Re: [Puppet Users] apache::vhost add prefix to logfiles
Denny,
Which apache module are you using?
— cwebber
On Oct 24, 2014, at 12:32 AM, Denny nomoresecr...@gmail.com wrote:
Hi there,
this is - for sure - pretty easy to solve but I'm a bit stuck right now...
I want to add a prefix to my apache-vhost access and error logs depending on
what kind of application is installed on this vhost
Right now my config looks something like this:
apache::vhost { 'vhost.example.com':
port= '80',
docroot = '/var/www/html/someprettywebsite',
serveradmin = 'dontcal...@example.com',
}
which produces two log files:
/var/log/http/vhost.example.com_error.log
/var/log/http/vhost.example.com_access.log
but what I want is something like:
/var/log/http/wordpress_vhost.example.com_error.log
/var/log/http/wordpress_vhost.example.com_access.log
I've tried things like the example below, but didn't work :(
apache::vhost { 'vhost.example.com':
port= '80',
docroot = '/var/www/html/someprettywebsite',
serveradmin = 'dontcal...@example.com',
access_log_file = wordpress_${access_log_file},
}
Any suggestions are welcome,
Denny
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com
mailto:puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/0931-1ab3-462a-9441-2ded4a79a879%40googlegroups.com
https://groups.google.com/d/msgid/puppet-users/0931-1ab3-462a-9441-2ded4a79a879%40googlegroups.com?utm_medium=emailutm_source=footer.
For more options, visit https://groups.google.com/d/optout
https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/F2F5CF40-208B-4A8D-9F94-5FB6DF89B27E%40gmail.com.
For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] apache::vhost add prefix to logfiles
Ok,
So when you call `access_log_file = “wordpress_${access_log_file}”` puppet is
pulling $access_log_file from the scope in which you called apache::vhost what
you probably want to do is something like:
$vhost_name = ‘vhost.example.com'
$vhost_type = ‘wordpress’
apache::vhost {$vhost_name:
port= 80,
docroot = /var/www/html/${vhost_name}”,
serveradmin = ‘ihazem...@mail.com’,
access_log_file = “${vhost_type}_${vhost_name}_access.log”,
error_log_file = “${vhost_type}_${vhost_name}_error.log”
}
On Oct 24, 2014, at 5:17 AM, Denny nomoresecr...@gmail.com wrote:
puppetlabs-apache (v1.1.1)
Am Freitag, 24. Oktober 2014 13:35:23 UTC+2 schrieb cwebber:
Denny,
Which apache module are you using?
— cwebber
On Oct 24, 2014, at 12:32 AM, Denny nomore...@gmail.com javascript:
wrote:
Hi there,
this is - for sure - pretty easy to solve but I'm a bit stuck right now...
I want to add a prefix to my apache-vhost access and error logs depending on
what kind of application is installed on this vhost
Right now my config looks something like this:
apache::vhost { 'vhost.example.com http://vhost.example.com/':
port= '80',
docroot = '/var/www/html/someprettywebsite',
serveradmin = 'dontc...@example.com javascript:',
}
which produces two log files:
/var/log/http/vhost.example.com http://vhost.example.com/_error.log
/var/log/http/vhost.example.com http://vhost.example.com/_access.log
but what I want is something like:
/var/log/http/wordpress_vhost.example.com_error.log
/var/log/http/wordpress_vhost.example.com
http://vhost.example.com/_access.log
I've tried things like the example below, but didn't work :(
apache::vhost { 'vhost.example.com http://vhost.example.com/':
port= '80',
docroot = '/var/www/html/someprettywebsite',
serveradmin = 'dontc...@example.com javascript:',
access_log_file = wordpress_${access_log_file},
}
Any suggestions are welcome,
Denny
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users...@googlegroups.com javascript:.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/0931-1ab3-462a-9441-2ded4a79a879%40googlegroups.com
https://groups.google.com/d/msgid/puppet-users/0931-1ab3-462a-9441-2ded4a79a879%40googlegroups.com?utm_medium=emailutm_source=footer.
For more options, visit https://groups.google.com/d/optout
https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com
mailto:puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/298497a4-6140-4c52-b544-9c2a2c74b58c%40googlegroups.com
https://groups.google.com/d/msgid/puppet-users/298497a4-6140-4c52-b544-9c2a2c74b58c%40googlegroups.com?utm_medium=emailutm_source=footer.
For more options, visit https://groups.google.com/d/optout
https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/2B21DE26-29DC-45A9-AEFF-A213970EFF48%40gmail.com.
