Re: [Puppet Users] Re: subscribing a service to multiple files ?
service { httpd:
subscribe = [File['one'],File['two']],
}
should work
Luke
On Jul 20, 2010, at 08:10 EDT, Tore wrote:
You could also do:
class httpd {
...
file { '/etc/monit.d/httpd.conf':
...
notify = Service['monit']
}
}
But I would rather do it on the service, since then you can with ease
read one line to find out what that service response to.
On 16 Jul, 18:48, phrawzty phraw...@gmail.com wrote:
Hello,
I am currently expanding on the Monit recipes that are available on
the Wiki (as well as github). One of the oft-used features of Monit
is the ability to load arbitrary configuration files at runtime (i.e.
include /etc/monit.d/*.conf). This seems like it could be a good fit
for integrating service configs with their respective Monit configs in
Puppet ; however, consider the following :
class httpd {
...
file { '/etc/monit.d/httpd.conf':
...
}
}
class monit {
file { '/etc/monit.conf':
...
}
service { 'monit':
subscribe = File[/etc/monit.conf]
...
}
}
The problem here is that Monit only reads its config files when it is
(re)started ; based on the subscribe relationship described above,
Monit will be restarted when /etc/monit.conf changes, but not when /
etc/monit.d/httpd.conf changes (or appears for the first time, as the
case may be).
Thus the question : is it possible / advisable to subscribe a service
to multiple files, and if so, how would it be done ?
Alternatively, i may be taking entirely the wrong approach here, in
which case the question would be : what would be the best way to
trigger a Monit reload from outside of the Monit class ? Would it be
advisable to, for example, define a service-subscribe relationship in
every class that has a Monit config file (i imagine scoping is an
issue here).
Thank you all for your time and consideration on this topic.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] tidy -- ignoring sockets?
On Mar 14, 2010, at 18:37 EDT, Luke Kanies wrote: On Feb 26, 2010, at 12:07 PM, Alan Sparks wrote: I've a tidy resource for /tmp under 0.24.8, which throws errors each run due to a socket file created by xfs under /tmp/.font-unix/. It's relatively harmless, but it fills the logs with error messages... /var/log/messages.4:Jan 31 04:01:34 vm03 puppetd[15362]: (//Node[vm03]/Tidy::Olderthan[/tmp]/Tidy[/tmp/.font-unix/fs7100]/ensure) change from /tmp/.font-unix/fs7100(age)1264176925 to anything failed: Cannot tidy files of type socket Since tidy does not have a parameter for directories or files to ignore, and there's no option to specify the types of files to consider, is there any way short of hacking the code to eliminate these errors? I don't think so. I basically threw that failure in there because I wasn't sure what the behaviour should be for anything other than the standard file types. It'd be pretty easy to fix tidy to behave appropriately if you can describe how it should actually behave. I know for the particular case of /tmp, I would want it to remove any type of file it could encounter. Off hand, I cannot think of a situation where I would be using tidy that I would not want to either be able to filter for a specific file type and only filter that type, or would want to tidy everything. Luke -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: other end went away leads to multiple report mails
On Mon, Dec 7, 2009 at 2:27 AM, Peter Meier peter.me...@immerda.ch wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The base of the code is something like:
require puppet
require yaml
require find
Puppet[:config] = /etc/puppet/puppet.conf
Puppet.parse_config
Puppet[:name] = puppetmasterd
Puppet::Node::Facts.terminus_class = :yaml
File.find(/var/puppet/reports) do | report |
next if FileTest.directory?(report)
thisreport = open(report) { |fh| YAML::load(fh) }
print Host: + thisreport.host
reporttime = File.stat(report).mtime.to_i # seconds since epoch...
thisreport.logs.each do |log|
# Whatever you want to find out about each message...
end
File.unlink(report) # If you don't need them anymore...
end
would be nice to have such a working example in ext/
I agree, a working example would be awesome.
Luke
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Multiple environments
I just had to set the environment variable in the puppet.conf file before
starting the puppetd daemon. Then in each class I use that variable to
determine what happens, for example
file { smtpd.conf:
owner = root,
group = root,
mode= 600,
source = $environment ? {
preproduction = puppet:///,
test= ,
production = ,
},
}
or in other classes, I have if/else blocks based on the $environment variable.
I am in the 0.24.8 version that EPEL has though, not 0.25.x
Luke
On Nov 12, 2009, at 19:30 EST, Scott wrote:
Is anyone using multiple environments? Can someone at least tell me
what they did to get it working?
