from:"Patrick"

[Puppet Users] Re: Trouble after Agent upgrade -- Error: Could not autoload puppet/provider/package/gem: superclass must be a Class (Module given)

2019-06-21 Thread Patrick Whitney

Hi Charlie,

Thanks for the help!

# Fact: package_provider
#
# Purpose: Returns the default provider Puppet will choose to manage 
packages
#   on this system
#
# Resolution: Instantiates a dummy package resource and return the provider
#
# Caveats:
#
require 'puppet/type'
require 'puppet/type/package'


Facter.add(:package_provider) do
  setcode do
if defined? Gem && Gem::Version.new(Facter.value(:puppetversion).split(' 
')[0]) >= Gem::Version.new('3.6')
  Puppet::Type.type(:package).newpackage(:name => 'dummy', :allow_virtual 
=> 'true')[:provider].to_s
else
  Puppet::Type.type(:package).newpackage(:name => 'dummy')[:provider].
to_s
end
  end
end


On Thursday, June 20, 2019 at 6:36:13 PM UTC-4, Charlie Sharpsteen wrote:
>
> Could you post the content of package_provider.rb? Since that is in 
> cache/lib/facter, it is a custom fact and the specifics of its 
> implementation could shed some light on what is happening.
>
> -Charlie
>
>
> On Thursday, June 20, 2019 at 1:53:34 PM UTC-7, Patrick Whitney wrote:
>>
>> Hello Everyone,
>>
>> I hope you can help.
>>
>> Our puppet agent was updated to version 6.5.0 on our servers last night.  
>> Things are working fine, except for two servers are throwing the error 
>> below (SNIP #1).A little digging found I could reproduce the error by 
>> running 'facter -p' or 'puppet facts'  (SNIP #2).  Trying to identify 
>> exactly what is going on, I got as far as running the offending ruby script 
>> (package_provider.rb) and it also returns the error, but, at least with a 
>> stack trace (SNIP #3).  
>>
>> Does anyone have any idea what we've encountered?  
>>
>> Any help would be greatly appreciated. 
>>
>> Thanks!
>> -Pat
>>
>>
>>
>> SNIP #1
>>
>> # puppet agent -t
>> Info: Using configured environment 'production'
>> Info: Retrieving pluginfacts
>> Info: Retrieving plugin
>> Info: Retrieving locales
>> Info: Loading facts
>> Error: Could not autoload puppet/provider/package/gem: superclass must 
>> be a Class (Module given)
>> Error: Facter: error while resolving custom facts in /opt/puppetlabs/
>> puppet/cache/lib/facter/package_provider.rb: Could not autoload puppet/
>> provider/package/gem: superclass must be a Class (Module given)
>> Info: Caching catalog for eu-assist.aws-eu.int.luminoso.com
>> Info: Applying configuration version '1561063233'
>> Notice: Applied catalog in 15.24 seconds
>>
>>
>> SNIP #2
>> # puppet facts > /dev/null
>> Error: Could not autoload puppet/provider/package/gem: superclass must 
>> be a Class (Module given)
>> Error: Facter: error while resolving custom facts in /opt/puppetlabs/
>> puppet/cache/lib/facter/package_provider.rb: Could not autoload puppet/
>> provider/package/gem: superclass must be a Class (Module given)
>> # facter -p > /dev/null
>> 2019-06-20 20:42:36.539351 ERROR puppetlabs.facter - error while 
>> resolving custom facts in /opt/puppetlabs/puppet/cache/lib/facter/
>> package_provider.rb: Could not autoload puppet/provider/package/gem: 
>> superclass must be a Class (Module given)
>>
>> SNIP #3
>> # /opt/puppetlabs/puppet/bin/ruby 
>> /opt/puppetlabs/puppet/cache/lib/facter/package_provider.rb
>> Traceback (most recent call last):
>>  15: from /opt/puppetlabs/puppet/cache/lib/facter/package_provider.rb:11:
>> in `'
>>  14: from 
>> /opt/puppetlabs/puppet/lib/ruby/2.5.0/rubygems/core_ext/kernel_require.rb:59:in
>>  
>> `require'
>>  13: from 
>> /opt/puppetlabs/puppet/lib/ruby/2.5.0/rubygems/core_ext/kernel_require.rb:59:in
>>  
>> `require'
>>  12: from /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/type/package
>> .rb:9:in `'
>>  11: from 
>> /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/type/package.rb:10:in `
>> '
>>  10: from 
>> /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/metatype/manager.rb:127:in
>>  
>> `newtype'
>>  9: from /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/autoload
>> .rb:215:in `loadall'
>>  8: from 
>> /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/autoload.rb:79:in `
>> loadall'
>>  7: from 
>> /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/autoload.rb:79:in 
>> `each'
>>  6: from /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/autoload
>> .rb:81:in `block in loadall'
>>  5: from 
>> /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/autoload.rb:66:in `
>> load_file'
>>  4: from 
>> /opt/puppetlabs/puppet/lib/ruby/vendor_r

[Puppet Users] Trouble after Agent upgrade -- Error: Could not autoload puppet/provider/package/gem: superclass must be a Class (Module given)

2019-06-20 Thread Patrick Whitney

Hello Everyone,

I hope you can help.

Our puppet agent was updated to version 6.5.0 on our servers last night.  
Things are working fine, except for two servers are throwing the error 
below (SNIP #1).A little digging found I could reproduce the error by 
running 'facter -p' or 'puppet facts'  (SNIP #2).  Trying to identify 
exactly what is going on, I got as far as running the offending ruby script 
(package_provider.rb) and it also returns the error, but, at least with a 
stack trace (SNIP #3).  

Does anyone have any idea what we've encountered?  

Any help would be greatly appreciated. 

Thanks!
-Pat



SNIP #1

# puppet agent -t
Info: Using configured environment 'production'
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Retrieving locales
Info: Loading facts
Error: Could not autoload puppet/provider/package/gem: superclass must be a 
Class (Module given)
Error: Facter: error while resolving custom facts in /opt/puppetlabs/puppet/
cache/lib/facter/package_provider.rb: Could not autoload puppet/provider/
package/gem: superclass must be a Class (Module given)
Info: Caching catalog for eu-assist.aws-eu.int.luminoso.com
Info: Applying configuration version '1561063233'
Notice: Applied catalog in 15.24 seconds


SNIP #2
# puppet facts > /dev/null
Error: Could not autoload puppet/provider/package/gem: superclass must be a 
Class (Module given)
Error: Facter: error while resolving custom facts in /opt/puppetlabs/puppet/
cache/lib/facter/package_provider.rb: Could not autoload puppet/provider/
package/gem: superclass must be a Class (Module given)
# facter -p > /dev/null
2019-06-20 20:42:36.539351 ERROR puppetlabs.facter - error while resolving 
custom facts in /opt/puppetlabs/puppet/cache/lib/facter/package_provider.rb: 
Could not autoload puppet/provider/package/gem: superclass must be a Class (
Module given)

SNIP #3
# /opt/puppetlabs/puppet/bin/ruby 
/opt/puppetlabs/puppet/cache/lib/facter/package_provider.rb
Traceback (most recent call last):
 15: from /opt/puppetlabs/puppet/cache/lib/facter/package_provider.rb:11:in 
`'
 14: from 
/opt/puppetlabs/puppet/lib/ruby/2.5.0/rubygems/core_ext/kernel_require.rb:59:in 
`require'
 13: from 
/opt/puppetlabs/puppet/lib/ruby/2.5.0/rubygems/core_ext/kernel_require.rb:59:in 
`require'
 12: from /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/type/package.rb
:9:in `'
 11: from 
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/type/package.rb:10:in `<
module:Puppet>'
 10: from 
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/metatype/manager.rb:127:in 
`newtype'
 9: from /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/autoload.rb
:215:in `loadall'
 8: from 
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/autoload.rb:79:in `
loadall'
 7: from 
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/autoload.rb:79:in 
`each'
 6: from /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/autoload.rb
:81:in `block in loadall'
 5: from 
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/autoload.rb:66:in `
load_file'
 4: from 
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/autoload.rb:66:in 
`load'
 3: from /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/provider/package
/gem.rb:1:in `'
 2: from 
/opt/puppetlabs/puppet/lib/ruby/2.5.0/rubygems/core_ext/kernel_require.rb:59:in 
`require'
 1: from 
/opt/puppetlabs/puppet/lib/ruby/2.5.0/rubygems/core_ext/kernel_require.rb:59:in 
`require'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/provider/
package_targetable.rb:23:in `': Could not autoload 
puppet/provider/package/gem: superclass must be a Class (Module given) 
(Puppet::Error)

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/0eb0ebaa-4998-4eb6-9aa9-750b74cf50e6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Puppet server stopped working

2018-07-02 Thread Patrick Lesher

One of our guys did something similar a couple weeks ago and we didn’t have a 
backup.  It sounds like ours was a little different in that the server was 
running fine, remote agents could connect, process, etc, but the puppet 
master’s agent refused to run.

Ours is a mono deployment on a single VM so I could take a snapshot and play 
around with it.


In the end I did an upgrade to the latest 2018 ( it was 2017.x ) and everything 
came up working.  I’m not sure if that will help you but it solved our problem.



> On Jul 2, 2018, at 7:35 AM, Bret Wortman  wrote:
> 
> I accidentally ran puppet agent on our puppet master and now puppet server 
> won't start up any more. Multiple reboots have failed to clear the situation 
> and I can't figure out what file changed.
> 
> Here's the tail end of /var/log/messages | grep puppetserver, minus the 
> datestamps:
> 
> :
> puppet puppetserver: at 
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
> puppet puppetserver: at 
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
> puppet puppetserver: at java.lang.Thread.run(Thread.java:748)
> puppet puppetserver: Background process 4918 exited before start had completed
> puppet systemd: puppetserver.service: control process exited, code=exited 
> status=1
> puppet systemd: Failed to start puppetserver Service.
> puppet systemd: Unit puppetserver.service entered failed state.
> puppet systemd: puppetserver.service failed.
> puppet systemd: puppetserver.service holdoff time over, scheduling restart
> puppet systemd: Starting puppetserver Service...
> puppet puppetserver: OpenJDK 64-Bit Server VM warning: ignoring option 
> MaxPermSize=256m; support was removed in 8.0
> 
> Any thoughts about where to look next for a solution, or at least a more 
> in-depth understanding of what's going on? This server has been in operation 
> for several years without any issues until we stomped something...
> 
> Thanks,
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/39635033-2e37-49de-8e86-493c7829654a%40googlegroups.com
>  
> .
> For more options, visit https://groups.google.com/d/optout 
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/1D21CE3C-83A5-487C-8C12-D003564B0634%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Diagnose error with simple tutorial in "Learning Puppet 4"?

2016-05-30 Thread Patrick Ryll

This solution worked for me, thanks.  Is there any chance someone could put 
this on the Puppet 4 Errata page and/or inform Jo Rhett of this issue?  It 
doesn't seem to be included as of yet (May 30th, 2016) in the O'Reilly 
errata.  Thanks...I'll be happy to do it myself, but since I didn't really 
figure this out...anyway, very helpful thanks.

On Tuesday, May 17, 2016 at 3:38:36 PM UTC-4, David Karr wrote:
>
> I'm stepping through "Learning Puppet 4".  I'm on the chapter that builds 
> a simple custom module.  I've followed the instructions as far as I can 
> tell, but when I try to apply the module, I get the following:
>
> [vagrant@client modules]$ puppet apply --environment test ../manifests/
> Error: Evaluation Error: Error while evaluating a Method call, Could not 
> find class ::puppet::agent for client.example.com at /etc/puppetlabs/code/
> environments/test/manifests/site.pp:6:43 on node client.example.com
>
> I'm sure I've done something wrong, but I can't see it.
>
> Here's the "site.pp" file being referenced:
> notify { 'UsingTest':
> message => "Processing catalog from the Test environment.",
> }
>
> # lookup all classes defined in hiera and other data sources
> lookup('classes', Array[String], 'unique').include
>
> And here's the modules "init.pp" manifest (although I get the same error 
> when I comment out the entire body of the class definition):
> class puppet {
>   # install puppet-agent
>   package { 'puppet-agent':
> ensure => 'latest',
> notify => Service['puppet'],
>   }
>
>   # manage the puppet service
>   service { 'puppet':
> ensure => 'running',
> enable => true,
> subscribe => Package['puppet-agent'],
>   }
> }
>
> What else could I do to get more information?
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/3b430fa8-5386-4999-84bd-b26a687ddea3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] unable to create home directory

2016-04-04 Thread Patrick G.

I don't need to create the user just /home//.ssh because the user 
exist in ldap.
So how do I give access to puppet to create only /home/admin/.ssh



Op vrijdag 1 april 2016 16:32:43 UTC+2 schreef Mike Hendon:
>
>
> On Friday, 1 April 2016 14:34:01 UTC+1, jcbollinger wrote:
>>
>>
>>
>> On Thursday, March 31, 2016 at 9:34:04 AM UTC-5, Warron French wrote:
>>>
>>> Isn't .ssh created after the first time a user attempts an SSH outbound 
>>> connection, not at initial creation of homedirs?
>>>
>>
>> Inasmuch as we seem to be talking about OpenSSH or a work-alike, yes, the 
>> ssh client creates the .ssh/ directory automatically at need.  In no way 
>> does that mean it cannot or should not be created by another mechanism, 
>> however.  The directory needs to exist so that Puppet can manage an 
>> authorized key entry within.  If it does not already exist at the time of 
>> the catalog run, then Puppet needs to create it.  Puppet is trying to do 
>> so, but failing.
>>
>>
>> John
>>
>>
> To create the admin home directory first the ssh key resource should be 
> dependent on an admin user resource. 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/310a2efd-c008-4052-af72-f5b51f386b57%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] unable to create home directory

2016-03-31 Thread Patrick G.

/home does exists but /home/admin doesn’t because it is a new user.

How should I give puppet permission to create this directory?

> On 31 mrt. 2016, at 13:14, Chad Huneycutt <chad.huneyc...@gmail.com> wrote:
> 
> That is actually where it is failing. Does /home and /home/admin exist?  Does 
> puppet have permission to create it?
> 
> 
> On Thursday, March 31, 2016, Patrick G. <pgh2...@gmail.com 
> <mailto:pgh2...@gmail.com>> wrote:
> Nope …
> With new users this should create the directory.
> 
> The debug log shows:
>> Debug: Creating /home/admin/.ssh
> 
> But it doesn’t create it.
> 
> Gr. Patrick.
> 
>> On 29 mrt. 2016, at 17:09, Lowe Schmidt <m...@loweschmidt.se 
>> <javascript:_e(%7B%7D,'cvml','m...@loweschmidt.se');>> wrote:
>> 
>> > Notice: /Stage[main]/Ssh/Ssh_authorized_key[admin]/ensure: created
>> > Debug: Creating /home/admin/.ssh
>> > Error: /Stage[main]/Ssh/Ssh_authorized_key[admin]: Could not evaluate: No 
>> > such file > or directory - /home/admin/.ssh
>> 
>> Well, does the directory /home/admin/.ssh exist? 
>> 
>> 
>> --
>> Lowe Schmidt | +46 723 867 157
>> 
>> On 29 March 2016 at 16:44, Patrick G. <pgh2...@gmail.com 
>> <javascript:_e(%7B%7D,'cvml','pgh2...@gmail.com');>> wrote:
>> Hi,
>> 
>> I am using # puppet-module-ssh
>> 
>> In the yaml file I have:
>> 
>> ssh::keys:
>>   admin:
>> ensure: present
>> user: admin
>> type: dsa
>> key: ...==
>> 
>> But when running puppet agent I get:
>> 
>> Notice: /Stage[main]/Ssh/Ssh_authorized_key[admin]/ensure: created
>> Debug: Creating /home/admin/.ssh
>> Error: /Stage[main]/Ssh/Ssh_authorized_key[admin]: Could not evaluate: No 
>> such file or directory - /home/admin/.ssh
>> 
>> 
>> 
>> 
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to puppet-users+unsubscr...@googlegroups.com 
>> <javascript:_e(%7B%7D,'cvml','puppet-users%2bunsubscr...@googlegroups.com');>.
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/puppet-users/892b9b3a-30b3-47e5-8c0f-1e52a2309179%40googlegroups.com
>>  
>> <https://groups.google.com/d/msgid/puppet-users/892b9b3a-30b3-47e5-8c0f-1e52a2309179%40googlegroups.com?utm_medium=email_source=footer>.
>> For more options, visit https://groups.google.com/d/optout 
>> <https://groups.google.com/d/optout>.
>> 
>> 
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to puppet-users+unsubscr...@googlegroups.com 
>> <javascript:_e(%7B%7D,'cvml','puppet-users%2bunsubscr...@googlegroups.com');>.
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/puppet-users/CAC-wWcRByycxjrkvWMWrOhX7EiVGLxrsQ7z2zx8m8%3DBt7Wc6Mg%40mail.gmail.com
>>  
>> <https://groups.google.com/d/msgid/puppet-users/CAC-wWcRByycxjrkvWMWrOhX7EiVGLxrsQ7z2zx8m8%3DBt7Wc6Mg%40mail.gmail.com?utm_medium=email_source=footer>.
>> For more options, visit https://groups.google.com/d/optout 
>> <https://groups.google.com/d/optout>.
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> <javascript:_e(%7B%7D,'cvml','puppet-users%2bunsubscr...@googlegroups.com');>.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/3BE51F3A-023A-46F8-AF09-881F68CA5E92%40gmail.com
>  
> <https://groups.google.com/d/msgid/puppet-users/3BE51F3A-023A-46F8-AF09-881F68CA5E92%40gmail.com?utm_medium=email_source=footer>.
> For more options, visit https://groups.google.com/d/optout 
> <https://groups.google.com/d/optout>.
> 
> 
> -- 
> Chad M. Huneycutt
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> <mailto:puppet-users+unsubscr...@googlegroups.com>.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-us

Re: [Puppet Users] unable to create home directory

2016-03-31 Thread Patrick G.

Nope …
With new users this should create the directory.

The debug log shows:
> Debug: Creating /home/admin/.ssh

But it doesn’t create it.

Gr. Patrick.

> On 29 mrt. 2016, at 17:09, Lowe Schmidt <m...@loweschmidt.se> wrote:
> 
> > Notice: /Stage[main]/Ssh/Ssh_authorized_key[admin]/ensure: created
> > Debug: Creating /home/admin/.ssh
> > Error: /Stage[main]/Ssh/Ssh_authorized_key[admin]: Could not evaluate: No 
> > such file > or directory - /home/admin/.ssh
> 
> Well, does the directory /home/admin/.ssh exist? 
> 
> 
> --
> Lowe Schmidt | +46 723 867 157
> 
> On 29 March 2016 at 16:44, Patrick G. <pgh2...@gmail.com 
> <mailto:pgh2...@gmail.com>> wrote:
> Hi,
> 
> I am using # puppet-module-ssh
> 
> In the yaml file I have:
> 
> ssh::keys:
>   admin:
> ensure: present
> user: admin
> type: dsa
> key: ...==
> 
> But when running puppet agent I get:
> 
> Notice: /Stage[main]/Ssh/Ssh_authorized_key[admin]/ensure: created
> Debug: Creating /home/admin/.ssh
> Error: /Stage[main]/Ssh/Ssh_authorized_key[admin]: Could not evaluate: No 
> such file or directory - /home/admin/.ssh
> 
> 
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> <mailto:puppet-users+unsubscr...@googlegroups.com>.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/892b9b3a-30b3-47e5-8c0f-1e52a2309179%40googlegroups.com
>  
> <https://groups.google.com/d/msgid/puppet-users/892b9b3a-30b3-47e5-8c0f-1e52a2309179%40googlegroups.com?utm_medium=email_source=footer>.
> For more options, visit https://groups.google.com/d/optout 
> <https://groups.google.com/d/optout>.
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> <mailto:puppet-users+unsubscr...@googlegroups.com>.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/CAC-wWcRByycxjrkvWMWrOhX7EiVGLxrsQ7z2zx8m8%3DBt7Wc6Mg%40mail.gmail.com
>  
> <https://groups.google.com/d/msgid/puppet-users/CAC-wWcRByycxjrkvWMWrOhX7EiVGLxrsQ7z2zx8m8%3DBt7Wc6Mg%40mail.gmail.com?utm_medium=email_source=footer>.
> For more options, visit https://groups.google.com/d/optout 
> <https://groups.google.com/d/optout>.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/3BE51F3A-023A-46F8-AF09-881F68CA5E92%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] unable to create home directory

2016-03-29 Thread Patrick G.

