Re: [Puppet Users] Unable to Install puppet Master
Apologies for the late reply. 1. I installed pe-tanukiwrapper-3.5.9-5.pe.el5.x86_64 separately with no deps. I moved this rpm out of packages as well rpm -U pe-tanukiwrapper-3.5.9-5.pe.el5.x86_64 --nodeps 2. After then I ran the puppet installer. Since I already have the mysql in my server, I didn't select mysql installation. But im getting following error. * ## Setting up the console...* *!!! The bundled mysql.rb driver has been removed from Rails 2.2. Please install the mysql gem and try again: gem install mysql.* *rake aborted!* *libmysqlclient.so.15: cannot open shared object file: No such file or directory - /opt/puppet/lib/ruby/site_ruby/1.8/x86_64-linux/mysql.so* ** Kindly help as I'm new to puppet. Thanks, Jeeva On Thursday, 31 May 2012 20:40:28 UTC+8, Trevor Vaughan wrote: What does rpm -qa | grep java give you? If you installed Java from a tar source, then it wouldn't update your RPM database and actually meet the RPM requirements. Your alternatives are to download a version of Java in RPM form that meets your requirements, roll your own stub RPM, or use --nodeps (if using 'rpm' not 'yum'). Trevor On Thu, May 31, 2012 at 3:25 AM, Jeeva kissan...@gmail.com wrote: Hi, I was trying to instal puppet-enterprise-2.5.1-el-5-x86_64 in RHEL- 5.3 machine. But got below error. ## Installing packages from files... error: Failed dependencies: java = 1.5.0 is needed by pe- tanukiwrapper-3.5.9-5.pe.el5.x86_64 === = !! ERROR: Could not install packages from files; see messages above for cause. ### BUT, 1. Then I checked my java version which is what is required. java -version java version 1.6.0_29 Java(TM) SE Runtime Environment (build 1.6.0_29-b11) Java HotSpot(TM) 64-Bit Server VM (build 20.4-b02, mixed mode) 2. I'm trying to install puppet master, console and puppet agent in same machine as i want to test it before I move it to prod. Kindly help.. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Trevor Vaughan Vice President, Onyx Point, Inc (410) 541-6699 tvaug...@onyxpoint.com -- This account not approved for unencrypted proprietary information -- -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/2hhjDzTM_TIJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: SSL_connect?? Because of master is not running?
On Friday, June 29, 2012 11:30:06 PM UTC-5, tas wrote: My master is running 12.04 Version: 2.7.11-1ubuntu2 Depends: ruby1.8, puppetmaster-common (= 2.7.11-1ubuntu2) My client is 10.04 Version: 2.6.3-0ubuntu1~lucid1 Depends: puppet-common (= 2.6.3-0ubuntu1~lucid1), ruby1.8 I followed this tutorial to install Puppet on the client: http://shapeshed.com/setting-up-puppet-on-ubuntu-10-04/ (I didn't need that tar ball because the best practice structure is already built into the puppet release) I also followed this tutorial to connect Puppetmaster and Puppet: http://shapeshed.com/connecting-clients-to-a-puppet-master/ http://shapeshed.com/connecting-clients-to-a-puppet-master/ The first time I tried to connect master to client failed with SSL_connect error. So I did rm -rf /etc/puppet/ssl/ to remove all the keys inside ssl folders. Both on the master and on the agent? And did you restart the master afterwards, before attempting to connect to it with the client? It worked.. client# puppet agent --server puppet --waitforce 60 --test /usr/lib/ruby/1.8/facter/util/resolution.rb:46: warning: Insecure world writable dir /etc/condor in PATH, mode 040777 /usr/lib/ruby/1.8/puppet/defaults.rb:67: warning: Insecure world writable dir /etc/condor in PATH, mode 040777 info: Creating a new SSL key for giab10 warning: peer certificate won't be verified in this SSL session info: Caching certificate for ca warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session info: Creating a new SSL certificate request for giab10 info: Certificate Request fingerprint (md5): XX warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session info: Caching certificate for giab10 err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed warning: Not using cache on failed catalog It cached but then it couldn't retrieve it. Does anything useful appear in the master's logs? I don't want to proceed anything so I don't have to do things over again. But on master... service puppetmaster status * master is not running Well is it running or not? Do you see it in the process table? WoW ??? master# service puppetmaster start * Starting puppet master[OK] master# service puppetmaster status * master is not running I'd get this one sorted out first. Again, is the master actually running or not? John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/_vzvZkz6CzIJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Nvidia driver install - condition for install
On Friday, June 29, 2012 1:29:57 PM UTC-5, Mike Reed wrote: Hello all, I'd like to use puppet to install an Nvidia driver on a local workstation. I've written the following manifest for this puprpose: [...] It appears to me that the above error is occurring because the nvidia_driver class is running on each subsequent run and since the driver is already installed, I'm getting an exit status of 1 instead of 0, which to my knowledge would be expected. *Every* assigned class runs every Puppet run. That's Puppet's nature. Running does not necessarily imply making any changes (which for Exec's means running the specified command), but all resources assigned to the node will at least check whether they are already in the correct state. For Execs, that nature of those checks is governed by the 'unless', 'onlyif'', and 'creates' parameters. I suggest you look for a pre-built driver package (RPM, DEB, etc.) for your systems. For the RHEL family of Linuxes, for instance, you can find such packages in the elrepo and atrpms repositories. Add the appropriate repository to your system (perhaps via a Yumrepo resource), and manage the driver via a Package resource. If there is no pre-built package for your particular systems then consider creating one and putting it in your own local repository. Managing packages is better in every way than managing installers. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/78yIaFtcBBIJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: puppet-hiera used with Parameterised class
