[Puppet Users] subscribe is not restarting the service even though the file has changed :(
Hi All, I am managing the config files of a service through puppet. This config file is being created through 2 separate modules and concatenated together. I am trying to modify the manifest in the module that installs the service so that whenever this config file changes (when the portion that comes from the 2nd module is concatenated to it), the service should restart. I tried using the notify/subscribe parameter here, but the service does not restart even though the content of the file gets changed. However, if I use the notify parameter on the second module by associating it with the service created by the first module, the service gets restarted. I DO NOT want to do this way because it creates a dependency between these two modules which otherwise have been exclusive of one another. Is there some way around this? The change in the config file content is happening only at the portion that is being modified by the second module. But still, since I have used a subscribe parameter on the config, I believe that irrespective of which part of the file gets modified, the service must restart. Does anybody have any idea if my understanding is correct or a way to work around this? Any help would be highly appreciated!!! service {DE_${service_name}: enable = true, ensure = true, hasrestart = true, hasstatus = true, subscribe = File[${service_base_config_dir}/serverConfig.properties] } -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/H3Hucc2tV0AJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Hiera and The Forge
Is there any metadata in the forge that would allow me to search if the module is built with Hiera support? I am just now getting around to running smoothly, and it would be great to be able to see what you other masters have designed. Thanks, Tony -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/G8zATYfcEAIJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] run puppet for few modules only, not for all catalogue
I am looking the way to apply only few selected modules to the puppet node instead of all catalogue. I need this step to be done as the part of the maintenance. As of now the only idea I have - is to expose puppet tree via nfs or HTTP, download/mount only modules I need and run puppet in standalone mode like puppet --apply. Just wandering if there are a better way to do it? PS: sent it by email, but don't see my post, sorry if it will be duplicate -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/1u_WWKkrWKkJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] `require': cannot load such file -- puppet/util/command_line (LoadError)
Hi all in a VM running openSUSE 12.1 (x86_64) trying to play with puppet produces this error # ruby --version ruby 1.9.3p0 (2011-10-30 revision 33570) [x86_64-linux] # puppet --version /usr/local/lib64/ruby/1.9.1/rubygems/custom_require.rb:36:in `require': cannot load such file -- puppet/util/command_line (LoadError) from /usr/local/lib64/ruby/1.9.1/rubygems/custom_require.rb:36:in `require' from /usr/bin/puppet:3:in `main' don't know what (or how I've stuffed up) but I cannot find the puppet/application dir anywhere tried zypper remove puppet ( puppet-server) and reinstalling, but still produces same error any thoughts, ideas, pointers would be helpful... have googled for this error in google groups newbie with ruby puppet relative newbie with linux very comp literate otherwise TiA ColinDNZ -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/mezImEFmjysJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Hiera vs LDAP
On 07/18/2012 05:42 PM, Aaron Grewell wrote: On Wed, Jul 18, 2012 at 2:09 PM, Trevor Vaughan tvaug...@onyxpoint.com wrote: So, I was following the thread how to conditionally add users to a virtualized group? and had a bit of a realization that I'm not quite sure why Hiera is a better backend than LDAP. In our environment at least, messing around with the LDAP schema is a non-starter. I can change my Hiera setup any time. That alone makes it better for me. Along that line, it would be more flexible to write an LDAP backend for hiera. That way, you could use company-wide attributes and overwirte them or augment them in hiera, as needed. Jason -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: rspec-puppet and puppet doc conflicts
Perhaps make your puppet doc rake task depend on the spec_clean task? It seems like you may not need the symlinks created by rspec-puppet-init as a dynamic fixture environment is created via .fixtures.yml. Mark On Wednesday, July 18, 2012 5:35:44 PM UTC-4, llo...@oreillyauto.com wrote: I recently started trying to use rspec-puppet and puppetlabs-rspec-helper. When I ran 'rspec-puppet-init' in one o fmy modules, it created a series of symlinks. Now, when I run puppet doc (via a rake task supplied by The Foreman, but also when I call it directly) I get the following error: Could not generate documentation: Definition 'mongodb::addmongouser' is already defined at /etc/puppet/environments/test/modules/mongodb/spec/fixtures/modules/mongodb/manifests/addmongouser.pp:36; cannot be redefined at /etc/puppet/environments/test/modules/mongodb/manifests/addmongouser.pp:36 Failed to process puppetdocs for /var/www/test while executing puppetdoc --output /var/www/test --modulepath /etc/puppet/environments/test/modules:/etc/puppet/modules -m rdoc What's the best way to handle this, w/o having to constantly have to delete and recreate the symlinks created by rspec-puppet ? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/QyMdr4P-wKEJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Hiera vs LDAP
On Wednesday, July 18, 2012 4:09:42 PM UTC-5, Trevor Vaughan wrote: So, I was following the thread how to conditionally add users to a virtualized group? and had a bit of a realization that I'm not quite sure why Hiera is a better backend than LDAP. Hiera: - Stores hierarchical data locally on your system - Uses YAML - Integrates with puppet That's not actually a very good description of Hiera. It describes the combination of the built-in data backend shipped with hiera, whose use is optional, with the Puppet integration layer, which is packaged separately. None of it describes the hiera core, which I would describe as a framework for selecting and combining data from various sources based on a user-defined priority hierarchy. LDAP - Stores hierarchical data across potentially multiple systems (think puppet master scaling and data sync) - Uses LDIFs - Needs some glue code written However, both are hierarchical databases based on 'read often/write rarely' principals. No, I don't think they're actually very comparable. The Hiera core is an hierarchically-oriented data access framework, compatible (in principle) with a wide variety of databases. The two are not on the same level. Indeed, as you acknowledged, it would be feasible to write a hiera back-end that accessed data from an LDAP directory. That would be comparable to hiera's YAML back-end, but not to the hiera core. Besides the glue code to make LDAP do Hiera-like things, what are the issues? It also seems that using a well known and supported system, such as LDAP, would foster greater enterprise support (except in those places where you have to spawn your own due to insane directory admins). I'm not saying that LDAP wouldn't be a good data repository for Puppet. You're quite right that it is well understood and widely deployed. I am certain that there are LDAP backends out there for extlookup(), and perhaps also for Hiera. There are probably also be custom data access functions for LDAP in some shops. I don't think there are any fundamental issues blocking its use with Puppet. On the other hand, LDAP is far too heavyweight to be viable as the singular primary data source for Puppet, and Puppet needs such a thing to make an ecosystem of modules viable. And, yes, I know that a hiera back-end could be written to support LDAP but that would just be an unnecessary data transference if I'm reading it right. I'm not sure what you mean by that, but the advantages of accessing LDAP via hiera include: 1. Abstraction. Module authors don't need to care where data comes from. 2. Pluggability. The LDAP back-end could be swapped out for a different one. That's useful for testing, or for non-LDAP shops to use the same modules as LDAP shops. 3. Combining and overriding data. Data packaged with modules or added / overridden by admins don't need to be recorded in LDAP. Depending on how you do your accounting, there may not even be any more layers in an hiera-based stack. Any way around, getting the data into puppet means going through a Puppet custom function that wraps an LDAP client that gets data from your directory. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/uzrZymh0MHQJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Hiera vs LDAP
