[Puppet Users] Re: Any ideas about this error with upgrading to 0.25.1?
Hi Larry, I re-read the whole thread, and I might have been wrong. Your module files are indeed placed in network-config/files, correct? Based on the error message (which mentions network-config/hosts) I thought you placed your files at the wrong place. My bad. On 11/11/09 15:52, Larry Ludwig wrote: The code is completely different between 0.24.8 and 0.25.1 which is why you're seeing a difference. I understand this, but what works with 0.24.8 should work with 0.25.1 no? Hence it's looking more like a bug. Correct. Is network-config a module? If yes, then your source url is not correct, all the sourced files (for a module) should be in:module/files/whatever Yes. But what about 0.24.8 clients that need access to it, the puppetmaster output states change it tomodule once all 0.24.8 are gone and it's a warning message so it should work as is no? We're not talking about the same thing. The warning is to make sure you will prefix all your modules sourced file by the modules keyword to let puppet know we're talking about the modules mount. Here the url is onlymodule/whatever That means puppet thinks it isn't a module but a regular mount. Since your fileserver.conf doesn't contain the network-config mount, it doesn't find any valid mount, so the request is forbidden. What I suggest: * move the files under network-config/files/ Do you mean the subfolders below files? I did a test for one file and same result. I meant nothing in fact. I misread your problem. * open a redmine ticket so that we have a better error message, which at least would give us the reason. Ok. Back to your issue: so we found that the module can't be found. We have to find why. Do you use environments? The only reason I can see for not finding the module, is that module doesn't exist in the environment the client think it is. But I'm afraid we will never know if you don't add more debug info in the various files that finds a module from its path. The means adding more debug to: Puppet::Indirector::FileServer#authorized? Puppet::FileServing::Configuration#find_mount ... Hope that helps, -- Brice Figureau My Blog: http://www.masterzen.fr/ --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: how to manage a service that enables a cron
On Wed, 11 Nov 2009 07:17:05 -0800 (PST) jcbollinger jcbollinger wrote: Hi John, If your initscript supports a status argument (as RedHat-provided ones do) then you can instruct Puppet to use it by setting hasstatus = true on your Service resource(s). That's what I understood and I already have it: service {pakiti: enable= true, name = pakiti, start = /etc/init.d/pakiti start, status= /etc/init.d/pakiti status, stop = /etc/init.d/pakiti stop, ensure= running, hasstatus = true, require = Package[pakiti-client], } and here the test: # /etc/init.d/pakiti status nightly pakiti update is enabled # /etc/init.d/pakiti stop Disabling pakiti: [ OK ] # /etc/init.d/pakiti status nightly pakiti update is disabled and I also stop gmond cause they are under same class, so you'll see how puppet only restarts gmond: # /etc/init.d/gmond stop Shutting down GANGLIA gmond: [ OK ] # /etc/init.d/gmond status gmond is stopped # puppetd --test --server server.domain.com info: Caching catalog at /var/lib/puppet/localconfig.yaml notice: Starting catalog run notice: /:main/Node[ce08.domain.com]/basic_sl47_service/local_conf_services/local_conf_basic/Service[gmond]/ensure: ensure changed 'stopped' to 'running' notice: Finished catalog run in 16.77 seconds # /etc/init.d/gmond status gmond (pid 18026) is running... # /etc/init.d/pakiti status nightly pakiti update is disabled If that's not sufficient for you then I'm afraid you'll have to describe your problem in more detail (the Puppet manifest code you're trying to use would be part of that). I'm just trying to control a service that does not run a process but enables a cron (like yum autoupdate or pakiti). Do you mean that I have to use: manifest Specify a command to config a service, or a path to a manifest to do so. any example avaliable? John Thanks for your rpely John! Arnau --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Puppet Not Running chkconfig correctly.
On Nov 10, 10:13 am, Thomas Bellman bell...@nsc.liu.se wrote: The problem is that 'chkconfig service on' does an implicit add of the service; but it does a half-assed job, in that it only adds the start links, not the kill links. Thus, it is very easy to get into the broken state by doing a 'chkconfig --del service', followed by 'chkconfig service on'. I get exactly that behaviour for e.g. the puppetmaster service when I try. I didn't expect that. Why did you have any particular expectation for that scenario at all, though? I agree that chkconfig has some quality-of-implementation issues, but the bottom line is that it has no documented behavior for the scenario you describe. If you want predictable, stable results then you should stick to the documented behaviors of your tools. Layering higher-level tools such as Puppet on top does make it harder to tell whether you are exercising only documented behaviors. It is implicit in Puppet's Service type that it manages a service that is already correctly installed, but perhaps it would be better if the docs were explicit about that. What constitutes a correctly installed service varies by Provider, unfortunately, but it would be well to add those details to the various Providers' descriptions. Following the principle of exercising only documented behavior, I think Puppet's redhat service provider should recognize only those services reported by chkconfig --list. That would prevent Puppet from causing a misconfiguration by turning on a service not already managed by chkconfig. If an ability to register a service with chkconfig is needed (not clear to me that it is), then that should be controlled by a separate parameter. It would be lovely if Service supported specifying the particular runlevels in which a Service should be enabled, and in that context it would make sense for Puppet to ensure that the service was disabled in all other runlevels. The existing enable property could be used for that: the true and false values now defined for it would retain their meanings, but a digit string (e.g. 345) would specify that the service should be enabled in those runlevels and disabled in all others. And for what it's worth, I never use chkconfig --del unless I'm removing the service from the system altogether. If for some reason I need to leave a service on the system that must never automatically run, then I chkconfig --level 0123456 service off. YMMV. John --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] --noop ignored: here's why..
