[Puppet Users] Requiring types in other classes
Hi,
Sorry if this is a basic question, but I can't find the answer in the
docs. I know about fully-qualified variables, but how can I reference a
type that is defined in a different class, so I can require/subscribe it?
In this simple example, what's the right syntax for making goodbye.txt
require hello.txt?
class class1 {
file { hello.txt }
}
class class2 {
file { goodbye.txt:
require = File['hello.txt'],
}
}
Thanks,
Jonathan
--
You received this message because you are subscribed to the Google Groups Puppet
Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Requiring types in other classes
On 08/24/2011 11:54 AM, Jonathan Gazeley wrote:
Hi,
Sorry if this is a basic question, but I can't find the answer in the
docs. I know about fully-qualified variables, but how can I reference a
type that is defined in a different class, so I can require/subscribe it?
In this simple example, what's the right syntax for making goodbye.txt
require hello.txt?
class class1 {
file { hello.txt }
}
class class2 {
file { goodbye.txt:
require = File['hello.txt'],
}
}
Thanks,
Jonathan
class class1 {
file { hello:
path = 'hello.txt',
}
}
class class2 {
file { goodbye:
path = 'goodbye.txt',
require = File[class1::hello],
}
}
(untested!)
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Random error in the recovery catalog
Does anyone have an idea? Thanks you On 16 août, 10:42, ji...@goffaux.fr ji...@goffaux.fr wrote: Hello, I just set up Puppet / Passenger by following the documentation. For servers already authenticated key I do not encounter problems, but for new I have these errors: -- root@server2:~# puppetd --test --no-daemonize warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session info: Creating a new SSL certificate request for server2.fqdn info: Certificate Request fingerprint (md5): F1:2E:F6:D6:8C:B3:F6:6B:D2:4B:C4:72:1C:E4:24:D9 warning: peer certificate won't be verified in this SSL session err: Could not request certificate: Error 405 on SERVER: !DOCTYPE HTML PUBLIC -//IETF//DTD HTML 2.0//EN htmlhead title405 Method Not Allowed/ title / headbody h1Method Not Allowed/ h1 pThe requested method PUT is not allowed for the URL /production/ certificate_request/server2.fqdn./ p hr addressApache/2.2.9 (Debian) DAV/2 SVN/1.5.1 Phusion_Passenger/3.0.7 mod_ssl/2.2.9 OpenSSL/0.9.8g Server at puppetmaster.fqdn Port 8140/ address /body/ html Exiting; failed to retrieve certificate and waitforcert is disabled root@server2:~# --- Also, I get a new type of error by mail: --- Tue Aug 16 15:52:08 +0200 2011 //server1.fqdn/Puppet (err): Could not retrieve catalog from remote server: Error 414 on SERVER: !DOCTYPE HTML PUBLIC -//IETF//DTD HTML 2.0//EN htmlhead title414 Request-URI Too Large/title /headbody h1Request-URI Too Large/h1 pThe requested URL's length exceeds the capacity limit for this server.br / /p hr addressApache/2.2.9 (Debian) DAV/2 SVN/1.5.1 Phusion_Passenger/3.0.7 mod_ssl/2.2.9 OpenSSL/0.9.8g Server at PUPPETMASTER.fqdn Port 8140/ address /body/html Tue Aug 16 15:52:08 +0200 2011 //server1.fqdn/Puppet (notice): Using cached catalog Tue Aug 16 15:52:08 +0200 2011 //server1.fqdn/Puppet (err): Could not retrieve catalog; skipping run I have set the variable: --- PassengerMaxRequests 1 --- But I doubt that this impact on this error. Again, thank you! Jimmy On 26 juil, 14:33, ji...@goffaux.fr ji...@goffaux.fr wrote: Passenger is already installed, but was not configured to Puppet. I will do the migration and I will return here. Thank you! On 25 juil, 17:21, Peter Meier peter.me...@immerda.ch wrote: I have about 130 customer puppet. I left the default time interval. Are you still running with default webrick on the puppetmaster? (If you didn't change anything, then yes you are). If yes, it's time to scale out and use either a Mongrel or Passenger-based Setup:http://projects.puppetlabs.com/projects/puppet/wiki/Using_Passenger ~pete -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Random error in the recovery catalog
I'm not going to be of much help but I also get your first error message from time to time and it goes away without having me do anything. I'm talking about this one : err: /File[/var/lib/puppet/lib]: Could not evaluate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed Could not retrieve file metadata for puppet://PUPPETMASTER.fqdn/plugins: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed I think this may be due to the fact that by default Puppet runs with webrick (please correct me if I'm wrong) or something similar which can only process requests one at a time. Kind of like if this was some sort of disguised timeout. I have not tried to run Puppet with Passenger so I can't confirm this. Antoine On Wed, Aug 24, 2011 at 12:19 PM, ji...@goffaux.fr ji...@goffaux.fr wrote: Does anyone have an idea? Thanks you On 16 août, 10:42, ji...@goffaux.fr ji...@goffaux.fr wrote: Hello, I just set up Puppet / Passenger by following the documentation. For servers already authenticated key I do not encounter problems, but for new I have these errors: -- root@server2:~# puppetd --test --no-daemonize warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session info: Creating a new SSL certificate request for server2.fqdn info: Certificate Request fingerprint (md5): F1:2E:F6:D6:8C:B3:F6:6B:D2:4B:C4:72:1C:E4:24:D9 warning: peer certificate won't be verified in this SSL session err: Could not request certificate: Error 405 on SERVER: !DOCTYPE HTML PUBLIC -//IETF//DTD HTML 2.0//EN htmlhead title405 Method Not Allowed/ title / headbody h1Method Not Allowed/ h1 pThe requested method PUT is not allowed for the URL /production/ certificate_request/server2.fqdn./ p hr addressApache/2.2.9 (Debian) DAV/2 SVN/1.5.1 Phusion_Passenger/3.0.7 mod_ssl/2.2.9 OpenSSL/0.9.8g Server at puppetmaster.fqdn Port 8140/ address /body/ html Exiting; failed to retrieve certificate and waitforcert is disabled root@server2:~# --- Also, I get a new type of error by mail: --- Tue Aug 16 15:52:08 +0200 2011 //server1.fqdn/Puppet (err): Could not retrieve catalog from remote server: Error 414 on SERVER: !DOCTYPE HTML PUBLIC -//IETF//DTD HTML 2.0//EN htmlhead title414 Request-URI Too Large/title /headbody h1Request-URI Too Large/h1 pThe requested URL's length exceeds the capacity limit for this server.br / /p hr addressApache/2.2.9 (Debian) DAV/2 SVN/1.5.1 Phusion_Passenger/3.0.7 mod_ssl/2.2.9 OpenSSL/0.9.8g Server at PUPPETMASTER.fqdn Port 8140/ address /body/html Tue Aug 16 15:52:08 +0200 2011 //server1.fqdn/Puppet (notice): Using cached catalog Tue Aug 16 15:52:08 +0200 2011 //server1.fqdn/Puppet (err): Could not retrieve catalog; skipping run I have set the variable: --- PassengerMaxRequests 1 --- But I doubt that this impact on this error. Again, thank you! Jimmy On 26 juil, 14:33, ji...@goffaux.fr ji...@goffaux.fr wrote: Passenger is already installed, but was not configured to Puppet. I will do the migration and I will return here. Thank you! On 25 juil, 17:21, Peter Meier peter.me...@immerda.ch wrote: I have about 130 customer puppet. I left the default time interval. Are you still running with default webrick on the puppetmaster? (If you didn't change anything, then yes you are). If yes, it's time to scale out and use either a Mongrel or Passenger-based Setup: http://projects.puppetlabs.com/projects/puppet/wiki/Using_Passenger ~pete -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] 2.7.1 slowness?