- Original Message - From: jcbollinger john.bollin...@stjude.org To: puppet-users@googlegroups.com Sent: Thursday, July 19, 2012 2:06:43 PM Subject: [Puppet Users] Re: Hiera vs LDAP And, yes, I know that a hiera back-end could be written to support LDAP but that would just be an unnecessary data transference if I'm reading it right. I'm not sure what you mean by that, but the advantages of accessing LDAP via hiera include: 1. Abstraction. Module authors don't need to care where data comes from. 2. Pluggability. The LDAP back-end could be swapped out for a different one. That's useful for testing, or for non-LDAP shops to use the same modules as LDAP shops. 3. Combining and overriding data. Data packaged with modules or added / overridden by admins don't need to be recorded in LDAP. Depending on how you do your accounting, there may not even be any more layers in an hiera-based stack. Any way around, getting the data into puppet means going through a Puppet custom function that wraps an LDAP client that gets data from your directory. And as of puppet 3 you will get built in integration of hiera into parameterized classes - without the need for calling any custom functions or assigning local variables. This means all parameterized class written to date will automatically become hiera enabled. And by extension become LDAP enabled if you just wrote an LDAP backend for hiera. The cost of an additional abstraction really just doesnt feature when considering this and Johns excellent points. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: subscribe is not restarting the service even though the file has changed :(
On Thursday, July 19, 2012 4:29:53 AM UTC-5, Praveen Shivashankar wrote: Hi All, I am managing the config files of a service through puppet. This config file is being created through 2 separate modules and concatenated together. I am trying to modify the manifest in the module that installs the service so that whenever this config file changes (when the portion that comes from the 2nd module is concatenated to it), the service should restart. I tried using the notify/subscribe parameter here, but the service does not restart even though the content of the file gets changed. However, if I use the notify parameter on the second module by associating it with the service created by the first module, the service gets restarted. I DO NOT want to do this way because it creates a dependency between these two modules which otherwise have been exclusive of one another. That doesn't make sense. You have a dependency whether you subscribe in one direction or notify in the opposite direction. The two modules cannot be exclusive. Moreover, they *should not* be exclusive. It doesn't make sense to manage a service and its config file independently of one another. Is there some way around this? The change in the config file content is happening only at the portion that is being modified by the second module. But still, since I have used a subscribe parameter on the config, I believe that irrespective of which part of the file gets modified, the service must restart. Does anybody have any idea if my understanding is correct or a way to work around this? Any help would be highly appreciated!!! Puppet subscribe / notify relationships respond to changes in the *Puppet*resources on the precedent side (the target of the subscribe or the source of the notify). It is possible -- but unwise -- to set things up so that those resources do not model all the properties of the physical resource that you want to respond to. It sounds like that's probably what's happening here. service {DE_${service_name}: enable = true, ensure = true, hasrestart = true, hasstatus = true, subscribe = File[${service_base_config_dir}/serverConfig.properties] } That setup will cause the service to be restarted if any of the properties managed via File[${service_base_config_dir}/serverConfig.properties] are changed, *as determined by that resource*. If something else is done to the underlying file via another resource then the File knows nothing of it and will not broadcast an event. You have left out the most important parts, which are the multiple declarations by which you manage file ${service_base_config_dir}/serverConfig.properties. I can't give you specific advice without understanding what you're doing / trying to do. In general, however, there are multiple possible approaches: 1. Combine the declarations managing your file into a single resource, and make your service subscribe to that. That resource might be a File, an instance of a local defined type, or a resource from the Concat module, for instance. 2. Have your service subscribe to all resources managing parts of the file, instead of just one. To do that, the value assigned to its 'subscribe' property should be an array of the needed resource references. 3. Use 'notify' going in the other direction, from each resource managing part of the file to the service it configures. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/83n1YkCTZW8J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Installing and configuring puppetmaster-passenger
Hi, On 07/13/2012 08:26 AM, kalaniS wrote: debug: Finishing transaction -614452648 debug: Using cached certificate for ca debug: Using cached certificate for cd-vgpereravos.domain.com debug: Finishing transaction -614639588 debug: Executing '/etc/puppet/etckeeper-commit-pre' debug: Using cached certificate for ca debug: Using cached certificate for cd-vgpereravos.domain.com debug: Using cached certificate_revocation_list for ca debug: catalog supports formats: b64_zlib_yaml dot pson raw yaml; using pson err: Could not retrieve catalog from remote server: execution expired warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run master communication does work in and of itself, but the agent is not receiving a catalog, the transaction times out. Are there logs on the puppetmaster that indicate a problem? If not, you may want to turn on debugging in your master configuration. HTH, Felix -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Integrating Ruby methods into Puppet classes
Hello all, I am new to puppet and I am currently designing a set of deployment rules for our company web servers. The Puppet DSL brings me quite far, but now I could really use the possibility to extend the DSL with one or two ruby functions. Example: I would like to iterate over all the IP addresses of a system, picking out only those which match a certain criteria. There are method-like things in the DSL, like the template(...) method for the file class. Now my question is: Is that possible in general? And if yes - where is a point where I can read up on this? I am a Ruby Noob (tm) but firm in quite a few other languages, so some rough hands-on documentation on how to start should be enough. Thanks for any answers :) /Axel. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/FT4gNfz2lnQJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: create_resources function and puppet enc
