[Puppet Users] When usion puppet docker_platform with vagrant virtualbox the docker container is not started and after restart the docker daemon is not started
Hi!
I try to create a virtualbox machine with vagrant and puppet provider.
According to the documentation
https://forge.puppetlabs.com/puppetlabs/docker_platform/readme#class-docker
I have create following manifest:
class { 'docker':
* service_enable => true,*
* service_state => 'running',*
}
docker::image { 'jenkinsci/jenkins:2.0-beta-1':
require => Class['docker'],
}
docker::run { 'Jenkins2Beta1':
image=> 'jenkinsci/jenkins:2.0-beta-1',
detach => true,
ports=> '8080:8080',
volumes => '/virtual_storage/jenkins_home:/var/jenkins_home',
* running => true,*
extra_parameters => ['--restart unless-stopped'],
require => Docker::Image['jenkinsci/jenkins:2.0-beta-1'],
}
With the bold configuration I would expect the my container 'Jenkins2Beta1'
should be started after provisioning, which is not the case.
I have to determine the id of the container manual via "sudo docker ps
-all" and start it then via "sudo docker start ".
Furthermore after restarting the virtualbox machine via "vagrant halt" and
"vagrant up" the docker daemon has to be started manually via "sudo docker
daemon".
What is wrong in my manifest?
Kind regards
Torsten
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/389a99f5-793d-4448-8ffd-cd8adb7f6236%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Announce: Puppet 3.8.5 available
(Pardon the necro, I felt these interesting results should be filed with the other ones.) On Thu, Feb 11, 2016 at 08:50:32AM -0800, Kylo Ginsberg wrote: >On Thu, Feb 11, 2016 at 8:02 AM, Christopher Wood ><[1]christopher_w...@pobox.com> wrote: > > For idle interest's sake, I calculated the catalog compilation times > across our puppetmasters on Thursday January 28th with (open source) > 3.8.4 and did the same thing just now for Thursday February 4th with > (open source) 3.8.5. > > Average catalog compilation times improved from 23.59 s to 20.44 s, or > approximately 13% improvement. > >\o/ >We're giving more and more attention to performance improvements, so glad >to get data-driven feedback like this. Thanks! >Kylo The above was all apache/passenger. After another upgrade the puppetmasters here have been running these since Wednesday March 30th: [root@puppetmaster4 ~]# rpm -q puppetserver puppetserver-2.2.1-1.el6.noarch [root@puppetmaster4 ~]# rpm -q puppet-agent puppet-agent-1.3.6-1.el6.x86_64 On Thursday March 31st catalog compilation times averaged 5.93 s across all production puppetmasters. > > On Wed, Jan 27, 2016 at 02:58:29PM -0800, Eric Sorenson wrote: > > Puppet 3.8.5 is now available. This is a bugfix release that > contains > > performance improvements to catalog compilation and Mac OS X > service > > management, along with fixes for Windows agents and the Puppet 4 > language > > parser. See the full release notes here: > > > [2]http://docs.puppetlabs.com/puppet/3.8/reference/release_notes.html > > For installation and upgrade instructions, see this doc: > > [3]http://docs.puppetlabs.com/puppet/3.8/reference/pre_install.html > > A special community shout-out for this release to Github user > 'earsdown' > > for the PR to fix PUP-5212, which added HTTP proxy support to the > PIP > > package provider. > > Eric Sorenson - [4]eric.soren...@puppetlabs.com - freenode #puppet: > eric0 > > puppet platform // coffee // techno // bicycles > > > > -- > > You received this message because you are subscribed to the Google > Groups > > "Puppet Users" group. > > To unsubscribe from this group and stop receiving emails from it, > send an > > email to [1][5]puppet-users+unsubscr...@googlegroups.com. > > To view this discussion on the web visit > > > > [2][6]https://groups.google.com/d/msgid/puppet-users/162976e8-f3a4-4af5-a211-a0900f3b4aa5%40googlegroups.com. > > For more options, visit [3][7]https://groups.google.com/d/optout. > > > > References > > > > Visible links > > 1. mailto:[8]puppet-users+unsubscr...@googlegroups.com > > 2. > > [9]https://groups.google.com/d/msgid/puppet-users/162976e8-f3a4-4af5-a211-a0900f3b4aa5%40googlegroups.com?utm_medium=email_source=footer > > 3. [10]https://groups.google.com/d/optout > -- > You received this message because you are subscribed to the Google > Groups "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to [11]puppet-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > > [12]https://groups.google.com/d/msgid/puppet-users/20160211160222.GA20645%40iniquitous.heresiarch.ca. > For more options, visit [13]https://groups.google.com/d/optout. > >-- >Kylo Ginsberg | [14]k...@puppetlabs.com | irc: kylo | twitter: @kylog > >-- >You received this message because you are subscribed to the Google Groups >"Puppet Users" group. >To unsubscribe from this group and stop receiving emails from it, send an >email to [15]puppet-users+unsubscr...