On Tue, 2011-08-23 at 11:00 -0700, Digant C Kasundra wrote: Is anyone else noticing slowness with 2.7.1? When I run puppet on my 2.6.8 box, it takes 11 seconds. On my second box with exactly the same catalog, it takes 35 seconds. Is the problem while compiling catalog (ie the master) or when applying it (ie puppet agent)? If the later, can you report what --summarize gives you on both host? -- Brice Figureau Follow the latest Puppet Community evolutions on www.planetpuppet.org! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] puppet-dashboard doesn't connect to inventory service
hello, I am using puppet-dashboard 1.1 with puppet 2.7.3
I have followed the instructions in the dashboard manual
http://docs.puppetlabs.com/dashboard/manual/1.2/configuring.html
http://docs.puppetlabs.com/guides/inventory_service.html
I can query the inventory service successfully using curl but puppet
dashboard doesn't show any of my nodes. I am running puppet on passenger and
see no
Any ideas?
Here is the output I see in puppet-dashboard's webrick session. As far as I
can tell, dashboard isn't querying the inventory service at all. Perhaps my
version of dashboard is too old
Processing NodesController#index (for 168.202.35.194 at 2011-08-24 08:20:49)
[GET]
Parameters: {action=index, controller=nodes}
Node Load (0.2ms) SELECT * FROM `nodes`
Rendering template within layouts/application
Rendering nodes/index
SQL (0.2ms) SELECT count(*) AS count_all FROM `nodes` WHERE
(`nodes`.`hidden` = 0)
Node Load (0.2ms) SELECT * FROM `nodes` WHERE ((nodes.status != 'failed'
AND nodes.last_apply_report_id is not NULL) AND (`nodes`.`hidden` = 0))
Node Load (0.2ms) SELECT * FROM `nodes` WHERE ((nodes.status = 'failed'
AND nodes.last_apply_report_id is not NULL) AND (`nodes`.`hidden` = 0))
Node Load (0.3ms) SELECT `nodes`.* FROM `nodes` INNER JOIN `reports` ON
reports.node_id = nodes.id WHERE ((reports.kind = 'apply' AND reports.status
!= 'failed') AND (`nodes`.`hidden` = 0)) GROUP BY nodes.id
Node Load (0.2ms) SELECT `nodes`.* FROM `nodes` INNER JOIN `reports` ON
reports.node_id = nodes.id WHERE ((reports.kind = 'apply' AND reports.status
= 'failed') AND (`nodes`.`hidden` = 0)) GROUP BY nodes.id
SQL (0.1ms) SELECT count(*) AS count_all FROM `nodes` WHERE
((`nodes`.`reported_at` IS NULL AND `nodes`.`hidden` = 0))
SQL (0.2ms) SELECT count(*) AS count_all FROM `nodes` WHERE
((`nodes`.`hidden` = 0) AND (reported_at '2011-08-24 05:20:49'))
SQL (0.1ms) SELECT count(*) AS count_all FROM `nodes` WHERE
(`nodes`.`hidden` = 1)
NodeClass Load (0.2ms) SELECT node_classes.*, count(nodes.id) as
nodes_count FROM `node_classes` LEFT OUTER JOIN node_class_memberships ON (
node_classes.id = node_class_memberships.node_class_id) LEFT OUTER JOIN
nodes ON (nodes.id = node_class_memberships.node_id) GROUP BY
node_classes.id ORDER BY name ASC
Rendered shared/_node_manager_sidebar_for_type (1.8ms)
NodeGroup Load (0.2ms) SELECT node_groups.*, count(nodes.id) as
nodes_count FROM `node_groups` LEFT OUTER JOIN node_group_memberships ON (
node_groups.id = node_group_memberships.node_group_id) LEFT OUTER JOIN nodes
ON (nodes.id = node_group_memberships.node_id) GROUP BY node_groups.id ORDER
BY name ASC
Rendered shared/_node_manager_sidebar_for_type (1.7ms)
Rendered shared/_node_manager_sidebar (17.3ms)
Rendered nodes/_search (1.1ms)
SQL (0.2ms) SELECT count(DISTINCT `nodes`.id) AS count_all FROM `nodes`
LEFT OUTER JOIN `reports` ON `reports`.id = `nodes`.last_apply_report_id
WHERE (`nodes`.`hidden` = 0)
Rendered statuses/_run_failure (1.7ms)
Node Load (0.2ms) SELECT * FROM `nodes` WHERE (`nodes`.`hidden` = 0)
ORDER BY reported_at DESC LIMIT 1
Node Load (0.2ms) SELECT * FROM `nodes` WHERE (`nodes`.`hidden` = 0)
ORDER BY reported_at DESC LIMIT 0, 20
Rendered nodes/_nodes (3.2ms)
Rendered shared/_global_nav (1.4ms)
Completed in 30ms (View: 26, DB: 3) | 200 OK [
http://hqlprrepo01.hq.un.fao.org/nodes]
here is my config/settings.yml, i have put x's in my server name
#===[ Settings ]=
#
# This file is meant for storing setting information that is never
# published or committed to a revision control system.
#
# Do not modify this config/settings.yml.example file directly -- you
# should copy it to config/settings.yml and customize it there.
#
#---[ Values ]--
# Node name to use when contacting the puppet master. This is the
# CN that is used in Dashboard's certificate.
cn_name: 'dashboard'
ca_crl_path: 'certs/dashboard.ca_crl.pem'
ca_certificate_path: 'certs/dashboard.ca_cert.pem'
certificate_path: 'certs/dashboard.cert.pem'
private_key_path: 'certs/dashboard.private_key.pem'
public_key_path: 'certs/dashboard.public_key.pem'
# Hostname of the certificate authority.
ca_server: '...org'
# Port for the certificate authority.
ca_port: 8140
# Key length for SSL certificates
key_length: 1024
# The inventory service allows you to connect to a puppet master to
retrieve and node facts
enable_inventory_service: true
# Hostname of the inventory server.
inventory_server: 'xxx..org'
# Port for the inventory server.
inventory_port: 8140
# Set this to true to allow Dashboard to display diffs on files that
# are archived in the file bucket.
use_file_bucket_diffs: false
# Hostname of the file bucket server.
file_bucket_server: '..org'
# Port for the file bucket server.
file_bucket_port: 8140
--
You received this message because you are subscribed to the
[Puppet Users] has class been included
I am hoping someone can give me a pointer in the right direction
here. I am a bit stuck with this one.
