[Puppet Users] HA puppetmaster in AWS
Hello guys, so puppet community I seek some guidance. I am rebuilding our company Puppet 3 AWS infrastructure from scratch. Right now the design is to have a multiple availability ELB balancer and behind 2-4 puppet masters, so in case one AZ fails we still have a running puppet environment and also at the same time we can distribute the load. For module/environment synchronization we are using r10 + mcollective + post-commit git hooks, however we have one main issue and that is how to properly share the /var/lib/puppet/ssl folder. The thing is with Amazon ELB you have limited control over the load balance policy, so we need to make sure that SSL certs are in sync all the time. We tried with yas3fs, but we abandoned that solution because was just not reliable enough. Also we considered GlusterFS, but again on some other projects the experience wasn't great. So my question is how you guys manage that ? I know we could run an external PuppetCA, however we would still need to share the SSL certs and for as is really important that we have the HA between different zones. So any experience to share ? regards, Dejan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/efbc0980-c0a0-44e4-a1eb-ac0743a2b5b5%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] HA puppetmaster in AWS
Hi Dejan, You can try using S3 for this purpose. So keep all the data like SSL or CA on S3 and ask all the puppet masters to pickup the ssl or any other data from S3. On Fri, Jul 18, 2014 at 12:07 PM, Dejan Golja dejan.go...@gmail.com wrote: Hello guys, so puppet community I seek some guidance. I am rebuilding our company Puppet 3 AWS infrastructure from scratch. Right now the design is to have a multiple availability ELB balancer and behind 2-4 puppet masters, so in case one AZ fails we still have a running puppet environment and also at the same time we can distribute the load. For module/environment synchronization we are using r10 + mcollective + post-commit git hooks, however we have one main issue and that is how to properly share the /var/lib/puppet/ssl folder. The thing is with Amazon ELB you have limited control over the load balance policy, so we need to make sure that SSL certs are in sync all the time. We tried with yas3fs, but we abandoned that solution because was just not reliable enough. Also we considered GlusterFS, but again on some other projects the experience wasn't great. So my question is how you guys manage that ? I know we could run an external PuppetCA, however we would still need to share the SSL certs and for as is really important that we have the HA between different zones. So any experience to share ? regards, Dejan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/efbc0980-c0a0-44e4-a1eb-ac0743a2b5b5%40googlegroups.com https://groups.google.com/d/msgid/puppet-users/efbc0980-c0a0-44e4-a1eb-ac0743a2b5b5%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CACe638ThmEkGNNcUvKGdo5PjXVAxPCtiAjc%3DMhsdzyxgUuXXcQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] user authentication with proxyserver
Hi, i was trying to configure my client with a proxy that requires user authentication, upon looking through the configuration reference page, i only found the settings for proxy hostname/port. as long as the proxy server permits every user without further authentication everything runs good, but i may need to configure a user authentication for some nodes, to be able to access to internet and communicate with my puppetmaster. any idea how i would achieve that or is such a feature not implemented yet? i cant seem to find google hits for my searches. greetings Robert -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/dc8d0133-f2df-4a0a-b669-5d0636300fca%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Puppet module 'issue' with sysctl provider (augeasproviders)
Hi John/Felix, thanks for the suggestions, will try them out next week and come back with the results Stefan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/15035553-e091-48d3-aae2-7dd027220427%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Wrap Package in a define
Hello, We are trying to use the puppet-forge graphite module located here: https://github.com/echocat/puppet-graphite/blob/master/manifests/install.pp and our servers will not have access to the Internet. So we are downloading all the pip packages to a local repository and will point pip to each package. I would like to wrap the Package type so I can provide the source. How would I do this so that the package name is passed to the defined type? My intent is to not change much of the code here: https://github.com/echocat/puppet-graphite/blob/master/manifests/install.pp Otherwise, I will have to comment out alot of the manifest and replace with exec statements pointing to each individual package. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/7bbc783a-589a-42b3-aaa5-993d43f2026b%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] HA puppetmaster in AWS