Hi,

I am using # puppet-module-ssh

In the yaml file I have:

ssh::keys:
  admin:
ensure: present
user: admin
type: dsa
key: ...==

But when running puppet agent I get:

Notice: /Stage[main]/Ssh/Ssh_authorized_key[admin]/ensure: created
Debug: Creating /home/admin/.ssh
Error: /Stage[main]/Ssh/Ssh_authorized_key[admin]: Could not evaluate: No 
such file or directory - /home/admin/.ssh



-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/892b9b3a-30b3-47e5-8c0f-1e52a2309179%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] r10k database backend

2016-01-25 Thread Patrick Lesher

Has anyone thought about or tried to have r10k run against a mysql backend 
to populate at least the information the puppetfile gives?

Updating each puppetfile for a large number of “Environments” can be 
burdonsome when we have to update the version on a number of modules.  We 
already have all of our hiera data in a mysql backend and would like to try 
to simplify some processes.

Thanks,
Patrick

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/4733e1e7-734b-4a13-8bea-c8942a988c40%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] merge 2 of more files

2015-09-07 Thread Patrick G.

Hi,

In /etc/puppet/hieradata/users/ I have 2 yaml files.
For a node I want to merge these files and on the other node only one file.

In the /etc/puppet/enc/nodes/server1.yaml I have:
---
classes:
  - ssh
parameters:
  usergroups: 
- group1
- group2

And on the other node only -group2.

The problem is that the first node is not merging the 2 files.

What am I doing wrong here?

regards, Patrick.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/c06e6d83-fbe1-4f52-9bf2-5615a8fea5b6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] keep changing owner

2015-08-24 Thread Patrick G.

Thanks .. that module did changed the ownership of libdir.

Regards, Patrick.

Op maandag 17 augustus 2015 17:55:51 UTC+2 schreef Josh Cooper:

Hi Patrick,

On Thu, Aug 13, 2015 at 6:10 AM, Patrick G. pgh...@gmail.com
javascript: wrote:

Hi,

When running puppet agent -t I get

Notice: /File[/var/lib/puppet/lib]/owner: owner changed 'puppet' to 'root'
Notice: /File[/var/lib/puppet/lib]/group: group changed 'puppet' to 'root'

And then

Notice: /Stage[main]/My_fw/File[/var/lib/puppet/lib]/owner: owner changed
'root' to 'puppet'
Notice: /Stage[main]/My_fw/File[/var/lib/puppet/lib]/group: group changed
'root' to 'puppet'

For a lot of files.

Why?

Puppet will manage file permissions for its internal settings that are
file/directories, e.g. Puppet[:libdir] is /var/lib/puppet/lib. It appears
you have a module that is trying to manage permissions on that directory as
well, and they disagree about what the desired state should be. I would
remove the /var/lib/puppet/lib resource from your My_fw module (and any
other Puppet settings-related file/directory).

Regards, Patrick.

https://groups.google.com/d/msgid/puppet-users/1af6a1e5-4125-457c-a0ec-5b0a139042df%40googlegroups.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

Josh

--
Josh Cooper
Developer, Puppet Labs

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/4d71c7b0-bff4-4f53-84bf-87d01ef0ceb1%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Help with hiera.yaml config

2015-08-13 Thread Patrick G.

I've tried that also but then it's removing both entries.


Op dinsdag 11 augustus 2015 03:28:12 UTC+2 schreef 
gregory...@calorieking.com:

 Hi Patrick, 

 On 10/08/15 17:10, Patrick G. wrote: 
  parameters: 
 sudoroles: 'root_users' 
 sudoroles: 'dba_users' 

 That reads to me like you've overwritten the first sudoroles value with 
 the second entry. If you want both, it would need to be e.g. an array: 

 parameters: 
sudoroles: 
  - 'root_users' 
  - 'dba_users' 

 ... with relevant logic in the module to handle an array. 

 HTH, 
 Greg. 


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/218057c7-c6fc-438e-9bee-b8931afd8223%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] get data from yaml in subdirs

2015-08-13 Thread Patrick G.

Hi,

Can someone please explain something.

I have a hiera.yaml:
---
:backends:
  - yaml
:yaml:
  :datadir: /etc/puppet/hieradata

:hierarchy:
  - usergroups/%{::usersgroups}
  - global

global.yaml contains:
---
test: Test_output

When I do a:
hiera -c /etc/puppet/hiera.yaml test

I'll get: 
Test_output

but i want this global.yaml in /etc/puppet/hieradata/usergroups

But how do call this information from a subdir?

regards, patrick.




-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/49bc3764-3ec8-4fbf-aea5-ace988a456dd%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Help with hiera.yaml config

2015-08-13 Thread Patrick G.

What I have is:

---
:backends:
  - yaml
:yaml:
  :datadir: /etc/puppet/hieradata

:hierarchy:
  - nodes/%{::fqdn}
  - usergroups/%{usergroups}


---
classes:
  - colorprompt
  - ntp
  - motd
  - ssh
  - sudodba
  - sudoroot

colorprompt::server_color: 'blue'
parameters:
  usergroups: 
- 'root'
- 'admiam'
- 'oracle'


This works:
hiera -c /etc/puppet/hiera.yaml -d ssh::keys usergroups=oracle


But it won't put al the usergroups on this server.

Op maandag 10 augustus 2015 11:10:44 UTC+2 schreef Patrick G.:

 Hi,

 I have the following config.

 :backends:
   - yaml
 :yaml:
   :datadir: /etc/puppet/hieradata

 :hierarchy:
   - nodes/%{::fqdn}
   - sudoroles/%{::sudoroles}
   - common

 In sudorules I have twho files with root users en dba users.

 On a server I want both root users and dba users and on the other server 
 only the root user.

 In enc/nodes/server1 i have:

 ---
 classes:
   - sudoroles

 parameters:
   sudoroles: 'root_users'
   sudoroles: 'dba_users'

 But only dba_users are created and the root_users removed.

 Can someone please help how to do this?

 Regards, Patrick.


Op dinsdag 11 augustus 2015 03:28:12 UTC+2 schreef 
gregory...@calorieking.com:

 Hi Patrick, 

 On 10/08/15 17:10, Patrick G. wrote: 
  parameters: 
 sudoroles: 'root_users' 
 sudoroles: 'dba_users' 

 That reads to me like you've overwritten the first sudoroles value with 
 the second entry. If you want both, it would need to be e.g. an array: 

 parameters: 
sudoroles: 
  - 'root_users' 
  - 'dba_users' 

 ... with relevant logic in the module to handle an array. 

 HTH, 
 Greg. 


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/f7f00663-174f-4cb7-86c2-0272b4b6dd61%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] keep changing owner

2015-08-13 Thread Patrick G.

Hi,

When running puppet agent -t I get

Notice: /File[/var/lib/puppet/lib]/owner: owner changed 'puppet' to 'root'
Notice: /File[/var/lib/puppet/lib]/group: group changed 'puppet' to 'root'

And then

Notice: /Stage[main]/My_fw/File[/var/lib/puppet/lib]/owner: owner changed 
'root' to 'puppet'
Notice: /Stage[main]/My_fw/File[/var/lib/puppet/lib]/group: group changed 
'root' to 'puppet'

For a lot of files.

Why?

Regards, Patrick.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/1af6a1e5-4125-457c-a0ec-5b0a139042df%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Help with hiera.yaml config

2015-08-13 Thread Patrick G.

What I have is:

---
:backends:
  - yaml
:yaml:
  :datadir: /etc/puppet/hieradata

:hierarchy:
  - nodes/%{::fqdn}
  - usergroups/%{usergroups}


---
classes:
  - colorprompt
  - ntp
  - motd
  - ssh
  - sudodba
  - sudoroot

colorprompt::server_color: 'blue'
parameters:
  usergroups: 
- 'root'
- 'admiam'
- 'oracle'


This works:
hiera -c /etc/puppet/hiera.yaml -d ssh::keys usergroups=oracle


But it won't put al the usergroups on this server.

Op maandag 10 augustus 2015 11:10:44 UTC+2 schreef Patrick G.:

 Hi,

 I have the following config.

 :backends:
   - yaml
 :yaml:
   :datadir: /etc/puppet/hieradata

 :hierarchy:
   - nodes/%{::fqdn}
   - sudoroles/%{::sudoroles}
   - common

 In sudorules I have twho files with root users en dba users.

 On a server I want both root users and dba users and on the other server 
 only the root user.

 In enc/nodes/server1 i have:

 ---
 classes:
   - sudoroles

 parameters:
   sudoroles: 'root_users'
   sudoroles: 'dba_users'

 But only dba_users are created and the root_users removed.

 Can someone please help how to do this?

 Regards, Patrick.


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/a0863954-80a0-4292-91f7-a351d427ab87%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Help with hiera.yaml config

2015-08-10 Thread Patrick G.

Hi,

I have the following config.

:backends:
  - yaml
  - json
:yaml:
  :datadir: /etc/puppet/hieradata

:hierarchy:
  - nodes/%{::fqdn}
  - sudoroles/%{::sudoroles}
  - common

In sudorules I have twho files with root users en dba users.

On a server I want both root user and dba user and on the other server only 
the root user.

In enc/nodes/server1 i have:

---
classes:
  - sudoroles

parameters:
  sudoroles:
  - root
  - dba

But only root users are created.

Can someone please help how to do this?

Regards, Patrick.




-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/7168837c-be92-4bf9-95b1-3b515caa3b71%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Help with hiera.yaml config

2015-08-10 Thread Patrick G.

Hi,

I have the following config.

:backends:
  - yaml
:yaml:
  :datadir: /etc/puppet/hieradata

:hierarchy:
  - nodes/%{::fqdn}
  - sudoroles/%{::sudoroles}
  - common

In sudorules I have twho files with root users en dba users.

On a server I want both root users and dba users and on the other server 
only the root user.

In enc/nodes/server1 i have:

---
classes:
  - sudoroles

parameters:
  sudoroles: 'root_users'
  sudoroles: 'dba_users'

But only dba_users are created and the root_users removed.

Can someone please help how to do this?

Regards, Patrick.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/89853145-16a4-4ad7-86b6-893607c64f01%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Invalid tag '' on node

2015-08-06 Thread Patrick Goedhart

Hi,

When running puppet agent -t I get

Error: Could not retrieve catalog from remote server: Error 400 on SERVER: 
Invalid tag '' on node serverone.local.

But where is this tag?

reg. Patrick.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/170b75a2-89ad-49f7-8c11-c41f8511db7c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Errors for puppet-enterprrise-installer in ubuntu 12.04

2015-07-31 Thread patrick huang



My computer is Ubuntu 12.04.5 LTS

1. downloaded puppet-enterprise-3.8.1-ubuntu-12.04-amd64.tar.gz

2. tar -xf

3. sudo ./puppet-enterprrise-installer

But it fails with the errors:

W: Failed to fetch 
http://apt.puppetlabs.com/dists/precise/PC1/source/Sources 403 Forbidden

W: Failed to fetch 
http://apt.puppetlabs.com/dists/precise/PC1/binary-amd64/Packages 403 
Forbidden

W: Failed to fetch 
http://apt.puppetlabs.com/dists/precise/PC1/binary-i386/Packages 403 
Forbidden

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/17feb6aa-8b98-41d0-8b34-47e8b7690968%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


install_log.lastrun.igl0665u.cw01.contiwan.com.log
Description: Binary data

[Puppet Users] Re: hiera and variable hash array

2015-03-18 Thread Patrick Robinson

The ruby call you're looking for is each_pair used like this:

% scope.lookupvar('hash').each_pair do |key,value| -%
%= key % = %= value %
% end -%



On Sunday, March 15, 2015 at 9:16:08 PM UTC+11, Luca Gervasi wrote:

 Hello,

 i'm trying to achieve aconfiguration where i can applt a  non 
 predetermined list of hashes. Specifically, i'm willing to add to php.ini 
 (or fpm...) specific flags.

 This is my hiera data:

 fpm::pools::web::adminvalues:
  - error_log: /var/log/fpm/$pool/php.log
  - memory_limit: 32M
 fpm::pools::web::adminflags:
  - display_errors: off
  - log_errors: on

 fpm::pools::web::adminvalues and fpm::pools::web::adminflags's hashes is 
 variable, so I have 2 entries in this example, but i should be able to 
 iterate and apply whichever settings is configured. (this means that i 
 cannot refer to them like $adminvalues['error_log']).

 This is a snippet of the ruby code I used to extract the codes (which is 
 ineffective):

 [this is a local manifest variable, $name is web (so the hiera lookup is 
 not the problem here)]
 $pooladminflags = hiera_array(fpm::pools::${name}::adminflags, )
 $pooladminvals = hiera_array(fpm::pools::${name}::adminvalues, )

 [this is in the template i use]
 %
 scope.lookupvar('pooladminflags').each do |key| -%
 php_admin_flag[%=key[0]%] = %=key[1]%
 % end-%

 Needless to say, it is empty. What am I missing?

 Thanks a lot.


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/74295ad9-49c1-40cb-9d3a-29907e0976d4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: how to install multiple packages from the list

2015-03-18 Thread Patrick Robinson

I would consider using something like hiera and loading the packages from a 
YAML file. It is trivial to convert your existing file to YAML.

On Friday, March 13, 2015 at 10:15:07 PM UTC+11, Alex Miroshnik wrote:

 Hi Guys, 

 I need to install multiple packages on the Ubuntu 14.0.4 using puppet. All 
 packages are listed in the file (about 100 packages) one package name on 
 the row. Is this possible? If it is possible, could you please give me a 
 hint how to do this.
 I know  I can specify the array of the packages:

 $pkg_list = [ pkg1, pkg2, pkg3 ]
 package { $pkg_list: ensure = installed }

 but this is not my case as I have quite a few packages in the list.

 Thank you in advance!


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/819a599f-9543-4524-aee9-195651780e38%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Could not request certificate: Error 405 on SERVER

2014-08-13 Thread Patrick Robinson

I had a similar error getting 405. I found I hadn't set the PassengerRoot 
directory correctly in the puppetmaster vhost config:

PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-4.0.48

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/df4b44ad-e1bc-484f-9e6c-259e31b4fbaa%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] SSL error connecting to https://forge.puppetlab.com on fresh install

2014-05-08 Thread Patrick Auld

I installed Puppet 3.5.1 on Windows 7 from the MSI. I've run a few 'puppet 
apply' commands and things appear to be working. We are not using a master 
node for our current use case so I haven't set one up. The Windows Puppet 
service is also disabled. When I try to install a module from the Forge I 
get this SSL error:

Error: Could not connect via HTTPS to https://forge.puppetlabs.com
  Unable to verify the SSL certificate
The certificate may not be signed by a valid CA
The CA bundle included with OpenSSL may not be valid or up to date

I haven't touched any of the puppet conf yet. Is a master node required to 
install modules? I'm still getting started but from what I've read it does 
not, so I'm a little unsure if this is an error in from MSI or if action is 
required on my part. Thanks in advance.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/57e030f9-1fe0-40fd-a879-9c72c138cc35%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] SSL error connecting to https://forge.puppetlab.com on fresh install

2014-05-08 Thread Patrick Auld

That did it. Thanks for the quick reply.

On Thursday, May 8, 2014 4:32:57 PM UTC-7, Josh Cooper wrote:

Hi Patrick,

On Thu, May 8, 2014 at 12:50 PM, Patrick Auld
pat...@patrickauld.comjavascript:
wrote:

I installed Puppet 3.5.1 on Windows 7 from the MSI. I've run a few
'puppet apply' commands and things appear to be working. We are not using a
master node for our current use case so I haven't set one up. The Windows
Puppet service is also disabled. When I try to install a module from the
Forge I get this SSL error:

Error: Could not connect via HTTPS to https://forge.puppetlabs.com
Unable to verify the SSL certificate
The certificate may not be signed by a valid CA
The CA bundle included with OpenSSL may not be valid or up to date

I haven't touched any of the puppet conf yet. Is a master node required
to install modules? I'm still getting started but from what I've read it
does not, so I'm a little unsure if this is an error in from MSI or if
action is required on my part. Thanks in advance.

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users...@googlegroups.com javascript:.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/57e030f9-1fe0-40fd-a879-9c72c138cc35%40googlegroups.comhttps://groups.google.com/d/msgid/puppet-users/57e030f9-1fe0-40fd-a879-9c72c138cc35%40googlegroups.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

Due to the heartbleed vulnerability we obtained new SSL certificates for
all SSL web servers and services. Previously, our certificate was issued by
GeoTrust, but the new one is issued from UserTrustNetwork. Unfortunately,
the new CA is not trusted by Windows out of the box, nor when running
Windows update to install the latest cert bundle. We are working on
obtaining a new SSL certificate for the forge.

In the meantime, you can manually install the UserTrustNetwork CA into
your Windows root certificate store. We do something similar during
acceptance testing:

https://github.com/puppetlabs/puppet/blob/master/acceptance/setup/git/pre-suite/070_InstalCACerts.rb#L62-L65

Make sure to verify the certificate prior to installing it due to the
security implications.

Josh

--
Josh Cooper
Developer, Puppet Labs

*Join us at PuppetConf 2014 http://www.puppetconf.com/, September
22-24 in San Francisco*
*Register by May 30th to take advantage of the Early Adopter discount
http://links.puppetlabs.com/puppetconf-early-adopter **—**save $349!*

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/88f9f4bd-5772-4aea-99ca-9c832578aeef%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Multiple Puppet Masters Sharing .pp files?

2014-03-05 Thread Patrick Kelso

On Thu, Mar 6, 2014 at 9:48 AM, kevin McCartney mccartney...@gmail.com wrote:
We have a few different offices. I am looking to setup a puppet master in
each location. I would like them to all have the same node definitions so
that all offices are working off the same recipes. Is it possible if we have
an nfs share that is accessable to all puppet masters that the .pp files
could live on there and all masters could reference the same files? If that
is an issue I am thinking of having a centralized location where all .pp are
edited and then rsynced to all master puppet nodes and saved locally. Any
ideas?

Kevin, I believe your best bet is to use a version control tool, like
Git, to achieve this. This provides not only the ability to deploy
identical configuration to all hosts, but also provides an ability to
roll back changes that are problematic with ease and in the future the
option of having branches for different environments.

There is a good blog post on it here:

http://puppetlabs.com/blog/git-workflow-and-puppet-environments

--
Patrick
0416 366 613
http://patrickkelso.com
@patrickkelso

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CANf9H4aW-Aq2d1SGUnWWyzc4vi-gSpDs_%3Dk%2Bmj2RtfJH8f6big%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] controlling argument passed to ENC script for AWS

2014-02-27 Thread Patrick Kelso

On Fri, Feb 28, 2014 at 8:57 AM, John Pyeatt john.pye...@singlewire.com wrote:
I am trying to use one puppetmaster to support multiple AWS VPCs. In other
words, I am trying to have one puppetmaster support multiple independent
networks.

The problem with this is that it is possible for machines on two different
VPCs to have the same hostname/ipaddress.

I use an ENC script on the puppetmaster to classify what types of classes to
load to an agent machine based on the hostname that is passed to the ENC
script.

But the hostname isn't enough information because as I mentioned above, two
different agents might have the same hostname but live in different VPCs.

Is there any way to customize the identifier that is passed from the agent
to the enc script on the puppetmaster? Ideally, I would like to pass the
vpc-id and the hostname. That would guarantee uniqueness.

I looked at the puppet inventory service a bit, but I don't think that would
solve my problem either.

John,

Have you had a look at using the Amazon AMI metadata? Set a
customer tag for the VPC env and use it with Puppet.

