Re: [Puppet Users] inherits deprecated in puppet 4.x
This could work. I'll play with that to see what I can do. Thanks for the replies! Jason On Fri, Jan 9, 2015 at 3:23 PM, Peter Bukowinski pmb...@gmail.com wrote: On Jan 9, 2015, at 2:52 PM, Jason Price japr...@gmail.com wrote: This doesn't make me happy, but fine. Major versions let you have breaking changes. My question is this: What do I replace it with? My use case is as follows: node default { class{ 'ntp': } class{ 'dns': } class{ 'monitoring': } class{ 'puppet_agent': } } node 'myweb' inherits default { class{ 'web': } } node 'mydb' inherits default { class{ 'db': } } --- This has several very useful features: 1) Everything 'standard' is nicely encapsulated in the 'default' node. 2) Everything in 'default' resolves and is complete before anything in 'web' or 'db' is done. This means I don't have to go crazy about 'requires' and 'notify' for these resources. They're already done. So: What do I do instead which handles the two features? I could easily build a new class with everything in the default node... But that fails the second piece. I'd have to build a nasty anchor pattern in every node to ensure that everything in default resolves first... which is ugly. Thoughts? Here's a quick-and-dirty rejiggering that keeps the same functionality: class default_class { class{ 'ntp': } class{ 'dns': } class{ 'monitoring': } class{ 'puppet_agent': } } node 'myweb' { require default_class class{ 'web': } } node 'mydb' { require default_class class{ 'db': } } -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/3C142BDD-4652-4BFF-AC67-BE88CDDC7603%40gmail.com . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAChvjRAh1g-v%2B9hXwZX6nNDpuqCPPbiWRyyafEY-7qOKcFk7Pw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: Certificate verify fails without indications
This thread was very helpful and got me most of the way there. I started with bare-bones legacy RHEL4 vms and had to add a couple steps to get things working properly. Here's the complete procedure from start to finish: *RHEL4 Client Installation:* Set up some repos: cd /etc/yum.repos.d wget http://public-yum.oracle.com/public-yum-el4.repo Install some packages: yum install gcc yum install zlib yum install zlib-devel Install Ruby: cd /opt wget ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.7-p72.tar.gz tar -xzvf ruby-1.8.7-p72.tar.gz cd ruby-1.8.7-p72 ./configure make make install Install ruby gems: cd /opt wget http://pkgs.fedoraproject.org/repo/pkgs/rubygems/rubygems-1.3.7.tgz/e85cfadd025ff6ab689375adbf344bbe/rubygems-1.3.7.tgz tar -xvzf rubygems-1.3.7.tgz cd rubygems-1.3.7 /usr/local/bin/ruby setup.rb Install/Upgrade openssl and openssl-devel: yum install openssl yum install openssl-devel Install openssl support for ruby: cd /opt/ruby-1.8.7-p72/ext/openssl /usr/local/bin/ruby extconf.rb make make install Install Puppet: gem install puppet Configure Puppet: mkdir /etc/puppet cp /usr/local/lib/ruby/gems/1.8/gems/puppet-3.7.3/ext/redhat/puppet.conf /etc/puppet/. Add your changes to puppet.conf *Oracle Enterprise Linux 7 Server Install Changes:* If you did a yum install puppet-server from the puppetlabs repo already: This procedure won't blow away changes to config files, but let's back them up anyway: cp -rp /etc/puppet /root/. Remove the package and clear the ssl directory. yum remove puppet-server rm -rf /etc/puppet/ssl/* Download puppet source tarball and fixup the code: cd /opt wget http://downloads.puppetlabs.com/puppet/puppet-3.7.2.tar.gz tar -xvzf puppet-3.7.2.tar.gz cd /opt/puppet-3.7.2/lib/puppet/ssl vi certificate_signer.rb swap all instances of SHA256 for SHA1, swap SHA1 for SHA256 see upthread for details Install Puppet: cd /opt/puppet-3.7.2 ruby install.rb Start the Puppet Master and generate new SSL CA certs: puppet master --verbose --no-daemonize You should see the ca cert being generated with SHA1 fingerprint like this: Info: Creating a new SSL key for ca Info: Creating a new SSL certificate request for ca Info: Certificate Request fingerprint (SHA1): 33:81:E5:BF:A2:E4:57:86:17:B2:2F:DC:AB:BA:2D:6E:0F:D6:C3:7E Notice: Signed certificate request for ca Info: Creating a new certificate revocation list Info: Creating a new SSL key for puppet.my.domain.com Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml Info: Creating a new SSL certificate request for puppet.my.domain.com Info: Certificate Request fingerprint (SHA1): AB:B1:A7:21:F0:AA:0A:CB:E4:76:2D:5C:B4:87:38:69:BB:70:23:DF Notice: puppet.my.domain.com has a waiting certificate request Info: Autosigning puppet.my.domain.com Notice: Signed certificate request for puppet.my.domain.com Notice: Removing file Puppet::SSL::CertificateRequest puppet.my.domain.com at '/var/puppet/ssl/ca/requests/puppet.my.domain.com.pem' Notice: Removing file Puppet::SSL::CertificateRequest puppet.my.domain.com at '/var/puppet/ssl/certificate_requests/puppet.my.domain.pem' Notice: Starting Puppet master version 3.7.2 ^CNotice: Caught INT; calling stop Hit ctrl-C when you see the line that says: Notice: Starting Puppet master version 3.7.2 You can now start your apache/rack application and you are good to go. Make sure to get rid of existing certs on any non-RHEL4 clients so they can regenerate them from the altered master. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/d76a9e9c-f7c9-4dbf-b734-fc361dbacabb%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Puppet: installing package via pip
Puppet version 3.7.3 Master and agent are running on Centos v7.0 When the manifest includes the following block, it fails with the error below: code block: package {'s3cmd': ensure = present, provider = 'pip', require = Package['python-pip'] } (for reference, the python-pip package installs just fine). The error: $ sudo puppet agent -t Notice: Ignoring --listen on onetime run Info: Retrieving pluginfacts Info: Retrieving plugin Info: Loading facts Info: Caching catalog for toy9x123.analytics-qa.weather.com Info: Applying configuration version '1420853760' *Error: Could not set 'present' on ensure: Could not locate the pip command. at 35:/etc/puppet/modules/etc/manifests/packages.ppError: Could not set 'present' on ensure: Could not locate the pip command. at 35:/etc/puppet/modules/etc/manifests/packages.pp* Wrapped exception: Could not locate the pip command. Error: /Stage[main]/Etc::Packages/Package[s3cmd]/ensure: change from absent to present failed: Could not set 'present' on ensure: Could not locate the pip command. at 35:/etc/puppet/modules/etc/manifests/packages.pp so, this is odd. I've done some googling that indicates that a $PATH issue might be in play, but when I do things like 'sudo which pip' I get '/bin/pip' (centos symlinks /bin to /usr/bin). I've validated that pip can install s3cmd without issue. The manifest still fails even if s3cmd is installed, so it's completely a problem with how puppet is trying to call pip. Any insights? Thank you; Jason -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAChvjRCbwzBxEDu1yQLbYqMn7z1OaZk6D%3DDsVQznpurxUhj%2BFQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Error: Failed to parse template . Detail: Could not find value for 'serveraliases' at
