Re: [Puppet Users] parameterized class, external nodes?
On Mon, Aug 30, 2010 at 7:07 AM, Jeff McCune j...@puppetlabs.com wrote: On Fri, Aug 27, 2010 at 2:12 PM, Frederik Wagner fner...@googlemail.com wrote: Alternatively: It seems not to be possible to set the stage metaparameter with a default value in a class definition?! something like this wont run in Stage pre: stage{ pre: before = Stage[main] } class someclass ($stage=pre ) { ... } class { someclass: } Please file this as a bug. http://projects.puppetlabs.com/issues just done Thanks, -Jeff McCune -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] How report errors and random errors in clients
Hello, I am using puppet 2.6.1rc3 in a test environment with AIX, Suse, Debians. Right now there are 5 clients... I am running puppet from cron each 30m (using random minute per host). I have prepared a configuration ready to deploy puppet in all our infrastructure. If I deploy and use it everywhere, need to known each error. That is my first question How is the best way to report failures in puppet configuration? I was using the email aproach, but I am having lots of random errors in clients that make the puppet runs fail and send a report error. For 5 hosts I am receiving around 150 emails/day. I do not known if this is normal. The errors appear once or two times, randomly, and if I execute the client again it works properly. They are usually these kind of errors: Thu Aug 26 18:05:10 +0200 2010 //puppetclient.myhost.com//Stage[main]/Cgx_unixserver::Ad_integration::Debian/Cgx_unixserver::Ad_integration::Debian::Pam_file[common-password]/File[/etc/pam.d/common-password] (err): Could not evaluate: SSL_connect SYSCALL returned=5 errno=0 state=SSLv2/v3 read server hello A Could not retrieve file metadata for puppet:///modules/cgx_unixserver/Linux.ad_integration/debian.pam.d/common-password: SSL_connect SYSCALL returned=5 errno=0 state=SSLv2/v3 read server hello A at /cgx1/puppet/data/development/services/cgx_unixserver/manifests/ad_integration/debian.pp:24 Thu Aug 26 17:49:12 +0200 2010 //puppetclient.myhost.com//Stage[main]/Monit::Base/File[/srv/monit/monit/monit.d] (err): Failed to generate additional resources using 'eval_generate': end of file reached Mon Aug 30 10:36:45 +0200 2010 //puppetclient.myhost.com/Puppet (err): Could not retrieve catalog from remote server: execution expired Mon Aug 30 10:36:45 +0200 2010 //puppetclient.myhost.com/Puppet (err): Cached catalog for puppetclient.myhost.com failed: Could not parse YAML data for catalog puppetclient.myhost.com: allocator undefined for Proc Mon Aug 30 10:36:45 +0200 2010 //puppetclient.myhost.com/Puppet (err): Could not retrieve catalog; skipping run Mon Aug 30 09:57:59 +0200 2010 //puppetclient.myhost.com/Puppet (err): Could not retrieve catalog from remote server: Error 400 on SERVER: SQLite3::BusyException: database is locked: DELETE FROM fact_values WHERE (id IN (205405,205406,205407,205408,205409,205410,205411,205412,205413,205414,205415,205416,205417,205418,205419,205420,205421,205422,205423,205424,205425,205426,205427,205428,205429,205430,205431,205432,205433,205434,205435,205436,205437,205438,205439,205440,205441)) Mon Aug 30 09:57:59 +0200 2010 //puppetclient.myhost.com/Puppet (err): Cached catalog for puppetclient.myhost.com failed: Could not parse YAML data for catalog puppetclient.myhost.com: allocator undefined for Proc Mon Aug 30 09:57:59 +0200 2010 //puppetclient.myhost.com/Puppet (err): Could not retrieve catalog; skipping run Mon Aug 30 12:57:18 +0200 2010 //puppetclient.myhost.com/Puppet (err): Could not save yaml puppetclient.myhost.com: class or module required I also get sometimes some errors from cron output like these: Could not run: method `directory?' called on terminated object (0x2005051c) /usr/local/lib/ruby/site_ruby/1.8/puppet/util/zaml.rb:243: [BUG] Segmentation fault ruby 1.8.7 (2009-06-12 patchlevel 174) [rs6000-aix] /srv/scripts/puppet/puppet.ctl.sh: line 117: 319712 IOT/Abort trap (core dumped) $PUPPETD ${PUPPET_OPTS} ${PUPPET_EXTRA_OPTS} --onetime --no-daemonize --verbose Is this normal? How is the best way to monitor all the puppet network? -- Atentamente Héctor Rivas -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Using service with a specific user
