Re: [Puppet Users] Propagating local config changes from a client to the puppetmaster
On Tuesday 30 Nov 2010 12:58:33 gdb wrote: Hi, I'm using puppet with a centralized puppetmaster pushing config to many client nodes. Most of the configuration files that puppet manages are static and served via the puppet fileserver (running on the puppetmaster). I often find myself making changes to a node's config file, testing those changes, and then manually adding those changes to the corresponding file on the puppetmaster. Is there any way for me to cut out this last step? That is, does puppet have any support for propagating config changes from a client node back to the puppetmaster? In the case of static files, it seems that puppet has enough information to determine which client config files should be pushed back to the puppetmaster, so this seems at least theoretically possible. Thanks, Greg We use git. Make all the changes locally, test them in a VM, push the changes to GIT, pull the repos onto the pupptermaster. I'm not too sure the scenario you've just described is possible... M. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Process to upgrade from 0.24.8 to 2.6.x ?
On Wednesday 10 Nov 2010 10:30:02 nemo wrote: Hello, I'm really kind of newbie in the Puppet's world but this tool is quite impressive. So I wish to thank the authors first and all people participating to this amazing project. Now get straight to business :) I'm responsible of a platform containing almost 100 servers all managed by Puppet in version 0.24.8 (clients and server). I know this is an outdated version and I'm in the process of upgrading to the latest version. Hence what should be the best approach to upgrade ? For information, servers run centos 5.5 64bit If you've got Epel installed, pull puppet from there instead of rpmforge - it's 0.25.$something and we're running it without issue here. The only caveat as far as I am aware is to upgrade the server first, then the clients, but I'm sure I'll be corrected on that if I'm wrong! :) We're not looking to upgrade to 0.26 any time soon because we don't need any of the fancy features (yet!). Cheers, M. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Query facter 'facts' from webapp
On Tuesday 09 Nov 2010 15:06:28 Pieter Baele wrote: Hi, I would like to query the puppetmaster (or the puppet nodes...) for some facts and display/use these in an external web application (written django) using the certificates from Puppet. What's the correct (nice) way to do this? REST? Can I find some code examples for this? Hi, I'm looking at doing a similar thing for Edison [0] (also written in Django!). For the moment, I've written pyfacter - a basic python wrapper around the command line [1] - however I'd like to improve on this if possible. One thing I was planning on looking at was writing a python client for MCollective and using the audit tools available as part of MC to collect the facts either into a database or at runtime but that requires the ability to use Python with MC (nudge @rip :P) The only other solution I can think of is a cronjob that runs on each host on a regular basis and posts/puts to an API to fill the relevant field in the database. Kind regards, Matt [0] https://github.com/proffalken/edison [1] https://github.com/proffalken/randomscripts/tree/master/puppet/ -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Accessing Facter in other languages than Ruby?
Hi all, We're writing a few scripts at the moment that could really make use of Facter, however the vast majority of them team (including my self!) are not proficient in Ruby, however they are highly proficient in other languages such as (dare I say it!) Python. Is there (or are there any plans to!) release bindings for other languages to enable facts to be used in scripts other than puppet. Kind regards, Matt -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Puppet Training in the UK
Hi all, I've asked my company to send me on the training in London at the end of November, however owing to budget restraints I've been asked to investigate training next year instead. Does anyone know when the next round of training will be in the UK after November? Thanks, Matt -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Automating infrastructure tests on Puppet nodes after a puppetrun
On Tuesday 19 Oct 2010 21:52:37 Nicolas Szalay wrote: - Al @ Lab42 lab42...@gmail.com a écrit : | Hi List, Hi, | I would like to discuss with whoever is interested one topic that I | suppose has general interest. | | I want to implement some kind of automatic testing on the status of a | node after a Puppet Run. | These tests involve trivial and less trivial things things like: | - A local service is running | - A local port is open | - A remote server on a remote port is reachable by the node | - An URL replies with an expected content | - Some specific function needed by the node and provided by a remote | host is working (ie: ldap acces for users authentication, ntp | sync...) | - Whatever other check that asserts that the node is correctly | working OK, so we do this slightly differently however it might help... 1) All our manifests are stored in Git 2) A Git update forces Hudson to run a build 3) The Build process performs the following steps: * Checkout the latest version of the manifest into the staging server's puppet-module-path * Start a virtual server of the defined type using cucumber-vhost[0] * Use puppet to deploy the latest staging versions of the manifests to the virtual-server * run cucumber tests (using webrat for webservices and SMTP/IMAP libraries to test sending/delivery of email) against the service/facility that is contained in the manifests we are testing * Report back on the results of those tests * Destroy the virtual server This means that all of our manifests are fully tested before they go near our production system and we can be confident (although obviously this is only as good as the tests that we write!) that when we merge from staging into master the changes that are rolled out will work correctly. I've not gone down the cucumber-puppet root as I'm not 100% sure how it works and how to write stories correctly so if anyone can point me at a good resource on this, I'd be very appreciative! Hope that helps, Matt -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] First boot with Puppet
