[Puppet Users] serving .exe file via http (provider = windows)
hi everyone, i'm trying to roll out an .exe file for the puppet package provider windows. my manifest looks like this: $package_source = http://puppet.local.domain/base_check_mk/windows/check-mk-agent-1.2.3i1.exe; $package_name = Check_MK Agent 1.2.3i1 package { $package_name: ensure = installed, provider = windows, source = $package_source, install_options = ['/S', '/D=C:\check_mk'] } the agent says: Error: The source does not exist: 'http://puppet.local.domain/base*check* mk/windows/check-mk-agent-1.2.3i1.exe' When i open this link in the browser of the agent, the download of the file starts. (So the path is correct). The same procedure works with .msi files though. Are .exe files not supported for this kind of method? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Load Balancer Worker Resources
On 04.08.2013 08:35, fuzzy186 wrote: And I got this error: err: Could not retrieve catalog from remote server: Error 400 on SERVER: Puppet::Parser::AST::Resource failed with error ArgumentError: Invalid resource type balancermember at /etc/puppet/modules/apache/manifests/worker.pp:4 on node mail-test.nr.sicom.pl On page 143 of this book there is very similar example with host keys management and it works like that on the same puppet master. What should I do to make it work ? Try changing that to Apache::Balancemember||... Regards, David -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] serving .exe file via http (provider = windows)
Hi, I assume that you have the exe file within your module in the files folder. Adopt the source attribute to the following: source = 'puppet:///modulename/filename Put the exe in your module: modulepath/modulename/files/exe filename http://docs.puppetlabs.com/references/latest/type.html#file hth, Martin On Aug 5, 2013, at 8:01 AM, cko dert...@gmail.com wrote: hi everyone, i'm trying to roll out an .exe file for the puppet package provider windows. my manifest looks like this: $package_source = http://puppet.local.domain/base_check_mk/windows/check-mk-agent-1.2.3i1.exe; $package_name = Check_MK Agent 1.2.3i1 package { $package_name: ensure = installed, provider = windows, source = $package_source, install_options = ['/S', '/D=C:\check_mk'] } the agent says: Error: The source does not exist: 'http://puppet.local.domain/basecheckmk/windows/check-mk-agent-1.2.3i1.exe' When i open this link in the browser of the agent, the download of the file starts. (So the path is correct). The same procedure works with .msi files though. Are .exe files not supported for this kind of method? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: puppet fails to install some packages but succeed if I do a manual apt-get update --fix-missing. using puppetlabs/apt module
I'm running puppet from vagrant, everything else runs as root so I guess this also runs as root (is there a way to specifiy to run as root in the puppet command?) On Monday, August 5, 2013 1:06:52 AM UTC+3, denmat wrote: Did you see this in the log? Stage[main]//Apt::Builddep[python-imaging]/Exec[apt-builddep-python-imaging]/returns: E: Unable to lock the administration directory (/var/lib/dpkg/), are you root? [0m Who are you running it as? Den On 04/08/2013, at 21:31, Alon Nisser alon...@gmail.com javascript: wrote: Stage[main]//Apt::Builddep[python-imaging]/Exec[apt-builddep-python-imaging]/returns: E: Unable to lock the administration directory (/var/lib/dpkg/), are you root? [0m -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] serving .exe file via http (provider = windows)
Hi, from the official documentation: Additional Notes on Windows Packages - The source parameter is required, and must refer to a local .msi file, a file from a mapped drive, or a UNC path. You can distribute packages as file resources. Puppet URLs are not currently supported for the package type’s source attribute. This is why i want to serve the file via httpd (like i said, it worked with msi files). On Monday, August 5, 2013 9:30:30 AM UTC+2, Martin Alfke wrote: Hi, I assume that you have the exe file within your module in the files folder. Adopt the source attribute to the following: source = 'puppet:///modulename/filename Put the exe in your module: modulepath/modulename/files/exe filename http://docs.puppetlabs.com/references/latest/type.html#file hth, Martin On Aug 5, 2013, at 8:01 AM, cko der...@gmail.com javascript: wrote: hi everyone, i'm trying to roll out an .exe file for the puppet package provider windows. my manifest looks like this: $package_source = http://puppet.local.domain/base_check_mk/windows/check-mk-agent-1.2.3i1.exe; $package_name = Check_MK Agent 1.2.3i1 package { $package_name: ensure = installed, provider = windows, source = $package_source, install_options = ['/S', '/D=C:\check_mk'] } the agent says: Error: The source does not exist: ' http://puppet.local.domain/basecheckmk/windows/check-mk-agent-1.2.3i1.exe' When i open this link in the browser of the agent, the download of the file starts. (So the path is correct). The same procedure works with .msi files though. Are .exe files not supported for this kind of method? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com javascript:. To post to this group, send email to puppet...@googlegroups.comjavascript:. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: It's my mistake or a bug about define a variable in class?