This is what I've used to solve a similar issue.
http://stackoverflow.com/a/19785580

Regards,
Patrick Kelso

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CANf9H4YLNVvJ0iDVKVSMojPpUQGQ5cJoFXq87%3DJ%3DP3JnrvFNgQ%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Puppet Fundamentals training - how fundamental is it?

2014-01-17 Thread Patrick Lesher

Hi Dave,
I had a good amount of experience using puppet before taking the course and
while there were somethings that were repetitive I definitely got a lot out of
the class. I would say you set yourself up perfectly to take the class already
and will be able to solidify those skills and learn new things. Our instructor
was very willing to answer questions and help with what if I wanted... types
of things.

Good luck with the class and enjoy!

--Patrick

On Jan 17, 2014, at 9:35 AM, David Taylor wrote:

Hi all,

I've been playing around with Puppet with a view to implementing it at my
workplace. I've already run through the Learning Puppet tutorial on
docs.puppetlabs.comhttp://docs.puppetlabs.com and the quizzes in the Puppet
Learn Library, and now I'm looking into more formal training to try and get
everything nailed down in my head and to get an idea of best practices for
module design, environments etc. I was wondering if anyone could advise on
whether the Puppet Fundamentals course is the right course to go for, or is it
aimed at the complete Puppet novice - i.e. will I find that it just retreads
things I already know?

Thanks,

--
Dave Taylor

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
puppet-users+unsubscr...@googlegroups.commailto:puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/2252a549-b862-4ffc-ae19-a1b3912b695c%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/A666D05C-695E-4DAD-9333-1D00BDB6BA78%40marketleader.com.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Re: puppet catalog compilation job queue idea

2014-01-12 Thread Patrick



On Friday, January 10, 2014 3:57:03 PM UTC-5, jcbollinger wrote:



 On Thursday, January 9, 2014 6:23:23 PM UTC-6, Patrick Hemmer wrote:

 There's been an idea floating in my mind for quite a while now about 
 using a job queue for compiling puppet catalogs. I just mentioned the idea 
 on IRC and a few people really liked the idea, so I thought I'd bring it up 
 here and get other thoughts on it.

 The idea is that instead of puppet masters compiling catalogs on demand, 
 they would operate out of a job queue:

- When a node's cert is signed, the compilation queue gets a job for 
that node.
- When a compile job finishes, that node gets added to the queue at 
the very end. This results in the puppet master constantly compiling 
catalogs.
- When a catalog changes, the puppet master notifies the node that it 
needs to fetch the updated catalog and do a puppet run.
- When an exported resource changes, any nodes which collect that 
resource should get their compilation jobs moved to the front of the 
 queue. 
(This should be optional, as the behavior might not be desired)
- Nodes would still run puppet out of a cron job, but they would use 
the cached catalog, not request one from the master.
- If any of the facts used in the catalog change, the node would 
notify the master and the compilation job would move to the front of the 
queue.

 In the world of cloud computing, this becomes extremely beneficial, 
 though it still is advantageous for traditional datacenter environments:

- Puppet runs are computationally expensive for the client. With this 
design, the client could have its cron job set to a very infrequent value 
(once per hour or such). This way small instances without much available 
resources wont waste them on puppet runs that don't change anything.
- The masters could be very beefy instances with a lot of CPU. By 
constantly generating catalogs, you ensure that the system's resources 
aren't sitting idle and being wasted.
- By using a queuing mechanism, you can determine how loaded the 
masters are. If the oldest job in the queue is X minutes old, you can 
 spin 
up another master.
- With the current method of generating catalogs on demand, if a lot 
of nodes request a catalog at the same time, it can cause compilations to 
go very slow. If they go too slow, the client will get a timeout. The 
client will then go to the master again to request another catalog when 
 the 
first generation completed fine, it just took a while. With queuing, the 
master can compile exactly X amount of catalogs at the same time. It can 
even be configured to only start a new compilation job if the system load 
is less than X.
- Since puppet has to serve up both files and catalogs, if all the 
available processes are used compiling catalogs, requests for files end 
 up 
hanging. By moving catalog compilations to a background worker, file 
requests will be faster.
(you can implement a workaround for this: I have 2 puppet master 
pools, catalog requests get routed to one pool, everything else to the 
other pool, but this isn't a simple or standard design)

 Now most of this could be done on top of puppet. You could create a 
 system which reads from a queue, performs a `puppet master compile`, 
 notifies the client if it changes, etc. But there are a few sticky points 
 which it wouldn't be able to do (just features, none would prevent the 
 system from working):

- There is no way of determining which facts were used in a catalog 
compilation. A client could issue a catalog compilation request when any 
fact changes, but facts like `uptime_seconds` always change, so it would 
always result in a catalog compilation. The proper way to handle this 
 would 
be to monitor when a fact variable is read. Then add a list of facts 
 used 
and their value to the resulting catalog. Then the puppet agent can use 
that to see if the facts used have changed.
This may not be a significant issue though. If the `puppet agent` 
cron job is set to something very infrequent, it won't be requesting 
catalog compilations very often.
- The catalog doesn't indicate whether a resource was collected from 
another node. So when an exported resource changes, you wouldn't be able 
 to 
find nodes which collect those exported resources and recompile those 
catalogs. Now this isn't a big deal since the current method of using 
 cron 
jobs can't even do this.
The catalog does indicate that a resource is exported, so you could 
look for nodes with resources of the same type  title as the exported 
resource. But it's possible for a resource to have the same type  title 
 of 
an exported resource as long as the exported resource isn't collected 
during the same catalog compilation, so this method might end up

Re: [Puppet Users] Single certificate, multiple nodes... or image-based systems

2014-01-09 Thread Patrick Hemmer

On Thursday, January 9, 2014 7:40:42 AM UTC-5, pablo.f...@cscs.ch wrote:

Thanks for your suggestions,

Running masterless is a bit too exotic, since we would like to use all
those nice features that make a Puppet installation complete: specially
hiera searches and PuppetDB. Modules, too, should be compatible with other
clusters, so no big deviations can occur.

Enabling auto-sign, as Jose Luis suggested, may be a possibility. I have
just checked myself if autosign works if the same node was already
registered in the CA... but according to the documentation it does not look
like it, not to mention the security issues that come with it.

I have hundreds of systems built off a single image, and we use autosigning
to do it. Puppet 3.4.0 introduced policy based
autosigninghttp://docs.puppetlabs.com/puppet/3/reference/ssl_autosign.html#policy-based-autosigning.

Our image has a file which contains extra information to add to the
certificate signing request. One of these bits of information is a secret
key. The puppet CA server then has a script which authorizes autosigning
any requests which contain a valid secret key.

-Patrick

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/8d87d9a3-5647-4a36-ad7e-a0d6fa66a8a2%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] puppet catalog compilation job queue idea

2014-01-09 Thread Patrick Hemmer

 the data.


Thoughts? I might be up for coding this, but it's would be low on the 
priority list and I wouldn't get to it for a long time.


-Patrick

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/a40c4cdb-766d-4cb6-957e-31594aed1371%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Re: Debugging execution error with vcsrepo

2013-12-24 Thread Patrick Gibson

Does anyone have any advice on simulating the environment and conditions 
under which processes are run by Puppet? I'd really like to get the bottom 
of this, as other commands I'm running via other classes are working fine.

Thanks,

Patrick


On Monday, 23 December 2013 12:12:40 UTC-8, Patrick Gibson wrote:

 If I manually clone the repo, I get a similarly puzzling error:

 Error: /Stage[main]/myuser/Vcsrepo[/home/myuser/myrepo]: Could not 
 evaluate: Execution of '/usr/bin/su myuser -c /usr/local/bin/git config 
 remote.origin.url' returned 127: -su: /usr/local/bin/git config 
 remote.origin.url: No such file or directory



 On Saturday, 21 December 2013 18:33:45 UTC-8, Patrick Gibson wrote:

 I'm using the vcsrepo module to clone a git repo as a particular user, 
 and I'm getting a puzzling error:

 Debug: Executing '/usr/bin/su myuser -c /usr/local/bin/git clone 
 g...@git.myhostname.com:repos/myrepo.git /home/myuser/myrepo'
 Error: Execution of '/usr/bin/su myuser -c /usr/local/bin/git clone 
 g...@git.myhostname.com:repos/myrepo.git /home/myuser/myrepo' returned 127: 
 su: /usr/local/bin/git clone g...@git.myhostname.com:repos/myrepo.git 
 /home/myuser/myrepo: No such file or directory

 When I copy and paste the exact command and run it, it works fine. I 
 can't figure out what would be complaining about No such file or 
 directory. Every executable and path mentioned in the command exists. 

 My relevant classes look like this:

 class sshd {
   file { /etc/ssh/sshd_config:
 source = puppet:///modules/sshd/sshd_config,
 notify = Service[sshd]
   }

   file { /etc/ssh/ssh_config:
 source = puppet:///modules/sshd/ssh_config,
 notify = Service[sshd]
   }

   service { sshd:
 ensure = running,
   }
 }

 class myuser {
   file { /home/myuser/.ssh:
 ensure = directory,
 mode   = 0700,
 owner  = myuser,
 group  = myuser,
   }

   file { /home/myuser/.ssh/known_hosts:
 source = puppet:///modules/myuser/.ssh/known_hosts,
 owner  = myuser,
 group  = myuser,
   }

   file { /home/myuser/.ssh/id_rsa:
 source = puppet:///modules/myuser/.ssh/id_rsa,
 mode   = 0600,
 owner  = myuser,
 group  = myuser,
   }

   vcsrepo { /home/myuser/myrepo:
 require  = Class[sshd],
 ensure   = present,
 provider = git,
 source   = 'g...@git.myhostname.com:repos/myrepo.git',
 revision = 'master',
 user = 'myuser'
   }
 }

 Any pointers?



-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/8bb3247d-b2e1-4e98-aa39-8a11c49c2760%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Re: Debugging execution error with vcsrepo

2013-12-23 Thread Patrick Gibson

If I manually clone the repo, I get a similarly puzzling error:

Error: /Stage[main]/myuser/Vcsrepo[/home/myuser/myrepo]: Could not 
evaluate: Execution of '/usr/bin/su myuser -c /usr/local/bin/git config 
remote.origin.url' returned 127: -su: /usr/local/bin/git config 
remote.origin.url: No such file or directory



On Saturday, 21 December 2013 18:33:45 UTC-8, Patrick Gibson wrote:

 I'm using the vcsrepo module to clone a git repo as a particular user, and 
 I'm getting a puzzling error:

 Debug: Executing '/usr/bin/su myuser -c /usr/local/bin/git clone 
 g...@git.myhostname.com:repos/myrepo.git /home/myuser/myrepo'
 Error: Execution of '/usr/bin/su myuser -c /usr/local/bin/git clone 
 g...@git.myhostname.com:repos/myrepo.git /home/myuser/myrepo' returned 127: 
 su: /usr/local/bin/git clone g...@git.myhostname.com:repos/myrepo.git 
 /home/myuser/myrepo: No such file or directory

 When I copy and paste the exact command and run it, it works fine. I can't 
 figure out what would be complaining about No such file or directory. 
 Every executable and path mentioned in the command exists. 

 My relevant classes look like this:

 class sshd {
   file { /etc/ssh/sshd_config:
 source = puppet:///modules/sshd/sshd_config,
 notify = Service[sshd]
   }

   file { /etc/ssh/ssh_config:
 source = puppet:///modules/sshd/ssh_config,
 notify = Service[sshd]
   }

   service { sshd:
 ensure = running,
   }
 }

 class myuser {
   file { /home/myuser/.ssh:
 ensure = directory,
 mode   = 0700,
 owner  = myuser,
 group  = myuser,
   }

   file { /home/myuser/.ssh/known_hosts:
 source = puppet:///modules/myuser/.ssh/known_hosts,
 owner  = myuser,
 group  = myuser,
   }

   file { /home/myuser/.ssh/id_rsa:
 source = puppet:///modules/myuser/.ssh/id_rsa,
 mode   = 0600,
 owner  = myuser,
 group  = myuser,
   }

   vcsrepo { /home/myuser/myrepo:
 require  = Class[sshd],
 ensure   = present,
 provider = git,
 source   = 'g...@git.myhostname.com:repos/myrepo.git',
 revision = 'master',
 user = 'myuser'
   }
 }

 Any pointers?


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/d0efd577-e9f7-432d-bef4-cb388bc526a0%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Debugging execution error with vcsrepo

2013-12-21 Thread Patrick Gibson

I'm using the vcsrepo module to clone a git repo as a particular user, and 
I'm getting a puzzling error:

Debug: Executing '/usr/bin/su myuser -c /usr/local/bin/git clone 
g...@git.myhostname.com:repos/myrepo.git /home/myuser/myrepo'
Error: Execution of '/usr/bin/su myuser -c /usr/local/bin/git clone 
g...@git.myhostname.com:repos/myrepo.git /home/myuser/myrepo' returned 127: 
su: /usr/local/bin/git clone g...@git.myhostname.com:repos/myrepo.git 
/home/myuser/myrepo: No such file or directory

When I copy and paste the exact command and run it, it works fine. I can't 
figure out what would be complaining about No such file or directory. 
Every executable and path mentioned in the command exists. 

My relevant classes look like this:

class sshd {
  file { /etc/ssh/sshd_config:
source = puppet:///modules/sshd/sshd_config,
notify = Service[sshd]
  }

  file { /etc/ssh/ssh_config:
source = puppet:///modules/sshd/ssh_config,
notify = Service[sshd]
  }

  service { sshd:
ensure = running,
  }
}

class myuser {
  file { /home/myuser/.ssh:
ensure = directory,
mode   = 0700,
owner  = myuser,
group  = myuser,
  }

  file { /home/myuser/.ssh/known_hosts:
source = puppet:///modules/myuser/.ssh/known_hosts,
owner  = myuser,
group  = myuser,
  }

  file { /home/myuser/.ssh/id_rsa:
source = puppet:///modules/myuser/.ssh/id_rsa,
mode   = 0600,
owner  = myuser,
group  = myuser,
  }

  vcsrepo { /home/myuser/myrepo:
require  = Class[sshd],
ensure   = present,
provider = git,
source   = 'g...@git.myhostname.com:repos/myrepo.git',
revision = 'master',
user = 'myuser'
  }
}

Any pointers?

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/e0dbbc3b-1377-4b3b-8e04-76aebfa26e38%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Re: Debugging execution error with vcsrepo

2013-12-21 Thread Patrick Gibson

(I should mention this is on FreeBSD 9.2.)

On Saturday, 21 December 2013 18:33:45 UTC-8, Patrick Gibson wrote:

 I'm using the vcsrepo module to clone a git repo as a particular user, and 
 I'm getting a puzzling error:

 Debug: Executing '/usr/bin/su myuser -c /usr/local/bin/git clone 
 g...@git.myhostname.com:repos/myrepo.git /home/myuser/myrepo'
 Error: Execution of '/usr/bin/su myuser -c /usr/local/bin/git clone 
 g...@git.myhostname.com:repos/myrepo.git /home/myuser/myrepo' returned 127: 
 su: /usr/local/bin/git clone g...@git.myhostname.com:repos/myrepo.git 
 /home/myuser/myrepo: No such file or directory

 When I copy and paste the exact command and run it, it works fine. I can't 
 figure out what would be complaining about No such file or directory. 
 Every executable and path mentioned in the command exists. 

 My relevant classes look like this:

 class sshd {
   file { /etc/ssh/sshd_config:
 source = puppet:///modules/sshd/sshd_config,
 notify = Service[sshd]
   }

   file { /etc/ssh/ssh_config:
 source = puppet:///modules/sshd/ssh_config,
 notify = Service[sshd]
   }

   service { sshd:
 ensure = running,
   }
 }

 class myuser {
   file { /home/myuser/.ssh:
 ensure = directory,
 mode   = 0700,
 owner  = myuser,
 group  = myuser,
   }

   file { /home/myuser/.ssh/known_hosts:
 source = puppet:///modules/myuser/.ssh/known_hosts,
 owner  = myuser,
 group  = myuser,
   }

   file { /home/myuser/.ssh/id_rsa:
 source = puppet:///modules/myuser/.ssh/id_rsa,
 mode   = 0600,
 owner  = myuser,
 group  = myuser,
   }

   vcsrepo { /home/myuser/myrepo:
 require  = Class[sshd],
 ensure   = present,
 provider = git,
 source   = 'g...@git.myhostname.com:repos/myrepo.git',
 revision = 'master',
 user = 'myuser'
   }
 }

 Any pointers?


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/bfccfbf4-ddfd-435a-98da-e54e43272537%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Process hang on FreeBSD

2013-12-19 Thread Patrick Gibson

Thanks, all. I was originally hoping to just be able to build ports the old
fashioned way, but have abandoned that route. I've upgraded to pkgng and am
successfully using the zleslie/pkgng provider. Things are going well and
I'm already very excited at how easy it's going to be to setup new systems.
I'm at a point where the prebuilt packages weren't compiled with the
options I needed, so I'm quickly learning all about poudriere and setting
up a build machine.

One minor thing I've noticed whose only impact is cluttering up the
important output is warning messages like:

/usr/local/lib/ruby/site_ruby/2.0/puppet/provider/package/freebsd.rb:18:
warning: class variable access from top-level

Looking through the bug tracker, it seems there's been discussion and
proposed solutions over the years, though perhaps they've not been applied
globally? Do people see this on other platforms? Looking through some of
the other providers, it seems like freebsd.rb is alone in its @@ usage.

Patrick

On Wednesday, 18 December 2013 20:59:16 UTC-8, Derek Cole wrote:

Just wanted to throw in that you should update to pkgng. pkg_add isnt even
going to be an option in FreeBSD10. I have been using
https://forge.puppetlabs.com/zleslie/pkgng successfully with FreeBSD10
Beta 3 and puppet.

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/ff432291-4c54-41e7-a8d0-8abb3639b649%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Process hung on FreeBSD

2013-12-17 Thread Patrick Gibson

This is my first attempt with Puppet, and I'm working on FreeBSD 9.2 with
Puppet 3.3.1 and Ruby 2.0. I'm starting with just a very simple example to
get my feet wet:

node 'myhost' {
package { 'devel/jsmin':
ensure = 'installed',
provider = 'ports'
}
}

When I apply this with:

puppet apply -v --debug manifests/site.pp

I get a bunch of output about selinux and other Linuxisms (making think
that I should be specifying that 'myhost' is FreeBSD?), and finally it
starts to install the port I want:

Debug: Prefetching ports resources for package
Debug: Executing '/usr/sbin/pkg_info -aoQ'
Debug: Executing '/usr/sbin/pkg_info -aoQ'
Debug: Executing '/usr/local/sbin/portupgrade -N -M BATCH=yes devel/jsmin'

It seems like it's working, but it actually just stalls here. Running that
last command by hand finishes in a few seconds, and the BATCH=yes option in
there ensures that user input is never needed. I'm kind of stuck at this
point, as beyond adding -v and --debug, I don't know how to further
diagnose things. I can see that the process is running in my `ps` output,
but I can't think of why it would be stalled.

Any thoughts would be appreciated. Am I crazy for using Puppet on FreeBSD?
It seems like very few other people must be based on my Google searches and
available documentation.

Thanks,

Patrick

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/b3d68bfc-fe3e-478e-a719-bfa14b9b9336%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Process hang on FreeBSD

2013-12-17 Thread Patrick Gibson

I'm a first-time Puppet user, working with FreeBSD 9.2, Puppet 3.3.1, and
Ruby 2.0. I'm starting out with a very simple setup to test the waters:

node 'myhost' {
package { 'devel/jsmin':
ensure = 'installed',
provider = 'ports'
}
}

When I run:

puppet apply -v --debug manifests/site.pp

I get a bunch of output with various Linuxisms like selinux, rpm, apt-get,
dpkg, etc (making me think I need to specify that this is a FreeBSD host?),
and then:

It all looks good, except that the process seems to stall out here. Running
'/usr/local/sbin/portupgrade -N -M BATCH=yes devel/jsmin' manually works
fine and completes in a few seconds. I can see from the `ps` listing that
command is active, but it just sits there, not completing.

I'm not sure how to debug this any further. Is it considered a bad idea to
run Puppet on a FreeBSD host? Based on my Google searches and amount of
discussion around it, it seems like there are very few people who are doing
this.

