[Puppet Users] help dependency packages
Hi,
Which option do I use to force installation of dependencies of a package?
Made as follows, but appears me an error:
CONF
package {"bacula-common":
Ensure => installed,
force => true,
}
ERROR
puppet agent - test
Info: Retrieving plugin
Info: Loading facts in / var / lib / puppet / lib / facter / facter_dot_d.rb
Info: Loading facts in / var / lib / puppet / lib / facter / pe_version.rb
Info: Loading facts in / var / lib / puppet / lib / facter / root_home.rb
Info: Loading facts in / var / lib / puppet / lib / facter /
puppet_vardir.rb
Error: Could not retrieve catalog from remote server: Error 400 on SERVER:
Invalid parameter force at / etc / puppet / modules / bacula-server /
manifests / init.pp: 10 on node srvbkp.teclinux.com
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
What can be this error?
--
Att,
Rafael Tomelin
Tel.: 51-84104084
Skype: rafael.tomelin
LPI ID: LPI000191271
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAGEUqbD8NWgHPipkWv6opZO0jF3WqVSDp9abiONDh9hdG%3DS8Mg%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Hiera user account info
OK. Now that I have had a chance to look at the torrancew/account module, I
can make some (I hope) helpful suggestions:
My own user-account class implementation (class users) is very similar with the
following exceptions:
I have a base-user-account defined type that creates users.
I use it two ways: one way for basic users, and a second way for sysadmin users
(adding group “wheel”)
Each of these are called up like this:
$admin_accounts = hiera_hash ('sysadmin', false)
if $admin_accounts {
create_resources ( users::useraccount, $admin_accounts )
}
$developer_accounts = hiera_hash (‘developers', false)
if $admin_accounts {
create_resources ( users::useraccount, $developer_accounts )
}
Part of the “magic” of my design is one of the default values for the defined
type:
define users::useraccount (
$username= $name,
...
$ensure = absent,
)
Now for the hiera :
Here’s my /etc/puppet/hiera.yaml (simplified a bit):
---
:hierarchy:
- %{fqdn}/%{module_name}
- %{module_name}
- %{fqdn}
- common
:backends:
- yaml
:yaml:
:datadir: '/etc/puppet/hieradata'
:merge_behavior: deeper
# vim: ft=yaml:sts=2:sw=2:et
So it works like this:
In /etc/puppet/hieradata/users.yaml, I define all the users for the entire
network
——-
#
# set “ensure: present” for sysadmins because they need a login on all systems
#
sysadmin:
smithj:
uid : 5001
comment : Smith, Joe, x1234
groups :
- wheel
ensure : present
jonesf:
uid : 5002
comment : Jones, Fred, x2345
groups :
- wheel
ensure : present
#
# All we need here is name, uid, and comment-info
#
developers:
smitht:
uid : 6001
comment : Smith, Tom, x2234
jonesc:
uid : 6002
comment : Jones, Cynthia, x9345
Now for the “deep” magic: /etc/puppet/hieradata/host1.example.com/users.yaml, I
specify the non-admin users who need a login:
——-
developers:
smitht:
ensure : present
groups :
- webdev
The neat thing is that you can add host-specifics to the user account - like
extra groups
Does that help ?
This is about a quarter of the tricks I came up with in my users module.
Other junk includes :
role accounts and restricted ssh logins (“from” and “command” options in the
${role_account_home}/.ssh/authorized_keys file)
A way to keep the ssh keys out of the hiera-data to keep the files human
readable
This is my response to the "Unpleasant puppetlabs experience” Thread. I am
happy to share what I have tinkered together.
On Dec 6, 2013, at 5:23 PM, Guy Knights wrote:
> We're working on implementing hiera with our puppet 3 setup, and I'm curious
> if the following is achievable. Currently, we manage each user account within
> a class that realises a defined resource that creates the user, groups, etc
> (for the record, we use the torrancew/account module). We then have classes
> called groups:: where we pull in all the user classes we want in
> a specific manifest.
>
> What I would like to do is move all the user info into hiera, and thus move
> from 'groups' as we currently define them, to user accounts created according
> to their position in the hierarchy. Unfortunately, I'm having trouble working
> out how to do this. I could set up a hash within hiera and then use the
> account module to create users from this hash, but I don't think it's
> possible to create a batch of resources with differing attributes (primarily
> the ssh key, but possibly others) using one resource.
>
> I don't really want to have to pull all the resource setup out of the account
> module since it makes things simpler for us, is there any other way to get
> the result I'm after?
>
> Thanks,
> Guy
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/5121DC45-940E-475A-98CC-4E36B948BD48%40comcast.net.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: Unable to specify hierarchy for data-in-modules
hello, I will be releasing a module on the forge with this functionality, but need some early testers as I do not currently have a varied environment to test against. Those interested please contact me off list or if you're brave just download the ripienaar/module_data module into your manifests, it auto activates and needs no config. Though this is 0.0.1 release no doubt will kill your kitten. - Original Message - > From: "chengkai liang" > To: puppet-users@googlegroups.com > Sent: Friday, December 6, 2013 6:25:06 PM > Subject: Re: [Puppet Users] Re: Unable to specify hierarchy for > data-in-modules > > It is nice to mention this here. > > Thanks, > -Chengkai > > > On Thu, Dec 5, 2013 at 6:18 PM, Henrik Lindberg < > henrik.lindb...@cloudsmith.com> wrote: > > > On 2013-06-12 1:30, chengkai liang wrote: > > > >> Well, I can execute this with for individual module via *puppet apply > >> --binder true ...* I haven't been able to do this successfully on my > >> > >> vagrant box. I found out that vagrant use --detailed-exitcode option > >> with puppet apply, which interfere with *--binder true* option. I have > >> to set*binder true* in puppet.conf. Yet I don't have time to try that > >> yet. > >> > >> > >> > >> On Sat, Nov 30, 2013 at 11:03 AM, Steven Jonthen > >> mailto:coffeejunkeyst...@gmail.com>> wrote: > >> > > > > Please be aware that we decided to not move ahead with the "data in > > modules" implementation based on the experimental implementation that is > > turned on with --binder=true option. > > > > We found several things - there was way too much complexity being exposed > > to users, the first implementation missed support for some typical use > > cases, and the entire domain of "providing data to modules" turned out to > > be an exchange of one problem for another in several cases. > > > > Meanwhile, if you are brave, and want to experiment. You probably want my > > branches with simplifications and additional support for private data. If > > for nothing else to gain some experience regarding some of the issues. > > (Since we decided not to move ahead, these additions & changes will not be > > merged into the puppet code base, and the behavior now available via > > --binder will be removed - we have not quite yet figured out what it will > > be replaced by though). > > > > Regards > > - henrik > > > > > > -- > > You received this message because you are subscribed to a topic in the > > Google Groups "Puppet Users" group. > > To unsubscribe from this topic, visit https://groups.google.com/d/ > > topic/puppet-users/Z_6ehvPEm98/unsubscribe. > > To unsubscribe from this group and all its topics, send an email to > > puppet-users+unsubscr...@googlegroups.com. > > To view this discussion on the web visit https://groups.google.com/d/ > > msgid/puppet-users/l7rc5f%24jbs%241%40ger.gmane.org. > > > > For more options, visit https://groups.google.com/groups/opt_out. > > > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/CANTbHr8NTCAspOEm9gT1xTtYOBBe_k4w_fK92foht1heikhjXA%40mail.gmail.com. > For more options, visit https://groups.google.com/groups/opt_out. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/1021960233.953.1386370777066.JavaMail.zimbra%40devco.net. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Hiera user account info
We're working on implementing hiera with our puppet 3 setup, and I'm curious if the following is achievable. Currently, we manage each user account within a class that realises a defined resource that creates the user, groups, etc (for the record, we use the torrancew/account module). We then have classes called groups:: where we pull in all the user classes we want in a specific manifest. What I would like to do is move all the user info into hiera, and thus move from 'groups' as we currently define them, to user accounts created according to their position in the hierarchy. Unfortunately, I'm having trouble working out how to do this. I could set up a hash within hiera and then use the account module to create users from this hash, but I don't think it's possible to create a batch of resources with differing attributes (primarily the ssh key, but possibly others) using one resource. I don't really want to have to pull all the resource setup out of the account module since it makes things simpler for us, is there any other way to get the result I'm after? Thanks, Guy -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/8e5cfb5e-9146-4c7d-8079-68075f8cbaa1%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Automatic Agent installation from dashboard?