yas3fs is using s3 as a backend, but unfortunately did not work out. On Friday, July 18, 2014 6:00:02 PM UTC+10, ankush grover wrote: Hi Dejan, You can try using S3 for this purpose. So keep all the data like SSL or CA on S3 and ask all the puppet masters to pickup the ssl or any other data from S3. On Fri, Jul 18, 2014 at 12:07 PM, Dejan Golja dejan...@gmail.com javascript: wrote: Hello guys, so puppet community I seek some guidance. I am rebuilding our company Puppet 3 AWS infrastructure from scratch. Right now the design is to have a multiple availability ELB balancer and behind 2-4 puppet masters, so in case one AZ fails we still have a running puppet environment and also at the same time we can distribute the load. For module/environment synchronization we are using r10 + mcollective + post-commit git hooks, however we have one main issue and that is how to properly share the /var/lib/puppet/ssl folder. The thing is with Amazon ELB you have limited control over the load balance policy, so we need to make sure that SSL certs are in sync all the time. We tried with yas3fs, but we abandoned that solution because was just not reliable enough. Also we considered GlusterFS, but again on some other projects the experience wasn't great. So my question is how you guys manage that ? I know we could run an external PuppetCA, however we would still need to share the SSL certs and for as is really important that we have the HA between different zones. So any experience to share ? regards, Dejan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com javascript:. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/efbc0980-c0a0-44e4-a1eb-ac0743a2b5b5%40googlegroups.com https://groups.google.com/d/msgid/puppet-users/efbc0980-c0a0-44e4-a1eb-ac0743a2b5b5%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/111b399f-8e66-4726-9148-9ada2298299d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: puppet master --genconfig generating deprecated features
Probably they are there for back compatibility or something similar and they will be removed in future releases ? On Thursday, July 17, 2014 7:31:16 AM UTC+10, Adam Chou wrote: I'm running a fresh install of 3.6.2 and when I use the config file from puppet master --genconfig, there are deprecated settings in there. Consequently, running puppet agent -t will throw a bunch of deprecation warnings. Shouldn't the --genconfig either not include the deprecated configurations or include disable_warnings = deprecations? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/0814c330-d223-4e34-80c6-e128847a393e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] HA puppetmaster in AWS
Hi What about this approach? [1] Sync Puppet Certs between EC2 regions It seems very easy to implement: unison + incron + scripts Disclaimer: not tested yet. Hope to have a prof of concept next week. Best regards [1] http://blog.mague.com/?p=468 -- Juan Sierra Pons j...@elsotanillo.net Linux User Registered: #257202 Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo GPG key = 0xA110F4FE Key Fingerprint = DF53 7415 0936 244E 9B00 6E66 E934 3406 A110 F4FE -- -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9u8bdyX%3DULxrOzUVd5SshuKJn6-brJq9pnNP2TtwZKexg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] HA puppetmaster in AWS
Not sure if it would work always, because if using unison you can get conflicts on files such as serial, inventory.txt ,ca_crl.pem, etc and then you need to merge them manually. Quoting: Unlike simple mirroring or backup utilities, Unison can deal with updates to *both* replicas of a distributed directory structure. Updates that do not conflict are propagated automatically. Conflicting updates are detected and displayed. On Friday, July 18, 2014 11:03:51 PM UTC+10, Juan Sierra Pons wrote: Hi What about this approach? [1] Sync Puppet Certs between EC2 regions It seems very easy to implement: unison + incron + scripts Disclaimer: not tested yet. Hope to have a prof of concept next week. Best regards [1] http://blog.mague.com/?p=468 -- Juan Sierra Pons ju...@elsotanillo.net javascript: Linux User Registered: #257202 Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo GPG key = 0xA110F4FE Key Fingerprint = DF53 7415 0936 244E 9B00 6E66 E934 3406 A110 F4FE -- -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/b7c10f69-0ebe-4d65-b38f-7bc72f55a39e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] HA puppetmaster in AWS
On Fri, Jul 18, 2014 at 1:37 AM, Dejan Golja dejan.go...@gmail.com wrote: We tried with yas3fs, but we abandoned that solution because was just not reliable enough. Also we considered GlusterFS, but again on some other projects the experience wasn't great. So my question is how you guys manage that ? DRBD? -mz -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAOLfK3VQugnNH2KubmoXyVXNHqUBtW7UiVL6H9G7K2ZRfOX9NQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] parameters set with array
Hello all, I am newbie to puppet and sorry if it is a silly question. What is wrong with my manifest? define webapp ($domain,$port){ file { /tmp/${name}: This is working and creating the files as /tmp/test , /tmp/test1 etc content = Server:${port}, } notify { $domain: } } $websites = ['test','test1','test2'] webapp { $websites : domain = $websites, - Here, how can iterate websites array? It gives error as duplicate definition. port = 80, } Thanks, OS -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/afa8419e-d24c-4868-b774-3c348b6275ce%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Facter path issue
