Re: [Puppet Users] Re: subscribing a service to multiple files ?
service { httpd: subscribe = [File['one'],File['two']], } should work Luke On Jul 20, 2010, at 08:10 EDT, Tore wrote: You could also do: class httpd { ... file { '/etc/monit.d/httpd.conf': ... notify = Service['monit'] } } But I would rather do it on the service, since then you can with ease read one line to find out what that service response to. On 16 Jul, 18:48, phrawzty phraw...@gmail.com wrote: Hello, I am currently expanding on the Monit recipes that are available on the Wiki (as well as github). One of the oft-used features of Monit is the ability to load arbitrary configuration files at runtime (i.e. include /etc/monit.d/*.conf). This seems like it could be a good fit for integrating service configs with their respective Monit configs in Puppet ; however, consider the following : class httpd { ... file { '/etc/monit.d/httpd.conf': ... } } class monit { file { '/etc/monit.conf': ... } service { 'monit': subscribe = File[/etc/monit.conf] ... } } The problem here is that Monit only reads its config files when it is (re)started ; based on the subscribe relationship described above, Monit will be restarted when /etc/monit.conf changes, but not when / etc/monit.d/httpd.conf changes (or appears for the first time, as the case may be). Thus the question : is it possible / advisable to subscribe a service to multiple files, and if so, how would it be done ? Alternatively, i may be taking entirely the wrong approach here, in which case the question would be : what would be the best way to trigger a Monit reload from outside of the Monit class ? Would it be advisable to, for example, define a service-subscribe relationship in every class that has a Monit config file (i imagine scoping is an issue here). Thank you all for your time and consideration on this topic. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] tidy -- ignoring sockets?
On Mar 14, 2010, at 18:37 EDT, Luke Kanies wrote: On Feb 26, 2010, at 12:07 PM, Alan Sparks wrote: I've a tidy resource for /tmp under 0.24.8, which throws errors each run due to a socket file created by xfs under /tmp/.font-unix/. It's relatively harmless, but it fills the logs with error messages... /var/log/messages.4:Jan 31 04:01:34 vm03 puppetd[15362]: (//Node[vm03]/Tidy::Olderthan[/tmp]/Tidy[/tmp/.font-unix/fs7100]/ensure) change from /tmp/.font-unix/fs7100(age)1264176925 to anything failed: Cannot tidy files of type socket Since tidy does not have a parameter for directories or files to ignore, and there's no option to specify the types of files to consider, is there any way short of hacking the code to eliminate these errors? I don't think so. I basically threw that failure in there because I wasn't sure what the behaviour should be for anything other than the standard file types. It'd be pretty easy to fix tidy to behave appropriately if you can describe how it should actually behave. I know for the particular case of /tmp, I would want it to remove any type of file it could encounter. Off hand, I cannot think of a situation where I would be using tidy that I would not want to either be able to filter for a specific file type and only filter that type, or would want to tidy everything. Luke -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: other end went away leads to multiple report mails
On Mon, Dec 7, 2009 at 2:27 AM, Peter Meier peter.me...@immerda.ch wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The base of the code is something like: require puppet require yaml require find Puppet[:config] = /etc/puppet/puppet.conf Puppet.parse_config Puppet[:name] = puppetmasterd Puppet::Node::Facts.terminus_class = :yaml File.find(/var/puppet/reports) do | report | next if FileTest.directory?(report) thisreport = open(report) { |fh| YAML::load(fh) } print Host: + thisreport.host reporttime = File.stat(report).mtime.to_i # seconds since epoch... thisreport.logs.each do |log| # Whatever you want to find out about each message... end File.unlink(report) # If you don't need them anymore... end would be nice to have such a working example in ext/ I agree, a working example would be awesome. Luke -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Multiple environments