Take a look at this as well - https://github.com/hashicorp/puppet-bootstrap On Fri, Dec 6, 2013 at 1:53 PM, Juan Sierra Pons wrote: > Hi, > > AFAIK not from the dashboard but you can launch remote commands to the > servers to install the puppet client and launch puppet agent --test to > ask the puppetmaster for a signed certificate. > > Create a file named RemoteCommands.txt with the following content : > (This is for Debian and puppet community, Adapt to your OS flavor and > puppet version) > > wget http://apt.puppetlabs.com/puppetlabs-release-wheezy.deb && \ > dpkg -i puppetlabs-release-wheezy.deb && rm -f > puppetlabs-release-wheezy.deb \ > apt-get update && apt-get -y install puppet > update-alternatives --set ruby /usr/bin/ruby1.8 > puppet agent --test > > Launch this one for each server > ssh root@remoteserver1 /bin/bash < RemoteCommands.txt > > For windows I suppose that similar can be done using powershell. > > Hope it helps. > > Best regards > > > -- > Juan Sierra Pons j...@elsotanillo.net > Linux User Registered: #257202 http://www.elsotanillo.net > GPG key = 0xA110F4FE > Key Fingerprint = DF53 7415 0936 244E 9B00 6E66 E934 3406 A110 F4FE > > -- > > > 2013/12/6 Deep : > > Hi, > > > > Is there an option in puppet to automatically install agent in an > unmanaged > > node in the network from the dashboard? > > > > eg: I have a network of windows and linux servers which doesn't have the > > puppet agent installed. Is it possible to push the agent from puppet > server > > to these unmanaged nodes by specifying hostname/IP address or some other > > parameters? > > > > -- > > You received this message because you are subscribed to the Google Groups > > "Puppet Users" group. > > To unsubscribe from this group and stop receiving emails from it, send an > > email to puppet-users+unsubscr...@googlegroups.com. > > To view this discussion on the web visit > > > https://groups.google.com/d/msgid/puppet-users/68e31847-0cd2-4870-a1f0-53fe9f0d3aee%40googlegroups.com > . > > For more options, visit https://groups.google.com/groups/opt_out. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9um6byB-fzPyTToL_OL9XoRFSPcLWOYg%3D75x%2B%3Dr8JQ5JA%40mail.gmail.com > . > For more options, visit https://groups.google.com/groups/opt_out. > -- Rob Reynolds Developer, Puppet Labs Join us at PuppetConf 2014, September 23-24 in San Francisco -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAMJiBK48xzcKaxLWXZGnx1U%3DGe7tDTLmUXBqPK8-%3DgDSTf5-Lw%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Setting up PE from scratch with PuppetDB/Postgres on separate box
Hi Steven, I'm attempting the same thing you are. I see that my /etc/puppetlabs/puppet/puppetdb.conf keeps getting overwritten on my Puppet Master to point back to the Puppet Master instead of my PuppetDB host. Do you know where this is being set? Thanks! Matt On Tuesday, September 10, 2013 6:27:22 AM UTC-4, Steven James wrote: > > Hi All, > > I'm trying to setup a new Pupp Ent instance from scratch with > PuppetDB/Postgres on a sep box. I think I have it working, but it took a > bit of doing. I just wanted to check that there's not a more straight > forward way. > > I'm aiming for an HA proxy load balanced pair of PuppetMasters, CA active > on only one, with replicated pair of PuppetDB/Postgres. > > First of all...the assumptions.it seems that it not possible to > install the console role (on the PM) without also installing PuppetDB (with > option to connect to remote PG server). I was imagining that my PuppetDB > jetty containers would both sit happily only on the 2 database servers, and > not be required on the PM?? I was imagining that > /etc/puppetlabs/puppet/puppetdb.conf on the PMs would "simply" point down > to the active PG PuppetDB instance?? False assumption? > > The next question I just wanted to validatethe only way I could get > the installer to play nice, was to install the DB layer first, with it > continuing on not having a PM to point at yet, then loading up the PM, > *having* to say Yes to the PuppetDB option, in order to get a console on > the PM, then specifying a remote PG database server. > > If one does have to install the DB first, then maybe the following link > needs to be updated? > > http://docs.puppetlabs.com/pe/latest/install_system_requirements.html > > Then had to remove DB server's ssl dir, regenerate and sign the request on > the PM (CA), then run puppetdb-ssl-setup to finish off. > > So I've ended up with PuppetDB running on both my PM *and* of course on my > DB. I feel like I should be doing a `service pe-puppetdb stop` on the PM. > > There didn't seem to be any prebaked examples/answers files that > accommodated this (reasonably std) architecture?? Lots of other great > examples though. > > Is my setup the correct way to go about this??? > > The next stage will be to use the same answers file from PM1 on PM2, > disabling the ca_server, and assuring that my dns_alt_names have both the > puppet service address, and the addresses of both of the PMs. > > There seems to be a patch required to allow PuppetDB to drive a replicated > Postgres pair via Puppet Enterprise itself. Nice that this is now possible! > > One last questionand assuming I can run PuppetDB on both Postgres > servers, with both pointing at the active PG box..I'm also assuming > that I should also be configuring HAProxy to load balance requests to both > PuppetDB instances?? i.e. load balance the SSL connects over 8081?? If so, > I'm smelling some SSL challenges ahead.anybody got any thoughts on that > one? If both PuppetDB instances are signed against the primary CA, should > all else be fine? > > Thanks for your input, and I'm happy to post updates if anybody has any > suggestions. > > Steven > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/01b677c3-59f9-4c5d-b313-70686f5dcf66%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Unpleasant puppetlabs experience
On Thursday, December 5, 2013 5:35:13 PM UTC-8, Philip Brown wrote: > > > Summary: > > (We dont need to improve our public documentation, because people can go > BUY documentation for puppet) > > I can understand changing it to low priority or something. > But *Rejecting* this issue? > > Hi all, I'm the one who closed that ticket. Sorry, my bad. First off, WE STILL PLAN TO IMPROVE THE TYPE AND PROVIDER DOCS. They can & should & will be better, and we don't consider the O'Reilly "Puppet Types and Providers" book to be an acceptable replacement for free documentation on our website. That's going to take a big chunk of time, though, and we (the Puppet Labs docs team, hi) will have to schedule it as planned work. Anyway, here's what happened with that ticket: - We're moving ticketing systems. The new one will be publicly visible at tickets.puppetlabs.com in a matter of days. - The docs team is already tracking work in the new system. We are not tracking ANY work in Redmine. The stuff in Redmine is old and out of date. - So now I have to do a mass cleanup on the old stuff in Redmine in preparation for the complete switch-over. - Some things I'm fixing now, some things I'm making new tickets for, some things aren't relevant anymore, and some things are so well-known in my team that we don't really need a ticket as a reminder; instead, we'll be hashing them out in our planning sessions once we've dealt with the stuff we're currently working on (at which point they'll turn into like a dozen related tickets). "Overhaul the type/provider docs" is in that last group. - I marked some tickets as "rejected" that I should