Thanks for the quick reply Rob. I went ahead and spun up a new Server2008R2 virtual machine to test a very basic install: grabbed the iso from http://www.microsoft.com/en-us/download/details.aspx?id=11093 installed Windows as usual, did the Windows update dance reboot, reboot, etc got the puppet agent from https://downloads.puppetlabs.com/windows/, I tried the most recent agent version and even the oldest, 2.7 version, both the same I also tried installing to the Administrator account as well as installing to another account And, I saw the same behavior. I tried echo %PATH% and then environment.bat and that did give a clue. I ran environment.bat multiple times and each time the Path var in the Puppet shell grows. I've attached a screen shot so you can see what I mean. So, it looks like the Puppet shell initialization process executes environment.bat twice; that happens for scheduled agent runs as well. If I just wanted Facter to report back the true system Path, minus all of the puppet shell added stuff, what would you suggest. Pull it from the registry? Or via a custom fact, take what Facter reports and chop off all of the extra Puppet shell applied stuff with a regex? https://lh3.googleusercontent.com/-1qTwaiZxz0s/U8k9oPOJYXI/B-k/YXycPbeOk9o/s1600/Screen+Shot+2014-07-18+at+11.26.54+AM.png On Thursday, July 17, 2014 6:12:26 PM UTC-4, Rob Reynolds wrote: On Thu, Jul 17, 2014 at 2:37 PM, Jim Richard jimr...@gmail.com javascript: wrote: Facter on a Windows 2008R2 server is doing something weird. Version of facter is 2.0.2. If I, from the Puppet command prompt, do a echo %Path%, I see exactly what I expect. But if I say facter Path, it shows me all of the Puppet added path stuff twice, ie. the output is almost twice as much text. Oddly, the original pre: puppet agent install path data is still reported by facter, correctly, not doubled up, but all of the path items added by the puppet agent install process show up twice when I issue a facter Path. My real path: E:\oracle\product\11.2.0\db_1\bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Unix;E:\oracle\product\11.2.0\db_1\OPatch;C:\jdk_release\bin;F:\RATEWARE What facter thinks is my Path: C:\Program Files (x86)\Puppet Labs\Puppet\puppet\bin;C:\Program Files (x86)\Puppet Labs\Puppet\facter\bin;C:\Program Files (x86)\Puppet Labs\Puppet\hiera\bin;C:\Program Files (x86)\Puppet Labs\Puppet\bin;C:\Program Files (x86)\Puppet Labs\Puppet\sys\ruby\bin;C:\Program Files (x86)\Puppet Labs\Puppet\sys\tools\bin;C:\Program Files (x86)\Puppet Labs\Puppet\puppet\bin;C:\Program Files (x86)\Puppet Labs\Puppet\facter\bin;C:\Program Files (x86)\Puppet Labs\Puppet\hiera\bin;C:\Program Files (x86)\Puppet Labs\Puppet\bin;C:\Program Files (x86)\Puppet Labs\Puppet\sys\ruby\bin;C:\ProgramFiles(x86)\PuppetLabs\Puppet\sys\tools\bin;E:\oracle\product\11.2.0\db_1\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Unix;E:\oracle\product\11.2.0\db_1\OPatch;C:\jdk_release\bin;F:\RATEWARE Any ideas what might cause this? Note the first thing that facter.bat / puppet.bat runs is a call to environment.bat, which ensures that the console has all of the right environment variables set and it updates PATH as well. Why it is doubling up is another issue entirely. Try this - open a command line and call: echo %PATH% environment.bat echo %PATH% Oddly enough, I don't see C:\Program Files (x86)\Puppet Labs\Puppet\bin in your original path as I might expect to see. How did you install facter on your Windows system? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com javascript:. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/97685237-6523-40a3-81ad-38f98df86593%40googlegroups.com https://groups.google.com/d/msgid/puppet-users/97685237-6523-40a3-81ad-38f98df86593%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- Rob Reynolds Developer, Puppet Labs *Join us at PuppetConf 2014 http://www.puppetconf.com/, September 20-24 in San Francisco* *Register by July 31st to take advantage of the Early Bird discount https://puppetconf2014.eventbrite.com/?discount=EarlyBird **—**save $249!* -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/94f5a2c0-5eae-427d-b77f-4ec7dbef0dcc%40googlegroups.com. For more options, visit
[Puppet Users] Re: error. only root user can exec comands
On Thursday, July 17, 2014 9:52:23 AM UTC-5, Supriya Uppalapati wrote: Hi, I am having an issue with exc statement. running through non-root user. *Error: Failed to apply catalog: Parameter user failed on Exec[extract p17071663_1036_Generic.zip]: Only root can execute commands as other users at /etc/puppetlabs/puppet/environments/testing/modules/wls/manifests/bsupatch.pp* *Let me know how to exec through non root user* The message seems pretty clear to me. If you are running Puppet as non-root then you must not specify a 'user' for your command to run as. You must not specify even the non-root user who happens to be running that puppet agent instance, as Puppet cannot necessarily recognize that that's what you have done. If you just omit the 'user' parameter from your exec then it will automatically run as whatever user the agent is running as. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/130eee37-66be-47d9-be1e-1da3f59e78f2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Re: Passing undef as argument to classes defines overrides default parameter