I have this sort of set up in my Puppet 2.6.4 server.
class foo{
#if defined( Class[“ type-server-b”] ) {
# include tuning-module
#}
include apache
include mysql
# more modules
}
node 'server1.fqdn' inherits type-server-a {
include foo
}
node 'server2.fqdn' inherits type-server-b {
include foo
}
What I would like to be able to do would be to do is to see if either
“type-server-a” or “type-server-b” was inherited from my nodes
definition.
I experimented with the “defined” function, but this isn't really
designed for that I am trying to do here. Is there a way of being
able to check if a module has been included in the catalogue
evaluation that puppet is currently running?
The only other way I could think of was to create a variable in “type-
server-a” and “type-server-b” and to check its value in class foo,
this just didn’t seem like an overly elegant way of doing it.
Is there a better way of doing this, assuming its possible at all?
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Requiring types in other classes
On 24/08/11 11:13, Martin Alfke wrote:
On 08/24/2011 11:54 AM, Jonathan Gazeley wrote:
Hi,
Sorry if this is a basic question, but I can't find the answer in the
docs. I know about fully-qualified variables, but how can I reference a
type that is defined in a different class, so I can require/subscribe it?
In this simple example, what's the right syntax for making goodbye.txt
require hello.txt?
class class1 {
file { hello.txt }
}
class class2 {
file { goodbye.txt:
require = File['hello.txt'],
}
}
Thanks,
Jonathan
class class1 {
file { hello:
path = 'hello.txt',
}
}
class class2 {
file { goodbye:
path = 'goodbye.txt',
require = File[class1::hello],
}
}
(untested!)
Hmm, this is what I tried before mailing the list, and I still can't get
it to work.
If it makes any difference, my classes are nested.
mysql::mmm::common
mysql::mmm::agent
class mysql::mmm::agent {
include mysql::mmm::common
package { mysql-mmm-agent:
ensure = installed,
}
file {mmm_agent.conf:
name = /etc/mysql-mmm/mmm_agent.conf,
mode = 640, owner = root, group = root,
content =
template(/etc/puppet/modules/mysql/files/mmm_agent.conf.erb),
require = Package[mysql-mmm-agent],
notify = Service[mysql-mmm-agent],
}
service {mysql-mmm-agent:
require = [ Package['mysql-mmm-agent'],
File['mmm_agent.conf', 'mmm_common.conf'], ],
ensure = running,
enable = true,
hasstatus = true,
hasrestart = true,
subscribe = File[common::mmm_common.conf,
'mmm_agent.conf'],
}
}
class mysql::mmm::common {
package { mysql-mmm:
ensure = installed,
}
file { mmm_common.conf:
name = /etc/mysql-mmm/mmm_common.conf,
mode = 640, owner = root, group = root,
source = puppet:///modules/mysql/mmm_common.conf,
require = Package[mysql-mmm],
}
}
Using this manifest throws this error:
err: Could not run Puppet configuration client: Could not find
dependency File[mysql::mmm::common::mmm-common.conf] for
Service[mysql-mmm-agent] at /etc/puppet/modules/mysql/manifests/init.pp:159
Any ideas?
Thanks,
Jonathan
--
You received this message because you are subscribed to the Google Groups Puppet
Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Requiring types in other classes
On Aug 24, 4:54 am, Jonathan Gazeley jonathan.gaze...@bristol.ac.uk
wrote:
Hi,
Sorry if this is a basic question, but I can't find the answer in the
docs. I know about fully-qualified variables, but how can I reference a
type that is defined in a different class, so I can require/subscribe it?
In this simple example, what's the right syntax for making goodbye.txt
require hello.txt?
class class1 {
file { hello.txt }
}
class class2 {
file { goodbye.txt:
require = File['hello.txt'],
}
}
The word you are looking for is resource, not type. The latter is
more likely to make people think of user-defined resource types, such
as are declared via the define statement.
The answer is that resource titles and names are global (and must be
globally unique) in nodes' catalogs, therefore you don't have to use
any special syntax to reference a resource from outside the scope
where it is declared.
You do, however, need to ensure that the declaration is visible at the
point of reference. As long as you're not using parameterized
classes, the best way to do that is via the include statement, like
so:
class class1 {
file { hello.txt }
}
class class2 {
# Include the class declaring File['hello.txt']
include class1
file { goodbye.txt:
require = File['hello.txt']
}
}
Do remember that Puppet's include statement is *not* analogous to,
for example, the C peprocessor's #include directive. It does not
cause any code interpolation; instead, include tells Puppet that the
specified class must be included in the current node's catalog.
John
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Requiring types in other classes
On 24/08/11 14:09, jcbollinger wrote:
On Aug 24, 4:54 am, Jonathan Gazeleyjonathan.gaze...@bristol.ac.uk
wrote:
Hi,
Sorry if this is a basic question, but I can't find the answer in the
docs. I know about fully-qualified variables, but how can I reference a
type that is defined in a different class, so I can require/subscribe it?
In this simple example, what's the right syntax for making goodbye.txt
require hello.txt?
class class1 {
file { hello.txt }
}
class class2 {
file { goodbye.txt:
require = File['hello.txt'],
}
}
The word you are looking for is resource, not type. The latter is
more likely to make people think of user-defined resource types, such
as are declared via the define statement.
The answer is that resource titles and names are global (and must be
globally unique) in nodes' catalogs, therefore you don't have to use
any special syntax to reference a resource from outside the scope
where it is declared.
You do, however, need to ensure that the declaration is visible at the
point of reference. As long as you're not using parameterized
classes, the best way to do that is via the include statement, like
so:
class class1 {
file { hello.txt }
}
class class2 {
# Include the class declaring File['hello.txt']
include class1
file { goodbye.txt:
require = File['hello.txt']
}
}
Do remember that Puppet's include statement is *not* analogous to,
for example, the C peprocessor's #include directive. It does not
cause any code interpolation; instead, include tells Puppet that the
specified class must be included in the current node's catalog.
