Re: [Puppet Users] [EPP] Using tagged, defined, a better way to create variables, ... to verify if a class is included

Top post, I'm not skilled enough to read this hence not sure where I'd interject. You may be better off using simpler constructs so that people with a wider variety of skill levels in your organization can contribute. What problems are you encountering where describing state is not sufficient to

[Puppet Users] JRuby-OpenSSL will parse incorrect labels unlike OpenSSL for Ruby

(It's a tiny tiny edge case, just making sure this is in the mailing list archives here too.) https://github.com/jruby/jruby/issues/5746 In short, JRuby-OpenSSL (actually using Bouncy Castle) will parse certs ending in both ways noted in the diff below, whereas actual OpenSSL won't. $ diff

Re: [Puppet Users] Puppet environments and "avalability zones"

Not sure if you'd call it a "best" practice, but with a fairly standard control repo(1) and r10k'ish environments you can: * branch * make your changes in the new branch/environment * move a few canary hosts into the new environment using your ENC(2), see how that goes * move a few more,

Re: [Puppet Users] Include Hiera Classes

Do yourself a favour, define puppet classes and resources in puppet code. There are surprisingly few people who can look at puppet resources in yaml and conceptualize which portion is causing that odd ruby+yaml error. This is a useful model for how to lay that out:

Re: [Puppet Users] Puppet server stopped working

If you're reaching expiry you might consider this thing, it worked for me to refresh the CA cert: https://forge.puppet.com/puppetlabs/certregen (NB, check all your puppetserver/puppetmaster hosts for stray puppet/ssl/ca directories, having extra ones around can cause a bit of pain. Make sure

Re: [Puppet Users] undef / nil / empty in template

Nice catch, wouldn't have figured on that. On Fri, Jul 13, 2018 at 05:17:05PM +, Helmut Schneider wrote: > Christopher Wood wrote: > > > On Fri, Jul 13, 2018 at 03:44:04PM +, Helmut Schneider wrote: > > > Christopher Wood wrote: > > > > > > &g

Re: [Puppet Users] undef / nil / empty in template

On Fri, Jul 13, 2018 at 03:44:04PM +, Helmut Schneider wrote: > Christopher Wood wrote: > > > Have you considered switching to an EPP template? You can limit the > > data passed in to only valid types (otherwise catalog compilation > > failure), it's quite usefu

Re: [Puppet Users] undef / nil / empty in template

Have you considered switching to an EPP template? You can limit the data passed in to only valid types (otherwise catalog compilation failure), it's quite useful. https://puppet.com/docs/puppet/5.5/lang_template_epp.html In the example below, you might do something like: $content =

Re: [Puppet Users] Problems installing PuppetDB from source - the instructions don't actually work

On Thu, Jun 21, 2018 at 06:49:01PM -0700, Simon Tideswell wrote: >Hello Rob >No, I'm not trying to do anything fancy. I just wanted to use PuppetDB on >a Ubuntu 18 server so that I can access the data with PuppetBoard. I can I've had a good experience using PuppetBoard via Docker per

Re: [Puppet Users] Unable to run source using 'exec' resource

I'm not really sure what's going on (bit rusty in bash), but the following things to check on come to mind. /bin/sh may not be linked to bash, and "export THING=whatever" is a bashism. It could be that "THING=whatever; export THING" will work better for you. However you're likely using

Re: [Puppet Users] PuppetDB: manually import reports

To challenge an assumption, what are you gaining from having more than one puppet infrastructure (puppetservers+puppetdb)? Could you perhaps handle your dev stuff with another environment or set of puppetservers under the same CA with the same puppetdb? Is there any reason for a separate

Re: [Puppet Users] puppet "package" resource type for multi-file installer

Sounds like this thing would be useful? https://forge.puppet.com/puppet/archive On Wed, Apr 18, 2018 at 07:55:40PM -0700, Ty Young wrote: >I'm still ramping up on Puppet 5.4.0, but I'm stuck on something. > >I have a customer needing to automate installation of a software package >

Re: [Puppet Users] error de conection

I haven't had that experience with puppet, but I have had it with other services. Assuming you've gone through things like checking load, logs (for the puppetserver/puppet master), continuous ping, strace, and so on, I recommend that you capture packets on either side. Checking timestamps may

[Puppet Users] PuppetDB catalog-hash-conflict-debugging substitute

Once upon a time I successfully used catalog-hash-conflict-debugging to find an unsorted thing being different in every catalog and that was very helpful. Recently catalog duplication (in the PuppetDB dashboard) has dropped about 10% and the setting is gone from PuppetDB in 5.2.0.