Any insight would be greatly appreciated.

Thanks,

Patrick

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/5f2d0086-69b5-4a5e-8d36-419e294f1695%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] How to reject agent (node) certificate request

2013-12-06 Thread Patrick Ethier

Did you try the puppet node clean and puppet node deactivate functions?

Pat

On Fri, Dec 6, 2013 at 8:04 AM, Felix Frank felix.fr...@alumni.tu-berlin.de
wrote:

You can always throw away the CSR file manually, but that's obviously
less than ideal.

If nobody pipes up with a correct answer, you may want to check Redmine
for an open feature request and vote on that, or open a new one if none
can be found.

Regards,
Felix

On 12/06/2013 01:46 PM, kaustubh chaudhari wrote:

Hey Felix,

Yes i have tried that!

puppet cert clean will work only for the accepted CSR. The only way i
see is to accept it and then clean it! But this is not right way to do
it!

-Kaustubh

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/52A1CB77.90205%40alumni.tu-berlin.de
.
For more options, visit https://groups.google.com/groups/opt_out.

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAHFDuXkopEnMHRjx_G9JtuorezvsdhRS746P0NMO1mWtFHQcUQ%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Converting augeas snippet to puppet augeas resource

2013-10-06 Thread Patrick Spinler


I'm not using the puppet firewall module because, if I read the docs
correctly, I'd need to use that module to completely manage the firewall
settings, and it seems to require a good bit of setup to get there, too.

Unfortunately, due to political and organizational circumstance, I don't
have the ability to subsume the system's setup in that fashion.   Maybe
someday.  Until then, I can only add my extra stuff on top.  Ergo, augeas.

As far as commenting out the incl and lens settings; I wasn't sure they
had the correct syntax and were working, or may even have been part of
the problem.  Ergo, simplify, and comment out until then.

I'll try using them again, thanks.

-- Pat

On 10/6/13 4:09 AM, Cory Stoker wrote:
 Ouch my eyes...  Augeas can wreck your day sometimes.  I have to ask
 though, why not use the Puppetlabs Firewall Module? It's here:
 https://forge.puppetlabs.com/puppetlabs/firewall
 
 Then you would do something like this:
   firewall { 'mayo_fw TCP/3':
 ensure = present,
 table  = 'filter',
 chain  = 'Mayo-Firewall-INPUT',
 proto  = 'tcp',
 dport  = 3,
 action = 'accept',
   } #End
 
 As far as your output above it looks like it errored out on the files
 iptables.save and iptables.orig?  What's weird is you have incl
 commented out which would make me think it should only load the one
 path you specified.
 
 On Fri, Oct 4, 2013 at 7:13 AM, Patrick Spinler pspin...@gmail.com wrote:

 (apologies in advance for the line wrap)

 I have the following tidbit of augeas code, which inserts a rule into
 /etc/sysconfig/iptables as the first rule of a specifically named chain;

 # augtool insert append before
 /files/etc/sysconfig/iptables/table/append[. = 'Mayo-Firewall-INPUT'][1]
 # augtool match /files/etc/sysconfig/iptables/table/append[. = '']
 # /files/etc/sysconfig/iptables/table/append[8] = (none)
 # augtool set /files/etc/sysconfig/iptables/table/append[. = '']
 'Mayo-Firewall-INPUT'
 # augtool set /files/etc/sysconfig/iptables/table/append[. =
 'Mayo-Firewall-INPUT'][1]/protocol 'tcp'
 # augtool set /files/etc/sysconfig/iptables/table/append[. =
 'Mayo-Firewall-INPUT'][1]/match 'tcp'
 # augtool set /files/etc/sysconfig/iptables/table/append[. =
 'Mayo-Firewall-INPUT'][1]/dport '3'
 # augtool set /files/etc/sysconfig/iptables/table/append[. =
 'Mayo-Firewall-INPUT'][1]/jump 'ACCEPT'
 # augtool print /files/etc/sysconfig/iptables/table/append[. =
 'Mayo-Firewall-INPUT'][1]
 # /files/etc/sysconfig/iptables/table/append[8] = Mayo-Firewall-INPUT
 # /files/etc/sysconfig/iptables/table/append[8]/dport = 3
 # /files/etc/sysconfig/iptables/table/append[8]/match = tcp
 # /files/etc/sysconfig/iptables/table/append[8]/protocol = tcp
 # /files/etc/sysconfig/iptables/table/append[8]/jump = ACCEPT

 I'd like to convert this to a puppet augeas define.  So far, I've got this:

   define mayo_firewall_insert ($dport, $proto) {

 augeas { firewall_${title}:
   context = /files/etc/sysconfig/iptables/table,
   # incl = /etc/sysconfig/iptables,
   # lens = iptables.aug,
   onlyif = match append[dport='$dport'] size != 0,
   changes = [
   insert append before append[. =
 'Mayo-Firewall-INPUT'][1],
   set append[. = ''] 'Mayo-Firewall-INPUT',
   set append[. = 'Mayo-Firewall-INPUT'][1]/protocol
 '$proto',
   set append[. = 'Mayo-Firewall-INPUT'][1]/match '$proto',
   set append[. = 'Mayo-Firewall-INPUT'][1]/dport '$dport',
   set append[. = 'Mayo-Firewall-INPUT'][1]/jump 'ACCEPT',
   ],
 }

 However, when I declare a resource using the above define, I get augeas
 syntax errors, and I'm not sure how to track down the problem:

 (invoked as 'puppet apply  --verbose --debug --detailed-exitcodes
 --execute include omnibus_node')

 ...
 Debug: Augeas[firewall_omnibus_tcp_4100](provider=augeas): Opening
 augeas with root /, lens path , flags 32
 Debug: Augeas[firewall_omnibus_tcp_4100](provider=augeas): Augeas
 version 1.1.0 is installed
 Warning: Augeas[firewall_omnibus_tcp_4100](provider=augeas): Loading
 failed for one or more files, see debug for /augeas//error output
 Debug: Augeas[firewall_omnibus_tcp_4100](provider=augeas):
 /augeas/files/etc/sysconfig/iptables.save/error/pos = 115
 Debug: Augeas[firewall_omnibus_tcp_4100](provider=augeas):
 /augeas/files/etc/sysconfig/iptables.save/error/line = 3
 Debug: Augeas[firewall_omnibus_tcp_4100](provider=augeas):
 /augeas/files/etc/sysconfig/iptables.save/error/char = 0
 Debug: Augeas[firewall_omnibus_tcp_4100](provider=augeas):
 /augeas/files/etc/sysconfig/iptables.save/error/lens =
 /shares/nfs/unixarch/share/augeas/lenses/dist/shellvars.aug:163.12-.99:
 Debug: Augeas[firewall_omnibus_tcp_4100](provider=augeas):
 /augeas/files/etc/sysconfig/iptables.save/error/message = Syntax error
 Debug: Augeas[firewall_omnibus_tcp_4100](provider=augeas):
 /augeas/files/etc/sysconfig/iptables.orig/error

Re: [Puppet Users] Converting augeas snippet to puppet augeas resource

2013-10-06 Thread Patrick Spinler


For what it's worth, leaving the incl = and lens = statements in did
the trick.  Either that or cleaning up some of the iptables.save and
other similar files ahead of time.

I did have to figure out the correct format for the lens = statement,
which is apparently to use a capitalized lens name with a '.lns' suffix,
like 'Iptables.lns'.  It wasn't clear from the documentation, and I had
tried the actual file name containing the lens, 'iptables.aug', first.
That's why I had initially commented these sections out.

The lens name clearly comes from the 'module' statement inside the lens
source file, iptables.aug, but where the '.lns' suffix comes from I have
no idea.

Anyway, thanks again,
-- Pat

On 10/6/13 3:24 PM, Patrick Spinler wrote:
 
 I'm not using the puppet firewall module because, if I read the docs
 correctly, I'd need to use that module to completely manage the firewall
 settings, and it seems to require a good bit of setup to get there, too.
 
 Unfortunately, due to political and organizational circumstance, I don't
 have the ability to subsume the system's setup in that fashion.   Maybe
 someday.  Until then, I can only add my extra stuff on top.  Ergo, augeas.
 
 As far as commenting out the incl and lens settings; I wasn't sure they
 had the correct syntax and were working, or may even have been part of
 the problem.  Ergo, simplify, and comment out until then.
 
 I'll try using them again, thanks.
 
 -- Pat
 
 On 10/6/13 4:09 AM, Cory Stoker wrote:
 Ouch my eyes...  Augeas can wreck your day sometimes.  I have to ask
 though, why not use the Puppetlabs Firewall Module? It's here:
 https://forge.puppetlabs.com/puppetlabs/firewall

 Then you would do something like this:
   firewall { 'mayo_fw TCP/3':
 ensure = present,
 table  = 'filter',
 chain  = 'Mayo-Firewall-INPUT',
 proto  = 'tcp',
 dport  = 3,
 action = 'accept',
   } #End

 As far as your output above it looks like it errored out on the files
 iptables.save and iptables.orig?  What's weird is you have incl
 commented out which would make me think it should only load the one
 path you specified.

 On Fri, Oct 4, 2013 at 7:13 AM, Patrick Spinler pspin...@gmail.com wrote:

 (apologies in advance for the line wrap)

 I have the following tidbit of augeas code, which inserts a rule into
 /etc/sysconfig/iptables as the first rule of a specifically named chain;

 # augtool insert append before
 /files/etc/sysconfig/iptables/table/append[. = 'Mayo-Firewall-INPUT'][1]
 # augtool match /files/etc/sysconfig/iptables/table/append[. = '']
 # /files/etc/sysconfig/iptables/table/append[8] = (none)
 # augtool set /files/etc/sysconfig/iptables/table/append[. = '']
 'Mayo-Firewall-INPUT'
 # augtool set /files/etc/sysconfig/iptables/table/append[. =
 'Mayo-Firewall-INPUT'][1]/protocol 'tcp'
 # augtool set /files/etc/sysconfig/iptables/table/append[. =
 'Mayo-Firewall-INPUT'][1]/match 'tcp'
 # augtool set /files/etc/sysconfig/iptables/table/append[. =
 'Mayo-Firewall-INPUT'][1]/dport '3'
 # augtool set /files/etc/sysconfig/iptables/table/append[. =
 'Mayo-Firewall-INPUT'][1]/jump 'ACCEPT'
 # augtool print /files/etc/sysconfig/iptables/table/append[. =
 'Mayo-Firewall-INPUT'][1]
 # /files/etc/sysconfig/iptables/table/append[8] = Mayo-Firewall-INPUT
 # /files/etc/sysconfig/iptables/table/append[8]/dport = 3
 # /files/etc/sysconfig/iptables/table/append[8]/match = tcp
 # /files/etc/sysconfig/iptables/table/append[8]/protocol = tcp
 # /files/etc/sysconfig/iptables/table/append[8]/jump = ACCEPT

 I'd like to convert this to a puppet augeas define.  So far, I've got this:

   define mayo_firewall_insert ($dport, $proto) {

 augeas { firewall_${title}:
   context = /files/etc/sysconfig/iptables/table,
   # incl = /etc/sysconfig/iptables,
   # lens = iptables.aug,
   onlyif = match append[dport='$dport'] size != 0,
   changes = [
   insert append before append[. =
 'Mayo-Firewall-INPUT'][1],
   set append[. = ''] 'Mayo-Firewall-INPUT',
   set append[. = 'Mayo-Firewall-INPUT'][1]/protocol
 '$proto',
   set append[. = 'Mayo-Firewall-INPUT'][1]/match '$proto',
   set append[. = 'Mayo-Firewall-INPUT'][1]/dport '$dport',
   set append[. = 'Mayo-Firewall-INPUT'][1]/jump 'ACCEPT',
   ],
 }

 However, when I declare a resource using the above define, I get augeas
 syntax errors, and I'm not sure how to track down the problem:

 (invoked as 'puppet apply  --verbose --debug --detailed-exitcodes
 --execute include omnibus_node')

 ...
 Debug: Augeas[firewall_omnibus_tcp_4100](provider=augeas): Opening
 augeas with root /, lens path , flags 32
 Debug: Augeas[firewall_omnibus_tcp_4100](provider=augeas): Augeas
 version 1.1.0 is installed
 Warning: Augeas[firewall_omnibus_tcp_4100](provider=augeas): Loading
 failed for one or more files, see debug for /augeas//error output
 Debug: Augeas

[Puppet Users] Converting augeas snippet to puppet augeas resource

2013-10-04 Thread Patrick Spinler


(apologies in advance for the line wrap)

I have the following tidbit of augeas code, which inserts a rule into
/etc/sysconfig/iptables as the first rule of a specifically named chain;

# augtool insert append before
/files/etc/sysconfig/iptables/table/append[. = 'Mayo-Firewall-INPUT'][1]
# augtool match /files/etc/sysconfig/iptables/table/append[. = '']
# /files/etc/sysconfig/iptables/table/append[8] = (none)
# augtool set /files/etc/sysconfig/iptables/table/append[. = '']
'Mayo-Firewall-INPUT'
# augtool set /files/etc/sysconfig/iptables/table/append[. =
'Mayo-Firewall-INPUT'][1]/protocol 'tcp'
# augtool set /files/etc/sysconfig/iptables/table/append[. =
'Mayo-Firewall-INPUT'][1]/match 'tcp'
# augtool set /files/etc/sysconfig/iptables/table/append[. =
'Mayo-Firewall-INPUT'][1]/dport '3'
# augtool set /files/etc/sysconfig/iptables/table/append[. =
'Mayo-Firewall-INPUT'][1]/jump 'ACCEPT'
# augtool print /files/etc/sysconfig/iptables/table/append[. =
'Mayo-Firewall-INPUT'][1]
# /files/etc/sysconfig/iptables/table/append[8] = Mayo-Firewall-INPUT
# /files/etc/sysconfig/iptables/table/append[8]/dport = 3
# /files/etc/sysconfig/iptables/table/append[8]/match = tcp
# /files/etc/sysconfig/iptables/table/append[8]/protocol = tcp
# /files/etc/sysconfig/iptables/table/append[8]/jump = ACCEPT

I'd like to convert this to a puppet augeas define.  So far, I've got this:

  define mayo_firewall_insert ($dport, $proto) {

augeas { firewall_${title}:
  context = /files/etc/sysconfig/iptables/table,
  # incl = /etc/sysconfig/iptables,
  # lens = iptables.aug,
  onlyif = match append[dport='$dport'] size != 0,
  changes = [
  insert append before append[. =
'Mayo-Firewall-INPUT'][1],
  set append[. = ''] 'Mayo-Firewall-INPUT',
  set append[. = 'Mayo-Firewall-INPUT'][1]/protocol
'$proto',
  set append[. = 'Mayo-Firewall-INPUT'][1]/match '$proto',
  set append[. = 'Mayo-Firewall-INPUT'][1]/dport '$dport',
  set append[. = 'Mayo-Firewall-INPUT'][1]/jump 'ACCEPT',
  ],
}

However, when I declare a resource using the above define, I get augeas
syntax errors, and I'm not sure how to track down the problem:

(invoked as 'puppet apply  --verbose --debug --detailed-exitcodes
--execute include omnibus_node')

...
Debug: Augeas[firewall_omnibus_tcp_4100](provider=augeas): Opening
augeas with root /, lens path , flags 32
Debug: Augeas[firewall_omnibus_tcp_4100](provider=augeas): Augeas
version 1.1.0 is installed
Warning: Augeas[firewall_omnibus_tcp_4100](provider=augeas): Loading
failed for one or more files, see debug for /augeas//error output
Debug: Augeas[firewall_omnibus_tcp_4100](provider=augeas):
/augeas/files/etc/sysconfig/iptables.save/error/pos = 115
Debug: Augeas[firewall_omnibus_tcp_4100](provider=augeas):
/augeas/files/etc/sysconfig/iptables.save/error/line = 3
Debug: Augeas[firewall_omnibus_tcp_4100](provider=augeas):
/augeas/files/etc/sysconfig/iptables.save/error/char = 0
Debug: Augeas[firewall_omnibus_tcp_4100](provider=augeas):
/augeas/files/etc/sysconfig/iptables.save/error/lens =
/shares/nfs/unixarch/share/augeas/lenses/dist/shellvars.aug:163.12-.99:
Debug: Augeas[firewall_omnibus_tcp_4100](provider=augeas):
/augeas/files/etc/sysconfig/iptables.save/error/message = Syntax error
Debug: Augeas[firewall_omnibus_tcp_4100](provider=augeas):
/augeas/files/etc/sysconfig/iptables.orig/error/pos = 64
Debug: Augeas[firewall_omnibus_tcp_4100](provider=augeas):
/augeas/files/etc/sysconfig/iptables.orig/error/line = 2
Debug: Augeas[firewall_omnibus_tcp_4100](provider=augeas):
/augeas/files/etc/sysconfig/iptables.orig/error/char = 0
Debug: Augeas[firewall_omnibus_tcp_4100](provider=augeas):
/augeas/files/etc/sysconfig/iptables.orig/error/lens =
/shares/nfs/unixarch/share/augeas/lenses/dist/shellvars.aug:163.12-.99:
Debug: Augeas[firewall_omnibus_tcp_4100](provider=augeas):
/augeas/files/etc/sysconfig/iptables.orig/error/message = Syntax error
Debug: Augeas[firewall_omnibus_tcp_4100](provider=augeas): Closed the
augeas connection
...


I'm guessing the augeas tree isn't what I think it is by the time it
goes to save, but there doesn't appear to be a way to invoke 'print' or
some other, similar augeas command, so I can't tell.

Can anyone please advise how I might debug this?

Thanks,
-- Pat

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Newbie basic parameterized class usage question

2013-10-01 Thread Patrick Spinler


I'd like to create and call a parameterized class from another class,
both in modules.  Here's what I'm trying to do:

First, my module path:

ap00375@ROFTMA901A ~ $ sudo puppet apply --configprint modulepath
/modules:/shares/nfs/unixnoarch/config/puppet:/shares/nfs/unixnoarch/config/puppet/linux

Here, you can see the two modules in question:

ap00375@ROFTMA901A ~ $ find /shares/nfs/unixnoarch/config/puppet/ -name
'init.pp'
/shares/nfs/unixnoarch/config/puppet/tws_node/manifests/init.pp
/shares/nfs/unixnoarch/config/puppet/filesys_group_acl/manifests/init.pp

Here's the contents of tws_node's init.pp:

class tws_node {

  $userhome=/opt/IBM/TWS

  filesys_group_acl { ibmtm_acl_group_ibmtm :
#subscribe  = File[$userhome],
dir = $userhome,
group = ibmtm,
  }

}

And the contents of filesys_group_acl's init.pp (the parameterized one)


class filesys_group_acl ($dir = '', $group = '') {

  exec { apply_acl_${title}:
unless = /usr/bin/getfacl $dir 2/dev/null | /bin/grep
group:$group:  /dev/null,
command= /usr/bin/setfacl -R -m group:$group:rwx -m
default:group:$group:rwx $dir,
  }

}


And it's complaining about the parameterized class, filesys_group_acl:

ap00375@ROFTMA901A ~ $ sudo puppet apply --noop --verbose  --execute
include tws_node
Error: Puppet::Parser::AST::Resource failed with error ArgumentError:
Invalid resource type filesys_group_acl at
/shares/nfs/unixnoarch/config/puppet/tws_node/manifests/init.pp:10 on
node roftma901a.mayo.edu
Error: Puppet::Parser::AST::Resource failed with error ArgumentError:
Invalid resource type filesys_group_acl at
/shares/nfs/unixnoarch/config/puppet/tws_node/manifests/init.pp:10 on
node roftma901a.mayo.edu


Any help, please?  What am I missing?

Thanks,
-- Pat



signature.asc
Description: OpenPGP digital signature

Re: [Puppet Users] b64_zlib_yaml errros after server upgrade to

2013-09-18 Thread Patrick Carlisle

On Tue, Sep 17, 2013 at 1:14 AM, Andrei-Florian Staicu 
andrei.sta...@gmail.com wrote:

 Any idea if this is a recognized bug?