Hi, I am having this issue: *Error: Failed to parse template otrs/vhost-otrs.conf.erb:* * Filepath: /opt/puppet/lib/ruby/site_ruby/1.9.1/puppet/parser/templatewrapper.rb* * Line: 81* * Detail: Could not find value for 'serveraliases' at /etc/puppetlabs/puppet/modules/otrs/templates/vhost-otrs.conf.erb:7* * at /etc/puppetlabs/puppet/modules/otrs/manifests/apache.pp:10 on node dot-pap-spr-t03.ddc.dot.state.ma.us* Here is my code manifests code: class otrs::apache { include apache apache::vhost { $otrs::sitename: priority= '01', docroot = '/var/www', port= '80', serveraliases = [ $::fqdn ], } } Here is my template: * cat vhost-otrs.conf.erb* *# OTRS Config* *# MaxRequestsPerChild (so no apache child will be to big!)* *MaxRequestsPerChild 4000* *VirtualHost *:%= scope.lookupvar(otrs::apache::port) %* * ServerName %= @name %* *%if serveraliases.is_a? Array -%* *% serveraliases.each do |name| -%%= ServerAlias #{name}\n %% end -%* *% elsif serveraliases != '' -%* *%= ServerAlias #{serveraliases} -%* *% end -%* Do any one knows answer? I could not find the answer for this? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/bd158b48-e669-4684-a53d-433bb75b312b%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Concatinating hashes
You could likely use iteration in the future parser or recursion to build up the string, but what sits in my mind as the path of least resistance is inline templating (c.f. https://docs.puppetlabs.com/references/latest/function.html#inlinetemplate). I ran a quick test along these lines and it appeared to produce appropriate output: $search = { 'cust0' = 'a41mgt.local all-for-one.local', 'cust1' = 'A4T.local', 'cust2' = 'a4y.remote', } notify { ILT Search: ${search}: } $string = inline_template(%= @search.values.join(' ') %) notify { ILT String: ${string}: } Notice: ILT Search: cust2a4y.remotecust1A4T.localcust0a41mgt.local all-for-one.local Notice: ILT String: a4y.remote A4T.local a41mgt.local all-for-one.local This can definitely be improved upon, but it seems to do the trick. On Fri, Jan 9, 2015 at 8:09 AM, Michael Wörz michael.wo...@gmail.com wrote: Hello, given the following datastructure i want to create a resolv.conf file dns: nameservers: '3': 10.200.1.230 '4': 10.200.1.231 ... search: cust0: a41mgt.local all-for-one.local cust1: A4T.local .. for the nameserver list it is easy to itaerate over the list calling a defined type with a concat resource. the search list gives me headache because i need to concatinate a string from it. a41mgt.local all-for-one.local A4T.local ... any ideas ? Thanks -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/2b2a3b34-1120-4d61-bfd6-caae6f6b0303%40googlegroups.com https://groups.google.com/d/msgid/puppet-users/2b2a3b34-1120-4d61-bfd6-caae6f6b0303%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CALGSqjLCxEBsQbF9xZPfJvA8tUUFvBFvh0Ajp_PQ7%3DJ1S-UKwg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Error: Failed to parse template . Detail: Could not find value for 'serveraliases' at
Hi Martin, I switched that to scoped variables. After that i am getting another issue. *Here is .erb file:* *# OTRS Config* *# MaxRequestsPerChild (so no apache child will be to big!)* *MaxRequestsPerChild 4000* *VirtualHost *:%= scope.lookupvar(otrs::apache::port) %* * ServerName %= @name %* *%if scope.lookupvar(otrs::apache::serveraliases).is_a? Array -%* *% serveraliases.each do |name| -%%= ServerAlias #{name}\n %% end -%* *% elsif scope.lookupvar(otrs::apache::serveraliases) != '' -%* *%= ServerAlias #{scope.lookupvar(otrs::apache::serveraliases)} -%* *% end -%* * ServerAdmin %= scope.lookupvar(otrs::serveradmin) %* *Now the issue is:* *class otrs::apache { include apache apache::vhost { $otrs::sitename: priority= '01',docroot = '/var/www',port = '80',serveraliases = [ $::fqdn ],content= template('otrs/vhost-otrs.conf.erb'), }Error: Invalid parameter content at /etc/puppetlabs/puppet/modules/otrs/manifests/apache.pp:11 * On Friday, January 9, 2015 at 11:09:14 AM UTC-5, Martin Alfke wrote: Seems to be an issue with unscoped variable inside the template. https://docs.puppetlabs.com/guides/templating.html#referencing-variables Please switch to scoped variables in your template: # OTRS Config # MaxRequestsPerChild (so no apache child will be to big!) MaxRequestsPerChild 4000 VirtualHost *:%= scope.lookupvar(otrs::apache::port) % ServerName %= @name % %if @serveraliases.is_a? Array -% % @serveraliases.each do |name| -%%= ServerAlias #{name}\n %% end -% % elsif @serveraliases != '' -% %= ServerAlias #{@serveraliases} -% % end -% hth, Martin On 09 Jan 2015, at 16:58, Craig White white...@gmail.com javascript: wrote: Testing for errors is part of the erb game. Comment all of that out and put in just %= serveraliases -% just to see what is written to the file. In your case above, it seems you have accounted for whether serveraliases is an array or empty but not a simple string which is probably what it is. On Friday, January 9, 2015 at 8:41:20 AM UTC-7, Spriya wrote: Hi, I am having this issue: Error: Failed to parse template otrs/vhost-otrs.conf.erb: Filepath: /opt/puppet/lib/ruby/site_ruby/1.9.1/puppet/parser/templatewrapper.rb Line: 81 Detail: Could not find value for 'serveraliases' at /etc/puppetlabs/puppet/modules/otrs/templates/vhost-otrs.conf.erb:7 at /etc/puppetlabs/puppet/modules/otrs/manifests/apache.pp:10 on node dot-pap-spr-t03.ddc.dot.state.ma.us Here is my code manifests code: class otrs::apache { include apache apache::vhost { $otrs::sitename: priority= '01', docroot = '/var/www', port= '80', serveraliases = [ $::fqdn ], } } Here is my template: cat vhost-otrs.conf.erb # OTRS Config # MaxRequestsPerChild (so no apache child will be to big!) MaxRequestsPerChild 4000 VirtualHost *:%= scope.lookupvar(otrs::apache::port) % ServerName %= @name % %if serveraliases.is_a? Array -% % serveraliases.each do |name| -%%= ServerAlias #{name}\n %% end -% % elsif serveraliases != '' -% %= ServerAlias #{serveraliases} -% % end -% Do any one knows answer? I could not find the answer for this? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com javascript:. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/3d6e89bc-f8e9-4708-89d2-6f3408f14299%40googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/1cdf3d4b-82d5-47b0-950a-fd99e4cdbd2b%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: Error: Failed to parse template . Detail: Could not find value for 'serveraliases' at