Re: [Puppet Users] Style regarding param data types

Somebody in the office here loves their complicated restrictive parameters. Those go in type aliases which cuts down a bit on the class parameter width. https://puppet.com/docs/puppet/5.4/lang_type_aliases.html On Wed, Mar 07, 2018 at 11:17:19AM -0500, Gabriel Filion wrote: > Hiya! > > I'm

Re: [Puppet Users] hiera key questions, key naming and per-file keys

(inline) On Thu, Mar 01, 2018 at 11:36:40PM +0100, Henrik Lindberg wrote: > On 01/03/18 16:03, Christopher Wood wrote: > > As background, for "reasons" I am looking at individual domains in hiera as > > keys. I do have questions beyond "why would I even".

[Puppet Users] hiera key questions, key naming and per-file keys

As background, for "reasons" I am looking at individual domains in hiera as keys. I do have questions beyond "why would I even". A) hiera lookup key format I notice that if I use puppet lookup to test things I get similar behaviour as using lookup() from a manifest, a key with dots in it is

[Puppet Users] fqdn_rand() output will change in 5.4.0, non-FIPS too

This part of the release notes: https://puppet.com/docs/puppet/5.4/release_notes.html#fips-support "When running Puppet 5.4.0 on a FIPS-enabled platform, Puppet modifies its default digest_algorithm and supported_checksum_types settings to exclude MD5, which is not a FIPS-compliant algorithm.

Re: [Puppet Users] puppet-lint & Syntax

Taking a stab at this... The puppet parser will always be the authoritative source for one's puppet code validation since that is what will be parsing the code via agent or server. It will introduce any number of bugs and inconsistencies and delay to have puppet-lint keep up with what puppet

Re: [Puppet Users] How to make puppetlabs yum repository mirror

rsync://rsync.puppet.com/ Dig around in there. On Thu, Jan 18, 2018 at 09:11:16PM +0800, Yan Xiaofei wrote: > Hello > > I used to rsync from rsync://yum.puppetlabs.com/. But it did not works any > more. > How can I make local mirror from yum.puppetlabs.com. > > Thanks very much! > Xiaofei > >

Re: [Puppet Users] /etc/sysconfig/puppetserver git source?

ct.clj for puppetserver here: > https://github.com/puppetlabs/puppetserver/blob/5.1.x/project.clj#L113-L114 > > On Wed, Jan 3, 2018 at 12:09 PM, Christopher Wood > <christopher_w...@pobox.com> wrote: > > That turned out to be even more interesting, thank you! > > > > On Wed

Re: [Puppet Users] /etc/sysconfig/puppetserver git source?

ppetlabs/ezbake/blob/master/resources/puppetlabs/lein-ezbake/template/foss/ext/default.erb >On Wed, Jan 3, 2018 at 9:56 AM Christopher Wood ><[2]christopher_w...@pobox.com> wrote: > > Is the source for /etc/sysconfig/puppetserver in the puppetserver rpm > stored

[Puppet Users] /etc/sysconfig/puppetserver git source?

Is the source for /etc/sysconfig/puppetserver in the puppetserver rpm stored in any public-facing git repository? If so, where? More details: I was reading the tuning guide (it's augment time again) and it occurred to me to read the commit messages for this file to see how Puppet figured out

Re: [Puppet Users] puppet lookup could not find directory environment

(inline) On Tue, Dec 05, 2017 at 11:23:32AM -0800, dkoleary wrote: >On Tuesday, December 5, 2017 at 1:10:44 PM UTC-6, Christopher Wood wrote: > > Twofold: > > "fqdn" is usually a puppet fact, I suspect you wouldn't find that if you > grepped your h

Re: [Puppet Users] puppet lookup could not find directory environment

Twofold: "fqdn" is usually a puppet fact, I suspect you wouldn't find that if you grepped your hiera data. Try these as root on any node: facter fqdn facter -p | less If you do have a hiera key called "fqdn", you can try looking it up on any host which has your environments in the usual place

Re: [Puppet Users] force dist-upgrade once on each puppet run and update on each package to be installed?