On Thursday, July 17, 2014 1:27:03 PM UTC-5, Cristian Falcas wrote: Hi, I have a postfix class with this init: class postfix ( $ensure = 'latest', $email_user = undef, $email_pass = undef, $smtp_endpoint = smtp.${::domain}, $smtp_endpoint_port = '25', $from_domain= $::domain, $from_user = 'donotreply', $debug = false) { anchor { 'postfix::begin': } anchor { 'postfix::end': } include postfix::install include postfix::config include postfix::service Anchor['postfix::begin'] - Class['postfix::install'] - Class['postfix::config'] ~ Class['postfix::service'] - Anchor['postfix::end'] } And I call it from an other module like this: class { 'postfix': email_user = hiera('email_user', undef), email_pass = hiera('email_pass', undef), smtp_endpoint = hiera('email_smtp_endpoint', undef), smtp_endpoint_port = hiera('smtp_endpoint_port', undef), from_domain= hiera('email_from_domain', undef), from_user = hiera('email_from_user', undef), } All parameters that not found in hiera are not initialized with the default values. In the template I use for the config I get only empty values. That does look a lot like issue 16221, but I'm uncertain whether it's really the same because classes are special, and the way their parameters are bound to them is especially special. I don't know whether what you are doing should be expected to work or not. With that said, you seem to be going to a lot of extra effort here. Automated data binding will do exactly what you appear to want if you change the hiera keys to suit. Then you can just do include 'postfix' , which is better form for most purposes than the resource-like syntax (see the best practices commentary at http://docs.puppetlabs.com/puppet/3/reference/lang_classes.html#include-like-vs-resource-like). For that to work, the keys must have form qualified::class::name::param_name, so postfix::email_user for example. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/307ef13f-4070-4587-acea-4e1026e796b3%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] puppetdb export before migration
I ran an puppetdb export yesterday. It ran fine. It was a puppetdb 2.0 Now, after an export to puppetdb 2.1, I got some strange exception. puppet master is working fine, I didn't see anything special in the release notes. puppetmaster is running fine. Did I miss something ? $ puppetdb export --outfile ./my-puppetdb-export.tar.gz java.lang.AssertionError: Assert failed: % at com.puppetlabs.puppetdb.cli.export$events_for_report_hash.invoke (export.clj:114) com.puppetlabs.puppetdb.cli.export$reports_for_node$fn__5294.invoke (export.clj:150) clojure.core$map$fn__4245.invoke (core.clj:2557) clojure.lang.LazySeq.sval (LazySeq.java:40) clojure.lang.LazySeq.seq (LazySeq.java:49) clojure.lang.RT.seq (RT.java:484) clojure.core$seq.invoke (core.clj:133) clojure.core$map$fn__4245.invoke (core.clj:2551) clojure.lang.LazySeq.sval (LazySeq.java:40) clojure.lang.LazySeq.seq (LazySeq.java:49) clojure.lang.RT.seq (RT.java:484) clojure.core$seq.invoke (core.clj:133) clojure.core$map$fn__4245.invoke (core.clj:2551) clojure.lang.LazySeq.sval (LazySeq.java:40) clojure.lang.LazySeq.seq (LazySeq.java:49) clojure.lang.RT.seq (RT.java:484) clojure.core$seq.invoke (core.clj:133) clojure.core.protocols$seq_reduce.invoke (protocols.clj:30) clojure.core.protocols/fn (protocols.clj:54) clojure.core.protocols$fn__6031$G__6026__6044.invoke (protocols.clj:13) clojure.core$reduce.invoke (core.clj:6289) schema.core$eval3377$fn__3395$fn__3412.invoke (core.clj:787) schema.core$eval3377$fn__3395$fn__3412.invoke (core.clj:785) clojure.core$comp$fn__4192.invoke (core.clj:2403) com.puppetlabs.puppetdb.cli.export$eval5305$report__GT_tar__5306.invoke (export.clj:153) com.puppetlabs.puppetdb.cli.export$eval5329$get_node_data__5330$fn__5334.invoke (export.clj:184) com.puppetlabs.puppetdb.cli.export$eval5329$get_node_data__5330.invoke (export.clj:170) com.puppetlabs.puppetdb.cli.export$_main.doInvoke (export.clj:241) clojure.lang.RestFn.invoke (RestFn.java:421) clojure.lang.Var.invoke (Var.java:383) clojure.lang.AFn.applyToHelper (AFn.java:156) clojure.lang.Var.applyTo (Var.java:700) clojure.core$apply.invoke (core.clj:624) com.puppetlabs.puppetdb.core$run_command.invoke (core.clj:87) com.puppetlabs.puppetdb.core$_main.doInvoke (core.clj:95) clojure.lang.RestFn.invoke (RestFn.java:436) clojure.lang.Var.invoke (Var.java:388) clojure.lang.AFn.applyToHelper (AFn.java:160) clojure.lang.Var.applyTo (Var.java:700) clojure.core$apply.invoke (core.clj:624) clojure.main$main_opt.invoke (main.clj:315) clojure.main$main.doInvoke (main.clj:420) clojure.lang.RestFn.invoke (RestFn.java:482) clojure.lang.Var.invoke (Var.java:401) clojure.lang.AFn.applyToHelper (AFn.java:171) clojure.lang.Var.applyTo (Var.java:700) clojure.main.main (main.java:37) 2014-07-18 18:35:57,650 ERROR [p.t.logging] Uncaught exception java.lang.AssertionError: Assert failed: % at com.puppetlabs.puppetdb.cli.export$events_for_report_hash.invoke(export.clj:114) ~[na:na] at com.puppetlabs.puppetdb.cli.export$reports_for_node$fn__5294.invoke(export.clj:150) ~[na:na] at clojure.core$map$fn__4245.invoke(core.clj:2557) ~[puppetdb.jar:na] at clojure.lang.LazySeq.sval(LazySeq.java:40) ~[puppetdb.jar:na] at clojure.lang.LazySeq.seq(LazySeq.java:49) ~[puppetdb.jar:na] at clojure.lang.RT.seq(RT.java:484) ~[puppetdb.jar:na] at clojure.core$seq.invoke(core.clj:133) ~[puppetdb.jar:na] at clojure.core$map$fn__4245.invoke(core.clj:2551) ~[puppetdb.jar:na] at