have marked as "closed." (Since we're still planning to do the work, but we aren't tracking it in that Redmine ticket anymore.) Sorry! - On some of those, I also made a note or two about related developments that may have changed the relative priority of the issue. (In this case, the fact that there's a good reference *somewhere* out there means we have a small bit of breathing room, even though we still need to improve our version.) - I *should* have also pasted in some boilerplate about WHY I was closing 50 tickets at once, and what to do if you were following one of them. So yeah, sorry for implying we weren't going to improve type/provider docs; that's not what I was trying to say at all. Closing that ticket was about housekeeping, not about rejecting the work it represented. There will be a bit of an awkward stage as we switch ticketing systems; sorry about that, and thank you for staying vocal about what needs work. NF -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/81075a71-bff4-4efd-ae48-7ac60e723a07%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Problem with report processor - undefined method
On further inspections the YAML files are still being created but not the puppet db entries. On Thursday, December 5, 2013 4:29:44 PM UTC-8, Jon Yeargers wrote: > > After I got puppetdb working I was looking about at the various bits of > data available. Looking at the 'nodes' option I was suprised to see this: > > "report_timestamp" : null > > for every node. They all have this for their puppet.conf: > > [main] > logdir=/var/log/puppet > vardir=/var/lib/puppet > ssldir=/var/lib/puppet/ssl > rundir=/var/run/puppet > factpath=$vardir/lib/facter > templatedir=$confdir/templates > [agent] > server=server_name > certname=client_name > pluginsync=true > report=true > > so I assumed they were reporting. > > TL;DR > > Looking at /var/log/messages on the server I found these messages > appearing: > > puppet-master[1090]: Report processor failed: undefined method `>=' for > nil:NilClass > > What's up? Have I misconfigured something? > > Clients: v 2.6 > Server: v 3.3 > > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/6abed7eb-6cb9-439e-93be-01524276fed7%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Unpleasant puppetlabs experience
On Fri, 2013-12-06 at 11:31 -0500, Jerald Sheets wrote: > Please note that the exact same documentation is expected to be used > for either and people spending crap-tons of money are expected to put > up with the same issues. This is not a licensed/open source > argument. This is a "do a better job of documentation" argument. > > > I shouldn't have to go hunt down other admins in my town to learn > things with/from because none of us can make sense of the > documentation...or its wrong... or it ignores systems or development > best practices, or whatever your particular gripe may be. > > > Puppet is the best there is, but it (and its docs) can be better. This feels like it's a very negative discussion and I wanted to highlight my own experiences with Puppetlabs. Puppetlabs make their money in part from their excellent additions to the open source version (which makes deployment a bunch easier), but also from paid support engagements - if someone wants to pay them to update the docs for the open source parts, they will. If not then we either wait for them to get the time to do so, or we submit a pull request. We're not talking about a company the size of Google here, Puppetlabs doesn't have large bunches of cash to throw around, and my overall experience of the Puppet documentation has been excellent. The particular page in the bug report was extremely helpful when I started out with Puppet. I'd be keen to see more examples and helpful tutorials, but that's not core product documentation - the actual reference documentation on the puppetlabs site is bang up to date, complete, and way beyond the level of documentation available for many other products that sell for big money. And even better, if that's not enough the source is very readable and well commented. There are several areas in the documentation where gaps exist, and I commend Puppetlabs for highlighting these and over time filling them in. The product is still in active development and over time just gets better and better. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/1386364284.6023.33.camel%40debian.my.home. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Automatic Agent installation from dashboard?
Hi, AFAIK not from the dashboard but you can launch remote commands to the servers to install the puppet client and launch puppet agent --test to ask the puppetmaster for a signed certificate. Create a file named RemoteCommands.txt with the following content : (This is for Debian and puppet community, Adapt to your OS flavor and puppet version) wget http://apt.puppetlabs.com/puppetlabs-release-wheezy.deb && \ dpkg -i puppetlabs-release-wheezy.deb && rm -f puppetlabs-release-wheezy.deb \ apt-get update && apt-get -y install puppet update-alternatives --set ruby /usr/bin/ruby1.8 puppet agent --test Launch this one for each server ssh root@remoteserver1 /bin/bash < RemoteCommands.txt For windows I suppose that similar can be done using powershell. Hope it helps. Best regards -- Juan Sierra Pons j...@elsotanillo.net Linux User Registered: #257202 http://www.elsotanillo.net GPG key = 0xA110F4FE Key Fingerprint = DF53 7415 0936 244E 9B00 6E66 E934 3406 A110 F4FE -- 2013/12/6 Deep : > Hi, > > Is there an option in puppet to automatically install agent in an unmanaged > node in the network from the dashboard? > > eg: I have a network of windows and linux servers which doesn't have the > puppet agent installed. Is it possible to push the agent from puppet server > to these unmanaged nodes by specifying hostname/IP address or some other > parameters? > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/68e31847-0cd2-4870-a1f0-53fe9f0d3aee%40googlegroups.com. > For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9um6byB-fzPyTToL_OL9XoRFSPcLWOYg%3D75x%2B%3Dr8JQ5JA%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Can't seem to get modulepath attribute recognized by puppetmasterd
Warning - Puppet newby here. I am trying to set up a puppetmaster 3.3.2 and have run into a snag right out of the box. I want to add a new directory to modulepath= in /etc/puppet/puppet.conf So I added the following line in the [main] header modulepath = /etc/puppet/modules:/opt/our-repo/puppetmaster/modules And populated new new directory with modules I have written. I then run puppet master --configprint modulepath and I in fact see /etc/puppet/modules:/opt/our-repo/puppetmaster/modules But when I restart puppetmasterd I get the following errors. 2013-12-06 19:05:09 + Puppet (err): Could not find class newapp for ip-10-0-22-5 on node ip-10-0-22-5 On the clients I get the message Puppet (err): Could not retrieve catalog from remote server: Error 400 on SERVER: Could not find class newapp for ip-10-0-22-5 on node ip-10-0-22-5 If I move my newapp module to /etc/puppet/modules it works fine. So I think the module itself isn't the problem. I've also tried moving the modulepath= to the [master] stanza but things still don't work. *Can anyone tell me the incantation I need to make puppetmasterd recognize my /opt/our-repo/puppetmaster/modules directory*? Thanks. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/f59f9ac3-ff1b-4411-92a4-59aacb685522%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Agent speed - what is 'normal'?