On Wednesday, July 18, 2012 6:13:11 PM UTC-5, Arun S A G wrote: Hi, I am trying to create multiple users using puppet. I have created a ENC and trying to use class wrapped defined types with create_resources function. For some reason things are falling apart. I would really appreciate some help on these Here are the details about my classes and configuration http://serverfault.com/questions/409001/create-resources-function-and-puppet-enc There are at least three kinds of problems there: 1. resource names in resource references should be capitalized. For example: require = [ User[$uname] ] 2. you are trying to pass parameters (jeckman, saga, sandipb, and vartika) to non-parametrized class 'users'. 3. your class 'users' is passing a previously-undefined variable $users to the create_resources function The quickest fix to get this working would probably be to add a parameter $users to class users, and to update your ENC to wrap the individual user hashes ('jeckman', etc.) in an outer hash 'users': classes: users: users: jeckman: comment: Jack gid: 100 [...] That says class users should be assigned to the node, and the value of its parameter users should be the specified hash of hashes. With that said, I have to add that you probably should not be fiddling with an ENC as you first start out. Small sites rarely get much advantage from an ENC, and few indeed are the sites that will benefit from a custom-built one. Additionally, I generally advise everyone to avoid parametrized classes. They introduce pitfalls that newbies generally are not equipped to recognize or appreciate. If you want to define data, such as user properties, outside your Puppet manifests then do look into adding Hiera to your puppetmaster. That's Puppetlabs chosen direction. With hiera you use a Puppet function to load your data instead of feeding it in via a parameter. (Puppet 3 will allow you to combine class parameters with data lookup, but it's not quite ready for release yet.) John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/i2EbtMyf-9oJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Integrating Ruby methods into Puppet classes
- Original Message - From: Axel Bock axel.b...@arbeitsagentur.de To: puppet-users@googlegroups.com Sent: Thursday, July 19, 2012 2:54:36 PM Subject: [Puppet Users] Integrating Ruby methods into Puppet classes Hello all, I am new to puppet and I am currently designing a set of deployment rules for our company web servers. The Puppet DSL brings me quite far, but now I could really use the possibility to extend the DSL with one or two ruby functions. Example: I would like to iterate over all the IP addresses of a system, picking out only those which match a certain criteria. There are method-like things in the DSL, like the template(...) method for the file class. Now my question is: Is that possible in general? And if yes - where is a point where I can read up on this? I am a Ruby Noob (tm) but firm in quite a few other languages, so some rough hands-on documentation on how to start should be enough. You can write your own functions http://docs.puppetlabs.com/guides/custom_functions.html Puppet ships with quite a few http://docs.puppetlabs.com/references/stable/function.html And there is a good library called puppetlabs-stdlib with many more https://github.com/puppetlabs/puppetlabs-stdlib -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] run puppet for few modules only, not for all catalogue
Thanks a lot Martin! This is exactly what I need. On 19 Jul 2012, at 12:44, Martin Alfke tux...@gmail.com wrote: Hi On 19.07.2012, at 11:52, Andrew wrote: I am looking the way to apply only few selected modules to the puppet node instead of all catalogue. I need this step to be done as the part of the maintenance. If you are using modules you can use tags. Each module is also a tag. Example you have three modules: moduledir/apache/manifests... moduledir/mysql/manifests... moduledir/base/manifests... you can use tags to run one or some modules only: puppet agent --test --tags=apache puppet agent --test --tags=apache,mysql hth, Martin As of now the only idea I have - is to expose puppet tree via nfs or HTTP, download/mount only modules I need and run puppet in standalone mode like puppet --apply. Just wandering if there are a better way to do it? PS: sent it by email, but don't see my post, sorry if it will be duplicate -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/1u_WWKkrWKkJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: subscribe is not restarting the service even though the file has changed :(
What I have done with all my service resources is I declared the start, stop, restart and status parameters. I've never had a problem with subscriptions and notifications. On Thursday, July 19, 2012 5:29:53 AM UTC-4, Praveen Shivashankar wrote: Hi All, I am managing the config files of a service through puppet. This config file is being created through 2 separate modules and concatenated together. I am trying to modify the manifest in the module that installs the service so that whenever this config file changes (when the portion that comes from the 2nd module is concatenated to it), the service should restart. I tried using the notify/subscribe parameter here, but the service does not restart even though the content of the file gets changed. However, if I use the notify parameter on the second module by associating it with the service created by the first module, the service gets restarted. I DO NOT want to do this way because it creates a dependency between these two modules which otherwise have been exclusive of one another. Is there some way around this? The change in the config file content is happening only at the portion that is being modified by the second module. But still, since I have used a subscribe parameter on the config, I believe that irrespective of which part of the file gets modified, the service must restart. Does anybody have any idea if my understanding is correct or a way to work around this? Any help would be highly appreciated!!! service {DE_${service_name}: enable = true, ensure = true, hasrestart = true, hasstatus = true, subscribe = File[${service_base_config_dir}/serverConfig.properties] } -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/8VP9YqE7lKIJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Hiera and The Forge
Not explicitly. The forge primarily uses simple tags as metadata. For what it's worth, any module that uses class parameters will automatically work with hiera in Puppet 3.x. We won't be releasing 3.0 for awhile, but it would be great to get your feedback on the 3.x branch on Github. -Jeff On Wednesday, July 18, 2012, Tony Hays wrote: Is there any metadata in the forge that would allow me to search if the module is built with Hiera support? I am just now getting around to running smoothly, and it would be great to be able to see what you other masters have designed. Thanks, Tony -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/G8zATYfcEAIJ. To post to this group, send email to puppet-users@googlegroups.comjavascript:_e({}, 'cvml', 'puppet-users@googlegroups.com'); . To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com javascript:_e({}, 'cvml', 'puppet-users%2bunsubscr...@googlegroups.com');. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: cert issues, puppet agent applying configs, problems oh my!