Hi ! I would like to use the type service to ensure that a service is currently started. Is there a way to specify a user that must run start or stop command ? In the same way that exec. Regards, Matt -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] How report errors and random errors in clients
Héctor Rivas Gándara key...@gmail.com writes: I am using puppet 2.6.1rc3 in a test environment with AIX, Suse, Debians. Right now there are 5 clients... I am running puppet from cron each 30m (using random minute per host). I have prepared a configuration ready to deploy puppet in all our infrastructure. If I deploy and use it everywhere, need to known each error. That is my first question How is the best way to report failures in puppet configuration? We monitor the logs the same way we monitor for any other failures in our system. I would generally suggest you take the same approach, since it means you don't have two distinct processes for detecting problems. (In my case, that involves both 'logcheck' as per the Debian package, and Splunk, together with a network-wide reliable log collection facility.) I was using the email aproach, but I am having lots of random errors in clients that make the puppet runs fail and send a report error. For 5 hosts I am receiving around 150 emails/day. I do not known if this is normal. No. You should receive zero error messages per day. The errors appear once or two times, randomly, and if I execute the client again it works properly. They are usually these kind of errors: I bet that you are still using the default webrick puppetmaster configuration, and I see you are using sqlite with storedconfigs. Neither of those is really very good at scale, and scale doesn't mean very many nodes I am afraid. You will probably find life improved by deploying another mode of operation for the puppetmaster daemon, and using a real database (I use PostgreSQL) for storedconfigs. [...] Mon Aug 30 12:57:18 +0200 2010 //puppetclient.myhost.com/Puppet (err): Could not save yaml puppetclient.myhost.com: class or module required That looks troublingly like a local Ruby problem of some sort. I also get sometimes some errors from cron output like these: Could not run: method `directory?' called on terminated object (0x2005051c) /usr/local/lib/ruby/site_ruby/1.8/puppet/util/zaml.rb:243: [BUG] Segmentation fault ruby 1.8.7 (2009-06-12 patchlevel 174) [rs6000-aix] /srv/scripts/puppet/puppet.ctl.sh: line 117: 319712 IOT/Abort trap (core dumped) $PUPPETD ${PUPPET_OPTS} ${PUPPET_EXTRA_OPTS} --onetime --no-daemonize --verbose Is this normal? Core dumps in Ruby are absolutely not normal, and are a sign you should look to upstream Ruby support for fixing the problem with your interpreter. It is hard to say how many of the other errors (other than sqlite locking) might be caused by underlying Ruby problems, so that sounds like a really good place to start on resolving this trouble. Regards, Daniel -- ✣ Daniel Pittman✉ dan...@rimspace.net☎ +61 401 155 707 ♽ made with 100 percent post-consumer electrons -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Using service with a specific user
Matt matthieu.nant...@gmail.com writes: I would like to use the type service to ensure that a service is currently started. Is there a way to specify a user that must run start or stop command? No. Traditionally, the start and stop commands would ensure that the software ran as the correct user internally — most of them map directly to the OS facilities that start and stop services at boot time, which require that. I would strongly advise you follow that same path, because otherwise you risk a tiny typo or user-error resulting in your daemon running as root. Daniel -- ✣ Daniel Pittman✉ dan...@rimspace.net☎ +61 401 155 707 ♽ made with 100 percent post-consumer electrons -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] nginx+passenger+puppet