I found that a single "apt-get update" exec before any packages were managed was useful enough. Out of interest, what is the use case that needs "apt-get update" before every package is installed? Lately here the "yum upgrade" is a daily thing with some incremental canarying as the month goes

Re: [Puppet Users] multiple puppetdb, single postgres

Running two puppetdb in front of a single postgresql here and it's fine. The puppetservers use one puppetdb for everything and the second puppetdb is for monitoring and interactive use. The only hiccoughs are when trans-oceanic links blip. The puppetdb instances are managed using puppet and at

Re: [Puppet Users] pdk and puppetlabs-ntp Gemfile on non-windows?

ror. Please remove the Gemfile.lock and try again. > >Cheers, David >On Thu, Oct 26, 2017 at 5:19 PM Christopher Wood ><[1]christopher_w...@pobox.com> wrote: > > I'm not sure if this is an issue, or something I'm doing, since I'm > trying to use Ubu

[Puppet Users] pdk and puppetlabs-ntp Gemfile on non-windows?

I'm not sure if this is an issue, or something I'm doing, since I'm trying to use Ubuntu debs on patched-up Debian 9. The question: Is this PEBKAC or what? To wit, I get a fatal error when attempting "pdk validate -d" and "pdk test unit -d" at 1215f02 of the puppetlabs-ntp module. This happens

[Puppet Users] querying unrealized/inactive resources in the catalog?

Is there a document somewhere that describes the visilibity of an unrealized and inactive resource in the downloaded catalog and puppetdb catalog? I thought I would be able to retrieve inactive resources from somewhere in puppetdb, but I can't and that could be just me. It would suit me

Re: [Puppet Users] puppet functions in EPP templates?

'test1/two.epp'), } We'll please attribute this to an unusual moment of dimness. On Wed, Jul 26, 2017 at 09:50:11AM -0400, Christopher Wood wrote: > Would somebody mind passing a spare clue regarding the correct syntax? > > I already know this works in an erb template: > > <%= sc

[Puppet Users] puppet functions in EPP templates?

Would somebody mind passing a spare clue regarding the correct syntax? I already know this works in an erb template: <%= scope.call_function('test1::test1', ['input one!!']) %> However this fails in an epp template: <%= test1::test1('input two!!') %> Unfortunately, that's about as far as I

Re: [Puppet Users] Puppet Packet Rate?

The answer is that it depends on your catalogs and what you're ramming through them. You might get a squinty rule of thumb measurement from figuring out the size of uploaded facts/report, downloaded catalog/files, add some more for random discussion traffic, divide by the number of seconds an

Re: [Puppet Users] Trigger apt-get update if packages are to be installed

Not sure what their solution was, but mine was (back when puppeting Debian/Ubuntu) to run apt-get update on every run, but make sure to also run apt-cacher-ng to be an apt proxy on the local network. That sped things up. On Fri, Jul 07, 2017 at 07:23:17AM -0700, Klavs Klavsen wrote: >Did

Re: [Puppet Users] Re: PuppetDB - High CPU Large number of KahaDB files and very little work going to postgresql

I'm wondering if that puppetdb instance's queue would grow if it wasn't also doing normal agent runs. Maybe pause puppet agent runs until puppetdb is caught up? Puppetdb may not be happy doing its regular work plus this cleanup. You could stop the puppetserver service(s) for the cheap way to

Re: [Puppet Users] PuppetDB low catalog-duplication rate Puppet DB 4.3.0

I had a broadly similar issue in that I had a low catalog duplication rate and I had to change some puppet manifests around to fix that. Back in 2015 I was doing this to get mcollective plugin sources for the file resource: source => regsubst(keys($plugins), '^',

Re: [Puppet Users] passing a regex as a class parameter

After more discussion in #puppet on freenode, this thing: https://tickets.puppetlabs.com/browse/PUP-7735 On Tue, Jun 27, 2017 at 11:44:26AM -0400, Christopher Wood wrote: > A little oddity I stumbled across while getting things wrong about somebody's > pastebin entry in #puppet on fr