I don't think it is. Please file a bug report at
projects.puppetlabs.comand we can investigate this further.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] b64_zlib_yaml errros after server upgrade to

2013-09-18 Thread Patrick Carlisle

Do either of you happen to have multiple versions of the puppet installed
on the master? One through rubygems and one through yum? I've only been
able to reproduce this so far when I accidentally ran a 3.3.0 master that
loaded some code from 3.2.4.

If not, can you run the master with --trace and --debug flags and track
down the stack trace in the master's log?

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Re: Using Puppet for remote config management of offline machines?

2013-09-12 Thread Patrick Debois

this blog by Chris McClimans might be of interest for you

http://www.instantinfrastructure.org/

On 12 Sep 2013, at 20:13, jcbollinger john.bollin...@stjude.org wrote:

 
 
 On Wednesday, September 11, 2013 10:48:58 AM UTC-5, Brad Smith wrote:
 
 Hello all,
 
 I'm working with a Kenya-based non-profit (tunapanda.org) that uses OSS to 
 provide computing resources to schools where bandwidth is either nonexistent 
 or prohibitively expensive. We provide a customized Edubuntu/LTSP setup 
 which will host local versions of useful online resources like Kahn Academy 
 (via ka-lite), Wikipedia (via Wikipedia For Schools), etc. 
 
 I'm serving as a sort of Linux/tech advisor to them, and am looking into 
 ways to provide updates to configuration files on classroom servers that...
 Are not physically accessible to me
 Are not online (local reps can download updates to a USB drive and bring it 
 to the server)
 Do not have much in the way of local technical expertise, so deployment will 
 need to be fairly straightforward/scriptable
 I don't have much experience with tools like Puppet, Chef, etc, but after 
 reading through some of the docs, it sounds like Puppet might be able to do 
 exactly what I want. Before I put too much effort into it, I hope I can run 
 my ideas by y'all for a sanity check and ask some questions: 
 If I maintained a master image configured via a set of Puppet manifests, 
 could I just periodically put those manifests online, have someone in Kenya 
 download them to a USB drive, copy them to the server, and run puppy 
 apply... on them? 
 If they first backed up the server's previous set of manifests, would they 
 be able to roll back changes in case of a problem?
 Is there a better approach? Any other suggestions for things (including 
 tools other than Puppet) to look at?
 
 1. Yes, absolutely.
 
 2. No, not reliably.  The old manifests could be re-applied, but that is not 
 at all the same as a rollback.  You cannot 'undo' application of a Puppet 
 catalog because many of the actions Puppet performs to change the state of 
 the system are inherently non-undoable.  Execs are the poster child there, 
 but they are by no means the only example.
 
 3. Maybe.  One possibility would be to provide full system images.  
 Especially if you put user home directories on a separate file system, you 
 could wipe and replace the system part of each machine to perform updates.  
 The images could be tested pretty well in the lab before they are sent to the 
 field, and they could be completely reverted by wiping again and putting an 
 old image back in place.  The update process would consume a lot more time, 
 though, and you might have trouble with locally-installed software.
 
 
 John
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To post to this group, send email to puppet-users@googlegroups.com.
 Visit this group at http://groups.google.com/group/puppet-users.
 For more options, visit https://groups.google.com/groups/opt_out.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Disable certain facter facts?

2013-06-25 Thread Patrick Carlisle

 Is it possible to tell facter to ignore certain facts?  Couldn't find a
 config file for it and not sure how puppet tells it to gather facts.


There's no configuration right now. I think you have a pretty reasonable
case, and you should file a feature request at
http://projects.puppetlabs.com/projects/facter.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] undefined method `[]' for nil:NilClass

2013-06-18 Thread Patrick Carlisle

To diagnose this you'll want to get a full stack trace. Since the error is
on the master you run the master with --trace and then find the stack trace
in the log.


On Tue, Jun 18, 2013 at 11:08 AM, Greg Chavez greg.cha...@gmail.com wrote:

 I upgrade our infrastructure (mostly RHEL5, some RHEL6) from 3.1 to
 puppet-3.2.1-1.el5.  Ruby sits at ruby-1.8.7.370-1.el5.  I ran some
 tests and everything seemed good so I pushed it out.

 Since then, all my puppet clients are failing with this:

 Error: Could not retrieve catalog from remote server: Error 400 on
 SERVER: undefined method `[]' for nil:NilClass at
 /etc/puppet/modules/site/manifests/init.pp:7 on node
 maps-cs-vm-03u.streamsage.com
 Warning: Not using cache on failed catalog
 Error: Could not retrieve catalog; skipping run

 Googling shows that this is a common error that crops up for any
 number of reasons.  I wonder what my reason is in this case.  I use
 Cobbler as my ENC, so I have no node statements.  Since I'm not using
 hiera yet, my site/init.pp looks like this:

 class site {

   if $::operatingsystem == RedHat {

   include puppet
   include ypbind
   include sudo

   if $::ipaddress =~ /^192\.168\./ {

   Class[puppet] - Class[ypbind] - Class[sudo]

   } else {

   include snmp
   Class[puppet] - Class[snmp] - Class[ypbind] -
 Class[sudo]

   }

   if $::hostname =~ /[dqcpu]$/ {
   include yum
   include java
   }

   # Fixes for mayhem caused by Dell  Puppet repos
   package {dell-omsa-repository: ensure = absent }
   file {/etc/yum.repos.d/dell-omsa-repository.repo: ensure = absent
 }
   file {/etc/yum.repos.d/puppet-delete-me.repo: ensure = absent}



   notify {ENV == ${environment}:}

   package { koan:
 ensure = latest,
   }

   # artifact of setting the OOB IP in Cobbler
   file { /etc/sysconfig/network-scripts/ifcfg-oob:
 ensure = absent;
   }

   } elsif $::operatingsystem == Ubuntu {

   notify {Howdies! I am running Ubuntu!: }

   include ntp
   include puppet

   Class['ntp'] - Class['puppet']

   }

 }


 Line 7 is include sudo.  This is a modified version of saz-sudo-2.0.2.

 Any ideas?  Thanks.
 --
 \*..+.-
 --Greg Chavez
 +//..;};

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an
 email to puppet-users+unsubscr...@googlegroups.com.
 To post to this group, send email to puppet-users@googlegroups.com.
 Visit this group at http://groups.google.com/group/puppet-users.
 For more options, visit https://groups.google.com/groups/opt_out.




-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] puppet unicorn SIGINT shutdown issue

2013-02-20 Thread Patrick

So I started running puppet under unicorn, and it works, but there is a 
problem with shutting it down.
Whenever you send a SIGINT to the master unicorn process, the worker 
processes are left running and listening on the socket until they time out 
and shut themselves down. However if you send it a SIGTERM it shuts down 
fine . The other interesting point is that when you send the SIGINT, the 
process writes out Canceling startup, which indicates that rack never 
fully started. I'm guessing it's because of this that the workers don't get 
shut down properly.

I wrote a really simple rack app to run under unicorn, and it behaves 
properly with both SIGINT and SIGTERM, so this leads me to believe puppet 
is doing something unusual with rack.

Anyone know why this is occurring? It feels like a bug in puppet, but 
wasn't sure if unicorn was officially supported or not.

Puppet 3.1 with unicorn 4.5.0

-Patrick

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] puppet unicorn SIGINT shutdown issue

2013-02-20 Thread Patrick Hemmer

Well I figured it out. In `application/master.rb` line 142, puppet is
doing `Signal.trap(:INT) ... exit(0)`, which prevents unicorn from
getting the signal and shutting down properly.
Why is this code there? Any reason I shouldn't be heading right over to
the bug tracker and entering in a bug report?

-Patrick


On 2013/20/02 14:14, Patrick wrote:
 So I started running puppet under unicorn, and it works, but there is
 a problem with shutting it down.
 Whenever you send a SIGINT to the master unicorn process, the worker
 processes are left running and listening on the socket until they time
 out and shut themselves down. However if you send it a SIGTERM it
 shuts down fine . The other interesting point is that when you send
 the SIGINT, the process writes out Canceling startup, which
 indicates that rack never fully started. I'm guessing it's because of
 this that the workers don't get shut down properly.

 I wrote a really simple rack app to run under unicorn, and it behaves
 properly with both SIGINT and SIGTERM, so this leads me to believe
 puppet is doing something unusual with rack.

 Anyone know why this is occurring? It feels like a bug in puppet, but
 wasn't sure if unicorn was officially supported or not.

 Puppet 3.1 with unicorn 4.5.0

 -Patrick
 -- 
 You received this message because you are subscribed to the Google
 Groups Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send
 an email to puppet-users+unsubscr...@googlegroups.com.
 To post to this group, send email to puppet-users@googlegroups.com.
 Visit this group at http://groups.google.com/group/puppet-users?hl=en.
 For more options, visit https://groups.google.com/groups/opt_out.
  
  

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Error with service: invalid byte sequence in US-ASCII

2013-02-18 Thread Patrick

I just built a new puppet master, and whenever I run puppet on it, it 
throws an error while processing a service resource:

# puppet agent -t
 Info: Retrieving plugin
 Info: Caching catalog for i-45dc2b1d
 Info: Applying configuration version 'g 
 9ea47ad19bc706a754c00f00a024309948d3ea03'
 Error: /Stage[main]/Ipa::Client::Basic/Service[sssd]: Could not evaluate: 
 invalid byte sequence in US-ASCII
 Notice: Finished catalog run in 15.37 seconds


The debug output:

Debug: Executing '/sbin/status sssd'
 Debug: Executing '/sbin/initctl --version'
 Error: /Stage[main]/Ipa::Client::Basic/Service[sssd]: Could not evaluate: 
 invalid byte sequence in US-ASCII



This is what the manifest for that resource looks like:

 service { 'sssd':
   ensure = running,
   enable = true,
   hasstatus  = true,
   hasrestart = true,
   require= [ Package['sssd'], File['/etc/sssd/sssd.conf'], ],
 }



This is with ubuntu 12.04 and puppet 3.1
Any ideas?

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Error with service: invalid byte sequence in US-ASCII

2013-02-18 Thread Patrick Hemmer

No, but it's not related to the manifest. The manifest this resource is
in actually hasn't changed in months. Also I can reboot the box and it
goes away. Other boxes that aren't doing it will sometimes start doing
it when they reboot. (at least that's the behaviour I've been observing,
but I have only rebooted a few boxes since this started occurring).
So it seems like it's environmental, but I have no clue what.

-Patrick


On 02/18/2013 11:57 PM, Conor wrote:

 Have you looked for non-printable characters?

 `cat -v filename` is one of the easier ways to check.

 -Conor

 On Feb 18, 2013 11:54 AM, Patrick patrick.hem...@gmail.com
 mailto:patrick.hem...@gmail.com wrote:

 I just built a new puppet master, and whenever I run puppet on it,
 it throws an error while processing a service resource:

 # puppet agent -t
 Info: Retrieving plugin
 Info: Caching catalog for i-45dc2b1d
 Info: Applying configuration version 'g
 9ea47ad19bc706a754c00f00a024309948d3ea03'
 Error: /Stage[main]/Ipa::Client::Basic/Service[sssd]: Could
 not evaluate: invalid byte sequence in US-ASCII
 Notice: Finished catalog run in 15.37 seconds


 The debug output:

 Debug: Executing '/sbin/status sssd'
 Debug: Executing '/sbin/initctl --version'
 Error: /Stage[main]/Ipa::Client::Basic/Service[sssd]: Could
 not evaluate: invalid byte sequence in US-ASCII



 This is what the manifest for that resource looks like:

 service { 'sssd':
   ensure = running,
   enable = true,
   hasstatus  = true,
   hasrestart = true,
   require= [ Package['sssd'], File['/etc/sssd/sssd.conf'], ],
 }



 This is with ubuntu 12.04 and puppet 3.1
 Any ideas?

 -- 
 You received this message because you are subscribed to the Google
 Groups Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it,
 send an email to puppet-users+unsubscr...@googlegroups.com
 mailto:puppet-users%2bunsubscr...@googlegroups.com.
 To post to this group, send email to puppet-users@googlegroups.com
 mailto:puppet-users@googlegroups.com.
 Visit this group at http://groups.google.com/group/puppet-users?hl=en.
 For more options, visit https://groups.google.com/groups/opt_out.
  
  


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] curious problem with puppet run

2012-10-11 Thread Patrick

Hello,

i have a curious problem with a node.
Every puppetrun the node says.
err: Could not retrieve catalog from remote server: Error 400 on SERVER: 
syntax error on line 105, col 0: `$InputFileSeverity info'

There are 4 nodes which use the same modul but only one node have this 
problem??

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/Q0t634htwGIJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Create files from array - Duplicate declaration

2012-10-10 Thread Patrick

hello,

i want to create some files with an array:

class files (
...
$type = [ file1, file2, file3, file4, file5, file5 ]
) {


define rsyslog($owner = root, $group = root, $mode = 644,
 $ensure = present) {

file {/etc/rsyslog.d/$type.conf:
ensure  = $ensure,
owner   = $owner,
group   = $group,
mode= $mode,
content = template('template.erb'),
  }
}
rsyslog { $type: } 
} 
Puppet says Duplicate declaration: 
File[/etc/rsyslog.d/oevd-intern-accesserrors.conf *(and how to fix this?*)] 
is already declared in file

It works with only one element in my array...
anyone can help me?

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/jiEFtSDdGL8J.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Create files from array - Duplicate declaration

2012-10-10 Thread Patrick

Now puppet says  Cannot reassign variable name...

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/b4ufhZOEEU8J.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Create files from array - Duplicate declaration

2012-10-10 Thread Patrick

Fixed now :)
Just replaced $type (is used by puppet) with $logtype and used $name for 
the files.

But my last problem ist the template.
I'm using %= scope.lookupvar('oevd_opendj::logtype') % and puppet writes  
file1file2file3file4
How can i resolve that?


Am Mittwoch, 10. Oktober 2012 10:31:59 UTC+2 schrieb Patrick:

 Now puppet says  Cannot reassign variable name...


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/Acqm6XAn_RcJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Create files from array - Duplicate declaration

2012-10-10 Thread Patrick

ok fixed now ;)

Am Mittwoch, 10. Oktober 2012 13:14:34 UTC+2 schrieb Patrick:

 Am Mittwoch, 10. Oktober 2012 12:25:39 UTC+2 schrieb kish:

 On Wed, Oct 10, 2012 at 2:52 PM, Patrick 
 patrick@googlemail.com wrote: 
  Fixed now :) 
  Just replaced $type (is used by puppet) with $logtype and used $name 
 for the 
  files. 
  
  But my last problem ist the template. 
  I'm using %= scope.lookupvar('oevd_opendj::logtype') % and puppet 
 writes 
  file1file2file3file4 
  How can i resolve that? 

 You should iterate on logtype. 
 eg. 
  % env_settings.each do |env_setting| -% 
 %= env_setting % 
 % end -% 

 That should help. 


 Thanks.
 But i think there is a problem now:
 $InputFilename /opt/app/logs/%= logtype %

 I have to replace %= logtype % with the current logtype
 eg.
 if puppet create the errors.conf file so $InputFilename should be 
 /opt/appt/errors. 
 scope.lookupvar('oevd_opendj::name') % does not work.


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/xDnm0tHZaxAJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: in-module data with hiera

2012-10-01 Thread Patrick Roberts

I am looking forward to testing this out in my test lab, as this is 
something I have been looking for for quite a while.  (That, and a good 
deployment mechanism, while waiting for Razor to mature.)

Thank you for putting this out for testing/reflection.

-- 
Patrick Roberts



On Sunday, September 30, 2012 4:37:29 AM UTC-5, R.I. Pienaar wrote:

 hello, 

 Till now hiera-puppet was the only way I know that allowed hiera data to 
 be loaded from inside a module. 

 The problem with this was that it was still subject to the site specific 
 hierarchy which means a module author had a pretty hard time to store 
 his data in a proper way in his module thus perpetuating the use of the 
 params classes pattern. 

 Now that Puppet 3 is out and it's gem extensible I can finally try some 
 ideas I had but put off implementing because it was too hard to install 
 and distribute these extensions. 

 I propose extending the module layout with a data/ directory that can go 
 into each module and in this data directory would live a hiera config 
 file (optionally) and module specific data: 

your_module 
├── data 
│   ├── hiera.json 
│   └── osfamily 
│   ├── Debian.json 
│   └── RedHat.json 
└── manifests 
└── init.pp 

 Here the data/hiera.json is optional and specifies a hierarchy that the 
 module author chooses and is unique to the specific backend. 

 The default contents would be this is the file is absent: 

{hierarchy: [osfamily/%{osfamily}, common]} 

 But a module author can pick anything there, should even be able to rely 
 on facts that is shipped with the module in its lib dir since that'll 
 get pluginsynced out before compile time: 

 Now given the data files for Redhat: 

{apache::package : httpd} 
   
 ...and Debian: 

{apache::package : apache2} 

 And your main hiera site config being something like: 

:backends: - json 
   - module_json 

 You should be able to just write module code like this: 

class apache($package=apache) { 
   package{$package: ensure = present} 
} 

 If no data is specified in the site hiera backends then this will use 
 the in-module hierarchy and data and just do the right thing on RedHat 
 and Debian systems but as always the site can still override the data 
 using hard coding, site specific data, ENCs etc. 

 So the important thing here is the module author has control over the 
 hierarchy that gets used when the data in his module gets loaded. The 
 site can has its own hierarchy policy but this backend will only use 
 the hierarchy that is recorded in the module by its author. 

 If you want to play with this idea on your Puppet 3 install just do 'gem 
 install hiera-module-json' 

 So I am looking for feedback from the community on this pattern, will it 
 solve the problem of author-supplied module data better than we have 
 today? I've heard this problem brought up quite a lot so keen to hear 
 feedback. 

 I'd imagine eventually a backend like this might be a hard-coded backend 
 shipped with puppet and always there as the lowest priority backend 
 below any that the site might specify in their site wide hiera config so 
 everyone can rely on this being there and with the new lookup helpers 
 this should also be backward compatible - old Puppets or ones who 
 specifically disable the hiera indirector will just not have data and 
 will need to supply it some other way. 

 --- 
 R.I.Pienaar 


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/J0XkwA_MAQUJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Upgrade from 2.7 to 3.0, problem with run_mode in application.rb

2012-09-28 Thread Patrick Carlisle

On Fri, Sep 28, 2012 at 2:29 PM, Forrie for...@gmail.com wrote:

 I'm not at PuppetConf, unfortunately.  In this case, all I did was a
 simple CentOS service puppetmaster restart as I have in the past.

 But, I wonder if the fact there are older versions still present might
 contribute to this -- though it shouldn't be reading code from those
 locations.


Definitely. Your stack trace shows puppetmasterd running out of 2.7 but the
main puppet code loaded out of 3.0. This is probably because 3.0 no longer
ships a puppetmasterd command (it was deprecated in 2.7 in favor of 'puppet
master').

Rubygems allows you to have multiple versions installed at the same time,
so probably all you need to do is make sure only 3.0 is installed and then
make sure your init script calls puppet master instead of puppetmasterd.