Hmm. My first response appears to have been eaten. My apologies if this ends up being a duplicate. On Wednesday, July 18, 2012 4:21:50 PM UTC-5, Zippy Zeppoli wrote: So I'm new to puppet and I'm having a bear of a time just getting a test server going. Welcome! I installed puppet and the puppet client via yum on CentOS on AWS, so that saved me some time. I followed a few various blog posts about getting everything set up and applying a file, etc. Now I am trying to install a module (puppetlabs/apache) and it's failing miserably for me. I installed the module on the puppetmaster, and then tried running a test command to pull down the configs: # puppet agent --verbose --test dnsdomainname: Unknown host dnsdomainname: Unknown host notice: Ignoring --listen on onetime run dnsdomainname: Unknown host dnsdomainname: Unknown host info: Caching catalog for ip-10* info: Applying configuration version '1342645763' info: FileBucket adding {md5}e92bea7e9d70a9ecdc61edd7c0a2f59a info: /File[/etc/httpd/conf.d/README]: Filebucketed /etc/httpd/conf.d/README to puppet with sum e92bea7e9d70a9ecdc61edd7c0a2f59a notice: /File[/etc/httpd/conf.d/README]/ensure: removed info: /File[httpd_vdir]: Scheduling refresh of Service[httpd] info: FileBucket adding {md5}2674ddafcede67ed823db6e09c8c8985 info: /File[/etc/httpd/conf.d/authz_ldap.conf]: Filebucketed /etc/httpd/conf.d/authz_ldap.conf to puppet with sum 2674ddafcede67ed823db6e09c8c8985 notice: /File[/etc/httpd/conf.d/authz_ldap.conf]/ensure: removed info: /File[httpd_vdir]: Scheduling refresh of Service[httpd] info: FileBucket adding {md5}98bb7dc6a56eba83a0f9713eec2d85ba info: /File[/etc/httpd/conf.d/perl.conf]: Filebucketed /etc/httpd/conf.d/perl.conf to puppet with sum 98bb7dc6a56eba83a0f9713eec2d85ba notice: /File[/etc/httpd/conf.d/perl.conf]/ensure: removed info: /File[httpd_vdir]: Scheduling refresh of Service[httpd] info: FileBucket adding {md5}8b0da169a5f7963b6bf28f9d8de7785f info: /File[/etc/httpd/conf.d/proxy_ajp.conf]: Filebucketed /etc/httpd/conf.d/proxy_ajp.conf to puppet with sum 8b0da169a5f7963b6bf28f9d8de7785f notice: /File[/etc/httpd/conf.d/proxy_ajp.conf]/ensure: removed info: /File[httpd_vdir]: Scheduling refresh of Service[httpd] info: FileBucket adding {md5}547f3a175849ad68a7a1a6d65df1afd5 info: /File[/etc/httpd/conf.d/python.conf]: Filebucketed /etc/httpd/conf.d/python.conf to puppet with sum 547f3a175849ad68a7a1a6d65df1afd5 notice: /File[/etc/httpd/conf.d/python.conf]/ensure: removed info: /File[httpd_vdir]: Scheduling refresh of Service[httpd] info: FileBucket adding {md5}17c85a1796be14bdac36d34f25b955b0 info: /File[/etc/httpd/conf.d/ssl.conf]: Filebucketed /etc/httpd/conf.d/ssl.conf to puppet with sum 17c85a1796be14bdac36d34f25b955b0 notice: /File[/etc/httpd/conf.d/ssl.conf]/ensure: removed info: /File[httpd_vdir]: Scheduling refresh of Service[httpd] info: FileBucket adding {md5}d1e9d20dbcec6fe4237204f214284e95 info: /File[/etc/httpd/conf.d/webalizer.conf]: Filebucketed /etc/httpd/conf.d/webalizer.conf to puppet with sum d1e9d20dbcec6fe4237204f214284e95 notice: /File[/etc/httpd/conf.d/webalizer.conf]/ensure: removed info: /File[httpd_vdir]: Scheduling refresh of Service[httpd] info: FileBucket adding {md5}98540d3009ecc6435d8770c24a71258a info: /File[/etc/httpd/conf.d/welcome.conf]: Filebucketed /etc/httpd/conf.d/welcome.conf to puppet with sum 98540d3009ecc6435d8770c24a71258a notice: /File[/etc/httpd/conf.d/welcome.conf]/ensure: removed info: /File[httpd_vdir]: Scheduling refresh of Service[httpd] notice: /Stage[main]/Apache/Service[httpd]/enable: enable changed 'false' to 'true' notice: /Stage[main]/Apache/Service[httpd]: Triggered 'refresh' from 8 events notice: Finished catalog run in 2.06 seconds Looks good right? Until I try to run it for real: It seems you have a misconception there. The --test option does not instruct puppet to run without changing the system (that option is spelled --noop). Instead, it is a shortcut for --debug --no-daemonize, and probably one or two other options that don't spring immediately to mind. So you already did run puppet for real. [root@ip-10-*~]# puppet agent --verbose dnsdomainname: Unknown host dnsdomainname: Unknown host Could not prepare for execution: Could not create PID file: /var/run/puppet/agent.pid Does directory /var/run/puppet exist? Does the puppet agent have write access to it? (Don't neglect to consider SELinux if you're running it in enforcing mode.) I also tried forcing it down from the master to no avail: # puppetrun --host pclient Triggering pclient Host pclient failed: hostname was not match with the server certificate pclient finished with exit code 2 Failed: pclient That has no nope of working unless the client is running and has --listen enabled. That was not the case, you showed, and I don't recommend it anyway. The bit about the certificate could
[Puppet Users] auto generate client certificates for deployment installation solution
Dear all, I'm looking for a solution which manages generation and installation of client certificates. This is required we have a lot of re-installations, so we want to reuse already in place certificates. For security it is sufficient that the host to be part of our-domain.com The solution that comes closest to this requirement is this http://www.google.de/url?sa=trct=jq=esrc=ssource=webcd=1ved=0CFcQFjAAurl=http%3A%2F%2Fpuppet-manifest-share.googlecode.com%2Ffiles%2Fpuppet_certificate.pdfei=th4IUK__FMTZtAaxqdSYAwusg=AFQjCNFinQKIAjCpcpltaq1ST01rjYb3xAby http://code.google.com/u/huangmingyou/ but I haven't heard of anyone using it. Has anyone tried this out yet or has a similar setup or solution? Are the scripts gen_cert_tgz.sh and gen_agent_cert.sh described in the document available for download somewhere else? Thanks in advance. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/fqQDMooPpDgJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Problems granting privileges with puppetlabs/mysql
First off, I'm not sure if I should be asking questions about puppetlabs modules here, if not, I apologise... I'm trying to at least setup my mysql replication user through the mysql module, but I seem to be unable to divine the correct way to do this. I've tried a number of different variations, but my user doesn't get the repl_slave_priv on my user table... This is the relevant part of my manifest: - database_user { repl_slave@%: password_hash = mysql_password(' ... '), } database_grant { repl_slave@%/*.*: privileges = ['repl_slave_priv'], } The puppet run doesn't raise an error, it says: notice: /Stage[main]/Db::Repl_user/Database_grant[repl_slave@%/*.*]/privileges: privileges changed '' to 'repl_slave_priv' But it does so at each puppet run, so clearly it's actually NOT changing privileges to 'repl_slave_priv'. This seems like a pretty big bug to me. If it fails, it should tell me it fails, not pretend it worked. Also, when I check on the actual user table I indeed see no repl_slave_priv granted to this user... I've also tried 'replication slave' (which is what you do in a GRANT x incantation) and 'repl_slave'. A little more documentation for the module would be a great help here... Thanks for any pointers, Thijs -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/v7NNyzpAPJ0J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Problem with puppet-concat
- Original Message - From: Mark m...@omzig.co.nz To: puppet-users@googlegroups.com Sent: Thursday, July 19, 2012 5:01:21 PM Subject: [Puppet Users] Problem with puppet-concat Hi I am developing a module to create a simple nas for my work and I am using the concat module to assemble /etc/exports and /etc/samba/smb.conf . I developed my module on my puppet development server and concat worked like a charm, however when I rolled it out to my live servers if kept on failing with the following error: err: Failed to apply catalog: Could not find dependent Exec[concat_/etc/exports] for File[/_etc_exports/fragments/2_exports_ART_DATA] at /etc/puppet/environment/testing/modules/concat/manifests/fragment.pp:48 this suggests you're doing a nas::fileshare{..} without doing class{nas:}. would need to see the code where you're using the class and define too. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Hiera vs LDAP