Thanks,
Scott
On Nov 12, 6:53 am, Scott scott...@gmail.com wrote:
So I'm trying to get multiple environments to work with puppet 0.25.1
on ubuntu 8.04 and no matter what I do, puppet just completely ignores
any environment setting. There's really next to no information in
terms of configuration on the multiple environments documentation page
(http://reductivelabs.com/trac/puppet/wiki/UsingMultipleEnvironments)
other than saying that the following section should be in my
puppet.conf file:
[main]
manifest = /usr/share/puppet/site.pp
modulepath = /usr/share/puppet/modules
[development]
manifest = /usr/share/puppet/development/site.pp
modulepath = /usr/share/puppet/development/modules
There are other references on web pages and groups to an
environments setting under puppetmasterd as well as having a
default environment setting in main for the clients but I've tried
all of that and nothing works. There's also no reference at all to
any environment in debugging mode when I run puppetd --test --
environment=test -d. Am I missing something?
Here's a copy of my puppet.conf file:
[main]
vardir = /var/lib/puppet
manifest = /etc/puppet/manifests/site.pp
modulepath = /etc/puppet/modules
pluginsync = true
storeconfigs = true
#
dbadapter = mysql
dbuser = puppet
dbpassword =
dbserver = mysql.example.com
[puppetmasterd]
certname=puppet.example.com
[testing]
manifest=/etc/puppet-testing/manifests/site.pp
modulepath=/etc/puppet-testing/modules
[production]
manifest=/etc/puppet/manifests/site.pp
modulepath=/etc/puppet/modules
Cheers,
Scott
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---
[Puppet Users] removing excess permissions
Does anyone have a puppet recipe that would remove extraneous
permissions on files and directories without explicitly setting what
the permissions should be? I have an application that creates and
manipulates a bunch of temp files and directories under /tmp, and I'd
like to remove the unneeded world read and world write permissions
these files get. However, the directories should have execute
permissions that the files do not need, and I would rather not set.
I could do
file { /tmp/toplevel:
mode= 770,
recurse = true,
}
but as I said, I would rather not set the execute bit on files that do
not need it, it seems messy.
Thanks!
Luke
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---
[Puppet Users] Re: tagmail configuration
On Thu, Oct 8, 2009 at 6:14 PM, Luke Schierer luke.schie...@gmail.comwrote: I am trying to configure tagmail to send emails to different segments of the team based on the classes that are loaded. For the most part it seems to be working, but I'm having trouble with getting a rule that will send an email for everything except events related to a particular class, or those with a particular tag. In my tagmail.conf I have type1, !nolog: gro...@domain.tld type2, !nolog: gro...@domain.tld all, !noisy, !nolog: myem...@domain.tld the type1 and type2 lines appear to work as intended, but the last line doesn't. It is correctly filtering out events specifically tagged with tag = nolog, but it still sends me events from the noisy class.Any ideas on how I can filter out events from this class without tagging each element? Thanks! Luke Googling this, I found http://markmail.org/message/jib4n4bq7qmbsb4q#query:puppet%20tagmail%20exclude%20one%20class+page:1+mid:f6v5hhgl6h624xqx+state:results which seems to indicate that this behavior is considered a bug. Further investigation turns up bug #1035 in the tracker. I am sorry for failing to better research this before posting. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] tagmail configuration
I am trying to configure tagmail to send emails to different segments of the team based on the classes that are loaded. For the most part it seems to be working, but I'm having trouble with getting a rule that will send an email for everything except events related to a particular class, or those with a particular tag. In my tagmail.conf I have type1, !nolog: gro...@domain.tld type2, !nolog: gro...@domain.tld all, !noisy, !nolog: myem...@domain.tld the type1 and type2 lines appear to work as intended, but the last line doesn't. It is correctly filtering out events specifically tagged with tag = nolog, but it still sends me events from the noisy class.Any ideas on how I can filter out events from this class without tagging each element? Thanks! Luke --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: copying file from multiple sources
On Mon, Sep 28, 2009 at 3:12 PM, Luke Schierer luke.schie...@gmail.comwrote: On Fri, Sep 25, 2009 at 4:04 PM, Luke Schierer luke.schie...@gmail.comwrote: This works for my redhat 5 machines, I'm able to pull from the array of sources. However, it does n work for redhat 4 machines. If a redhat 4 machine is listed in the array, I get err: Could not call fileserver.list: #NoMethodError: prive method 'split' called for nil.NilClass err: //Node[host1]/File[/path/to/target]: Failed to generate additional resources durring transaction I am still unable to figure out why puppetd on rhel5 can pull from a puppetmaster on rhel5 but not a puppetmaster on rhel4. Again, any help would be greatly appreciated. Luke After some googling and reading through the wiki, I found that puppet apparently has some issues with ruby 1.8.1, which is what comes with rhel4. I pulled some centos rpms of ruby 1.8.5 from the centos 4 testing repository, and restarted the puppetmasterd and puppetd processes. I still get the error about no private method 'split'. I could really use some advice here on what I might be doing wrong. Thanks! Luke --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: copying file from multiple sources