Hi all, I've used http://projects.puppetlabs.com/projects/1/wiki/Using_Mongrel_Nginx and http://projects/puppetlabs.com/projects/1/wiki/Using_Passenger to try to get puppet set up with nginx, but have had not luck up to this point. nginx successfully sends the request to the application. You can see the session here: http://gist.github.com/553464 Since puppet worked while I was simply running it with puppetmasterd, I'm pretty sure that my nginx/passenger setup is somehow not quite right, and since passenger gets the request from nginx and tries to handle it, I suspect that this has to do with my file/directory structure (also because I get a 404). My problem is that I don't know how to properly troubleshoot this any further. I've got the following file, directory set up: | --${puppet_root} |-- manifests | |-- modules.pp | |-- nodes.pp | `-- site.pp | |-- app | |-- config.ru | |-- public - ${puppet_root}/manifests/ | |-- tmp `-- log and passenger_root is set to ${puppet_root}/app where, like I said, it does indeed seem to find config.ru. So yeah, any help here would be appreciated. I've also asked about this in the channel and couple of people had similar issues. No one was able to help us though, so maybe this will clear some things up for some people. Let me know if you need anything else. I think maybe my manifests, modules and classes might need to be in the app/public folder or something. Regards, Chris -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Definitions in External Nodes
On Sat, Aug 28, 2010 at 4:48 PM, Douglas Garstang doug.garst...@gmail.com wrote: On Sat, Aug 28, 2010 at 3:49 PM, Thomas Bellman bell...@nsc.liu.se wrote: Nigel Kersten wrote: On Sat, Aug 28, 2010 at 9:04 AM, Douglas Garstang doug.garst...@gmail.com wrote: I mean that you need to create a new class for each customer you add. That does not scale. Why can't you have a class that instantiates your defined type? I don't know Douglas' circumstances, but assume you have a web hotel. You then probably have a database of your customers, telling you things like which domain(s) they have, what features they pay for (static pages only, CGI scripts, mod_python, database access, and so on), and how much storage and bandwidth they are paying for. To map all these customers onto your physical machines, you write a Puppet define that is used something like this: virtual_web_host { www.example.com: avg_bandwidth = 4096, # Mbyte/month peak_bandwidth = 2000, # Kbit/s storage = 1536, # Mbyte disk space cgi = true, mod_python = false, postgresql = true; } Since you have your customers in a database, it would be nice to use an external nodes script to basically generate one such resource for each customer domain, and it will probably use some information in the database to balance the virtual hosts over the physical machines. But external nodes scripts *can't* generate resources. You of course don't want to write a new class for each customer, because if you are a largish web hotel you may get dozens of new customers per day (and possibly loose as many), so that would be too much work. But external node classifiers *can't* generate resources. They can only use resources that already exist in the manifests, and affect them by setting variables. There is a way to work around this. You can let the external node classifier set a variable with a value like this: $vhosts = [ dom=www.example.com|avgbw=4096|peakbw=2000|storage=1536|cgi=true|..., dom=www.example.org|avgbw=65536|peakbw=512|storage=600|cgi=false|..., dom=www.example.net|avgbw=512|peakbw=100|storage=2500|cgi=true|..., ... ] (although the script needs to output it using YAML syntax, of course), and tell Puppet to include a class all-vhosts. The manifest files would contain code looking something like this: class all-vhosts { ext_virtual_web_host { $vhosts: ; } } define ext_virtual_web_host() { $domain = extract_field('dom', $name) $avgbw = extract_field('avgbw', $name) $peakbw = extract_field('peakbw', $name) $storage = extract_field('storage', $name) $cgi = extract_field('cgi', $name) $mod_python = extract_field('mod_python', $name) $postgresql = extract_field('postgresql', $name) virtual_web_host { $domain: avg_bandwidth = $avgbw, peak_bandwidth = $peakbw, storage = $storage, cgi = $cgi, mod_python = $mod_python, postgresql = $postgresql; } } And then a custom function extract_field() for parsing the strings. Doable, but not very pretty... Those strings are of course a kind of dictionary/hash/mapping, and Puppet 2.6 has support for dictionaries directly. But that would only help you if 2.6 allows you to have a dictionary as the title/name for a resource; I haven't checked, but I would guess that you can only use strings for titles/names. It would be much easier if external node classifiers could define resources directly, instead of having to do something like the above. But I seem to remember Luke saying that they are planning to add that functionality sometime in the future; I don't think they have set a timeline for it yet, though Thomas, thanks