All, Thanks for the responses, I'm certainly seeing the benefits of Hiera over a direct LDAP interface but I do think that an LDAP interface and schema should be on the roadmap. Also, you might want to summarize some of this and add it to the Hiera Wiki. Thanks! Trevor On Thu, Jul 19, 2012 at 9:12 AM, R.I.Pienaar r...@devco.net wrote: - Original Message - From: jcbollinger john.bollin...@stjude.org To: puppet-users@googlegroups.com Sent: Thursday, July 19, 2012 2:06:43 PM Subject: [Puppet Users] Re: Hiera vs LDAP And, yes, I know that a hiera back-end could be written to support LDAP but that would just be an unnecessary data transference if I'm reading it right. I'm not sure what you mean by that, but the advantages of accessing LDAP via hiera include: 1. Abstraction. Module authors don't need to care where data comes from. 2. Pluggability. The LDAP back-end could be swapped out for a different one. That's useful for testing, or for non-LDAP shops to use the same modules as LDAP shops. 3. Combining and overriding data. Data packaged with modules or added / overridden by admins don't need to be recorded in LDAP. Depending on how you do your accounting, there may not even be any more layers in an hiera-based stack. Any way around, getting the data into puppet means going through a Puppet custom function that wraps an LDAP client that gets data from your directory. And as of puppet 3 you will get built in integration of hiera into parameterized classes - without the need for calling any custom functions or assigning local variables. This means all parameterized class written to date will automatically become hiera enabled. And by extension become LDAP enabled if you just wrote an LDAP backend for hiera. The cost of an additional abstraction really just doesnt feature when considering this and Johns excellent points. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Trevor Vaughan Vice President, Onyx Point, Inc (410) 541-6699 tvaug...@onyxpoint.com -- This account not approved for unencrypted proprietary information -- -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: rspec-puppet and puppet doc conflicts
On Thu, Jul 19, 2012 at 5:26 AM, Mark Roggenkamp mark.roggenk...@gmail.com wrote: Perhaps make your puppet doc rake task depend on the spec_clean task? It seems like you may not need the symlinks created by rspec-puppet-init as a dynamic fixture environment is created via .fixtures.yml. Yep, in general rake spec should clean up everything in the fixtures directory after the spec test unless there's a failure, and Rake::Task[:spec_clean] will clean up the fixtures directory. If you find a Puppet Labs module with cruft in spec/fixtures/modules directory, please file a bug. Thanks, Nan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Query functions for PuppetDB
I've released a new version of this module, it no longer requires the rest_client gem and uses the Puppet HTTP pool instead. It also supports getting facts for an array of hosts at once. As an example if you want the IPs of all hosts with Apache class you could do this: $hosts = pdbfactquery(pdbresourcequery([ 'and', [ '=', [ 'node', 'active' ], true ], [ '=', 'type', 'Class' ], [ '=', 'title', 'Apache' ] ], 'certname'), 'ipaddress') It is also on the Puppet Forge now: http://forge.puppetlabs.com/dalen/puppetdbquery On 19 June 2012 16:48, Erik Dalén erik.gustav.da...@gmail.com wrote: I've created a set of functions that exposes the PuppetDB query API from inside puppet. Feel free to give them a spin and get back to me with any bugs or feedback. https://github.com/dalen/puppet-puppetdbquery They require ruby-restclient, ruby-json and the puppetdb-terminus. To give you an example of a query you can do inside puppet code using these functions and PuppetDB: # Return an array of active nodes with an uptime more than 30 days and # having the class 'apache' $hosts = pdbnodequery([ 'and', [ '=', [ 'node', 'active' ], true ], ['', [ 'fact', 'uptime_days' ], 30 ] ], [ 'and', [ '=', 'type', 'Class' ], [ '=', 'title', 'Apache' ] ] ) This can be used for example to populate lists of nodes behind load balancers and such dynamically instead of writing them down in your puppet code. -- Erik Dalén -- Erik Dalén -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Digest for puppet-users@googlegroups.com - 25 Messages in 12 Topics
Unsubscribe -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] puppet-spec-helper / rspec and hiera
I am trying to write some rspec tests for my modules. Most of them now use hiera. I have a .fixures.yml: --- fixtures: repositories: stdlib: https://github.com/puppetlabs/puppetlabs-stdlib.git hiera-puppet: https://github.com/puppetlabs/hiera-puppet.git symlinks: mongodb: #{source_dir} --- and a spec/classes/mongodb_spec.rb: --- require 'spec_helper' describe 'mongodb', :type = 'class' do context On an Ubuntu install, admin and single user do let :facts do { :osfamily = 'Debian', :operatingsystem = 'Ubuntu', :operatingsystemrelease = '12.04' } end it { should contain_user('').with( { 'uid' = '***' } ) should contain_group('').with( { 'gid' = '***' } ) should contain_package('mongodb').with( { 'name' = 'mongodb' } ) should contain_service('mongodb').with( { 'name' = 'mongodb' } ) } end end --- but when I run the spec test, I get: --- # rake spec /usr/bin/ruby1.8 -S rspec spec/classes/mongodb_spec.rb --color F Failures: 1) mongodb On an Ubuntu install, admin and single user Failure/Error: should contain_user('').with( { 'uid' = '***' } ) LoadError: no such file to load -- hiera_puppet # ./spec/fixtures/modules/hiera-puppet/lib/puppet/parser/functions/hiera.rb:3:in `function_hiera' # ./spec/classes/mongodb_spec.rb:15 Finished in 0.05415 seconds 1 example, 1 failure Failed examples: rspec ./spec/classes/mongodb_spec.rb:14 # mongodb On an Ubuntu install, admin and single user rake aborted! /usr/bin/ruby1.8 -S rspec spec/classes/mongodb_spec.rb --color failed Tasks: TOP = spec_standalone (See full trace by running task with --trace) --- What did I do wrong? Most of my modules use hiera now, or soon will, so gettng this figured out whould realyl help. I am using Ubuntu 12.04 LTS, puppet 2.7.17 and hiera 0.3.0. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/TpsfjrGkjEYJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Doubt while using the --edit option to start service
Hi, So, this is my first time using puppet. I was reading the introduction given on the official website here. http://docs.puppetlabs.com/learning/ral.html The page has mentioned that using the --edit option, I can change a resouce. So, to test that, I did, $service puppetmaster start $service httpd stop #To stop the httpd service $#puppet resource service httpd shows it as stopped. $#I do a puppet resource httpd --edit change the ensure to running in the editor. Even after executing the above command, I still have the httpd service stopped. Is this the expected bahavior or may be I understood something wrong? -- Regards, Abhijeet http://blog.abhijeetr.com -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Doubt while using the --edit option to start service
On Thu, Jul 19, 2012 at 11:01 AM, Abhijeet R abhijeet.1...@gmail.com wrote: Hi, So, this is my first time using puppet. I was reading the introduction given on the official website here. http://docs.puppetlabs.com/learning/ral.html The page has mentioned that using the --edit option, I can change a resouce. So, to test that, I did, $service puppetmaster start $service httpd stop #To stop the httpd service $#puppet resource service httpd shows it as stopped. $#I do a puppet resource httpd --edit change the ensure to running in the editor. Hi, Is this just a typo? Did you actually run 'puppet resource service httpd --edit' The service word is important. Also, if you're using Puppet 2.6, you'll likely want to provide the hasstatus parameter with the value of true. This instructs Puppet to use the status command of the softwares init script. In Puppet 2.7 and later, the default value to hasstatus changed to true. $ puppet resource service httpd --edit service { 'httpd': ensure = running, hasstatus = true, } Reference: http://docs.puppetlabs.com/references/latest/type.html#service Even after executing the above command, I still have the httpd service stopped. Is this the expected bahavior or may be I understood something wrong? -- Regards, Abhijeet http://blog.abhijeetr.com -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Ryan Coleman | about.me/ryc Modules Forge @ Puppet Labs -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] How to restart Winbind when hung?