[Puppet Users] passing a regex as a class parameter

A little oddity I stumbled across while getting things wrong about somebody's pastebin entry in #puppet on freenode. This thing: class classname ( Regexp $param, ) { notice('yes') } class { 'classname': param => /^.$/, } Does this with puppet 4.10.2: $ puppet apply /tmp/z.pp Error:

Re: [Puppet Users] Dependency conundrum

Sounds like tags and chaining, did something similar for upstart. file { '/usr/lib/systemd/system/patcher-client.service': notify => Service['patcher-client'], tag=> ['reload systemd'], } File <| tag == 'reload systemd' |> ~> Exec['systemctl daemon-reload'] Exec['systemctl

Re: [Puppet Users] same hiera data across multiple profiles

ed? Maybe it >isn't even needed if you are loading component modules like apache and >postfix, as you could just `include apache` and set `apache::somesslparam: >value1` and `postfix::differentsslparamname: value2` and not have to embed >that in your profile classes. &g

Re: [Puppet Users] same hiera data across multiple profiles

e ssl_certs class >they can be accessed via $profile::ssl_certs::parameter_name. > >Hope that helps. > >On Mon, Jun 12, 2017, 9:57 AM Christopher Wood ><[1]christopher_w...@pobox.com> wrote: > > How do you typically organize your data lookups

Re: [Puppet Users] Officiel master puppet and source Puppet agent

Probably not 100% what you're looking for, but you might get some use out of the Debian puppet sources. They have packages for various ARM architectures too. https://packages.debian.org/search?keywords=puppet On Wed, Jun 14, 2017 at 06:03:17AM -0700, Fairouz el ouazi wrote: >HI , >   Is

[Puppet Users] same hiera data across multiple profiles

How do you typically organize your data lookups when you want to use the same hiera data across multiple profiles, themselves possibly used across multiple roles? A cut down example with fake names: class role::mailserver { include ::profile::http include ::profile::smtp } class

Re: [Puppet Users] havina an issue regarding puppet agent run

I think you wanted /pdb/meta/v1/version? This and the other puppetdb documentation may help: https://docs.puppet.com/puppetdb/4.4/api/query/v4/query.html https://docs.puppet.com/puppetdb/4.4/api/meta/v1/version.html (Obviously pick your puppetdb version in the drop-down at the top of the page.)

Re: [Puppet Users] Apply every time for no reason = acceptable?

Consider possibly these cases (which I have seen): i) You are trying to track down an oddity in your puppet codebase, something like a file_line resource and exec resource both managing the same file. ii) You are trying to find a non-puppetized job which is fighting with puppet to decide the

Re: [Puppet Users] migrate from puppetmaster 3.4.3 -> 4.8.2

While I am not the authority on the matter, it looks like the answer is no, and the activerecord terminus is not part of puppet 4. https://tickets.puppetlabs.com/browse/PUP-4627 https://docs.puppet.com/puppet/4.8/lang_exported.html

Re: [Puppet Users] How to create init-scripts and immediately use them in a service?

Lots of different ways, it might make for lighter defines if you used some tags and chaining. Or even use the puppet4 iteration, for some reason defines puzzle a number of folks at work here. class upstart { $upstartreload = '/sbin/initctl reload-configuration' exec { $upstartreload:

Re: [Puppet Users] separating puppetdb and postgresql

(inline) On Tue, Apr 25, 2017 at 07:52:19AM +0200, Angel L. Mateo wrote: > Hello, > > I have this same configuration working without any problem. > > El 24/04/17 a las 23:08, Christopher Wood escribió: > >I am attempting to use the Puppet puppetdb and postgresql modul

[Puppet Users] separating puppetdb and postgresql

I am attempting to use the Puppet puppetdb and postgresql modules from the forge to have postgresql live on a separate server from puppetdb itself. It's not going brilliantly as I'm not understanding how to inform the postgresql module about what version of postgresql is in use for a versioncmp

Re: [Puppet Users] Re: apt/yum.downloads.puppetlabs.com CDN & rsync deprecation

Not sure about the rest of you, but since I have no contract with Puppet Inc. specifying the maintenance of rsync services I would shrug and move to using apt-mirror. I've used it before and it's nearly drop-in. https://apt-mirror.github.io/ https://packages.debian.org/jessie/apt-mirror

Re: [Puppet Users] [PuppetDB] records not being expired from puppetdb?

orts are deleted after 14 days by default > (report-ttl setting), which would explain why you can see node data but no > reports. > > Wyatt > > > On 02/21/2017 11:05 AM, Christopher Wood wrote: > >Our security department raised that point that some nodes present in > >

[Puppet Users] [PuppetDB] records not being expired from puppetdb?