For a 1ghz ARM pc, it would seem about normal.. On Thursday, December 5, 2013 3:41:48 PM UTC-6, Jon Yeargers wrote: > > (This is actually two questions): > > Running 'puppet agent --test' on a 1Ghz ARM based (Debian 6) fanless PC. > It's pretty common to see the 'catalog run' take 120-300 seconds. Is this > typical? > > Second (and possibly related): when I do a 'puppet agent --test (--noop)' > I get this set of messages: > > info: Retrieving plugin > info: Loading facts in facter_dot_d > info: Loading facts in pe_version > info: Loading facts in puppet_vardir > info: Loading facts in root_home > info: Loading facts in facter_dot_d > info: Loading facts in pe_version > info: Loading facts in puppet_vardir > info: Loading facts in root_home > > Note the repeats. What have I misconfigured? > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/dd4606ad-88bc-4f6a-bb67-99be8f0da6c0%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: Unable to specify hierarchy for data-in-modules
It is nice to mention this here. Thanks, -Chengkai On Thu, Dec 5, 2013 at 6:18 PM, Henrik Lindberg < henrik.lindb...@cloudsmith.com> wrote: > On 2013-06-12 1:30, chengkai liang wrote: > >> Well, I can execute this with for individual module via *puppet apply >> --binder true ...* I haven't been able to do this successfully on my >> >> vagrant box. I found out that vagrant use --detailed-exitcode option >> with puppet apply, which interfere with *--binder true* option. I have >> to set*binder true* in puppet.conf. Yet I don't have time to try that >> yet. >> >> >> >> On Sat, Nov 30, 2013 at 11:03 AM, Steven Jonthen >> mailto:coffeejunkeyst...@gmail.com>> wrote: >> > > Please be aware that we decided to not move ahead with the "data in > modules" implementation based on the experimental implementation that is > turned on with --binder=true option. > > We found several things - there was way too much complexity being exposed > to users, the first implementation missed support for some typical use > cases, and the entire domain of "providing data to modules" turned out to > be an exchange of one problem for another in several cases. > > Meanwhile, if you are brave, and want to experiment. You probably want my > branches with simplifications and additional support for private data. If > for nothing else to gain some experience regarding some of the issues. > (Since we decided not to move ahead, these additions & changes will not be > merged into the puppet code base, and the behavior now available via > --binder will be removed - we have not quite yet figured out what it will > be replaced by though). > > Regards > - henrik > > > -- > You received this message because you are subscribed to a topic in the > Google Groups "Puppet Users" group. > To unsubscribe from this topic, visit https://groups.google.com/d/ > topic/puppet-users/Z_6ehvPEm98/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > puppet-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/puppet-users/l7rc5f%24jbs%241%40ger.gmane.org. > > For more options, visit https://groups.google.com/groups/opt_out. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CANTbHr8NTCAspOEm9gT1xTtYOBBe_k4w_fK92foht1heikhjXA%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] external node classifier with a back-end
HI Jason, No I have no hesitations at all and yes, I would enjoy seeing your Postgres code and learning from it and can share back. So the thought here is to have all the configuration data, client data, node data, in a Postgres database (the one on the Puppet Master) and used downline by all the various Linux apps which need it, including Puppet. I take it (hopefully) this is not too unusual and bizarre in the world of Puppet. On Thursday, December 5, 2013 4:16:10 AM UTC-8, Jason Antman wrote: > PuppetDB isn't an ENC. PuppetDB does, however, use Postgres (unless you > use the embedded database, which you shouldn't). Puppet Dashboard is an > ENC, but ironically, uses MySQL not Postgres. > > Stuart, > > Starting *another* ENC thread a day later isn't likely to get you many > more responses than the two to your last question. I assumed, given your > lack of response to my reply, that you're not terribly interested in > sharing what you need an ENC to do... As I mentioned, I'm working on > getting a Python/Django (Postgres-backed) ENC ready for release... if you > want to see the current code, that could be arranged, though it's not > really up to the "just run this puppet module and it installs the ENC" > stage yet. > > -jantman > > On 12/04/2013 05:10 PM, Stuart Cracraft wrote: > > Hi Ygor/Dan, > > Postgres has better DR. > > We like Postgres. > > Stuart > > On Wednesday, December 4, 2013 2:03:10 PM UTC-8, Ygor wrote: > >> Isn't that what PuppetDB is ? >> >> �Sometimes I think the surest sign that intelligent life exists >> elsewhere in the universe is that none of it has tried to contact us.� >> Bill Waterson (Calvin & Hobbes) >> >> -- >> *From: *"Stuart Cracraft" >> *To: *puppet...@googlegroups.com >> *Sent: *Wednesday, December 4, 2013 4:33:51 PM >> *Subject: *[Puppet Users] external node classifier with a back-end >> >> >> Hi everybody! >> >> Anyone have a back-ended external node classifier to a Postgres database >> they could throw my way? >> >> Stuart >> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to puppet-users...@googlegroups.com. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/puppet-users/7781bed3-7e5a-46e2-8949-e00bfac0fbd0%40googlegroups.com >> . >> For more options, visit https://groups.google.com/groups/opt_out. >> > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-users...@googlegroups.com . > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/c642f1be-1121-4ab9-b56a-29b54809140f%40googlegroups.com > . > For more options, visit https://groups.google.com/groups/opt_out. > > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/1909c6a8-9dc8-48bf-a397-f975a82749ac%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Automatic installation of puppet agent from puppet master
You can have autosign enabled on the puppet master but I don't recommend it. You want to have control over the initial deployments since by just blanket auto-signing, you may run into some major issues with too much change too suddenly. As you gain experience, you can bulk sign in chunks once your initial signs and time have been producing no impact. Consider a Puppet run on a node a potentially dangerous production-affecting outage-causing operation like any other. On Friday, December 6, 2013 5:12:23 AM UTC-8, Deep wrote: > HI, > > Is there a way in puppet to automatically install agents in unmanaged node > from the puppet dashboard or backend? > > eg: I have a network with a mixture of linux and windows servers.I can > include the puppet agent in the OS installation phase or do it manually in > servers. > But, is there an option in the puppet to install agents on these nodes by > mentioning Hostname/IP address or other related parameters? > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/d61d11e2-9dd4-40cd-a32e-593f30094d48%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Windows node fails to request certificate (SSL error)
I left the node running overnight with the puppet service enabled. This
morning it was working normally, so I did not have a chance to do any
further experiments. This is similar to what happened on the other nodes,
and leads me back to the suspicion that it has something to do with the
time sync of the nodes. The master is synced via NTP, but these nodes do
not have an accessible timeserver (that's what puppet is supposed to
add...), so they started out with a considerable drift in either direction
from the current time (up to 10 minutes). This second attempt that worked
after waiting overnight was after a clean install with the time already
manually synced.
The master is running 3.1.0. The Windows nodes have agent 3.3.1 I also
upgraded to 3.3.2 on this particular node in question.
Dan
On Thursday, December 5, 2013 4:58:03 PM UTC-5, Rob Reynolds wrote:
>
> Dan,
> Thanks for the detailed question. What version of Puppet agent do you have
> installed?
>
> On Thu, Dec 5, 2013 at 9:29 AM, > wrote:
>
>> I am mostly using Puppet for Linux nodes, but I have started deploying it
>> on a handful of Windows nodes, but seem to run into SSL problems every time
>> on the initial deployment. I think I have hit this error on all three nodes
>> so far, but currently two are working and one is not. All three nodes are
>> virtually identical servers running Windows Server 2012 R2.