On Friday, August 2, 2013 10:03:19 AM UTC-5, cvv...@gmail.com wrote: Version: puppet-3.2.3-1.el6.noarch.rpm -- I just try to create a class as parameters container like this: cat /etc/puppet/modules/ssh/manifests/params.pp EOF class ssh::params { $ssh_package_name = $::operatingsystem ? { 'solaris' = 'openssh', 'centos' = 'openssh-server', } } EOF but there is an error in agent like this: Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Syntax error at '='; expected '}' at /etc/puppet/modules/ssh/manifests/params.pp:2 on node basecentos.mhszdomain.com I saw it in the manual like this: ---Error again... $group = $operatingsystem ? { solaris = 'sysadmin', default = 'wheel', } then I try different type of it: [...] so..what happens? does anyone could help me? Something seems very broken here. Selectors (the feature you are trying to use) have been in the Puppet language for a long time, and they work fine all over the place. I doubt there are many Puppet sites that don't use them. What strikes me as odd is that the Puppet parser complains about the '=' sign, which is not part of the selector expression. Do you still get the error with something like class ssh::params { $ssh_package_name = 'ssh' } ? Does it help (or change anything) if you put the whole selector expression in parentheses? Is there any chance that you are getting unexpected (by Puppet) non-printing characters in your manifest files when you create them via I/O redirection as you show? That wouldn't happen in the POSIX or C locale, but perhaps it could in some other locales, under some circumstances. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] user add password string wrong because of $
Hello, I want to add user with puppet. In my password string I have three times the $. The result is that in the password of the the /etc/shadow file everything from $ until a . or / is missing. password = $6$0vY.Ob.b$uOClxMYJohHBH46X/ESzliv.Jxt1XoWXjbLXtnf5JzqL5pP.caiF0JMxjptxEq9gj72KrU7CqB7ez, results to user1:.Ob.b/ESzliv.Jxt1XoWXjbLXtnf5JzqL5pP.caiF0JMxjptxEq9gj72KrU7CqB7ez:15922:0:9:7::: $6$0vY.Ob.b$uOClxMYJohHBH46X/ESzliv.Jxt1XoWXjbLXtnf5JzqL5pP.caiF0JMxjptxEq9gj72KrU7CqB7ez .Ob.b /ESzliv.Jxt1XoWXjbLXtnf5JzqL5pP.caiF0JMxjptxEq9gj72KrU7CqB7ez Does anybody has an solution for that? Best regards Andreas -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: It's my mistake or a bug about define a variable in class?
Could the problem be the variable name : group ? That is a Puppet Type Try changing it. Hope this helps. Just a wild guess. “Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.” Bill Waterson (Calvin Hobbes) - Original Message - From: jcbollinger john.bollin...@stjude.org To: puppet-users@googlegroups.com Sent: Monday, August 5, 2013 9:11:29 AM Subject: [Puppet Users] Re: It's my mistake or a bug about define a variable in class? On Friday, August 2, 2013 10:03:19 AM UTC-5, cvv...@gmail.com wrote: Version: puppet-3.2.3-1.el6.noarch.rpm -- I just try to create a class as parameters container like this: cat /etc/puppet/modules/ssh/manifests/params.pp EOF class ssh::params { $ssh_package_name = $::operatingsystem ? { 'solaris' = 'openssh', 'centos' = 'openssh-server', } } EOF but there is an error in agent like this: Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Syntax error at '='; expected '}' at /etc/puppet/modules/ssh/manifests/params.pp:2 on node basecentos.mhszdomain.com I saw it in the manual like this: ---Error again... $group = $operatingsystem ? { solaris = 'sysadmin', default = 'wheel', } then I try different type of it: [...] blockquote so..what happens? does anyone could help me? /blockquote Something seems very broken here. Selectors (the feature you are trying to use) have been in the Puppet language for a long time, and they work fine all over the place. I doubt there are many Puppet sites that don't use them. What strikes me as odd is that the Puppet parser complains about the '=' sign, which is not part of the selector expression. Do you still get the error with something like class ssh::params { $ssh_package_name = 'ssh' } ? Does it help (or change anything) if you put the whole selector expression in parentheses? Is there any chance that you are getting unexpected (by Puppet) non-printing characters in your manifest files when you create them via I/O redirection as you show? That wouldn't happen in the POSIX or C locale, but perhaps it could in some other locales, under some circumstances. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users . For more options, visit https://groups.google.com/groups/opt_out . -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: user add password string wrong because of $