For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] apache::vhost add prefix to logfiles
Maybe do something with create_resources and hiera? It has been a while since I
have done it so I don’t have code handy but it is worth looking at.
— cwebber
On Oct 24, 2014, at 5:41 AM, Denny nomoresecr...@gmail.com wrote:
thanks, but this would be far to much work for like 100 vhosts, which I want
to sort into 2-3 groups of vhosts
in fact, it's probably easier to put them into different directories
Am Freitag, 24. Oktober 2014 14:27:47 UTC+2 schrieb cwebber:
Ok,
So when you call `access_log_file = “wordpress_${access_log_file}”` puppet
is pulling $access_log_file from the scope in which you called apache::vhost
what you probably want to do is something like:
$vhost_name = ‘vhost.example.com http://vhost.example.com/'
$vhost_type = ‘wordpress’
apache::vhost {$vhost_name:
port= 80,
docroot = /var/www/html/${vhost_name}”,
serveradmin = ‘ihaz...@mail.com javascript:’,
access_log_file = “${vhost_type}_${vhost_name}_access.log”,
error_log_file = “${vhost_type}_${vhost_name}_error.log”
}
On Oct 24, 2014, at 5:17 AM, Denny nomore...@gmail.com javascript: wrote:
puppetlabs-apache (v1.1.1)
Am Freitag, 24. Oktober 2014 13:35:23 UTC+2 schrieb cwebber:
Denny,
Which apache module are you using?
— cwebber
On Oct 24, 2014, at 12:32 AM, Denny nomore...@gmail.com wrote:
Hi there,
this is - for sure - pretty easy to solve but I'm a bit stuck right now...
I want to add a prefix to my apache-vhost access and error logs depending
on what kind of application is installed on this vhost
Right now my config looks something like this:
apache::vhost { 'vhost.example.com http://vhost.example.com/':
port= '80',
docroot = '/var/www/html/someprettywebsite',
serveradmin = 'dontc...@example.com ',
}
which produces two log files:
/var/log/http/vhost.example.com http://vhost.example.com/_error.log
/var/log/http/vhost.example.com http://vhost.example.com/_access.log
but what I want is something like:
/var/log/http/wordpress_vhost.example.com http://example.com/_error.log
/var/log/http/wordpress_vhost.example.com
http://vhost.example.com/_access.log
I've tried things like the example below, but didn't work :(
apache::vhost { 'vhost.example.com http://vhost.example.com/':
port= '80',
docroot = '/var/www/html/someprettywebsite',
serveradmin = 'dontc...@example.com ',
access_log_file = wordpress_${access_log_file},
}
Any suggestions are welcome,
Denny
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users...@googlegroups.com .
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/0931-1ab3-462a-9441-2ded4a79a879%40googlegroups.com
https://groups.google.com/d/msgid/puppet-users/0931-1ab3-462a-9441-2ded4a79a879%40googlegroups.com?utm_medium=emailutm_source=footer.
For more options, visit https://groups.google.com/d/optout
https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users...@googlegroups.com javascript:.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/298497a4-6140-4c52-b544-9c2a2c74b58c%40googlegroups.com
https://groups.google.com/d/msgid/puppet-users/298497a4-6140-4c52-b544-9c2a2c74b58c%40googlegroups.com?utm_medium=emailutm_source=footer.
For more options, visit https://groups.google.com/d/optout
https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com
mailto:puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/15880dcf-6fb8-495d-a12b-b601ea5afa5f%40googlegroups.com
https://groups.google.com/d/msgid/puppet-users/15880dcf-6fb8-495d-a12b-b601ea5afa5f%40googlegroups.com?utm_medium=emailutm_source=footer.
For more options, visit https://groups.google.com/d/optout
https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/45BC828E-0F19-45FA-9C97-3CD6A59B4F6F%40gmail.com.
For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] How can Puppet query from Sybase - Facter or Hiera?
Assuming the libraries to connect to sybase from ruby exist… you could just
write a custom function.
https://docs.puppetlabs.com/guides/custom_functions.html
https://docs.puppetlabs.com/guides/custom_functions.html
so basically you want to do something like:
$workgroup = sybase_workgroup($::hostname)
case $workgroup {
‘A’: {
$template = template(‘modulename/A/template.erb’)
}
‘B’: {
$template = template(‘modulename/B/template.erb’)
}
default: {
$template = template(‘modulename/default/template.erb’)
}
}
And then the custom function would do something like
require ‘an_sybase_library’
module Puppet::Parser::Functions
newfunction(:sybase_workstation) do |args|
db = sybase_db_connection
result = db.query(“SELECT workgroup FROM workgroups WHERE
hostname = ‘#{args[0]}’”)
result[‘workgroup’]
end
end
Totally full of pseudo code, but that hopefully makes sense.