In case anybody else has found their --noop flag (and probably others) ignored with 24.6 here's why, and while this may be a known issue I didn't find it in the discussion board after some searching so wanted to save others.. I can't remember why it was done, but at some point I made puppetd.conf a symlink to puppet.conf. For whatever reason, this causes the flag to get ignored. Removing the symlink and poof it works again. I think I had the symlink there as we have various (and some old) distributions lying around and some needed the older puppetd.conf (more than likely as they were using an older version of puppet). --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Any ideas about this error with upgrading to 0.25.1?
Hi, Could it be that one of your environment doesn't have network-config? Yes they do not. The 'development' env has newer code. Could it be that in 0.25 the client is in this environment instead of being in the one you think it is in? Checked LDAP config and it is in fact in the correct environment. Again the node works with 0.24.8. BTW, how do you tell the client to be in a particular environment? There is currently a bug report about this (ie environment can only be set on the client and not in external_nodes anymore). via LDAP. then it still works with 0.24.8 nodes on a 0.25.1 client. -L --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Any ideas about this error with upgrading to 0.25.1?
BTW, how do you tell the client to be in a particular environment? There is currently a bug report about this (ie environment can only be set on the client and not in external_nodes anymore). Which ticket # is it? Is it this one? http://projects.reductivelabs.com/issues/2748 having the client set the environment you then will run into the chicken and egg syndrome. ie the first time puppet on the node runs it's assumes 'production' then you set the puppet.conf via some method and then next round runs in the proper environment. So also flipping between env will also have the same issue and be one run behind. Without question it makes sense to have the puppetmaster determine this, not the client. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Any ideas about this error with upgrading to 0.25.1?
On 11/11/09 18:14, Larry Ludwig wrote: Hi, Could it be that one of your environment doesn't have network-config? Yes they do not. The 'development' env has newer code. Then that's your issue, because of #2748. Could it be that in 0.25 the client is in this environment instead of being in the one you think it is in? Checked LDAP config and it is in fact in the correct environment. Again the node works with 0.24.8. #2748 make that your 0.25.1 client is not in the environment that your ldap says it must be in. So your client is in the environement which is specified in puppet.conf. BTW, how do you tell the client to be in a particular environment? There is currently a bug report about this (ie environment can only be set on the client and not in external_nodes anymore). via LDAP. then it still works with 0.24.8 nodes on a 0.25.1 client. Because 0.24.8 clients don't send their environment to the master. So the master look it up and comes with what your external_node system returns. The way it works right now in 0.25 is that the client sends the environments with every requests, so the master doesn't even try to look at the external_nodes returned environment and happily do what the client tells him to do. -- Brice Figureau My Blog: http://www.masterzen.fr/ --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Puppet Not Running chkconfig correctly.
jcbollinger wrote: Following the principle of exercising only documented behavior, I think Puppet's redhat service provider should recognize only those services reported by chkconfig --list. That would prevent Puppet from causing a misconfiguration by turning on a service not already managed by chkconfig. If an ability to register a service with chkconfig is needed (not clear to me that it is), then that should be controlled by a separate parameter. As a debianista I obviously haven't touched chkconfig ever. But in the spirit of DWIM, I would expect a provider to do the magic to get (in this case) an init-script under the control of the chosen tool. Regards, DavidS --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Any ideas about this error with upgrading to 0.25.1?
Ugh, now I'm getting another error with Puppet. The above node now works, but deploying it on another node I get this error: Could not retrieve catalog from remote server: Could not intern from pson: Could not convert from pson: Could not find relationship target '' I have set the environment variable in the puppet.conf So I assume this is a completely different error. -L -- Larry Ludwig Empowering Media 1-866-792-0489 x600 Managed and Unmanaged Xen VPSes http://www.hostcube.com/ --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Any ideas about this error with upgrading to 0.25.1?