John
Thanks for your excellent response. I hadn't realised that resource
names were global, nor that include behaves differently from that of
the C preprocessor. Win on both counts - I've got my manifest working.
Thanks a lot,
Jonathan
--
You received this message because you are subscribed to the Google Groups Puppet
Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Difference between include and require
On Aug 23, 12:51 pm, Douglas Garstang doug.garst...@gmail.com wrote:
Can someone please succinctly explain to me the difference between include
and require?
The 'require' function (not to be confused with the 'require' resource
metaparameter) does everything that 'include' does, plus adds a class-
level dependency. Thus, this:
class foo {
require 'bar'
}
is equivalent to this:
class foo {
include 'bar'
}
Class['bar'] - Class['foo']
To put it another way, 'include' affects only catalog compilation,
whereas 'require' affects both compilation by the master and
application by the agent.
The documentation implies that simply putting 'require class' at the top
of a different class automatically means that class is fully implemented
as a dependency.
I'm not sure what you mean by that
However, it doesn't seem to work that way. Also, I'm not
seeing a situation where the use of include seems to be automatically
resolving dependancies. This is puppet 0.25.5.
I can't really offer any advice based on that description of the
problem. Can you provide an example that demonstrates it?
John
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Difference between include and require
On Aug 23, 12:53 pm, David Kavanagh dkavan...@gmail.com wrote: It seems there's a problem including a class multiple times. By stating that one class requires another, you formalize the dependency, but don't actually have an include. What you do then is to include the class in your main implementation which uses that class. That way, if you have several classes that depend on one other class, it is included once at the top level, but used many places (where it is required). Is that as clear as I think it is? Not to me. To the extent that I understand what you're saying, it doesn't sound right. The 'require' function does everything that 'include' does (and then some), so using 'require' vs. 'include' does nothing to address any problems with multiple inclusion. Furthermore, the issues with multiple inclusion are sufficiently mild that my preferred coding practice is to rely on including classes everywhere they are needed. To my knowledge, multiple inclusion is problematic only in these cases: 1) When the included class uses a variable resolved via dynamic scoping, and that variable may be resolved differently at different points of inclusion. That doesn't bother me much, because if ever that happens then it reflects a design error in the manifests anyway. There are alternative, better ways to feed data to your classes than dynamically scoped variables. 2) When the class to 'include' is parameterized (but I consider this more a flaw in the design of the parameterized class framework than in the 'include' function). John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Parameterized classes vs defined-types
On Aug 23, 1:00 pm, Digant C Kasundra dig...@stanford.edu wrote: Out of curiosity, how are people using parameterized classes in a way that is distinct from defined-types? snarkI am _using_ defined types, that's how./snark Although I disfavor parameterized classes and do not use them, the pattern of my usage of defined types could not be implemented via parameterized classes. In particular, I typically do not define a type unless I plan to instantiate it multiple times for the same node. You cannot do that with parameterized classes. If you have an OO background then the words class and type may have connotations and implied similarity for you that just don't apply in Puppet. Puppet classes are not types in the type theory sense. Defined types are closer to that, but it may help to use a fuller name when you think about them: defined *resource* types. Classes, parameterized or not, are not resource types; rather, they are resource _collections_. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Odd certificate problem
Hi, I just upgrade my puppet server from version 2.6.7 to 2.7.3 and now I can't connect new clients. When trying to connect the clients I'm denied with the following error message: err: Could not request certificate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed. This is often because the time is out of sync on the server or client Now I have been checking time settings on both servers and they are in sync. (I syncronized them against the same ntp server.) Then I checked the masterhttp.log and there is this: [2011-08-24 12:46:37] ERROR OpenSSL::SSL::SSLError: SSL_accept returned=1 errno=0 state=SSLv3 read client certificate A: tlsv1 alert unknown ca /usr/local/lib/ruby/site_ruby/1.9/puppet/network/http/webrick.rb:44:in `accept' /usr/local/lib/ruby/site_ruby/1.9/puppet/network/http/webrick.rb:44:in `block (3 levels) in listen' /usr/local/lib/ruby/1.9/webrick/server.rb:183:in `call' /usr/local/lib/ruby/1.9/webrick/server.rb:183:in `block in start_thread' So. I decided to clear out the ssl directory and start over. The local agents certificate is signed as it should and can connect and apply the configuration. On client that can't connect I also tried to clear out the ssl directory to make it create a new request but without any luck. Does anyone have an idea for me how to get on? Regards /Martin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Secure Certification Authority Transfer
Hello, We are attempting to set up a completely secure puppet based system. Puppet's encrypted communications between the master and the client is ideal, but its client joining and certificate transfer mechanism is not. The client certificate request and signed certificate response is vulnerable to man-in-the-middle attacks since the CA is not verified. As such we are manually transferring the client certificates and CA to the client from the master to avoid this problem. Our question is, is there a way to force clients to verify the connection against the ca certificate, and if that is not possible for whatever reason then fail. The default behavior is to verify the certificate and fail, except when the CA certificate is missing on the client at which point the client simply (insecurely) downloads it from the master, compromising the entire security chain. We would like a system which could not be compromised by the removal of a file from a client coupled with a man-in-the-middle attack. Does anyone know of any magic force secure connections options or similar? Thanks -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] handy tip against unhelpful Could not intern from pson error
Not sure if people are already aware of this, but it might save
someone some time in the future. I've been tracking down the following
error today, it's rather unhelpful in telling you where the problem is
in your manifests:
# puppetd --test
info: Retrieving plugin
err: Could not retrieve catalog from remote server: Could not intern
from pson: Could not convert from pson: Could not find relationship
target Service[]
The problem is the parser using an empty string as a resource name
which I arrived at by using a variable inside double quotes for a
resource declaration. I did this for style (or have been until now) -
I like to have user defined strings in quotes so it easily
distinguishes between them and puppet keywords, plus for syntax
highlighting, etc. Turns out this personal preference has shot me in
the foot as the difference between the error messages for an empty
string versus an undefined variable is rather big.
See this unhelpful message:
$service_name = httpd
service { $servicename: ensure = running }
err: Could not retrieve catalog from remote server: Could not intern
from pson: Could not convert from pson: Could not find relationship
target Service[]
versus this:
$service_name = httpd
service { $servicename: ensure = running }
err: /Stage[main]/Puppet_dashboard::Service/Service[undef]/ensure:
change from stopped to running failed: Could not start Service[undef]:
Execution of '/sbin/service undef start' returned 1: at /etc/puppet/
environments/testing/modules/httpd/manifests/service.pp:26
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] handy tip against unhelpful Could not intern from pson error
I can't see any difference between your two examples.
Typo?