On Fri, Sep 25, 2009 at 4:04 PM, Luke Schierer luke.schie...@gmail.comwrote: This works for my redhat 5 machines, I'm able to pull from the array of sources. However, it does n work for redhat 4 machines. If a redhat 4 machine is listed in the array, I get err: Could not call fileserver.list: #NoMethodError: prive method 'split' called for nil.NilClass err: //Node[host1]/File[/path/to/target]: Failed to generate additional resources durring transaction I am still unable to figure out why puppetd on rhel5 can pull from a puppetmaster on rhel5 but not a puppetmaster on rhel4. Again, any help would be greatly appreciated. Luke --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: copying file from multiple sources
On Thu, Sep 24, 2009 at 11:43 AM, Luke Schierer luke.schie...@gmail.comwrote:
I have the following snippet I am using to test with the puppet command
node host1 {
file { /var/www/target:
path = /var/www/target,
mode = 570,
owner = apache,
group = wheel,
ensure = directory,
recurse = inf,
sourceselect = all,
source = [
puppet://host2.fully.qualified.tld/target_results/recent
],
}
}
I run this on host1 with the command
puppet --verbose --server host1.fully.qualified.tld test.pp | more
and the error I get is
err: //Node[host1]/File[/var/www/target]: Failed to generate additional
resources during transaction: Certificates were not trusted: tlsv1 alert
unknown ca
err: //Node[host1]/File[/var/www/target]: Failed to retrieve current state
of resource: Certificates were not trusted: tlsv1 alert unkown ca Could not
descript /target_results/recent: /etc/puppet/test.pp:16
if I change host1 to host1 in the source array, it works. If I list both,
it will produce more or less the same results if host2 is listed first, but
it will pull the host1 results before printing the error if host1 is listed
first.
in the above output and snippet, I have changed the hostnames, but yes, I
have verfied that I am using the fqdn, and that it is spelled correctly. My
hosts are on a closed network, so I've had to transfer the output by hand.
Thanks!
Luke
On Thu, Sep 24, 2009 at 2:52 AM, Ohad Levy ohadl...@gmail.com wrote:
Yes it should, are you sure you contact the second puppetmaster with its
FQDN? e.g.
source =
puppet://second.foor.com/module/file/..http://second.foor.com/module/
..
Ohad
I am still unable to get this to work. I have tried adding
ca = false
cacrl = false
ca_server = host1.fully.qualified.tld
to the puppet.conf file on host2, but I still get the same error. I also
tried uninstalling the puppet-server rpm, removing the /var/lib/puppet/ca
directory, re-installing pupet-server, and then starting it.
I started the puppetmasterd on the command line on host2 with --no-daemonize
--debug --verbose, and while I see it listening, I see nothing as host1
attempts to connect to it. The certificate in the /var/lib/puppet/ssl/certs
directory checks out fine with openssl verify using the ca certificate from
host1.
Any ideas on how to make this work would be very welcome.
Thanks!
Luke
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---
[Puppet Users] Re: copying file from multiple sources
On Fri, Sep 25, 2009 at 1:23 PM, Luke Schierer luke.schie...@gmail.comwrote:
On Thu, Sep 24, 2009 at 11:43 AM, Luke Schierer luke.schie...@gmail.com
wrote:
I have the following snippet I am using to test with the puppet command
node host1 {
file { /var/www/target:
path = /var/www/target,
mode = 570,
owner = apache,
group = wheel,
ensure = directory,
recurse = inf,
sourceselect = all,
source = [
puppet://host2.fully.qualified.tld/target_results/recent
],
}
}
I run this on host1 with the command
puppet --verbose --server host1.fully.qualified.tld test.pp | more
and the error I get is
err: //Node[host1]/File[/var/www/target]: Failed to generate additional
resources during transaction: Certificates were not trusted: tlsv1 alert
unknown ca
err: //Node[host1]/File[/var/www/target]: Failed to retrieve current state
of resource: Certificates were not trusted: tlsv1 alert unkown ca Could not
descript /target_results/recent: /etc/puppet/test.pp:16
if I change host1 to host1 in the source array, it works. If I list both,
it will produce more or less the same results if host2 is listed first, but
it will pull the host1 results before printing the error if host1 is listed
first.
in the above output and snippet, I have changed the hostnames, but yes, I
have verfied that I am using the fqdn, and that it is spelled correctly. My
hosts are on a closed network, so I've had to transfer the output by hand.