I just had to set the environment variable in the puppet.conf file before starting the puppetd daemon. Then in each class I use that variable to determine what happens, for example file { smtpd.conf: owner = root, group = root, mode= 600, source = $environment ? { preproduction = puppet:///, test= , production = , }, } or in other classes, I have if/else blocks based on the $environment variable. I am in the 0.24.8 version that EPEL has though, not 0.25.x Luke On Nov 12, 2009, at 19:30 EST, Scott wrote: Is anyone using multiple environments? Can someone at least tell me what they did to get it working? Thanks, Scott On Nov 12, 6:53 am, Scott scott...@gmail.com wrote: So I'm trying to get multiple environments to work with puppet 0.25.1 on ubuntu 8.04 and no matter what I do, puppet just completely ignores any environment setting. There's really next to no information in terms of configuration on the multiple environments documentation page (http://reductivelabs.com/trac/puppet/wiki/UsingMultipleEnvironments) other than saying that the following section should be in my puppet.conf file: [main] manifest = /usr/share/puppet/site.pp modulepath = /usr/share/puppet/modules [development] manifest = /usr/share/puppet/development/site.pp modulepath = /usr/share/puppet/development/modules There are other references on web pages and groups to an environments setting under puppetmasterd as well as having a default environment setting in main for the clients but I've tried all of that and nothing works. There's also no reference at all to any environment in debugging mode when I run puppetd --test -- environment=test -d. Am I missing something? Here's a copy of my puppet.conf file: [main] vardir = /var/lib/puppet manifest = /etc/puppet/manifests/site.pp modulepath = /etc/puppet/modules pluginsync = true storeconfigs = true # dbadapter = mysql dbuser = puppet dbpassword = dbserver = mysql.example.com [puppetmasterd] certname=puppet.example.com [testing] manifest=/etc/puppet-testing/manifests/site.pp modulepath=/etc/puppet-testing/modules [production] manifest=/etc/puppet/manifests/site.pp modulepath=/etc/puppet/modules Cheers, Scott --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] removing excess permissions
Does anyone have a puppet recipe that would remove extraneous permissions on files and directories without explicitly setting what the permissions should be? I have an application that creates and manipulates a bunch of temp files and directories under /tmp, and I'd like to remove the unneeded world read and world write permissions these files get. However, the directories should have execute permissions that the files do not need, and I would rather not set. I could do file { /tmp/toplevel: mode= 770, recurse = true, } but as I said, I would rather not set the execute bit on files that do not need it, it seems messy. Thanks! Luke --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: tagmail configuration
On Thu, Oct 8, 2009 at 6:14 PM, Luke Schierer luke.schie...@gmail.comwrote: I am trying to configure tagmail to send emails to different segments of the team based on the classes that are loaded. For the most part it seems to be working, but I'm having trouble with getting a rule that will send an email for everything except events related to a particular class, or those with a particular tag. In my tagmail.conf I have type1, !nolog: gro...@domain.tld type2, !nolog: gro...@domain.tld all, !noisy, !nolog: myem...@domain.tld the type1 and type2 lines appear to work as intended, but the last line doesn't. It is correctly filtering out events specifically tagged with tag = nolog, but it still sends me events from the noisy class.Any ideas on how I can filter out events from this class without tagging each element? Thanks! Luke Googling this, I found http://markmail.org/message/jib4n4bq7qmbsb4q#query:puppet%20tagmail%20exclude%20one%20class+page:1+mid:f6v5hhgl6h624xqx+state:results which seems to indicate that this behavior is considered a bug. Further investigation turns up bug #1035 in the tracker. I am sorry for failing to better research this before posting. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] tagmail configuration
I am trying to configure tagmail to send emails to different segments of the team based on the classes that are loaded. For the most part it seems to be working, but I'm having trouble with getting a rule that will send an email for everything except events related to a particular class, or those with a particular tag. In my tagmail.conf I have type1, !nolog: gro...@domain.tld type2, !nolog: gro...@domain.tld all, !noisy, !nolog: myem...@domain.tld the type1 and type2 lines appear to work as intended, but the last line doesn't. It is correctly filtering out events specifically tagged with tag = nolog, but it still sends me events from the noisy class.Any ideas on how I can filter out events from this class without tagging each element? Thanks! Luke --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: copying file from multiple sources