— cwebber
On Oct 21, 2014, at 7:20 AM, Stella stellatian1...@gmail.com wrote:
Hi Johan,
Thank you very much for the information.
I am not using the machine information from Sybase to do node classification
in puppet. My node classification is done by Puppet Dashboard.
My Sybase database doesn't contain any puppet class information. It contains
the hostname and the workgroup the host belongs to. What I want to return
from my database query is: given a hostname, please tell me which workgroup
it belongs to, then based on the workgroup value, my puppet class will decide
which template to apply to this host.
That's why I think a custom fact might do this job: I will define a custom
fact, which will get hostname and then connect to Sybase to determine this
host's workgroup. I actually already have the perl script to do this job, but
need to convert it to Ruby scirpt (puppet fact is defined in Ruby).
I am still doing research to find out what is the best approach. Will let you
know.
Thanks,
Stella
On Monday, October 20, 2014 5:36:50 PM UTC-4, Johan De Wit wrote:
Hi Stella,
my first thought goes to implement a ENC script. Since you are already
keeping inventory data in a database, you could keep everything in one place.
If it is possible to add puppet support, in practice, make it possible to
assign puppet classes to your nodes in your sybase setup.
If that is not possible, I would look at a hiera backend getting the info
from your sybase database.
Keep in mind that it is the puppet master that needs the info from your
sybase database, so facts is not really an option.
(technically you can, but then every node needs access to your database, but
your master can get the needed info also, only keep in mind your master
identifies the nodes with the 'clientcert' or 'certname'.
Personally, I would go for the ENC first place, hiera in second, but facts is
a no-go.
hth a bit
jo
On 20/10/14 19:27, Stella wrote:
Hi,
I am using Puppet 3.62. Trying to figure out what is the best way to connect
to my sybase database to query machine information.
Which is better:
1. Define facts that will connect to my sybase and do the query.
2. Use Hiera to connect to my sybase and do the query.
Anyone has any example to share?
Thanks!
Stella
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users...@googlegroups.com javascript:.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/69fa9702-708a-442c-803c-1b3bead7ab2f%40googlegroups.com
https://groups.google.com/d/msgid/puppet-users/69fa9702-708a-442c-803c-1b3bead7ab2f%40googlegroups.com?utm_medium=emailutm_source=footer.
For more options, visit https://groups.google.com/d/optout
https://groups.google.com/d/optout.
--
Johan De Wit
Open Source Consultant
Red Hat Certified Engineer (805008667232363)
Puppet Certified Professional 2013/2014 (PCP006)
_
Open-Future Phone +32 (0)2/255 70 70
Zavelstraat 72 Fax +32 (0)2/255 70 71
3071 KORTENBERG Mobile+32 (0)474/42 40 73
BELGIUM http://www.open-future.be
http://www.open-future.be/
_
Upcoming Events:
Puppet Introduction Course |
http://www.open-future.be/puppet-introduction-course-13th-october
http://www.open-future.be/puppet-introduction-course-13th-october
Puppet Practitioner Training |
http://www.open-future.be/puppet-practitioner-former-puppet-advanced-training-14-till-16th-october
Re: [Puppet Users] Applying exec only 1x - Dell OMSA setup
The simplest way is to add a `creates` parameter for the binary or directory the installer creates. -- cwebber On Sep 28, 2014, at 18:26, JonY ethrbu...@gmail.com wrote: My instructions for setting up the repo and such for Dell OpenManage start with this command wget -q -O - http://linux.dell.com/repo/hardware/latest/bootstrap.cgi | bash. It turns out the .cgi file has some cumbersome logic in it to determine OS and so forth - more so than I want to implement in a module. So my question is - what's the proper way to apply this exec only once? I've used the 'depend on changes to a dummy file' to limit execs in the past but this seems like a real kludge. Similarly - what's a better way to run this command (or achieve the same end result)? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/d8c1027d-029b-441c-a12d-fd6404971bcd%40googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/3B3D576B-D1B4-4231-8966-1C818A3841B0%40gmail.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Announce Only List
Is there an announce only list for Puppet at this point? -- cwebber -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: A working firewall module