On Thursday 14 Oct 2010 23:49:11 Michal Ludvig wrote: On 10/15/2010 08:36 AM, Arnau Bria wrote: On Thu, 14 Oct 2010 23:47:16 +1300 Michal Ludvig wrote 1) kickstart installs the system, including puppet from our local repo 2) after reboot I have to login and set the hostname and IP kickstart is able to configure your network / hostname. Why don't you use that feature? Because we've got a common kickstart for all installs, not a per-host kickstart. It only installs the very core system and the rest is brought in and configured by puppet. We're moving to cobbler, Looks like cobbler is the prefered method here. I'll give it a try. Thanks for all the responses! You can also use Cobbler for ext-lookups and therefore assign classes and modules to systems from the cobbler web interface. It works really well! :) Matt. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] manipulating facter variable
On Thursday 14 Oct 2010 14:57:08 Dennis vdM wrote: I'm trying to manipulate the following facter variable: ipaddress = 10.85.207.2 What I need is the second group of digits. If it's 84 then location is A, but if it's 85 then location is B. In puppet I couldn't grab this second set of digits, but maybe there is a way? I've already tried to make a custom fact, but my ruby knowledge is *ahem* pretty basic. So far I've only managed to manipulate a string with chop!, but that really isn't the way. Regular expressions in Ruby are a bit of a mystery to me Ideas anyone? We use the KSMETA section of Cobbler and a custom fact script (which I've uploaded at http://tinyurl.com/368hccf ) to pull the data from this field. This approach means that we can create arbitrary key-value pairs that we can use as custom facts. As an example, we currently have the following custom facts available to us through this method: datacentre dc_rack dc_suite dc_room mysql_master and a few others including which databases are replicated by a given host etc. It's a lot easier than trying to split out IP Addresses etc and because KSMETA isn't hard-coded on build, it means that we can update these values when a server is moved etc. Hope this is of some help, I know it's not exactly what you're trying to do but it may be a worthwhile alternative. Kind regards, Matt -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Duplicating web servers
On Friday 01 Oct 2010 15:01:25 Kikanny wrote: Thank you all for taking your time to explain it to me. I guess I'll give it a whirl and see how it goes. Another question I have is what if the person managing a web server does not have full knowledge of whatever is installed in a server or there was some other configuration management in place. How would I bring that under puppet's control? I'm asking this because we do have servers like that. Thanks! 1) Get a list of running services/open ports 2) Get all the relevant configuration files for those services/ports 3) Get a list of all the cronjobs on that system and the commands that are run 4) Get a copy of all the scripts that are run by Cron 5) Create your puppet manifests using the crontab entries, scripts and config files as a reference 6) Put all your puppet manifests into git/svn/mercurial/etc. 7) Create a staging platform to test your manifests (just because puppet parses them correctly doesn't mean that they work!) 8) Test your manifests 9) Test your manifests 10) Test your manifests . 102) Test Your manifests 103) Checkout your manifests to your puppet master (provided they have passed the tests!) 104) run puppet on a single server and check that your manifests give the required results 105) Compare the server with one that is already working (but was not built by puppet) and try to discover why your puppet manifests aren't working in production when they worked in staging 106) Fix the issues 107) Run puppet again and check that everything now works 108) Lock down access to all your servers so the only way a change can be made is via GIT/SVN/Mercurial etc 109) Force commit messages for any changes to the config files 110) Use a web interface to git to track any changes 111) Go down the pub and by your entire team a beer for helping you achieve the impossible. If it's of any help, after approx nine months, I'm at various stages of this process between 1 and 110 for the different services that we have here... we've still not made it down the pub yet... :( Cheers, M. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] YUMREPO { productname = PowerEdge 2650}
On Tuesday 28 Sep 2010 15:12:34 CraftyTech wrote:
Hello All,
How do I specify a variable that has a space in it? I'm trying
to setup a yum repo that has two different baseurl's based on the
product name ($productname). Default goes one way, but if the product
is PowerEdge 2650 then is a different URL. The thing is, that is
only picking up the default. How should I specify the value with the
space in the middle? I tried PowerEdge 2650, ${PowerEdge 2650},
and 'PowerEdge 2650', and none have worked so far. Do I need to use
Regex for this, or is there a discreprancy in my syntax?