Here my init.pp define useradd ( $name, $uid, $group, $gid, $password, $shell, $sshkeytype, $sshkey) { $homedir = $kernel ? { 'SunOS' = '/export/home', default = '/home' } $username = $title user { $username: ensure = present, comment = $name, uid = $uid, gid = $gid, shell = $shell, home = $homedir/$username, managehome = true, password = $password, require = group[$group], } group { $group: gid = $gid, } exec { $username: command = /bin/cp -R /etc/skel $homedir/$username; /bin/chown -R $username:$group $homedir/$username , creates = $homedir/$username, require = user[$username], } ssh_authorized_key { $username: user = $username, type = $sshkeytype, key = $sshkey, require = exec[$username], } } -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: escape sequence within generate function
On Friday, August 2, 2013 12:07:24 PM UTC-5, Jacob McCoy Wade wrote: On Friday, August 2, 2013 6:43:01 AM UTC-7, jcbollinger wrote: On Thursday, August 1, 2013 2:37:03 PM UTC-5, Jacob McCoy Wade wrote: The closest I've come is to use: $random_1 = generate('/bin/sh', '-c', '\/bin/cat /dev/urandom | /usr /bin/tr -dc \'a-z0-9\' | /usr/bin/fold -w 8 | /usr/bin/head -n 1 | /usr /bin/tr -d \'\n\'\') This however ends up populating the variable with the following and appears to ignore the the /usr/bin/tr -d '\n' as there are line breaks inserted: /bin/sh: /bin/cat: No such file or directory So, that's the wrong thing to do, because 'cat' will keep reading its input until it reaches the end, which it never will in this case. It may be that having 'head' in the pipeline would rescue it by closing its own input, but you might end up with a bunch of stalled, orphaned processes. You should instead use /bin/dd or some other command that allows you to limit the amount of data read from /dev/urandom. I was using head to close the input. The other thing I can't quite make sense of is why it works when I apply the module directly on the node, but not when using a puppet master. Like all Puppet functions, generate() runs on machine where the catalog is compiled, not on the one where it is applied, unless they are the same. It appears that the master you are using does not have (a Puppet-accessible) /dev/urandom, whereas the target node has one that is accessible to the user as whom you are running 'puppet apply'. There is also a third, more fundamental problem: it is unlikely that you really want to do what you are trying to do. If you generate a completely random component to a config file on every run, then that file will never match from one run to the next, so it will always be re-synced. That is rarely the intent. More often, you want different, random strings for each node, but you want those strings to be stable from run to run for any given node. One way to achieve that might be to construct strings as the concatenation of a constant stem and a random number generated via Puppet's built-in fqdn_rand() function. I was thinking that I could use replace = 'no', within the module so that puppet won't re-sync the file every run. You could, though by doing so you give up the ability to have Puppet keep the file synced to your spec. Replace = 'no' is most appropriately applied to files that are expected to be modified in the course of their normal use, however, to prevent Puppet from clobbering the modifications. Inasmuch the only reason for using it here seems to be to facilitate using /dev/urandom as the source of randomness, and as using /dev/urandom for this purpose appears inferior in most ways to using Puppet's and/or Ruby's built-in sources of randomness, I really don't see the point. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] user add password string wrong because of $
On 05.08.2013 15:16, Andreas Dvorak wrote: Hello, I want to add user with puppet. In my password string I have three times the $. The result is that in the password of the the /etc/shadow file everything from $ until a . or / is missing. password = $6$0vY.Ob.b$uOClxMYJohHBH46X/ESzliv.Jxt1XoWXjbLXtnf5JzqL5pP.caiF0JMxjptxEq9gj72KrU7CqB7ez, use single quotes or backslashes: password = '$foo' or password = \$foo Regards, David -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: puppet fails to install some packages but succeed if I do a manual apt-get update --fix-missing. using puppetlabs/apt module