On Mon, Sep 28, 2009 at 3:12 PM, Luke Schierer luke.schie...@gmail.comwrote: On Fri, Sep 25, 2009 at 4:04 PM, Luke Schierer luke.schie...@gmail.comwrote: This works for my redhat 5 machines, I'm able to pull from the array of sources. However, it does n work for redhat 4 machines. If a redhat 4 machine is listed in the array, I get err: Could not call fileserver.list: #NoMethodError: prive method 'split' called for nil.NilClass err: //Node[host1]/File[/path/to/target]: Failed to generate additional resources durring transaction I am still unable to figure out why puppetd on rhel5 can pull from a puppetmaster on rhel5 but not a puppetmaster on rhel4. Again, any help would be greatly appreciated. Luke After some googling and reading through the wiki, I found that puppet apparently has some issues with ruby 1.8.1, which is what comes with rhel4. I pulled some centos rpms of ruby 1.8.5 from the centos 4 testing repository, and restarted the puppetmasterd and puppetd processes. I still get the error about no private method 'split'. I could really use some advice here on what I might be doing wrong. Thanks! Luke --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: copying file from multiple sources
On Fri, Sep 25, 2009 at 4:04 PM, Luke Schierer luke.schie...@gmail.comwrote: This works for my redhat 5 machines, I'm able to pull from the array of sources. However, it does n work for redhat 4 machines. If a redhat 4 machine is listed in the array, I get err: Could not call fileserver.list: #NoMethodError: prive method 'split' called for nil.NilClass err: //Node[host1]/File[/path/to/target]: Failed to generate additional resources durring transaction I am still unable to figure out why puppetd on rhel5 can pull from a puppetmaster on rhel5 but not a puppetmaster on rhel4. Again, any help would be greatly appreciated. Luke --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: copying file from multiple sources
On Thu, Sep 24, 2009 at 11:43 AM, Luke Schierer luke.schie...@gmail.comwrote: I have the following snippet I am using to test with the puppet command node host1 { file { /var/www/target: path = /var/www/target, mode = 570, owner = apache, group = wheel, ensure = directory, recurse = inf, sourceselect = all, source = [ puppet://host2.fully.qualified.tld/target_results/recent ], } } I run this on host1 with the command puppet --verbose --server host1.fully.qualified.tld test.pp | more and the error I get is err: //Node[host1]/File[/var/www/target]: Failed to generate additional resources during transaction: Certificates were not trusted: tlsv1 alert unknown ca err: //Node[host1]/File[/var/www/target]: Failed to retrieve current state of resource: Certificates were not trusted: tlsv1 alert unkown ca Could not descript /target_results/recent: /etc/puppet/test.pp:16 if I change host1 to host1 in the source array, it works. If I list both, it will produce more or less the same results if host2 is listed first, but it will pull the host1 results before printing the error if host1 is listed first. in the above output and snippet, I have changed the hostnames, but yes, I have verfied that I am using the fqdn, and that it is spelled correctly. My hosts are on a closed network, so I've had to transfer the output by hand. Thanks! Luke On Thu, Sep 24, 2009 at 2:52 AM, Ohad Levy ohadl...@gmail.com wrote: Yes it should, are you sure you contact the second puppetmaster with its FQDN? e.g. source = puppet://second.foor.com/module/file/..http://second.foor.com/module/ .. Ohad I am still unable to get this to work. I have tried adding ca = false cacrl = false ca_server = host1.fully.qualified.tld to the puppet.conf file on host2, but I still get the same error. I also tried uninstalling the puppet-server rpm, removing the /var/lib/puppet/ca directory, re-installing pupet-server, and then starting it. I started the puppetmasterd on the command line on host2 with --no-daemonize --debug --verbose, and while I see it listening, I see nothing as host1 attempts to connect to it. The certificate in the /var/lib/puppet/ssl/certs directory checks out fine with openssl verify using the ca certificate from host1. Any ideas on how to make this work would be very welcome. Thanks! Luke --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: copying file from multiple sources
On Fri, Sep 25, 2009 at 1:23 PM, Luke Schierer luke.schie...@gmail.comwrote: On Thu, Sep 24, 2009 at 11:43 AM, Luke Schierer luke.schie...@gmail.com wrote: I have the following snippet I am using to test with the puppet command node host1 { file { /var/www/target: path = /var/www/target, mode = 570, owner = apache, group = wheel, ensure = directory, recurse = inf, sourceselect = all, source = [ puppet://host2.fully.qualified.tld/target_results/recent ], } } I run this on host1 with the command puppet --verbose --server host1.fully.qualified.tld test.pp | more and the error I get is err: //Node[host1]/File[/var/www/target]: Failed to generate additional resources during transaction: Certificates were not trusted: tlsv1 alert unknown ca err: //Node[host1]/File[/var/www/target]: Failed to retrieve current state of resource: Certificates were not trusted: tlsv1 alert unkown ca Could not descript /target_results/recent: /etc/puppet/test.pp:16 if I change host1 to host1 in the source array, it works. If I list both, it will produce more or less the same results if host2 is listed first, but it will pull the host1 results before printing the error if host1 is listed first. in the above output and snippet, I have changed the hostnames, but yes, I have verfied that I am using the fqdn, and that it is spelled correctly. My hosts are on a closed network, so I've had to transfer the output by hand. Thanks! Luke On Thu, Sep 24, 2009 at 2:52 AM, Ohad Levy ohadl...