Our security department raised that point that some nodes present in puppetdb are not for current or recently decommissioned servers. Does anybody have a spare hint as to why these nodes haven't become expired over the last few months of not being servers, or where I can look for more

Re: [Puppet Users] Puppet Language Style Guide update

Same budget for tools here. I get along just fine with a combination of puppet-mode for emacs and the pre-commit hook from David Walhstrom's puppet-git-hooks project. https://github.com/voxpupuli/puppet-mode https://github.com/drwahl/puppet-git-hooks (Although I obviously recommend you

Re: [Puppet Users] User Management from LDAP / freeipa

The defined function is more about whether something is defined in the catalog, if I recall correctly. https://docs.puppet.com/puppet/latest/function.html#defined This sounds like something for a custom fact which returns a list of users found on the system. You may have to do an ldapsearch

Re: [Puppet Users] Escape codes in collection types

This thing is nice that way: https://github.com/drwahl/puppet-git-hooks I recommend using the pre-receive hook on the server side. That way you can skip awkward conversations about how people should go the extra mile and exceed expectations by installing git hooks locally. Instead you get to

Re: [Puppet Users] Puppet managing thousands of resources

On Wed, Jan 11, 2017 at 09:40:00PM +, R.I.Pienaar wrote: > > > - Original Message - > > From: "Christopher Wood" <christopher_w...@pobox.com> > > To: "puppet-users" <puppet-users@googlegroups.com> > > Sent: Wednesday, 11 Ja

Re: [Puppet Users] Puppet managing thousands of resources

Out of gruesome interest, 5000 resources of what? Assuming I'm remembering the path correctly, something like this would count it up, modify for your local case (assuming no puppetdb at your place) to search for resource types: python -m json.tool /var/lib/puppet/client_data/catalog/`hostname

[Puppet Users] type/provider for in-kernel networking?

I am digging around the forge and there are a few modules managing networking via ifupdown/net-tools/initscripts. I haven't yet found any types/providers using iproute2 (/sbin/ip). Do any of you know of such a module if it exists? As background, I'm staring at a horrifying set of

Re: [Puppet Users] puppet does not like ~ in file name

I reproduced this with 4.8.0 and filed a ticket. https://tickets.puppetlabs.com/browse/PUP-6914 Seems like it's a ruby thing? https://ruby-doc.org/core-2.1.8/File.html#method-c-expand_path https://github.com/puppetlabs/puppet/blob/master/lib/puppet/type/file.rb Usual disclaimer, not a

Re: [Puppet Users] puppet does not like ~ in file name

I can reproduce this using puppet 4.4.2 from puppet-agent 1.4.2, definitely seems like a bug. You can "cd ~user" in a bash shell so I wonder if somebody somewhere made something which works similarly. I'd be interested in watching the bug you file because I'm nosy. $ cat /tmp/x.pp file {

Re: [Puppet Users] What is the limit of nodes mcollective and activemq can maintain?

(inline) On Thu, Nov 03, 2016 at 05:22:39PM +, R.I.Pienaar wrote: > > > - Original Message - > > From: "Dayton Jones" > > To: "puppet-users" > > Sent: Thursday, 3 November, 2016 18:13:01 > > Subject: [Puppet Users] What is the

Re: [Puppet Users] paragraphing hiera yaml

On Sun, Oct 30, 2016 at 03:38:31PM -0400, Garrett Honeycutt wrote: > On 10/28/16 1:45 PM, Christopher Wood wrote: > > Here's a Friday sort of question. > > > > All the yaml emitters don't add the extra space that I can add as a person > > editing a file t

Re: [Puppet Users] paragraphing hiera yaml

On Sun, Oct 30, 2016 at 08:57:39AM +, R.I.Pienaar wrote: > > > - Original Message - > > From: "Christopher Wood" <christopher_w...@pobox.com> > > To: "puppet-users" <puppet-users@googlegroups.com> > > Sent: Friday, 28 Octo

[Puppet Users] paragraphing hiera yaml

Here's a Friday sort of question. All the yaml emitters don't add the extra space that I can add as a person editing a file to make things more readable. Or to be more accurate, I can't manage it myself and I can't find one that does. Consider the readability of the two examples below when

Re: [Puppet Users] Moment of duhh.... Trying to wrap my head around some condition statements.