-Patrick

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Error sending reports to dashboard

2012-09-12 Thread Patrick

I wanted to configure the puppet dashboard to require authentication of 
client certs and had to modify the previous script to get it to send the 
client certificate. I also adjusted it to use the puppet CA cert to verify 
the remote server as well. Simple changes, but providing it in case anyone 
else wants to lock down their dashboard (or other report collector).
It uses the cert settings as configured in puppet.conf.


require 'puppet'
require 'net/http'
require 'net/https'
require 'uri'

Puppet::Reports.register_report(:https) do

  desc -DESC
  Send report information via HTTPS to the `reporturl`. Each host sends
  its report as a YAML dump and this sends this YAML to a client via HTTPS 
POST.
  The YAML is the `report` parameter of the request.
  DESC

  def process
url = URI.parse(Puppet[:reporturl].to_s)
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.cert = 
OpenSSL::X509::Certificate.new(File.read(Puppet[:hostcert].to_s))
http.key = OpenSSL::PKey::RSA.new(File.read(Puppet[:hostprivkey].to_s))
http.ca_file = Puppet[:localcacert].to_s
http.verify_mode = OpenSSL::SSL::VERIFY_PEER

req = Net::HTTP::Post.new(url.path)
req.body = self.to_yaml
req.content_type = application/x-yaml

http.start do |http|
  response = http.request(req)
  unless response.code == 200
Puppet.err Unable to submit report to #{Puppet[:reporturl].to_s} 
[#{response.code}] #{response.msg}
  end
end

  end
end




On Wednesday, July 4, 2012 9:13:49 AM UTC-4, Julien wrote:

 Hi,

 In your puppet.conf, change :

 [master]
   reports = log, store, http*s*
   reporturl = 
 https://puppet-test.uis.example.com:443/reports/uploadhttps://puppet-test.uis.example.com/reports/upload

 Then add in your reports folder (under debian with puppetlabs packets) ;

 /usr/lib/ruby/1.8/puppet/reports/https.rb :

 require 'puppet'
 require 'net/http'
 require 'net/https'
 require 'uri'

 Puppet::Reports.register_report(:https) do

   desc -DESC
   Send report information via HTTPS to the `reporturl`. Each host sends
   its report as a YAML dump and this sends this YAML to a client via HTTPS 
 POST.
   The YAML is the `report` parameter of the request.
   DESC

   def process
 url = URI.parse(Puppet[:reporturl].to_s)
 http = Net::HTTP.new(url.host, url.port)
 http.use_ssl = true
 http.verify_mode = OpenSSL::SSL::VERIFY_NONE

 req = Net::HTTP::Post.new(url.path)
 req.body = self.to_yaml
 req.content_type = application/x-yaml

 http.start do |http|
   response = http.request(req)
   unless response.code == 200
 Puppet.err Unable to submit report to #{Puppet[:reporturl].to_s} 
 [#{response.code}] #{response.msg} 
   end
 end

   end
 end

 Found in the VM Labs shipped by puppetlabs.

 Julien



-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/QRlDKyvE3VUJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Error 400 on SERVER: Could not parse for environment production: Syntax error at '{'; expected '}'

2012-08-14 Thread Jen Patrick

It's barfing on this:
 Error 400 on SERVER: Could not parse for environment production: Syntax 
error at '{'; expected '}'

Here's the node.pp

node ccc.unix.ccc.ccc.edu {
  class {
 web_server:
  net_static   = {
eth0 = {
  macaddress = $macaddress_eth0,
  ipaddress  = 192.168.185.228,
  netmask= 2255.255.255.128,
  gateway= 192.168.185.129,
}
  },

  environment   = production,
  unattended_update = true,
  nfs   = false,
  proxy = false,
  apachessl = false,
  admins= [void, Null];
  }

  apache::vhost {
$fqdn:
  priority = '20',
  port = '80',
  docroot  = '/var/www',
  }



# open firewall from vpn
  firewall {
044 allow SSH from 192.168.10.0/23:
  action = accept,
  proto  = tcp,
  dport  = 22,
  source = '192.168.10.0/23';
  }
}

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/4wBjWB34Di8J.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Learning Puppet Virtual Machine vs. Parallels Desktop = linux kernel panic

2012-05-25 Thread Patrick Debois

Shameless plug here - In the current beta version Veewee is now able to 
build Parallels systems.


https://github.com/jedi4ever/veewee

That might be useful to create your environment, as there is no real 
need to import it?

And it will install ruby and puppet



On 25/05/12 15:52, Dan White wrote:
I fought with this about three months ago and got the answer out of 
Parallels Tech Support:


1. Convert your VmWare virtual Machine but do not run it.
2. Go to Virtual Machine drop-down menu - Configure - Hardware - 
Hard Disk 1 and change its location from SATA to IDE (e.g. IDE 0:1).

3. Run your Virtual Machine.

It works for me.  Please let me know if it works for you.

On May 24, 2012, at 8:33 PM, Stefan Lasiewski wrote:
I am attempting to use the Learning Puppet VM [1] with Parallels 
Desktop 7 on a Mac (Snow Leopard).


Unfortunately, Parallels does not support OVF images, so I must try 
the VMX image. Parallels has the ability to convert VMware images, 
although I don't know if this works well.


If I attempt to import the VMX image using Parallels, I run into two 
problems. I will include the screenshots on Google+ (See link [2])


 1. Parallels fails to detect the operating system in the VMX image.
Please see the screenshot at [2]. Regardless, I went ahead with
the import of this image and Parallels says the import was
successful.
 2. After importing the image, I boot the Virtual Machine. However,
the OS is unable to find any of the LVM volume groups, and the
the kernel panics.

I am unsure if this is a problem with the VMX image, or if Parallels 
is doing something wrong. The main problem seems to be that LVM 
cannot create the volume group.


I know this is a long shot, but I am hoping there are other Mac or 
Parallels users out there who have tried the Learning Puppet VM.


Thank you for your help,

-= Stefan

[1] http://info.puppetlabs.com/download-learning-puppet-VM.html
[2] 
https://plus.google.com/photos/103621378732713508804/albums/5746257600756103185


Hopefully link [2] works.

--
You received this message because you are subscribed to the Google 
Groups Puppet Users group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/3HCfJppQ5IoJ.
To post to this group, send email to puppet-users@googlegroups.com 
mailto:puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com 
mailto:puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.


--
You received this message because you are subscribed to the Google 
Groups Puppet Users group.

To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.


--
You received this message because you are subscribed to the Google Groups Puppet 
Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] puppet-lint error

2012-04-19 Thread Patrick Carlisle

It looks like an incompatibility between puppet-lint and ruby 1.9, which
removed the String#each method that was in earlier versions.

On Wed, Apr 18, 2012 at 11:30 PM, Joseph cheng...@gmail.com wrote:

 Hi, this is not strictly puppet related but I am hoping someone here
 who uses puppet-lint can tell me what is going on here.

 $ puppet-lint init.pp
 /Users/jc/.rvm/rubies/ruby-1.9.3-p125/lib/ruby/site_ruby/1.9.1/
 rubygems/custom_require.rb:36:in
 `require': iconv will be deprecated in the future, use String#encode
 instead.
 /Users/jc/.rvm/gems/ruby-1.9.3-p125/gems/puppet-lint-0.1.13/bin/puppet-
 lint:89:in
 `top (required)': undefined method `each' for service.pp:String
 (NoMethodError)
   from /Users/jc/.rvm/gems/ruby-1.9.3-p125/bin/puppet-lint:19:in
 `load'
   from /Users/jc/.rvm/gems/ruby-1.9.3-p125/bin/puppet-lint:19:in
 `main'

 puppet (2.7.12)
 puppet-lint (0.1.13)

 Thx!

 J.

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.



-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] agent suddenly disabled

2012-04-13 Thread Patrick Carlisle

This is a bug in the error message (
http://projects.puppetlabs.com/issues/13299). The correct command is
'puppet agent --enable'.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] configuration version variable?

2012-04-06 Thread Patrick Debois

I've implemented that - See pull request - 
https://github.com/puppetlabs/hiera-puppet/pull/20


See 
https://github.com/jedi4ever/hiera-puppet/commit/2250a9825ea3382bb0518d77c4f5a8b97667f4a0 
for details


On 06/04/12 18:54, psychobyte wrote:

Hi,

is there a fact or variable for the configuration version that I can 
access from hiera or my manifests? I'd like to embed it into my files.


Thanks,

--
You received this message because you are subscribed to the Google 
Groups Puppet Users group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/y9V2HDKg-YQJ.

To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.


--
You received this message because you are subscribed to the Google Groups Puppet 
Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Unknown function hiera

2012-04-04 Thread Patrick Debois


FWIW I've submitted this patch today to:

- include the gem inside the manifest
- load the correct loadpaths
- enable relocatable hiera_configdir and hiera_yaml_datasource

https://github.com/puppetlabs/hiera-puppet/pull/20

This makes it much easier to have things configured until all the hiera 
is part of Telly.



On 04/04/12 18:17, Nan Liu wrote:

On Wed, Apr 4, 2012 at 9:10 AM, Martin Willemsmamwillem...@gmail.com  wrote:

Hi Andreas,

In my believe that message is from your puppetmaster unable to compile
the manifest because the hiera function is not present on the master.
If you install hiera gem, the functions are not copied to your puppet
functions dir.

That's correct. Per https://github.com/puppetlabs/hiera-puppet:

For the moment the Gem install will place the Puppet Parser Function
where Puppet cannot find it, you should copy it out and distribute it
to your master using Pluginsync or something similar


I would recommend checking your gem path on the puppetmaster and
confirm the files are present.


gem env

...
  - GEM PATHS:
 - /usr/lib/ruby/gems/1.8
 - /root/.gem/ruby/1.8
...


ls  /usr/lib/ruby/gems/1.8/gems/puppet-2.7.12/lib/puppet/parser/functions/*hier*

Should list: -

/usr/lib/ruby/gems/1.8/gems/puppet-2.7.12/lib/puppet/parser/functions/hiera_array.rb
/usr/lib/ruby/gems/1.8/gems/puppet-2.7.12/lib/puppet/parser/functions/hiera_include.rb
/usr/lib/ruby/gems/1.8/gems/puppet-2.7.12/lib/puppet/parser/functions/hiera_hash.rb
/usr/lib/ruby/gems/1.8/gems/puppet-2.7.12/lib/puppet/parser/functions/hiera.rb

On my setup I was able to fix this my manually copying the file to the
puppet libdir:

# copy libs from hiera to puppet
cp /usr/lib/ruby/gems/1.8/gems/hiera-puppet-0.3.0/lib/puppet/parser/functions/*
/usr/lib/ruby/gems/1.8/gems/puppet-2.7.12/lib/puppet/parser/functions

However, I would recommend using puppet module path and puppet
pluginsync rather than copying the files to puppet's gem path. If your
module path is /etc/puppet/modules, the following command should get
the function in a location where puppet can find and compile:

ln -s /usr/lib/ruby/gems/1.8/gems/hiera-puppet-0.3.0
/etc/puppet/modules/hiera-puppet

If you want to check out the lastest version of hiera:

git clone git://github.com/puppetlabs/hiera-puppet.git
/etc/puppet/modules/hiera-puppet

HTH,

Nan



--
You received this message because you are subscribed to the Google Groups Puppet 
Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: vmware provisioning

2012-02-16 Thread Patrick Debois


You might want to take a look at veewee03.
It now can create baseboxes on Vmware Fusion.

Which allows you to export them to  OVA format that you can import in 
Vsphere/Esx


https://github.com/jedi4ever/veewee

On 16/02/12 00:34, Eric Shamow wrote:
Indeed, at $(job - 1) we implemented something to do this pretty 
quickly, although not with the flexibility of cloud provisioner.


In theory it should be easy to write something through the cloud 
provisioning framework that takes even less time and is more flexible 
than our tools, but it's a fairly straightforward task.


-Eric

--

Eric Shamow
Professional Services
http://puppetlabs.com/
(c)631.871.6441

On Wednesday, February 15, 2012 at 5:36 PM, Brian Gupta wrote:

Foreman has support for this. (Tied into Foreman provisioning 
workflow). I am unaware of any other support for VMware provisioning 
in the open source Puppet world, but in theory it shouldn't be too 
hard to write.


-Brian

On Wed, Feb 15, 2012 at 3:55 PM, Luke lutay...@gmail.com 
mailto:lutay...@gmail.com wrote:

Just to clarify,

We currently have centos templates in ESX that we manually clone to VM
and configure (add HD network etc) then kick off puppet. We would like
to automate these initial steps.

On Feb 15, 4:30 pm, Luke lutay...@gmail.com 
mailto:lutay...@gmail.com wrote:

 Does anyone know of a module that will spin up and configure a centos
 vmware template? I see options with PE any with the open source
 version?

--
You received this message because you are subscribed to the Google 
Groups Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com 
mailto:puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com 
mailto:puppet-users%2bunsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.






--
http://aws.amazon.com/solutions/solution-providers/brandorr/

--
You received this message because you are subscribed to the Google 
Groups Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com 
mailto:puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com 
mailto:puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.


--
You received this message because you are subscribed to the Google 
Groups Puppet Users group.

To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.


--
You received this message because you are subscribed to the Google Groups Puppet 
Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Exec depends on ressources that are several different types

2012-01-15 Thread Patrick Viet

On Jan 11, 9:07 am, Aaron Grewell aaron.grew...@gmail.com wrote:
 require accepts an array, so you should be able to do this:
 require = [File['foo'],Exec['bar']]

It worked. Thanks so much. I should submit this as an addition in one
of the wiki examples on the puppet website.

Patrick

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Exec depends on ressources that are several different types

2012-01-10 Thread Patrick Viet

Hi dear puppet users.

I have an perl file that depends on a lib, that I want to execute.
I have stripped the parts of config that weren't relevant here such as
owner, group and so on

In perl script : use Config::Tiny.
Script is stored on puppet master.

Manifest :

file { /path/to/file.pl: source = puppet:///file.pl, mode =
0755 }
package { libconfig-tiny-perl: ensure = installed }
exec { /path/to/file.pl: require =  }


at XX I would like to put Package['libconfig-tiny-perl] AND
File[/path/to/file.pl] which doesn't work.

In the docs
( http://docs.puppetlabs.com/guides/language_guide.html )
it gives an example
service { 'sshd':
  require = File['sshdconfig', 'sshconfig', 'authorized_keys']
}

But this only works for multiple dependencies that have the same
nature, here File

I have found a workaround which is to put the package dependency in
the file section (file depends on package, exec depends on file, all
solved), but while this does work in my specific case, I'm sure there
are others where it wouldn't work.

So is there any way to specify multiple resource dependency when the
resources have a different nature ?

Thanks all

Patrick

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: signing request from Windows client

2012-01-10 Thread Patrick Viet

 $ puppet cert --list
 Could not parse for environment production: Could not find file /etc/
 puppet/cert.pp

 Am I missing some part of the server configuration?

The command you are running is for puppet 2.x
The error you are getting is a typical reaction of puppet 0.x
Check it with dpkg -l | grep puppet

Then proceed to update puppet by editing the /etc/apt/sources.list,
uncommenting the maverick-backports
then apt-get update, apt-get -t maverick-backports install puppet
puppetmaster
Your puppet should be updated to 2.6.x

You may not want to use ubuntu 10.10 in a server : it is not updated/
supported anymore.
Actually, I would strongly advise against using anything but the LTS
releases for servers :
10.04 LTS / lucid right now
12.04 LTS as soon as it is released, in April 2012.

Cheers

Patrick Viet

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Puppet with Ruby1.9 issue

2011-12-20 Thread Patrick Carlisle

That should be fine as long as you're only running on Ruby 1.9. A fix for
this issue went into our 2.7.x branch yesterday [
https://github.com/puppetlabs/puppet/commit/933844567fbe4078cb76f2c089ced1cb6c4170b7].
I'd love to hear if that solves your problems, although I think on 1.9.2
it's functionally equivalent to what you're already doing.



On Fri, Dec 16, 2011 at 4:50 AM, linuxbsdfreak linuxbsdfr...@gmail.comwrote:

 Hi,

 As i already mentioned on the 1st post. I have edited the file and
 changed the entries mentioned in the post.


 I changed /usr/lib64/ruby/gems/1.9.1/gems/puppet-2.7.9/lib/puppet/
 application/cert.rb

 Eg:

 option(--all, -a) do
@all = true
  end

 to

 option(--all, -a) do  |*_|
@all = true
  end

 Is the syntax correct or wrong.

 Regards,
 Kevin

 On Dec 15, 8:57 pm, Ken Barber k...@puppetlabs.com wrote:
  Okay - so its a known issue:
 
  http://projects.puppetlabs.com/issues/7428
 
  Looks like there is a workaround there Kevin. Let us know how you go.
 
  ken.
 
 
 
 
 
 
 
  On Thu, Dec 15, 2011 at 7:40 PM, Ken Barber k...@puppetlabs.com wrote:
   Dan - Some distro's pinned these kind of directories at 1.9.1. For
   example in Debian the package is called ruby-1.9.1 even though its
   version 1.9.2/1.9.3 (depending on release).
 
   # ruby1.9.1 --version
   ruby 1.9.3p0 (2011-10-30 revision 33570) [x86_64-linux]
   # ls /usr/lib/ruby/
   1.8  1.9.1  vendor_ruby
 
   Anyhow ... what is interesting, is that I can replicate this on wheezy.
 
   # gem1.9.1 install puppet
   # ruby1.9.1 /usr/local/bin/puppet cert --list
   /var/lib/gems/1.9.1/gems/facter-1.6.4/lib/facter/util/config.rb:7: Use
   RbConfig instead of obsolete and deprecated Config.
   /usr/lib/ruby/1.9.1/rubygems/custom_require.rb:36:in `require': iconv
   will be deprecated in the future, use String#encode instead.
   Could not parse options: wrong number of arguments (1 for 0)
 
   And switching back to the packaged version:
 
   # /usr/bin/puppet cert --list --all
   + dashboard
  (B6:1F:91:F3:70:E4:AD:C5:4C:B8:40:BF:0D:2A:7D:C5)
   + db1.vms.cloud.bob.sh
 (C6:B2:F7:3E:9A:DB:F7:75:22:CD:6F:30:55:3E:C5:06)
   + 
   foremanweb1.vms.cloud.bob.sh(F8:0D:12:BB:F8:D1:3A:AD:A2:73:46:E2:78:85:69:86)
   + k...@bob.sh
 (CB:9C:4E:67:41:59:4B:43:39:0C:4B:DD:25:A2:19:D8)
   + lb1.vms.cloud.bob.sh
 (73:C7:B3:4D:C9:5A:1D:D6:80:C2:57:96:B5:0A:A9:C1)
   + mc-server-global
 (52:63:C0:02:14:83:CD:9D:36:0D:82:3F:E3:19:03:E1)
   + node1.cloud.bob.sh
   (4B:12:11:DE:8F:21:71:EA:50:3A:70:97:81:0C:A9:E4) (alt names:
   DNS:puppet, DNS:node1.cloud.bob.sh, DNS:puppet.cloud.bob.sh)
   + web1.vms.cloud.bob.sh
  (68:CC:0A:6F:80:CC:84:DE:3D:37:0A:02:E5:2A:BA:6D)
   root@node1:~#
 
   Odd. I'll dig a bit further.
 
   ken.
 
   On Thu, Dec 15, 2011 at 7:20 PM, Daniel Pittman dan...@puppetlabs.com
 wrote:
   On Thu, Dec 15, 2011 at 02:33, linuxbsdfreak linuxbsdfr...@gmail.com
 wrote:
 
   Hey there.
 
   I have a running puppetmaster with nginx and passenger and ruby
 1.9.2.
 
   I see something odd here - 1.9.2 in the line above, and ...
 
   When i do puppet cert --trace --list . i get the following error.
 
   /usr/lib64/ruby/gems/1.9.1/gems/puppet-2.7.9/lib/puppet/application/
   cert.rb:43:in `block (2 levels) in class:Cert'
 
   ... 1.9.1 here.  Which we don't actually support.
 
   My guess is you are running with 1.9.1 accidentally, and that is
 breaking.
 
   Daniel
   --
   ⎋ Puppet Labs Developer –http://puppetlabs.com
   ♲ Made with 100 percent post-consumer electrons
 
   --
   You received this message because you are subscribed to the Google
 Groups Puppet Users group.
   To post to this group, send email to puppet-users@googlegroups.com.
   To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
   For more options, visit this group athttp://
 groups.google.com/group/puppet-users?hl=en.

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.



-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] package versioning by environment - best practice?

2011-07-20 Thread Patrick

New puppet user here looking for a yay or nay on whether the current
design I've got is a good idea.
The main thing I'm trying to accomplish is to have a class that gets
applied to a production box and a testing box, where the only
difference between the two is the version of packages that get
installed.
The way I've accomplished this is to have something like

site.ini:
node testwebbox1 {
class { versions: env = test }
include webbox
}
node prodwebbox1 {
class { versions: env = prod }
include webbox
}


Then that webbox class would have package types in it that have
'ensure = httpd-${versions::httpd}'
The versions class would set $httpd based on that 'env' argument that
gets passed to it.