Thanks,
Henry
I've not tried it myself, but have you checked to see if PowerEdge\ 2650
works?
M.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] puppet and git
Hi all, We're keeping all our modules in Git and we run automated tests against them using Hudson including building virtual servers using cucmber-vhost and deploying our configs via puppet to these vhosts. I've now run into two problems: 1) I'm not sure how to get Hudson to merge the staging branch into master when the tests complete 2) I'm struggling to find a way for puppet 0.25 to perform a git pull on all the master branches _before_ it runs to ensure that the latest configs are being distributed. I realise that there may not be many who can help with (1), however I'm fairly sure I'm not alone in using Git for my manifests and I'm wondering how others get their puppetmaster to always run the latest manifest versions from a git repo. Thanks in advance, Matt -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] puppet and git
On Friday 10 Sep 2010 11:33:31 Patrick wrote: On Sep 10, 2010, at 3:16 AM, Matt Wallace wrote: 2) I'm struggling to find a way for puppet 0.25 to perform a git pull on all the master branches _before_ it runs to ensure that the latest configs are being distributed. So you want the puppetmaster to run a git pull every time it tries to compile a manifest? That would be really expensive in terms of compile time and bandwidth with almost any load. More of a case that something on the puppetmaster watches master for each repo and pulls if something changes, but yes, I want puppet to be using the latest version of the manifests every time it runs, although I share the concerns about compile time etc. M. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] puppet and git
On Friday 10 Sep 2010 11:29:31 Julian Simpson wrote: On 10 September 2010 11:16, Matt Wallace li...@truthisfreedom.org.ukwrote: 1) I'm not sure how to get Hudson to merge the staging branch into master when the tests complete I've not used that bit of the Hudson Git plugin, but you can tell it to merge if your build passes: You're done. Commits should now be automatically merged with the integration branch (they will fail if they do not merge cleanly), and built. If the build succeeds, the result of the merge will be pushed back to the remote git repository. (http://wiki.hudson-ci.org/display/HUDSON/Git+Plugin) OK, I think I need to read this again and test it, at the moment, Hudson has readonly access to that repo, this might need to change! :) 2) I'm struggling to find a way for puppet 0.25 to perform a git pull on all the master branches _before_ it runs to ensure that the latest configs are being distributed. Not sure you can, unless you run each client standalone. How about Hudson invoking something on the puppetmaster when the build passes? Could do. Trying to get away from ssh commands between servers though - although if I used mcollective... I'll take a look. Cheers, M. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Centralised Graphing?
On Wednesday 25 Aug 2010 19:29:52 Luke Kanies wrote: On Aug 25, 2010, at 9:54 AM, Matt Wallace wrote: Hi all, I'm starting to look at the graphing features of Puppet and I'm struggling to find a way of collating the graphs for testing purposes. Is there a way to centralise the output from the graphs into something like hostname.relationships.dot on the puppet master? There isn't currently a way to do this, but we're working on it - it's a very high priority for us based on customer feedback. The only real way to do it right now is to manually send the graphs back to the server. But yeah, at some point this will all be visible in the Dashboard. Hi Luke, It's good to know that this is in the roadmap, however what about those of us who don't use Dashboard? We use Cobbler for all our extnode stuff and I'm slightly reluctant to load up a complete management environment just to display some graphs. Ideally, I'd like to see the graphs stored in a central location (or even better as part of the stored_configs database so I can query it and produce the graphs myself!) so I can integrate them into a webpage that only shows the graphs from the important modules[0]. I'm happy to add this to a current feature request etc if one exists or start a new one! Kind regards, Matt [0] - yes, I know all of our modules are important, however some are more important than others! -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Centralised Graphing?