On Tue, Sep 27, 2016 at 02:59:17PM -0400, markbergman...@gmail.com wrote: > In the message dated: Tue, 27 Sep 2016 13:38:16 -0400, > The pithy ruminations from Christopher Wood on > condi > tion statements.> were: > => This is one of the first custom facts I wrote,

Re: [Puppet Users] Moment of duhh.... Trying to wrap my head around some condition statements.

This is one of the first custom facts I wrote, you would likely want to improve on it based on the guide. However it has worked for us for a few years now. Enjoy? This lives in inventory/lib/facter/hpsrl.rb. if FileTest.exists?("/usr/sbin/dmidecode") # Add remove things to query here query =

Re: [Puppet Users] notify resource different between 3 and 4?

On Fri, Sep 16, 2016 at 06:44:36PM +0100, R.I.Pienaar wrote: > > > - Original Message - > > From: "Christopher Wood" <christopher_w...@pobox.com> > > To: "puppet-users" <puppet-users@googlegroups.com> > > Sent: Friday, 16 Sept

Re: [Puppet Users] notify resource different between 3 and 4?

On Fri, Sep 16, 2016 at 06:17:48PM +0100, R.I.Pienaar wrote: > > > - Original Message - > > From: "Christopher Wood" <christopher_w...@pobox.com> > > To: "puppet-users" <puppet-users@googlegroups.com> > > Sent: Friday, 16

[Puppet Users] notify resource different between 3 and 4?

While trying to figure out the reduce function with notice/notify I happened across this thing. It looks like an unquoted array in the notify resource's message only appears as its first array item. Not sure if it's a bug. I couldn't find any documentation to say if this was intended and I

Re: [Puppet Users] Re: Puppet control, Hiera data, puppetfile, and r10k and git merging woes

that sounds like you would need to apply multiple puppet >environments to a node to get the full config...one "common" environment >and one with "non-common" configuration...and I don't think this is >currently possible? > >On Aug 20, 2016 12:

Re: [Puppet Users] Re: Puppet control, Hiera data, puppetfile, and r10k and git merging woes

Lots about hiera data in this thread, how about modules? Having a common environment for the common modules and using basemodulepath helps some, but it's not everything. On Sat, Aug 20, 2016 at 05:50:12AM -0700, Chadwick Banning wrote: >This is an issue I run into pretty regularly. If your

Re: [Puppet Users] Puppet control, Hiera data, puppetfile, and r10k and git merging woes

August 17, 2016 at 3:52:31 PM UTC-5, Christopher Wood wrote: > > It sounds like these might help: > > [1]https://puppet.com/blog/git-workflows-puppet-and-r10k > > [2]http://garylarizza.com/blog/categories/r10k/ > > Seems like you would benefit from havi

Re: [Puppet Users] Puppet control, Hiera data, puppetfile, and r10k and git merging woes

It sounds like these might help: https://puppet.com/blog/git-workflows-puppet-and-r10k http://garylarizza.com/blog/categories/r10k/ Seems like you would benefit from having all teams work from branches of current production and merge back, rather than maintaining a semi-permanent dev branch

Re: [Puppet Users] R10k Deploy single module first time

You can incrementally check r10k syntax with: r10k r10k deploy (etc.) In your case maybe one of these? Try it and see, I never use these. r10k deploy module modulename r10k deploy module --environment myenv modulename On Tue, Aug 16, 2016 at 08:14:14AM -0700, broncosd183 wrote: >Hello, >

Re: [Puppet Users] How to refer to exported resource parameters in a template

On Mon, Aug 08, 2016 at 11:28:55AM -0700, Matthew Pounsett wrote: >I'm using puppet 4.4.1.  I have a case where I need the IP addresses of >all the servers that fit a certain set of criteria to appear in a YAML >list in a config file on a particular host. Been there for an

Re: [Puppet Users] Service entry for puppet agents not working

On Mon, Aug 08, 2016 at 05:40:24AM -0700, Bret Wortman wrote: >We've been using cron to manage our puppet agents for the past few years >but have discovered some issues where it's running under a different >environment and is having trouble completing when run in cron, but it >

Re: [Puppet Users] Recommended/Suggested R10k Deployment Strategy

On Wed, Jul 27, 2016 at 08:18:37AM -0700, dsdwcal wrote: >Hmm ok thanks for the speedy reply! > >In implementing R10k, we've recently transitioned from a monolithic module >repo to individual module repos. As such, our /etc/puppet/modules folder >used to be managed by a single git

Re: [Puppet Users] Re: hiera-eyaml not decrypting?