The only other way that springs to mind of doing this is to pass the
'env' arg to the 'webbox' class and have it include the versions
class. This is probably the better way anyway since webbox depends on
variables provided by the versions class. But this is still very
similar to the first method, and not an entirely new approach.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Checking for free disk space on mountpoint?

2011-07-12 Thread Patrick


On Jul 11, 2011, at 11:10 PM, vagn scott wrote:

 On 07/12/2011 01:05 AM, Patrick wrote:
  Keep in mind that, this being unix, there's no drives so if you will 
 probably be checking the amount of space on root if you don't think about it.

 There most certainly are drives in unix.  Not drive letters, though.


Ah.  I misspoke.  I meant that the path to where you put a file on the 
filesystem doesn't explicitly mention a drive name.  For instance, you can't 
tell looking at the path if / and /var are on the same drive, where as you 
(usually) can tell with Windows.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Possible leaking records in dashboard db

2011-07-12 Thread Patrick

I'm using puppet-dashboard 1.1.0-1 on Ubuntu.  I remove old reports using this 
command:
nice -n +1 rake RAILS_ENV=production reports:prune upto=1 unit=mon

This seems to work fine, and the amount of reports returnd by this mysql query 
seems to drop by the proper amount:
select count(*) from reports;

Right now it returns a value of 12591.  So far so good.

The problem is the resource_statuses statuses table.  Right now I have 63695 
distinct values for report_id as returned by:
select count(*) from (select distinct report_id from 
resource_statuses)as count;
 

Am I missing something?

It seems to me this can be fixed by just making the table cascade on delete, 
though I'll freely admit I have only enough ruby experience to get a little 
ways past Hello World.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Running puppet client on OS X

2011-07-12 Thread Patrick


On Jul 11, 2011, at 7:51 PM, treydock wrote:

 What is the preferred method for running the puppet client in OS X?
 So far all methods I've tried seem to default to running the client as
 the root user.  Should this be changed to run as a puppet user?
 
 Should I explicitly define puppet as the user in puppet.conf?
 
 As a test I ran puppetd --test --debug -v and successfully had it
 check my puppetmaster while the OS X directories (/etc/puppet, /var/
 lib/puppet/*) were owned by root, and it still worked.

Usually the puppet client is run as root because this allows it to change 
things in the system.  For instance, you can't install packages or change most 
files in /etc if you are not root.

You can run the puppet client as a non-root user.  It's just not as common.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Can't switch checksum method?

2011-07-11 Thread Patrick


On Jul 11, 2011, at 12:09 PM, Haitao Jiang wrote:

 I have a File resource and it was default to use md5 checksum. Now, I
 want to change it to use md5lite (or mtime, same error), I got
 following error:
 
 
 Any suggestion on how to get rid of this error (switch the checksum method)?
 
 info: FileBucket got a duplicate file {md5}3dc95fb231fdabbe161d8773e2a10457
 info: /Stage[main]/Emb/File[/opt/jetty-distribution-7.4.2.v20110526.tar.gz]:
 Filebucketed /opt/jetty-distribution-7.4.2.v20110526.tar.gz to puppet
 with sum 3dc95fb231fdabbe161d8773e2a10457
 err: 
 /Stage[main]/Emb/File[/opt/jetty-distribution-7.4.2.v20110526.tar.gz]/content:
 change from {md5lite}a3f7372d40abae273d2680b650ca4715 to
 {md5}3dc95fb231fdabbe161d8773e2a10457 failed: Could not rename
 temporary file /opt/jetty-distribution-7.4.2.v20110526.tar.gz.puppettmp_6384
 to /opt/jetty-distribution-7.4.2.v20110526.tar.gz: File written to
 disk did not match checksum; discarding changes
 ({md5lite}3dc95fb231fdabbe161d8773e2a10457 vs
 {md5lite}a3f7372d40abae273d2680b650ca4715) at
 /etc/puppet/modules/emb/manifests/init.pp:38 at
 /etc/puppet/modules/emb/manifests/init.pp:38

Looks like a Puppet bug to me.  What's the client version?  What's the server 
version?  Since I'm already asking that, do you know if you using Passenger, 
Mongral, or Webrick?

Finally, can you post the File entry from the pp file that's not working?

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Can't switch checksum method?

2011-07-11 Thread Patrick

It talks about mtime in the log, but has md5lite in the manifest.  Is that a 
typo?


On Jul 11, 2011, at 10:03 PM, Haitao Jiang wrote:

 I upgraded Puppet (master/client) to 2.7.1, the issue still there:
 
 Jul 11 21:59:50 vm1 puppet-agent[11641]:
 (/Stage[main]/Emb/File[/opt/jetty/contexts/emb-context.xml]/ensure)
 change from absent to file failed: Could not rename temporary file
 /opt/jetty/contexts/emb-context.xml.puppettmp_5668 to
 /opt/jetty/contexts/emb-context.xml: File written to disk did not
 match checksum; discarding changes ({mtime} vs {mtime}Mon Jul 11
 21:59:50 -0700 2011) at /etc/puppet/modules/emb/manifests/init.pp:78
 at /etc/puppet/modules/emb/manifests/init.pp:78
 
 with
 
 file { /opt/jetty/contexts/emb-context.xml:
ensure = present,
checksum = md5lite,
source = puppet:///emb/emb-context.xml,
mode = 644,
owner = root,
group = root,
}
 
 
 Any help is highly appreciated!
 
 Haitao
 
 On Mon, Jul 11, 2011 at 7:41 PM, Haitao Jiang jianghai...@gmail.com wrote:
 Patrick
 
 Thanks. Related information:
 
 Puppet 2.6.8 for both master and client, Webrick.
 
 
 file { /opt/jetty-distribution-7.4.2.v20110526.tar.gz:
ensure = present,
checksum = md5,
source = puppet:///emb/jetty-distribution-7.4.2.v20110526.tar.gz,
notify = Exec [tar xzf jetty-distribution-7.4.2.v20110526.tar.gz],
}
 
 If I change above to md5lite or mtime etc, they all fail with same
 error. I tried other file resources, same thing. Changing back to md5,
 it will work again.
 
 Maybe I should upgrade to 2.7.1?
 
 Thanks
 
 Haitao
 
 On Mon, Jul 11, 2011 at 6:27 PM, Patrick kc7...@gmail.com wrote:
 
 On Jul 11, 2011, at 12:09 PM, Haitao Jiang wrote:
 
 I have a File resource and it was default to use md5 checksum. Now, I
 want to change it to use md5lite (or mtime, same error), I got
 following error:
 
 
 Any suggestion on how to get rid of this error (switch the checksum 
 method)?
 
 info: FileBucket got a duplicate file {md5}3dc95fb231fdabbe161d8773e2a10457
 info: 
 /Stage[main]/Emb/File[/opt/jetty-distribution-7.4.2.v20110526.tar.gz]:
 Filebucketed /opt/jetty-distribution-7.4.2.v20110526.tar.gz to puppet
 with sum 3dc95fb231fdabbe161d8773e2a10457
 err: 
 /Stage[main]/Emb/File[/opt/jetty-distribution-7.4.2.v20110526.tar.gz]/content:
 change from {md5lite}a3f7372d40abae273d2680b650ca4715 to
 {md5}3dc95fb231fdabbe161d8773e2a10457 failed: Could not rename
 temporary file 
 /opt/jetty-distribution-7.4.2.v20110526.tar.gz.puppettmp_6384
 to /opt/jetty-distribution-7.4.2.v20110526.tar.gz: File written to
 disk did not match checksum; discarding changes
 ({md5lite}3dc95fb231fdabbe161d8773e2a10457 vs
 {md5lite}a3f7372d40abae273d2680b650ca4715) at
 /etc/puppet/modules/emb/manifests/init.pp:38 at
 /etc/puppet/modules/emb/manifests/init.pp:38
 
 Looks like a Puppet bug to me.  What's the client version?  What's the 
 server version?  Since I'm already asking that, do you know if you using 
 Passenger, Mongral, or Webrick?
 
 Finally, can you post the File entry from the pp file that's not working?
 
 --
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to 
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at 
 http://groups.google.com/group/puppet-users?hl=en.
 
 
 
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to 
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at 
 http://groups.google.com/group/puppet-users?hl=en.
 

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Checking for free disk space on mountpoint?

2011-07-11 Thread Patrick


On Jul 11, 2011, at 7:37 PM, Victor Hooi wrote:

 Ken,
 
 Currently, the existing processes we have are quite ad-hoc, and developers 
 are often responsible for deployment, which is done by hand. I'm hoping 
 Puppet will automate the process, provide better standardisation, and 
 segregate development away from deployment/production.
 
 All the things I'm attempting to check for (e.g. disk space, file/directory 
 permissions) are things that somebody currently does manually from the 
 command-line (e.g. using df, touch x in a directory).
 
 I need to to automate it all into Puppet to show that it's a viable option 
 and can replace the manual processes, and then in phase two look at getting 
 things like Nagios (for disk monitoring, or whatever else we have used 
 elsehwere in the organisation for monitoring) up and running in tandem as 
 well.
 
 The disk space needs to be monitored because parts of the application don't 
 handle full disks well and will crash nastily. This is only an issue 
 intra-day. Basically, we spin up the application in the morning, and we know 
 with good certainty the maximum space they'll consume, then the application 
 is killed off at the end of the day. As long as we have more the x bytes 
 available when we install things, we know we'll be fine.
 
 The permissions is something I'd like to ensure when we setup a box - the 
 directory/files are setup for us by sys-admins, and we just want to run some 
 sanity checks to make sure they've set it up properly for us. Currently 
 there's a lot of to-ing and fro-ing to check everythign is setup by the 
 sys-admins correctly, I'd like to simply run-up Puppet, and have it ensure 
 for these things.
 
 So the best way is to write custom facts for all the things we're sanity 
 checking, then just do a ensure- on them, right?

So, here's what I see you doing.  Tell me if I'm confused.


1) You want to do an ensure on permissions to make sure stuff is set right. 
 In general this isn't done with facts.  You just declare it, and puppet makes 
it so.

2) You have resources you don't want to run if there's not enough space 
available.  This can be done by creating a free_disk_space fact and using 
that in an if statement that wraps resources.  Keep in mind that, this being 
unix, there's no drives so if you will probably be checking the amount of 
space on root if you don't think about it.  This might be what you want.  If 
not you can create facts like free_space_var or whatever.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Bizarre errors from puppetmaster 2.7.1

2011-07-10 Thread Patrick


On Jul 9, 2011, at 6:35 PM, Michael Halligan wrote:

 Periodically after restarting the master (which uses puppet-dashboard as a 
 reporting server and ENC), when an agent tries to run, the agent isn't given 
 any classes, and exits without error, then the master spews out this message:
 
 Jul 10 01:32:12 localhost puppet-master[15757]: Compiled catalog for 
 ip-10-36-34-207.ec2.internal in environment --- --- \--- \\\--- 
 \\\--- \\\--- \\\--- 
 \\\--- 
 \\\---
  
 \\\---
  
 \\\---
  
 \\
 
 Any ideas?

There's a Millions of slashes storedconfigs bug.  On the surface this looks a 
little similar.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: puppet master and puppet client running very slow

2011-07-04 Thread Patrick


On Jul 4, 2011, at 6:35 AM, sanjiv.singh wrote:

 
 
 On Jul 4, 6:12 pm, Daniel Maher dma...@milestonelab.com wrote:
 On 07/04/2011 02:46 PM, sanjiv.singh wrote:
 
 hi all,
 I have configured puppet 0.25.4 setup.
 
 since last few days , puppet master and client running very slow .It
 seems puppet client taking soo much time in taking configuration from
 master (compilation manifest ) ,specially for those node(puppet
 client ) for which large manifest class  to be compiled and to be
 deployed .
 
 what can i do to over come this issue ?
 
 What sorts of steps have you already taken in order to investigate the
 problem?  Does the Puppetmaster have enough RAM?  It is otherwise
 overloaded from a system load perspective?  What about those two factors
 on the client(s)?  In other words, have you eliminated all of the
 standard system-based considerations?
 
 If so, I would recommend running the client manually with test and debug
 enabled, and taking a look at the output there.  As well, if it's
 possible, you may wish to do the same for the master daemon - that will
 give you a much better idea of where along the process any potential
 hangs are occurring.
 
 Good luck !
 
 --
 Daniel Maher
 makin' plans now to live on Mars 'cuz I got Earth on lock.
 
 
 
 Hi Daniel,
 I tried  to run puppet client
 /usr/sbin/puppetd --test --debug
 
 
 there are more entries as following :
 .
 .
 .
 .
 debug: file_metadata supports formats: b64_zlib_yaml marshal pson raw
 yaml; using pson
 debug: file_metadata supports formats: b64_zlib_yaml marshal pson raw
 yaml; using pson
 debug: file_metadata supports formats: b64_zlib_yaml marshal pson raw
 yaml; using pson
 
 
 its throwing same entries for long time (in minutes), prior it take
 few seconds to get catalog from server and get deployed.

I'm pretty sure those entries you are looking at are file resources.  In 
general, file resources scale very poorly with webrick.  Even without webrick, 
they still tend to perform poorly.

My advice:
Stop using webrick
Take a look at recuse=remote if you use recursive file copies a lot
Make sure you're not swapping and that you have enough ram
Consider copying big files or directories with a lot of files with a package or 
tar+wget.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Permission denied on new Passenger install

2011-06-27 Thread Patrick

I see 2 likely options:
1) You don't have these lines in puppet.conf:
#ssl_client_header = HTTP_SSL_CLIENT_S_DN
#ssl_client_verify_header = HTTP_SSL_CLIENT_VERIFY

and you didn't put the equivelent lines in the apache config files.

2) You put the correct lines in the apache files and the puppet files which 
doesn't work.

Summery: You must change which headers puppet is looking for or what apache 
names those headers, but NOT both.

On Jun 27, 2011, at 12:11 AM, Stefan Midjich wrote:

 I installed puppet-passenger from Debian apt and most of the
 configuration files mentioned in my Pro Puppet book were already
 created and the config.ru script even had the correct owner
 permissions. I'm saying this so you'll understand that I have chapter
 4 of the famous Apress book in front of me while I'm doing this and I
 have no idea what I've missed.
 
 This is the output when puppet agent -oDdv is run.
 
Jun 27 08:55:28 node00 puppet-agent[9861]:
 Puppet::Type::User::ProviderPw: file pw does not exist
Jun 27 08:55:28 node00 puppet-agent[9861]:
 Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dscl does
 not exist
Jun 27 08:55:28 node00 puppet-agent[9861]:
 Puppet::Type::User::ProviderUser_role_add: file rolemod does not exist
Jun 27 08:55:28 node00 puppet-agent[9861]:
 Puppet::Type::User::ProviderLdap: true value when expecting false
Jun 27 08:55:28 node00 puppet-agent[9861]: Failed to load library
 'selinux' for feature 'selinux'
Jun 27 08:55:28 node00 puppet-agent[9861]:
 Puppet::Type::File::ProviderMicrosoft_windows: feature
 microsoft_windows is missing
Jun 27 08:55:28 node00 puppet-agent[9861]: (/File[/var/lib/puppet/
 ssl/certificate_requests]) Autorequiring File[/var/lib/puppet/ssl]
Jun 27 08:55:28 node00 puppet-agent[9861]: (/File[/var/lib/puppet/
 ssl/private_keys]) Autorequiring File[/var/lib/puppet/ssl]
Jun 27 08:55:28 node00 puppet-agent[9861]: (/File[/var/lib/puppet/
 ssl/public_keys]) Autorequiring File[/var/lib/puppet/ssl]
Jun 27 08:55:28 node00 puppet-agent[9861]: (/File[/var/lib/puppet/
 log]) Autorequiring File[/var/lib/puppet]
Jun 27 08:55:28 node00 puppet-agent[9861]: (/File[/var/run/puppet/
 agent.pid]) Autorequiring File[/var/run/puppet]
Jun 27 08:55:28 node00 puppet-agent[9861]: (/File[/var/lib/puppet/
 ssl]) Autorequiring File[/var/lib/puppet]
Jun 27 08:55:28 node00 puppet-agent[9861]: (/File[/var/lib/puppet/
 ssl/certs/ca.pem]) Autorequiring File[/var/lib/puppet/ssl/certs]
Jun 27 08:55:28 node00 puppet-agent[9861]: (/File[/var/lib/puppet/
 client_data]) Autorequiring File[/var/lib/puppet]
Jun 27 08:55:28 node00 puppet-agent[9861]: (/File[/var/lib/puppet/
 client_yaml]) Autorequiring File[/var/lib/puppet]
Jun 27 08:55:28 node00 puppet-agent[9861]: (/File[/var/lib/puppet/
 ssl/crl.pem]) Autorequiring File[/var/lib/puppet/ssl]
Jun 27 08:55:28 node00 puppet-agent[9861]: (/File[/var/lib/puppet/
 state]) Autorequiring File[/var/lib/puppet]
Jun 27 08:55:28 node00 puppet-agent[9861]: (/File[/var/lib/puppet/
 ssl/certs]) Autorequiring File[/var/lib/puppet/ssl]
Jun 27 08:55:28 node00 puppet-agent[9861]: (/File[/var/lib/puppet/
 state/graphs]) Autorequiring File[/var/lib/puppet/state]
Jun 27 08:55:28 node00 puppet-agent[9861]: (/File[/var/lib/puppet/
 clientbucket]) Autorequiring File[/var/lib/puppet]
Jun 27 08:55:28 node00 puppet-agent[9861]: (/File[/var/lib/puppet/
 state/last_run_summary.yaml]) Autorequiring File[/var/lib/puppet/
 state]
Jun 27 08:55:28 node00 puppet-agent[9861]: (/File[/var/lib/puppet/
 ssl/private]) Autorequiring File[/var/lib/puppet/ssl]
Jun 27 08:55:28 node00 puppet-agent[9861]: (/File[/var/lib/puppet/
 facts]) Autorequiring File[/var/lib/puppet]
Jun 27 08:55:28 node00 puppet-agent[9861]: (/File[/var/lib/puppet/
 lib]) Autorequiring File[/var/lib/puppet]
Jun 27 08:55:28 node00 puppet-agent[9861]: (/File[/etc/puppet/
 puppet.conf]) Autorequiring File[/etc/puppet]
Jun 27 08:55:28 node00 puppet-agent[9861]: Finishing transaction
 69835232135480
Jun 27 08:55:28 node00 puppet-agent[9861]: (/File[/var/lib/puppet/
 ssl/certs]) Autorequiring File[/var/lib/puppet/ssl]
Jun 27 08:55:28 node00 puppet-agent[9861]: (/File[/var/lib/puppet/
 ssl]) Autorequiring File[/var/lib/puppet]
Jun 27 08:55:28 node00 puppet-agent[9861]: (/File[/var/lib/puppet/
 ssl/crl.pem]) Autorequiring File[/var/lib/puppet/ssl]
Jun 27 08:55:28 node00 puppet-agent[9861]: (/File[/var/lib/puppet/
 ssl/certificate_requests]) Autorequiring File[/var/lib/puppet/ssl]
Jun 27 08:55:28 node00 puppet-agent[9861]: (/File[/var/lib/puppet/
 log]) Autorequiring File[/var/lib/puppet]
Jun 27 08:55:28 node00 puppet-agent[9861]: (/File[/var/lib/puppet/
 lib]) Autorequiring File[/var/lib/puppet]
Jun 27 08:55:28 node00 puppet-agent[9861]: (/File[/var/lib/puppet/
 facts]) Autorequiring File[/var/lib/puppet]
Jun 27 08:55:28 node00 puppet-agent[9861]: (/File[/var/lib/puppet/
 state])

Re: [Puppet Users] Module in maintenance mode

2011-06-21 Thread Patrick


On Jun 21, 2011, at 5:04 PM, Douglas Garstang wrote:

 All,
 
 I have a module that I would like to set a variable for, and then if that is 
 variable is set, consider the module (which deploys software), in 
 'maintenance mode', where it drops out of the module, and moves into the next 
 module, kind of like a return function. Can puppet do that? I don't want to 
 use fail() as it stops ALL puppet processing.

