Creating a new SSL certificate request for server2.fqdn info: Certificate Request fingerprint (md5): F1:2E:F6:D6:8C:B3:F6:6B:D2:4B:C4:72:1C:E4:24:D9 warning: peer certificate won't be verified in this SSL session err: Could not request certificate: Error 405 on SERVER: !DOCTYPE HTML PUBLIC -//IETF//DTD HTML 2.0//EN htmlhead title405 Method Not Allowed/ title / headbody h1Method Not Allowed/ h1 pThe requested method PUT is not allowed for the URL /production/ certificate_request/server2.fqdn./ p hr addressApache/2.2.9 (Debian) DAV/2 SVN/1.5.1 Phusion_Passenger/3.0.7 mod_ssl/2.2.9 OpenSSL/0.9.8g Server at puppetmaster.fqdn Port 8140/ address /body/ html Exiting; failed to retrieve certificate and waitforcert is disabled root@server2:~# --- Also, I get a new type of error by mail: --- Tue Aug 16 15:52:08 +0200 2011 //server1.fqdn/Puppet (err): Could not retrieve catalog from remote server: Error 414 on SERVER: !DOCTYPE HTML PUBLIC -//IETF//DTD HTML 2.0//EN htmlhead title414 Request-URI Too Large/title /headbody h1Request-URI Too Large/h1 pThe requested URL's length exceeds the capacity limit for this server.br / /p hr addressApache/2.2.9 (Debian) DAV/2 SVN/1.5.1 Phusion_Passenger/3.0.7 mod_ssl/2.2.9 OpenSSL/0.9.8g Server at PUPPETMASTER.fqdn Port 8140/ address /body/html Tue Aug 16 15:52:08 +0200 2011 //server1.fqdn/Puppet (notice): Using cached catalog Tue Aug 16 15:52:08 +0200 2011 //server1.fqdn/Puppet (err): Could not retrieve catalog; skipping run I have set the variable: --- PassengerMaxRequests 1 --- But I doubt that this impact on this error. Again, thank you! Jimmy On 26 juil, 14:33, ji...@goffaux.fr ji...@goffaux.fr wrote: Passenger is already installed, but was not configured to Puppet. I will do the migration and I will return here. Thank you! On 25 juil, 17:21, Peter Meier peter.me...@immerda.ch wrote: I have about 130 customer puppet. I left the default time interval. Are you still running with default webrick on the puppetmaster? (If you didn't change anything, then yes you are). If yes, it's time to scale out and use either a Mongrel or Passenger-based Setup: http://projects.puppetlabs.com/projects/puppet/wiki/Using_Passenger ~pete -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] 2.7.1 slowness?
On Tue, 2011-08-23 at 11:00 -0700, Digant C Kasundra wrote: Is anyone else noticing slowness with 2.7.1? When I run puppet on my 2.6.8 box, it takes 11 seconds. On my second box with exactly the same catalog, it takes 35 seconds. Is the problem while compiling catalog (ie the master) or when applying it (ie puppet agent)? If the later, can you report what --summarize gives you on both host? -- Brice Figureau Follow the latest Puppet Community evolutions on www.planetpuppet.org! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] puppet-dashboard doesn't connect to inventory service
hello, I am using puppet-dashboard 1.1 with puppet 2.7.3 I have followed the instructions in the dashboard manual http://docs.puppetlabs.com/dashboard/manual/1.2/configuring.html http://docs.puppetlabs.com/guides/inventory_service.html I can query the inventory service successfully using curl but puppet dashboard doesn't show any of my nodes. I am running puppet on passenger and see no Any ideas? Here is the output I see in puppet-dashboard's webrick session. As far as I can tell, dashboard isn't querying the inventory service at all. Perhaps my version of dashboard is too old Processing NodesController#index (for 168.202.35.194 at 2011-08-24 08:20:49) [GET] Parameters: {action=index, controller=nodes} Node Load (0.2ms) SELECT * FROM `nodes` Rendering template within layouts/application Rendering nodes/index SQL (0.2ms) SELECT count(*) AS count_all FROM `nodes` WHERE (`nodes`.`hidden` = 0) Node Load (0.2ms) SELECT * FROM `nodes` WHERE ((nodes.status != 'failed' AND nodes.last_apply_report_id is not NULL) AND (`nodes`.`hidden` = 0)) Node Load (0.2ms) SELECT * FROM `nodes` WHERE ((nodes.status = 'failed' AND nodes.last_apply_report_id is not NULL) AND (`nodes`.`hidden` = 0)) Node Load (0.3ms) SELECT `nodes`.* FROM `nodes` INNER JOIN `reports` ON reports.node_id = nodes.id WHERE ((reports.kind = 'apply' AND reports.status != 'failed') AND (`nodes`.`hidden` = 0)) GROUP BY nodes.id Node Load (0.2ms) SELECT `nodes`.* FROM `nodes` INNER JOIN `reports` ON reports.node_id = nodes.id WHERE ((reports.kind = 'apply' AND reports.status = 'failed') AND (`nodes`.`hidden` = 0)) GROUP BY nodes.id SQL (0.1ms) SELECT count(*) AS count_all FROM `nodes` WHERE ((`nodes`.`reported_at` IS NULL AND `nodes`.`hidden` = 0)) SQL (0.2ms) SELECT count(*) AS count_all FROM `nodes` WHERE ((`nodes`.`hidden` = 0) AND (reported_at '2011-08-24 05:20:49')) SQL (0.1ms) SELECT count(*) AS count_all FROM `nodes` WHERE (`nodes`.`hidden` = 1) NodeClass Load (0.2ms) SELECT node_classes.*, count(nodes.id) as nodes_count FROM `node_classes` LEFT OUTER JOIN node_class_memberships ON ( node_classes.id = node_class_memberships.node_class_id) LEFT OUTER JOIN nodes ON (nodes.id = node_class_memberships.node_id) GROUP BY node_classes.id ORDER BY name ASC Rendered shared/_node_manager_sidebar_for_type (1.8ms) NodeGroup Load (0.2ms) SELECT node_groups.*, count(nodes.id) as nodes_count FROM `node_groups` LEFT OUTER JOIN node_group_memberships ON ( node_groups.id = node_group_memberships.node_group_id) LEFT OUTER JOIN nodes ON (nodes.id = node_group_memberships.node_id) GROUP BY node_groups.id ORDER BY name ASC Rendered shared/_node_manager_sidebar_for_type (1.7ms) Rendered shared/_node_manager_sidebar (17.3ms) Rendered nodes/_search (1.1ms) SQL (0.2ms) SELECT count(DISTINCT `nodes`.id) AS count_all FROM `nodes` LEFT OUTER JOIN `reports` ON `reports`.id = `nodes`.last_apply_report_id WHERE (`nodes`.`hidden` = 0) Rendered statuses/_run_failure (1.7ms) Node Load (0.2ms) SELECT * FROM `nodes` WHERE (`nodes`.`hidden` = 0) ORDER BY reported_at DESC LIMIT 1 Node Load (0.2ms) SELECT * FROM `nodes` WHERE (`nodes`.