On Sunday, July 1, 2012 2:04:36 AM UTC-5, Peter wrote: Hi Puppet Users, For some bizzare reason I am unable to use hiera-puppet with a parameterised class. The output is: root@hiera hieratest/manifests# puppet apply -e include hieratest Error: undefined method `catalog' for #Hash:0xb6c53d00 at line 1 on node hiera.localdomain Wrapped exception: undefined method `catalog' for #Hash:0xb6c53d00 Error: undefined method `catalog' for #Hash:0xb6c53d00 at line 1 on node hiera.localdomain These are the versions that I am using (taken from the Puppetlabs Debian/Devel): hiera (1.0.0-0.1rc3) hiera-puppet (1.0.0-0.1rc1-1-g3e68ff0) puppet-common (3.0.0-0.1rc3puppetlabs1) puppet (3.0.0-0.1rc3puppetlabs1) Puppet 3 has hiera built in. The above may be the correct stack, but you should verify -- it may be that one or both of the hiera pieces are for Puppet 2, not Puppet 3. Relevant Files: *init.pp file* root@hiera hieratest/manifests# cat init.pp class hieratest ( $bar = hiera(foo), $zoo = hiera(service_default_loc) ) { notice (Working ...) notice (Bar == ${bar}) notice (Module_user == ${zoo}) } Although it's not clear that that is wrong, it's definitely a strange way of doing things in Puppet 3. Part of Puppet 3's integration with Hiera is to automatically look up class parameters by name, via hiera, when you declare classes using the 'include' function (or, I presume, the 'require' function). And you should embrace that usage, because it overcomes some serious limitations attending parametrized in Puppet 2. What you're doing duplicates that, sort of. I'm not sure whether that's the problem, but I suggest you start by arranging your data and/or your parameter names to be consistent with Puppet 3's expectations for automatic parameter lookup. Then remove the (mostly-)redundant default values from your class parameter definitions. That should be a better setup anyway, and if the problem persists at that point then at least you will have a simpler system to debug. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/mO9m8zSlAoYJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Trouble using the dns_alt_names config option
Hello: I'm trying to put a puppet master on an EC2 instance, and have it be accessible to agentes using either its EC2 DNS name (e.g., ec2-xxx-xxx-xxx-xxx.compute-1.amazonaws.com) or a friendlier alias (e.g., puppet.example.com). My /etc/puppet/puppet.conf looks like: [master] certname=ec2-xxx-xxx-xxx-xxx.compute-1.amazonaws.com dns_alt_names=ec2-xxx-xxx-xxx-xxx.compute-1.amazonaws.com,puppet.example.com,puppet When I try to connect to puppet.example.com, I get the following error: Jun 29 20:57:58 precise32 puppet-agent[1178]: Could not send report: Server hostname 'puppet.example.com' did not match server certificate; expected one of ec2-xxx-xxx-xxx-xxx.compute-1.amazonaws.com, DNS:ec2-xxx-xxx-xxx-xxx.compute-1.amazonaws.com, DNS:puppet, DNS:puppet.example.com What are the possible sources for this error? It looks like it expects puppet.example.com as a valid name, but 'puppet.example.com' isn't matching against DNS:puppet.example.com (?) I'm running Puppet 2.7.11 on ubuntu precise (12.04). Also, is there any way for an agent to trust the puppet master using only a certificate instead of relying on DNS? Lorin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/YiT7sxtrMiIJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Custom provider/types and adding to puppet forge
On 06/30/2012 07:30 AM, Luke Baker wrote: I've created a couple of custom providers and types, both of which rely on a particular ruby gem in order to function. How should I go about ensuring the gem dependency on the puppet clients before puppet syncs the plugins (the broken 'require' in the provider will cause puppet to exit during a run)? Tough problem. AFAIK, ordinarily puppet does the pluginsync before anything else, always, so as to make your providers available before the catalog is run. Therefor, your dependencies cannot easily be solved from within the catalog. Look at how native providers deal with this. E.g., there are user providers for various platforms that will just note that they cannot run in the given environment, without making a fuss about it. What I get among others: debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dscl does not exist Of course, I'm not really sure what puppet does with your catalog if there are no working providers for some of the types you use, but I'd expect it to fail the respective resources only, not the whole run. HTH, Felix -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] groups dependencies at user creation
Dears all, I'm trying to create new users members of some groups so it's need to ensure they exist before user creation. I have something like : define updssh::add_user ( $email , $groups ) { $username = $title user { $username: comment = $email, home= /home/$username, shell = /bin/bash, password = !!, groups = $groups } -- How to ensure groups dependencies at user creation ?. I appreciate any help, eduardo. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Problem during setting password for user, using puppet provisioner of Vagrant
Hi, I am trying to set the password for a user that I have created using the puppet provisioner of Vagrant for a Linux version 2.6.32-71.el6.x86_64 Red Hat 4.4.4-13 box. I have tried both approaches: Approach1 user { test: ensure = present, shell= /bin/bash, password = encrypted_password_generated_by_passwd_command, managehome = true, } Approach2 exec { create-test-password: onlyif = /bin/egrep '^test:' /etc/passwd, command = '/usr/sbin/usermod -p $6$BlODgWJe$eQ.xkRSzkXpMudl831q78I8lh4hHLVGVKds.6hpcPe348uoqWXmlf6PC1s4TfmPhYrPHo6dbdbmNkz2UxewfS1 test', require = User[test], } The first approach fills in the /etc/shadow file with an entry !! concerning the hashed password of the specific user, The second approach fills in a part of the above hashed password the /etc/shadow file entry., ie. for the above example: test:.xkRSzkXpMudl831q78I8lh4hHLVGVKds.6hpcPe348uoqWXmlf6PC1s4TfmPhYrPHo6dbdbmNkz2UxewfS1:15523:0:9:7::: Is there something I am missing? Is there any other approach that I should use? My puppet version is 2.7.1 ( and my Vagrant version is 1.0.3 although I dont know if this relates with my problem) . Thanks in advance. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/tYRgMXG0SxQJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] hiera questions
On Thu, Jun 28, 2012 at 08:04:09PM +0100, R.I.Pienaar wrote: I would make facts on the nodes for these. Let say $role and $subrole and then just use those in your hierarchy with %{role} and %{subrole} thus allowing you to set variable for all those machines there. Howdy: I was wondering what is the best way to manage custom facts for a disparate group of servers that need to report different fact values for the same fact name? I am about to embark on hiera-based puppet architecture and want to archetect it only once. I have some doubts about the recommended ways of rolling out facter as it can get messy burying facter server host configuration logic in disparate modules. Let's say you want to create only one custom fact script to manage all your facts based on data center location and functional server host grouping. You decide you can manage all your custom facts from one ruby/facter script if you create a ruby function using a hash with your facter matching hostnames loaded in the hash as the key and you can lookup location and function. Now you have to choose which module to roll it from, but it's arbitrary. Would one hash in a single custom facter script be enough configuration for the all the hosts? I argue it would as you can add rows and columns to the hash, so it should be able to support all your facter needs. Either using custom facts or loading in all your hosts into a hiera hash, you still have to know your hostnames. However, why bury your custom facter script in a module with all the configuration in there too? The current architecture and directed use of facter alongside puppet/hiera seems to go against the nature of moving your configuration out of manifests as the direction of puppet/hiera is headed now. I was thinking of creating a hiera hash or two (I am using YAML so far. I could use as many hashes as required but one should be enough probably, plus any arrays), including the information/configuration, grouping servers by location and function, minimally. In my puppet modules I can use hiera to call up my hash and create ruby/puppet functions to do the server host location and functional logic based on the default facter facts of hostname and operatingsystem reported by the server host themselves. All the configuration remains in hiera and the module manifests remain puppet business logic. Comments? Regards, -dkw -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Puppet Online Linter