Well, this Pesudo-code should work:



init.pp
class my_module {

$module_is_enabled = true

if( $module_is_enabled ) {
include my_module::content
}

}

content.pp:
class my_module::content {

Put real content here
}

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Could not find a default provider for package

2011-06-19 Thread Patrick Mohr

On Sat, Jun 18, 2011 at 6:24 PM, d0ugb d0u...@gmail.com wrote:

 Need some help here. I am using puppet to mange some Gentoo boxes, and
 when working with packages I keep getting the following error:

 Could not find a default provider for package

 Version:

 *  app-admin/puppet
  Latest version available: 0.25.0-r1
  Latest version installed: 0.25.0-r1
  Size of files: 592 kB
  Homepage:  http://reductivelabs.com/projects/puppet
  Description:   A system automation and configuration management
 software
  License:   GPL-2


1) I really recommend avoiding versions of puppet whos versions end with a
.0 if you want a stable version.

2) This error means that puppet can't decide which provider to use for
installing.  In the case of Ubuntu, this would be Apt.

3) Look at the type reference
http://docs.puppetlabs.com/references/0.25.0/type.html#package and find the
section talking about provider.  One of them should mention the comment
you use for launching the package manager.  (probably the one mentioning
emerge)

4) It says catagory is read-only, so remove that.

5) I think name isn't needed.  After your manifest is working, try
removing that.

6) You might want to try to figure out why it didn't get the right provider.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Facter + storeconfigs missing fact_values

2011-06-19 Thread Patrick Mohr

Well, it would help if you can find out if the problem is with storeconfigs
of the rest of puppet.  Does the fact seem to be affecting the manifest?

On Sun, Jun 19, 2011 at 7:48 PM, josbal joshua.bald...@gmail.com wrote:

 Hi Guys,

 Was wondering if someone could point me in a way to diagnose my issue.

 I have a custom fact that i deployed on all my nodes. If i run the
 fact manually i get results as expected. When puppet runs only 5 or so
 nodes are storing this particular fact in the storeconfig mysql
 database. All other facts are storing fine for every node. As running
 the fact manually works on every node, i don't know why this fact for
 most nodes isn't populating in the database.

 Any ideas on how i could see what is happening within the puppet/
 facter processing?

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.



-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Catalog compilation query

2011-06-17 Thread Patrick


On Jun 17, 2011, at 5:16 AM, linuxbsdfreak wrote:

 Hello All,
 
 Just had a query regarding catalog compiliation for nodes.
 
 When i compile the catalog on the puppetmaster with the command given
 below
 
 puppet master --compile hostname
 
 When the client connects to puppetmaster. Does the client take the
 compile catalog created above?


No
 Or does the puppetmaster recompile the
 catalog for that host?.

Yes

 Also is there a way that the client connects to the puppetmaster and
 applies the pre-compiled catalog?.

Only if you do something special like pull the catalog using wget and then 
apply it from the client.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] puppet dashboard

2011-06-16 Thread Patrick


On Jun 14, 2011, at 11:56 AM, Craig White wrote:

 I am using Ubuntu 10.04 and ruby-enterprise (not ubuntu ruby) and installed 
 puppet via gem.
 
 How can I install puppet-dashboard if I don't see a gem available and if I 
 use the ubuntu package, i get the whole slop of ruby packages sucked in 
 (which i am trying to avoid)?

Frankly, I just let it install the packages because they won't do any harm.  
(I'm assuming you only use ruby for puppet)

Here's how I got dashboard working: (Partly pesudo-code and I might be 
forgetting a step or two)


get ruby-enterprise-1.8.7-2011.03.tar.gz
untar and install ruby-enterprise-1.8.7-2011.03

install puppet-dashboard from the repository

put this file in /etc/apache2/mods-avaliable/passengeree.load:
LoadModule passenger_module 
/opt/ruby-enterprise-1.8.7-2010.02/lib/ruby/gems/1.8/gems/passenger-2.2.15/ext/apache2/mod_passenger.so
PassengerRoot 
/opt/ruby-enterprise-1.8.7-2010.02/lib/ruby/gems/1.8/gems/passenger-2.2.15
PassengerRuby /opt/ruby-enterprise-1.8.7-2010.02/bin/ruby

a2dismod ruby
a2dismod passenger
a2enmod passengeree

/etc/apache2/sites-enabled/puppet-dashboard:
# Based on http://projects.puppetlabs.com/projects/1/wiki/Using_Passenger
Listen 3000
VirtualHost *:3000

# Passenger options that can be set in a virtual host
# configuration block.
PassengerHighPerformance on
PassengerStatThrottleRate 120
PassengerMaxPoolSize 3
PassengerPoolIdleTime 300
PassengerUseGlobalQueue on
RailsAutoDetect On
RailsEnv production

DocumentRoot /usr/share/puppet-dashboard/public/
Directory /usr/share/puppet-dashboard/public/
Options None
AllowOverride AuthConfig
Order allow,deny
allow from all
/Directory
ErrorLog /var/log/apache2/puppet-dashboard_error.log
LogLevel warn
CustomLog /var/log/apache2/puppet-dashboard_access.log combined


/etc/mysql/conf.d/innodb_file_per_table.cnf:
#Without this isn't almost impossible to reclaim space from dashboard when 
reports are removed
[mysqld]
innodb_file_per_table=true

service mysql restart

cd /usr/share/puppet-dashboard/
Run the proper rake task to create and populate the DBs

service apache2 restart

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: how to do conditional check?

2011-06-14 Thread Patrick


On Jun 13, 2011, at 5:00 PM, Sans wrote:

 Well, the file I mention is actually one of the Torque (formerly PBS
 batch system) config file (location: /var/torque/mom_priv/config),
 which is auto generated by yaim but the thing is: if the file is
 already there yaim won't touch it. Let's just say that I don't want
 yaim to create this file (it messes it up very often and ended up with
 wrong value) but wanna make sure that the file is in correct shape,
 otherwise jobs won't run properly. On the other hand, that file
 doesn't mean anything at all, if Torque is not install in the first
 place. That's why I want to put that check in. Cheers!!
 

1) Why not use puppet to decide if Torque should be installed in the first 
place?  Then you can use that logic to decide if the file should be created/put 
in place?
2) Does is matter if you create the file if the package isn't installed?

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] how to do conditional check?

2011-06-10 Thread Patrick


On Jun 10, 2011, at 4:10 PM, Sans wrote:

 Dear all,
 
 This is my script in the bash: how can I put it into  puppet?
 
 #!/usr/bin/env bash
 
 CONF_DIR=/var/mom_priv
 CPU_COUNT=`cat /proc/cpuinfo | grep siblings | uniq | cut -d\  -f2`
 
 ideal_load_var=$(echo scale=2; ${CPU_COUNT}+0.5 | bc)
 max_load_var=$(echo scale=2; ${CPU_COUNT}*1.2 | bc)
 
 if [ -d ${CONF_DIR} ]; then
 cat  EOF  ${CONF_DIR}/config
 \$ideal_load ${ideal_load_var}
 \$max_load ${max_load_var}
 EOF
 fi
 
 All I wann do is: Get the CPU_COUNT and then if  CONF_DIR exists, make sure  
 $CONF_DIR/config is present with the above lines. How should I write that 
 for puppet? Cheers!!

I don't have a lot of time, but I can get you started.

Puppet way:
1) Create a File resource that creates the config directory.

2) Run facter at the command line and look for the name of the variable that 
tells how many processors the computer has.  That variable will exist when the 
catalog is compiled as a variable.

3) Use a template with File to create your config file.


Quicker way: (Not reccomended)
1) Copy that script to the computer using File.
2) Run the script using Exec.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] how do I tell puppet do nothing if the condition is true

2011-06-08 Thread Patrick


On Jun 8, 2011, at 11:01 AM, hyzhang wrote:

 Hi,
 
 I have a piece of puppet code. I want puppet do nothing if it is true.
 How do I do that? Of course this code would not code.
 
 exec { 'runlevel':
command = $is_virtual ? {
'false' = /bin/sed -i 's/id:3:initdefault:/id:
 5:initdefault:/' /etc/inittab,
'true'  = 'tell puppet do nothing',
},
}

Also, so it doesn't run every time, consider putting a grep whatever as a run 
condition.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Changes on master applied only on second run on nodes

2011-06-07 Thread Patrick


On Jun 7, 2011, at 12:19 AM, Maxim Ivanov wrote:

 Hi!
 If I change manifest on master and then immediately run puppet agent
 --no-daemonize --report --pluginsync --onetime then it still uses old
 version of manifest. When I run it second time it sees changes and
 applies them.
 
 Why is it like that?

I'm assuming you're using Passenger.  If so, that bug is on file.  I'm hoping 
it'll be fixed soon.

 Is it intended to be so?

No

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: backup files whith bad arborescence

2011-06-06 Thread Patrick


On Jun 6, 2011, at 12:27 AM, florian wrote:

 On 3 juin, 17:26, Patrick kc7...@gmail.com wrote:
 
 Out of curiosity, why do you care?
 
 i think it damage  to keep this arborescence with many intermediate
 file.

Do you mean you think it is bad to keep the file structure like this?  If so, I 
still ask why.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: backup files whith bad arborescence

2011-06-06 Thread Patrick

The easiest way I can think of is using your favorite find program.  I would 
assume that the unix find program will do this for you.

On Jun 6, 2011, at 5:27 AM, florian wrote:

 If i dont change this arborescence, how I can find a backup at
 specific date ?
 
 Think
 
 On 3 juin, 17:26, Patrick kc7...@gmail.com wrote:
 On Jun 3, 2011, at 8:12 AM, florian wrote:
 
 But it's possible to avoid this arborescence ? even if i lose in
 performance ?
 
 My understanding is that the answer is mo because you're not even supposed 
 to be using those files directly, so it shouldn't matter.  You should be 
 using the file bucket through puppet instead.
 
 Out of curiosity, why do you care?

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Pushing changes to nodes

2011-06-05 Thread Patrick


On Jun 5, 2011, at 4:48 AM, Pavel Shevaev wrote:

 Hi!
 
 I've finally managed to migrate our servers deployment process to the
 puppet and so far it works just fine. Puppet is great, but its default
 pull model doesn't fit our requirements. I'm thinking about usage of
 clusterssh(or something similar) in order to trigger the following
 command on the nodes:
 
 sudo puppet agent --no-daemonize --verbose --onetime
 
 In our setup puppet agent is not running as a service on the nodes.
 
 I think it would be really nice to have this feature available in the
 future versions of puppet, e.g:
 
 #puppet push
 
 What do you think?

As someone said, you can use something like mcollective to do it, or a 
distributed ssh program.  What would you want in puppet, since I think you are 
saying you don't want puppet running as a service?

If it's not running as a service, it can't be listening for a network 
connection right?

Are you aware of puppet kick?

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: backup files whith bad arborescence

2011-06-03 Thread Patrick


On Jun 3, 2011, at 8:12 AM, florian wrote:

 But it's possible to avoid this arborescence ? even if i lose in
 performance ?

My understanding is that the answer is mo because you're not even supposed to 
be using those files directly, so it shouldn't matter.  You should be using the 
file bucket through puppet instead.

Out of curiosity, why do you care?

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] [SOLVED] line replace triggers file reload

2011-06-02 Thread Patrick Mohr

On Wed, Jun 1, 2011 at 11:22 PM, Giovanni Bordello g...@gentlemail.comwrote:

  Sorted, I've done it using a template:

 search %= dns_search_path %
 nameserver ...
 nameserver ...

 That way the file is (presumably?) created on the master and looks constant
 to the client.


To answer your implicit question.  The file is generated on the master and
embedded in the catalog.  Then the catalog is send to the client.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Certificate problems

2011-06-02 Thread Patrick


On Jun 2, 2011, at 9:32 AM, John Kennedy wrote:

 Replies inline
 
 On Wed, Jun 1, 2011 at 17:55, Patrick kc7...@gmail.com wrote:
 
 On Jun 1, 2011, at 8:05 AM, John Kennedy wrote:
 
 I have several servers being hosted on Amazon Web Services. They have all 
 been build from the same manifest so apart from the hostnames, IP, etc they 
 are all identical.
 
 All but 3 of the boxes can connect to the puppetmaster. When kicked from the 
 puppetmaster two give:
 Host host.example.com failed: Connection refused - connect(2)
 
 one gives:
 
 Host host.example.com failed: SSL_connect returned=1 errno=0 state=SSLv3 
 read server certificate B: certificate verify failed
 
 All then give an exit code of 2
 
 I have deleted /etc/puppet/ssl on the node and revoked the certs on the 
 puppet master (puppetca -c host.example.com) with the same results on all 3 
 boxes.
 
 I know it is not my laptop's fault but I am about to throw it out the 
 window...
 
 Please save the poor thing and give me a hint as to what else I can do...
 
 Thanks,
 
 What version of puppet is running on the clients?  What version on the server?
 
 Client is 2.6.7
 Server is 2.6.4
 
 
 Did you forget listen=true on the ones that say connection refused?
 
 No They are all the same... 
 
 
 Is host.example.com the master or the client you're kicking?
 
 host.example.com is the client I am trying to kick 
 
 
 On the client and the server, try this command:
 md5sum /var/lib/puppet/ssl/ca/ca_crt.pem 
 
 On the server try this command:
 md5sum /var/lib/puppet/ssl/certs/ca.pem
 
 Do all 3 certs match?
 None of the files exist. (our puppet config files are in /etc)

Hmm.  I'd guess puppet's storing the ssl config in a different location from 
where puppet stores them on my system.

To get the of those files for you run as root:
puppetd --genconfig | grep 'localcacert = '  on the client to find the 
client's ssl cert location.

CA's cert path (run as root):
puppet master --genconfig | grep ' cacert = '


Then check if the md5sums of those files match between the server and the 
client that gives the SSL Verify error.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Open Source Team planning meeting summary

2011-06-01 Thread Patrick


On May 31, 2011, at 9:01 PM, Alan Sparks wrote:

 On 5/31/2011 9:07 PM, Jacob Helwig wrote:
 On Tue, 31 May 2011 20:56:47 -0600, Alan Sparks wrote:
 
 On Tue, May 31, 2011 at 5:08 PM, Jacob Helwig ja...@puppetlabs.com
 mailto:ja...@puppetlabs.com wrote:
 
Just a quick reminder that we're going to have our planning meeting
tomorrow.  If you'd like to influence what we end up prioritizing for
ourselves for the coming week, please speak up.
 
 
 Apologize for not having a bug number for this, but I recall that
 web-of-trust (intermediate CAs) did not work with Puppet as is.  If
 that's true, that's a long-standing one I'd like to see fixed...
 -Alan
 
 
 I think you're talking about #3143.
 
 http://projects.puppetlabs.com/issues/3143
 
 
 Looks right... we need that where I work, is a killer if that has to
 wait for a 2.7ish.mumble release...
 -Alan

I hope this gets resolved too, but the bug ticket says it was pushed to 2.8.x

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Certificate problems

2011-06-01 Thread Patrick


On Jun 1, 2011, at 8:05 AM, John Kennedy wrote:

 I have several servers being hosted on Amazon Web Services. They have all 
 been build from the same manifest so apart from the hostnames, IP, etc they 
 are all identical.
 
 All but 3 of the boxes can connect to the puppetmaster. When kicked from the 
 puppetmaster two give:
 Host host.example.com failed: Connection refused - connect(2)
 
 one gives:
 
 Host host.example.com failed: SSL_connect returned=1 errno=0 state=SSLv3 read 
 server certificate B: certificate verify failed
 
 All then give an exit code of 2
 
 I have deleted /etc/puppet/ssl on the node and revoked the certs on the 
 puppet master (puppetca -c host.example.com) with the same results on all 3 
 boxes.
 
 I know it is not my laptop's fault but I am about to throw it out the 
 window...
 
 Please save the poor thing and give me a hint as to what else I can do...
 
 Thanks,

What version of puppet is running on the clients?  What version on the server?



Did you forget listen=true on the ones that say connection refused?



Is host.example.com the master or the client you're kicking?



On the client and the server, try this command:
md5sum /var/lib/puppet/ssl/ca/ca_crt.pem 

On the server try this command:
md5sum /var/lib/puppet/ssl/certs/ca.pem

Do all 3 certs match?

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet 2.6.8 agent slow execution

2011-06-01 Thread Patrick


On Jun 1, 2011, at 7:04 AM, pachanga wrote:

 Hi!
 
 I'm incrementally developing puppet rules on the master server and
 applying them to the testing machine. For some reason puppet agent
 applies changes from the master very slowly, about 3 minutes every
 time. At this speed it's very tiresome to test the new rules...
 
 I'm running puppet agent as follows:
 
 #puppet agent --no-daemonize --verbose --onetime --summarize --debug --
 trace
 
 Here is what it shows in the end:
 
 Changes:
 Events:
 Resources:
Total: 46
 Time:
   Filebucket: 0.00
 Exec: 0.00
 Schedule: 0.00
   Ssh authorized key: 0.00
Group: 0.00
  Package: 0.00
 User: 0.01
  Service: 0.07
   Config retrieval: 12.25
 Last run: 1306935632
 File: 84.25
Total: 96.58
 
 During the run most of the time is spent in the following phases:
 
 
 info: Applying configuration version '1306935546'
 debug: file_metadata supports formats: b64_zlib_yaml marshal pson raw
 yaml; using pson
 debug: file_metadata supports formats: b64_zlib_yaml marshal pson raw
 yaml; using pson
 debug: file_metadata supports formats: b64_zlib_yaml marshal pson raw
 yaml; using pson
 debug: file_metadata supports formats: b64_zlib_yaml marshal pson raw
 yaml; using pson
 debug: file_metadata supports formats: b64_zlib_yaml marshal pson raw
 yaml; using pson
 debug: Service[sshd](provider=redhat): Executing '/sbin/service sshd
 status'
 debug: Puppet::Type::Service::ProviderRedhat: Executing '/sbin/
 chkconfig sshd'
 debug: file_metadata supports formats: b64_zlib_yaml marshal pson raw
 yaml; using pson
 debug: file_metadata supports formats: b64_zlib_yaml marshal pson raw
 yaml; using pson
 debug: file_metadata supports formats: b64_zlib_yaml marshal pson raw
 yaml; using pson
 debug: Finishing transaction 23816162721700
 
 Any ideas why this can be happening? Thanks.

This probably means you are doing one of these (all of which are slow):
1) Using File for big file(s)
2) Using File with recurse=true to deploy lots of little files.
3) Using File with recurse=true to deploy into a directory with lots of 
little files, even though you are only deploying very few.  ( purge=fasle )
4) Using File over a connection with high ping.

Of course, combining more than one is even worse.

Mitigations for 1 or 2:
1) Put your files in a package and let your package manager of choice handle it 
for you.
2) Use rsync with a cron job or rsync with an exec

Mitigation for 3:
1) Try recurse=remote.

Mitigation for 4:
1) If the combined size of the files are small, you can try using content 
instead of source for the files.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet 2.6.8 agent slow execution

2011-06-01 Thread Patrick


On Jun 1, 2011, at 1:30 PM, Jacob Helwig wrote:

 On Wed, 01 Jun 2011 23:58:24 +0400, Pavel Shevaev wrote:
 
 Mitigation for 4:
 1) If the combined size of the files are small, you can try using content
 instead of source for the files.
 
 Wow, that did the trick Thanks a lot! Deployment time is now 10-12
 seconds. I'm a puppet newbie and don't quite understand why it worked
 but it's great :)
 
 
 So, the big difference there is that by using 'content', the file
 contents are shipped down to the agent as part of the catalog.
 
 With 'source', the agent will have to make a new HTTP request per file
 to get the content when it attempts to manage the resource.
 
 You end up saving a potentially large number of HTTP round-trips, which
 adds up.

So, to expand on this, the reason why the files need to be small is because 
all the files's contents get sent every run, instead of the normal puppet 
module that just sends the checksum and asks for the file if the checksum 
doesn't match.  (As a trivial example, the file's checksum won't match if the 
file is empty or doesn't exist.)

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

1 2 3 4 5 6 7 >

1 - 100 of 605 matches

Mail list logo