I have been working on doing something similar to this. We want to abstract for multiple OS's and deal with the joy that is Solaris zones. Essentially, it will be a resource that defines the fw rules in XML and then a script takes all of those definitions and creates a complete set of firewall rules. I am waiting to hear back on our code release policy to see what it takes to release it once I am done. -- cwebber On Jul 10, 2011, at 12:32 PM, Alessandro Franceschi wrote: FYI I don't know it it may be useful , but I've done this: https://github.com/example42/puppet-modules/tree/master/iptables which can be used in 2 ways: - a standard iptable-save approach (set $iptables_config = file before to enable it) with rules file defined in https://github.com/example42/puppet-modules/blob/master/iptables/manifests/file.pp (here you have to add source or content arguments to mange it with static files or templates according to your need) - an automatic way (default option when you include the module) that dymanically builds iptables rules according to the modules you include and the iptables related variables you set (see the README) This actually works if you use the Example42 modules (or at least the firewall defines included in each one). It's quite nice to see it working adding or removing dynamically but, I must admin, is a bit resource intensive (a puppet resoutce for each dymanic rule). Regards Al @ Lab42 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/KSn4hF687gQJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Git Workflow
We have a single master branch and then check various branches out into dev. I wrote up an article about how our env works a few months back. It may be useful to look at. https://cwebber.ucr.edu/2011/03/multiple-environments-in-puppet/ My guess is that eventually we will have multiple dev environments to allow different things to go on at once. --cwebber On 5/3/11 9:16 AM, Stefan Schulte stefan.schu...@taunusstein.net wrote: Hi, I would like to know how your workflow looks like when you're writing manifests. Currently we have the following construct: * 1 git repository with all modules * 3 git branches: dev, staging, prod * 3 puppet environments: dev, staging, prod The modulepath of each environment is a checkout of the corresponding branch. Writing/Editing manifests only happens in dev. If you're done you commit your work to a central repo. If dev is somewhat stable it is merged into staging (fast-forward-merge) etc. This comes with a few problems: * If all your systems are running prod and you change something big (e.g. new filesystem layout) you only have too options: Change all your machines to follow the new standard or take the machines you cannot change out of puppet control. * There are changes I make in dev that I want to take immediate effect. Example: Deploy the SSH-Key of a new employee to all machines. I can add the key in dev and then cherry-pick the commit in the other branches but I'm not yet sure if that is really a good idea. So how do you use environments and branches? One Repository for each module or one repository for all modules? Do you use git tag to tag certain revisions? Do you run your servers agains different releases of your manifests or do you just have one prod environment? -Stefan -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Testing changes before deployment
I actually wrote up a post about using multiple environments for this purpose. It includes the process flow chart as well. http://cwebber.ucr.edu/2011/03/multiple-environments-in-puppet/ --cwebber On 3/22/11 2:10 PM, Thomas Bellman bell...@nsc.liu.se wrote: Giovanni Bordello wrote: But what if I need to do a web-server specific change? And then Mail-server specific change? If I had only one test client machine I would have to reinstall it every time I needed to do verify a change for a different group of servers. That's hardly a way to go. There must be a better approach. How do you guys test puppet changes before they go live? First of all, we do have multiple environments, so we can test new versions of the manifests before taking them into production. There is of course the an environment named production which clients are usually running from. Then each sysadmin has their own personal environment, and some of us have multiple personal environments. We do our changes in our personal environment, test them, and when we feel they are ready, we push them to the central Git repository, and then do a 'git pull' in the production environment. I highly recommend this. Our approach to test machines vary a bit depending on how extensive, invasive and risky changes we are making. If I'm doing something small and simple, like adding a member to a mail alias on the email server, I just do that, commit, push, pull and let puppetd on the email server do its job. (Since I only run puppetd every fourth hour, not every thirty minutes, I might do a manual run of puppetd to apply my change quicker.) For somewhat larger changes, but changes where I feel the risk of actually harming the server is very low, I would first run puppetd manually in no-op mode on the live client against my environment. If that looks okay, I will then run puppetd again and let it do its changes, and then I test that my changes work as I intended. If they don't, then I revert them (usually manually), and go back to fixing my manifests. When the risk gets higher, or if I think something will take me some time to implement, I install a test server. That will usually be a Xen guest. I make a new node definition in my manifests that is a copy of the real server I want to change, except that it has different hostname, IP address, and MAC address. Then I install CentOS on that with kickstart (ca 5 minutes), and run Puppet on it (less than 15 minutes). I have Puppet generate Xen config files and a kickstart file for the test machine on the Xen host, so it is fairly painless. I do need to manually create the LVM volumes for the