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi all I just launched the Puppet Online Linter (http://www.puppetlinter.com/). It automates Puppet linting online (using Tim Share's awesome puppet-lint - http://puppet-lint.com/ ) and has two modes of operation: * Upload one or more manifest files and submit them for linting. The error output will be returned on screen. * Send a manifest via the API (http://www.puppetlinter.com/api) Two disclaimers: * This is not a Puppet Labs run project (hence my non-work email). Please report all errors to me rather than Redmine. And importantly about privacy: your Puppet code is only stored on the linter whilst it is being processed. After processing all data is deleted. Hope it's useful to you and feature requests welcomed! Cheers James - -- Author of: * Pro Puppet (http://tinyurl.com/ppuppet) * Pro Linux System Administration (http://tinyurl.com/linuxadmin) * Pro Nagios 2.0 (http://tinyurl.com/pronagios) * Hardening Linux (http://tinyurl.com/hardeninglinux) -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJP8cMaAAoJECFa/lDkFHAyvpAH/AjqzYbuW3hNk+/BiEPfpPfx bZmLixUi/7nYideAA8u+1L8V3QFiaJj2irvhHtiAhDPzCk4bGl78h8pD3lBJOQPw uYcDl8NB9QVb86U0/jDsxLeSlJnRfakAEq0C+1C++qfOHNWlSXUJJLX9Afs7+Km7 5T6K1ZUoWrb1z0z7sLImoCIwHA++gvmoLHmEjLEWekU1qzKYTEFe6bT4XqIgcvLw TCaDraZXg2gHYwrOeAoHPW88P9Gjxa8RgCm9H3YjZNNH8/OAC975gV6golmYDJ2k ZpvmV+5gml1qxA6zYOFJnla1Ts9YmsUAYJBqG87orSXXltK65WXsu9T5q2bqDJY= =rgEh -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet-Rundeck Integration
Carlbob wrote: Hello- I'm running puppet enterprise 2.5.1 and just installed the puppet- rundeck gem. When I try and start puppet-rundeck, I receive the message below: You need to have Puppet 0.25.5 or later installed /usr/lib64/ruby/gems/1.8/gems/puppet-rundeck-0.0.7/lib/puppet- rundeck.rb:34:in `configure': uninitialized constant Class::Puppet (NameError) from ./puppet-rundeck:62 I did pass in the correct path to my puppet.conf file using the -- config parameter. Not sure what's wrong. Does this gem work with Puppet Enterprise? I wrote the gem (prior to PE being released) and I suspect it doesn't work with PE at all. If you could log an issue then I'll see about doing some testing (https://github.com/jamtur01/puppet-rundeck) Thanks! James -- James Turnbull Puppet Labs 1-503-734-8571 To schedule a meeting with me: http://tungle.me/jamtur01 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] yum.puppetlabs.com for fedora 17
I notice fedora 17 isn't in there yet.Any time frame for this release being packaged up? Glad to help out rebuilding srpms -- Matthew Nicholson -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: hostname not match error
okay. it looks like by uncommenting server = puppet from the auto conf file, it stops complaining about hostname not match. However, new error comes up: /etc/puppet/ssl/certs# puppet agent --server puppet --waitforce 30 --test sh: getcwd() failed: No such file or directory sh: getcwd() failed: No such file or directory /usr/lib/ruby/1.8/facter/util/resolution.rb:46: warning: Insecure world writable dir /etc/condor in PATH, mode 040777 /usr/lib/ruby/1.8/puppet/defaults.rb:67: warning: Insecure world writable dir /etc/condor in PATH, mode 040777 sh: getcwd() failed: No such file or directory sh: getcwd() failed: No such file or directory sh: getcwd() failed: No such file or directory sh: getcwd() failed: No such file or directory sh: getcwd() failed: No such file or directory sh: getcwd() failed: No such file or directory sh: getcwd() failed: No such file or directory info: Creating a new SSL key for box warning: peer certificate won't be verified in this SSL session info: Caching certificate for ca warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session info: Creating a new SSL certificate request for box info: Certificate Request fingerprint (md5): warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session info: Caching certificate for box sh: getcwd() failed: No such file or directory sh: getcwd() failed: No such file or directory err: Could not run Puppet configuration client: Could not retrieve local facts: No such file or directory - getcwd That;s because I commented out factdest = /var/lib/puppet/facts/ But if I uncomment, I can't start puppetmaster again tc/init.d/puppetmaster start * Starting puppet master Could not prepare for execution: Got 1 failure(s) while initializing: change from directory to file failed: Could not set 'file on ensure: Is a directory - /var/lib/puppet/facts [fails] On Monday, July 2, 2012 12:40:16 PM UTC-4, dns wrote: Please help me. I've been dealing with this for a week. I have two clean installs agent and master on ubuntu/ apt-get install puppetmaster apt-get install puppet I signed my agent. My wait was 30 seconds, and 30 seconds later it tries to connecct, but instead it said hostname not match. On my agent: /etc/puppet/ssl/certs# ls ca.pem box.pem On my master: /etc/puppet/ssl/certs# ls ca.pem master.pem I know I can compare certifactes with openssl x509 -text -in /etc/puppet/ssl/certs/name, but I have no idea what to compare. Please help me. I've googled many helps already... I autogenerated puppet.conf on master machine: /usr/sbin/puppetmasterd --genconfig /etc/puppet/puppet.conf I think it's missing the certname part. Minimally, what should be present? Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/xfhzUfM7ThQJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] groups dependencies at user creation
In regard to: [Puppet Users] groups dependencies at user creation, eduardo...: I'm trying to create new users members of some groups so it's need to ensure they exist before user creation. I have something like : define updssh::add_user ( $email , $groups ) { $username = $title user { $username: comment = $email, home= /home/$username, shell = /bin/bash, password = !!, groups = $groups } -- How to ensure groups dependencies at user creation ?. If you were just talking about the user's default group, then it would be one of the few cases where puppet establishes an ordering relation for you automatically. In other words: user { 'foo': gid = 'bar', } automatically ensures that group 'bar' is present before user 'foo'. I don't know if that same thing is true for supplemental groups, but if it's not, I would first try using the - notation to establish ordering, like this Group[$groups] - User[$username] Does that work for you? Tim -- Tim Mooney tim.moo...@ndsu.edu Enterprise Computing Infrastructure 701-231-1076 (Voice) Room 242-J6, IACC Building 701-231-8541 (Fax) North Dakota State University, Fargo, ND 58105-5164 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Scheduled_task + ad user