`hidden` = 0) ORDER BY reported_at DESC LIMIT 0, 20 Rendered nodes/_nodes (3.2ms) Rendered shared/_global_nav (1.4ms) Completed in 30ms (View: 26, DB: 3) | 200 OK [ http://hqlprrepo01.hq.un.fao.org/nodes] here is my config/settings.yml, i have put x's in my server name #===[ Settings ]= # # This file is meant for storing setting information that is never # published or committed to a revision control system. # # Do not modify this config/settings.yml.example file directly -- you # should copy it to config/settings.yml and customize it there. # #---[ Values ]-- # Node name to use when contacting the puppet master. This is the # CN that is used in Dashboard's certificate. cn_name: 'dashboard' ca_crl_path: 'certs/dashboard.ca_crl.pem' ca_certificate_path: 'certs/dashboard.ca_cert.pem' certificate_path: 'certs/dashboard.cert.pem' private_key_path: 'certs/dashboard.private_key.pem' public_key_path: 'certs/dashboard.public_key.pem' # Hostname of the certificate authority. ca_server: '...org' # Port for the certificate authority. ca_port: 8140 # Key length for SSL certificates key_length: 1024 # The inventory service allows you to connect to a puppet master to retrieve and node facts enable_inventory_service: true # Hostname of the inventory server. inventory_server: 'xxx..org' # Port for the inventory server. inventory_port: 8140 # Set this to true to allow Dashboard to display diffs on files that # are archived in the file bucket. use_file_bucket_diffs: false # Hostname of the file bucket server. file_bucket_server: '..org' # Port for the file bucket server. file_bucket_port: 8140 -- You received this message because you are subscribed to the
[Puppet Users] has class been included
I am hoping someone can give me a pointer in the right direction here. I am a bit stuck with this one. I have this sort of set up in my Puppet 2.6.4 server. class foo{ #if defined( Class[“ type-server-b”] ) { # include tuning-module #} include apache include mysql # more modules } node 'server1.fqdn' inherits type-server-a { include foo } node 'server2.fqdn' inherits type-server-b { include foo } What I would like to be able to do would be to do is to see if either “type-server-a” or “type-server-b” was inherited from my nodes definition. I experimented with the “defined” function, but this isn't really designed for that I am trying to do here. Is there a way of being able to check if a module has been included in the catalogue evaluation that puppet is currently running? The only other way I could think of was to create a variable in “type- server-a” and “type-server-b” and to check its value in class foo, this just didn’t seem like an overly elegant way of doing it. Is there a better way of doing this, assuming its possible at all? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Requiring types in other classes
On 24/08/11 11:13, Martin Alfke wrote: On 08/24/2011 11:54 AM, Jonathan Gazeley wrote: Hi, Sorry if this is a basic question, but I can't find the answer in the docs. I know about fully-qualified variables, but how can I reference a type that is defined in a different class, so I can require/subscribe it? In this simple example, what's the right syntax for making goodbye.txt require hello.txt? class class1 { file { hello.txt } } class class2 { file { goodbye.txt: require = File['hello.txt'], } } Thanks, Jonathan class class1 { file { hello: path = 'hello.txt', } } class class2 { file { goodbye: path = 'goodbye.txt', require = File[class1::hello], } } (untested!) Hmm, this is what I tried before mailing the list, and I still can't get it to work. If it makes any difference, my classes are nested. mysql::mmm::common mysql::mmm::agent class mysql::mmm::agent { include mysql::mmm::common package { mysql-mmm-agent: ensure = installed, } file {mmm_agent.conf: name = /etc/mysql-mmm/mmm_agent.conf, mode = 640, owner = root, group = root, content = template(/etc/puppet/modules/mysql/files/mmm_agent.conf.erb), require = Package[mysql-mmm-agent], notify = Service[mysql-mmm-agent], } service {mysql-mmm-agent: require = [ Package['mysql-mmm-agent'], File['mmm_agent.conf', 'mmm_common.conf'], ], ensure = running, enable = true, hasstatus = true, hasrestart = true, subscribe = File[common::mmm_common.conf, 'mmm_agent.conf'], } } class mysql::mmm::common { package { mysql-mmm: ensure = installed, } file { mmm_common.conf: name = /etc/mysql-mmm/mmm_common.conf, mode = 640, owner = root, group = root, source = puppet:///modules/mysql/mmm_common.conf, require = Package[mysql-mmm], } } Using this manifest throws this error: err: Could not run Puppet configuration client: Could not find dependency File[mysql::mmm::common::mmm-common.conf] for Service[mysql-mmm-agent] at /etc/puppet/modules/mysql/manifests/init.pp:159 Any ideas? Thanks, Jonathan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Requiring types in other classes
On Aug 24, 4:54 am, Jonathan Gazeley jonathan.gaze...@bristol.ac.uk wrote: Hi, Sorry if this is a basic question, but I can't find the answer in the docs. I know about fully-qualified variables, but how can I reference a type that is defined in a different class, so I can require/subscribe it? In this simple example, what's the right syntax for making goodbye.txt require hello.txt? class class1 { file { hello.txt } } class class2 { file { goodbye.txt: require = File['hello.txt'], } } The word you are looking for is resource, not type. The latter is more likely to make people think of user-defined resource types, such as are declared via the define statement. The answer is that resource titles and names are global (and must be globally unique) in nodes' catalogs, therefore you don't have to use any special syntax to reference a resource from outside the scope where it is declared. You do, however, need to ensure that the declaration is visible at the point of reference. As long as you're not using parameterized classes, the best way to do that is via the include statement, like so: class class1 { file { hello.txt } } class class2 { # Include the class declaring File['hello.txt'] include class1 file { goodbye.txt: require = File['hello.txt'] } } Do remember that Puppet's include statement is *not* analogous to, for example, the C peprocessor's #include directive. It does not cause any code interpolation; instead, include tells Puppet that the specified class must be included in the current node's catalog. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Requiring types in other classes