- henrik
On 8/24/11 5:23 PM, Luke Bigum wrote:
Not sure if people are already aware of this, but it might save
someone some time in the future. I've been tracking down the following
error today, it's rather unhelpful in telling you where the problem is
in your manifests:
# puppetd --test
info: Retrieving plugin
err: Could not retrieve catalog from remote server: Could not intern
from pson: Could not convert from pson: Could not find relationship
target Service[]
The problem is the parser using an empty string as a resource name
which I arrived at by using a variable inside double quotes for a
resource declaration. I did this for style (or have been until now) -
I like to have user defined strings in quotes so it easily
distinguishes between them and puppet keywords, plus for syntax
highlighting, etc. Turns out this personal preference has shot me in
the foot as the difference between the error messages for an empty
string versus an undefined variable is rather big.
See this unhelpful message:
$service_name = httpd
service { $servicename: ensure = running }
err: Could not retrieve catalog from remote server: Could not intern
from pson: Could not convert from pson: Could not find relationship
target Service[]
versus this:
$service_name = httpd
service { $servicename: ensure = running }
err: /Stage[main]/Puppet_dashboard::Service/Service[undef]/ensure:
change from stopped to running failed: Could not start Service[undef]:
Execution of '/sbin/service undef start' returned 1: at /etc/puppet/
environments/testing/modules/httpd/manifests/service.pp:26
--
You received this message because you are subscribed to the Google Groups Puppet
Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: facter identifies Oracle Linux 6.1 as 'RedHat'
On Tue, Aug 23, 2011 at 4:18 PM, Avi Miller avi.mil...@gmail.com wrote: I've added an issue for this on the Puppet Labs site[1] and submitted a patch via GitHub to determine OracleLinux properly from 5 Update 6 and 6. This adds OracleLinux as an operatingsystem. Should we still use OEL? If we change the the value to OracleLinux, besides manifests changes, we also need to update types and provider that are currently configured to :confine(OEL). Thanks, Nan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: handy tip against unhelpful Could not intern from pson error
Cheers, that'll teach me to cut and paste ;)
The second example's resource name should be without quotes, so:
$service_name = httpd
service { $servicename: ensure = running }
err: /Stage[main]/Puppet_dashboard::Service/Service[undef]/ensure:
change from stopped to running failed: Could not start Service[undef]:
Execution of '/sbin/service undef start' returned 1: at /etc/puppet/
environments/testing/modules/httpd/manifests/service.pp:26
On Aug 24, 5:12 pm, Henrik Lindberg henrik.lindb...@cloudsmith.com
wrote:
I can't see any difference between your two examples.
Typo?
- henrik
On 8/24/11 5:23 PM, Luke Bigum wrote:
Not sure if people are already aware of this, but it might save
someone some time in the future. I've been tracking down the following
error today, it's rather unhelpful in telling you where the problem is
in your manifests:
# puppetd --test
info: Retrieving plugin
err: Could not retrieve catalog from remote server: Could not intern
from pson: Could not convert from pson: Could not find relationship
target Service[]
The problem is the parser using an empty string as a resource name
which I arrived at by using a variable inside double quotes for a
resource declaration. I did this for style (or have been until now) -
I like to have user defined strings in quotes so it easily
distinguishes between them and puppet keywords, plus for syntax
highlighting, etc. Turns out this personal preference has shot me in
the foot as the difference between the error messages for an empty
string versus an undefined variable is rather big.
See this unhelpful message:
$service_name = httpd
service { $servicename: ensure = running }
err: Could not retrieve catalog from remote server: Could not intern
from pson: Could not convert from pson: Could not find relationship
target Service[]
versus this:
$service_name = httpd
service { $servicename: ensure = running }
err: /Stage[main]/Puppet_dashboard::Service/Service[undef]/ensure:
change from stopped to running failed: Could not start Service[undef]:
Execution of '/sbin/service undef start' returned 1: at /etc/puppet/
environments/testing/modules/httpd/manifests/service.pp:26
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Upgrading 0.25.4
All, Can someone give me some ideas as to, or point me to where I can find documentation on the issues I may have upgrading puppet from 0.25.4 to the latest? Also, the server is using passenger, and I know there's a whole lot of magic voodoo that has to happen to make sure that the version numbers of all the bits are compatible. Doug -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Parameterized classes vs defined-types
On 8/24/11 3:46 PM, jcbollinger wrote: If you have an OO background then the words class and type may have connotations and implied similarity for you that just don't apply in Puppet. Puppet classes are not types in the type theory sense. Defined types are closer to that, but it may help to use a fuller name when you think about them: defined *resource* types. Classes, parameterized or not, are not resource types; rather, they are resource _collections_. I find it helps me to think of classes as *host*-class = a type of host classification (i.e. like measurements Weight and Height) - it is nonsensical to classify it multiple times e.g size = big, size = small, at best it would be redundant (size = big, size = big) to classify a host with the same puppet class multiple times (but I think that special case is also flagged as an error - which it should because the structure is clearly wrong). Please correct me if I am wrong - I am also learning puppet. - henrik -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Release tarball spec file
I know this is a crazy request, but I was kind of wondering why it was so
hard for Puppet Labs to maintain the RPM spec file that comes contained in
the release tarball, so that modifications weren't required to actually get
it to build. Crazy huh?
For example, the SPEC file contains this...
Version:2.7.2
Release:0.2.rc1%{?dist}
but the release is 2.7.3. Also 'rc1' is hard coded in several places, and so
forth.
Doug
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] setting facts in dashboard
I'd like to set some values in the dashboard that would apply to a bunch of nodes. I'm thinking the best way is if those things become facts. Then, I'd just have puppet scripts that look for those things (update config files and restart services). Can facts be set in the dashboard? If so, I'm not seeing it. Or, is there a better way to accomplish what I'm talking about? David -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] 2.7.1 slowness?