Hi, On Sat, Jun 30, 2012 at 4:30 PM, fpommier fpommie...@gmail.com wrote: Hi, When a want to use scheduled_task for create a windows task and when i give a AD user, i have this message : err: /Stage[main]/Mirnas/Scheduled_task[test]/ensure: change from absent to present failed: Invalid user: DOMAIN\oper My user domain and the password are correct. I have the same error if i change DOMAIN\oper by oper@domain.comor DOMAIN/oper With a local user, is working, but i need a AD user for my batch to work. Is it a bug , a limitation or i miss something ? Thank for any help scheduled_task { 'test': ensure= present, enabled = true, command = 'C:\test\test.bat', working_dir= 'C:\test', user = 'DOMAIN\oper', password = 'x', trigger = { schedule = daily, start_date = '2012-06-26', # Defaults to 'today' start_time = '09:05', # Must be specified } } -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/P1hXwgGE2CoJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. It is definitely a bug. I've filed this as http://projects.puppetlabs.com/issues/15326. You can probably just remove the `LocalAccount = True` condition from the WMI queries in `Puppet::Util::ADSI#sid_for_account` at lines 56-58. Josh -- Josh Cooper Developer, Puppet Labs -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] puppetmasterd continuously consuming high CPU, with many interrupts
So, I have a server at home that has four VMs running inside it. All are managed via puppet. The physical host runs puppetmasterd. I don't recall noticing this before, but puppetmasterd has decided to be kind of crazy. Here's the physical host with no puppetmasterd running: top - 11:36:15 up 271 days, 15:16, 1 user, load average: 5.68, 5.50, 6.45 Tasks: 129 total, 1 running, 128 sleeping, 0 stopped, 0 zombie Cpu(s): 3.6%us, 1.8%sy, 0.0%ni, 80.4%id, 14.3%wa, 0.0%hi, 0.0%si, 0.0%st Mem: 8128776k total, 6991020k used, 1137756k free, 408756k buffers Swap: 8388604k total, 552356k used, 7836248k free, 185220k cached PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 10296 qemu 20 0 2366m 1.5g 8884 S 6.2 19.6 6:37.65 qemu-kvm 17334 qemu 20 0 2788m 1.7g 544 S 2.7 22.3 4576:25 qemu-kvm 9904 qemu 20 0 2358m 581m 8820 S 0.9 7.3 3:55.78 qemu-kvm 1 root 20 0 46880 8076 1372 S 0.0 0.1 0:27.00 systemd 2 root 20 0 000 S 0.0 0.0 0:10.48 kthreadd 3 root 20 0 000 S 0.0 0.0 322:04.84 ksoftirqd/0 6 root RT 0 000 S 0.0 0.0 0:00.00 migration/0 7 root RT 0 000 S 0.0 0.0 0:11.57 watchdog/0 8 root RT 0 000 S 0.0 0.0 0:00.00 migration/1 10 root 20 0 000 S 0.0 0.0 551:03.31 ksoftirqd/1 And here it is with puppetmasterd running: top - 11:25:07 up 271 days, 15:05, 1 user, load average: 12.59, 8.68, 7.05 Tasks: 131 total, 3 running, 128 sleeping, 0 stopped, 0 zombie Cpu(s): 15.2%us, 36.4%sy, 0.0%ni, 6.6%id, 39.7%wa, 0.0%hi, 2.0%si, 0.0%st Mem: 8128776k total, 6830276k used, 1298500k free, 381356k buffers Swap: 8388604k total, 555328k used, 7833276k free, 180096k cached PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 10660 puppet20 0 214m 107m 4040 S 61.9 1.3 8:46.81 puppetmasterd 3 root 20 0 000 S 21.4 0.0 320:38.54 ksoftirqd/0 10 root 20 0 000 R 20.2 0.0 549:30.88 ksoftirqd/1 10296 qemu 20 0 2470m 1.4g S 13.1 18.1 4:23.70 qemu-kvm 17334 qemu 20 0 2788m 1.7g 540 S 8.3 22.0 4574:54 qemu-kvm 9904 qemu 20 0 2422m 572m 8820 S 3.6 7.2 3:07.15 qemu-kvm 24980 qemu 20 0 1824m 1.4g 612 S 3.6 18.3 15046:11 qemu-kvm 12209 rlpowell 20 0 15256 1228 908 R 1.2 0.0 0:00.04 top 1 root 20 0 46880 7992 1356 S 0.0 0.1 0:26.97 systemd 2 root 20 0 000 S 0.0 0.0 0:10.48 kthreadd The high CPU use by puppetmasterd is bad enough, but what makes me be all like wait, what? is the ksoftirqd usage. Puppet master version is 2.16. This is *without* a client running; there's no traffic on 8140 according to tcpdump, and there's nothing happening in the log. http://users.digitalkingdom.org/~rlpowell/media/public/puppetmasterd_strace.txt has strace output; it's pretty boring, but there are a few select and rt_sigprocmask calls near the bottom. I'm totally stumped here. Any ideas? -Robin -- http://singinst.org/ : Our last, best hope for a fantastic future. .i ko na cpedu lo nu stidi vau loi jbopre .i danfu lu na go'i li'u .e lu go'i li'u .i ji'a go'i lu na'e go'i li'u .e lu go'i na'i li'u .e lu no'e go'i li'u .e lu to'e go'i li'u .e lu lo mamta be do cu sofybakni li'u -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] puppetmasterd continuously consuming high CPU, with many interrupts
It might be totally unrelated but check for ksoftirqd and see if it's running with high CPU. The leap second the other day caused all my puppetmasters to spike up to 100% CPU and other people had similar problems. I notice your server has 271 days uptime so it might not be the cause but it's worth trying to either set the date with date -s or reboot the machine to see if it clears it up. On Mon, Jul 2, 2012 at 2:42 PM, Robin Lee Powell rlpow...@digitalkingdom.org wrote: So, I have a server at home that has four VMs running inside it. All are managed via puppet. The physical host runs puppetmasterd. I don't recall noticing this before, but puppetmasterd has decided to be kind of crazy. Here's the physical host with no puppetmasterd running: top - 11:36:15 up 271 days, 15:16, 1 user, load average: 5.68, 5.50, 6.45 Tasks: 129 total, 1 running, 128 sleeping, 0 stopped, 0 zombie Cpu(s): 3.6%us, 1.8%sy, 0.0%ni, 80.4%id, 14.3%wa, 0.0%hi, 0.0%si, 0.0%st Mem: 8128776k total, 6991020k used, 1137756k free, 408756k buffers Swap: 8388604k total, 552356k used, 7836248k free, 185220k cached PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 10296 qemu 20 0 2366m 1.5g 8884 S 6.2 19.6 6:37.65 qemu-kvm 17334 qemu 20 0 2788m 1.7g 544 S 2.7 22.3 4576:25 qemu-kvm 9904 qemu 20 0 2358m 581m 8820 S 0.9 7.3 3:55.78 qemu-kvm 1 root 20 0 46880 8076 1372 S 0.0 0.1 0:27.00 systemd 2 root 20 0 000 S 0.0 0.0 0:10.48 kthreadd 3 root 20 0 000 S 0.0 0.0 322:04.84 ksoftirqd/0 6 root RT 0 000 S 0.0 0.0 0:00.00 migration/0 7 root RT 0 000 S 0.0 0.0 0:11.57 watchdog/0 8 root RT 0 000 S 0.0 0.0 0:00.00 migration/1 10 root 20 0 000 S 0.0 0.0 551:03.31 ksoftirqd/1 And here it is with puppetmasterd running: top - 11:25:07 up 271 days, 15:05, 1 user, load average: 12.59, 8.68, 7.05 Tasks: 131 total, 3 running, 128 sleeping, 0 stopped, 0 zombie Cpu(s): 15.2%us, 36.4%sy, 0.0%ni, 6.6%id, 39.7%wa, 0.0%hi, 2.0%si, 0.0%st Mem: 8128776k total, 6830276k used, 1298500k free, 381356k buffers Swap: 8388604k total, 555328k used, 7833276k free, 180096k cached PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 10660 puppet20 0 214m 107m 4040 S 61.9 1.3 8:46.81 puppetmasterd 3 root 20 0 000 S 21.4 0.0 320:38.54 ksoftirqd/0 10 root 20 0 000 R 20.2 0.0 549:30.88 ksoftirqd/1 10296 qemu 20 0 2470m 1.4g S 13.1 18.1 4:23.70 qemu-kvm 17334 qemu 20 0 2788m 1.7g 540 S 8.3 22.0 4574:54 qemu-kvm 9904 qemu 20 0 2422m 572m 8820 S 3.6 7.2 3:07.15 qemu-kvm 24980 qemu 20 0 1824m 1.4g 612 S 3.6 18.3 15046:11 qemu-kvm 12209 rlpowell 20 0 15256 1228 908 R 1.2 0.0 0:00.04 top 1 root 20 0 46880 7992 1356 S 0.0 0.1 0:26.97 systemd 2 root 20 0 000 S 0.0 0.0 0:10.48 kthreadd The high CPU use by puppetmasterd is bad enough, but what makes me be all like wait, what? is the ksoftirqd usage. Puppet master version is 2.16. This is *without* a client running; there's no traffic on 8140 according to tcpdump, and there's nothing happening in the log. http://users.digitalkingdom.org/~rlpowell/media/public/puppetmasterd_strace.txt has strace output; it's pretty boring, but there are a few select and rt_sigprocmask calls near the bottom. I'm totally stumped here. Any ideas? -Robin -- http://singinst.org/ : Our last, best hope for a fantastic future. .i ko na cpedu lo nu stidi vau loi jbopre .i danfu lu na go'i li'u .e lu go'i li'u .i ji'a go'i lu na'e go'i li'u .e lu go'i na'i li'u .e lu no'e go'i li'u .e lu to'e go'i li'u .e lu lo mamta be do cu sofybakni li'u -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] puppetmasterd continuously consuming high CPU, with many interrupts