Testing for errors is part of the erb game. Comment all of that out and put in just %= serveraliases -% just to see what is written to the file. In your case above, it seems you have accounted for whether serveraliases is an array or empty but not a simple string which is probably what it is. On Friday, January 9, 2015 at 8:41:20 AM UTC-7, Spriya wrote: Hi, I am having this issue: *Error: Failed to parse template otrs/vhost-otrs.conf.erb:* * Filepath: /opt/puppet/lib/ruby/site_ruby/1.9.1/puppet/parser/templatewrapper.rb* * Line: 81* * Detail: Could not find value for 'serveraliases' at /etc/puppetlabs/puppet/modules/otrs/templates/vhost-otrs.conf.erb:7* * at /etc/puppetlabs/puppet/modules/otrs/manifests/apache.pp:10 on node dot-pap-spr-t03.ddc.dot.state.ma.us http://dot-pap-spr-t03.ddc.dot.state.ma.us* Here is my code manifests code: class otrs::apache { include apache apache::vhost { $otrs::sitename: priority= '01', docroot = '/var/www', port= '80', serveraliases = [ $::fqdn ], } } Here is my template: * cat vhost-otrs.conf.erb* *# OTRS Config* *# MaxRequestsPerChild (so no apache child will be to big!)* *MaxRequestsPerChild 4000* *VirtualHost *:%= scope.lookupvar(otrs::apache::port) %* * ServerName %= @name %* *%if serveraliases.is_a? Array -%* *% serveraliases.each do |name| -%%= ServerAlias #{name}\n %% end -%* *% elsif serveraliases != '' -%* *%= ServerAlias #{serveraliases} -%* *% end -%* Do any one knows answer? I could not find the answer for this? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/3d6e89bc-f8e9-4708-89d2-6f3408f14299%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Concatinating hashes
Yknow, completely disregard the above answer :p I was looking at stdlib and completely forgot about it before playing with inline templating. values and join in stdlib (https://github.com/puppetlabs/puppetlabs-stdlib) do what is needed here. Much less code smell that way :p On Fri, Jan 9, 2015 at 11:00 AM, Stephen Marlow tega...@gmail.com wrote: You could likely use iteration in the future parser or recursion to build up the string, but what sits in my mind as the path of least resistance is inline templating (c.f. https://docs.puppetlabs.com/references/latest/function.html#inlinetemplate ). I ran a quick test along these lines and it appeared to produce appropriate output: $search = { 'cust0' = 'a41mgt.local all-for-one.local', 'cust1' = 'A4T.local', 'cust2' = 'a4y.remote', } notify { ILT Search: ${search}: } $string = inline_template(%= @search.values.join(' ') %) notify { ILT String: ${string}: } Notice: ILT Search: cust2a4y.remotecust1A4T.localcust0a41mgt.local all-for-one.local Notice: ILT String: a4y.remote A4T.local a41mgt.local all-for-one.local This can definitely be improved upon, but it seems to do the trick. On Fri, Jan 9, 2015 at 8:09 AM, Michael Wörz michael.wo...@gmail.com wrote: Hello, given the following datastructure i want to create a resolv.conf file dns: nameservers: '3': 10.200.1.230 '4': 10.200.1.231 ... search: cust0: a41mgt.local all-for-one.local cust1: A4T.local .. for the nameserver list it is easy to itaerate over the list calling a defined type with a concat resource. the search list gives me headache because i need to concatinate a string from it. a41mgt.local all-for-one.local A4T.local ... any ideas ? Thanks -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/2b2a3b34-1120-4d61-bfd6-caae6f6b0303%40googlegroups.com https://groups.google.com/d/msgid/puppet-users/2b2a3b34-1120-4d61-bfd6-caae6f6b0303%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CALGSqjLBP8zvEwmTYD2Q4_J0FPhsdzAPFuoBc1xHL0KgHrEc7A%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Error: Failed to parse template . Detail: Could not find value for 'serveraliases' at
Seems to be an issue with unscoped variable inside the template. https://docs.puppetlabs.com/guides/templating.html#referencing-variables Please switch to scoped variables in your template: # OTRS Config # MaxRequestsPerChild (so no apache child will be to big!) MaxRequestsPerChild 4000 VirtualHost *:%= scope.lookupvar(otrs::apache::port) % ServerName %= @name % %if @serveraliases.is_a? Array -% % @serveraliases.each do |name| -%%= ServerAlias #{name}\n %% end -% % elsif @serveraliases != '' -% %= ServerAlias #{@serveraliases} -% % end -% hth, Martin On 09 Jan 2015, at 16:58, Craig White white.n...@gmail.com wrote: Testing for errors is part of the erb game. Comment all of that out and put in just %= serveraliases -% just to see what is written to the file. In your case above, it seems you have accounted for whether serveraliases is an array or empty but not a simple string which is probably what it is. On Friday, January 9, 2015 at 8:41:20 AM UTC-7, Spriya wrote: Hi, I am having this issue: Error: Failed to parse template otrs/vhost-otrs.conf.erb: Filepath: /opt/puppet/lib/ruby/site_ruby/1.9.1/puppet/parser/templatewrapper.rb Line: 81 Detail: Could not find value for 'serveraliases' at /etc/puppetlabs/puppet/modules/otrs/templates/vhost-otrs.conf.erb:7 at /etc/puppetlabs/puppet/modules/otrs/manifests/apache.pp:10 on node dot-pap-spr-t03.ddc.dot.state.ma.us Here is my code manifests code: class otrs::apache { include apache apache::vhost { $otrs::sitename: priority= '01', docroot = '/var/www', port= '80', serveraliases = [ $::fqdn ], } } Here is my template: cat vhost-otrs.conf.erb # OTRS Config # MaxRequestsPerChild (so no apache child will be to big!) MaxRequestsPerChild 4000 VirtualHost *:%= scope.lookupvar(otrs::apache::port) % ServerName %= @name % %if serveraliases.is_a? Array -% % serveraliases.each do |name| -%%= ServerAlias #{name}\n %% end -% % elsif serveraliases != '' -% %= ServerAlias #{serveraliases} -% % end -% Do any one knows answer? I could not find the answer for this? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/3d6e89bc-f8e9-4708-89d2-6f3408f14299%40googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/181C06F1-FFC3-4080-81C4-CB29381645DD%40gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Puppet Exec Command on XML update
On Mon, Jan 5, 2015 at 11:47 PM, Pushparaj BS pushparaj...@gmail.com wrote: Hi, I have an XML file that has configuration for IIS Virtual settings for many webservice Applications, and each application is a node in the XML. Based on the XML, I have a Powershell script that can read the respective node and configure the IIS. However, I need to have puppet monitor this node in the XML and trigger the script if changed as the XML can be updated for some IIS changes for a webservice. I can see that exec command gives functionality to watch file changes, but I need to watch a node specifically. I don't think you will achieve this with Puppet alone. It seems that Puppet can kick off another tool when the file changes to do the more specific thing you need to do. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/f6572b8d-1086-4b54-9d42-837c1513feae%40googlegroups.com . For more options, visit https://groups.google.com/d/optout. -- Rob Reynolds Developer, Puppet Labs *Join us at **PuppetConf 2015, October 5-9 in Portland, OR - * http://2015.puppetconf.com/ *Register early to save 40%!* -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAMJiBK5KoxKO9mk6y9%2BcD_W4EhrWVhvyQ2_pLGYxkWjYevyBTQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Problem with ordering: Create LVM before installing mysql