@gmail.com wrote: Yes it should, are you sure you contact the second puppetmaster with its FQDN? e.g. source = puppet://second.foor.com/module/file/..http://second.foor.com/module/ .. Ohad I am still unable to get this to work. I have tried adding ca = false cacrl = false ca_server = host1.fully.qualified.tld I have a partial solution, I set ca = false and ca_server = host1.fully.qualified.tld in the puppet.conf file. I then remove the puppet-server rpm. I then ensure that /var/lib/puppet/ca/ca_crt.pem and /var/lib/puppet/ca/ca_crl.pem are the same as those from host1. I then make sure that they are owned by the puppet user. I then re-install the puppet-server rpm. This works for my redhat 5 machines, I'm able to pull from the array of sources. However, it does n work for redhat 4 machines. If a redhat 4 machine is listed in the array, I get err: Could not call fileserver.list: #NoMethodError: prive method 'split' called for nil.NilClass err: //Node[host1]/File[/path/to/target]: Failed to generate additional resources durring transaction Both the redhat 4 and the redhat 5 machines are 64bit installs. the rhel4 machines have puppet and puppet-server 0.24.8-4.el4 and the rhel5 machines have 0.24.8-4.el5, both from the EPEL repository. Any advice would be appreciated. Thanks! Luke --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: copying file from multiple sources
The secondaries are each clients of the first one. Does the puppetmaster process use the same certificate as puppetd? Luke On Sep 23, 2009, at 21:38 EDT, Ohad Levy wrote: Did you try signing your secondary puppet master as a client of the first one? make sure you use fqdn when referring to the second one, as its certificate would be valid to puppet or its fqdn. Ohad On Thu, Sep 24, 2009 at 4:37 AM, lschiere luke.schie...@gmail.com wrote: I have tried copying over the contents of the /var/lib/puppet/ssl/ca directory, but apparently something with in it is specific to the host, such it then complains that the certificates and keys do not match. I also saw http://reductivelabs.com/trac/puppet/wiki/MultipleCertificateAuthorities , but I do not want to put apache on each host. With cfengine2, it was very simple to have cfservd running on each host, distribute the keys to each, and then pull result files from the clients to the central server. I cannot seem to find an example of a similar setup with puppet. Luke On Sep 22, 4:30 pm, Luke Schierer luke.schie...@gmail.com wrote: On Sat, Sep 19, 2009 at 7:53 AM, Luke Schierer luke.schie...@gmail.comwrote: On Sep 19, 2009, at 05:11 EDT, Peter Meier wrote: The standard way to do that is: source = [puppet:///foo/file-$hostname,puppet:///foo/file-$lsbdistcodename ,puppet:///foo/file] - check for modules/foo/file-www4, then file-jaunty, then file * sourceselect: Whether to copy all valid sources, or just the first one. This parameter is only used in recursive copies; by default, the first valid source is the only one used as a recursive source, but if this parameter is set to all, then all valid sources will have all of their contents copied to the local host, and for sources that have the same file, the source earlier in the list will be used. Valid values are first, all. So you can have both variants. cheers pete When I tried to do this with source = [ 'puppet://host1/files/target','puppet://host2/files/ target'] it works fine for the first host, which acts as the puppetmaster, but not for the second one. It complains about an unknown CA. I realize that this is because the CA certificates differ on the two hosts, and the certificate puppet is using to pull files is only signed by one of the two, the one it gets its configuration from. Is there a key or keys I can distribute to each node so that I can pull files from all of them? Thanks! Luke- Hide quoted text - - Show quoted text - --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: copying file from multiple sources