On Monday, August 5, 2013 3:04:08 AM UTC-5, Alon Nisser wrote: I'm running puppet from vagrant, everything else runs as root so I guess this also runs as root (is there a way to specifiy to run as root in the puppet command?) No. Mechanisms by which unprivileged processes can obtain privilege are universally categorized as security vulnerabilities. They are the source of so-called privilege escalation attacks. Every operating system does its best to avoid providing such mechanisms. Vagrant itself may run as root in order to do many of the things it wants to do (though that's under your control), but that does not mean the processes it launches automatically run as root, too. I'm not much of a vagrant guy, though, so I can't say for sure. On Monday, August 5, 2013 1:06:52 AM UTC+3, denmat wrote: Did you see this in the log? Stage[main]//Apt::Builddep[python-imaging]/Exec[apt-builddep-python-imaging]/returns: E: Unable to lock the administration directory (/var/lib/dpkg/), are you root? [0m Who are you running it as? Den On 04/08/2013, at 21:31, Alon Nisser alon...@gmail.com wrote: Stage[main]//Apt::Builddep[python-imaging]/Exec[apt-builddep-python-imaging]/returns: E: Unable to lock the administration directory (/var/lib/dpkg/), are you root? [0m Let's see whether we can simplify the picture by cutting Puppet out of it. Can you configure Vagrant to directly run the apt-get command that Puppet fails to run? From the log, that would be: /usr/bin/apt-get -y --force-yes build-dep python-imaging I would be surprised to find Vagrant successful at running that directly, yet unsuccessful at running it indirectly via Puppet. If Vagrant indeed fails to run the command directly then your problem is with how you are using Vagrant. Ensure that Vagrant is running as root, and look for Vagrant features related to the user or privileges with which external processes are launched. On the other hand, if Vagrant succeeds in running the command directly, then your permissions problem likely involves SELinux or some other access control mechanism separate from the standard UNIX discretionary access controls. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] user add password string wrong because of $
thank you, single quotes solved it regards, Andreas -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Re: Upgrade from 2.7.20 to 2.7.22 breaks puppet-dashboard
Having the same issue but not from an upgrade -- have not been able to get the dashboard to get reports from puppet clients yarr On Thursday, 20 June 2013 14:29:58 UTC-7, Joe Benson wrote: I upgraded our puppetmaster from 2.7.20 to 2.7.22 and puppet dashboard quit importing reports. I'm getting a failed task with this error message. undefined method `=' for nil:NilClass Backtracehttp://puppetconsoletest.prod.utah.gov:3000/delayed_job_failures /usr/share/puppet-dashboard/lib/report_transformer.rb:18:in `apply' /usr/share/puppet-dashboard/lib/report_transformer.rb:8:in `apply' /usr/share/puppet-dashboard/lib/report_transformer.rb:18:in `inject' /usr/share/puppet-dashboard/lib/report_transformer.rb:7:in `each' /usr/share/puppet-dashboard/lib/report_transformer.rb:7:in `inject' /usr/share/puppet-dashboard/lib/report_transformer.rb:7:in `apply' /usr/share/puppet-dashboard/app/models/report.rb:112:in `create_from_yaml' /usr/share/puppet-dashboard/app/models/report.rb:90:in `create_from_yaml_file' Installed RPMS from yum.puppetlabs.com rpm -qa |grep puppet puppet-server-2.7.22-1.el5 puppet-2.7.22-1.el5 puppet-dashboard-1.2.23-1.el5 If I back-rev puppet and puppet-server to 2.7.20 it works. Any Ideas? Thanks, Joe -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Add a public ssh key form node A to authorized keys on node B
With the risc I ask a queston answered a hunderd times before (which I couldn't find)... On node A I want to create a ssh key. For this I exec a ssh-keygen. Now I want the generated public key added to the authorized key file of node B. Probably I need the ssh_authorized_key resource for this. But then I need the public key of node A as a string in node B. I can't see how to achieve this with exported resources. So my guess is that I need to write a custom fact to read ~/.ssh/id_rsa.pub on node A in order to collect it on node B. Is this the way I should go? Or is there a better approach? Thanks, Mark -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] user add password string wrong because of $
On Mon, Aug 5, 2013 at 10:16 AM, Andreas Dvorak andreas.dvo...@googlemail.com wrote: Hello, I want to add user with puppet. In my password string I have three times the $. The result is that in the password of the the /etc/shadow file everything from $ until a . or / is missing. password = $6$0vY.Ob.b$uOClxMYJohHBH46X/ESzliv.Jxt1XoWXjbLXtnf5JzqL5pP.caiF0JMxjptxEq9gj72KrU7CqB7ez, [...] Does anybody has an solution for that? You can solve this problem by defining the password with single quotes: password = '$6$0vY.Ob.b$uOClxMYJohHBH46X/ESzliv.Jxt1XoWXjbLXtnf5JzqL5pP.caiF0JMxjptxEq9gj72KrU7CqB7ez', -- Arthur Furlan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Puppet + Mcollective + Hubot + Jenkins
Hello, I'm looking for a running infrastructure with the combination of Hubot, Puppet, Mcollective and Jenkins. I know about the Hubot setup from Github, but I can't find any information of a successfully setup with Mcollective. I have some questions regarding the connections between the services. Currently I design a setup of new infrastructure with the services mention above. Thanks in advance. Regards, Markus Rekkenbeil -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] crapload of files to check permissions and ownership