Hi, I am struggling with getting a LVM created and mounted before mysql is installed on the volume. Here my high level section: node /test/ inherits resources { ### ##Create Percona Database Server ### class { 'xxx::network::db': } - class { 'xxx::servercfg::dbvg': } - class { 'xxx::database::dbdb': } - class {'xxx::user::db': } } the 'xxx::servercfg::dbvg' class is what I need to have completed before the 'xxx::servercfg::dbdb' class the agent starts with: Info: Retrieving pluginfacts Info: Retrieving plugin Info: Loading facts Info: Caching catalog for puppettest.lab1.topgolf.com Info: Applying configuration version '1420819053' Notice: /Stage[main]/xxx::User::Groups/Group[xxx]/ensure: current_value absent, should be present (noop) Notice: /Stage[main]/xxx::User::Virtual/User[xxx]/ensure: current_value absent, should be present (noop) Notice: /Stage[main]/Mysql::Server::Config/File[/etc/mysql/my.cnf]/content: As you can see, the agent configuration starts with user config, which is the last in the chain class {'xxx::user::db': } the configuration continues: Notice: /Stage[main]/xxx::User::Groups/Group[xxx]/gid: current_value 1001, should be 2006 (noop) Notice: Class[Topgolf::User::Groups]: Would have triggered 'refresh' from 2 events Notice: /Stage[main]/xxx::User::Virtual/User[xxx]/uid: current_value 1001, should be 2006 (noop) Notice: /Stage[main]/xxx::User::Virtual/User[xxx]/gid: current_value 1001, should be 2006 (noop) Notice: /Stage[main]/xxx::User::Virtual/User[xxx]/comment: current_value , should be Tony Juhasz (noop) Notice: /Stage[main]/xxx::User::Virtual/User[xxx]/password: current_value [old password hash redacted], should be [new password hash redacted] (noop) Notice: /Stage[main]/xxx::User::Virtual/User[xxx]/groups: current_value sudo, should be mysql,sudo (noop) Notice: Class[xxx::User::Virtual]: Would have triggered 'refresh' from 6 events Notice: /Stage[main]/xxx::Apt::Cleanup/Exec[remove old apt stuff]/returns: current_value notrun, should be 0 (noop) Notice: Class[xxx::Apt::Cleanup]: Would have triggered 'refresh' from 1 events Notice: Class[Mysql::Server::Config]: Would have triggered 'refresh' from 1 events Info: Class[Mysql::Server::Config]: Scheduling refresh of Class[Mysql::Server::Service] Notice: Class[Mysql::Server::Service]: Would have triggered 'refresh' from 1 events Info: Class[Mysql::Server::Service]: Scheduling refresh of Service[mysqld] Notice: /Stage[main]/Mysql::Server::Service/Service[mysqld]: Would have triggered 'refresh' from 1 events Notice: Class[Mysql::Server::Service]: Would have triggered 'refresh' from 1 events Notice: /Stage[main]/xxx::Servercfg::Dbvg/Lvm::Volume[db]/Physical_volume[/dev/sdb]/ensure: current_value absent, should be present (noop) Notice: /Stage[main]/xxx::Servercfg::Dbvg/Lvm::Volume[db]/Volume_group[ubuntu-vg]/physical_volumes: current_value /dev/sda5, should be /dev/sdb (noop) Notice: /Stage[main]/xxx::Servercfg::Dbvg/Lvm::Volume[db]/Logical_volume[db]/ensure: current_value absent, should be present (noop) Notice: /Stage[main]/xxx::Servercfg::Dbvg/Lvm::Volume[db]/Filesystem[/dev/ubuntu-vg/db]/ensure: current_value absent, should be present (noop) Notice: Lvm::Volume[db]: Would have triggered 'refresh' from 4 events Notice: /Stage[main]/xxx::Servercfg::Dbvg/File[/var/lib/mysql]/mode: current_value 0700, should be 0755 (noop) Notice: /Stage[main]/xxx::Servercfg::Dbvg/Mount[/var/lib/mysql]/ensure: current_value absent, should be mounted (noop) Info: /Stage[main]/xxx::Servercfg::Dbvg/Mount[/var/lib/mysql]: Scheduling refresh of Mount[/var/lib/mysql] Notice: /Stage[main]/xxx::Servercfg::Dbvg/Mount[/var/lib/mysql]: Would have triggered 'refresh' from 1 events Info: /Stage[main]/xxx::Servercfg::Dbvg/Mount[/var/lib/mysql]: Scheduling refresh of Mount[/var/lib/mysql] Notice: Class[xxx::Servercfg::Dbvg]: Would have triggered 'refresh' from 4 events Info: Class[xxx::Servercfg::Dbvg]: Scheduling refresh of Class[xxx::Database::Dbdb] Notice: Class[xxx::Database::Dbdb]: Would have triggered 'refresh' from 1 events Notice: /Stage[main]/xxx::User::Db/File[/home/xxx]/ensure: current_value absent, should be directory (noop) Notice: Class[xxx::User::Db]: Would have triggered 'refresh' from 1 events Notice: /Stage[main]/Main/Node[resources]/Notify[The hostname is puppettest]/message: current_value absent, should be The hostname is puppettest (noop) Notice: Node[resources]: Would have triggered 'refresh' from 1 events Notice: Class[Main]: Would have triggered 'refresh' from 1 events Notice: /Stage[main]/xxx::Resolver/File[/etc/resolv.conf]/ensure: current_value file, should be link (noop) Notice: Class[xxx::Resolver]: Would have triggered 'refresh' from 2 events Notice: Stage[main]: Would have triggered 'refresh' from 9 events I've used a require statement in the dbdb class that is called, I've reversed the arrows, the output seems
Re: [Puppet Users] inherits deprecated in puppet 4.x
On Jan 9, 2015, at 2:52 PM, Jason Price japr...@gmail.com wrote: This doesn't make me happy, but fine. Major versions let you have breaking changes. My question is this: What do I replace it with? My use case is as follows: node default { class{ 'ntp': } class{ 'dns': } class{ 'monitoring': } class{ 'puppet_agent': } } node 'myweb' inherits default { class{ 'web': } } node 'mydb' inherits default { class{ 'db': } } --- This has several very useful features: 1) Everything 'standard' is nicely encapsulated in the 'default' node. 2) Everything in 'default' resolves and is complete before anything in 'web' or 'db' is done. This means I don't have to go crazy about 'requires' and 'notify' for these resources. They're already done. So: What do I do instead which handles the two features? I could easily build a new class with everything in the default node... But that fails the second piece. I'd have to build a nasty anchor pattern in every node to ensure that everything in default resolves first... which is ugly. Thoughts? Here's a quick-and-dirty rejiggering that keeps the same functionality: class default_class { class{ 'ntp': } class{ 'dns': } class{ 'monitoring': } class{ 'puppet_agent': } } node 'myweb' { require default_class class{ 'web': } } node 'mydb' { require default_class class{ 'db': } } -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/3C142BDD-4652-4BFF-AC67-BE88CDDC7603%40gmail.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: Puppet Labs' Splunk module not purging ini_setting resources?