Matt, Good thinking, I hadn't thought of that! Even though it does override the usual puppet behavior, if winbind is stopped then that query will also fail; therefore, the functionality is all still there. Thanks! Adam On Wednesday, July 18, 2012 10:59:50 AM UTC-4, Matthew Burgess wrote: On Wed, Jul 18, 2012 at 3:08 PM, Adam carlson.adam@gmail.com wrote: Hello fellow puppet masters, We currently use winbind to allow our admins to log onto our Linux servers with their Windows AD accounts. Every now and then, a comms issue will drop AD out from under the server, which causes winbind to stop checking AD. The service is still technically running though, so puppet thinks everything is fine. I can run a getent passwd username to verify that winbind is or isn't working. So I wanted to utilize that check and have my winbind service entry to subscribe to this exec: service{ 'winbind': enable = true, ensure = running, subcribe = Exec['check-winbind']; } exec{ 'check-winbind': path = ['/usr/bin','/sbin','/bin'], command = ['getent passwd user | grep -c user'], } So when the command failed, that would trigger puppet to restart the service. But when the check would return 0 (because it couldn't find user in AD), puppet gives me the following: Service[winbind]: Dependency Exec[check-winbind] has failures: true Service[winbind]: Skipping because of failed dependencies Not what I wanted to see... though I do understand why it is saying it (just not how to change it). So what I ended up doing was turning the command into an unless statement, and set the command to be service winbind restart, and remove the subscribe statement form my winbind service entry. Now, this works... but it just seems silly to me to have to restart the service via an exec statement when I am already monitoring the winbind service. Any ideas on how to simplify this and get it back to my original goal of subscribing the service to this check? Thanks! You could make use of the service type's 'status' parameter. Your example would then read: service{ 'winbind': enable = true, ensure = running, status = '/usr/bin/getent passwd user | /bin/grep -c user' } I suspect this overrides the usual puppet behaviour of using 'service winbind status' to perform the status check, but that may not be an issue in your case. Regards, Matt. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/MRFTSEp5RmcJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Can puppet manage an image rather than a running host
Hi, Can puppet manage images (as opposed to running hosts)? This could be a chroot, an LXC container, etc. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/aJZ3-WqDHZEJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Can puppet manage an image rather than a running host
On Thursday, July 19, 2012 3:14:04 PM UTC-5, bluckau wrote: Hi, Can puppet manage images (as opposed to running hosts)? This could be a chroot, an LXC container, etc. You could perhaps do this with a full-enough chroot environment, especially if you launch the agent on a single-run basis via an external scheduler (e.g. cron) instead of running it as a daemon. You need to fool the agent into seeing the image as the actual operating environment. Alternatively, if the image can be mounted on the real host, then you can manage its contents through the host via File resources. That would have a much different feel and implementation than managing a real host, however. Or you can just use Puppet to sync up newly-imaged systems instead of to maintain the image itself. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/KB4pgzagsfQJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Query functions for PuppetDB
2012/7/19 Erik Dalén erik.gustav.da...@gmail.com: I've released a new version of this module, it no longer requires the rest_client gem and uses the Puppet HTTP pool instead. It also supports getting facts for an array of hosts at once. As an example if you want the IPs of all hosts with Apache class you could do this: $hosts = pdbfactquery(pdbresourcequery([ 'and', [ '=', [ 'node', 'active' ], true ], [ '=', 'type', 'Class' ], [ '=', 'title', 'Apache' ] ], 'certname'), 'ipaddress') It is also on the Puppet Forge now: http://forge.puppetlabs.com/dalen/puppetdbquery On 19 June 2012 16:48, Erik Dalén erik.gustav.da...@gmail.com wrote: I've created a set of functions that exposes the PuppetDB query API from inside puppet. Feel free to give them a spin and get back to me with any bugs or feedback. https://github.com/dalen/puppet-puppetdbquery They require ruby-restclient, ruby-json and the puppetdb-terminus. To give you an example of a query you can do inside puppet code using these functions and PuppetDB: # Return an array of active nodes with an uptime more than 30 days and # having the class 'apache' $hosts = pdbnodequery([ 'and', [ '=', [ 'node', 'active' ], true ], ['', [ 'fact', 'uptime_days' ], 30 ] ], [ 'and', [ '=', 'type', 'Class' ], [ '=', 'title', 'Apache' ] ] ) This can be used for example to populate lists of nodes behind load balancers and such dynamically instead of writing them down in your puppet code. -- Erik Dalén -- Erik Dalén -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. Hi Erik, This is cool! Nice job. I'm going to play with this -- --- Kind regards, Martin Willemsma -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: puppet-spec-helper / rspec and hiera
I ran into the same issue. The workaround is to checkout the v0.3.0 tag of hiera-puppet. Since I couldn't figure out a way to do it via the .fixtures.yml file I created a new rake task in Rakefile: desc Checkout the correct tag release of hiera task :spec_prep_hiera do Rake::Task[:spec_prep].invoke system(cd spec/fixtures/modules/hiera-puppet git checkout v0.3.0) end On Thursday, July 19, 2012 1:43:22 PM UTC-4, llo...@oreillyauto.com wrote: I am trying to write some rspec tests for my modules. Most of them now use hiera. I have a .fixures.yml: --- fixtures: repositories: stdlib: https://github.com/puppetlabs/puppetlabs-stdlib.git hiera-puppet: https://github.com/puppetlabs/hiera-puppet.git symlinks: mongodb: #{source_dir} --- and a spec/classes/mongodb_spec.rb: --- require 'spec_helper' describe 'mongodb', :type = 'class' do context On an Ubuntu install, admin and single user do let :facts do { :osfamily = 'Debian', :operatingsystem = 'Ubuntu', :operatingsystemrelease = '12.04' } end it { should contain_user('').with( { 'uid' = '***' } ) should contain_group('').with( { 'gid' = '***' } ) should contain_package('mongodb').with( { 'name' = 'mongodb' } ) should contain_service('mongodb').with( { 'name' = 'mongodb' } ) } end end --- but when I run the spec test, I get: --- # rake spec /usr/bin/ruby1.8 -S rspec spec/classes/mongodb_spec.rb --color F Failures: 1) mongodb On an Ubuntu install, admin and single user Failure/Error: should contain_user('').with( { 'uid' = '***' } ) LoadError: no such file to load -- hiera_puppet # ./spec/fixtures/modules/hiera-puppet/lib/puppet/parser/functions/hiera.rb:3:in `function_hiera' # ./spec/classes/mongodb_spec.rb:15 Finished in 0.05415 seconds 1 example, 1 failure Failed examples: rspec ./spec/classes/mongodb_spec.rb:14 # mongodb On an Ubuntu install, admin and single user rake aborted! /usr/bin/ruby1.8 -S rspec spec/classes/mongodb_spec.rb --color failed Tasks: TOP = spec_standalone (See full trace by running task with --trace) --- What did I do wrong? Most of my modules use hiera now, or soon will, so gettng this figured out whould realyl help. I am using Ubuntu 12.04 LTS, puppet 2.7.17 and hiera 0.3.0. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/5p5FFvrZ_L8J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Can puppet manage an image rather than a running host