for the detailed description. Nigel, Thomas pretty much nailed the issue on the head. It's not practical to add a new class every time you add a customer. The extract_field customer function doesn't exist yet, and I'm not a ruby programmer, so it won't exist any time soon. Even if it did, it's an ugly hack. This is much clearer now. Can you not solve this problem with extlookup now rather than having to write custom functions? Either key the relevant data off a base variable, or set the key to lookup info for in the external node provider? I like this approach because it keeps the data and the model nicely separated, rather than whacking data into the external node provider. Doug. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit
[Puppet Users] #3933 - making puppetd fail as soon as a resource fails.
http://projects.puppetlabs.com/issues/3933 This seems worthy of collecting more feedback... Anyone else interested in this feature? How would you want it to be implemented? -- nigel -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] How report errors and random errors in clients
We monitor the logs the same way we monitor for any other failures in our system. I would generally suggest you take the same approach, since it means you don't have two distinct processes for detecting problems. (In my case, that involves both 'logcheck' as per the Debian package, and Splunk, together with a network-wide reliable log collection facility.) Yes, probably that is the best aproach. I was thinking on use email+puppet-dashboard, but email is a bad idea and puppet-dashboard is too slow (at least my experience) The errors appear once or two times, randomly, and if I execute the client again it works properly. They are usually these kind of errors: I bet that you are still using the default webrick puppetmaster configuration, and I see you are using sqlite with storedconfigs. Neither of those is really very good at scale, and scale doesn't mean very many nodes I am afraid. You will probably find life improved by deploying another mode of operation for the puppetmaster daemon, and using a real database (I use PostgreSQL) for storedconfigs. You are right, I am using both of them... but I thougth that It could scale to 20 clients... I will setup mysql+mongrel. I will tell you if this solves the problem. Segmentation fault ruby 1.8.7 (2009-06-12 patchlevel 174) [rs6000-aix] /srv/scripts/puppet/puppet.ctl.sh: line 117: 319712 IOT/Abort trap (core dumped) $PUPPETD ${PUPPET_OPTS} ${PUPPET_EXTRA_OPTS} --onetime --no-daemonize --verbose Is this normal? Core dumps in Ruby are absolutely not normal, and are a sign you should look to upstream Ruby support for fixing the problem with your interpreter. Well, it was on a AIX system and coredumps does not appear too often. I will try to send them the core. -- Regards Hector Rivas -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Using service with a specific user
The way you make the service start/stop by a specific user is to make sure the OS-standard start/stop script do su/sudo at the correct point. On Mon, Aug 30, 2010 at 6:43 AM, Daniel Pittman dan...@rimspace.net wrote: Matt matthieu.nant...@gmail.com writes: I would like to use the type service to ensure that a service is currently started. Is there a way to specify a user that must run start or stop command? No. Traditionally, the start and stop commands would ensure that the software ran as the correct user internally — most of them map directly to the OS facilities that start and stop services at boot time, which require that. I would strongly advise you follow that same path, because otherwise you risk a tiny typo or user-error resulting in your daemon running as root. Daniel -- ✣ Daniel Pittman✉ dan...@rimspace.net☎ +61 401 155 707 ♽ made with 100 percent post-consumer electrons -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.compuppet-users%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet 2.6.1rc2 does not honor agent's --tags option
Jean-Baptiste Quenot wrote: After upgrading Puppet from 0.24.8 to 2.6.1rc2 at my company, I notice that puppet agent's --tags option is not honored anymore: Did you happen to file a ticket for this yet? I need to test more myself, but I believe I saw this the other day too, with rc3. -- ToddOpenPGP - KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~ Years ago fairy tales all began with Once upon a time..., now we know they all begin with, If I am elected... -- Carolyn Warner pgpLRW6aim9zA.pgp Description: PGP signature
