Re: [Puppet Users] Question: performing actions based on user account being present

2014-02-03 Thread Matthew Reams 
Jose / John - Yeah, I didn't think it quite through.  After reading some of
your suggestions, I think I'm going to try to do the following in my
postfix manifest

service { 'postfix':
  enable => $postfix::enablestatus,
  ensure => $postfix::ensurestatus,
}

In Heira global.yaml, have those variables set to enabled and running.  In
the Heira Zimbra server yaml, set those to disabled and stopped.

Thanks for the insight/suggestions!


On Mon, Feb 3, 2014 at 10:31 AM, jcbollinger wrote:

>
>
> On Saturday, February 1, 2014 3:06:37 AM UTC-6, Jose Luis Ledesma wrote:
>>
>> I think there are two options.
>> 1. Make use if hiera. If you don't have a lot of zimbra servers could be
>> the best option, but you should maintain this manually.
>> 2. A custom fact that reports if the server has zimbra or not.
>>
>
> Indeed, there are two options.  One is to use a custom fact to report
> whether the target machine has Zimbra configured, as Jose suggests.  This
> is the way to go if Zimbra is outside the scope of what you want to manage
> via Puppet.
>
> The other option is to teach the Puppet master whether the target node is
> *supposed* to have Zimbra.  If you are already managing the Zimbra
> configuration via Puppet then the master already has that information, at
> some level.  You need to make that information available at the point in
> your manifests where you declare the properties of the postfix service, and
> one way to do that -- by no means the only one -- would be to pull it up
> into an Hiera data store.
>
> Either way, given information about whether the target node has or should
> have Zimbra, you can declare postfix appropriately.  For example,
>
> service { 'postfix':
>   enable => ! $zimbra_node,
>   ensure => $zimbra_node ? { true => 'stopped', default => 'running' }
> }
>
>
> John
>
>  --
> You received this message because you are subscribed to a topic in the
> Google Groups "Puppet Users" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/puppet-users/F30aOj3hKlg/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/2c0fb7ad-b296-465f-9fbf-605342816770%40googlegroups.com
> .
>
> For more options, visit https://groups.google.com/groups/opt_out.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAOYq2GCc79s6eaAgs8jeNBX8Tf3sTYeZTh%2BYckh33DEekVjH5Q%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Question: performing actions based on user account being present

2014-01-31 Thread Matthew Reams 
I want to create a default module for SMTP.  However, I want to put some 
logic into it.

I have postfix as my default local SMTP server for my Linux servers. 
 However, I also have a Zimbra server.  Basically what I want to do is

If 'id zimbra' is true, then ensure service postfix is stopped.
Else ensure service postfix is running, and have the correct main.cf file.

Is that possible?

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/e7252756-fb89-4c7c-9da6-2262c17e0b2c%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] PE Install Question (Console/Master on one host, PuppetDB on another)

2013-12-09 Thread Matthew Reams 
Hi,

Has anyone successfully performed this scenario?

I'm installing Puppet Enterprise 3.1, and want to have the Console service 
running  on the Puppet Master.  However, I want to have the PuppetDB 
service on another server.  It seems like the installer either puts all of 
the services on one host, or separate out to three hosts.  

I saw this discussed in 
https://groups.google.com/forum/#!topic/puppet-users/bkki85mAs8g

However, I'm not able to get my Puppet Master to use the PuppetDB instance 
on another server.  The puppetdb.conf keeps getting overwritten with the 
hostname of the Puppet Master.

It looks like there is a puppetdb module in /opt/puppet/share/modules, so I 
thought I could define the puppetdb_server variable for my Puppet Master 
node

node 'puppet ' {
  class { 'puppetdb::master::config':
puppetdb_server => 'puppetdb',
  }
}

Yet, when the agent runs, I get

Error: Could not retrieve catalog from remote server: Error 400 on SERVER: 
Duplicate declaration: Class[Puppetdb::Master::Config] is already declared 
in file /etc/puppetlabs/puppet/environment/production/manifests/nodes.pp:7; 
cannot redeclare at 
/opt/puppet/share/puppet/modules/pe_puppetdb/manifests/master.pp:38 on node 
puppet

Any ideas?

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/a93d7420-1ad3-4716-8423-97061e0e971e%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] PE Install Question (Master/Console together, separate PuppetDB)

2013-12-09 Thread Matthew Reams 
Hi,

Has anyone successfully performed this scenario?

I'm installing Puppet Enterprise 3.1, and want to have the Console service 
running  on the Puppet Master.  However, I want to have the PuppetDB 
service on another server.  It seems like the installer either puts all of 
the services on one host, or separate out to three hosts.  

I saw this discussed 
in https://groups.google.com/forum/#!topic/puppet-users/bkki85mAs8g

However, I'm not able to get my Puppet Master to use the PuppetDB instance 
on another server.  The puppetdb.conf keeps getting overwritten with the 
hostname of the Puppet Master.

It looks like there is a puppetdb module in /opt/puppet/share/modules, so I 
thought I could define the puppetdb_server variable for my Puppet Master 
node

node 'ggsge-puppet-1d.cisco.com' {
  class { 'puppetdb::master::config':
puppetdb_server => 'puppetdb',
  }
}

Yet, when the agent runs, I get

Error: Could not retrieve catalog from remote server: Error 400 on SERVER: 
Duplicate declaration: Class[Puppetdb::Master::Config] is already declared 
in file /etc/puppetlabs/puppet/environment/production/manifests/nodes.pp:7; 
cannot redeclare at 
/opt/puppet/share/puppet/modules/pe_puppetdb/manifests/master.pp:38 on node 
puppet

Any ideas?