On Wednesday 25 Aug 2010 19:17:18 Phips wrote: puppet-dashboard? Could do, but we use Cobbler as our extnode source and I don't really want to fire up an additional management web interface just for a few graphs... :( Cheers, Matt -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Centralised Graphing?
Hi all, I'm starting to look at the graphing features of Puppet and I'm struggling to find a way of collating the graphs for testing purposes. Is there a way to centralise the output from the graphs into something like hostname.relationships.dot on the puppet master? Thanks, Matt -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Fun with Custom Providers
Hi all, I'm having an issue with custom providers (the pear/pecl ones mentioned in an earlier post today) and I'm hoping you can all help. I have a base class that includes other modules and installs other packages including the distribution of the custom providers. I have a second class storeweb that uses the custom providers to install pear/pecl modules and also includes a memcached module, however if I include the base class into the storeweb class, I get an error on the first (and any successive) run of puppet as follows: err: Could not run Puppet configuration client: Invalid package provider 'pecl' at /usr/share/puppet/modules/memcached/manifests/init.pp:33 If I remove the include of base from storeweb, run puppet, then add the class storeweb to cobbler, as long as base installed first, storeweb will install fine. As soon as I try and link the modules together again, it fails. Can anyone help me work this out? Thanks in advance. Matt -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Managing RPM Repositories
On Wed, 2010-06-02 at 15:16 -0700, Patrick wrote:
Sorry, but you might have lost me. Are you saying that you're having
problems because when you define the repository in two places it throws an
error?
Not quite! :)
I want to define all my repos in one module and then include the repos
based upon the node class.
For example:
=
class webserver {
yumrepo{[atrpms-stable,atrpms-testing,epel,centos-base]}
# install webserver stuff
...
#finish
}
class mailserver {
yumrepo{['centos-base,epel,elff]}
# do mailserver install
...
# finish mailserver install
}
=
and then in my repos module:
=
yumrepo{ atrpms-stable:
name = atrpms,
baseurl = http://dl.atrpms.net/el\$releasever-\
$basearch/atrpms/stable,
descr = atrpms for exim etc,
enabled = 1,
includepkgs = exim-* dovecot* libspf2* libsrs*,
gpgkey = http://atrpms.net/RPM-GPG-KEY.atrpms;,
gpgcheck = 1
}
yumrepo{ atrpms-testing:
name = atrpms-testing,
baseurl = http://dl.atrpms.net/el\$releasever-\
$basearch/atrpms/testing,
descr = atrpms for exim etc,
enabled = 1,
includepkgs = exim-* dovecot* libspf* libsrs*,
gpgkey = http://atrpms.net/RPM-GPG-KEY.atrpms;,
gpgcheck = 1
}
===
So I only get the minimal repos needed for each node class.
At the moment I can include all the repos or none of the repos and I'd
like to bemore subtle about it without having to redefine each repo for
each class it is used in.
If there's a more appropriate/better way of achieving this, please let
me know!
Kind regards,
Matt
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Managing RPM Repositories
On Thu, 2010-06-03 at 18:22 +1000, Daniel Pittman wrote:
...but from experience I wouldn't recommend doing this. You are almost
certainly going to be better off having the same set of repositories on every
server, and using some other mechanism to control which packages or updates
are applied to your systems.
Ok, that makes sense.