virtual disks, but all in all I can easily have a clone of server up and running in 30 minutes, including adding the test machine to DNS and DHCP, installing OS on it and running Puppet on it. When I have my test server up and running, I do all my testing on that. When I'm close to finished with extensive changes, I often re-install my test server from scratch to check that everything really works. Often I find that they don't (typically some missed dependencies) and have to fix that, and then I do a new re-install. Since virtual servers are fairly cheap (and I can often give them less CPU, memory and disk than the real server needs), I sometimes have several such test servers running, if I am doing work on several different features at the same time. (That would typically be because I started on doing something, then some other change with higher priority came up and I had to put my original work aside for a few days or weeks.) Where the limit is for something you dare test directly on live production servers, would vary between organisations. We can usually tolerate the occasional unplanned downtime if they are short enough, so I probably have a higher threshold than many others before I install a separate test machine. But regardless of how high risks you can take with your production machines, I heartily recommend that you make it easy to create and install test machines. Virtualization is really nice for that. /Bellman -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Exported Resources and Environments
I am running 0.24.8 clients and a 2.5.5 master. When I moved to separate environments I noticed that the exported resources did not respect environment boundaries. For example, an exported nagios_host resource that was exported by a node in the dev environment showed up in the production nagios config. Is this a feature or a bug? I can see it going both ways but don¹t want to take advantage of this situation if that is not the case. Does this same situation exist in 2.6.x? Thanks. -cwebber -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] FYI: Mac Configuration Management at the Los Alamos National Laboratory white paper
I went to download this and it returned a 404. Is it still available somewhere? -- cwebber On Jun 4, 2010, at 4:59 PM, Marcus, Allan B wrote: Here's a white paper you may be interested in. The Los Alamos National Laboratory (LANL) had a need for central configuration management of non-Windows computers. LANL has three to five thousand Macs and an equal number of Linux based systems. The primary goal was to be able to inventory all non-windows systems and patch Mac OS X systems. LANL examined a number of commercial and open source solutions and ultimately selected Puppet. This paper will discuss why we chose Puppet, how we implemented it, and some lessons we learned along the way. http://www.afp548.com/filemgmt/index.php?id=108comments=1 --- Thanks, Allan Marcus 505-667-5666 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Apache load balancing problem with 0.25.0
Was a solution to this issue ever found? I just upgraded my puppetmaster to
0.25.5 and the only client that is having issues is the only client running
0.25.5.
-- cwebber
On Sep 9, 2009, at 1:14 PM, martin wrote:
On Sep 9, 5:35 pm, Martin Englund martin.engl...@sun.com wrote:
Inspecting the code where it fails makes me scratch my head (code
included at the bottom). The variable format is, according to the
error message, text/html - but that should have matched then when
clause %r{\w+/\w+}.
I'm one step closer: I've figured out that mime(text/html) returns
nil, so now I need to figure out how to get my apache reverse proxy to
let puppetd know it accepts yaml, marshal, raw json...
cheers,
/Martin
puppet/network/format_handler.rb:
# Return a format name given:
# * a format name
# * a mime-type
# * a format instance
def self.format_to_canonical_name(format)
case format
when Puppet::Network::Format
out = format
when %r{\w+/\w+}
out = mime(format)
else
out = format(format)
end
raise ArgumentError, No format match the given format name or
mime-type
(%s) % format if out.nil?
out.name
end
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Possible options to transfer information from nodes to master?
This is what facter is used for. This should get you started. http://docs.puppetlabs.com/guides/custom_facts.html -- cwebber On Apr 7, 2010, at 6:57 AM, Tore wrote: What options does puppet provide to transfer information back to puppetmaster? I just wrote a quick manifest to create files on the puppetmaster based on information from the nodes: http://pastebin.com/MyurwLrE Then it struck me, this wont work at all since (of course) the configuration is compiled locally on the master, then transfered to the nodes. Hence, all files would have the same content, but different names. I'm little stuck here, what options do I have to solve this problems? I have a few cases where just retrieving file X from all nodes would be excellent, e.g. httpd.conf, just to diff them locally to verify that no differences is present, before adding a manifest for handling that file. Does puppet have anything in stock for me here? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Firewall between master and client?