Same, all files here are eyaml. On Fri, Jul 08, 2016 at 11:04:11AM -0700, Andrew Grimberg wrote: > Our team completely dropped the yaml backend as we always ended up with > weird issues of hiera not always finding the yaml. Doesn't matter if we > don't actually have anything encrypted in the

Re: [Puppet Users] encrypting hiera data?

Puppet at least plugs it in their blog. https://puppet.com/blog/encrypt-your-data-using-hiera-eyaml We've had lots of good uses for it in production. On Fri, Jul 08, 2016 at 06:29:31AM -0700, dkoleary wrote: >Hey; >I've come to the point where I need to encrypt a password in hiera data.

[Puppet Users] near-identical puppetdb queries, dissimilar outputs

This is with puppetdb 3.2.4 running on java 1.8 on CentOS 6. Does this behaviour sound familiar to anybody? This query (query1) produces fact paths limited to the named facts from the "stype" of "pmail" in the "environment" of "mail".

Re: [Puppet Users] Re-enrolling clients after major version upgrade

To your specific issue, it looks like your agent's CA cert doesn't match the issuer of the new puppetmaster's CA cert ("unable to get local issuer certificate"). If I recall correctly, an agent without a CA cert will download one from the puppetmaster the first time and thereafter check it. You

Re: [Puppet Users] Git Repo Strategy

On Fri, Jun 10, 2016 at 05:57:13AM -0700, Funsaized wrote: >Hello, > >I am relatively new to puppet and am trying to develop a good workflow in >conjunction with git/github to keep a better version control system. The >version of puppet that I am working with and has been

Re: [Puppet Users] Trigger apt-get update if packages are to be installed

Back when I was doing this on Debian/Ubuntu I ended up doing the apt-get update on every agent run. This didn't stress the apt proxy (far from it) and made sure the agent had an up to date view of apt every time no matter what. This would also cover if somebody uses ensure=>latest or

Re: [Puppet Users] how to escape %{ in hiera

I ran into this too, use the literal function. $ grep -rh literal hieradata/ testing::cwood1::param3: "%{literal('%')}{::hostname}" testing::cwood1::param3: "%{literal('%')}{::hostname}" https://docs.puppet.com/hiera/3.1/variables.html#the-literal-lookup-function On Mon, Jun 06, 2016 at

[Puppet Users] facter 3 behaviour change in vlan interface legacy facts

This is something I found after upgrading a number of puppet agents from 3.8.5 to 4.4.2 using the puppet-agent-1.4.2-1.el6.x86_64.rpm rpm on CentOS 6. The legacy fact names around vlan interfaces are not the same as the facter2 versions of those facts. facter < 3: ipaddress_eth0_413 facter >=

Re: [Puppet Users] facter 3.2 global custom facts directory?

ts. >2016-05-28 08:16:04.007756 DEBUG puppetlabs.facter - fact "env" does not >exist. >It looks like facter, run as a non-root user, is limited to personal home >directories.  So, rephrasing the original question: is there some way to >tell non-root f

Re: [Puppet Users] facter 3.2 global custom facts directory?

Just to confirm that's a typo below? You have an "s" in facter. /etc/facter/facts.d On Fri, May 27, 2016 at 03:15:11PM -0700, dkoleary wrote: > Thanks for the response. I'm pretty sure I tried /etc/faster/facts.d; but, > I'll confirm that. > > Thanks again. > > -- > You received this

Re: [Puppet Users] facter 3.2 global custom facts directory?