I've updated my manifests to reflect the above, however now when I run
Yum manually on the servers I get the following output:
Repository 'epel' is missing name in configuration, using id
It doesn't make a difference to the install, I'm just wondering if I'm
missing a flag from the following:
yumrepo{epel:
name = Epel,
baseurl= http://updates.the.namesco.net/centos\$releasever-\
$basearch/RPMS.epel/,
gpgcheck= 1,
gpgkey= http://download.fedora.redhat.com/pub/epel/RPM-GPG-KEY-EPEL;,
enabled= 1,
includepkgs= puppet* ruby* facter augeas-libs ruby-augeas ruby-shadow
munin-common munin-node munin-server pyparsing libvirt* libyaml* PyYAML*
cobbler* Django* python-netaddr,
}
Thanks in advance,
Matt
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Error with resource in puppet cucumber
Hi,
I'm getting the following error when trying to run a feature in puppet:
===
cucumber-puppet modules/smtp-external/smtp-external.feature
Feature: smtp-external
In order to allow our customers to send email
As a user
I want to send email to people outside of namesco
Scenario: Build the server #
modules/smtp-external/smtp-external.feature:6
testing external-stmp
Given that I need to test a external-stmp server#
steps/vhost.rb:2
When I build a external-smtp server #
steps/vhost.rb:6
Then the external-smtp server should be provisioned #
steps/vhost.rb:11
undefined method `resource' for nil:NilClass (NoMethodError)
./steps/puppet.rb:58:in `/^there should be a resource ([^
\]*)$/'
modules/smtp-external/smtp-external.feature:9:in `Then the
external-smtp server should be provisioned'
And I should be able to connect to port 25 #
steps/vhost.rb:21
Failing Scenarios:
cucumber modules/smtp-external/smtp-external.feature:6 # Scenario: Build
the server
1 scenario (1 failed)
4 steps (1 failed, 1 skipped, 2 passed)
0m0.344s
The feature is as follows:
===
Feature: smtp-external
In order to allow our customers to send email
As a user
I want to send email to people outside of namesco
Scenario: Build the server
Given that I need to test a external-stmp server
When I build a external-smtp server
Then the external-smtp server should be provisioned
And I should be able to connect to port 25
===
and the (not quite complete yet!) steps for vhosts are as follows:
===
conn = Libvirt::open(qemu:///system)
Given /^that I need to test a ([^\]*) server$/ do |servertype|
puts testing #{servertype}
end
When /^I build a ([^\]*) server$/ do | serverVMType |
conn.create_domain_linux(File.read(/etc/libvirt/qemu/ +
serverVMType + .xml))
dom = conn.lookup_domain_by_name(serverVMType)
end
Then /^the ([^\]*) server should be provisioned$/ do |serverVMType|
dom = conn.lookup_domain_by_name(serverVMType)
if dom.info.state == 1
steps %Q{
Then package exim should be present
}
end
end
Then /^I should be able to connect to port ([^\]*)$/ do |portNum|
end
==
Can anyone help with this please?
I promise a blog post on Cobbler/Puppet/Cucumber integration once it's
all fixed and running! :)
Matt
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Ralsh output is not consistent
Hi,
I'm using Ralsh to audit our existing systems and I've run into a
strange issues with the output.
Compare the examples below taken from two separate servers and spot the
difference:
Server 1
user { 'root':
ensure = 'present',
comment = 'root',
shell = '/bin/bash',
groups = ['root','bin','daemon','sys','adm','disk','wheel'],
uid = '0',
home = '/root',
gid = '0'
}
Server 2
user { 'root':
comment = 'root',
ensure = 'present',
shell = '/bin/bash',
home = '/root',
groups = ['root','bin','daemon','sys','adm','disk','wheel'],
uid = '0',
gid = '0'
}
The issue I've got is that because comment and ensure are on
different lines on the two servers, I'm having real issues picking up
the differences between the servers because diff just shows hundreds of
lines that do not match across the two files.
Is there a quick way of sorting this data (importing the ralsh reports
into ruby for example??) and comparing them or have I misunderstood the
use of Ralsh for auditing?