>>
>> [0;36mDebug: Failed to load library 'syslog' for feature 'syslog' [0m
>> [0;36mDebug: Failed to load library 'selinux' for feature 'selinux' [0m
>> [0;36mDebug: Using settings: adding file resource 'confdir':
>> 'File[C:/ProgramData/PuppetLabs/puppet/etc]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc",
>>
>> :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
>> [0m
>> [0;36mDebug: Using settings: adding file resource 'vardir':
>> 'File[C:/ProgramData/PuppetLabs/puppet/var]{:path=>"C:/ProgramData/PuppetLabs/puppet/var",
>>
>> :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
>> [0m
>> [0;36mDebug: Using settings: adding file resource 'logdir':
>> 'File[C:/ProgramData/PuppetLabs/puppet/var/log]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/log",
>>
>> :mode=>"750", :ensure=>:directory, :loglevel=>:debug, :links=>:follow,
>> :backup=>false}' [0m
>> [0;36mDebug: Using settings: adding file resource 'statedir':
>> 'File[C:/ProgramData/PuppetLabs/puppet/var/state]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/state",
>>
>> :mode=>"1755", :ensure=>:directory, :loglevel=>:debug, :links=>:follow,
>> :backup=>false}' [0m
>> [0;36mDebug: Using settings: adding file resource 'rundir':
>> 'File[C:/ProgramData/PuppetLabs/puppet/var/run]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/run",
>>
>> :mode=>"755", :ensure=>:directory, :loglevel=>:debug, :links=>:follow,
>> :backup=>false}' [0m
>> [0;36mDebug: Using settings: adding file resource 'libdir':
>> 'File[C:/ProgramData/PuppetLabs/puppet/var/lib]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/lib",
>>
>> :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
>> [0m
>> [0;36mDebug: Using settings: adding file resource 'certdir':
>> 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/certs]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/certs",
>>
>> :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
>> [0m
>> [0;36mDebug: Using settings: adding file resource 'ssldir':
>> 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl",
>>
>> :mode=>"771", :ensure=>:directory, :loglevel=>:debug, :links=>:follow,
>> :backup=>false}' [0m
>> [0;36mDebug: Using settings: adding file resource 'publickeydir':
>> 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/public_keys]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/public_keys",
>>
>> :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
>> [0m
>> [0;36mDebug: Using settings: adding file resource 'requestdir':
>> 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/certificate_requests]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/certificate_requests",
>>
>> :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
>> [0m
>> [0;36mDebug: Using settings: adding file resource 'privatekeydir':
>> 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys",
>>
>> :mode=>"750", :ensure=>:directory, :loglevel=>:debug, :links=>:follow,
>> :backup=>false}' [0m
>> [0;36mDebug: Using settings: adding file resource 'privatedir':
>> 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/private]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/private",
>>
>> :mode=>"750", :ensure=>:directory, :loglevel=>:debug, :links=>:follow,
>> :backup=>false}' [0m
>> [0;36mDebug: Using settings: adding file resource 'hostprivkey':
>> 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys/testnode1.pem]{:path
Re: [Puppet Users] Unpleasant puppetlabs experience
> > Possibly consider all the work you've put into implementing puppet on your > own systems, and consequently how obtaining puppet gratis doesn't mean that > it's free of cost. > > Please note that the exact same documentation is expected to be used for either and people spending crap-tons of money are expected to put up with the same issues. This is not a licensed/open source argument. This is a "do a better job of documentation" argument. I shouldn't have to go hunt down other admins in my town to learn things with/from because none of us can make sense of the documentation...or its wrong... or it ignores systems or development best practices, or whatever your particular gripe may be. Puppet is the best there is, but it (and its docs) can be better. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAAE6QHx57XDit4nnrWD6m7nFN6F1GBhfmJpAH5%2B9m5mei2s0Bw%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Unpleasant puppetlabs experience
(inline) On Thu, Dec 05, 2013 at 05:35:13PM -0800, Philip Brown wrote: >https://projects.puppetlabs.com/issues/14368#change-101086 > >Summary: > >(We dont need to improve our public documentation, because people can go >BUY documentation for puppet) > >I can understand changing it to low priority or something. >But *Rejecting* this issue? >For a supposedly "free, open source" project? Really? I think we've tripped over the distinction between libre and gratis, wikipedia having a useful summary: http://en.wikipedia.org/wiki/Gratis_versus_libre Possibly consider all the work you've put into implementing puppet on your own systems, and consequently how obtaining puppet gratis doesn't mean that it's free of cost. >This does not motivate me to continue advocating for use of puppet, let >alone developing for it. > >-- >You received this message because you are subscribed to the Google Groups >"Puppet Users" group. >To unsubscribe from this group and stop receiving emails from it, send an >email to puppet-users+unsubscr...@googlegroups.com. >To view this discussion on the web visit > > [1]https://groups.google.com/d/msgid/puppet-users/83b76366-d703-469f-a3fe-4b1fe8d28b58%40googlegroups.com. >For more options, visit [2]https://groups.google.com/groups/opt_out. > > References > >Visible links >1. > https://groups.google.com/d/msgid/puppet-users/83b76366-d703-469f-a3fe-4b1fe8d28b58%40googlegroups.com >2. https://groups.google.com/groups/opt_out -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/20131206161806.GA19589%40iniquitous.heresiarch.ca. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Hiera in custom facts?
Again: You *cannot* get hiera values into facter, nor would that be
particularly useful (at least from the master's perspective).
On 12/06/2013 04:08 PM, leed wrote:
> Thanks for your response, I'd tried adding that to the global scope
> (confirmed with a notify), but this doesn't seem to be passed to the
> custom facts, as these seem to be processed before hand?
>
> So with
>
> Facter.add("cluster_name") do
> setcode do
> $clustername
> end
> end
>
> I get :-
>
> # facter --debug -p
> value for cluster_name is still nil
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/52A1E994.8050609%40alumni.tu-berlin.de.
For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Problem using hiera-eyaml
I am trying to use hiera-eyaml and have followed the README instructions.
eyaml seems to work, I can encrypt and decrypt files and passwords.
I can also use hiera -c to get at an encrypted value like so:
hiera -c /etc/puppetlabs/puppet/hiera.yaml rootpwd
But when running this simple test module it fails with cannot find the data
item rootpwd defined in hieradata/defaults.eyaml.
class test {
$test = hiera('test')
$rootpwd = hiera('rootpwd')
notify { "Test: ${test}": }
}
If I just have the test variable defined in defaults.yaml it works fine. So
it cannot find the defaults.eyaml file.
Here is my hiera.yaml:
--
:backends:
- yaml
- eyaml
- :hierarchy:
- defaults
- "%{clientcert}"
- "%{environment}"
- global
- :yaml: :datadir: /etc/puppetlabs/puppet/modules/hieradata
- :eyaml: :datadir: /etc/puppetlabs/puppet/modules/hieradata
-:pkcs7_private_key:
/etc/puppetlabs/puppet/secure/keys/private_key.pkcs7.pem
-:pkcs7_public_key:
/etc/puppetlabs/puppet/secure/keys/public_key.pkcs7.pem
And my defaults.eyaml file:
--
rootpwd: >
ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQAwDQYJKoZIhvcNAQE
...]
Any hints will be greatly appreciated.
I am running Puppet Enterprise 3.1.0 on Ubuntu 12.04.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/f09752d0-d67c-4512-9b5f-00c55dc9358e%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Hiera in custom facts?
On Friday, 6 December 2013 14:27:47 UTC, Felix.Frank wrote:
>
>
> If you want to use $clustername instead of hiera("clustername"), just
> add this to the global scope of your manifest:
>
> $clustername = hiera("clustername")
>
Thanks for your response, I'd tried adding that to the global scope
(confirmed with a notify), but this doesn't seem to be passed to the custom
facts, as these seem to be processed before hand?
So with
Facter.add("cluster_name") do
setcode do
$clustername
end
end
I get :-
# facter --debug -p
value for cluster_name is still nil
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/f3c1f141-6553-48cc-b7d9-5da102c1d71a%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: Unpleasant puppetlabs experience
https://github.com/puppetlabs/puppet-docs On 12/06/2013 03:36 PM, kaustubh chaudhari wrote: > Hey, > > Option a) is good! > > Just curious, how do we submit the updated doc to Puppet Lab so that > they can publish it on the website! > > -Kaustubh -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/52A1E345.1060805%40alumni.tu-berlin.de. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Automatic installation of puppet agent from puppet master
Hi Deep, Not that i am aware off. As puppet is a pull job and not push. master dont push any thing to puppet agent. All i am saying there may be a way of which i am not aware! I suggest include puppet agent installation as a part of OS installation, i have included it in the VMware templates and in the post installation just run "puppet agent --test" for the 1st time so that it generates cert request to master! HTH -Kaustubh On Friday, December 6, 2013 8:12:23 AM UTC-5, Deep wrote: > > HI, > > Is there a way in puppet to automatically install agents in unmanaged node > from the puppet dashboard or backend? > > eg: I have a network with a mixture of linux and windows servers.I can > include the puppet agent in the OS installation phase or do it manually in > servers. > But, is there an option in the puppet to install agents on these nodes by > mentioning Hostname/IP address or other related parameters? > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/dcd27624-aec8-4cb4-9d6d-265dfb4ba590%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Hiera in custom facts?