On Mon, Jul 2, 2012 at 3:01 PM, Ashley Penney apen...@gmail.com wrote: It might be totally unrelated but check for ksoftirqd and see if it's running with high CPU. The leap second the other day caused all my puppetmasters to spike up to 100% CPU and other people had similar problems. Glad somebody besides me noticed that. My Nagios alerts went bezerk during leap second including CPU alterts for puppet master. Peter L. Berghold salty.cowd...@gmail.com http://blog.berghold.net “Know where to find the information and how to use it - That's the secret of success - Albert Einsteinhttp://www.quotesdaddy.com/quote/1184641/albert-einstein/know-where-to-find-the-information-and-how-to-use ” Get this email app! http://www.wisestamp.com/apps/quotes?utm_source=extensionutm_medium=emailutm_term=quotesutm_campaign=apps Want a signature like mine? http://r1.wisestamp.com/r/landing?promo=16dest=http%3A%2F%2Fwww.wisestamp.com%2Femail-install%3Futm_source%3Dextension%26utm_medium%3Demail%26utm_campaign%3Dpromo_16 Click here.http://r1.wisestamp.com/r/landing?promo=16dest=http%3A%2F%2Fwww.wisestamp.com%2Femail-install%3Futm_source%3Dextension%26utm_medium%3Demail%26utm_campaign%3Dpromo_16 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: puppetmasterd continuously consuming high CPU, with many interrupts
On Monday, July 2, 2012 1:42:37 PM UTC-5, Robin Powell wrote: So, I have a server at home that has four VMs running inside it. All are managed via puppet. The physical host runs puppetmasterd. I don't recall noticing this before, but puppetmasterd has decided to be kind of crazy. Here's the physical host with no puppetmasterd running: If this started this weekend, it may be related to the leapsecond that was applied on June 30 at midnight UTC. A restart should clear it up, or you can try the items listed here: http://serverfault.com/q/403732/121905 Lee -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/g9Xdb5QlBTcJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] yum.puppetlabs.com for fedora 17
I would guess part of the issue is related to testing against ruby 1.9.x, which Fedora now ships with, but someone from Puppetlabs should confirm. -Brian On Mon, Jul 2, 2012 at 12:29 PM, Matthew Nicholson matthew.a.nichol...@gmail.com wrote: I notice fedora 17 isn't in there yet.Any time frame for this release being packaged up? Glad to help out rebuilding srpms -- Matthew Nicholson -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: puppetmasterd continuously consuming high CPU, with many interrupts
On Mon, Jul 02, 2012 at 12:06:19PM -0700, llow...@oreillyauto.com wrote: On Monday, July 2, 2012 1:42:37 PM UTC-5, Robin Powell wrote: So, I have a server at home that has four VMs running inside it. All are managed via puppet. The physical host runs puppetmasterd. I don't recall noticing this before, but puppetmasterd has decided to be kind of crazy. Here's the physical host with no puppetmasterd running: If this started this weekend, it may be related to the leapsecond that was applied on June 30 at midnight UTC. A restart should clear it up, or you can try the items listed here: http://serverfault.com/q/403732/121905 Turns out yes, it's the leap second, but boy was the fix I found easier than that: http://artipc10.vub.ac.be/wordpress/2012/07/01/leap-second-causing-ksoftirqd-and-java-to-use-lots-of-cpu-time/ $ sudo date -s `date` Cleared it rigt up. -Robin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: puppetmasterd continuously consuming high CPU, with many interrupts
Turns out yes, it's the leap second, but boy was the fix I found easier than that: http://artipc10.vub.ac.be/wordpress/2012/07/01/leap-second-causing-ksoftirqd-and-java-to-use-lots-of-cpu-time/ $ sudo date -s `date` Cleared it rigt up. Huh. What a weird fix :-). ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Problem during setting password for user, using puppet provisioner of Vagrant
On Mon, Jul 2, 2012 at 11:10 AM, nikosd23 nikos...@gmail.com wrote: Hi, I am trying to set the password for a user that I have created using the puppet provisioner of Vagrant for a Linux version 2.6.32-71.el6.x86_64 Red Hat 4.4.4-13 box. I have tried both approaches: Approach1 user { test: ensure = present, shell = /bin/bash, password = encrypted_password_generated_by_passwd_command, managehome = true, } This is the approach I would take, but you need libshadow-ruby installed for it to work. Approach2 exec { create-test-password: onlyif = /bin/egrep '^test:' /etc/passwd, command = '/usr/sbin/usermod -p $6$BlODgWJe$eQ.xkRSzkXpMudl831q78I8lh4hHLVGVKds.6hpcPe348uoqWXmlf6PC1s4TfmPhYrPHo6dbdbmNkz2UxewfS1 test', require = User[test], } The first approach fills in the /etc/shadow file with an entry !! concerning the hashed password of the specific user, The second approach fills in a part of the above hashed password the /etc/shadow file entry., ie. for the above example: test:.xkRSzkXpMudl831q78I8lh4hHLVGVKds.6hpcPe348uoqWXmlf6PC1s4TfmPhYrPHo6dbdbmNkz2UxewfS1:15523:0:9:7::: Is there something I am missing? Is there any other approach that I should use? My puppet version is 2.7.1 ( and my Vagrant version is 1.0.3 although I dont know if this relates with my problem) . Thanks in advance. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/tYRgMXG0SxQJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] hiera questions
On 02. juli 2012 17:26, Darryl Wisneski wrote: modules I can use hiera to call up my hash and create ruby/puppet functions to do the server host location and functional logic based on the default facter facts of hostname and operatingsystem reported by the server host themselves. All the configuration remains in hiera and the module manifests remain puppet business logic. Comments? Off list as I'm too lazy to write in length and explain it all ;-) Do you care that the node (i.e root on the server) is able to say anything at all about its role and location? If you place a fact on the system that says what it is it could lie. What I'm getting at is security. I've designed my own hiera setup so that I don't use ANY host-derived facts, at all. The only thing I can be (relatively) sure of on the puppetmaster is that clientcert is what it says it is. In a multi-tenant scenario (or easier even, in a scenario where all your servers have a common root password) where would you place your source of truth? Don't know if you see this or care but still fired this off. best, Jan Ivar Beddari Linux/Mac architect University of Bergen, Norway -- http://www.uib.no/personer/Jan.Ivar.Beddari -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] hiera questions