@googlegroups.com. >To view this discussion on the web visit > > [16]https://groups.google.com/d/msgid/puppet-users/CALsUZFFewEebnPXbjezHhbwJpyxsSv7_HOba-W9XZ_MmMg6LpQ%40mail.gmail.com. >For more options, visit [17]https://groups.google.com/d/optout. > > References > >Visible links >1. mailto:christopher_w...@pobox.com >2. http://docs.puppetlabs.com/puppet/3.8/reference/release_notes.html >3. http://docs.puppetlabs.com/puppet/3.8/reference/pre_install.html >4. mailto:eric.soren...@puppetlabs.com >5. mailto:puppet-users%2bunsubscr...@googlegroups.com >6. > https://groups.google.com/d/msgid/puppet-users/162976e8-f3a4-4af5-a211-a0900f3b4aa5%40googlegroups.com >7. https://groups.google.com/d/optout >8. mailto:puppet-users%2bunsubscr...@googlegroups.com >9. > https://groups.google.com/d/msgid/puppet-users/162976e8-f3a4-4af5-a211-a0900f3b4aa5%40googlegroups.com?utm_medium=email_source=footer > 10. https://groups.google.com/d/optout > 11. mailto:puppet-users%2bunsubscr...@googlegroups.com > 12. >
[Puppet Users] Re: Significance of ca_name?
On Saturday, April 2, 2016 at 4:36:46 AM UTC-7, dE wrote: > > The documentation says -- > > The name to use the Certificate Authority certificate. >> > > Which sound like wrong grammar. The correct one must be -- > > > The name to use for the Certificate Authority certificate. > > > On my master, the ca_name = Puppet CA: puppetmaster > > > and the CA cert file is named ca_crt.pem; who's subject is Puppet CA: > puppetserver > > > So nor the common name of the certificate nor the file name of the > certificate is Puppet CA: puppetmaster > The ca_name determines the Common Name (CN) which is added to the CA certificate's subject. It doesn't have any bearing on the file name of the certificate, as you mentioned. The default value which is used for it (from https://docs.puppetlabs.com/puppet/latest/reference/configuration.html#caname) is: Puppet CA: $certname $certname is interpolated from the value of the corresponding named setting (https://docs.puppetlabs.com/puppet/latest/reference/configuration.html#certname). The default for $certname is the fully-qualified domain name of the system. --- As long as I have the ca_name setting set in my puppet.conf file - either under the main or master section - before my ca_crt.pem has been generated and before my Puppet Server is started up, whatever value I have in the ca_name setting ends up being the CN in the CA certificate. If I change the value of the ca_name setting after my ca_crt.pem file has been created, though, I would need to delete the ca_crt.pem file in order for the CA certificate to be regenerated with the new value I used for the ca_name setting. Is this not the behavior you see? If not, could you provide more details as to what version of Puppet master code you are using - version of Puppet under Passenger, version of Puppet Server, or something else? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/aad69628-5127-400b-9076-ea3b57179e3e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] unable to create home directory
In that case just have puppet create the directory if it doesn't already exist and ensure that the ownership is set correctly. Then have the ssh_authorized_keys resource require the directory resource. On Monday, 4 April 2016 14:23:11 UTC+1, Patrick G. wrote: > > I don't need to create the user just /home//.ssh because the > user exist in ldap. > So how do I give access to puppet to create only /home/admin/.ssh > > > > Op vrijdag 1 april 2016 16:32:43 UTC+2 schreef Mike Hendon: >> >> >> On Friday, 1 April 2016 14:34:01 UTC+1, jcbollinger wrote: >>> >>> >>> >>> On Thursday, March 31, 2016 at 9:34:04 AM UTC-5, Warron French wrote: Isn't .ssh created after the first time a user attempts an SSH outbound connection, not at initial creation of homedirs? >>> >>> Inasmuch as we seem to be talking about OpenSSH or a work-alike, yes, >>> the ssh client creates the .ssh/ directory automatically at need. In no >>> way does that mean it cannot or should not be created by another mechanism, >>> however. The directory needs to exist so that Puppet can manage an >>> authorized key entry within. If it does not already exist at the time of >>> the catalog run, then Puppet needs to create it. Puppet is trying to do >>> so, but failing. >>> >>> >>> John >>> >>> >> To create the admin home directory first the ssh key resource should be >> dependent on an admin user resource. >> > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/d40118b0-887a-4324-ad5e-d2e97c878753%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] unable to create home directory
On Monday, April 4, 2016 at 8:23:11 AM UTC-5, Patrick G. wrote:
>
> I don't need to create the user just /home//.ssh because the
> user exist in ldap.