Thanks!
Luke
On Thu, Sep 24, 2009 at 2:52 AM, Ohad Levy ohadl...@gmail.com wrote:
Yes it should, are you sure you contact the second puppetmaster with its
FQDN? e.g.
source =
puppet://second.foor.com/module/file/..http://second.foor.com/module/
..
Ohad
I am still unable to get this to work. I have tried adding
ca = false
cacrl = false
ca_server = host1.fully.qualified.tld
I have a partial solution, I set ca = false and ca_server =
host1.fully.qualified.tld in the puppet.conf file. I then remove the
puppet-server rpm. I then ensure that /var/lib/puppet/ca/ca_crt.pem and
/var/lib/puppet/ca/ca_crl.pem are the same as those from host1. I then make
sure that they are owned by the puppet user. I then re-install the
puppet-server rpm.
This works for my redhat 5 machines, I'm able to pull from the array of
sources. However, it does n work for redhat 4 machines. If a redhat 4
machine is listed in the array, I get
err: Could not call fileserver.list: #NoMethodError: prive method 'split'
called for nil.NilClass
err: //Node[host1]/File[/path/to/target]: Failed to generate additional
resources durring transaction
Both the redhat 4 and the redhat 5 machines are 64bit installs. the rhel4
machines have puppet and puppet-server 0.24.8-4.el4 and the rhel5 machines
have 0.24.8-4.el5, both from the EPEL repository.
Any advice would be appreciated.
Thanks!
Luke
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---
[Puppet Users] Re: copying file from multiple sources
The secondaries are each clients of the first one. Does the puppetmaster process use the same certificate as puppetd? Luke On Sep 23, 2009, at 21:38 EDT, Ohad Levy wrote: Did you try signing your secondary puppet master as a client of the first one? make sure you use fqdn when referring to the second one, as its certificate would be valid to puppet or its fqdn. Ohad On Thu, Sep 24, 2009 at 4:37 AM, lschiere luke.schie...@gmail.com wrote: I have tried copying over the contents of the /var/lib/puppet/ssl/ca directory, but apparently something with in it is specific to the host, such it then complains that the certificates and keys do not match. I also saw http://reductivelabs.com/trac/puppet/wiki/MultipleCertificateAuthorities , but I do not want to put apache on each host. With cfengine2, it was very simple to have cfservd running on each host, distribute the keys to each, and then pull result files from the clients to the central server. I cannot seem to find an example of a similar setup with puppet. Luke On Sep 22, 4:30 pm, Luke Schierer luke.schie...@gmail.com wrote: On Sat, Sep 19, 2009 at 7:53 AM, Luke Schierer luke.schie...@gmail.comwrote: On Sep 19, 2009, at 05:11 EDT, Peter Meier wrote: The standard way to do that is: source = [puppet:///foo/file-$hostname,puppet:///foo/file-$lsbdistcodename ,puppet:///foo/file] - check for modules/foo/file-www4, then file-jaunty, then file * sourceselect: Whether to copy all valid sources, or just the first one. This parameter is only used in recursive copies; by default, the first valid source is the only one used as a recursive source, but if this parameter is set to all, then all valid sources will have all of their contents copied to the local host, and for sources that have the same file, the source earlier in the list will be used. Valid values are first, all. So you can have both variants. cheers pete When I tried to do this with source = [ 'puppet://host1/files/target','puppet://host2/files/ target'] it works fine for the first host, which acts as the puppetmaster, but not for the second one. It complains about an unknown CA. I realize that this is because the CA certificates differ on the two hosts, and the certificate puppet is using to pull files is only signed by one of the two, the one it gets its configuration from. Is there a key or keys I can distribute to each node so that I can pull files from all of them? Thanks! Luke- Hide quoted text - - Show quoted text - --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: copying file from multiple sources
I have the following snippet I am using to test with the puppet command
node host1 {
file { /var/www/target:
path = /var/www/target,
mode = 570,
owner = apache,
group = wheel,
ensure = directory,
recurse = inf,
sourceselect = all,
source = [
puppet://host2.fully.qualified.tld/target_results/recent
],
}
}
I run this on host1 with the command
puppet --verbose --server host1.fully.qualified.tld test.pp | more
and the error I get is
err: //Node[host1]/File[/var/www/target]: Failed to generate additional
resources during transaction: Certificates were not trusted: tlsv1 alert
unknown ca
err: //Node[host1]/File[/var/www/target]: Failed to retrieve current state
of resource: Certificates were not trusted: tlsv1 alert unkown ca Could not
descript /target_results/recent: /etc/puppet/test.pp:16
if I change host1 to host1 in the source array, it works. If I list both,
it will produce more or less the same results if host2 is listed first, but
it will pull the host1 results before printing the error if host1 is listed
first.