On 02. juli 2012 17:26, Darryl Wisneski wrote: Regards, -dkw Ouch, sorry Darryl, I hit the wrong button and posted what I thought of as a private very quick reply to you .. right on the list. Now at least everyone sees my honest-to-god thoughts on the matter. And the scope of the message becomes a bit more broad. Might even be worth starting a new thread. To the OP, sorry for being such a thread crasher. As to your question I think the answers you got are OK but hopefully you understand what caveats there might be security-wise. best, Jan Ivar -- http://www.uib.no/personer/Jan.Ivar.Beddari -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Hiera ordered hashes
During DevOpsDays it was brought up that there may be a patch for ordered hashes with Hiera. Without this patch, all of my catalogs are compiled in random order. Any links to a patch that I can back-port, or a commit #? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/mUlI7F7GuJAJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] hiera questions
On Mon, Jul 02, 2012 at 10:13:51PM +0200, Jan Ivar Beddari wrote: On 02. juli 2012 17:26, Darryl Wisneski wrote: Regards, -dkw Ouch, sorry Darryl, I hit the wrong button and posted what I thought of as a private very quick reply to you .. right on the list. Jan: I too am sorry I stole the thread. I had best intentions, alas I got carried away. I am interested in learning how you structured your hiera data and dealt with puppet code with the use of no/limited facts. The security point is well taken. At some point though, there has to be trust (obviously). General security best-practice considers mitigating procedures (such as IDS, file integrity monitoring (aide), and regular patching) your best attempt to avoid placing too much trust in the management tool. Regards, -dkw Now at least everyone sees my honest-to-god thoughts on the matter. And the scope of the message becomes a bit more broad. Might even be worth starting a new thread. To the OP, sorry for being such a thread crasher. As to your question I think the answers you got are OK but hopefully you understand what caveats there might be security-wise. best, Jan Ivar -- http://www.uib.no/personer/Jan.Ivar.Beddari -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Trouble using the dns_alt_names config option
DISCLAIMER: I've been using puppet for about 8 hours. Have you regenerated your ssl certificates by nuking the ssl dir *(e.g. sudo rm -rf /var/lib/puppet/ssl) and restarting puppetmaster? On Monday, July 2, 2012 2:59:10 PM UTC+1, Lorin Hochstein wrote: Hello: I'm trying to put a puppet master on an EC2 instance, and have it be accessible to agentes using either its EC2 DNS name (e.g., ec2-xxx-xxx-xxx-xxx.compute-1.amazonaws.com) or a friendlier alias (e.g., puppet.example.com). My /etc/puppet/puppet.conf looks like: [master] certname=ec2-xxx-xxx-xxx-xxx.compute-1.amazonaws.com dns_alt_names=ec2-xxx-xxx-xxx-xxx.compute-1.amazonaws.com, puppet.example.com,puppet When I try to connect to puppet.example.com, I get the following error: Jun 29 20:57:58 precise32 puppet-agent[1178]: Could not send report: Server hostname 'puppet.example.com' did not match server certificate; expected one of ec2-xxx-xxx-xxx-xxx.compute-1.amazonaws.com, DNS: ec2-xxx-xxx-xxx-xxx.compute-1.amazonaws.com, DNS:puppet, DNS: puppet.example.com What are the possible sources for this error? It looks like it expects puppet.example.com as a valid name, but 'puppet.example.com' isn't matching against DNS:puppet.example.com (?) I'm running Puppet 2.7.11 on ubuntu precise (12.04). Also, is there any way for an agent to trust the puppet master using only a certificate instead of relying on DNS? Lorin -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/E_YgseqmvuYJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] bootstrap aws instance - set server address in instance puppet.conf?
Hello, new user here. I'm trying to bootstrap an aws instance and need to change the server setting in puppet.conf on the client/instance that is created. Is there anyway to do this beyond modifying hosts post-hoc? puppet node_aws bootstrap --image ami-e1e8d395 --keyname mykey --login ubuntu --keyfile ~mykeyfile.pem --puppetagent-certname aws_server_test --region=eu-west-1 --type t1.micro -g webserver This provisions an instance but fails to register a cert request on the puppetmaster with : notice: Puppet is now installed on: blahblah.eu-west-1.compute.amazonaws.com notice: No classification method selected notice: Signing certificate ... err: Signing certificate ... Failed err: Signing certificate error: Could not render to pson: getaddrinfo: Name or service not known Checking the instances puppet.conf shows that the server config variable is set to puppet which I want to change to myserver.somewhere.com. Now I dont know if this behaviour is a bug, I would have thought that since I'm running puppet from the master server, bootstrapping should be able to update the server variable correctly or there should at least be a command line option. I know I can run a script at somepoint and modify my hosts files but I'm trying to keep things automated and simple. What am I missing? I should also note, if I ssh into the created instance I can modify the puppet.conf file with the correct server name and a certificate request is issued which I can then sign. Any help.best practices greatly appreciated - lj. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/QHVnlhPb5lUJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: groups dependencies at user creation
Thanks tim for answer me, The fact is $groups is an array, so when i try something like this -- Group[$groups] - User[$username] user { $username: comment = $email, home= /home/$username, shell = /bin/bash, password = !!, groups = $groups } -- I'd got : err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not find resource 'Group[sudo]Group[admin]Group[deploy]' for relationship on 'User[ppuser7]' on node casa Is there any way to work around ?. Regards, eduardo. On 2 jul, 13:20, Tim Mooney tim.moo...@ndsu.edu wrote: In regard to: [Puppet Users] groups dependencies at user creation, eduardo...: I'm trying to create new users members of some groups so it's need to ensure they exist before user creation. I have something like : define updssh::add_user ( $email , $groups ) { $username = $title user { $username: comment = $email, home = /home/$username, shell = /bin/bash, password = !!, groups = $groups } -- How to ensure groups dependencies at user creation ?. If you were just talking about the user's default group, then it would be one of the few cases where puppet establishes an ordering relation for you automatically. In other words: user { 'foo': gid = 'bar', } automatically ensures that group 'bar' is present before user 'foo'. I don't know if that same thing is true for supplemental groups, but if it's not, I would first try using the - notation to establish ordering, like this Group[$groups] - User[$username] Does that work for you? Tim -- Tim Mooney tim.moo...@ndsu.edu Enterprise Computing Infrastructure 701-231-1076 (Voice) Room 242-J6, IACC Building 701-231-8541 (Fax) North Dakota State University, Fargo, ND 58105-5164 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: bootstrap aws instance - set server address in instance puppet.conf?