clojure.lang.LazySeq.sval(LazySeq.java:40) ~[puppetdb.jar:na] at clojure.lang.LazySeq.seq(LazySeq.java:49) ~[puppetdb.jar:na] at clojure.lang.RT.seq(RT.java:484) ~[puppetdb.jar:na] at clojure.core$seq.invoke(core.clj:133) ~[puppetdb.jar:na] at clojure.core$map$fn__4245.invoke(core.clj:2551) ~[puppetdb.jar:na] at clojure.lang.LazySeq.sval(LazySeq.java:40) ~[puppetdb.jar:na] at clojure.lang.LazySeq.seq(LazySeq.java:49) ~[puppetdb.jar:na] at clojure.lang.RT.seq(RT.java:484) ~[puppetdb.jar:na] at clojure.core$seq.invoke(core.clj:133) ~[puppetdb.jar:na] at clojure.core.protocols$seq_reduce.invoke(protocols.clj:30) ~[puppetdb.jar:na] at clojure.core.protocols$fn__6078.invoke(protocols.clj:54) ~[puppetdb.jar:na] at clojure.core.protocols$fn__6031$G__6026__6044.invoke(protocols.clj:13) ~[puppetdb.jar:na] at clojure.core$reduce.invoke(core.clj:6289) ~[puppetdb.jar:na] at schema.core$eval3377$fn__3395$fn__3412.invoke(core.clj:787) ~[na:na] at schema.core$eval3377$fn__3395$fn__3412.invoke(core.clj:785) ~[na:na] at clojure.core$comp$fn__4192.invoke(core.clj:2403) ~[puppetdb.jar:na] at
[Puppet Users] Re: user authentication with proxyserver
On Friday, July 18, 2014 4:32:18 AM UTC-5, robert api wrote: Hi, i was trying to configure my client with a proxy that requires user authentication, upon looking through the configuration reference page, i only found the settings for proxy hostname/port. as long as the proxy server permits every user without further authentication everything runs good, but i may need to configure a user authentication for some nodes, to be able to access to internet and communicate with my puppetmaster. That's unusual. It's atypical to need to go through a proxy server to get to resources on your own network, and that's normally where the master would reside. It is even more unusual to need to go through an *authenticated* proxy server to get at your own network. any idea how i would achieve that or is such a feature not implemented yet? i cant seem to find google hits for my searches. You can use an Exec or a custom resource type to authenticate to the proxy server at the beginning of your puppet run (and also to log off at the end). Run stages would serve well to ensure that is done at the appropriate times relative to all your regular classes. The details of the Exec and/or of the operation of a custom type's provider would depend on the implementation of the relevant authentication system. All of that assumes, however, that you're ok with putting the proxy server credentials in your catalogs (probably in plain text), or that you are willing to record them somewhere on each client system. If you need to go through a proxy such as you describe for Puppet to work, but you can't entrust Puppet with the credentials, then automated runs just aren't going to work for you. You would need to go to some scheme around local manifests and data, and 'puppet apply', so that a live user could and would be there to authenticate. John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/f274a5e0-98a2-493d-9bc2-4fc84d727912%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] HA puppetmaster in AWS
I used this approach detailed below in production for a large-ish environment. When used in conjunction with Nginx load balancing in AWS (http://blog.mague.com/?p=286) it worked very well. 1) Route all certificate requests (explained above) to a pair of boxes that have the sync setup listed below 2) Route specific environments to specific puppet backends One further refinement is to set up a puppet master running in debug mode and create a debug environment which is useful for troubleshooting. -c On Friday, July 18, 2014 6:03:51 AM UTC-7, Juan Sierra Pons wrote: Hi What about this approach? [1] Sync Puppet Certs between EC2 regions It seems very easy to implement: unison + incron + scripts Disclaimer: not tested yet. Hope to have a prof of concept next week. Best regards [1] http://blog.mague.com/?p=468 -- Juan Sierra Pons ju...@elsotanillo.net javascript: Linux User Registered: #257202 Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo GPG key = 0xA110F4FE Key Fingerprint = DF53 7415 0936 244E 9B00 6E66 E934 3406 A110 F4FE -- -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/d092191d-f933-4669-9272-2f104a894851%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] puppetdb export before migration
Does this sound like your issue? https://tickets.puppetlabs.com/browse/PDB-762 We found it recently and have already fixed it in source, but not shipped a fix yet. We were holding off for someone complaining loud enough or just shipping it with 2.2.0 (which should be out in a few weeks or so). ken. On Fri, Jul 18, 2014 at 5:42 PM, Fabrice Bacchella fbacche...