> So how do I give access to puppet to create only /home/admin/.ssh
>
As I wrote earlier, it's unclear whether yours is in fact an access control
problem at all, but that seems one of the less likely possibilities. If it
turns out indeed to be the problem, then as, again, I wrote earlier, you
need to more precisely identify the nature of the problem before you or we
can solve it. But do read on
If you are not managing a User resource for 'admin' -- which not related to
whether you use LDAP as an account and credential database -- then yours is
a trivial case of the one in which your local user management subsystem
does not support managing user home directories. As I wrote before, in
that case you may need to manage the user's home directory explicitly. And
by that, I mean you *do* need to manage the user home directory (e.g.
/home/admin) directly if you cannot otherwise rely on it to be present.
Furthermore, you need to establish a relationship between home directory
and key to ensure that the directory is synced first. For example,
something like this:
file { '/home/admin':
ensure => 'directory',
user => 'admin',
group => 'admin',
mode => '0750'
}
File['/home/admin'] -> Ssh_authorized_key<| user == 'admin' |>
There's a bit of an issue surrounding where (which class in which module)
something like that should go, and I haven't the visibility into your
manifest set to make any recommendations about that. Furthermore, I
reiterate that that is an *example*. Your specific situation may require a
variation on that, or even an altogether different approach that
accomplishes the same thing.
John
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/bed959a1-2b6a-405b-b11f-cdb9c4726263%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] unable to create home directory
On Friday, April 1, 2016 at 9:32:43 AM UTC-5, Mike Hendon wrote: > > > To create the admin home directory first the ssh key resource should be > dependent on an admin user resource. > Yes and no. As I covered in one of my previous responses to this thread, if there is a User['admin'] under management for the target node then Ssh_authorized_keys associated with 'admin' will autorequire that User. So yes, there must be a relationship, but no, it does not have to be expressed explicitly in any manifest. John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/4c17a306-5922-4283-9826-ba366277fced%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] unable to create home directory
I don't need to create the user just /home//.ssh because the user exist in ldap. So how do I give access to puppet to create only /home/admin/.ssh Op vrijdag 1 april 2016 16:32:43 UTC+2 schreef Mike Hendon: > > > On Friday, 1 April 2016 14:34:01 UTC+1, jcbollinger wrote: >> >> >> >> On Thursday, March 31, 2016 at 9:34:04 AM UTC-5, Warron French wrote: >>> >>> Isn't .ssh created after the first time a user attempts an SSH outbound >>> connection, not at initial creation of homedirs? >>> >> >> Inasmuch as we seem to be talking about OpenSSH or a work-alike, yes, the >> ssh client creates the .ssh/ directory automatically at need. In no way >> does that mean it cannot or should not be created by another mechanism, >> however. The directory needs to exist so that Puppet can manage an >> authorized key entry within. If it does not already exist at the time of >> the catalog run, then Puppet needs to create it. Puppet is trying to do >> so, but failing. >> >> >> John >> >> > To create the admin home directory first the ssh key resource should be > dependent on an admin user resource. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/310a2efd-c008-4052-af72-f5b51f386b57%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] using generated query string in a collector
Hi,
Seems it is not possible, well, I cannot make it work.
Depending on some class parameter, some exported resources should be collected
or not.
eg.
class X (
$collect_tags = ['cond1', 'cond2']
) {
$my_cond = my_magic_function($collect_tags) # returns the string "tag ==
'cond1' or tag=='cond2'"
My_exp_res <<| $my_cond |>>
}
But the only result I get : Error 400 on SERVER: Syntax error at '|>>';
expected '}'
Whatever i tried, nothing gave me the desired result. Using single quotes,
double quotes, escaping quotes
And <<| tag == $collect_tags |>> ( <<| tag == ['cond1','cond2'] |>> does not
give me the desired result, only one exported resource is collected. But I try
to ovoid this, because the behavior of this i unpredictable, as documented in
the docs.
I already I'm a big fan of iteration, but this needs to work on puppet 3.[7|8].x
For now I will change my parameter to a single string and us an if clause like
...
if ( $collect_tag =~ /all$/ ) {
My_exp_res <<| |>>
} else {
My_exp_res <<| tag == $collect_tag >>
}
I will loose the ability to collect on multiple nodes this way, but we can live
with this for the moment.
Peeking to puppetdbquery as an alternative
Grts
Johan
--
Johan De Wit
Open Source Consultant -- Open-Future
Red Hat Certified Engineer (805008667232363)
Puppet Certified Professional 2013/2014/2015 (PCP006)
Puppet Certified Instructor
blog : http://johan.koewacht.net/