And 5 minutes later I read the man page docs.puppetlabs.com/pe/2.0/cloudprovisioner_man_node_aws.html *Note that any configuration parameter that's valid in the configuration file is also a valid long argument, although it may or may not be relevant to the present action. For example, server is a valid configuration parameter, so you can specify --server servername as an argument.. *I would normally feel really stupid, but I'm just too happy to have found that :) -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/Q5g28CejCBMJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: hostname not match error
Hi, Make sure the puppet user can change perms on that directory. Also, if still having trouble, paste your version number and puppet.confs. Cheers Den On 03/07/2012, at 3:20, tas gokoproj...@gmail.com wrote: okay. it looks like by uncommenting server = puppet from the auto conf file, it stops complaining about hostname not match. However, new error comes up: /etc/puppet/ssl/certs# puppet agent --server puppet --waitforce 30 --test sh: getcwd() failed: No such file or directory sh: getcwd() failed: No such file or directory /usr/lib/ruby/1.8/facter/util/resolution.rb:46: warning: Insecure world writable dir /etc/condor in PATH, mode 040777 /usr/lib/ruby/1.8/puppet/defaults.rb:67: warning: Insecure world writable dir /etc/condor in PATH, mode 040777 sh: getcwd() failed: No such file or directory sh: getcwd() failed: No such file or directory sh: getcwd() failed: No such file or directory sh: getcwd() failed: No such file or directory sh: getcwd() failed: No such file or directory sh: getcwd() failed: No such file or directory sh: getcwd() failed: No such file or directory info: Creating a new SSL key for box warning: peer certificate won't be verified in this SSL session info: Caching certificate for ca warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session info: Creating a new SSL certificate request for box info: Certificate Request fingerprint (md5): warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session info: Caching certificate for box sh: getcwd() failed: No such file or directory sh: getcwd() failed: No such file or directory err: Could not run Puppet configuration client: Could not retrieve local facts: No such file or directory - getcwd That;s because I commented out factdest = /var/lib/puppet/facts/ But if I uncomment, I can't start puppetmaster again tc/init.d/puppetmaster start * Starting puppet master Could not prepare for execution: Got 1 failure(s) while initializing: change from directory to file failed: Could not set 'file on ensure: Is a directory - /var/lib/puppet/facts [fails] On Monday, July 2, 2012 12:40:16 PM UTC-4, dns wrote: Please help me. I've been dealing with this for a week. I have two clean installs agent and master on ubuntu/ apt-get install puppetmaster apt-get install puppet I signed my agent. My wait was 30 seconds, and 30 seconds later it tries to connecct, but instead it said hostname not match. On my agent: /etc/puppet/ssl/certs# ls ca.pem box.pem On my master: /etc/puppet/ssl/certs# ls ca.pem master.pem I know I can compare certifactes with openssl x509 -text -in /etc/puppet/ssl/certs/name, but I have no idea what to compare. Please help me. I've googled many helps already... I autogenerated puppet.conf on master machine: /usr/sbin/puppetmasterd --genconfig /etc/puppet/puppet.conf I think it's missing the certname part. Minimally, what should be present? Thanks. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/xfhzUfM7ThQJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] yum.puppetlabs.com for fedora 17
Yes, we are working on packaging Fedora 17, but as Brian suspected, we haven't worked out the kinks in packaging against Ruby 1.9.x. If someone has patches to submit against the spec file in conf/redhat/puppet.spec that will allow for a ruby 1.9 build, please submit a pull request. If you want to help, but need pointers, I'm happy to point you in the right direction. matthaus On Mon, Jul 2, 2012 at 12:17 PM, Brian Gupta brian.gu...@brandorr.com wrote: I would guess part of the issue is related to testing against ruby 1.9.x, which Fedora now ships with, but someone from Puppetlabs should confirm. -Brian On Mon, Jul 2, 2012 at 12:29 PM, Matthew Nicholson matthew.a.nichol...@gmail.com wrote: I notice fedora 17 isn't in there yet.Any time frame for this release being packaged up? Glad to help out rebuilding srpms -- Matthew Nicholson -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Matthaus Litteken Release Manager, Puppet Labs -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] is site.pp a must to have
Hi, is site.pp a file must to have? I have set up a puppet server, but my following manifest just cannot apply to my client, the server itself. # cat haitest.pp file { '/etc/motd' : source = puppet:///files/motd ,} Thanks. Hai T. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/PHMGaA52wR4J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: puppetmasterd continuously consuming high CPU, with many interrupts
Thanks guys. I have been having a bizzare problem with java since then and this fixed it. On 3 July 2012 05:23, Ken Barber k...@puppetlabs.com wrote: Turns out yes, it's the leap second, but boy was the fix I found easier than that: http://artipc10.vub.ac.be/wordpress/2012/07/01/leap-second-causing-ksoftirqd-and-java-to-use-lots-of-cpu-time/ $ sudo date -s `date` Cleared it rigt up. Huh. What a weird fix :-). ken. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Unable to Install puppet Master
Jeeva, What mysql version do you have installed (via yum or source, from base or oracle)? Is it local to the install or on another machine? libmysqlclient.so.15 comes with mysql-libs for 5.0, other versions of the .so file accompany other mysql versions, so this may be part of the problem. matthaus On Sun, Jul 1, 2012 at 11:55 PM, Jeeva kissan...@gmail.com wrote: Apologies for the late reply. 1. I installed pe-tanukiwrapper-3.5.9-5.pe.el5.x86_64 separately with no deps. I moved this rpm out of packages as well rpm -U pe-tanukiwrapper-3.5.9-5.pe.el5.x86_64 --nodeps 2. After then I ran the puppet installer. Since I already have the mysql in my server, I didn't select mysql installation. But im getting following error. ## Setting up the console... !!! The bundled mysql.rb driver has been removed from Rails 2.2. Please install the mysql gem and try again: gem install mysql. rake aborted! libmysqlclient.so.15: cannot open shared object file: No such file or directory - /opt/puppet/lib/ruby/site_ruby/1.8/x86_64-linux/mysql.so Kindly help as I'm new to puppet. Thanks, Jeeva On Thursday, 31 May 2012 20:40:28 UTC+8, Trevor Vaughan wrote: What does rpm -qa | grep java give you? If you installed Java from a tar source, then it wouldn't update your RPM database and actually meet the RPM requirements. Your alternatives are to download a version of Java in RPM form that meets your requirements, roll your own stub RPM, or use --nodeps (if using 'rpm' not 'yum'). Trevor On Thu, May 31, 2012 at 3:25 AM, Jeeva kissan...@gmail.com wrote: Hi, I was trying to instal puppet-enterprise-2.5.1-el-5-x86_64 in RHEL- 5.3 machine. But got below error. ## Installing packages from files... error: Failed dependencies: java = 1.5.0 is needed by pe- tanukiwrapper-3.5.9-5.pe.el5.x86_64 === = !! ERROR: Could not install packages from files; see messages above for cause. ### BUT, 1. Then I checked my java version which is what is required. java -version java version 1.6.0_29 Java(TM) SE Runtime Environment (build 1.6.0_29-b11) Java HotSpot(TM) 64-Bit Server VM (build 20.4-b02, mixed mode) 2. I'm trying to install puppet master, console and puppet agent in same machine as i want to test it before I move it to prod. Kindly help.. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Trevor Vaughan Vice President, Onyx Point, Inc (410) 541-6699 tvaug...@onyxpoint.com -- This account not approved for unencrypted proprietary information -- -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/2hhjDzTM_TIJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Matthaus Litteken Release Manager, Puppet Labs -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] packaging puppet modules