@spamcop.net wrote: I ran an puppetdb export yesterday. It ran fine. It was a puppetdb 2.0 Now, after an export to puppetdb 2.1, I got some strange exception. puppet master is working fine, I didn't see anything special in the release notes. puppetmaster is running fine. Did I miss something ? $ puppetdb export --outfile ./my-puppetdb-export.tar.gz java.lang.AssertionError: Assert failed: % at com.puppetlabs.puppetdb.cli.export$events_for_report_hash.invoke (export.clj:114) com.puppetlabs.puppetdb.cli.export$reports_for_node$fn__5294.invoke (export.clj:150) clojure.core$map$fn__4245.invoke (core.clj:2557) clojure.lang.LazySeq.sval (LazySeq.java:40) clojure.lang.LazySeq.seq (LazySeq.java:49) clojure.lang.RT.seq (RT.java:484) clojure.core$seq.invoke (core.clj:133) clojure.core$map$fn__4245.invoke (core.clj:2551) clojure.lang.LazySeq.sval (LazySeq.java:40) clojure.lang.LazySeq.seq (LazySeq.java:49) clojure.lang.RT.seq (RT.java:484) clojure.core$seq.invoke (core.clj:133) clojure.core$map$fn__4245.invoke (core.clj:2551) clojure.lang.LazySeq.sval (LazySeq.java:40) clojure.lang.LazySeq.seq (LazySeq.java:49) clojure.lang.RT.seq (RT.java:484) clojure.core$seq.invoke (core.clj:133) clojure.core.protocols$seq_reduce.invoke (protocols.clj:30) clojure.core.protocols/fn (protocols.clj:54) clojure.core.protocols$fn__6031$G__6026__6044.invoke (protocols.clj:13) clojure.core$reduce.invoke (core.clj:6289) schema.core$eval3377$fn__3395$fn__3412.invoke (core.clj:787) schema.core$eval3377$fn__3395$fn__3412.invoke (core.clj:785) clojure.core$comp$fn__4192.invoke (core.clj:2403) com.puppetlabs.puppetdb.cli.export$eval5305$report__GT_tar__5306.invoke (export.clj:153) com.puppetlabs.puppetdb.cli.export$eval5329$get_node_data__5330$fn__5334.invoke (export.clj:184) com.puppetlabs.puppetdb.cli.export$eval5329$get_node_data__5330.invoke (export.clj:170) com.puppetlabs.puppetdb.cli.export$_main.doInvoke (export.clj:241) clojure.lang.RestFn.invoke (RestFn.java:421) clojure.lang.Var.invoke (Var.java:383) clojure.lang.AFn.applyToHelper (AFn.java:156) clojure.lang.Var.applyTo (Var.java:700) clojure.core$apply.invoke (core.clj:624) com.puppetlabs.puppetdb.core$run_command.invoke (core.clj:87) com.puppetlabs.puppetdb.core$_main.doInvoke (core.clj:95) clojure.lang.RestFn.invoke (RestFn.java:436) clojure.lang.Var.invoke (Var.java:388) clojure.lang.AFn.applyToHelper (AFn.java:160) clojure.lang.Var.applyTo (Var.java:700) clojure.core$apply.invoke (core.clj:624) clojure.main$main_opt.invoke (main.clj:315) clojure.main$main.doInvoke (main.clj:420) clojure.lang.RestFn.invoke (RestFn.java:482) clojure.lang.Var.invoke (Var.java:401) clojure.lang.AFn.applyToHelper (AFn.java:171) clojure.lang.Var.applyTo (Var.java:700) clojure.main.main (main.java:37) 2014-07-18 18:35:57,650 ERROR [p.t.logging] Uncaught exception java.lang.AssertionError: Assert failed: % at com.puppetlabs.puppetdb.cli.export$events_for_report_hash.invoke(export.clj:114) ~[na:na] at com.puppetlabs.puppetdb.cli.export$reports_for_node$fn__5294.invoke(export.clj:150) ~[na:na] at clojure.core$map$fn__4245.invoke(core.clj:2557) ~[puppetdb.jar:na] at clojure.lang.LazySeq.sval(LazySeq.java:40) ~[puppetdb.jar:na] at clojure.lang.LazySeq.seq(LazySeq.java:49) ~[puppetdb.jar:na] at clojure.lang.RT.seq(RT.java:484) ~[puppetdb.jar:na] at clojure.core$seq.invoke(core.clj:133) ~[puppetdb.jar:na] at clojure.core$map$fn__4245.invoke(core.clj:2551) ~[puppetdb.jar:na] at clojure.lang.LazySeq.sval(LazySeq.java:40) ~[puppetdb.jar:na] at clojure.lang.LazySeq.seq(LazySeq.java:49) ~[puppetdb.jar:na] at clojure.lang.RT.seq(RT.java:484) ~[puppetdb.jar:na] at clojure.core$seq.invoke(core.clj:133) ~[puppetdb.jar:na] at clojure.core$map$fn__4245.invoke(core.clj:2551) ~[puppetdb.jar:na] at clojure.lang.LazySeq.sval(LazySeq.java:40) ~[puppetdb.jar:na] at clojure.lang.LazySeq.seq(LazySeq.java:49) ~[puppetdb.jar:na] at clojure.lang.RT.seq(RT.java:484) ~[puppetdb.jar:na] at clojure.core$seq.invoke(core.clj:133) ~[puppetdb.jar:na] at clojure.core.protocols$seq_reduce.invoke(protocols.clj:30) ~[puppetdb.jar:na] at clojure.core.protocols$fn__6078.invoke(protocols.clj:54) ~[puppetdb.jar:na] at
[Puppet Users] Puppet module for Windows 2012 SNMP Service
Does anyone have a module or example puppet code for turning on SNMP server and setting the community on a Windows 2012 server? Matt -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAOTD2YQqu_sKX-E%3Ddvr6UXw%3DnFGsYJJg-UTktnZxuJ9bz8e65Q%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Facter path issue
On Fri, Jul 18, 2014 at 8:36 AM, Jim Richard jimr6...@gmail.com wrote: Thanks for the quick reply Rob. I went ahead and spun up a new Server2008R2 virtual machine to test a very basic install: grabbed the iso from http://www.microsoft.com/en-us/download/details.aspx?id=11093 installed Windows as usual, did the Windows update dance reboot, reboot, etc got the puppet agent from https://downloads.puppetlabs.com/windows/, I tried the most recent agent version and even the oldest, 2.7 version, both the same I also tried installing to the Administrator account as well as installing to another account And, I saw the same behavior. I tried echo %PATH% and then environment.bat and that did give a clue. I ran environment.bat multiple times and each time the Path var in the Puppet shell grows. I've attached a screen shot so you can see what I mean. So, it looks like the Puppet shell initialization process executes environment.bat twice; that happens for scheduled agent runs as well. This is probably because puppet.bat and facter.bat both call it. :( If I just wanted Facter to report back the true system Path, minus all of the puppet shell added stuff, what would you suggest. Pull it from the registry? Or via a custom fact, take what Facter reports and chop off all of the extra Puppet shell applied stuff with a regex? https://lh3.googleusercontent.com/-1qTwaiZxz0s/U8k9oPOJYXI/B-k/YXycPbeOk9o/s1600/Screen+Shot+2014-07-18+at+11.26.54+AM.png Perhaps a custom fact? On Thursday, July 17, 2014 6:12:26 PM UTC-4, Rob Reynolds wrote: On Thu, Jul 17, 2014 at 2:37 PM, Jim Richard jimr...