On Thu, Jul 19, 2012 at 2:24 PM, jcbollinger john.bollin...@stjude.org wrote: On Thursday, July 19, 2012 3:14:04 PM UTC-5, bluckau wrote: Hi, Can puppet manage images (as opposed to running hosts)? This could be a chroot, an LXC container, etc. You could perhaps do this with a full-enough chroot environment, especially if you launch the agent on a single-run basis via an external scheduler (e.g. cron) instead of running it as a daemon. You need to fool the agent into seeing the image as the actual operating environment. I've done this in the past for producing images that are then used in PXE setups so the gap between the image and Puppet stayed small. We ended up needing to tread warily around things like Kerberos principals, but it worked quite seamlessly so long as it looks like an actual operating environment to Puppet. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: problem using apache passenger to run dashboard
Can someone help me in this forum? On Thu, Jul 12, 2012 at 4:42 PM, Hai Tao ehai...@gmail.com wrote: that is almost exactly what I have , except I put the mod_passenger.so to /var/lib instead of /var/lib64. LoadModule passenger_module /usr/lib/ruby/gems/1.8/gems/passenger-3.0.13/ext/apache2/mod_passenger.so PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-3.0.13 PassengerRuby /usr/bin/ruby But I do not think that would affect anything. The thing is I have no experience with passenger, and I do not know how to trouble shoot this problem. Is there suggestions? Thanks. On Thu, Jul 12, 2012 at 4:30 PM, Clay clay...@gmail.com wrote: I'm running puppet dashboard 1.2.9 , just followed document at http://docs.puppetlabs.com/dashboard/manual/1.2/bootstrapping.html#running-dashboard-in-a-production-quality-server , [root@puppet conf.d]# grep -v ^# dashboard-vhost.conf Listen 3000 VirtualHost *:3000 ServerName puppet.domain.com DocumentRoot /usr/share/puppet-dashboard/public/ Directory /usr/share/puppet-dashboard/public/ Options None Order allow,deny allow from all /Directory ErrorLog /var/log/httpd/dashboard_error.log LogLevel warn CustomLog /var/log/httpd/dashboard_access.log combined ServerSignature On /VirtualHost I have the passenger module config in /etc/httpd/conf/httpd.conf because puppet master is also using passenger. LoadModule passenger_module /usr/lib64/ruby/gems/1.8/gems/passenger-3.0.13/ext/apache2/mod_passenger.so PassengerRoot /usr/lib64/ruby/gems/1.8/gems/passenger-3.0.13 PassengerRuby /usr/bin/ruby -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/rl1IMNDZR3MJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- Hai Tao -- Hai Tao -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Query functions for PuppetDB
On Thu, Jul 19, 2012 at 07:02:32PM +0200, Erik Dalén erik.gustav.da...@gmail.com wrote: I've released a new version of this module, it no longer requires the rest_client gem and uses the Puppet HTTP pool instead. It also supports getting facts for an array of hosts at once. As an example if you want the IPs of all hosts with Apache class you could do this: $hosts = pdbfactquery(pdbresourcequery([ 'and', [ '=', [ 'node', 'active' ], true ], [ '=', 'type', 'Class' ], [ '=', 'title', 'Apache' ] ], 'certname'), 'ipaddress') Awesome! deepak -- Deepak Giridharagopal / Puppet Labs / grim_radical -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] problems with puppetdb
Hello Pete, Do you have a reliable way to reproduce the port issue that you mentioned? We'd like to troubleshoot it further but haven't found any way to reproduce it on our end yet. If you're not getting log output in /var/log/puppetdb, can you please try the following?: 1. Edit the file /etc/puppetdb/conf.d/config.ini, and comment out the logging-config line. 2. Run this command: java -jar /usr/share/puppetdb/puppetdb.jar services -c /etc/puppetdb/conf.d This should allow you to see the output on the console as puppetdb is trying to start up. If you can copy and paste that output for us, it may be helpful. Thanks! Chris On Monday, July 16, 2012 5:37:16 PM UTC-7, Pete wrote: On 17 July 2012 10:19, Deepak Giridharagopal dee...@puppetlabs.com wrote: On Mon, Jul 16, 2012 at 5:13 PM, Peter Brown rendhal...@gmail.com wrote: On 17 July 2012 03:15, Chris Price ch...@puppetlabs.com wrote: Also, would you mind sharing a bit more info about your setup? I presume: * You are installing from the puppetlabs apt repos? yes * Your upgrade was from puppetdb 0.9.1 to 0.9.2? and yes. thanks again Deepak. I shall add myself to the ticket. It seems it's a problem with jetty because all the other settings seem to be working fine. I am guessing Jetty is part of the puppetdb install? I tried installing jetty as well but still get the same results. Indeed, that's part of the install. It's embedded in PuppetDB as a library. The ports thing is super-weird...we definitely didn't change them as part of the upgrade. In fact, your configs should have remained unchanged. How are you determining what ports it's listening on? What does /var/log/puppetdb/puppetdb.log say during startup? i am using netstat -nap and grepping for the PID to find out what ports it's using. I am not not getting any logging into /var/log/puppetdb/puppetdb.log It was working yesterday but nothing there today. I just tried running it under the official oracle jre 1.6.0.33 and same results. I have also tried reinstalling from scratch and get the same results. I am at a loss as to what to try next. Thanks! deepak -- Deepak Giridharagopal / Puppet Labs / grim_radical -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/BoEHNeXgvsUJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Query functions for PuppetDB