On Sun, Jul 1, 2012 at 12:58 PM, Ken Dreyer ktdre...@ktdreyer.com wrote: Like you mentioned, I too would like to hear more from Puppet Labs' staff on where they see the Module culture going. Hi everyone, sorry for the tardy reply. I wanted to see what everyone had to say before 'weighing in'. My answer to this is a bit complicated but I'll try to be succinct. As you deduced Ken, modules on the Puppet Forge are name-spaced as author-module_name. A module installed into ones modulepath strips away author and leaves module_name. So if you were going to package them (and please feel free to!), you'd be looking at something like puppetmodule-puppetlabs-mysql for our MySQL module. Yep, it looks a bit silly but becomes less so when you look at non-PL modules. For instance, puppetmodule-rcoleman-mysql makes a lot more sense. Doing something like Debian alternatives is an interesting idea but isn't something feasible today. If Puppet Labs produces puppetlabs-mysql and I produce rcoleman-mysql, you as the consumer have zero assurance that they provide the same functionality. The Puppet Labs variant could manage the full stack while mine could just install the package. If we were in a situation where we could describe a modules functionality in factual terms to automatically make claims about whether two MySQL modules are equivalent, perhaps this could work but that's not something we can do nor do I see being possible in the platform anytime soon. On the other hand, once you get to a point where you can say the Puppet Labs MySQL module and the rcoleman MySQL module provide the same functionality, why bother having two? I'd much rather see the module community coalesce around modules that claim to do similar things, combine ideas from different groups and offer everyone one or two modules that do a thing very well. In that scenario, everyone gets the functionality they want and packaging becomes a less complicated chore. Namespace is still important so that core authors can be credited and everyone has an opportunity to put their module ideas out there. The core set of high-quality modules don't even have to be in the Puppet Labs namespace. Remember, we know Puppet, not all the various applications you use and expertly manage. Realistically, I intend to make an effort to encourage module consolidation and collaboration and perhaps we can have some sort of community ratings and review process to let the cream rise to the top, identify the tasty, creamy modules and make those the ones that get packaged by persons such as yourself. As always, we welcome your input and just want to enable those crafting modules and those consuming them to manage infrastructure and solve problems. --Ryan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Using onlyif
Binaries like curl and test must be fully qualified (ex. /bin/rm) or you must pass the path attribute to your exec resource with a search path like '/bin:/usr/bin' as the value. HTH, --Ryan On Monday, July 2, 2012, Benjamin Lei wrote: Here's what I'm using: exec { cert-fix: command = curl http://curl.haxx.se/ca/cacert.pem -o /etc/pki/tls/certs/ca-bundle.crt, onlyif = test -e /etc/pki/tls/certs/ca-bundle.crt, } But it keeps on failing: [default] Running Puppet with /tmp/vagrant-puppet/manifests/acid.pp... Parameter onlyif failed: 'test -e /etc/pki/tls/certs/ca-bundle.crt' is both unqu alifed and specified no search path at /tmp/vagrant-puppet/manifests/acid.pp:23 The following SSH command responded with a non-zero exit status. Vagrant assumes that this means the command failed! I am trying to make that exec run the command if the file for it does not exist yet. What am I doing wrong? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/5XjljtHXxCAJ. To post to this group, send email to puppet-users@googlegroups.comjavascript:_e({}, 'cvml', 'puppet-users@googlegroups.com'); . To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com javascript:_e({}, 'cvml', 'puppet-users%2bunsubscr...@googlegroups.com');. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Ryan Coleman | about.me/ryc Modules Forge @ Puppet Labs -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Using onlyif
Here's what I'm using: exec { cert-fix: command = curl http://curl.haxx.se/ca/cacert.pem -o /etc/pki/tls/certs/ca-bundle.crt, onlyif = test -e /etc/pki/tls/certs/ca-bundle.crt, } But it keeps on failing: [default] Running Puppet with /tmp/vagrant-puppet/manifests/acid.pp... Parameter onlyif failed: 'test -e /etc/pki/tls/certs/ca-bundle.crt' is both unqu alifed and specified no search path at /tmp/vagrant-puppet/manifests/acid.pp:23 The following SSH command responded with a non-zero exit status. Vagrant assumes that this means the command failed! I am trying to make that exec run the command if the file for it does not exist yet. What am I doing wrong? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/5XjljtHXxCAJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Scheduled_task + ad user
Hi Josh, Thank for your quick and good reply. I remove and LocalAccount = True' at line 56 and 58. It now work perfectly. Thanks again. Fred Le lundi 2 juillet 2012 07:27:33 UTC-10, Josh Cooper a écrit : Hi, On Sat, Jun 30, 2012 at 4:30 PM, fpommier fpommie...@gmail.com wrote: Hi, When a want to use scheduled_task for create a windows task and when i give a AD user, i have this message : err: /Stage[main]/Mirnas/Scheduled_task[test]/ensure: change from absent to present failed: Invalid user: DOMAIN\oper My user domain and the password are correct. I have the same error if i change DOMAIN\oper by oper@domain.comor DOMAIN/oper With a local user, is working, but i need a AD user for my batch to work. Is it a bug , a limitation or i miss something ? Thank for any help scheduled_task { 'test': ensure= present, enabled = true, command = 'C:\test\test.bat', working_dir= 'C:\test', user = 'DOMAIN\oper', password = 'x', trigger = { schedule = daily, start_date = '2012-06-26', # Defaults to 'today' start_time = '09:05', # Must be specified } } -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/P1hXwgGE2CoJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. It is definitely a bug. I've filed this as http://projects.puppetlabs.com/issues/15326. You can probably just remove the `LocalAccount = True` condition from the WMI queries in `Puppet::Util::ADSI#sid_for_account` at lines 56-58. Josh -- Josh Cooper Developer, Puppet Labs -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/OaNuY7Idc9YJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Using onlyif
So fully qualified means I need to add in a path to the command I'm trying to execute (i.e. test/grep)? On Monday, July 2, 2012 9:14:25 PM UTC-7, Ryan Coleman wrote: Binaries like curl and test must be fully qualified (ex. /bin/rm) or you must pass the path attribute to your exec resource with a search path like '/bin:/usr/bin' as the value. HTH, --Ryan On Monday, July 2, 2012, Benjamin Lei wrote: Here's what I'm using: exec { cert-fix: command = curl http://curl.haxx.se/ca/cacert.pem -o /etc/pki/tls/certs/ca-bundle.crt, onlyif = test -e /etc/pki/tls/certs/ca-bundle.crt, } But it keeps on failing: [default] Running Puppet with /tmp/vagrant-puppet/manifests/acid.pp... Parameter onlyif failed: 'test -e /etc/pki/tls/certs/ca-bundle.crt' is both unqu alifed and specified no search path at /tmp/vagrant-puppet/manifests/acid.pp:23 The following SSH command responded with a non-zero exit status. Vagrant assumes that this means the command failed! I am trying to make that exec run the command if the file for it does not exist yet. What am I doing wrong? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/5XjljtHXxCAJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Ryan Coleman | about.me/ryc Modules Forge @ Puppet Labs -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/ocGCHl0Q5VsJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Using onlyif
On Monday, July 2, 2012, Benjamin Lei wrote: So fully qualified means I need to add in a path to the command I'm trying to execute (i.e. test/grep)? Yep. The command should execute at that point. :-) On Monday, July 2, 2012 9:14:25 PM UTC-7, Ryan Coleman wrote: Binaries like curl and test must be fully qualified (ex. /bin/rm) or you must pass the path attribute to your exec resource with a search path like '/bin:/usr/bin' as the value. HTH, --Ryan On Monday, July 2, 2012, Benjamin Lei wrote: Here's what I'm using: exec { cert-fix: command = curl http://curl.haxx.se/ca/cacert.**pemhttp://curl.haxx.se/ca/cacert.pem-o /etc/pki/tls/certs/ca-bundle. **crt, onlyif = test -e /etc/pki/tls/certs/ca-bundle.**crt, } But it keeps on failing: [default] Running Puppet with /tmp/vagrant-puppet/manifests/** acid.pp... Parameter onlyif failed: 'test -e /etc/pki/tls/certs/ca-bundle.**crt' is both unqu alifed and specified no search path at /tmp/vagrant-puppet/manifests/** acid.pp:23 The following SSH command responded with a non-zero exit status. Vagrant assumes that this means the command failed! I am trying to make that exec run the command if the file for it does not exist yet. What am I doing wrong? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/** msg/puppet-users/-/**5XjljtHXxCAJhttps://groups.google.com/d/msg/puppet-users/-/5XjljtHXxCAJ . To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@* *googlegroups.com. For more options, visit this group at http://groups.google.com/** group/puppet-users?hl=enhttp://groups.google.com/group/puppet-users?hl=en . -- Ryan Coleman | about.me/ryc Modules Forge @ Puppet Labs -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/ocGCHl0Q5VsJ. To post to this group, send email to puppet-users@googlegroups.comjavascript:_e({}, 'cvml', 'puppet-users@googlegroups.com'); . To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com javascript:_e({}, 'cvml', 'puppet-users%2bunsubscr...@googlegroups.com');. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Ryan Coleman | about.me/ryc Modules Forge @ Puppet Labs -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.