@gmail.com wrote: Facter on a Windows 2008R2 server is doing something weird. Version of facter is 2.0.2. If I, from the Puppet command prompt, do a echo %Path%, I see exactly what I expect. But if I say facter Path, it shows me all of the Puppet added path stuff twice, ie. the output is almost twice as much text. Oddly, the original pre: puppet agent install path data is still reported by facter, correctly, not doubled up, but all of the path items added by the puppet agent install process show up twice when I issue a facter Path. My real path: E:\oracle\product\11.2.0\db_1\bin;%SystemRoot%\system32;% SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\ System32\WindowsPowerShell\v1.0\;C:\Unix;E:\oracle\product\ 11.2.0\db_1\OPatch;C:\jdk_release\bin;F:\RATEWARE What facter thinks is my Path: C:\Program Files (x86)\Puppet Labs\Puppet\puppet\bin;C:\Program Files (x86)\Puppet Labs\Puppet\facter\bin;C:\Program Files (x86)\Puppet Labs\Puppet\hiera\bin;C:\Program Files (x86)\Puppet Labs\Puppet\bin;C:\Program Files (x86)\Puppet Labs\Puppet\sys\ruby\bin;C:\Program Files (x86)\Puppet Labs\Puppet\sys\tools\bin;C:\Program Files (x86)\Puppet Labs\Puppet\puppet\bin;C:\Program Files (x86)\Puppet Labs\Puppet\facter\bin;C:\Program Files (x86)\Puppet Labs\Puppet\hiera\bin;C:\Program Files (x86)\Puppet Labs\Puppet\bin;C:\Program Files (x86)\Puppet Labs\Puppet\sys\ruby\bin;C:\ ProgramFiles(x86)\PuppetLabs\Puppet\sys\tools\bin;E:\ oracle\product\11.2.0\db_1\bin;C:\Windows\system32;C:\ Windows;C:\Windows\System32\Wbem;C:\Windows\System32\ WindowsPowerShell\v1.0\;C:\Unix;E:\oracle\product\11.2.0\ db_1\OPatch;C:\jdk_release\bin;F:\RATEWARE Any ideas what might cause this? Note the first thing that facter.bat / puppet.bat runs is a call to environment.bat, which ensures that the console has all of the right environment variables set and it updates PATH as well. Why it is doubling up is another issue entirely. Try this - open a command line and call: echo %PATH% environment.bat echo %PATH% Oddly enough, I don't see C:\Program Files (x86)\Puppet Labs\Puppet\bin in your original path as I might expect to see. How did you install facter on your Windows system? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/ msgid/puppet-users/97685237-6523-40a3-81ad-38f98df86593% 40googlegroups.com https://groups.google.com/d/msgid/puppet-users/97685237-6523-40a3-81ad-38f98df86593%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- Rob Reynolds Developer, Puppet Labs *Join us at PuppetConf 2014 http://www.puppetconf.com/, September 20-24 in San Francisco* *Register by July 31st to take advantage of the Early Bird discount https://puppetconf2014.eventbrite.com/?discount=EarlyBird **--**save $249!* -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on
[Puppet Users] Re: Facter path issue
Yep, a custom fact. In case someone else happens upon this looking for a similar answer, here's my custom fact to override Facter's default path fact: Facter.add('path') do confine :kernel = 'windows' setcode do my_fact = Facter::Util::Resolution.exec('C:\Windows\system32\cmd.exe /C reg query HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment /v Path') my_fact.rpartition('REG_EXPAND_SZ').slice(2).strip end end Thanks Rob ! On Thursday, July 17, 2014 3:37:03 PM UTC-4, Jim Richard wrote: Facter on a Windows 2008R2 server is doing something weird. Version of facter is 2.0.2. If I, from the Puppet command prompt, do a echo %Path%, I see exactly what I expect. But if I say facter Path, it shows me all of the Puppet added path stuff twice, ie. the output is almost twice as much text. Oddly, the original pre: puppet agent install path data is still reported by facter, correctly, not doubled up, but all of the path items added by the puppet agent install process show up twice when I issue a facter Path. My real path: E:\oracle\product\11.2.0\db_1\bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Unix;E:\oracle\product\11.2.0\db_1\OPatch;C:\jdk_release\bin;F:\RATEWARE What facter thinks is my Path: C:\Program Files (x86)\Puppet Labs\Puppet\puppet\bin;C:\Program Files (x86)\Puppet Labs\Puppet\facter\bin;C:\Program Files (x86)\Puppet Labs\Puppet\hiera\bin;C:\Program Files (x86)\Puppet Labs\Puppet\bin;C:\Program Files (x86)\Puppet Labs\Puppet\sys\ruby\bin;C:\Program Files (x86)\Puppet Labs\Puppet\sys\tools\bin;C:\Program Files (x86)\Puppet Labs\Puppet\puppet\bin;C:\Program Files (x86)\Puppet Labs\Puppet\facter\bin;C:\Program Files (x86)\Puppet Labs\Puppet\hiera\bin;C:\Program Files (x86)\Puppet Labs\Puppet\bin;C:\Program Files (x86)\Puppet Labs\Puppet\sys\ruby\bin;C:\ProgramFiles(x86)\PuppetLabs\Puppet\sys\tools\bin;E:\oracle\product\11.2.0\db_1\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Unix;E:\oracle\product\11.2.0\db_1\OPatch;C:\jdk_release\bin;F:\RATEWARE Any ideas what might cause this? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/a244e99f-3c11-4052-a0d4-f491089a1764%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] puppetdb export before migration