in the above output and snippet, I have changed the hostnames, but yes, I
have verfied that I am using the fqdn, and that it is spelled correctly. My
hosts are on a closed network, so I've had to transfer the output by hand.
Thanks!
Luke
On Thu, Sep 24, 2009 at 2:52 AM, Ohad Levy ohadl...@gmail.com wrote:
Yes it should, are you sure you contact the second puppetmaster with its
FQDN? e.g.
source =
puppet://second.foor.com/module/file/..http://second.foor.com/module/
..
Ohad
On Thu, Sep 24, 2009 at 2:26 PM, Luke Schierer luke.schie...@gmail.comwrote:
The secondaries are each clients of the first one. Does the
puppetmaster process use the same certificate as puppetd?
Luke
On Sep 23, 2009, at 21:38 EDT, Ohad Levy wrote:
Did you try signing your secondary puppet master as a client of the
first one?
make sure you use fqdn when referring to the second one, as its
certificate would be valid to puppet or its fqdn.
Ohad
On Thu, Sep 24, 2009 at 4:37 AM, lschiere luke.schie...@gmail.com
wrote:
I have tried copying over the contents of the /var/lib/puppet/ssl/ca
directory, but apparently something with in it is specific to the
host, such it then complains that the certificates and keys do not
match. I also saw
http://reductivelabs.com/trac/puppet/wiki/MultipleCertificateAuthorities
,
but I do not want to put apache on each host. With cfengine2, it was
very simple to have cfservd running on each host, distribute the keys
to each, and then pull result files from the clients to the central
server. I cannot seem to find an example of a similar setup with
puppet.
Luke
On Sep 22, 4:30 pm, Luke Schierer luke.schie...@gmail.com wrote:
On Sat, Sep 19, 2009 at 7:53 AM, Luke Schierer
luke.schie...@gmail.comwrote:
On Sep 19, 2009, at 05:11 EDT, Peter Meier wrote:
The standard way to do that is:
source =
[puppet:///foo/file-$hostname,puppet:///foo/file-$lsbdistcodename
,puppet:///foo/file]
- check for modules/foo/file-www4, then file-jaunty, then file
* sourceselect:
Whether to copy all valid sources, or just the first one. This
parameter
is only used in recursive copies; by default, the first valid
source is
the only one used as a recursive source, but if this parameter
is set to
all, then all valid sources will have all of their contents
copied to
the local host, and for sources that have the same file, the
source
earlier in the list will be used. Valid values are first, all.
So you can have both variants.
cheers pete
When I tried to do this with
source = [ 'puppet://host1/files/target','puppet://host2/files/
target']
it works fine for the first host, which acts as the puppetmaster,
but not
for the second one. It complains about an unknown CA.
I realize that this is because the CA certificates differ on the
two hosts,
and the certificate puppet is using to pull files is only signed
by one of
the two, the one it gets its configuration from.
Is there a key or keys I can distribute to each node so that I can
pull
files from all of them?
Thanks!