I'm seeing the same problem. $purge_inputs = true does not purge anything in the inputs.conf file. On Monday, October 27, 2014 at 3:59:52 PM UTC-7, Paul Krizak wrote: Hi, all. I'm having a hell of a time trying to figure out why the Puppet Labs' Splunk module (https://forge.puppetlabs.com/puppetlabs/splunk) seemingly refuses to work with the ini_setting purge functionality. Inside the module, it's got some code to purge content from the two managed INI files (inputs.conf and outputs.conf): # If the purge parameters have been set, remove all unmanaged entries from # the inputs.conf and outputs.conf files, respectively. if $purge_inputs { resources { 'splunkforwarder_input': purge = true; } } if $purge_outputs { resources { 'splunkforwarder_output': purge = true; } } I have both $purge_inputs and $purge_outputs set to true. When any of the splunkforwarder_output or splunkforwarder_input resouces change, the updated content gets written into the appropriate file, but the previous values stick around, which is bad: # cat outputs.conf [default] defaultGroup=splunk_9997 [tcpout:splunk_9997] server=splunk:9997 [tcpout:splunk_] server=splunk: [tcpout:_] server=: Has anybody else experienced this? It's behaving as if the purge isn't even active. But I've verified that my inifile module is up to date and does indeed support purging. I've also verified that the splunkforwarder_output and splunkforwarder_input providers implement the self.file_path method, which is a prerequisite to purging working. I'm not even quite sure where to start troubleshooting this, as everything appears to be by-the-book correct -- it's just that the purging bits are being (apparently) ignored. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/88ff4317-9e88-4ebe-b05e-7588a0e35603%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] defined types question
I'm fooling around with some defined types and am struggling a little. The following is just a small example of what I'm doing while I work it out: #/etc/puppet/modules/testmodule/manifests/init.pp define testmodule ( $message ){ testmodule::down { ${name}: message = test message for ${name}, } } #/etc/puppet/modules/testmodule/manifests/down.pp define testmodule::down ( $message = This is a test, ){ notify { $name: message = $message } } And I'm calling it like: testmodule { $filename: message = $message, } I have it included in my site.pp but I keep getting this: Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not find class testmodule for puptest.domain.com http://puptest.ironmountain.com/ on node puptest.domain.com http://puptest.ironmountain.com/ Warning: Not using cache on failed catalog Error: Could not retrieve catalog; skipping run Google provides no solutions to this that I've been able to discover thus far. Any help would be appreciated. I'm sure it's some lack of understanding on my part. Thanks! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/7b9505ce-1383-42ff-8f00-e28e86353000%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] inherits deprecated in puppet 4.x
This doesn't make me happy, but fine. Major versions let you have breaking changes. My question is this: What do I replace it with? My use case is as follows: node default { class{ 'ntp': } class{ 'dns': } class{ 'monitoring': } class{ 'puppet_agent': } } node 'myweb' inherits default { class{ 'web': } } node 'mydb' inherits default { class{ 'db': } } --- This has several very useful features: 1) Everything 'standard' is nicely encapsulated in the 'default' node. 2) Everything in 'default' resolves and is complete before anything in 'web' or 'db' is done. This means I don't have to go crazy about 'requires' and 'notify' for these resources. They're already done. So: What do I do instead which handles the two features? I could easily build a new class with everything in the default node... But that fails the second piece. I'd have to build a nasty anchor pattern in every node to ensure that everything in default resolves first... which is ugly. Thoughts? -Jason -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAChvjRCug_eX3PY41WH56yrfTM08QO35UJjteMKWzpsPDgQ0HA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] inherits deprecated in puppet 4.x
Clarification Request: NODE inheritance only, right ? “Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.” (Bill Waterson: Calvin Hobbes) On Jan 09, 2015, at 02:52 PM, Jason Price japr...@gmail.com wrote: This doesn't make me happy, but fine. Major versions let you have breaking changes. My question is this: What do I replace it with? My use case is as follows: node default { class{ 'ntp': } class{ 'dns': } class{ 'monitoring': } class{ 'puppet_agent': } } node 'myweb' inherits default { class{ 'web': } } node 'mydb' inherits default { class{ 'db': } } --- This has several very useful features: 1) Everything 'standard' is nicely encapsulated in the 'default' node. 2) Everything in 'default' resolves and is complete before anything in 'web' or 'db' is done. This means I don't have to go crazy about 'requires' and 'notify' for these resources. They're already done. So: What do I do instead which handles the two features? I could easily build a new class with everything in the default node... But that fails the second piece. I'd have to build a nasty anchor pattern in every node to ensure that everything in default resolves first... which is ugly. Thoughts? -Jason -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAChvjRCug_eX3PY41WH56yrfTM08QO35UJjteMKWzpsPDgQ0HA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/f24c186d-997a-4e93-9a7c-ded0f68128df%40me.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Adding nodes to puppet dashboard
Hi, I am trying to figure out an API to add nodes to the puppet dashboard. Is there a REST API on the puppet dashboard which lets me do so. Thanks Varun -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/7aea00b5-a68d-449e-b60b-3c4c4ed6c081%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] rspec-puppet: let( :title ) isn't setting title