Yes, I do intend to list all the files and their expected mode and ownership, I just want to figure out the nicest, most succinct way to do that. Wildcards and recursive listings will do me no good -- these files are scattered all over. Thanks. On Friday, August 2, 2013 3:33:57 PM UTC-4, Ygor wrote: [Please respond to THE LIST and not directly/privately] OK, then if you want to manage 100+ files, you need to either LIST 100+ files or manage the file tree using the 'recurse' parameter. There is another thread here recently asking about wildcards in file resources. They were told that wildcards do not work for that. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Nagios service not restarting when removing a host from the database
Nagios is restarted every time a host or service is added, but never when removing hosts or services. The client resources: @@nagios_host { $::fqdn: ensure= 'present', alias = $::hostname, address = $::ipaddress, use = 'linux-server', } @@nagios_service { check_ssh_${::hostname}: check_command = 'check_ssh', use = 'generic-service', host_name = $::fqdn, service_description = 'SSH', } The nagios server resources: service { 'nagios': ensure= 'running', hasstatus = true, enable= true, } resources { [ nagios_host, nagios_service ]: purge = true, } Nagios_host || { notify = Service['nagios'] } Nagios_service || { notify = Service['nagios'] } Based on variations I have seen out there I have also tried the following: - Have the service subscribe to /etc/nagios with checksum=mtime - Added before = File['/etc/nagios'], to Nagios_host and Nagios_service - Tried checksum=mtime on /etc/nagios/nagios_*.cfg resources When I add a host and then run puppet agent --test on the nagios server I see this: notice: /Stage[main]/Nagios::Monitor/Nagios_host[test1.tld]/ensure: created notice: /Stage[main]/Nagios::Monitor/Nagios_service[check_ssh_test1]/ensure: created notice: /Stage[main]/Nagios::Monitor/Service[nagios]: Triggered 'refresh' from 2 events When I remove the host from the database via delete from fact_values where host_id='N'; delete from resources where host_id='N'; delete from hosts where id='N'; The next run of puppet on the nagios server produces: notice: /Nagios_service[check_ssh_test1]/ensure: removed notice: /Nagios_host[test1.tld]/ensure: removed nagios_host.cfg and nagios_service.cfg are properly updated, but the service will not restart. This is centos6.3 with epel puppet-2.6.17 (for client and master). Any ideas? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] facter string value comparison to integer
It seems this statement is working for latest puppet+facter: if($::processorcount25). Before there was concern that puppet would not auto convert string to number, is this still a concern here? I am wondering if I should convert the facter string value to integer first before comparing it .. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] ssh_authorized_key -- Puppet::Util::FileType::FileTypeFlat could not write problem -- I found an answer that worked for me
This is an extract from a defined type I use to create accounts: code extract define users::useraccount ( ) { .. File { owner = $username, group = $username, mode = '0600', } .. user { $username: ensure = present, } group { $username: require = User[$username], } file { $userhome: ensure = directory, require = [ User[$username], Exec[mkdir-${username}], ] } ## THE ADDITION OF THE FOLLOWING TWO RESOURCES MADE THE DIFFERENCE file { ${userhome}/.ssh: ensure = directory, require = User[$username], } file { ${userhome}/.ssh/authorized_keys: ensure = present, require = File[${userhome}/.ssh], } code extract Seems like Ruby was screaming about creating the target file when it does not exist. Hope this helps someone out there. “Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.” Bill Waterson (Calvin Hobbes) -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Selector within a resource -- location syntax
Can anyone tell me why this is legal: file { /etc/cron.d: owner = root, group = root, mode = $operatingsystem ? { 'Solaris' = 0755, default = 0700, } } ...And yet if I have any resource attributes below the mode selector statement, it will not parse? (Am I doing the right thing by having a selector in my file resource? I have a large amount of files to validate, and attributes change for many of the files, depending on the OS.) -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Selector within a resource -- location syntax