Hi,
this is in fact not the right approach.
Facts are evaluated on the agent side, while hiera typically belongs to
the master side only.
If you want to use $clustername instead of hiera("clustername"), just
add this to the global scope of your manifest:
$clustername = hiera("clustername")
HTH,
Felix
On 12/06/2013 02:09 PM, leed wrote:
>
> Hello all
>
> So is it possible to use hiera data in a custom facts? I'm probably
> going about this all wrong, but I was hoping something like this would work.
>
> Facter.add("cluster_name") do
> setcode do
>hiera('clustername')
> end
> end
>
> But I get a lot of
>
> Could not retrieve cluster_name: undefined method `hiera' for
> :Facter::Util::Resolution
>
> The fact that googling for this returns nothing is whats making me
> worried I'm going about it all wrong.
>
> Just want to be able to have a custom fact that returns the cluster_name
> for a host if its set in its hiera data.
>
> Cheers
> Lee
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/52A1DEE3.5030909%40alumni.tu-berlin.de.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: Unpleasant puppetlabs experience
Hey, Option a) is good! Just curious, how do we submit the updated doc to Puppet Lab so that they can publish it on the website! -Kaustubh On Friday, December 6, 2013 8:03:04 AM UTC-5, Felix.Frank wrote: > > Not really. Seeing as this is a documentation header, there's only two > things you can do > a) write the docs yourself if you can or > b) wait for someone else to do so > > On 12/06/2013 01:58 PM, kaustubh chaudhari wrote: > > Rejecting is not a solution, at least you can redirect to some other > > links where its used/fixed/configured, and say try this for now and we > > will look into it when we have time! > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/65445c24-b2f3-4987-bd82-4ec8ec29df55%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] How to reject agent (node) certificate request
Hi John and Patrick! I havent tried puppet cert revoke - i will try that and reproduce if the issue persists. Yes i have tried puppet node clean and puppet node deactivate, but the moment PuppetDB receives the request .. it update the facts and reports to the same. I do understand this is a normal behavior, we need to purge the node from DB to avoid this. -Kaustubh On Friday, December 6, 2013 8:30:03 AM UTC-5, Patrick Ethier wrote: > > Did you try the puppet node clean and puppet node deactivate functions? > > Pat > > > > On Fri, Dec 6, 2013 at 8:04 AM, Felix Frank > > > wrote: > >> You can always throw away the CSR file manually, but that's obviously >> less than ideal. >> >> If nobody pipes up with a correct answer, you may want to check Redmine >> for an open feature request and vote on that, or open a new one if none >> can be found. >> >> Regards, >> Felix >> >> On 12/06/2013 01:46 PM, kaustubh chaudhari wrote: >> > >> > Hey Felix, >> > >> > Yes i have tried that! >> > >> > puppet cert clean will work only for the accepted CSR. The only way i >> > see is to accept it and then clean it! But this is not right way to do >> it! >> > >> > -Kaustubh >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to puppet-users...@googlegroups.com . >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/puppet-users/52A1CB77.90205%40alumni.tu-berlin.de >> . >> For more options, visit https://groups.google.com/groups/opt_out. >> > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/bd4cb340-5043-4cf8-8143-a1d89cc72852%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Automatic installation of puppet agent from puppet master
HI, Is there a way in puppet to automatically install agents in unmanaged node from the puppet dashboard or backend? eg: I have a network with a mixture of linux and windows servers.I can include the puppet agent in the OS installation phase or do it manually in servers. But, is there an option in the puppet to install agents on these nodes by mentioning Hostname/IP address or other related parameters? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/138c974a-eedb-4fbb-a032-1f6141630a66%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Accessing internal read-only parameters
Hi, I'd like to access read-only parameter package::status in my manifest. The only reference about RO-parameters usage I found is some irrelevant post in puppet-dev group (https://groups.google.com/d/msg/puppet-dev/XiEexgGGwHc/P1_s7OQo59kJ) from Y2008: And as "definition attributes" they would provide a nice way of accessing internal read-only parameters (e.g. "package::platform") which is not possible today AFAIK. So, is it possible to use them at all nowdays? If so, then how? Thank you. -- Dmitry Musatov -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/943aabb1-4a43-4913-9067-440928e5a716%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Anyone currently using Puppet environments, gitolite and the Puppet post-receive hook?
Here's what I'm using. Gitolite and puppet master run on the same box but
don't have to.
Note that master is mapped to production. I also had some issues w/ ssh
key so the post-receive is starting and killing ssh-agent. it's not set up
for pushing multiple branches at the same time but it should be an easy
change
#!/bin/sh
read oldrev newrev refname
REPO="git@myhost:puppet-environments.git"
BRANCH=`echo $refname | sed -n 's/^refs\/heads\///p'`
BRANCH_DIR="/etc/puppet/environments"
SSH_ARGS="-i /home/git/.ssh/id_rsa"
SSH_DEST="puppet@myhost"
if [ "$BRANCH" == "master" ]
then
BRANCHDEST="production"
else
BRANCHDEST=$BRANCH
fi
if [ "$newrev" -eq 0 ] 2> /dev/null ; then
# branch is being deleted
echo "Deleting remote branch $BRANCH_DIR/$BRANCHDEST"
ssh $SSH_ARGS $SSH_DEST /bin/sh <<-EOF
cd $BRANCH_DIR && rm -rf $BRANCHDEST
EOF
else
# branch is being updated
echo "Updating remote branch $BRANCH_DIR/$BRANCHDEST"
ssh $SSH_ARGS $SSH_DEST /bin/sh <<-EOF
{ cd $BRANCH_DIR/$BRANCHDEST && git pull origin $BRANCH && ssh-agent
-k; } \
|| { mkdir -p $BRANCH_DIR && cd $BRANCH_DIR \
&& git clone $REPO $BRANCHDEST && cd $BRANCHDEST \
&& git checkout -b $BRANCH origin/$BRANCH \
&& ssh-agent -k; }
EOF
fi
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/9bf93171-b728-4aeb-ad04-edea7fa7a149%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Hiera in custom facts?
Hello all
So is it possible to use hiera data in a custom facts? I'm probably going
about this all wrong, but I was hoping something like this would work.
Facter.add("cluster_name") do
setcode do
hiera('clustername')
end
end
But I get a lot of
Could not retrieve cluster_name: undefined method `hiera' for
:Facter::Util::Resolution
The fact that googling for this returns nothing is whats making me worried
I'm going about it all wrong.
Just want to be able to have a custom fact that returns the cluster_name
for a host if its set in its hiera data.
Cheers
Lee
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/ac9f9f5f-36f5-4b5d-91a6-02ae5335685a%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Automatic Agent installation from dashboard?