On 24/08/11 14:09, jcbollinger wrote: On Aug 24, 4:54 am, Jonathan Gazeleyjonathan.gaze...@bristol.ac.uk wrote: Hi, Sorry if this is a basic question, but I can't find the answer in the docs. I know about fully-qualified variables, but how can I reference a type that is defined in a different class, so I can require/subscribe it? In this simple example, what's the right syntax for making goodbye.txt require hello.txt? class class1 { file { hello.txt } } class class2 { file { goodbye.txt: require = File['hello.txt'], } } The word you are looking for is resource, not type. The latter is more likely to make people think of user-defined resource types, such as are declared via the define statement. The answer is that resource titles and names are global (and must be globally unique) in nodes' catalogs, therefore you don't have to use any special syntax to reference a resource from outside the scope where it is declared. You do, however, need to ensure that the declaration is visible at the point of reference. As long as you're not using parameterized classes, the best way to do that is via the include statement, like so: class class1 { file { hello.txt } } class class2 { # Include the class declaring File['hello.txt'] include class1 file { goodbye.txt: require = File['hello.txt'] } } Do remember that Puppet's include statement is *not* analogous to, for example, the C peprocessor's #include directive. It does not cause any code interpolation; instead, include tells Puppet that the specified class must be included in the current node's catalog. John Thanks for your excellent response. I hadn't realised that resource names were global, nor that include behaves differently from that of the C preprocessor. Win on both counts - I've got my manifest working. Thanks a lot, Jonathan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Difference between include and require
On Aug 23, 12:51 pm, Douglas Garstang doug.garst...@gmail.com wrote: Can someone please succinctly explain to me the difference between include and require? The 'require' function (not to be confused with the 'require' resource metaparameter) does everything that 'include' does, plus adds a class- level dependency. Thus, this: class foo { require 'bar' } is equivalent to this: class foo { include 'bar' } Class['bar'] - Class['foo'] To put it another way, 'include' affects only catalog compilation, whereas 'require' affects both compilation by the master and application by the agent. The documentation implies that simply putting 'require class' at the top of a different class automatically means that class is fully implemented as a dependency. I'm not sure what you mean by that However, it doesn't seem to work that way. Also, I'm not seeing a situation where the use of include seems to be automatically resolving dependancies. This is puppet 0.25.5. I can't really offer any advice based on that description of the problem. Can you provide an example that demonstrates it? John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Difference between include and require
On Aug 23, 12:53 pm, David Kavanagh dkavan...@gmail.com wrote: It seems there's a problem including a class multiple times. By stating that one class requires another, you formalize the dependency, but don't actually have an include. What you do then is to include the class in your main implementation which uses that class. That way, if you have several classes that depend on one other class, it is included once at the top level, but used many places (where it is required). Is that as clear as I think it is? Not to me. To the extent that I understand what you're saying, it doesn't sound right. The 'require' function does everything that 'include' does (and then some), so using 'require' vs. 'include' does nothing to address any problems with multiple inclusion. Furthermore, the issues with multiple inclusion are sufficiently mild that my preferred coding practice is to rely on including classes everywhere they are needed. To my knowledge, multiple inclusion is problematic only in these cases: 1) When the included class uses a variable resolved via dynamic scoping, and that variable may be resolved differently at different points of inclusion. That doesn't bother me much, because if ever that happens then it reflects a design error in the manifests anyway. There are alternative, better ways to feed data to your classes than dynamically scoped variables. 2) When the class to 'include' is parameterized (but I consider this more a flaw in the design of the parameterized class framework than in the 'include' function). John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Parameterized classes vs defined-types
On Aug 23, 1:00 pm, Digant C Kasundra dig...@stanford.edu wrote: Out of curiosity, how are people using parameterized classes in a way that is distinct from defined-types? snarkI am _using_ defined types, that's how./snark Although I disfavor parameterized classes and do not use them, the pattern of my usage of defined types could not be implemented via parameterized classes. In particular, I typically do not define a type unless I plan to instantiate it multiple times for the same node. You cannot do that with parameterized classes. If you have an OO background then the words class and type may have connotations and implied similarity for you that just don't apply in Puppet. Puppet classes are not types in the type theory sense. Defined types are closer to that, but it may help to use a fuller name when you think about them: defined *resource* types. Classes, parameterized or not, are not resource types; rather, they are resource _collections_. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Odd certificate problem
Hi, I just upgrade my puppet server from version 2.6.7 to 2.7.3 and now I can't connect new clients. When trying to connect the clients I'm denied with the following error message: err: Could not request certificate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed. This is often because the time is out of sync on the server or client Now I have been checking time settings on both servers and they are in sync. (I syncronized them against the same ntp server.) Then I checked the masterhttp.log and there is this: [2011-08-24 12:46:37] ERROR OpenSSL::SSL::SSLError: SSL_accept returned=1 errno=0 state=SSLv3 read client certificate A: tlsv1 alert unknown ca /usr/local/lib/ruby/site_ruby/1.9/puppet/network/http/webrick.rb:44:in `accept' /usr/local/lib/ruby/site_ruby/1.9/puppet/network/http/webrick.rb:44:in `block (3 levels) in listen' /usr/local/lib/ruby/1.9/webrick/server.rb:183:in `call' /usr/local/lib/ruby/1.9/webrick/server.rb:183:in `block in start_thread' So. I decided to clear out the ssl directory and start over. The local agents certificate is signed as it should and can connect and apply the configuration. On client that can't connect I also tried to clear out the ssl directory to make it create a new request but without any luck. Does anyone have an idea for me how to get on? Regards /Martin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Secure Certification Authority Transfer