I've created a simple module to play with rspec-puppet, and I'm having trouble getting my tests to pass because it appears I can't set the value of $title -- It's always the name of my module. I think perhaps I'm not understanding something about $title in puppet or let( :title ) in rspec-puppet. Here's what I'm testing and the results I'm getting. Create module: $ puppet module generate --skip-interview poc-filez Module contents (*poc-filez/manifests/init.pp*): class filez { file { $title: # have also tried ${title} ensure = present, } } Spec contents (*poc-filez/spec/classes/init_spec.rb*) require 'spec_helper' describe 'filez' do expected_title = '/home/me/foo' let(:title) { expected_title } # have tried variations, e.g. let (:title) { #{expected_title } # this fails it { should contain_file(#{expected_title}) } # but when I use the module name, it passes, File[filez] is in the catalog # it { should contain_file(filez) } end *.fixtures.yml* contents: fixtures: repositories: # symlinks: filez: #{source_dir} Test results: $ rake spec Failures: 1) filez should contain File[/home/me/foo] Failure/Error: it { should contain_file(#{expected_title}) } expected that the catalogue would contain File[/home/me/foo] However, if I change the module to use $name, and pass $name as a parameter in the spec, then my tests pass, e.g. *manifests/init.pp* class filez { file { $name: ensure = present, } } *spec/classes/init_spec.rb* require 'spec_helper' describe 'filez' do expected_title = '/home/me/foo' let(:params) {{ :name = expected_title }} # this passes it { should contain_file(#{expected_title}) } # this fails # it { should contain_file(filez) } end I've examined other projects that use rspec-puppet and let( :title ) and on the surface they seems very similar. But obviously, I'm missing something or not doing something correctly. Any insight would be greatly appreciated. I've got several legacy modules that use $title, so I'm hesitant to simply accept changing them to use name (unless of course that's the root of my problem). Much appreciated, Chris ps I'm using Ruby 2.1.5 on MAC OS X 10.9.5 Version Info (from *Gemfile.lock*): GEM remote: https://rubygems.org/ specs: CFPropertyList (2.2.8) diff-lcs (1.2.5) facter (2.3.0) CFPropertyList (~ 2.2.6) hiera (1.3.4) json_pure json_pure (1.8.1) metaclass (0.0.4) mocha (1.1.0) metaclass (~ 0.0.1) puppet (3.7.3) facter ( 1.6, 3) hiera (~ 1.0) json_pure puppet-lint (1.1.0) puppet-syntax (1.3.0) rake puppetlabs_spec_helper (0.8.2) mocha puppet-lint puppet-syntax rake rspec rspec-puppet rake (10.4.2) rspec (3.1.0) rspec-core (~ 3.1.0) rspec-expectations (~ 3.1.0) rspec-mocks (~ 3.1.0) rspec-core (3.1.7) rspec-support (~ 3.1.0) rspec-expectations (3.1.2) diff-lcs (= 1.2.0, 2.0) rspec-support (~ 3.1.0) rspec-mocks (3.1.3) rspec-support (~ 3.1.0) rspec-puppet (1.0.1) rspec rspec-support (3.1.2) PLATFORMS ruby DEPENDENCIES facter (= 1.7.0) puppet (= 3.3) puppet-lint (= 0.3.2) puppetlabs_spec_helper (= 0.1.0) -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/39cf1edd-aa4f-4370-8674-4b041e4cfa86%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] rspec-puppet: let( :title ) isn't setting title
Hi, Change filez from a class to a define ( https://docs.puppetlabs.com/learning/definedtypes.html). Stephen On 9 January 2015 at 23:08, Chris Galli gallil...@gmail.com wrote: I've created a simple module to play with rspec-puppet, and I'm having trouble getting my tests to pass because it appears I can't set the value of $title -- It's always the name of my module. I think perhaps I'm not understanding something about $title in puppet or let( :title ) in rspec-puppet. Here's what I'm testing and the results I'm getting. Create module: $ puppet module generate --skip-interview poc-filez Module contents (*poc-filez/manifests/init.pp*): class filez { file { $title: # have also tried ${title} ensure = present, } } Spec contents (*poc-filez/spec/classes/init_spec.rb*) require 'spec_helper' describe 'filez' do expected_title = '/home/me/foo' let(:title) { expected_title } # have tried variations, e.g. let (:title) { #{expected_title } # this fails it { should contain_file(#{expected_title}) } # but when I use the module name, it passes, File[filez] is in the catalog # it { should contain_file(filez) } end *.fixtures.yml* contents: fixtures: repositories: # symlinks: filez: #{source_dir} Test results: $ rake spec Failures: 1) filez should contain File[/home/me/foo] Failure/Error: it { should contain_file(#{expected_title}) } expected that the catalogue would contain File[/home/me/foo] However, if I change the module to use $name, and pass $name as a parameter in the spec, then my tests pass, e.g. *manifests/init.pp* class filez { file { $name: ensure = present, } } *spec/classes/init_spec.rb* require 'spec_helper' describe 'filez' do expected_title = '/home/me/foo' let(:params) {{ :name = expected_title }} # this passes it { should contain_file(#{expected_title}) } # this fails # it { should contain_file(filez) } end I've examined other projects that use rspec-puppet and let( :title ) and on the surface they seems very similar. But obviously, I'm missing something or not doing something correctly. Any insight would be greatly appreciated. I've got several legacy modules that use $title, so I'm hesitant to simply accept changing them to use name (unless of course that's the root of my problem). Much appreciated, Chris ps I'm using Ruby 2.1.5 on MAC OS X 10.9.5 Version Info (from *Gemfile.lock*): GEM remote: https://rubygems.org/ specs: CFPropertyList (2.2.8) diff-lcs (1.2.5) facter (2.3.0) CFPropertyList (~ 2.2.6) hiera (1.3.4) json_pure json_pure (1.8.1) metaclass (0.0.4) mocha (1.1.0) metaclass (~ 0.0.1) puppet (3.7.3) facter ( 1.6, 3) hiera (~ 1.0) json_pure puppet-lint (1.1.0) puppet-syntax (1.3.0) rake puppetlabs_spec_helper (0.8.2) mocha puppet-lint puppet-syntax rake rspec rspec-puppet rake (10.4.2) rspec (3.1.0) rspec-core (~ 3.1.0) rspec-expectations (~ 3.1.0) rspec-mocks (~ 3.1.0) rspec-core (3.1.7) rspec-support (~ 3.1.0) rspec-expectations (3.1.2) diff-lcs (= 1.2.0, 2.0) rspec-support (~ 3.1.0) rspec-mocks (3.1.3) rspec-support (~ 3.1.0) rspec-puppet (1.0.1) rspec rspec-support (3.1.2) PLATFORMS ruby DEPENDENCIES facter (= 1.7.0) puppet (= 3.3) puppet-lint (= 0.3.2) puppetlabs_spec_helper (= 0.1.0) -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/39cf1edd-aa4f-4370-8674-4b041e4cfa86%40googlegroups.com https://groups.google.com/d/msgid/puppet-users/39cf1edd-aa4f-4370-8674-4b041e4cfa86%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAN5z%3Dnqa_E9gmwsyVRW%2BOHFZn28uOyuPou5_DVd0gSqgJVSQhA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: Certificate verify fails without indications