Hi, Is there an option in puppet to automatically install agent in an unmanaged node in the network from the dashboard? eg: I have a network of windows and linux servers which doesn't have the puppet agent installed. Is it possible to push the agent from puppet server to these unmanaged nodes by specifying hostname/IP address or some other parameters? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/68e31847-0cd2-4870-a1f0-53fe9f0d3aee%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] How to reject agent (node) certificate request
Did you try the puppet node clean and puppet node deactivate functions? Pat On Fri, Dec 6, 2013 at 8:04 AM, Felix Frank wrote: > You can always throw away the CSR file manually, but that's obviously > less than ideal. > > If nobody pipes up with a correct answer, you may want to check Redmine > for an open feature request and vote on that, or open a new one if none > can be found. > > Regards, > Felix > > On 12/06/2013 01:46 PM, kaustubh chaudhari wrote: > > > > Hey Felix, > > > > Yes i have tried that! > > > > puppet cert clean will work only for the accepted CSR. The only way i > > see is to accept it and then clean it! But this is not right way to do > it! > > > > -Kaustubh > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/52A1CB77.90205%40alumni.tu-berlin.de > . > For more options, visit https://groups.google.com/groups/opt_out. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAHFDuXkopEnMHRjx_G9JtuorezvsdhRS746P0NMO1mWtFHQcUQ%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] How to reject agent (node) certificate request
Have you tried puppet cert revoke (see puppet help cert for the man page) hth Johan On 12/06/2013 02:04 PM, Felix Frank wrote: You can always throw away the CSR file manually, but that's obviously less than ideal. If nobody pipes up with a correct answer, you may want to check Redmine for an open feature request and vote on that, or open a new one if none can be found. Regards, Felix On 12/06/2013 01:46 PM, kaustubh chaudhari wrote: Hey Felix, Yes i have tried that! puppet cert clean will work only for the accepted CSR. The only way i see is to accept it and then clean it! But this is not right way to do it! -Kaustubh -- Johan De Wit Open Source Consultant Red Hat Certified Engineer (805008667232363) Puppet Certified Professional 2013 (PCP006) _ Open-Future Phone +32 (0)2/255 70 70 Zavelstraat 72 Fax +32 (0)2/255 70 71 3071 KORTENBERG Mobile+32 (0)474/42 40 73 BELGIUM http://www.open-future.be _ Next Events: Puppet Fundamentals Training | http://www.open-future.be/puppet-fundamentals-training-10-till-12th-december Puppet Advanced Training | http://www.open-future.be/puppet-advanced-training-7-till-9th-january Puppet Fundamentals Training | http://www.open-future.be/puppet-fundamentals-training-4-till-6th-february Subscribe to our newsletter | http://eepurl.com/BUG8H -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/52A1D48E.3060003%40open-future.be. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: Puppet Master accepting request without certificates
That's normal behavior, because the client still retains the cert and it's still signed with your puppet CA and therefor trusted. You may want to scrutinize the CRL file, perhaps it's not used properly. Also try and find out if puppet cert revoke works better than pupet cert clean wrt. the CRL. HTH, Felix On 12/06/2013 01:44 PM, kaustubh chaudhari wrote: > once i remove the cert with puppet agent clean! I dont see its > certificate in the puppet cert list -all > > However, agent can still run the catalog! this is what worries me!! -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/52A1CBCF.9050007%40alumni.tu-berlin.de. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] How to reject agent (node) certificate request
You can always throw away the CSR file manually, but that's obviously less than ideal. If nobody pipes up with a correct answer, you may want to check Redmine for an open feature request and vote on that, or open a new one if none can be found. Regards, Felix On 12/06/2013 01:46 PM, kaustubh chaudhari wrote: > > Hey Felix, > > Yes i have tried that! > > puppet cert clean will work only for the accepted CSR. The only way i > see is to accept it and then clean it! But this is not right way to do it! > > -Kaustubh -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/52A1CB77.90205%40alumni.tu-berlin.de. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: Unpleasant puppetlabs experience
Hi, I Agree with Philip and Felix!! Some one might have implemented it with his own experience/try and error. But if its not documented, than its like re-inventing the wheel again and again! Rejecting is not a solution, at least you can redirect to some other links where its used/fixed/configured, and say try this for now and we will look into it when we have time! :) On the other hand i understand Seg/Developers are already loaded !! -Kaustubh On Friday, December 6, 2013 7:27:29 AM UTC-5, Felix.Frank wrote: > > I do feel that Redmine's backlogging facilities leave much to be > desired, but I don't really agree with your conclusion. > > I'm with Philip insofar that rejecting a bug is saying "won't fix" or > "not an issue anymore". Neither is apparently the case, so I consider > this at least a misuse of the tool. > > I wouldn't go so far as to claim hostility towards the community. I > suggest re-opening the ticket and discussing the proper course of > action, i.e. perhaps adding the backlog keyword or similar. > > Cheers, > Felix > > On 12/06/2013 08:32 AM, William Leese wrote: > > Seems to me more like: > > After a year we still haven't found time for this. Let's keep our bug > > database manageable but only keeping the stuff we can do within a > > reasonable time or the bug reports that contain some troubleshooting > > effort we don't want to redo. > > > > Quite a reasonable approach I'd say. With open bug databases, it's easy > > for the tool to lose it's value due to unmanageable backlogs. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/631741fe-acdc-4b8b-b1d0-ef1a9366341d%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] How to yum install puppet 3.2.2
Take a look at the below document! http://docs.puppetlabs.com/guides/puppetlabs_package_repositories.html#for-red-hat-enterprise-linux-and-derivatives Hope this helps! -Kaustubh On Friday, December 6, 2013 5:41:36 AM UTC-5, Felix.Frank wrote: > > Hi, > > what yum repositories are configured on that specific box? > > Does 'yum info puppet' give you a hint about which versions are visible > and why it's selecting 2.7? > > Regards, > Felix > > On 12/04/2013 11:47 AM, Claire Speed wrote: > > Hi, > > > > I've been playing with puppet enterprise but wanted to look at open > > source puppet now to compare. I'm having a slightly weird problem > > installing it though and wonder if I'm missing something? I've been > > trawling through all the documentation and google matches I can find, > > but whatever I do if I yum install puppet or puppet-server (CentOS6) I > > get puppet version 2.7.23 when I actually want to have a look at 3.2.2. > > I've tried forcing it to the specific version but it says the package is > > not there, although I can see on the yum repository that it is. > > > > I'd guess I'm missing something pretty obvious here, but I can't work > > out what! Can anyone advise? > > > > Thanks > > > > Claire > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/8491d2b3-4fff-47ce-965b-c1df7d0b67c9%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] How to reject agent (node) certificate request
Hey Felix, Yes i have tried that! puppet cert clean will work only for the accepted CSR. The only way i see is to accept it and then clean it! But this is not right way to do it! -Kaustubh On Friday, December 6, 2013 5:45:54 AM UTC-5, Felix.Frank wrote: > > Hi, > > have you tried using puppet cert clean for this as well? > > According to the docs, it removes all files. This would include the > unwanted CSR. > > HTH, > Felix > > On 12/04/2013 02:44 PM, kaustubh chaudhari wrote: > > Hi, > > > > I am using open source puppet. > > > > How can i reject a certificate request generated by agent on the master. > > > > I can see the cert request in : > > > > puppet cert list > > > > However i wish to reject the request so that next time i run the same > > command, i dont see the garbage(unwanted requests) > > > > I know this can be done in PE, not sure how to do this from command > line! > > > > -Kaustubh > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/f712fd8a-6608-427b-9e6d-970d963530d8%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: Puppet Master accepting request without certificates
Hi, Thanks for the reply Felix! I am on 3.3.2! once i remove the cert with puppet agent clean! I dont see its certificate in the puppet cert list -all However, agent can still run the catalog! this is what worries me!! -Kaustubh On Friday, December 6, 2013 5:48:01 AM UTC-5, Felix.Frank wrote: > > Hi, > > removing the cert data is one thing, but to make sure the old certficate > cannot be used again, it must be effectively revoked. > > The (current) documentation states that puppet cert clean does in fact > revoke the certificate, so you should not be seeing this issue. > > Which version of puppet is this? > > Regards, > Felix > > On 12/04/2013 07:50 PM, kaustubh chaudhari wrote: > > Ok, > > > > I understood my doubts partially! > > > > When we uninstall puppet agent from windows box, it will not delete the > > APP Data folder for puppet which contains the certificates, to generate > > new certificate request you need to uninstall puppet agent and delete > > this directory. > > > > Further, i understood that puppetdb will deactivate the nodes but it > > will not delete/purge it, to purge we need set |"||node-purge-ttl||"| in > > the puppetdb config. > > > > What i was not able to understand is if i have removed the agent > > certificates from the puppet master "puppet cert clean wintest" why the > > request is getting accepted by master? > > > > Can someone please help me to understand this! > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/4be5241e-a852-4b81-b024-4d474c4fb0e9%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: Unpleasant puppetlabs experience
I do feel that Redmine's backlogging facilities leave much to be desired, but I don't really agree with your conclusion. I'm with Philip insofar that rejecting a bug is saying "won't fix" or "not an issue anymore". Neither is apparently the case, so I consider this at least a misuse of the tool. I wouldn't go so far as to claim hostility towards the community. I suggest re-opening the ticket and discussing the proper course of action, i.e. perhaps adding the backlog keyword or similar. Cheers, Felix On 12/06/2013 08:32 AM, William Leese wrote: > Seems to me more like: > After a year we still haven't found time for this. Let's keep our bug > database manageable but only keeping the stuff we can do within a > reasonable time or the bug reports that contain some troubleshooting > effort we don't want to redo. > > Quite a reasonable approach I'd say. With open bug databases, it's easy > for the tool to lose it's value due to unmanageable backlogs. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/52A1C2B1.8080401%40alumni.tu-berlin.de. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: RSpec tests failing after upgrading to rspec-puppet v1.0.1
Ok, after raising on issue against rspec-puppet on Github, Tim responded
with some more information... [1]
Long and short is now that rspec-puppet supports Hiera, there's no need to
use hiera-puppet-helper or rspec-hiera-helper... Can set it all up from
within rspec...