Hello, We are attempting to set up a completely secure puppet based system. Puppet's encrypted communications between the master and the client is ideal, but its client joining and certificate transfer mechanism is not. The client certificate request and signed certificate response is vulnerable to man-in-the-middle attacks since the CA is not verified. As such we are manually transferring the client certificates and CA to the client from the master to avoid this problem. Our question is, is there a way to force clients to verify the connection against the ca certificate, and if that is not possible for whatever reason then fail. The default behavior is to verify the certificate and fail, except when the CA certificate is missing on the client at which point the client simply (insecurely) downloads it from the master, compromising the entire security chain. We would like a system which could not be compromised by the removal of a file from a client coupled with a man-in-the-middle attack. Does anyone know of any magic force secure connections options or similar? Thanks -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] handy tip against unhelpful Could not intern from pson error
Not sure if people are already aware of this, but it might save someone some time in the future. I've been tracking down the following error today, it's rather unhelpful in telling you where the problem is in your manifests: # puppetd --test info: Retrieving plugin err: Could not retrieve catalog from remote server: Could not intern from pson: Could not convert from pson: Could not find relationship target Service[] The problem is the parser using an empty string as a resource name which I arrived at by using a variable inside double quotes for a resource declaration. I did this for style (or have been until now) - I like to have user defined strings in quotes so it easily distinguishes between them and puppet keywords, plus for syntax highlighting, etc. Turns out this personal preference has shot me in the foot as the difference between the error messages for an empty string versus an undefined variable is rather big. See this unhelpful message: $service_name = httpd service { $servicename: ensure = running } err: Could not retrieve catalog from remote server: Could not intern from pson: Could not convert from pson: Could not find relationship target Service[] versus this: $service_name = httpd service { $servicename: ensure = running } err: /Stage[main]/Puppet_dashboard::Service/Service[undef]/ensure: change from stopped to running failed: Could not start Service[undef]: Execution of '/sbin/service undef start' returned 1: at /etc/puppet/ environments/testing/modules/httpd/manifests/service.pp:26 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] handy tip against unhelpful Could not intern from pson error
I can't see any difference between your two examples. Typo? - henrik On 8/24/11 5:23 PM, Luke Bigum wrote: Not sure if people are already aware of this, but it might save someone some time in the future. I've been tracking down the following error today, it's rather unhelpful in telling you where the problem is in your manifests: # puppetd --test info: Retrieving plugin err: Could not retrieve catalog from remote server: Could not intern from pson: Could not convert from pson: Could not find relationship target Service[] The problem is the parser using an empty string as a resource name which I arrived at by using a variable inside double quotes for a resource declaration. I did this for style (or have been until now) - I like to have user defined strings in quotes so it easily distinguishes between them and puppet keywords, plus for syntax highlighting, etc. Turns out this personal preference has shot me in the foot as the difference between the error messages for an empty string versus an undefined variable is rather big. See this unhelpful message: $service_name = httpd service { $servicename: ensure = running } err: Could not retrieve catalog from remote server: Could not intern from pson: Could not convert from pson: Could not find relationship target Service[] versus this: $service_name = httpd service { $servicename: ensure = running } err: /Stage[main]/Puppet_dashboard::Service/Service[undef]/ensure: change from stopped to running failed: Could not start Service[undef]: Execution of '/sbin/service undef start' returned 1: at /etc/puppet/ environments/testing/modules/httpd/manifests/service.pp:26 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: facter identifies Oracle Linux 6.1 as 'RedHat'
On Tue, Aug 23, 2011 at 4:18 PM, Avi Miller avi.mil...@gmail.com wrote: I've added an issue for this on the Puppet Labs site[1] and submitted a patch via GitHub to determine OracleLinux properly from 5 Update 6 and 6. This adds OracleLinux as an operatingsystem. Should we still use OEL? If we change the the value to OracleLinux, besides manifests changes, we also need to update types and provider that are currently configured to :confine(OEL). Thanks, Nan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: handy tip against unhelpful Could not intern from pson error
Cheers, that'll teach me to cut and paste ;) The second example's resource name should be without quotes, so: $service_name = httpd service { $servicename: ensure = running } err: /Stage[main]/Puppet_dashboard::Service/Service[undef]/ensure: change from stopped to running failed: Could not start Service[undef]: Execution of '/sbin/service undef start' returned 1: at /etc/puppet/ environments/testing/modules/httpd/manifests/service.pp:26 On Aug 24, 5:12 pm, Henrik Lindberg henrik.lindb...