No. The client pulls down the config, initiating the session. -- cwebber On Nov 19, 2009, at 7:12 AM, JoE wrote: I understand that puppet needs port 8140 tcp/udp open for server and client. Will puppet work if a firewall is set up between these two hosts that only allows traffic from the server to the client (server - client), or is two communication required? Thanks for the help, -JoE -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl= . -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=.
[Puppet Users] Re: Multihomed puppet-server Multidomain SSL Problem
I would love to see an answer to this as well. I have basically ended up just adding an entry to /etc/hosts to make it possible to connect to the secondary interface. -- cwebber On Nov 13, 2009, at 6:40 AM, Hubert Krause wrote: Hello List, I have a problem with the CA on my Puppetmaster. This Puppetmaster is connected to different Networks with different sub domainnames. The Puppet clients connecting via different Interfaces. There is no routing between subnets. Only one subnet can connect successfully. This is because the subject in the Certificate is the name of this subnet. All other clients get: Could not retrieve catalog: Certificates were not trusted: hostname not match with the server certificate If I use just the hostname, no client can connect successfully. It seems to be, that there is allways the need for a single fqdn. The puttemaster is served via Passenger and Apache2. Is there a way to use the nice to use puppetca tool in this szenario or do I have to provide as much CAs as I have subnets and do cert signing by hand? Or is there another solution? Any hints will be very welcome. Cheers, Hubert -- Hubert Krause Risk Fraud Division INFORM GmbH, Pascalstraße 23, 52076 Aachen, Germany Phone: +49 24 08 - 94 56 188 E-Mail: hubert.kra...@inform-ac.com, Web: http://www.inform-ac.com INFORM Institut fuer Operations Research und Management GmbH Registered AmtsG Aachen HRB1144 Gfhr. Adrian Weiler --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Opensolaris: beyond zones
We treat zones like normal nodes for the most part. There is a separate base class that is zone specific but otherwise we don't do things any differently. -- cwebber On Nov 12, 2009, at 8:28 AM, windowsrefund wrote: Getting past zone creation, I'm curious to know how people are managing zone-specifics like users, packages, and services. Looking forward to this thread... Adam --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Opensolaris: beyond zones
Yes. -- cwebber On Nov 12, 2009, at 8:55 AM, windowsrefund wrote: On Nov 12, 11:32 am, Christopher Webber kgbbelm...@gmail.com wrote: We treat zones like normal nodes for the most part. There is a separate base class that is zone specific but otherwise we don't do things any differently. So each zone runs a puppet client? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Workstations and Certs
I am currently working on doing a very similar thing with kickstart. There are two ways you can deal with the hostname... have PHP do an nslookup for the ipaddress that is connecting (prefered for security reasons), or just pass it as an argument to the PHP script. Chris On Jul 3, 2009, at 6:12 AM, Gary Larizza wrote: I love where this thread is going, I too share in this problem. Kurt: Puppet is still being run on the client because the client is using a cached config (am I right on this guys?). I love the scripted ssh key, but ALSO love the PHP script that could be CURL-ed from the client. Will a PHP script be able to capture the hostname of a connecting client? From there, the php script could call puppetca to clean the cert and create a new one...would this be cleaner than bundling a cert with your base-image? Unfortunately, I'm not that versed in PHP to hash a script out from scratch. Does anyone have a rough outline that we could steal? -Gary --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: Using Puppet on Machines Where I Don't Have Root?
Run puppet --genconfig and find all the parameters that would need to be changed to make it work. Most if not all of the important stuff can be modified by either args to puppet/d or via the puppet.conf Chris On May 26, 2009, at 10:53 PM, Brian Ferris wrote: I understand that I can only edit files where permissions allow. But can I run puppet without a puppet user? Basically, after reading over the documentation, I noticed a number of references to users (puppet) and paths (/var/...) that puppet needs to run that I won't be able to create / have access to because I don't have root on the boxes. But I didn't see any obvious command lines options / config settings for changing those users and paths. I understand if this is not how puppet was designed to be used, but I figured I'd give it a shot. On Tue, May 26, 2009 at 10:19 PM, RijilV rij...@riji.lv wrote: 2009/5/26 Brian Ferris bdfer...@gmail.com: I'd like to use puppet to manage configuration files on a couple of machines. The catch is that I don't have root on these machines. Is this possible? What kind of issues am I going to run into? well you can do anything with puppet the user you're running it as has permissions to do. So if your user is allowed to manage whatever configuration files you're looking to manage, then sure. If you want to manage a resource that's not owned by your user, then puppet can't help you with your privilege esclation needs. .r' --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