This thread was very helpful and got me most of the way there. I started with bare-bones legacy RHEL4 vms and had to add a couple steps to get things working properly. Here's the complete procedure from start to finish: *RHEL4 Client Installation:* Set up some repos: cd /etc/yum.repos.d wget http://public-yum.oracle.com/public-yum-el4.repo Install some packages: yum install gcc yum install zlib yum install zlib-devel Install Ruby: cd /opt wget ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.7-p72.tar.gz tar -xzvf ruby-1.8.7-p72.tar.gz cd ruby-1.8.7-p72 ./configure make make install Install ruby gems: cd /opt wget http://pkgs.fedoraproject.org/repo/pkgs/rubygems/rubygems-1.3.7.tgz/e85cfadd025ff6ab689375adbf344bbe/rubygems-1.3.7.tgz tar -xvzf rubygems-1.3.7.tgz cd rubygems-1.3.7 /usr/local/bin/ruby setup.rb Install/Upgrade openssl and openssl-devel: yum install openssl yum install openssl-devel Install openssl support for ruby: cd /opt/ruby-1.8.7-p72/ext/openssl /usr/local/bin/ruby extconf.rb make make install Install Puppet: gem install puppet Configure Puppet: mkdir /etc/puppet cp /usr/local/lib/ruby/gems/1.8/gems/puppet-3.7.3/ext/redhat/puppet.conf /etc/puppet/. Add your changes to puppet.conf *Oracle Enterprise Linux 7 Server Install Changes:* If you did a yum install puppet-server from the puppetlabs repo already: This procedure won't blow away changes to config files, but let's back them up anyway: cp -rp /etc/puppet /root/. Remove the package and clear the ssl directory. yum remove puppet-server rm -rf /etc/puppet/ssl/* Download puppet source tarball and fixup the code: cd /opt wget http://downloads.puppetlabs.com/puppet/puppet-3.7.2.tar.gz tar -xvzf puppet-3.7.2.tar.gz cd /opt/puppet-3.7.2/lib/puppet/ssl vi certificate_signer.rb swap all instances of SHA256 for SHA1, swap SHA1 for SHA256 see upthread for details Install Puppet: cd /opt/puppet-3.7.2 ruby install.rb Start the Puppet Master and generate new SSL CA certs: puppet master --verbose --no-daemonize You should see the ca cert being generated with SHA1 fingerprint like this: Info: Creating a new SSL key for ca Info: Creating a new SSL certificate request for ca Info: Certificate Request fingerprint (SHA1): 33:81:E5:BF:A2:E4:57:86:17:B2:2F:DC:AB:BA:2D:6E:0F:D6:C3:7E Notice: Signed certificate request for ca Info: Creating a new certificate revocation list Info: Creating a new SSL key for puppet.my.domain.com Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml Info: Creating a new SSL certificate request for puppet.my.domain.com Info: Certificate Request fingerprint (SHA1): AB:B1:A7:21:F0:AA:0A:CB:E4:76:2D:5C:B4:87:38:69:BB:70:23:DF Notice: puppet.my.domain.com has a waiting certificate request Info: Autosigning puppet.my.domain.com Notice: Signed certificate request for puppet.my.domain.com Notice: Removing file Puppet::SSL::CertificateRequest puppet.my.domain.com at '/var/puppet/ssl/ca/requests/puppet.sba.select.com.pem' Notice: Removing file Puppet::SSL::CertificateRequest puppet.my.domain.com at '/var/puppet/ssl/certificate_requests/puppet.my.domain.pem' Notice: Starting Puppet master version 3.7.2 ^CNotice: Caught INT; calling stop Hit ctrl-C when you see the line that says: Notice: Starting Puppet master version 3.7.2 You can now start your apache/rack application and you are good to go. Make sure to get rid of existing certs on any non-RHEL4 clients so they can regenerate them from the altered master. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/c352a139-b350-4ef6-8c56-176fcd887d73%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] inherits deprecated in puppet 4.x
It seems you are using this as a way to classify nodes. Your best option is to use an ENC (Foreman or Hiera) to classify your nodes, ideally using the roles and profiles pattern to abstract your modules. On Jan 9, 2015, at 1:52 PM, Jason Price japr...@gmail.com wrote: This doesn't make me happy, but fine. Major versions let you have breaking changes. My question is this: What do I replace it with? My use case is as follows: node default { class{ 'ntp': } class{ 'dns': } class{ 'monitoring': } class{ 'puppet_agent': } } node 'myweb' inherits default { class{ 'web': } } node 'mydb' inherits default { class{ 'db': } } --- This has several very useful features: 1) Everything 'standard' is nicely encapsulated in the 'default' node. 2) Everything in 'default' resolves and is complete before anything in 'web' or 'db' is done. This means I don't have to go crazy about 'requires' and 'notify' for these resources. They're already done. So: What do I do instead which handles the two features? I could easily build a new class with everything in the default node... But that fails the second piece. I'd have to build a nasty anchor pattern in every node to ensure that everything in default resolves first... which is ugly. Thoughts? -Jason -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com mailto:puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAChvjRCug_eX3PY41WH56yrfTM08QO35UJjteMKWzpsPDgQ0HA%40mail.gmail.com https://groups.google.com/d/msgid/puppet-users/CAChvjRCug_eX3PY41WH56yrfTM08QO35UJjteMKWzpsPDgQ0HA%40mail.gmail.com?utm_medium=emailutm_source=footer. For more options, visit https://groups.google.com/d/optout https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/827E7F2B-1B22-4895-9DF9-EDCFCB2290BF%40gmail.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] defined types question
I'm fooling around with some defined types and am struggling a little. The following is just a small example of what I'm doing while I work it out: #/etc/puppet/modules/testmodule/manifests/init.pp define testmodule ( $message ){ testmodule::down { ${name}: message = test message for ${name}, } } #/etc/puppet/modules/testmodule/manifests/down.pp define testmodule::down ( $message = This is a test, ){ notify { $name: message = $message } } And I'm calling it like: testmodule { $filename: message = $message, } I have it included in my site.pp but I keep getting this: Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not find class testmodule for puptest.ironmountain.com on node puptest.ironmountain.com Warning: Not using cache on failed catalog Error: Could not retrieve catalog; skipping run Google provides no solutions to this that I've been able to discover thus far. Any help would be appreciated. I'm sure it's some lack of understanding on my part. Thanks! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/49c49996-f353-48c7-89fd-3b5f1fe8c295%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Re: many agents connecting at same time and 100+ nodes failed.