root writes: Can anyone tell me why this is legal: file { /etc/cron.d: owner = root, group = root, mode = $operatingsystem ? { 'Solaris' = 0755, default = 0700, } } ...And yet if I have any resource attributes below the mode selector statement, it will not parse? No comma after the conditional? Like this: mode = $operatingsystem ? { 'Solaris' = 0755, default = 0700, }, All resource attributes use comma as a separator. You can optionally leave off the final comma (although style recommendations suggest you should always end an attribute specification with a comma, mainly so that you don't have to remember to add it if you add additional attribute specifications). (Am I doing the right thing by having a selector in my file resource? I have a large amount of files to validate, and attributes change for many of the files, depending on the OS.) That is certainly one way to manage the OS-specific differences in your resources. If you have a lot of things that are always mode 755 in one OS and mode 700 in another, it may be somewhat more concise to declare a variable and use that: $dirmode = $operatingsystem ? { Solaris = 0755, default = 0700, } ... file { /etc/cron.d: owner = root, group = root, mode = $dirmode, } -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
[Puppet Users] Trouble connect to PuppetDB
Greetings: I'm having trouble connecting to PuppetDB. When I execute *sudo puppet agent --test* on a client node, I receive the following: Warning: Unable to fetch my node definition, but the agent run will continue: Warning: Error 400 on SERVER: Could not retrieve facts for web1.mydomain.tld: Failed to find facts from PuppetDB at db1.mydomain.tld:8081: Connection refused - connect(2) Info: Retrieving plugin Info: Loading facts in /var/lib/puppet/lib/facter/concat_basedir.rb Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Failed to submit 'replace facts' command for web1.mydomain.tld to PuppetDB at db1.mydomain.tld:8081: Connection refused - connect(2) Warning: Not using cache on failed catalog Error: Could not retrieve catalog; skipping run From my home computer (WinXP), I opened a command prompt and was unsuccessful in establishing a telnet connection; in trying to establish one via both the PuppetDB's FQDN and IP address. Other than the UFW on db1, what else could be blocking access to port 8081? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Trouble connect to PuppetDB
Check your /etc/puppetdb/conf.d/jetty.ini file for the configuration items ssl-host host. These should both be set to the IP address you want PuppetDB to listen on, or 0.0.0.0 for all IP addresses. This is probably set to 127.0.0.1 or something now, which might explain why PuppetDB is not listening on that external IP and port. ken. On Mon, Aug 5, 2013 at 8:34 PM, Pablo Carranza pa...@vdevices.com wrote: Greetings: I'm having trouble connecting to PuppetDB. When I execute sudo puppet agent --test on a client node, I receive the following: Warning: Unable to fetch my node definition, but the agent run will continue: Warning: Error 400 on SERVER: Could not retrieve facts for web1.mydomain.tld: Failed to find facts from PuppetDB at db1.mydomain.tld:8081: Connection refused - connect(2) Info: Retrieving plugin Info: Loading facts in /var/lib/puppet/lib/facter/concat_basedir.rb Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Failed to submit 'replace facts' command for web1.mydomain.tld to PuppetDB at db1.mydomain.tld:8081: Connection refused - connect(2) Warning: Not using cache on failed catalog Error: Could not retrieve catalog; skipping run From my home computer (WinXP), I opened a command prompt and was unsuccessful in establishing a telnet connection; in trying to establish one via both the PuppetDB's FQDN and IP address. Other than the UFW on db1, what else could be blocking access to port 8081? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Nagios service not restarting when removing a host from the database
Hi there, On 05/08/13 10:51 AM, John Santana wrote: When I remove the host from the database via delete from fact_values where host_id='N'; delete from resources where host_id='N'; delete from hosts where id='N'; if you remove the host exported resource in the manifests and the DB, then the nagios server is not collecting anything about it anymore: that's why the service doesn't get notified. you need to export the resource with ensure = absent and run puppet on the host, then on the nagios server so that everything runs fine. however in your example, you seem not to be redefining the target when collecting, so you might consider using purge = true. to achieve what you want with the workflow you mentioned above (e.g. without the need to export with ensure = absent) -- Gabriel Filion signature.asc Description: OpenPGP digital signature
Re: [Puppet Users] Trouble connect to PuppetDB