@cloudsmith.com wrote: I can't see any difference between your two examples. Typo? - henrik On 8/24/11 5:23 PM, Luke Bigum wrote: Not sure if people are already aware of this, but it might save someone some time in the future. I've been tracking down the following error today, it's rather unhelpful in telling you where the problem is in your manifests: # puppetd --test info: Retrieving plugin err: Could not retrieve catalog from remote server: Could not intern from pson: Could not convert from pson: Could not find relationship target Service[] The problem is the parser using an empty string as a resource name which I arrived at by using a variable inside double quotes for a resource declaration. I did this for style (or have been until now) - I like to have user defined strings in quotes so it easily distinguishes between them and puppet keywords, plus for syntax highlighting, etc. Turns out this personal preference has shot me in the foot as the difference between the error messages for an empty string versus an undefined variable is rather big. See this unhelpful message: $service_name = httpd service { $servicename: ensure = running } err: Could not retrieve catalog from remote server: Could not intern from pson: Could not convert from pson: Could not find relationship target Service[] versus this: $service_name = httpd service { $servicename: ensure = running } err: /Stage[main]/Puppet_dashboard::Service/Service[undef]/ensure: change from stopped to running failed: Could not start Service[undef]: Execution of '/sbin/service undef start' returned 1: at /etc/puppet/ environments/testing/modules/httpd/manifests/service.pp:26 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Upgrading 0.25.4
All, Can someone give me some ideas as to, or point me to where I can find documentation on the issues I may have upgrading puppet from 0.25.4 to the latest? Also, the server is using passenger, and I know there's a whole lot of magic voodoo that has to happen to make sure that the version numbers of all the bits are compatible. Doug -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Parameterized classes vs defined-types
On 8/24/11 3:46 PM, jcbollinger wrote: If you have an OO background then the words class and type may have connotations and implied similarity for you that just don't apply in Puppet. Puppet classes are not types in the type theory sense. Defined types are closer to that, but it may help to use a fuller name when you think about them: defined *resource* types. Classes, parameterized or not, are not resource types; rather, they are resource _collections_. I find it helps me to think of classes as *host*-class = a type of host classification (i.e. like measurements Weight and Height) - it is nonsensical to classify it multiple times e.g size = big, size = small, at best it would be redundant (size = big, size = big) to classify a host with the same puppet class multiple times (but I think that special case is also flagged as an error - which it should because the structure is clearly wrong). Please correct me if I am wrong - I am also learning puppet. - henrik -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Release tarball spec file
I know this is a crazy request, but I was kind of wondering why it was so hard for Puppet Labs to maintain the RPM spec file that comes contained in the release tarball, so that modifications weren't required to actually get it to build. Crazy huh? For example, the SPEC file contains this... Version:2.7.2 Release:0.2.rc1%{?dist} but the release is 2.7.3. Also 'rc1' is hard coded in several places, and so forth. Doug -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] setting facts in dashboard
I'd like to set some values in the dashboard that would apply to a bunch of nodes. I'm thinking the best way is if those things become facts. Then, I'd just have puppet scripts that look for those things (update config files and restart services). Can facts be set in the dashboard? If so, I'm not seeing it. Or, is there a better way to accomplish what I'm talking about? David -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] 2.7.1 slowness?
- Original Message - On Tue, 2011-08-23 at 11:00 -0700, Digant C Kasundra wrote: Is anyone else noticing slowness with 2.7.1? When I run puppet on my 2.6.8 box, it takes 11 seconds. On my second box with exactly the same catalog, it takes 35 seconds. Is the problem while compiling catalog (ie the master) or when applying it (ie puppet agent)? If the later, can you report what --summarize gives you on both host? I think it might not even be in the run but might be in some of the post run activities (like reporting maybe?) Here is what I have: A 2.6 puppet client running against a 2.6 puppetmaster: info: Retrieving plugin info: Caching catalog for jimhenson1.stanford.edu info: Applying configuration version '1314209976' notice: Finished catalog run in 9.75 seconds Changes: Events: Resources: Total: 1188 Time: Filebucket: 0.00 Resources: 0.00 K5login: 0.00 Schedule: 0.00 User: 0.02 Service: 0.32 Package: 1.24 Exec: 1.99 Total: 12.92 Last run: 1314209992 File: 3.21 Config retrieval: 6.14 A 2.7 puppet client running against a 2.7 puppetmaster (identical catalog, essentially): info: Retrieving plugin info: Connecting to sqlite3 database: /var/lib/puppet/state/clientconfigs.sqlite3 info: Caching catalog for jimhenson4.stanford.edu info: Applying configuration version '1314209977' notice: Finished catalog run in 37.02 seconds Changes: Events: Resources: Total: 1193 Skipped: 6 Time: Filebucket: 0.00 Resources: 0.00 K5login: 0.00 User: 0.02 Service: 0.40 Package: 0.91 Exec: 1.84 Total: 13.40 Last run: 1314210022 File: 2.85 Config retrieval: 7.38 When I run a 2.6 client against the a 2.6 master and 2.7 master, I don't seem to notice any difference at all, however. Weird. -- Digant C Kasundra dig...@stanford.edu Infrastructure Systems Software Developer, ITS:IDG, Stanford University -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Release tarball spec file
On Wed, Aug 24, 2011 at 10:16 AM, Douglas Garstang doug.garst...@gmail.com wrote: I know this is a crazy request, but I was kind of wondering why it was so hard for Puppet Labs to maintain the RPM spec file that comes contained in the release tarball, so that modifications weren't required to actually get it to build. Crazy huh? https://projects.puppetlabs.com/issues/9016 was raised on this issue as well. See my comments in the ticket. The basic premise is that I'd like to remove all packaging content from Puppet as a project. The packaging content is not what upstream is. Puppet is released as a tarball and a gem. From there it can be packaged. We (Puppet Labs) plan to provide (better) packages in the near future. I know I keep saying that, but I've been very busy with some other workloads. I'd like to move the packaging bits into a separate, but completely open project. Of course Linux and BSD distribution still may do their own packaging of Puppet as well. As for why it's difficult to update spec files and the like, when we have an RC, I prefer to cut that *exact* content as the final. Basically, from the same tag. If I update specs and such, it changes to content. I'm open to ideas on making it better. Mike -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Parameterized classes vs defined-types