- Original Message - On Tue, 2011-08-23 at 11:00 -0700, Digant C Kasundra wrote: Is anyone else noticing slowness with 2.7.1? When I run puppet on my 2.6.8 box, it takes 11 seconds. On my second box with exactly the same catalog, it takes 35 seconds. Is the problem while compiling catalog (ie the master) or when applying it (ie puppet agent)? If the later, can you report what --summarize gives you on both host? I think it might not even be in the run but might be in some of the post run activities (like reporting maybe?) Here is what I have: A 2.6 puppet client running against a 2.6 puppetmaster: info: Retrieving plugin info: Caching catalog for jimhenson1.stanford.edu info: Applying configuration version '1314209976' notice: Finished catalog run in 9.75 seconds Changes: Events: Resources: Total: 1188 Time: Filebucket: 0.00 Resources: 0.00 K5login: 0.00 Schedule: 0.00 User: 0.02 Service: 0.32 Package: 1.24 Exec: 1.99 Total: 12.92 Last run: 1314209992 File: 3.21 Config retrieval: 6.14 A 2.7 puppet client running against a 2.7 puppetmaster (identical catalog, essentially): info: Retrieving plugin info: Connecting to sqlite3 database: /var/lib/puppet/state/clientconfigs.sqlite3 info: Caching catalog for jimhenson4.stanford.edu info: Applying configuration version '1314209977' notice: Finished catalog run in 37.02 seconds Changes: Events: Resources: Total: 1193 Skipped: 6 Time: Filebucket: 0.00 Resources: 0.00 K5login: 0.00 User: 0.02 Service: 0.40 Package: 0.91 Exec: 1.84 Total: 13.40 Last run: 1314210022 File: 2.85 Config retrieval: 7.38 When I run a 2.6 client against the a 2.6 master and 2.7 master, I don't seem to notice any difference at all, however. Weird. -- Digant C Kasundra dig...@stanford.edu Infrastructure Systems Software Developer, ITS:IDG, Stanford University -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Release tarball spec file
On Wed, Aug 24, 2011 at 10:16 AM, Douglas Garstang doug.garst...@gmail.com wrote: I know this is a crazy request, but I was kind of wondering why it was so hard for Puppet Labs to maintain the RPM spec file that comes contained in the release tarball, so that modifications weren't required to actually get it to build. Crazy huh? https://projects.puppetlabs.com/issues/9016 was raised on this issue as well. See my comments in the ticket. The basic premise is that I'd like to remove all packaging content from Puppet as a project. The packaging content is not what upstream is. Puppet is released as a tarball and a gem. From there it can be packaged. We (Puppet Labs) plan to provide (better) packages in the near future. I know I keep saying that, but I've been very busy with some other workloads. I'd like to move the packaging bits into a separate, but completely open project. Of course Linux and BSD distribution still may do their own packaging of Puppet as well. As for why it's difficult to update spec files and the like, when we have an RC, I prefer to cut that *exact* content as the final. Basically, from the same tag. If I update specs and such, it changes to content. I'm open to ideas on making it better. Mike -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Parameterized classes vs defined-types
- Original Message - On Aug 23, 1:00 pm, Digant C Kasundra dig...@stanford.edu wrote: Out of curiosity, how are people using parameterized classes in a way that is distinct from defined-types? snarkI am _using_ defined types, that's how./snark Although I disfavor parameterized classes and do not use them, the pattern of my usage of defined types could not be implemented via parameterized classes. In particular, I typically do not define a type unless I plan to instantiate it multiple times for the same node. You cannot do that with parameterized classes. If you have an OO background then the words class and type may have connotations and implied similarity for you that just don't apply in Puppet. Puppet classes are not types in the type theory sense. Defined types are closer to that, but it may help to use a fuller name when you think about them: defined *resource* types. Classes, parameterized or not, are not resource types; rather, they are resource _collections_. I agree with you. I think that's why I'm curious. We also overrides on defined types, which is why we prefer them as well. I think while it may be possible to do what we are currently doing with parameterized classes, it would at least involve a lot of restructuring how we think of things in our manifests. -- Digant C Kasundra dig...@stanford.edu Infrastructure Systems Software Developer, ITS:IDG, Stanford University -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] setting facts in dashboard
On Wed, Aug 24, 2011 at 11:05 AM, David Kavanagh dkavan...@gmail.com wrote: I'd like to set some values in the dashboard that would apply to a bunch of nodes. I'm thinking the best way is if those things become facts. Then, I'd just have puppet scripts that look for those things (update config files and restart services). Can facts be set in the dashboard? If so, I'm not seeing it. Or, is there a better way to accomplish what I'm talking about? Any key value you add as a node parameter can be accessed as a fact in puppet manifests. Thanks, Nan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Secure Certification Authority Transfer
On Wed, Aug 24, 2011 at 7:32 AM, It Dept i...@ukcrd.com wrote: Hello, We are attempting to set up a completely secure puppet based system. Puppet's encrypted communications between the master and the client is ideal, but its client joining and certificate transfer mechanism is not. The client certificate request and signed certificate response is vulnerable to man-in-the-middle attacks since the CA is not verified. The CA pub keys should be deployed to the agent as part of the provisioning process. This is no different than how your browser trust a well known certificate signing authority, it has to be deployed to the client in advance. Ideally, roll it into a package and generate it with a sufficiently long TTL. We would like a system which could not be compromised by the removal of a file from a client coupled with a man-in-the-middle attack. Does anyone know of any magic force secure connections options or similar? Man in the middle in itself doesn't pose an issue, however if the attacker have access to the agent system to replace the entire ssl directory, I think you have bigger problem on your hand, and it's not something certificates were designed to protect you against. This is no different then asking the question, if someone replaced my web browser certificate trust and hijacks my DNS, how do I know he's not acting as man in a middle as my bank's website? Thanks, Nan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Can't use ${path} in file resource as its namevar?
2.7.3
The heck? ${path} is expanding to the shell environment PATH when I
reference it as a variable
in my file resource. Isn't this supposed to be the namevar for file
resources?
err: /Stage[main]/Ldapclient::Config/File[/etc/ldap.conf]: Could not
evaluate: Could not retrieve information from environment production
source(s) puppet:///modules/ldapclient/RedHat/usr/bin:/bin:/usr/sbin:/sbin
at /etc/puppet/modules/ldapclient/manifests/config.pp:9
class ldapclient::config {
case $operatingsystem {
/(RedHat|CentOS|Fedora)/: {
file { [ '/etc/openldap/ldap.conf', '/etc/ldap.conf' ]:
source = ${ldapclient::params::fileroot}${path},
owner = $ldapclient::params::ldapclient_user,
mode = 0444,
require = Class['ldapclient::install'],
}
}
}
}
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/gX1W7gJwYI8J.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] has class been included
Hi,
You could try passing a parameter to your foo class from the node def.
class foo (bar) {
if $bar == 'rar' { }
}
node node1 inherits rar {
class {foo: bar = rar }
}
That work for you?
Den
On 24/08/2011, at 21:48, David W Cennting theapec.onl...@gmail.com wrote:
I am hoping someone can give me a pointer in the right direction
here. I am a bit stuck with this one.
I have this sort of set up in my Puppet 2.6.4 server.
class foo{
#if defined( Class[“ type-server-b”] ) {
#include tuning-module
#}
include apache
include mysql
# more modules
}
node 'server1.fqdn' inherits type-server-a {
include foo
}
node 'server2.fqdn' inherits type-server-b {
include foo
}
What I would like to be able to do would be to do is to see if either
“type-server-a” or “type-server-b” was inherited from my nodes
definition.
I experimented with the “defined” function, but this isn't really
designed for that I am trying to do here. Is there a way of being
able to check if a module has been included in the catalogue
evaluation that puppet is currently running?