Ken... you are a genius! I, for some reason, had entered the PuppetDB's FQDN in there. The manual, found herehttp://docs.puppetlabs.com/puppetdb/latest/configure.html#jetty-http-settings, reads: host This sets the hostname to listen on for unencrypted HTTP traffic. If not supplied, we bind to localhost, which will reject connections from anywhere but the PuppetDB server itself. To listen on all available interfaces, use 0.0.0.0. ... ssl-host This sets the hostname to listen on for encrypted HTTPS traffic. If not supplied, we bind to localhost. To listen on all available interfaces, use 0.0.0.0. It'd probably be helpful to incorporate Ken's magical words These should both be set to the *IP address* you want PuppetDB to listen on (emphasis added.) Just a thought! Thanks, again! -Pablo On Monday, August 5, 2013 2:41:13 PM UTC-5, Ken Barber wrote: Check your /etc/puppetdb/conf.d/jetty.ini file for the configuration items ssl-host host. These should both be set to the IP address you want PuppetDB to listen on, or 0.0.0.0 for all IP addresses. This is probably set to 127.0.0.1 or something now, which might explain why PuppetDB is not listening on that external IP and port. ken. On Mon, Aug 5, 2013 at 8:34 PM, Pablo Carranza pa...@vdevices.comjavascript: wrote: Greetings: I'm having trouble connecting to PuppetDB. When I execute sudo puppet agent --test on a client node, I receive the following: Warning: Unable to fetch my node definition, but the agent run will continue: Warning: Error 400 on SERVER: Could not retrieve facts for web1.mydomain.tld: Failed to find facts from PuppetDB at db1.mydomain.tld:8081: Connection refused - connect(2) Info: Retrieving plugin Info: Loading facts in /var/lib/puppet/lib/facter/concat_basedir.rb Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Failed to submit 'replace facts' command for web1.mydomain.tld to PuppetDB at db1.mydomain.tld:8081: Connection refused - connect(2) Warning: Not using cache on failed catalog Error: Could not retrieve catalog; skipping run From my home computer (WinXP), I opened a command prompt and was unsuccessful in establishing a telnet connection; in trying to establish one via both the PuppetDB's FQDN and IP address. Other than the UFW on db1, what else could be blocking access to port 8081? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com javascript:. To post to this group, send email to puppet...@googlegroups.comjavascript:. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Nagios service not restarting when removing a host from the database
On Mon, Aug 05, 2013 at 04:22:41PM -0400, Gabriel Filion wrote: you need to export the resource with ensure = absent and run puppet on the host, then on the nagios server so that everything runs fine. Dozens of VMs are routinely destroyed on a weekly basis and in an automated fashion based on load. The nagios_*.cfg files are automatically changed, why is the notify not triggering? however in your example, you seem not to be redefining the target when collecting, so you might consider using purge = true. to achieve what you want with the workflow you mentioned above (e.g. without the need to export with ensure = absent) I am purging unless you are referring to a different resource stanza. From my OP: resources { [ nagios_host, nagios_service ]: purge = true, } -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] The handy Grail of Modules Standards
On 06/26/2013 07:27 PM, Alessandro Franceschi wrote: Good point. In the doc I placed some possible examples on where to assign names, but more (or remarks on the ones listed) cases are welcomed. (Let me have your email for an invitation to edit) Btw, comments and access to: https://docs.google.com/a/lab42.it/document/d/1D4OqEI5iuGJe63ODU91N6rnFKcxVAg1sAWbaQrGBlWA is open to everybody, and whoever writes modules should be somehow concerned. At the moment the discussion seems limited to very few people (even if I know various others are silently lurking :-) The same place of the document is to be considered temporary. Let me just hop in and say that I'm really pleased with your stdmod example, and I already did modify my first module in this way: https://code.google.com/p/lutak/source/browse/tsm/manifests/init.pp If you think I got something out of the order here, please post critique ;) -- Jakov Sosic www.srce.unizg.hr -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Nagios service not restarting when removing a host from the database