Indeed, there is a few unchanged report in my db. So I'll have to wait until 2.2.0 I'm afraid. Le 18 juil. 2014 à 19:22, Ken Barber k...@puppetlabs.com a écrit : Does this sound like your issue? https://tickets.puppetlabs.com/browse/PDB-762 We found it recently and have already fixed it in source, but not shipped a fix yet. We were holding off for someone complaining loud enough or just shipping it with 2.2.0 (which should be out in a few weeks or so). ken. On Fri, Jul 18, 2014 at 5:42 PM, Fabrice Bacchella fbacche...@spamcop.net wrote: I ran an puppetdb export yesterday. It ran fine. It was a puppetdb 2.0 Now, after an export to puppetdb 2.1, I got some strange exception. puppet master is working fine, I didn't see anything special in the release notes. puppetmaster is running fine. Did I miss something ? $ puppetdb export --outfile ./my-puppetdb-export.tar.gz java.lang.AssertionError: Assert failed: % at com.puppetlabs.puppetdb.cli.export$events_for_report_hash.invoke (export.clj:114) com.puppetlabs.puppetdb.cli.export$reports_for_node$fn__5294.invoke (export.clj:150) clojure.core$map$fn__4245.invoke (core.clj:2557) clojure.lang.LazySeq.sval (LazySeq.java:40) clojure.lang.LazySeq.seq (LazySeq.java:49) clojure.lang.RT.seq (RT.java:484) clojure.core$seq.invoke (core.clj:133) clojure.core$map$fn__4245.invoke (core.clj:2551) clojure.lang.LazySeq.sval (LazySeq.java:40) clojure.lang.LazySeq.seq (LazySeq.java:49) clojure.lang.RT.seq (RT.java:484) clojure.core$seq.invoke (core.clj:133) clojure.core$map$fn__4245.invoke (core.clj:2551) clojure.lang.LazySeq.sval (LazySeq.java:40) clojure.lang.LazySeq.seq (LazySeq.java:49) clojure.lang.RT.seq (RT.java:484) clojure.core$seq.invoke (core.clj:133) clojure.core.protocols$seq_reduce.invoke (protocols.clj:30) clojure.core.protocols/fn (protocols.clj:54) clojure.core.protocols$fn__6031$G__6026__6044.invoke (protocols.clj:13) clojure.core$reduce.invoke (core.clj:6289) schema.core$eval3377$fn__3395$fn__3412.invoke (core.clj:787) schema.core$eval3377$fn__3395$fn__3412.invoke (core.clj:785) clojure.core$comp$fn__4192.invoke (core.clj:2403) com.puppetlabs.puppetdb.cli.export$eval5305$report__GT_tar__5306.invoke (export.clj:153) com.puppetlabs.puppetdb.cli.export$eval5329$get_node_data__5330$fn__5334.invoke (export.clj:184) com.puppetlabs.puppetdb.cli.export$eval5329$get_node_data__5330.invoke (export.clj:170) com.puppetlabs.puppetdb.cli.export$_main.doInvoke (export.clj:241) clojure.lang.RestFn.invoke (RestFn.java:421) clojure.lang.Var.invoke (Var.java:383) clojure.lang.AFn.applyToHelper (AFn.java:156) clojure.lang.Var.applyTo (Var.java:700) clojure.core$apply.invoke (core.clj:624) com.puppetlabs.puppetdb.core$run_command.invoke (core.clj:87) com.puppetlabs.puppetdb.core$_main.doInvoke (core.clj:95) clojure.lang.RestFn.invoke (RestFn.java:436) clojure.lang.Var.invoke (Var.java:388) clojure.lang.AFn.applyToHelper (AFn.java:160) clojure.lang.Var.applyTo (Var.java:700) clojure.core$apply.invoke (core.clj:624) clojure.main$main_opt.invoke (main.clj:315) clojure.main$main.doInvoke (main.clj:420) clojure.lang.RestFn.invoke (RestFn.java:482) clojure.lang.Var.invoke (Var.java:401) clojure.lang.AFn.applyToHelper (AFn.java:171) clojure.lang.Var.applyTo (Var.java:700) clojure.main.main (main.java:37) 2014-07-18 18:35:57,650 ERROR [p.t.logging] Uncaught exception java.lang.AssertionError: Assert failed: % at com.puppetlabs.puppetdb.cli.export$events_for_report_hash.invoke(export.clj:114) ~[na:na] at com.puppetlabs.puppetdb.cli.export$reports_for_node$fn__5294.invoke(export.clj:150) ~[na:na] at clojure.core$map$fn__4245.invoke(core.clj:2557) ~[puppetdb.jar:na] at clojure.lang.LazySeq.sval(LazySeq.java:40) ~[puppetdb.jar:na] at clojure.lang.LazySeq.seq(LazySeq.java:49) ~[puppetdb.jar:na] at clojure.lang.RT.seq(RT.java:484) ~[puppetdb.jar:na] at clojure.core$seq.invoke(core.clj:133) ~[puppetdb.jar:na] at clojure.core$map$fn__4245.invoke(core.clj:2551) ~[puppetdb.jar:na] at clojure.lang.LazySeq.sval(LazySeq.java:40) ~[puppetdb.jar:na] at clojure.lang.LazySeq.seq(LazySeq.java:49) ~[puppetdb.jar:na] at clojure.lang.RT.seq(RT.java:484) ~[puppetdb.jar:na] at clojure.core$seq.invoke(core.clj:133) ~[puppetdb.jar:na] at clojure.core$map$fn__4245.invoke(core.clj:2551) ~[puppetdb.jar:na] at clojure.lang.LazySeq.sval(LazySeq.java:40) ~[puppetdb.jar:na] at clojure.lang.LazySeq.seq(LazySeq.java:49) ~[puppetdb.jar:na] at clojure.lang.RT.seq(RT.java:484) ~[puppetdb.jar:na] at clojure.core$seq.invoke(core.clj:133) ~[puppetdb.jar:na] at clojure.core.protocols$seq_reduce.invoke(protocols.clj:30) ~[puppetdb.jar:na] at
[Puppet Users] SRV Records and Multiple Masters
Hello, Just looking for a little best practice advice. If I am using DNS SRV records to load-balance and use multiple Puppet Masters, and CA servers (certificate data is sync'ed) which is the best recommended way of generating the master certificate ? So I set certname in the [master] section and can generate a cert in that name perhaps - curious to know how people set master CA stuff for hostnames other than that of the host it running on. If so do I have to set dns_alt_names or some such for all the possible physical hostnames ? Or just worry about generating one for the certname setting in the master section of the config ? If so how would you go about generating a master certificate set for all of those ? Thanks -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/e4f858b9-ecc7-4b9b-962f-f7d6554d9f0b%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.