The only other way I could think of was to create a variable in “type-
server-a” and “type-server-b” and to check its value in class foo,
this just didn’t seem like an overly elegant way of doing it.
Is there a better way of doing this, assuming its possible at all?
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Requiring types in other classes
Hi,
Underscore instead of dash?
Den
On 24/08/2011, at 22:56, Jonathan Gazeley jonathan.gaze...@bristol.ac.uk
wrote:
On 24/08/11 11:13, Martin Alfke wrote:
On 08/24/2011 11:54 AM, Jonathan Gazeley wrote:
Hi,
Sorry if this is a basic question, but I can't find the answer in the
docs. I know about fully-qualified variables, but how can I reference a
type that is defined in a different class, so I can require/subscribe it?
In this simple example, what's the right syntax for making goodbye.txt
require hello.txt?
class class1 {
file { hello.txt }
}
class class2 {
file { goodbye.txt:
require = File['hello.txt'],
}
}
Thanks,
Jonathan
class class1 {
file { hello:
path = 'hello.txt',
}
}
class class2 {
file { goodbye:
path = 'goodbye.txt',
require = File[class1::hello],
}
}
(untested!)
Hmm, this is what I tried before mailing the list, and I still can't get it
to work.
If it makes any difference, my classes are nested.
mysql::mmm::common
mysql::mmm::agent
class mysql::mmm::agent {
include mysql::mmm::common
package { mysql-mmm-agent:
ensure = installed,
}
file {mmm_agent.conf:
name = /etc/mysql-mmm/mmm_agent.conf,
mode = 640, owner = root, group = root,
content =
template(/etc/puppet/modules/mysql/files/mmm_agent.conf.erb),
require = Package[mysql-mmm-agent],
notify = Service[mysql-mmm-agent],
}
service {mysql-mmm-agent:
require = [ Package['mysql-mmm-agent'],
File['mmm_agent.conf', 'mmm_common.conf'], ],
ensure = running,
enable = true,
hasstatus = true,
hasrestart = true,
subscribe = File[common::mmm_common.conf, 'mmm_agent.conf'],
}
}
class mysql::mmm::common {
package { mysql-mmm:
ensure = installed,
}
file { mmm_common.conf:
name = /etc/mysql-mmm/mmm_common.conf,
mode = 640, owner = root, group = root,
source = puppet:///modules/mysql/mmm_common.conf,
require = Package[mysql-mmm],
}
}
Using this manifest throws this error:
err: Could not run Puppet configuration client: Could not find dependency
File[mysql::mmm::common::mmm-common.conf] for Service[mysql-mmm-agent] at
/etc/puppet/modules/mysql/manifests/init.pp:159
Any ideas?
Thanks,
Jonathan
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Release tarball spec file
Douglas Garstang wrote:
I know this is a crazy request, but I was kind of wondering why it was
so hard for Puppet Labs to maintain the RPM spec file that comes
contained in the release tarball, so that modifications weren't required
to actually get it to build. Crazy huh?
For example, the SPEC file contains this...
Version:2.7.2
Release:0.2.rc1%{?dist}
but the release is 2.7.3. Also 'rc1' is hard coded in several places,
and so forth.
Douglas
Patches are always welcome. If you update it or change it then send a
pull request and it'll be more likely to be up-to-date.
That being said I echo Mike's comments about it being a helper for
people rather than our primary role as the upstream developer. My
preference is we focus on features and fixes rather than packaging
specification that is actually better handled by people downstream of us.
Regards
James Turnbull
--
James Turnbull
Puppet Labs
1-503-734-8571
Join us for PuppetConf http://www.bit.ly/puppetconfsig, September 22nd
and 23rd in Portland, Oregon, USA.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Can't use ${path} in file resource as its namevar?
On Wed, Aug 24, 2011 at 02:23:49PM -0700, jblaine wrote:
2.7.3
The heck? ${path} is expanding to the shell environment PATH when I
reference it as a variable
FWIW: It doesnt reference the environment variable directly. It references the
fact path which in turn is the path environment variable.
Just run »facter path« on the command line and you should get similar
results.
-Stefan
pgpYkB39ESvC4.pgp
Description: PGP signature
[Puppet Users] custom fact
Hi guys I have a custom fact envt, it was working fine but now I have to make some changes in it; puppet client's hostname is of the type 1234qa-abc-de.local where 1234 can be any thing of any length.My custom fact should contain qa, ie I want to check in the first part(before the first -) of the hostname if there exists a pattern/word qa and if it exists then my custom fact for envt should be qa. I am not good with regex/ patterns please help me out guys. Thanks -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] custom fact regex problem
Hi guys
I have a custom fact envt, it was working fine but now I have to make
some changes in it;
puppet client's hostname is of the type 1234qa-abc-de.local where 1234
can be any thing of any length.My custom fact should contain qa, ie I
want to check in the first part(before the first -) of the hostname
if there exists a pattern/word qa and if it exists then my custom
fact
for envt should be qa.
My old envt.rb code is:
require 'facter'
Facter.add(envt) do
setcode do
%x{hostname -s|cut -c 1-2}.chomp
end
end
I am not good with regex/ patterns please help me out guys.
Thanks
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Custom function error Unknown function...
I've written my first attempt at a custom puppet function, and it
passes all the suggested test's from the Puppet documentation, but
when called from a test module it doesn't seem to be found.
Successful tests...
irb(main):001:0 require 'puppet'
= true
irb(main):002:0 require '/etc/puppet/modules/string2hash/
.git/ lib/
irb(main):002:0 require '/etc/puppet/modules/string2hash/lib/puppet/
parser/functions/string2hash.rb'
= true
irb(main):003:0 Puppet::Parser::Functions.function(:string2hash)
= function_string2hash
ruby -rpuppet lib/puppet/parser/functions/string2hash.rb returns no
errors
When I try and test the functions ability to even return a correct
value, I get this,
$ puppet --debug -vvv test.pp
Unknown function string2hash at /etc/puppet/modules/test/test.pp:3
This is test.pp...
---
$hash_string = {\general\:{\dump_dir\:\/backups/misc-sqldumps\,
\databases\:\mysql\,\backup_dir\:\/etc\},\anth\:{\dump_dir
\:\/backups/anth-sqldumps\,\databases\:\ anth_main anth_students
anth_td anth_intranet\,\backup_dir\:\/var/www/anthropology.tamu.edu
\}}
$val = string2hash($hash_string)
notice($val)
This is my function, at /etc/puppet/modules/string2hash/lib/puppet/
parser/functions/string2hash.rb
-
#!/usr/bin/ruby
module Puppet::Parser::Functions
newfunction(:string2hash, :type = :rvalue) do |args|
raise ArgumentError, (string2hash(): wrong number of
arguments (#{args.length}; must be 1)) if args.length != 1
raise ArgumentError, (string2hash(): wrong type of
argument (#{args[0].kind_of}; must be string)) if args[0].kind_of?