- Original Message - On Aug 23, 1:00 pm, Digant C Kasundra dig...@stanford.edu wrote: Out of curiosity, how are people using parameterized classes in a way that is distinct from defined-types? snarkI am _using_ defined types, that's how./snark Although I disfavor parameterized classes and do not use them, the pattern of my usage of defined types could not be implemented via parameterized classes. In particular, I typically do not define a type unless I plan to instantiate it multiple times for the same node. You cannot do that with parameterized classes. If you have an OO background then the words class and type may have connotations and implied similarity for you that just don't apply in Puppet. Puppet classes are not types in the type theory sense. Defined types are closer to that, but it may help to use a fuller name when you think about them: defined *resource* types. Classes, parameterized or not, are not resource types; rather, they are resource _collections_. I agree with you. I think that's why I'm curious. We also overrides on defined types, which is why we prefer them as well. I think while it may be possible to do what we are currently doing with parameterized classes, it would at least involve a lot of restructuring how we think of things in our manifests. -- Digant C Kasundra dig...@stanford.edu Infrastructure Systems Software Developer, ITS:IDG, Stanford University -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] setting facts in dashboard
On Wed, Aug 24, 2011 at 11:05 AM, David Kavanagh dkavan...@gmail.com wrote: I'd like to set some values in the dashboard that would apply to a bunch of nodes. I'm thinking the best way is if those things become facts. Then, I'd just have puppet scripts that look for those things (update config files and restart services). Can facts be set in the dashboard? If so, I'm not seeing it. Or, is there a better way to accomplish what I'm talking about? Any key value you add as a node parameter can be accessed as a fact in puppet manifests. Thanks, Nan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Secure Certification Authority Transfer
On Wed, Aug 24, 2011 at 7:32 AM, It Dept i...@ukcrd.com wrote: Hello, We are attempting to set up a completely secure puppet based system. Puppet's encrypted communications between the master and the client is ideal, but its client joining and certificate transfer mechanism is not. The client certificate request and signed certificate response is vulnerable to man-in-the-middle attacks since the CA is not verified. The CA pub keys should be deployed to the agent as part of the provisioning process. This is no different than how your browser trust a well known certificate signing authority, it has to be deployed to the client in advance. Ideally, roll it into a package and generate it with a sufficiently long TTL. We would like a system which could not be compromised by the removal of a file from a client coupled with a man-in-the-middle attack. Does anyone know of any magic force secure connections options or similar? Man in the middle in itself doesn't pose an issue, however if the attacker have access to the agent system to replace the entire ssl directory, I think you have bigger problem on your hand, and it's not something certificates were designed to protect you against. This is no different then asking the question, if someone replaced my web browser certificate trust and hijacks my DNS, how do I know he's not acting as man in a middle as my bank's website? Thanks, Nan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Can't use ${path} in file resource as its namevar?
2.7.3 The heck? ${path} is expanding to the shell environment PATH when I reference it as a variable in my file resource. Isn't this supposed to be the namevar for file resources? err: /Stage[main]/Ldapclient::Config/File[/etc/ldap.conf]: Could not evaluate: Could not retrieve information from environment production source(s) puppet:///modules/ldapclient/RedHat/usr/bin:/bin:/usr/sbin:/sbin at /etc/puppet/modules/ldapclient/manifests/config.pp:9 class ldapclient::config { case $operatingsystem { /(RedHat|CentOS|Fedora)/: { file { [ '/etc/openldap/ldap.conf', '/etc/ldap.conf' ]: source = ${ldapclient::params::fileroot}${path}, owner = $ldapclient::params::ldapclient_user, mode = 0444, require = Class['ldapclient::install'], } } } } -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/gX1W7gJwYI8J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] has class been included
Hi, You could try passing a parameter to your foo class from the node def. class foo (bar) { if $bar == 'rar' { } } node node1 inherits rar { class {foo: bar = rar } } That work for you? Den On 24/08/2011, at 21:48, David W Cennting theapec.onl...@gmail.com wrote: I am hoping someone can give me a pointer in the right direction here. I am a bit stuck with this one. I have this sort of set up in my Puppet 2.6.4 server. class foo{ #if defined( Class[“ type-server-b”] ) { #include tuning-module #} include apache include mysql # more modules } node 'server1.fqdn' inherits type-server-a { include foo } node 'server2.fqdn' inherits type-server-b { include foo } What I would like to be able to do would be to do is to see if either “type-server-a” or “type-server-b” was inherited from my nodes definition. I experimented with the “defined” function, but this isn't really designed for that I am trying to do here. Is there a way of being able to check if a module has been included in the catalogue evaluation that puppet is currently running? The only other way I could think of was to create a variable in “type- server-a” and “type-server-b” and to check its value in class foo, this just didn’t seem like an overly elegant way of doing it. Is there a better way of doing this, assuming its possible at all? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Requiring types in other classes