Very cool! My brain has extrapolated a few cool uses already. :) Thanks Erik! On 20 July 2012 03:02, Erik Dalén erik.gustav.da...@gmail.com wrote: I've released a new version of this module, it no longer requires the rest_client gem and uses the Puppet HTTP pool instead. It also supports getting facts for an array of hosts at once. As an example if you want the IPs of all hosts with Apache class you could do this: $hosts = pdbfactquery(pdbresourcequery([ 'and', [ '=', [ 'node', 'active' ], true ], [ '=', 'type', 'Class' ], [ '=', 'title', 'Apache' ] ], 'certname'), 'ipaddress') It is also on the Puppet Forge now: http://forge.puppetlabs.com/dalen/puppetdbquery On 19 June 2012 16:48, Erik Dalén erik.gustav.da...@gmail.com wrote: I've created a set of functions that exposes the PuppetDB query API from inside puppet. Feel free to give them a spin and get back to me with any bugs or feedback. https://github.com/dalen/puppet-puppetdbquery They require ruby-restclient, ruby-json and the puppetdb-terminus. To give you an example of a query you can do inside puppet code using these functions and PuppetDB: # Return an array of active nodes with an uptime more than 30 days and # having the class 'apache' $hosts = pdbnodequery([ 'and', [ '=', [ 'node', 'active' ], true ], ['', [ 'fact', 'uptime_days' ], 30 ] ], [ 'and', [ '=', 'type', 'Class' ], [ '=', 'title', 'Apache' ] ] ) This can be used for example to populate lists of nodes behind load balancers and such dynamically instead of writing them down in your puppet code. -- Erik Dalén -- Erik Dalén -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] problems with puppetdb
On 20 July 2012 11:20, Chris Price ch...@puppetlabs.com wrote: Hello Pete, Do you have a reliable way to reproduce the port issue that you mentioned? We'd like to troubleshoot it further but haven't found any way to reproduce it on our end yet. If you're not getting log output in /var/log/puppetdb, can you please try the following?: 1. Edit the file /etc/puppetdb/conf.d/config.ini, and comment out the logging-config line. 2. Run this command: java -jar /usr/share/puppetdb/puppetdb.jar services -c /etc/puppetdb/conf.d I tried that but only got INFO level logging I edited the log4j.properties file and turned on debug level console logging and got this output root@korolev:~# java -jar /usr/share/puppetdb/puppetdb.jar services -c /etc/puppetdb/conf.ini 2012-07-20 13:03:40,982 INFO [puppetlabs.jetty] Removing buggy security provider SunPKCS11-NSS version 1.7 2012-07-20 13:03:46,916 INFO [cli.services] PuppetDB version 0.9.2 2012-07-20 13:03:48,490 INFO [cli.services] Starting broker 2012-07-20 13:03:51,892 INFO [cli.services] Starting 2 command processor threads 2012-07-20 13:03:51,896 INFO [cli.services] Starting query server 2012-07-20 13:03:51,897 INFO [cli.services] Starting database compactor (60 minute interval) 2012-07-20 13:03:52,015 INFO [cli.services] Beginning database compaction org.eclipse.jetty.ssl.password : 2012-07-20 13:03:52,420 INFO [cli.services] Finished database compaction ^C2012-07-20 13:08:27,976 INFO [cli.services] Shutdown request received; puppetdb exiting. root@korolev:~# java -jar /usr/share/puppetdb/puppetdb.jar services -c /etc/puppetdb/conf.ini 2012-07-20 13:08:44,944 INFO [puppetlabs.jetty] Removing buggy security provider SunPKCS11-NSS version 1.7 2012-07-20 13:08:50,008 INFO [main] [cli.services] PuppetDB version 0.9.2 2012-07-20 13:08:50,008 DEBUG [main] [bonecp.BoneCPDataSource] JDBC URL = jdbc:postgresql://127.0.0.1:5432/puppetdb, Username = puppet, partitions = 5, max (per partition) = 10, min (per partition) = 1, helper threads = 3, idle max age = 60 min, idle test period = 240 min 2012-07-20 13:08:50,348 INFO [main] [cli.services] Starting broker 2012-07-20 13:08:54,677 DEBUG [main] [index.BTreeIndex] loading 2012-07-20 13:08:54,744 DEBUG [main] [index.BTreeIndex] loading 2012-07-20 13:08:54,748 DEBUG [main] [index.BTreeIndex] loading 2012-07-20 13:08:54,748 DEBUG [main] [index.BTreeIndex] loading 2012-07-20 13:08:54,748 DEBUG [main] [index.BTreeIndex] loading 2012-07-20 13:08:54,757 DEBUG [main] [index.BTreeIndex] loading 2012-07-20 13:08:55,652 INFO [main] [journal.Journal] ignoring zero length, partially initialised journal data file: db-1.log number = 1 , length = 0 2012-07-20 13:08:56,247 DEBUG [main] [index.BTreeIndex] loading 2012-07-20 13:08:56,247 DEBUG [main] [index.BTreeIndex] loading 2012-07-20 13:08:56,250 DEBUG [main] [index.BTreeIndex] loading 2012-07-20 13:08:56,310 INFO [main] [cli.services] Starting 2 command processor threads 2012-07-20 13:08:56,315 INFO [main] [cli.services] Starting query server 2012-07-20 13:08:56,316 INFO [main] [cli.services] Starting database compactor (60 minute interval) 2012-07-20 13:08:56,351 INFO [clojure-agent-send-off-pool-3] [cli.services] Beginning database compaction 2012-07-20 13:08:56,372 DEBUG [clojure-agent-send-off-pool-2] [component.Container] Container org.eclipse.jetty.server.Server@3c716932 + SelectChannelConnector@localhost:8080 as connector org.eclipse.jetty.ssl.password : 2012-07-20 13:08:56,415 INFO [clojure-agent-send-off-pool-3] [cli.services] Finished database compaction 2012-07-20 13:08:56,480 DEBUG [clojure-agent-send-off-pool-0] [listener.DefaultMessageListenerContainer] Established shared JMS Connection 2012-07-20 13:08:56,480 DEBUG [clojure-agent-send-off-pool-1] [listener.DefaultMessageListenerContainer] Established shared JMS Connection from my limited knowledge it seems to me is is trying to open port 8080 but i can't see that port open at all. netstat -nap |grep java tells me this (yes this is the only java application running on the machine). root@korolev:~# netstat -nap|grep java tcp6 0 0 :::1099 :::* LISTEN 11083/java tcp6 0 0 :::34810:::* LISTEN 11083/java tcp6 0 0 127.0.0.1:51702 127.0.0.1:5432 ESTABLISHED 11083/java tcp6 0 0 127.0.0.1:51700 127.0.0.1:5432 ESTABLISHED 11083/java tcp6 0 0 127.0.0.1:51701 127.0.0.1:5432 ESTABLISHED 11083/java tcp6 0 0 127.0.0.1:51703 127.0.0.1:5432 ESTABLISHED 11083/java unix 2 [ ] STREAM CONNECTED 6211563 11083/java Hope that helps somewhat. let me know if you need me to try anything else. Pete. This should allow you to see the output on the console as puppetdb is trying to start up. If you can copy and paste that output for us, it may be helpful. Thanks! Chris On Monday, July 16, 2012 5:37:16 PM UTC-7, Pete wrote: On 17 July 2012 10:19, Deepak
[Puppet Users] problem with dashboard
Hi: When I start the dashboard server,but all ways failed . Someone can help me ? #sudo -u puppet-dashboard ./script/server -e production Missing these required gems: rack = 0 You're running: ruby 1.8.7.174 at /usr/bin/ruby1.8 rubygems 1.8.24 at /usr/lib/ruby/gems/1.8, /root/.gem/ruby/1.8 Run `rake gems:install` to install the missing gems. And now,I EXECUTE “rake gems:install”, # rake gems:install rake aborted! no such file to load -- rdoc/task /data/puppet-dashboard/Rakefile:9 (See full trace by running task with --trace) root@puppet:/data/puppet-dashboard# more /data/puppet-dashboard/Rakefile # Add your own tasks in files placed in lib/tasks ending in .rake, # for example lib/tasks/capistrano.rake, and they will automatically be available to Rake. require(File.join(File.dirname(__FILE__), 'config', 'boot')) require 'thread' require 'rake' require 'rake/testtask' require 'rdoc/task' require 'tasks/rails' How can I do? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.