Kind regards,
Matt
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Multiple Puppet Servers
On Thu, 2010-05-13 at 22:53 -0700, Abhishek wrote: Hi, Is there any way to define multiple puppet servers in client configuration so that if my one puppet server is down then my production config changes can be applied from other puppet server. I am using apache and Mongrel for puppet load balancing. Multiple A records and Round Robin DNS? (Caveat: I've never tried this but in theory it should work! :) ) -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: mcollective scalability
On Thu, 2010-05-06 at 20:29 -0400, Eric Shamow wrote: Matt, Really great posts -- you've inspired me to take a crack at MCollective. Thanks Eric, Let us know how you get on! M. -Eric On Thu, May 6, 2010 at 4:11 AM, Matt Wallace li...@truthisfreedom.org.uk wrote: On Wed, 2010-05-05 at 23:31 -0700, donavan wrote: 2000 nodes certainly is within my goals with the design, that said there has not been such a big deploy. We've got 500+ nodes on mcollective currently. Nothing special as far as setup, a few of the contrib agents and few more in house agents. Nodes are primarily split between two buildings connected by gigE. 95% response from mc-ping is 300ms, average 200ms. I'm expecting at least 1000 nodes in three geo areas by the end of the year. My todo list for this summer has federating some more activemqs into the setup. You'd probably want a few activemq instances in a cluster in such a setup, though I've heard of much larger client counts on activemq. The above all runs off of a single activemq server currently. Quad core xeon w/ 3gb ram sitting at 99% idle. For those of you that are interested, I've put up a few blogposts about configuring ActiveMQ and Mcollective on both Centos and Ubuntu at http://www.threedrunkensysadsonthe.net/ Kind regards, Matt -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: mcollective scalability
On Wed, 2010-05-05 at 23:31 -0700, donavan wrote: 2000 nodes certainly is within my goals with the design, that said there has not been such a big deploy. We've got 500+ nodes on mcollective currently. Nothing special as far as setup, a few of the contrib agents and few more in house agents. Nodes are primarily split between two buildings connected by gigE. 95% response from mc-ping is 300ms, average 200ms. I'm expecting at least 1000 nodes in three geo areas by the end of the year. My todo list for this summer has federating some more activemqs into the setup. You'd probably want a few activemq instances in a cluster in such a setup, though I've heard of much larger client counts on activemq. The above all runs off of a single activemq server currently. Quad core xeon w/ 3gb ram sitting at 99% idle. For those of you that are interested, I've put up a few blogposts about configuring ActiveMQ and Mcollective on both Centos and Ubuntu at http://www.threedrunkensysadsonthe.net/ Kind regards, Matt -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Using classes from extnode to define config files?
On Fri, 2010-04-30 at 12:10 +0200, Peter Meier wrote:
but I'm not too sure how to set the value of $CLASSNAME.
we do something similar:
file{'/etc/exim/exim.conf':
source = [ puppet://$server/modules/site-exim/${fqdn}/exim.conf,
puppet://$server/modules/site-exim/${exim_type}/exim.conf,
puppet://$server/modules/site-exim/exim.conf,
puppet://$server/modules/exim/exim.conf ],
require = Package['exim'],
notify = Service['exim'],
owner = root, group = mail, mode = 0640;
}
http://git.puppet.immerda.ch/?p=module-exim.git;a=blob;f=manifests/base.pp;h=a0b2d02ca3e1a95b0ddc0b48fa54efb5d2981774;hb=76f594abd5dabffe86bdaeecb99b15bda4b968fc#l13
what we do then is to set per node the variable (or in an external
node tool called parameter) $exim_type to set it to something like
'antivirus', 'webhosting' or whatever. and then have in
site-exim/files/antivirus/ the appropriate config file.
btw: we nearly got rid off that, as we started to split the exim
configuration into different subfiles and including them. We then
deploy only these include files based on exim_type. This has the
advantage, that we have only one identical main-exim config and do all
the tweaks in little files we just include.
cheers pete
Hi Pete,
I've decided to go with the following in the end:
===
# define the config file to use
if(tagged(webserver)) {
$filename = webserver
}
else
{
$filename = smtpserver
}
file { /etc/exim/exim.conf:
path = /etc/exim/exim.conf,
ensure = present,
source = puppet:///modules/exim/exim-$filename.conf,
owner = exim,
group = exim,
mode = 644,
require = Package[exim],
}
===
Does anyone know how to achieve the above in a prettier fashion?
M.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