Luke- Hide quoted text -
- Show quoted text -
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---
[Puppet Users] Re: copying file from multiple sources
On Sat, Sep 19, 2009 at 7:53 AM, Luke Schierer luke.schie...@gmail.comwrote: On Sep 19, 2009, at 05:11 EDT, Peter Meier wrote: The standard way to do that is: source = [puppet:///foo/file-$hostname,puppet:///foo/file-$lsbdistcodename ,puppet:///foo/file] - check for modules/foo/file-www4, then file-jaunty, then file * sourceselect: Whether to copy all valid sources, or just the first one. This parameter is only used in recursive copies; by default, the first valid source is the only one used as a recursive source, but if this parameter is set to all, then all valid sources will have all of their contents copied to the local host, and for sources that have the same file, the source earlier in the list will be used. Valid values are first, all. So you can have both variants. cheers pete When I tried to do this with source = [ 'puppet://host1/files/target','puppet://host2/files/target'] it works fine for the first host, which acts as the puppetmaster, but not for the second one. It complains about an unknown CA. I realize that this is because the CA certificates differ on the two hosts, and the certificate puppet is using to pull files is only signed by one of the two, the one it gets its configuration from. Is there a key or keys I can distribute to each node so that I can pull files from all of them? Thanks! Luke --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: copying file from multiple sources
On Sep 19, 2009, at 05:11 EDT, Peter Meier wrote: Hi The standard way to do that is: source = [puppet:///foo/file-$hostname,puppet:///foo/file-$lsbdistcodename ,puppet:///foo/file] - check for modules/foo/file-www4, then file-jaunty, then file As I understood source arrays, would only grab the first one to succeed, Type Reference says If you specify multiple file sources for a file, then the first source that exists will be used..Is that page out of date? No and it is working like that. But TypReference says as well: * sourceselect: Whether to copy all valid sources, or just the first one. This parameter is only used in recursive copies; by default, the first valid source is the only one used as a recursive source, but if this parameter is set to all, then all valid sources will have all of their contents copied to the local host, and for sources that have the same file, the source earlier in the list will be used. Valid values are first, all. So you can have both variants. cheers pete I'd missed that. Thanks!! Luke --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] copying file from multiple sources
I am looking at migrating a set of servers from cfengine management to
puppet management. For the most part, the move has been relatively straight
forward, and I am pleased with the way that puppet's modules have made some
of the things I did in cfengine2 much cleaner. There is one thing though
that was relatively easy in cfengine that I am not seeing a good way to
achieve with puppet.
In cfengine I defined a variable serverlist that was essentially an array of
hostnames. I then had the following copy block
copy:
somehost::
/path/to/file/that/updates/nightly
server=${serverlist}
dest=/var/www/repository/${this}
mode=644 owner=apache group=wheel
which caused the one host in the class somehost to copy the file from each
server in the array serverlist to the repository.
**
The closest I see in puppet would be to list each server source as a
different file entry in a class.
Something like (psuedo code)
class pullfile {
File { ensure = file, owner = apache, group = wheel, mode = 644, }
file {
host1: source = puppet://host1/path/to/file path =
/var/www/repository/host1;
host2: source = puppet://host2/path/to/file path =
/var/www/repository/host2;
}
}
and have puppetmaster on each host.
Is there a better way?
Thanks!
Luke
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---
[Puppet Users] Re: copying file from multiple sources
On Sep 18, 2009, at 18:30 EDT, Disconnect wrote:
(Wow, hi Luke! LTNT!)
Yes, it has!
The standard way to do that is:
source =
[puppet:///foo/file-$hostname,puppet:///foo/file-$lsbdistcodename
,puppet:///foo/file]
- check for modules/foo/file-www4, then file-jaunty, then file
As I understood source arrays, would only grab the first one to
succeed, Type Reference says If you specify multiple file sources for
a file, then the first source that exists will be used..Is that
page out of date?
Luke
On Fri, Sep 18, 2009 at 4:37 PM, Luke Schierer luke.schie...@gmail.com
wrote:
I am looking at migrating a set of servers from cfengine management
to
puppet management. For the most part, the move has been relatively
straight
forward, and I am pleased with the way that puppet's modules have
made some
of the things I did in cfengine2 much cleaner. There is one thing
though
that was relatively easy in cfengine that I am not seeing a good
way to
achieve with puppet.
In cfengine I defined a variable serverlist that was essentially an
array of
hostnames. I then had the following copy block
copy:
somehost::
/path/to/file/that/updates/nightly
server=${serverlist}
dest=/var/www/repository/${this}
mode=644 owner=apache group=wheel
which caused the one host in the class somehost to copy the file
from each
server in the array serverlist to the repository.
The closest I see in puppet would be to list each server source as a
different file entry in a class.
Something like (psuedo code)
class pullfile {
File { ensure = file, owner = apache, group = wheel, mode =
644, }
file {
host1: source = puppet://host1/path/to/file path =
/var/www/repository/host1;
host2: source = puppet://host2/path/to/file path =
/var/www/repository/host2;
}
}
and have puppetmaster on each host.
Is there a better way?
Thanks!
Luke
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---