Hi, Underscore instead of dash? Den On 24/08/2011, at 22:56, Jonathan Gazeley jonathan.gaze...@bristol.ac.uk wrote: On 24/08/11 11:13, Martin Alfke wrote: On 08/24/2011 11:54 AM, Jonathan Gazeley wrote: Hi, Sorry if this is a basic question, but I can't find the answer in the docs. I know about fully-qualified variables, but how can I reference a type that is defined in a different class, so I can require/subscribe it? In this simple example, what's the right syntax for making goodbye.txt require hello.txt? class class1 { file { hello.txt } } class class2 { file { goodbye.txt: require = File['hello.txt'], } } Thanks, Jonathan class class1 { file { hello: path = 'hello.txt', } } class class2 { file { goodbye: path = 'goodbye.txt', require = File[class1::hello], } } (untested!) Hmm, this is what I tried before mailing the list, and I still can't get it to work. If it makes any difference, my classes are nested. mysql::mmm::common mysql::mmm::agent class mysql::mmm::agent { include mysql::mmm::common package { mysql-mmm-agent: ensure = installed, } file {mmm_agent.conf: name = /etc/mysql-mmm/mmm_agent.conf, mode = 640, owner = root, group = root, content = template(/etc/puppet/modules/mysql/files/mmm_agent.conf.erb), require = Package[mysql-mmm-agent], notify = Service[mysql-mmm-agent], } service {mysql-mmm-agent: require = [ Package['mysql-mmm-agent'], File['mmm_agent.conf', 'mmm_common.conf'], ], ensure = running, enable = true, hasstatus = true, hasrestart = true, subscribe = File[common::mmm_common.conf, 'mmm_agent.conf'], } } class mysql::mmm::common { package { mysql-mmm: ensure = installed, } file { mmm_common.conf: name = /etc/mysql-mmm/mmm_common.conf, mode = 640, owner = root, group = root, source = puppet:///modules/mysql/mmm_common.conf, require = Package[mysql-mmm], } } Using this manifest throws this error: err: Could not run Puppet configuration client: Could not find dependency File[mysql::mmm::common::mmm-common.conf] for Service[mysql-mmm-agent] at /etc/puppet/modules/mysql/manifests/init.pp:159 Any ideas? Thanks, Jonathan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Release tarball spec file
Douglas Garstang wrote: I know this is a crazy request, but I was kind of wondering why it was so hard for Puppet Labs to maintain the RPM spec file that comes contained in the release tarball, so that modifications weren't required to actually get it to build. Crazy huh? For example, the SPEC file contains this... Version:2.7.2 Release:0.2.rc1%{?dist} but the release is 2.7.3. Also 'rc1' is hard coded in several places, and so forth. Douglas Patches are always welcome. If you update it or change it then send a pull request and it'll be more likely to be up-to-date. That being said I echo Mike's comments about it being a helper for people rather than our primary role as the upstream developer. My preference is we focus on features and fixes rather than packaging specification that is actually better handled by people downstream of us. Regards James Turnbull -- James Turnbull Puppet Labs 1-503-734-8571 Join us for PuppetConf http://www.bit.ly/puppetconfsig, September 22nd and 23rd in Portland, Oregon, USA. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Can't use ${path} in file resource as its namevar?
On Wed, Aug 24, 2011 at 02:23:49PM -0700, jblaine wrote: 2.7.3 The heck? ${path} is expanding to the shell environment PATH when I reference it as a variable FWIW: It doesnt reference the environment variable directly. It references the fact path which in turn is the path environment variable. Just run »facter path« on the command line and you should get similar results. -Stefan pgpYkB39ESvC4.pgp Description: PGP signature
[Puppet Users] custom fact
Hi guys I have a custom fact envt, it was working fine but now I have to make some changes in it; puppet client's hostname is of the type 1234qa-abc-de.local where 1234 can be any thing of any length.My custom fact should contain qa, ie I want to check in the first part(before the first -) of the hostname if there exists a pattern/word qa and if it exists then my custom fact for envt should be qa. I am not good with regex/ patterns please help me out guys. Thanks -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] custom fact regex problem
Hi guys I have a custom fact envt, it was working fine but now I have to make some changes in it; puppet client's hostname is of the type 1234qa-abc-de.local where 1234 can be any thing of any length.My custom fact should contain qa, ie I want to check in the first part(before the first -) of the hostname if there exists a pattern/word qa and if it exists then my custom fact for envt should be qa. My old envt.rb code is: require 'facter' Facter.add(envt) do setcode do %x{hostname -s|cut -c 1-2}.chomp end end I am not good with regex/ patterns please help me out guys. Thanks -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Custom function error Unknown function...
I've written my first attempt at a custom puppet function, and it passes all the suggested test's from the Puppet documentation, but when called from a test module it doesn't seem to be found. Successful tests... irb(main):001:0 require 'puppet' = true irb(main):002:0 require '/etc/puppet/modules/string2hash/ .git/ lib/ irb(main):002:0 require '/etc/puppet/modules/string2hash/lib/puppet/ parser/functions/string2hash.rb' = true irb(main):003:0 Puppet::Parser::Functions.function(:string2hash) = function_string2hash ruby -rpuppet lib/puppet/parser/functions/string2hash.rb returns no errors When I try and test the functions ability to even return a correct value, I get this, $ puppet --debug -vvv test.pp Unknown function string2hash at /etc/puppet/modules/test/test.pp:3 This is test.pp... --- $hash_string = {\general\:{\dump_dir\:\/backups/misc-sqldumps\, \databases\:\mysql\,\backup_dir\:\/etc\},\anth\:{\dump_dir \:\/backups/anth-sqldumps\,\databases\:\ anth_main anth_students anth_td anth_intranet\,\backup_dir\:\/var/www/anthropology.tamu.edu \}} $val = string2hash($hash_string) notice($val) This is my function, at /etc/puppet/modules/string2hash/lib/puppet/ parser/functions/string2hash.rb - #!/usr/bin/ruby module Puppet::Parser::Functions newfunction(:string2hash, :type = :rvalue) do |args| raise ArgumentError, (string2hash(): wrong number of arguments (#{args.length}; must be 1)) if args.length != 1 raise ArgumentError, (string2hash(): wrong type of argument (#{args[0].kind_of}; must be string)) if args[0].kind_of? String require 'json' begin return JSON.parse(args[0]) rescue Exception = exc raise TypeError, string2hash(): error converting string to hash end end end I use numerous community functions that work without any type of includes , and can't seem to figure out why mine is 'unknown' when puppet clearly sees it. I've restarted both the puppet and puppetmaster daemon repeatedly. Thanks - Trey -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Random error in the recovery catalog