Re: [Puppet Users] Definitions in External Nodes
On 8/30/2010 9:44 AM, Nigel Kersten wrote: This is much clearer now. Can you not solve this problem with extlookup now rather than having to write custom functions? Either key the relevant data off a base variable, or set the key to lookup info for in the external node provider? I like this approach because it keeps the data and the model nicely separated, rather than whacking data into the external node provider. If the extlookup() function supported other than just CSV files now, it would be more attractive. My instance, most of this information has to be derived in the external node classifier, this would entail some sort of periodic extraction to generate the extra data source. Besides, isn't the node classifier intended to provide the driving data (e.g., parameters) for the models? As well as calling out the nodes classes? -Alan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Definitions in External Nodes
On Mon, Aug 30, 2010 at 5:35 PM, Alan Sparks aspa...@doublesparks.net wrote: On 8/30/2010 9:44 AM, Nigel Kersten wrote: This is much clearer now. Can you not solve this problem with extlookup now rather than having to write custom functions? Either key the relevant data off a base variable, or set the key to lookup info for in the external node provider? I like this approach because it keeps the data and the model nicely separated, rather than whacking data into the external node provider. If the extlookup() function supported other than just CSV files now, it would be more attractive. My instance, most of this information has to be derived in the external node classifier, this would entail some sort of periodic extraction to generate the extra data source. Besides, isn't the node classifier intended to provide the driving data (e.g., parameters) for the models? As well as calling out the nodes classes? I'm not disagreeing with you. It could be better, just pointing out an option. I have custom functions for pulling data out of yaml files, and strongly prefer to keep that data separate to the actual code in my node classifier, so it doesn't really matter to me whether the data is directly interrogated by the node classifier, or pulled out by functions inside manifests based upon a key that the node classifier sets. -Alan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- nigel -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Using service with a specific user
Brian Gallew g...@gallew.org writes: G'day Brian. The mechanism for ensuring your software runs with the right privileges actually varies a lot: some providers (like launchd) handle that internally, other platforms (like Debian) provide specific tools to do it. Additionally, many applications integrate this support, especially tools that require some period of execution with elevated privileges (like Apache). However, for writing your own scripts the use of su or sudo can be effective; my personal preference is to use a tool like daemon[1] that wraps up a whole lot of the things that su doesn't for starting a daemon. Regards, Daniel The way you make the service start/stop by a specific user is to make sure the OS-standard start/stop script do su/sudo at the correct point. On Mon, Aug 30, 2010 at 6:43 AM, Daniel Pittman dan...@rimspace.net wrote: Matt matthieu.nant...@gmail.com writes: I would like to use the type service to ensure that a service is currently started. Is there a way to specify a user that must run start or stop command? No. Traditionally, the start and stop commands would ensure that the software ran as the correct user internally — most of them map directly to the OS facilities that start and stop services at boot time, which require that. I would strongly advise you follow that same path, because otherwise you risk a tiny typo or user-error resulting in your daemon running as root. Daniel -- ✣ Daniel Pittman ✉ dan...@rimspace.net ☎ +61 401 155 707 ♽ made with 100 percent post-consumer electrons -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl =en. Footnotes: [1] http://www.libslack.org/daemon/ -- ✣ Daniel Pittman✉ dan...@rimspace.net☎ +61 401 155 707 ♽ made with 100 percent post-consumer electrons -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.