I have the following snippet I am using to test with the puppet command node host1 { file { /var/www/target: path = /var/www/target, mode = 570, owner = apache, group = wheel, ensure = directory, recurse = inf, sourceselect = all, source = [ puppet://host2.fully.qualified.tld/target_results/recent ], } } I run this on host1 with the command puppet --verbose --server host1.fully.qualified.tld test.pp | more and the error I get is err: //Node[host1]/File[/var/www/target]: Failed to generate additional resources during transaction: Certificates were not trusted: tlsv1 alert unknown ca err: //Node[host1]/File[/var/www/target]: Failed to retrieve current state of resource: Certificates were not trusted: tlsv1 alert unkown ca Could not descript /target_results/recent: /etc/puppet/test.pp:16 if I change host1 to host1 in the source array, it works. If I list both, it will produce more or less the same results if host2 is listed first, but it will pull the host1 results before printing the error if host1 is listed first. in the above output and snippet, I have changed the hostnames, but yes, I have verfied that I am using the fqdn, and that it is spelled correctly. My hosts are on a closed network, so I've had to transfer the output by hand. Thanks! Luke On Thu, Sep 24, 2009 at 2:52 AM, Ohad Levy ohadl...@gmail.com wrote: Yes it should, are you sure you contact the second puppetmaster with its FQDN? e.g. source = puppet://second.foor.com/module/file/..http://second.foor.com/module/ .. Ohad On Thu, Sep 24, 2009 at 2:26 PM, Luke Schierer luke.schie...@gmail.comwrote: The secondaries are each clients of the first one. Does the puppetmaster process use the same certificate as puppetd? Luke On Sep 23, 2009, at 21:38 EDT, Ohad Levy wrote: Did you try signing your secondary puppet master as a client of the first one? make sure you use fqdn when referring to the second one, as its certificate would be valid to puppet or its fqdn. Ohad On Thu, Sep 24, 2009 at 4:37 AM, lschiere luke.schie...@gmail.com wrote: I have tried copying over the contents of the /var/lib/puppet/ssl/ca directory, but apparently something with in it is specific to the host, such it then complains that the certificates and keys do not match. I also saw http://reductivelabs.com/trac/puppet/wiki/MultipleCertificateAuthorities , but I do not want to put apache on each host. With cfengine2, it was very simple to have cfservd running on each host, distribute the keys to each, and then pull result files from the clients to the central server. I cannot seem to find an example of a similar setup with puppet. Luke On Sep 22, 4:30 pm, Luke Schierer luke.schie...@gmail.com wrote: On Sat, Sep 19, 2009 at 7:53 AM, Luke Schierer luke.schie...@gmail.comwrote: On Sep 19, 2009, at 05:11 EDT, Peter Meier wrote: The standard way to do that is: source = [puppet:///foo/file-$hostname,puppet:///foo/file-$lsbdistcodename ,puppet:///foo/file] - check for modules/foo/file-www4, then file-jaunty, then file * sourceselect: Whether to copy all valid sources, or just the first one. This parameter is only used in recursive copies; by default, the first valid source is the only one used as a recursive source, but if this parameter is set to all, then all valid sources will have all of their contents copied to the local host, and for sources that have the same file, the source earlier in the list will be used. Valid values are first, all. So you can have both variants. cheers pete When I tried to do this with source = [ 'puppet://host1/files/target','puppet://host2/files/ target'] it works fine for the first host, which acts as the puppetmaster, but not for the second one. It complains about an unknown CA. I realize that this is because the CA certificates differ on the two hosts, and the certificate puppet is using to pull files is only signed by one of the two, the one it gets its configuration from. Is there a key or keys I can distribute to each node so that I can pull files from all of them? Thanks! Luke- Hide quoted text - - Show quoted text - --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: copying file from multiple sources
On Sat, Sep 19, 2009 at 7:53 AM, Luke Schierer luke.schie...@gmail.comwrote: On Sep 19, 2009, at 05:11 EDT, Peter Meier wrote: The standard way to do that is: source = [puppet:///foo/file-$hostname,puppet:///foo/file-$lsbdistcodename ,puppet:///foo/file] - check for modules/foo/file-www4, then file-jaunty, then file * sourceselect: Whether to copy all valid sources, or just the first one. This parameter is only used in recursive copies; by default, the first valid source is the only one used as a recursive source, but if this parameter is set to all, then all valid sources will have all of their contents copied to the local host, and for sources that have the same file, the source earlier in the list will be used. Valid values are first, all. So you can have both variants. cheers pete When I tried to do this with source = [ 'puppet://host1/files/target','puppet://host2/files/target'] it works fine for the first host, which acts as the puppetmaster, but not for the second one. It complains about an unknown CA. I realize that this is because the CA certificates differ on the two hosts, and the certificate puppet is using to pull files is only signed by one of the two, the one it gets its configuration from. Is there a key or keys I can distribute to each node so that I can pull files from all of them? Thanks! Luke --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: copying file from multiple sources