Hi, Have you made any changes to your auth.conf? Are you auto signing your certs? How have you configured apache and passenger? Here's what you can do as a test. Remove the apache passenger vhost and run puppet using webrick (puppetmasterd). If your client cant connect then your puppet conf needs checking. If it works, then the problem is in your apache configs. Cheers, Den On 24/08/2011, at 20:27, Antoine Benkemoun antoine.benkem...@gmail.com wrote: I'm not going to be of much help but I also get your first error message from time to time and it goes away without having me do anything. I'm talking about this one : err: /File[/var/lib/puppet/lib]: Could not evaluate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed Could not retrieve file metadata for puppet://PUPPETMASTER.fqdn/plugins: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed I think this may be due to the fact that by default Puppet runs with webrick (please correct me if I'm wrong) or something similar which can only process requests one at a time. Kind of like if this was some sort of disguised timeout. I have not tried to run Puppet with Passenger so I can't confirm this. Antoine On Wed, Aug 24, 2011 at 12:19 PM, ji...@goffaux.fr ji...@goffaux.fr wrote: Does anyone have an idea? Thanks you On 16 août, 10:42, ji...@goffaux.fr ji...@goffaux.fr wrote: Hello, I just set up Puppet / Passenger by following the documentation. For servers already authenticated key I do not encounter problems, but for new I have these errors: -- root@server2:~# puppetd --test --no-daemonize warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session info: Creating a new SSL certificate request for server2.fqdn info: Certificate Request fingerprint (md5): F1:2E:F6:D6:8C:B3:F6:6B:D2:4B:C4:72:1C:E4:24:D9 warning: peer certificate won't be verified in this SSL session err: Could not request certificate: Error 405 on SERVER: !DOCTYPE HTML PUBLIC -//IETF//DTD HTML 2.0//EN htmlhead title405 Method Not Allowed/ title / headbody h1Method Not Allowed/ h1 pThe requested method PUT is not allowed for the URL /production/ certificate_request/server2.fqdn./ p hr addressApache/2.2.9 (Debian) DAV/2 SVN/1.5.1 Phusion_Passenger/3.0.7 mod_ssl/2.2.9 OpenSSL/0.9.8g Server at puppetmaster.fqdn Port 8140/ address /body/ html Exiting; failed to retrieve certificate and waitforcert is disabled root@server2:~# --- Also, I get a new type of error by mail: --- Tue Aug 16 15:52:08 +0200 2011 //server1.fqdn/Puppet (err): Could not retrieve catalog from remote server: Error 414 on SERVER: !DOCTYPE HTML PUBLIC -//IETF//DTD HTML 2.0//EN htmlhead title414 Request-URI Too Large/title /headbody h1Request-URI Too Large/h1 pThe requested URL's length exceeds the capacity limit for this server.br / /p hr addressApache/2.2.9 (Debian) DAV/2 SVN/1.5.1 Phusion_Passenger/3.0.7 mod_ssl/2.2.9 OpenSSL/0.9.8g Server at PUPPETMASTER.fqdn Port 8140/ address /body/html Tue Aug 16 15:52:08 +0200 2011 //server1.fqdn/Puppet (notice): Using cached catalog Tue Aug 16 15:52:08 +0200 2011 //server1.fqdn/Puppet (err): Could not retrieve catalog; skipping run I have set the variable: --- PassengerMaxRequests 1 --- But I doubt that this impact on this error. Again, thank you! Jimmy On 26 juil, 14:33, ji...@goffaux.fr ji...@goffaux.fr wrote: Passenger is already installed, but was not configured to Puppet. I will do the migration and I will return here. Thank you! On 25 juil, 17:21, Peter Meier peter.me...@immerda.ch wrote: I have about 130 customer puppet. I left the default time interval. Are you still running with default webrick on the puppetmaster? (If you didn't change anything, then yes you are). If yes, it's time to scale out and use either a Mongrel or Passenger-based Setup:http://projects.puppetlabs.com/projects/puppet/wiki/Using_Passenger ~pete -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you
Re: [Puppet Users] custom fact regex problem
Hi, I use something like this. ... hostnamevar.scan(/^\d+-qa-/) ... Here is the best tool on the planet for writing and testing regexes: http://www.rubular.com Den On 25/08/2011, at 11:43, newguy aimanparv...@gmail.com wrote: Hi guys I have a custom fact envt, it was working fine but now I have to make some changes in it; puppet client's hostname is of the type 1234qa-abc-de.local where 1234 can be any thing of any length.My custom fact should contain qa, ie I want to check in the first part(before the first -) of the hostname if there exists a pattern/word qa and if it exists then my custom fact for envt should be qa. My old envt.rb code is: require 'facter' Facter.add(envt) do setcode do %x{hostname -s|cut -c 1-2}.chomp end end I am not good with regex/ patterns please help me out guys. Thanks -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: custom fact regex problem
Hey thanks for this but where should I include this in envt.rb code. The following doesnt work, I know that this might be a silly question but am stuck plz help me require 'facter' Facter.add(envt) do setcode do {%hostnamevar.scan(/^\d+-qa-/)}.chomp end end On Aug 24, 8:13 pm, Denmat tu2bg...@gmail.com wrote: Hi, I use something like this. ... hostnamevar.scan(/^\d+-qa-/) ... Here is the best tool on the planet for writing and testing regexes: http://www.rubular.com Den On 25/08/2011, at 11:43, newguy aimanparv...@gmail.com wrote: Hi guys I have a custom fact envt, it was working fine but now I have to make some changes in it; puppet client's hostname is of the type 1234qa-abc-de.local where 1234 can be any thing of any length.My custom fact should contain qa, ie I want to check in the first part(before the first -) of the hostname if there exists a pattern/word qa and if it exists then my custom fact for envt should be qa. My old envt.rb code is: require 'facter' Facter.add(envt) do setcode do %x{hostname -s|cut -c 1-2}.chomp end end I am not good with regex/ patterns please help me out guys. Thanks -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group athttp://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.