String
require 'json'
begin
return JSON.parse(args[0])
rescue Exception = exc
raise TypeError, string2hash(): error
converting string to hash
end
end
end
I use numerous community functions that work without any type of
includes , and can't seem to figure out why mine is 'unknown' when
puppet clearly sees it. I've restarted both the puppet and
puppetmaster daemon repeatedly.
Thanks
- Trey
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Random error in the recovery catalog
Hi, Have you made any changes to your auth.conf? Are you auto signing your certs? How have you configured apache and passenger? Here's what you can do as a test. Remove the apache passenger vhost and run puppet using webrick (puppetmasterd). If your client cant connect then your puppet conf needs checking. If it works, then the problem is in your apache configs. Cheers, Den On 24/08/2011, at 20:27, Antoine Benkemoun antoine.benkem...@gmail.com wrote: I'm not going to be of much help but I also get your first error message from time to time and it goes away without having me do anything. I'm talking about this one : err: /File[/var/lib/puppet/lib]: Could not evaluate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed Could not retrieve file metadata for puppet://PUPPETMASTER.fqdn/plugins: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed I think this may be due to the fact that by default Puppet runs with webrick (please correct me if I'm wrong) or something similar which can only process requests one at a time. Kind of like if this was some sort of disguised timeout. I have not tried to run Puppet with Passenger so I can't confirm this. Antoine On Wed, Aug 24, 2011 at 12:19 PM, ji...@goffaux.fr ji...@goffaux.fr wrote: Does anyone have an idea? Thanks you On 16 août, 10:42, ji...@goffaux.fr ji...@goffaux.fr wrote: Hello, I just set up Puppet / Passenger by following the documentation. For servers already authenticated key I do not encounter problems, but for new I have these errors: -- root@server2:~# puppetd --test --no-daemonize warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session info: Creating a new SSL certificate request for server2.fqdn info: Certificate Request fingerprint (md5): F1:2E:F6:D6:8C:B3:F6:6B:D2:4B:C4:72:1C:E4:24:D9 warning: peer certificate won't be verified in this SSL session err: Could not request certificate: Error 405 on SERVER: !DOCTYPE HTML PUBLIC -//IETF//DTD HTML 2.0//EN htmlhead title405 Method Not Allowed/ title / headbody h1Method Not Allowed/ h1 pThe requested method PUT is not allowed for the URL /production/ certificate_request/server2.fqdn./ p hr addressApache/2.2.9 (Debian) DAV/2 SVN/1.5.1 Phusion_Passenger/3.0.7 mod_ssl/2.2.9 OpenSSL/0.9.8g Server at puppetmaster.fqdn Port 8140/ address /body/ html Exiting; failed to retrieve certificate and waitforcert is disabled root@server2:~# --- Also, I get a new type of error by mail: --- Tue Aug 16 15:52:08 +0200 2011 //server1.fqdn/Puppet (err): Could not retrieve catalog from remote server: Error 414 on SERVER: !DOCTYPE HTML PUBLIC -//IETF//DTD HTML 2.0//EN htmlhead title414 Request-URI Too Large/title /headbody h1Request-URI Too Large/h1 pThe requested URL's length exceeds the capacity limit for this server.br / /p hr addressApache/2.2.9 (Debian) DAV/2 SVN/1.5.1 Phusion_Passenger/3.0.7 mod_ssl/2.2.9 OpenSSL/0.9.8g Server at PUPPETMASTER.fqdn Port 8140/ address /body/html Tue Aug 16 15:52:08 +0200 2011 //server1.fqdn/Puppet (notice): Using cached catalog Tue Aug 16 15:52:08 +0200 2011 //server1.fqdn/Puppet (err): Could not retrieve catalog; skipping run I have set the variable: --- PassengerMaxRequests 1 --- But I doubt that this impact on this error. Again, thank you! Jimmy On 26 juil, 14:33, ji...@goffaux.fr ji...@goffaux.fr wrote: Passenger is already installed, but was not configured to Puppet. I will do the migration and I will return here. Thank you! On 25 juil, 17:21, Peter Meier peter.me...@immerda.ch wrote: I have about 130 customer puppet. I left the default time interval. Are you still running with default webrick on the puppetmaster? (If you didn't change anything, then yes you are). If yes, it's time to scale out and use either a Mongrel or Passenger-based Setup:http://projects.puppetlabs.com/projects/puppet/wiki/Using_Passenger ~pete -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you
Re: [Puppet Users] custom fact regex problem
Hi,
I use something like this.
...
hostnamevar.scan(/^\d+-qa-/)
...
Here is the best tool on the planet for writing and testing regexes:
http://www.rubular.com
Den
On 25/08/2011, at 11:43, newguy aimanparv...@gmail.com wrote:
Hi guys
I have a custom fact envt, it was working fine but now I have to make
some changes in it;
puppet client's hostname is of the type 1234qa-abc-de.local where 1234
can be any thing of any length.My custom fact should contain qa, ie I
want to check in the first part(before the first -) of the hostname
if there exists a pattern/word qa and if it exists then my custom
fact
for envt should be qa.
My old envt.rb code is:
require 'facter'
Facter.add(envt) do
setcode do
%x{hostname -s|cut -c 1-2}.chomp
end
end
I am not good with regex/ patterns please help me out guys.
Thanks
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: custom fact regex problem
Hey thanks for this but where should I include this in envt.rb code.
The following doesnt work, I know that this might be a silly question
but am stuck plz help me
require 'facter'
Facter.add(envt) do
setcode do
{%hostnamevar.scan(/^\d+-qa-/)}.chomp
end
end
On Aug 24, 8:13 pm, Denmat tu2bg...@gmail.com wrote:
Hi,
I use something like this.
...
hostnamevar.scan(/^\d+-qa-/)
...
Here is the best tool on the planet for writing and testing regexes:
http://www.rubular.com
Den
On 25/08/2011, at 11:43, newguy aimanparv...@gmail.com wrote:
Hi guys
I have a custom fact envt, it was working fine but now I have to make
some changes in it;
puppet client's hostname is of the type 1234qa-abc-de.local where 1234
can be any thing of any length.My custom fact should contain qa, ie I
want to check in the first part(before the first -) of the hostname
if there exists a pattern/word qa and if it exists then my custom
fact
for envt should be qa.
My old envt.rb code is:
require 'facter'
Facter.add(envt) do
setcode do
%x{hostname -s|cut -c 1-2}.chomp
end
end
I am not good with regex/ patterns please help me out guys.
Thanks
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group
athttp://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