On 05/08/13 04:33 PM, puppetl...@downhomelinux.com wrote: On Mon, Aug 05, 2013 at 04:22:41PM -0400, Gabriel Filion wrote: you need to export the resource with ensure = absent and run puppet on the host, then on the nagios server so that everything runs fine. Dozens of VMs are routinely destroyed on a weekly basis and in an automated fashion based on load. The nagios_*.cfg files are automatically changed, why is the notify not triggering? however in your example, you seem not to be redefining the target when collecting, so you might consider using purge = true. to achieve what you want with the workflow you mentioned above (e.g. without the need to export with ensure = absent) I am purging unless you are referring to a different resource stanza. From my OP: ah, so that's why the config is updated automatically then.. I can't use purging in my environment because of the annoying limitation with the target argument, so the best I can do now is to pull one suggestion out of my hat: if you try and add the notify here, maybe it'll catch removals too? resources { [ nagios_host, nagios_service ]: purge = true, notify = Service['nagios'], } it might complain about the notify lines in the collection.. not entirely sure. if so, try to remove the line at the collection point. -- Gabriel Filion signature.asc Description: OpenPGP digital signature
Re: [Puppet Users] The handy Grail of Modules Standards
That's quite nice, I like the reduced verbosity of the code and essentiality of an all in one (init.pp) location for resources. For better reusability I'd provide a *_template option to manage the templates of all the different files you manage, leaving as the default the currently hardcoded ones. Also the backup_status and archive_status arguments follow an approach that ... erm.. was revisited in the current version of the ongoing standard. Discussion about stdmod and naming standards seems faded again, and I've been quite distracted too. I've had recently the need to make a Kibana (3) module and this is the result, for the moment, based on stdmod patterns. https://github.com/example42/puppet-kibana There are quite a lot other sample layouts, for different kind of modules that can be done and shared. Suppose is just a matter to show some works. On Monday, August 5, 2013 11:01:08 PM UTC+2, Jakov Sosic wrote: On 06/26/2013 07:27 PM, Alessandro Franceschi wrote: Good point. In the doc I placed some possible examples on where to assign names, but more (or remarks on the ones listed) cases are welcomed. (Let me have your email for an invitation to edit) Btw, comments and access to: https://docs.google.com/a/lab42.it/document/d/1D4OqEI5iuGJe63ODU91N6rnFKcxVAg1sAWbaQrGBlWA is open to everybody, and whoever writes modules should be somehow concerned. At the moment the discussion seems limited to very few people (even if I know various others are silently lurking :-) The same place of the document is to be considered temporary. Let me just hop in and say that I'm really pleased with your stdmod example, and I already did modify my first module in this way: https://code.google.com/p/lutak/source/browse/tsm/manifests/init.pp If you think I got something out of the order here, please post critique ;) -- Jakov Sosic www.srce.unizg.hr -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] serving .exe file via http (provider = windows)
Installing from a URL is a feature of msiexec rather than the puppet provider. I think you're stuck using a file resource to download the .exe and then installing from a local path (or serving directly from a UNC path). It would be neat if the windows package provider could eat puppet:/// sources though. Eric On Monday, August 5, 2013 3:42:28 AM UTC-5, cko wrote: Hi, from the official documentation: Additional Notes on Windows Packages - The source parameter is required, and must refer to a local .msi file, a file from a mapped drive, or a UNC path. You can distribute packages as file resources. Puppet URLs are not currently supported for the package type’s source attribute. This is why i want to serve the file via httpd (like i said, it worked with msi files). -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Add a public ssh key form node A to authorized keys on node B
Well, actually it is straight forward. Just create a ssh_authorized_keys resource for an user for both nodes and store the private key in .ssh/id_rsa or define Identity key file in .ssh/config. On Sat, Aug 3, 2013 at 7:12 AM, Mark Ruys mark.r...@gmail.com wrote: With the risc I ask a queston answered a hunderd times before (which I couldn't find)... On node A I want to create a ssh key. For this I exec a ssh-keygen. Now I want the generated public key added to the authorized key file of node B. Probably I need the ssh_authorized_key resource for this. But then I need the public key of node A as a string in node B. I can't see how to achieve this with exported resources. So my guess is that I need to write a custom fact to read ~/.ssh/id_rsa.pub on node A in order to collect it on node B. Is this the way I should go? Or is there a better approach? Thanks, Mark -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.