Ugh, now I'm getting another error with Puppet. The above node now works, but deploying it on another node I get this error: Could not retrieve catalog from remote server: Could not intern from pson: Could not convert from pson: Could not find relationship target '' yes: http://projects.reductivelabs.com/issues/2770 cheers pete --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Cannot create authorized key and user in the same go?
Hi, I'm trying to create an authorized key and a user in one go and I'm not getting anywhere: class users { user { ben : ensure = present, uid = 1010, gid = users, managehome = true, password = blahblah } ssh_authorized_key { ben-key: ensure = present, key= blahblah, type = ssh-dss, user = ben, } } This doesn't work, not even in the 'run it twice' kind of way: Nov 11 23:49:04 mgmt puppetd[20300]: Could not create ben-key: user ben doesn't exist Nov 11 23:49:04 mgmt puppetd[20300]: Configuration could not be instantiated: user ben doesn't exist Commenting out the key will create the user, and uncommenting it after user creation will create the key. Am I missing something painfully obvious? Puppet 24.8 on SUSE 11. I've pared the configuration down to only this; nothing else is going on. Thanks, Ben --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: need help in generating ssh authorize keys
Thanks I manage to do it... On Tue, Nov 10, 2009 at 2:26 PM, ew erhard.w...@gmail.com wrote: hi puppet provides the following function to maintain authorized_key files: http://reductivelabs.com/trac/puppet/wiki/TypeReference#ssh-authorized-key we mange our keys with the following statement: class ssh::authkey { ssh_authorized_key{$my_user: ensure = present, target = '/root/.ssh/authorized_keys2', type = 'ssh-dss', user = 'root', key= $my_authkey, } } hth erhard On Oct 30, 12:40 pm, haris mfha...@gmail.com wrote: just to correct my puppet statement; I am trying to do this but it gives error; file { ${home}/${username}/.ssh/authorized_keys: { ensure = present, ... source = puppet:///users/keys/id_rsa.pub.${username},} but it Gives Error: Failed to retrieve current state of resource: Fileserver module 'users' not mounted Could not describe /users/keys/id_rsa.pub.foo On Oct 30, 12:16 pm, haris mfha...@gmail.com wrote: hi all, I need to generate ssh authorize keys for a list of users hosted on different servers.the users are active and each one has its public key (id_rsa.pub) hosted in 1 server. now what i need to do is to generate the authorize keys from each of their public key. the key is easily generating if public key hosted on the Node but my problem is that all public keys are hosted in 1 machine with a name like id_rsa.pub.foo, where 'foo' is the username. can anybody have any idea how to create the authorized_key in this scenario. Is it possible to generate; file: authorized_keys from source: server/users/keys/id_rsa.pub.foo regards --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Relicensing and copyright, starting with Facter
On Nov 10, 2009, at 1:16 PM, James Turnbull wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Paul Nasrat wrote: I'd like to make sure there is still a low cost of entry to getting patches in - so it should be possible to insert a simple pointer in a ticket to the CLA, it should also be really easy for me to discover (probably based on redmine login) if someone has signed the CLA so I can merge patches efficiently. I can add a link to the top of the New Issue template - we'll create a page that holds the document and a list of those people who've signed it. It should also be possible to modify the user account in Redmine to indicate whether they've signed or not, which might help. -- To my embarrassment I was born in bed with a lady. --Wilson Mizner - Luke Kanies | http://reductivelabs.com | http://madstop.com --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Multiple environments
So I'm trying to get multiple environments to work with puppet 0.25.1 on ubuntu 8.04 and no matter what I do, puppet just completely ignores any environment setting. There's really next to no information in terms of configuration on the multiple environments documentation page (http://reductivelabs.com/trac/puppet/wiki/UsingMultipleEnvironments) other than saying that the following section should be in my puppet.conf file: [main] manifest = /usr/share/puppet/site.pp modulepath = /usr/share/puppet/modules [development] manifest = /usr/share/puppet/development/site.pp modulepath = /usr/share/puppet/development/modules There are other references on web pages and groups to an environments setting under puppetmasterd as well as having a default environment setting in main for the clients but I've tried all of that and nothing works. There's also no reference at all to any environment in debugging mode when I run puppetd --test -- environment=test -d. Am I missing something? Here's a copy of my puppet.conf file: [main] vardir = /var/lib/puppet manifest = /etc/puppet/manifests/site.pp modulepath = /etc/puppet/modules pluginsync = true storeconfigs = true # dbadapter = mysql dbuser = puppet dbpassword = dbserver = mysql.example.com [puppetmasterd] certname=puppet.example.com [testing] manifest=/etc/puppet-testing/manifests/site.pp modulepath=/etc/puppet-testing/modules [production] manifest=/etc/puppet/manifests/site.pp modulepath=/etc/puppet/modules Cheers, Scott --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---