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/5248f1ff-cb7b-43de-be3a-b3e0d47ea948%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Re: Setting up PE from scratch with PuppetDB/Postgres on separate box

2013-12-06 Thread Matthew Reams 
Hi Steven,

I'm attempting the same thing you are.  I see that 
my /etc/puppetlabs/puppet/puppetdb.conf keeps getting overwritten on my 
Puppet Master to point back to the Puppet Master instead of my PuppetDB 
host.  Do you know where this is being set?

Thanks!
Matt

On Tuesday, September 10, 2013 6:27:22 AM UTC-4, Steven James wrote:
>
> Hi All,
>
> I'm trying to setup a new Pupp Ent instance from scratch with 
> PuppetDB/Postgres on a sep box. I think I have it working, but it took a 
> bit of doing. I just wanted to check that there's not a more straight 
> forward way.
>
> I'm aiming for an HA proxy load balanced pair of PuppetMasters, CA active 
> on only one, with replicated pair of PuppetDB/Postgres.
>
> First of all...the assumptions.it seems that it not possible to 
> install the console role (on the PM) without also installing PuppetDB (with 
> option to connect to remote PG server). I was imagining that my PuppetDB 
> jetty containers would both sit happily only on the 2 database servers, and 
> not be required on the PM?? I was imagining that 
> /etc/puppetlabs/puppet/puppetdb.conf on the PMs would "simply" point down 
> to the active PG PuppetDB instance?? False assumption?
>
> The next question I just wanted to validatethe only way I could get 
> the installer to play nice, was to install the DB layer first, with it 
> continuing on not having a PM to point at yet, then loading up the PM, 
> *having* to say Yes to the PuppetDB option, in order to get a console on 
> the PM, then specifying a remote PG database server.
>
> If one does have to install the DB first, then maybe the following link 
> needs to be updated?
>
> http://docs.puppetlabs.com/pe/latest/install_system_requirements.html
>
> Then had to remove DB server's ssl dir, regenerate and sign the request on 
> the PM (CA), then run puppetdb-ssl-setup to finish off.
>
> So I've ended up with PuppetDB running on both my PM *and* of course on my 
> DB. I feel like I should be doing a `service pe-puppetdb stop` on the PM.
>
> There didn't seem to be any prebaked examples/answers files that 
> accommodated this (reasonably std) architecture?? Lots of other great 
> examples though.
>
> Is my setup the correct way to go about this???
>
> The next stage will be to use the same answers file from PM1 on PM2, 
> disabling the ca_server, and assuring that my dns_alt_names have both the 
> puppet service address, and the addresses of both of the PMs.
>
> There seems to be a patch required to allow PuppetDB to drive a replicated 
> Postgres pair via Puppet Enterprise itself. Nice that this is now possible!
>
> One last questionand assuming I can run PuppetDB on both Postgres 
> servers, with both pointing at the active PG box..I'm also assuming 
> that I should also be configuring HAProxy to load balance requests to both 
> PuppetDB instances?? i.e. load balance the SSL connects over 8081??  If so, 
> I'm smelling some SSL challenges ahead.anybody got any thoughts on that 
> one? If both PuppetDB instances are signed against the primary CA, should 
> all else be fine?
>
> Thanks for your input, and I'm happy to post updates if anybody has any 
> suggestions.
>
> Steven
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/01b677c3-59f9-4c5d-b313-70686f5dcf66%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Re: White Paper: Migrating from Redhat satellite server to Puppet + Foreman

2013-06-11 Thread Matthew Reams 
Hi.

I really appreciate this knowledge sharing.  I currently use Spacewalk 
instead of Red Hat Satellite for patch management of my RHEL hosts, but I'm 
not happy with it for configuration management and working towards 
implementing Puppet.  How do you audit and report your current package 
levels on your servers now that you've moved to this new solution?

Thanks!

On Monday, June 10, 2013 9:04:17 AM UTC-4, Keiran Sweet wrote:
>
> Hi Everyone,
> I've written a paper that captures the approach that we took when moving 
> from Redhat Satellite for configuration and software management to Puppet 
> and Foreman (alongside some other assorted technologies).
>
> The paper contains a number of lessons learnt in the Ruby, Puppet, Foreman 
> and Software deployment spaces that are likely to be useful for other 
> administrators looking to move from Satellite or similar technologies.
>
> It is important to note that whilst this approach to migrating from 
> Satellite server was ideal for this particular business and environment, it 
> is not suitable for everyone. It is also worth mentioning that a number of 
> the Puppet techniques used in this document may no longer be considered 
> best practice as the product evolves rapidly and features that are now 
> available such as hiera did not exist at the time the environment was being 
> designed and deployed. 
>
> The document can be found here: 
> - De-Orbiting Satellite (PDF) - http://goo.gl/0CAcy
>
>
> I hope some of you find this of some use and if you have any questions, 
> feedback, etc feel free to drop me a line.
>
> Cheers,
>
> K
>
> Keiran (at) gmail.com || @keiran_s
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.