Sample code from Tim and myself available on the aforementioned link...
Cheers
Gavin
[1] https://github.com/rodjek/rspec-puppet/issues/131
On Friday, 6 December 2013 09:51:54 UTC, Gavin Williams wrote:
>
> Morning all
>
> Not sure if anybody on here is going to be able to assist, but thought I'd
> ask anyways...
>
> I've upgraded rspec-puppet to v1.0.1 this morning, and now all my rspec
> tests are failing with:
>
> Failure/Error: it { should_not contain_class('software::hp::psp') }
>> Puppet::Error:
>>Puppet::Parser::AST::Resource failed with error TypeError: can't
>> convert Hash into String at
>> /etc/puppet/environments/common/act/spec/fixtures/modules/act/manifests/software/linux/puppet_agent.pp:27
>>
>> on node puppet-dev.card.co.uk
>>
>
> The failure point quoted isn't doing anything special. The code is
> here[1], and is failing at line 27.
>
> Running with backtrace, do get a fairly long trace, that seems to start in
> hiera code... [2]
>
> However that has been working fine prior to upgrading rspec-puppet.
> With regards to framework, I'm using puppetlabs-spec-helper, rspec-puppet
> and hiera-puppet-helper.
>
> I've got a hiera_config defined as a shared_context [3], so I'm wondering
> if the new hiera support in rspec-puppet is clashing with
> hiera-puppet-helper :s
>
> Any ideas appreciated. As there are some cool new features in rspec-puppet
> that I'd like to use, but can't have all my tests breaking...
>
> Cheers
> Gavin
>
> [1]
> https://gist.github.com/fatmcgav/7821149#file-software_linux_puppet_agent-pp
> [2] https://gist.github.com/fatmcgav/7821149#file-failure-trace-log
> [3] https://gist.github.com/fatmcgav/7821149#file-hiera-rb
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/f38501ca-0437-4273-b3ba-db865de62f3b%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: Puppet Master accepting request without certificates
Hi, removing the cert data is one thing, but to make sure the old certficate cannot be used again, it must be effectively revoked. The (current) documentation states that puppet cert clean does in fact revoke the certificate, so you should not be seeing this issue. Which version of puppet is this? Regards, Felix On 12/04/2013 07:50 PM, kaustubh chaudhari wrote: > Ok, > > I understood my doubts partially! > > When we uninstall puppet agent from windows box, it will not delete the > APP Data folder for puppet which contains the certificates, to generate > new certificate request you need to uninstall puppet agent and delete > this directory. > > Further, i understood that puppetdb will deactivate the nodes but it > will not delete/purge it, to purge we need set |"||node-purge-ttl||"| in > the puppetdb config. > > What i was not able to understand is if i have removed the agent > certificates from the puppet master "puppet cert clean wintest" why the > request is getting accepted by master? > > Can someone please help me to understand this! -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/52A1AB61.6060800%40alumni.tu-berlin.de. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] How to reject agent (node) certificate request
Hi, have you tried using puppet cert clean for this as well? According to the docs, it removes all files. This would include the unwanted CSR. HTH, Felix On 12/04/2013 02:44 PM, kaustubh chaudhari wrote: > Hi, > > I am using open source puppet. > > How can i reject a certificate request generated by agent on the master. > > I can see the cert request in : > > puppet cert list > > However i wish to reject the request so that next time i run the same > command, i dont see the garbage(unwanted requests) > > I know this can be done in PE, not sure how to do this from command line! > > -Kaustubh -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/52A1AAE2.1030601%40alumni.tu-berlin.de. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] How to yum install puppet 3.2.2
Hi, what yum repositories are configured on that specific box? Does 'yum info puppet' give you a hint about which versions are visible and why it's selecting 2.7? Regards, Felix On 12/04/2013 11:47 AM, Claire Speed wrote: > Hi, > > I've been playing with puppet enterprise but wanted to look at open > source puppet now to compare. I'm having a slightly weird problem > installing it though and wonder if I'm missing something? I've been > trawling through all the documentation and google matches I can find, > but whatever I do if I yum install puppet or puppet-server (CentOS6) I > get puppet version 2.7.23 when I actually want to have a look at 3.2.2. > I've tried forcing it to the specific version but it says the package is > not there, although I can see on the yum repository that it is. > > I'd guess I'm missing something pretty obvious here, but I can't work > out what! Can anyone advise? > > Thanks > > Claire -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/52A1A9E0.3030202%40alumni.tu-berlin.de. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] RSpec tests failing after upgrading to rspec-puppet v1.0.1
Morning all
Not sure if anybody on here is going to be able to assist, but thought I'd
ask anyways...
I've upgraded rspec-puppet to v1.0.1 this morning, and now all my rspec
tests are failing with:
Failure/Error: it { should_not contain_class('software::hp::psp') }
> Puppet::Error:
>Puppet::Parser::AST::Resource failed with error TypeError: can't
> convert Hash into String at
> /etc/puppet/environments/common/act/spec/fixtures/modules/act/manifests/software/linux/puppet_agent.pp:27
>
> on node puppet-dev.card.co.uk
>
The failure point quoted isn't doing anything special. The code is
here[1], and is failing at line 27.
Running with backtrace, do get a fairly long trace, that seems to start in
hiera code... [2]
However that has been working fine prior to upgrading rspec-puppet.
With regards to framework, I'm using puppetlabs-spec-helper, rspec-puppet
and hiera-puppet-helper.
I've got a hiera_config defined as a shared_context [3], so I'm wondering
if the new hiera support in rspec-puppet is clashing with
hiera-puppet-helper :s
Any ideas appreciated. As there are some cool new features in rspec-puppet
that I'd like to use, but can't have all my tests breaking...
Cheers
Gavin
[1]
https://gist.github.com/fatmcgav/7821149#file-software_linux_puppet_agent-pp
[2] https://gist.github.com/fatmcgav/7821149#file-failure-trace-log
[3] https://gist.github.com/fatmcgav/7821149#file-hiera-rb
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/701b2ca3-e495-453f-8611-d6f3553ab327%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