All the custom facts here in /etc/facter/facts.d have worked just fine across the facter 2.4.4 -> facter 3.1.6 upgrade. https://docs.puppet.com/facter/3.1/custom_facts.html On Fri, May 27, 2016 at 12:28:50PM -0700, dkoleary wrote: >Hey; >I'm drafing some custom facts that I would like

Re: [Puppet Users] Puppet and SVN

o fit git. or is the way you think > about the DB that different ? > > Could you point a good starting point to read up on this ? > > Thanks > Alex > > On 24 May 2016 at 07:16, Christopher Wood <christopher_w...@pobox.com> wrote: > > On Mon, May 23, 2016 at 03:5

Re: [Puppet Users] Puppet and SVN

On Mon, May 23, 2016 at 03:51:58PM +1000, Alex Samad wrote: > How hard is it to retro fit SVN / GIT onto a puppet install. > > I am building from scratch, working through the doco. > > Was thinking once I have a friendly setup then I would look at putting > that into SVN/GIT. Do yourself a huge

Re: [Puppet Users] puppet 4 environments git feedback?

On Thu, May 19, 2016 at 11:39:30AM -0400, Rob Nelson wrote: >Doug, > >If all your git repositories are local filestores, that's probably a >pretty reasonable workflow. However, most people use some form of >dedicated service as their git origins, that reside external to the local

Re: [Puppet Users] Puppet install failure

om/puppet/ >Would have been nice if they explained this in README.txt... > Paul > >On Tuesday, April 26, 2016 at 2:46:13 PM UTC-5, Christopher Wood wrote: > > On Tue, Apr 26, 2016 at 12:37:38PM -0700, Paul Trepanier wrote: > >    Hi Folks, > >

Re: [Puppet Users] Puppet install failure

On Tue, Apr 26, 2016 at 12:37:38PM -0700, Paul Trepanier wrote: >Hi Folks, >..on CentOS 7 > ># rpm -ivh http://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm ># yum install puppet-server ># puppet resource package puppet-server ensure=latest >After doing this, there

Re: [Puppet Users] Puppet MultiMaster open source

https://docs.puppet.com/puppetserver/2.2/external_ca_configuration.html#disabling-the-internal-puppet-ca-service I use that line and have puppetized builds for puppetmasters anyway. Albeit that setting the Subject Alternative Name for the outside of the load balancer takes slightly more effort

Re: [Puppet Users] How to Read New Files Dynamically with Hiera?

On Thu, Apr 14, 2016 at 07:34:34AM -0700, o...@soluto.com wrote: > Hi, >We need to manage many keys in Hiera. Since many people should be able to >edit the keys and in order to avoid a complete mess I was thinking to work >with many different files. The problem is that I don't know

Re: [Puppet Users] Announce: Puppet 3.8.5 available

(Pardon the necro, I felt these interesting results should be filed with the other ones.) On Thu, Feb 11, 2016 at 08:50:32AM -0800, Kylo Ginsberg wrote: >On Thu, Feb 11, 2016 at 8:02 AM, Christopher Wood ><[1]christopher_w...@pobox.com> wrote: > > For idle

Re: [Puppet Users] mirroring puppet 4

That PC1 thing is intentional. https://docs.puppetlabs.com/puppet/4.0/reference/release_notes.html I'm curious how it came to be that anybody needs to know the specific repository and package to install to get puppet working? In your situation I would probably have cobbler or similar install

Re: [Puppet Users] v3 agent to v4 master ssl issue

ypical certificate lifespan. > >On Feb 19, 2016 3:54 PM, "Christopher Wood" ><[1]christopher_w...@pobox.com> wrote: > > I checked, the CA in use on my puppet4/puppetserver installation > definitely has no subjectAltName extension and a puppet4 ag

Re: [Puppet Users] v3 agent to v4 master ssl issue

. And yes, you will have > to re-certify your infrastructure for the upgrade if this is the case. > > Cheers, > Felix > > On 02/11/2016 11:02 PM, Christopher Wood wrote: > >Update is that I still don't know why this happened, but I know what I > >should not do when I go

Re: [Puppet Users] Announce: Puppet 3.8.5 available

For idle interest's sake, I calculated the catalog compilation times across our puppetmasters on Thursday January 28th with (open source) 3.8.4 and did the same thing just now for Thursday February 4th with (open source) 3.8.5. Average catalog compilation times improved from 23.59 s to 20.44 s,

  1   2   3   4   5   >