It's only drastic if you're worried about not having your machines' logs in the same log file at the same time (because you log locally). 100 machines is as good a time to start logging non-locally as any. If anybody didn't want to get that drastic, they could always $rotateminute = 0 + fqdn_rand(10, $::fqdn puppet log rotation) but of course that only scales so high. Digging in further, the logrotate fragment sends a sigusr2 to a puppet master but then runs /etc/init.d/puppet reload for the agent, which sends a sighup to the puppet process. Rather than messing with splay time or logrotate time, perhaps it's better to modify the logrotate stanza to send the puppet agent a sigusr2 rather than a sighup? Or is it better to restart the agent nightly regardless? Or break those two jobs out, considering the effect on a puppet master of a large fleet checking in? There's probably a stack of YMMV here. https://docs.puppetlabs.com/references/latest/man/agent.html#DIAGNOSTICS On Fri, Jan 09, 2015 at 02:39:11PM +0100, Felix Frank wrote: Randomizing the time of logrotation as a workaround for this particular issue seems drastic to me. https://docs.puppetlabs.com/references/latest/configuration.html#splay This may do the trick. Cheers, Felix On 01/08/2015 08:27 PM, Christopher Wood wrote: Yes it does, and that's something that you would configure to not happen at the same time (with fqdn_rand, or better, remote syslog). https://docs.puppetlabs.com/references/latest/function.html#fqdnrand I found some irritating hitches with running through a cut-down environment using mcollective (plugin re-sync, usual hiccoughs with mcollective in our environment), plus popular opinion here did not support adding to our lengthy list of cron jobs. Long story short, we are still running the puppet agent as a daemon. Which you would pick still depends on what criteria you are aiming for. On Thu, Jan 08, 2015 at 04:40:05AM -0800, Suresh P wrote: Hi All, I have found one more issue. When we install puppet agent, it creates logrotate which will kill the puppet and restart it. We have configured logroate for all the nodes at 1st minute of everday(00:01). Because of that all the node's puppet agent get reloaded at 00:01 minutes so all agents trying to connect the puppet masters at same polling interval. Regards, Suresh. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/54AFD9FF.2010606%40alumni.tu-berlin.de. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/20150109141953.GA24655%40iniquitous.heresiarch.ca. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: Using http_proxy environment variable
Hi, with these options set, puppet itself tries to connect to the puppetmaster through a proxy (which is not what i want). I still get errors like these: err: /Stage[main]/Cmm_logstash/Apt::Source[logstash-forwarder]/Apt::Key[Add key: D27D666CD88E42B4 from Apt::Source logstash-forwarder]/Apt_key[Add key: D27D666CD88E42B4 from Apt::Source logstash-forwarder]/ensure: change from absent to present failed: Execution of '/usr/bin/apt-key adv --keyserver subkeys.pgp.net --recv-keys D88E42B4' returned 2: Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /tmp/tmp.h8Isn1SBA4 --trustdb-name /etc/apt//trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyring /etc/apt/trusted.gpg.d//debian-archive-jessie-stable.gpg --keyring /etc/apt/trusted.gpg.d//debian-archive-squeeze-automatic.gpg --keyring /etc/apt/trusted.gpg.d//debian-archive-squeeze-stable.gpg --keyring /etc/apt/trusted.gpg.d//debian-archive-wheezy-automatic.gpg --keyring /etc/apt/trusted.gpg.d//debian-archive-wheezy-stable.gpg --keyserver subkeys.pgp.net --recv-keys D88E42B4 gpg: requesting key D88E42B4 from hkp server subkeys.pgp.net gpg: keyserver timed out gpg: keyserver receive failed: keyserver error This is because the /usr/bin/apt-key command can't connect to the keyserver without the proxy. Am Donnerstag, 8. Januar 2015 14:41:21 UTC+1 schrieb jcbollinger: On Wednesday, January 7, 2015 3:28:30 PM UTC-6, Kai Timmer wrote: Hello, I have to use a proxy to connect to the internet. My puppet works fine when I call it manually as root (with http_proxy set). But the normal agent doesn't seem to use the proxy. I always get a timeout when I try to get a pgp key. Getting the package itself works fine (but I guess thats because I configure apt to use the proxy and puppet just calls apt-get). How do I make the puppet agent use my environment variables? The system does not use root's shell environment for starting services, but you could alter the service control script to set the wanted environment variables. Alternatively, you could schedule agent runs via cron instead of running the agent as a service, and set the environment variables via cron's facilities for doing so. For this particular task, however, you should probably set the 'http_proxy_host' and 'http_proxy_port' parameters in your Puppet configuration (or via the command line). John -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/c8cb1847-3c79-4f10-a761-fd2a65d83d16%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] Re: many agents connecting at same time and 100+ nodes failed.
Randomizing the time of logrotation as a workaround for this particular issue seems drastic to me. https://docs.puppetlabs.com/references/latest/configuration.html#splay This may do the trick. Cheers, Felix On 01/08/2015 08:27 PM, Christopher Wood wrote: Yes it does, and that's something that you would configure to not happen at the same time (with fqdn_rand, or better, remote syslog). https://docs.puppetlabs.com/references/latest/function.html#fqdnrand I found some irritating hitches with running through a cut-down environment using mcollective (plugin re-sync, usual hiccoughs with mcollective in our environment), plus popular opinion here did not support adding to our lengthy list of cron jobs. Long story short, we are still running the puppet agent as a daemon. Which you would pick still depends on what criteria you are aiming for. On Thu, Jan 08, 2015 at 04:40:05AM -0800, Suresh P wrote: Hi All, I have found one more issue. When we install puppet agent, it creates logrotate which will kill the puppet and restart it. We have configured logroate for all the nodes at 1st minute of everday(00:01). Because of that all the node's puppet agent get reloaded at 00:01 minutes so all agents trying to connect the puppet masters at same polling interval. Regards, Suresh. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/54AFD9FF.2010606%40alumni.tu-berlin.de. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Concatinating hashes
Hello, given the following datastructure i want to create a resolv.conf file dns: nameservers: '3': 10.200.1.230 '4': 10.200.1.231 ... search: cust0: a41mgt.local all-for-one.local cust1: A4T.local .. for the nameserver list it is easy to itaerate over the list calling a defined type with a concat resource. the search list gives me headache because i need to concatinate a string from it. a41mgt.local all-for-one.local A4T.local ... any ideas ? Thanks -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/2b2a3b34-1120-4d61-bfd6-caae6f6b0303%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Override facts from facter
Hi I'm trying to override a fact from facter 2.3, called partitions with a custom version of this fact, via pluginsync. The problem is that the base file in /var/lib/puppet/lib/facter/partitions.rb, just like it's facter brother in /usr/lib/ruby/vendor_ruby/facter/partitions.rb has a require 'facter/util/partitions' and this require seems to me that, no matter what I do, try to includes other ruby files from /usr/lib/ruby/vendor_ruby/ and not /var/lib/puppet/lib/, even if I run facter -p. What's the correct way to override via pluginsync an already existing and complex fact like partitions ? I'm already specifying has_weigth 100 in /var/lib/puppet/lib/facter/partitions.rb because otherwise it wouldn't even consider my custom version, but it stops there. Thanks! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAKsfaEaENV0TSCwEO8uRQTGaitDjRFSeRPeVz_N%3DTqNhoeMWSQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.