On Sep 19, 2009, at 05:11 EDT, Peter Meier wrote: Hi The standard way to do that is: source = [puppet:///foo/file-$hostname,puppet:///foo/file-$lsbdistcodename ,puppet:///foo/file] - check for modules/foo/file-www4, then file-jaunty, then file As I understood source arrays, would only grab the first one to succeed, Type Reference says If you specify multiple file sources for a file, then the first source that exists will be used..Is that page out of date? No and it is working like that. But TypReference says as well: * sourceselect: Whether to copy all valid sources, or just the first one. This parameter is only used in recursive copies; by default, the first valid source is the only one used as a recursive source, but if this parameter is set to all, then all valid sources will have all of their contents copied to the local host, and for sources that have the same file, the source earlier in the list will be used. Valid values are first, all. So you can have both variants. cheers pete I'd missed that. Thanks!! Luke --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] copying file from multiple sources
I am looking at migrating a set of servers from cfengine management to puppet management. For the most part, the move has been relatively straight forward, and I am pleased with the way that puppet's modules have made some of the things I did in cfengine2 much cleaner. There is one thing though that was relatively easy in cfengine that I am not seeing a good way to achieve with puppet. In cfengine I defined a variable serverlist that was essentially an array of hostnames. I then had the following copy block copy: somehost:: /path/to/file/that/updates/nightly server=${serverlist} dest=/var/www/repository/${this} mode=644 owner=apache group=wheel which caused the one host in the class somehost to copy the file from each server in the array serverlist to the repository. ** The closest I see in puppet would be to list each server source as a different file entry in a class. Something like (psuedo code) class pullfile { File { ensure = file, owner = apache, group = wheel, mode = 644, } file { host1: source = puppet://host1/path/to/file path = /var/www/repository/host1; host2: source = puppet://host2/path/to/file path = /var/www/repository/host2; } } and have puppetmaster on each host. Is there a better way? Thanks! Luke --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---
[Puppet Users] Re: copying file from multiple sources
On Sep 18, 2009, at 18:30 EDT, Disconnect wrote: (Wow, hi Luke! LTNT!) Yes, it has! The standard way to do that is: source = [puppet:///foo/file-$hostname,puppet:///foo/file-$lsbdistcodename ,puppet:///foo/file] - check for modules/foo/file-www4, then file-jaunty, then file As I understood source arrays, would only grab the first one to succeed, Type Reference says If you specify multiple file sources for a file, then the first source that exists will be used..Is that page out of date? Luke On Fri, Sep 18, 2009 at 4:37 PM, Luke Schierer luke.schie...@gmail.com wrote: I am looking at migrating a set of servers from cfengine management to puppet management. For the most part, the move has been relatively straight forward, and I am pleased with the way that puppet's modules have made some of the things I did in cfengine2 much cleaner. There is one thing though that was relatively easy in cfengine that I am not seeing a good way to achieve with puppet. In cfengine I defined a variable serverlist that was essentially an array of hostnames. I then had the following copy block copy: somehost:: /path/to/file/that/updates/nightly server=${serverlist} dest=/var/www/repository/${this} mode=644 owner=apache group=wheel which caused the one host in the class somehost to copy the file from each server in the array serverlist to the repository. The closest I see in puppet would be to list each server source as a different file entry in a class. Something like (psuedo code) class pullfile { File { ensure = file, owner = apache, group = wheel, mode = 644, } file { host1: source = puppet://host1/path/to/file path = /var/www/repository/host1; host2: source = puppet://host2/path/to/file path = /var/www/repository/host2; } } and have puppetmaster on each host. Is there a better way? Thanks! Luke --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~--~~~~--~~--~--~---